chamber 2.14.2 → 2.14.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89e0b6151f3cafb916f399bd49b780f6df353ab41832012c48a2f5520a03df5d
4
- data.tar.gz: 4e976be3b9be2b3b2e30185895a3c2d330daa3880298a65ead34e30ca5befd81
3
+ metadata.gz: '08e636d1674a305c9d330e9adf5be147b1e5c2d2c57f131da98a216e3d3b3111'
4
+ data.tar.gz: 7848e6ca2e2e4de843eedc65f9ca5315c18e71f9a8a2ba67a37c0ea46930a482
5
5
  SHA512:
6
- metadata.gz: aa7e4a481d465da58e4b99f06e868f0b97fd9242e429ad0a233f6b2763930696ab60eb43d276a8e26aa5a245734e1c5dcce7bb08c1b568ebec83bddb9cc7d6c9
7
- data.tar.gz: 3f9bdb837c924886b72b685d01debdb5ffcb33d1fa1220cf6c243bfde6e3d2b76f1579b565095cf355af54ee43fef8a722ed871bd2a72f484283b2adefe4e5cc
6
+ metadata.gz: 8337ba8c0c7cc899f40bb712a455e5ee56e878ed11f6258e0917863acf194b4cac1a4b11ff087a4c72ed7e5550972fc2d097dafd5b26492a40c8094bd33a744a
7
+ data.tar.gz: 27b49b8592d343b050491f2a2d22cbd69323989ac031abc9d6a2bf375a30887cd16580d9c76259a4475c9f42d6603aa73769754b454bbfa55bac98e493ae9c3b
checksums.yaml.gz.sig CHANGED
Binary file
@@ -20,14 +20,14 @@ class Heroku
20
20
  self.app = app
21
21
  end
22
22
 
23
- def add_environment_variable(name, value) # rubocop:disable Metrics/AbcSize
23
+ def add_environment_variable(name, value)
24
24
  value = value.gsub(/\n/, '\n') if value
25
25
  request = ::Net::HTTP::Patch.new(config_vars_uri)
26
26
 
27
27
  request['Authorization'] = "Bearer #{api_token}"
28
28
  request['Accept'] = 'application/vnd.heroku+json; version=3'
29
29
  request['Content-Type'] = 'application/json'
30
- request.body = ::JSON.dump(Hash[name, value])
30
+ request.body = ::JSON.dump({ name => value })
31
31
 
32
32
  response = ::JSON.parse(response(request).body)
33
33
 
@@ -20,7 +20,33 @@ class PublicKey
20
20
  unencrypted_value = decryption_key.private_decrypt(decoded_string)
21
21
 
22
22
  begin
23
- _unserialized_value = YAML.load(unencrypted_value)
23
+ _unserialized_value = begin
24
+ YAML.safe_load(unencrypted_value,
25
+ aliases: true,
26
+ permitted_classes: [
27
+ ::Date,
28
+ ::Time,
29
+ ::Regexp,
30
+ ])
31
+ rescue ::Psych::DisallowedClass => error
32
+ warn <<-HEREDOC
33
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
34
+ has been deprecated and will be removed in 3.0.
35
+
36
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
37
+ for full details.
38
+
39
+ #{error.message}
40
+
41
+ Called from: '#{caller.to_a[8]}'
42
+ HEREDOC
43
+
44
+ if YAML.respond_to?(:unsafe_load)
45
+ YAML.unsafe_load(unencrypted_value)
46
+ else
47
+ YAML.load(unencrypted_value)
48
+ end
49
+ end
24
50
  rescue TypeError
25
51
  unencrypted_value
26
52
  end
@@ -35,7 +35,7 @@ class Ssl
35
35
  Base64.strict_encode64(encrypted_data)
36
36
  end
37
37
 
38
- def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize
38
+ def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
39
39
  if decryption_keys.nil?
40
40
  value
41
41
  else
@@ -62,7 +62,33 @@ class Ssl
62
62
  end
63
63
 
64
64
  begin
65
- _unserialized_value = YAML.load(unencrypted_value)
65
+ _unserialized_value = begin
66
+ YAML.safe_load(unencrypted_value,
67
+ aliases: true,
68
+ permitted_classes: [
69
+ ::Date,
70
+ ::Time,
71
+ ::Regexp,
72
+ ])
73
+ rescue ::Psych::DisallowedClass => error
74
+ warn <<-HEREDOC
75
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
76
+ has been deprecated and will be removed in 3.0.
77
+
78
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
79
+ for full details.
80
+
81
+ #{error.message}
82
+
83
+ Called from: '#{caller.to_a[8]}'
84
+ HEREDOC
85
+
86
+ if YAML.respond_to?(:unsafe_load)
87
+ YAML.unsafe_load(unencrypted_value)
88
+ else
89
+ YAML.load(unencrypted_value)
90
+ end
91
+ end
66
92
  rescue TypeError
67
93
  unencrypted_value
68
94
  end
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Chamber
4
+ module Errors
5
+ class NonConformingKey < ::ArgumentError
6
+ end
7
+ end
8
+ end
data/lib/chamber/file.rb CHANGED
@@ -139,11 +139,37 @@ class File < Pathname
139
139
  @secure_prefix_pattern ||= Regexp.escape(secure_prefix)
140
140
  end
141
141
 
142
- def file_contents_hash
142
+ def file_contents_hash # rubocop:disable Metrics/CyclomaticComplexity
143
143
  file_contents = read
144
144
  erb_result = ERB.new(file_contents).result
145
145
 
146
- YAML.load(erb_result) || {}
146
+ begin
147
+ YAML.safe_load(erb_result,
148
+ aliases: true,
149
+ permitted_classes: [
150
+ ::Date,
151
+ ::Time,
152
+ ::Regexp,
153
+ ]) || {}
154
+ rescue ::Psych::DisallowedClass => error
155
+ warn <<-HEREDOC
156
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
157
+ has been deprecated and will be removed in 3.0.
158
+
159
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
160
+ for full details.
161
+
162
+ #{error.message}
163
+
164
+ Called from: '#{caller.to_a[2]}'
165
+ HEREDOC
166
+
167
+ if YAML.respond_to?(:unsafe_load)
168
+ YAML.unsafe_load(erb_result) || {}
169
+ else
170
+ YAML.load(erb_result) || {}
171
+ end
172
+ end
147
173
  rescue Errno::ENOENT
148
174
  {}
149
175
  end
@@ -256,9 +256,15 @@ class FileSet
256
256
 
257
257
  private
258
258
 
259
+ # rubocop:disable Performance/ChainArrayAllocation
259
260
  def all_files
260
- @all_files ||= file_globs.map { |fg| Pathname.glob(fg) }.flatten.uniq.sort # rubocop:disable Performance/ChainArrayAllocation
261
+ @all_files ||= file_globs
262
+ .map { |fg| Pathname.glob(fg) }
263
+ .flatten
264
+ .uniq
265
+ .sort
261
266
  end
267
+ # rubocop:enable Performance/ChainArrayAllocation
262
268
 
263
269
  def non_namespaced_files
264
270
  @non_namespaced_files ||= all_files - namespaced_files
@@ -92,7 +92,7 @@ class DecryptionFilter
92
92
  # rubocop:enable Style/RedundantBegin
93
93
 
94
94
  def decryption_method(value)
95
- if value.respond_to?(:match)
95
+ if value.is_a?(::String)
96
96
  if value.match(BASE64_STRING_PATTERN)
97
97
  EncryptionMethods::PublicKey
98
98
  elsif value.match(LARGE_DATA_STRING_PATTERN)
@@ -75,7 +75,7 @@ class EncryptionFilter
75
75
  end
76
76
 
77
77
  def encryption_method(value)
78
- value_is_encrypted = value.respond_to?(:match) &&
78
+ value_is_encrypted = value.is_a?(::String) &&
79
79
  (value.match(BASE64_STRING_PATTERN) ||
80
80
  value.match(LARGE_DATA_STRING_PATTERN))
81
81
 
@@ -110,9 +110,11 @@ class EnvironmentFilter
110
110
  { key => execute(value, environment_keys) }
111
111
  end,
112
112
  lambda do |key, value, environment_key|
113
- { key => convert_environment_value(environment_key,
113
+ {
114
+ key => convert_environment_value(environment_key,
114
115
  ENV[environment_key],
115
- value) }
116
+ value),
117
+ }
116
118
  end,
117
119
  )
118
120
  end
@@ -39,13 +39,13 @@ class Base
39
39
  namespaces.map { |n| namespace_to_key_path(n) }
40
40
  end
41
41
 
42
- # rubocop:disable Performance/ChainArrayAllocation
42
+ # rubocop:disable Performance/ChainArrayAllocation, Performance/MapCompact
43
43
  def filenames=(other)
44
44
  @filenames = Array(other)
45
45
  .map { |o| Pathname.new(o) }
46
46
  .compact
47
47
  end
48
- # rubocop:enable Performance/ChainArrayAllocation
48
+ # rubocop:enable Performance/ChainArrayAllocation, Performance/MapCompact
49
49
 
50
50
  def namespaces=(other)
51
51
  @namespaces = other + %w{signature}
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'chamber/errors/non_conforming_key'
4
+
5
+ module Chamber
6
+ module Refinements
7
+ class Enumerable
8
+ def self.deep_validate_keys(object, &block)
9
+ case object
10
+ when ::Hash
11
+ object.each do |(key, value)|
12
+ # fail ::Chamber::Errors::NonConformingKey unless key == yield(key)
13
+ warn "WARNING: Non-String settings keys are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#all-settings-keys-are-now-stored-as-strings for full details. Called from: '#{caller.to_a.first}'" unless key == yield(key) # rubocop:disable Layout/LineLength
14
+
15
+ deep_validate_keys(value, &block)
16
+ end
17
+ when ::Array
18
+ object.map { |v| deep_validate_keys(v, &block) }
19
+ else
20
+ object
21
+ end
22
+ end
23
+ end
24
+ end
25
+ end
@@ -5,7 +5,7 @@ require 'pathname'
5
5
  unless Pathname.instance_methods.include?(:write)
6
6
  class Pathname
7
7
  def write(*args)
8
- IO.write @path, *args
8
+ IO.write @path, *args # rubocop:disable Security/IoMethods
9
9
  end
10
10
  end
11
11
  end
@@ -10,6 +10,7 @@ require 'chamber/filters/secure_filter'
10
10
  require 'chamber/filters/translate_secure_keys_filter'
11
11
  require 'chamber/filters/insecure_filter'
12
12
  require 'chamber/filters/failed_decryption_filter'
13
+ require 'chamber/refinements/enumerable'
13
14
 
14
15
  ###
15
16
  # Internal: Represents the base settings storage needed for Chamber.
@@ -41,6 +42,9 @@ class Settings
41
42
  settings: {},
42
43
  **_args
43
44
  )
45
+
46
+ ::Chamber::Refinements::Enumerable.deep_validate_keys(settings, &:to_s)
47
+
44
48
  self.decryption_keys = decryption_keys
45
49
  self.encryption_keys = encryption_keys
46
50
  self.namespaces = namespaces
@@ -228,8 +232,8 @@ class Settings
228
232
  end
229
233
 
230
234
  def [](key)
231
- warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details." if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
232
- warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details." unless data.has_key?(key) # rubocop:disable Layout/LineLength
235
+ warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details. Called from: '#{caller.to_a.first}'" if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
236
+ warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details. Called from: '#{caller.to_a.first}'" unless data.has_key?(key) # rubocop:disable Layout/LineLength
233
237
 
234
238
  data.[](key)
235
239
  end
@@ -273,8 +277,8 @@ class Settings
273
277
 
274
278
  def method_missing(name, *args)
275
279
  if data.respond_to?(name)
276
- warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details." # rubocop:disable Layout/LineLength
277
- warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details." if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
280
+ warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details. Called from: '#{caller.to_a.first}'" # rubocop:disable Layout/LineLength
281
+ warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details. Called from: '#{caller.to_a.first}'" if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
278
282
 
279
283
  data.public_send(name, *args)
280
284
  else
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Chamber
4
- VERSION = '2.14.2'
4
+ VERSION = '2.14.3'
5
5
  end
data.tar.gz.sig CHANGED
@@ -1 +1 @@
1
- f�,z�$��^^S�-�4*Pk��kɵ/$�_���݄���Ӭ#�|O0G��-6��Mz����hd���4a�/�L�`� SY?PLd���t%%�i׉/W���#��B$����o�=]M/��b/ɬe��aiX'��M��0���`Ƹ5��3�c���ߦ�4��=�/-�L����uo+iR��މ �n8�a99=�A���Չ=f�9�J
1
+ ~Hߊ�{��BZ�׷����9B{l� Jg��b�3�BmP��ᩚwֺ`c4}�zߓ����&?�"���4��5I*�M֔o�G�w̩�����%����p��0���T��uK[ <ZԿ�j9��_n��I�4O��[ W��c{3�/�>{i(DZN�p���+BB:�.c&P%���o
metadata CHANGED
@@ -1,21 +1,21 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chamber
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.14.2
4
+ version: 2.14.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - thekompanee
8
8
  - jfelchner
9
9
  - stevenhallen
10
10
  - m5rk
11
- autorequire:
11
+ autorequire:
12
12
  bindir: bin
13
13
  cert_chain:
14
14
  - |
15
15
  -----BEGIN CERTIFICATE-----
16
- MIIEGDCCAoCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
17
- dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjAxMjI2MjIy
18
- NTE5WhcNMjExMjI2MjIyNTE5WjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
16
+ MIIEdjCCAt6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
17
+ dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjIwMzA1MjM0
18
+ OTEzWhcNMjMwMzA1MjM0OTEzWjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
19
19
  cy9EQz10aGVrb21wYW5lZS9EQz1jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw
20
20
  ggGKAoIBgQD0Z84PxtE0iiWCMTQbnit6D4w55GGBQZnhpWUCJwC0SpQ/jnT0Fsma
21
21
  g8oAIdDclLvLC9jzqSAmkOujlpkJMb5NabgkhKFwHi6cVW/gz/cVnISAv8LQTIM5
@@ -25,18 +25,20 @@ cert_chain:
25
25
  NBRKSuO15kpPo2G55N0HLy8abUzbu5cqjhSbIk9hzD6AmdGCT4DqlsdHI5gOrGP0
26
26
  BO6VxGpRuRETKoZ4epPCsXC2XAwk3TJXkuuqYkgdcv8ZR4rPW2CiPvRqgG1YVwWj
27
27
  SrIy5Dt/dlMvxdIMiTj6ytAQP1kfdKPFWrJTIA2tspl/eNB+LiYsVdj8d0UU/KTY
28
- y7jqKMpOE1UCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
29
- BBYEFO/l0LjdONn2Rr8y4WGyMA37MWVfMA0GCSqGSIb3DQEBCwUAA4IBgQDBGn+T
30
- HS7SCuLgjCimsT5e3v+Q0VaML1+yJPPqvIVM+HMyTYDpV2ogdAcX1I0lNbUHT9w7
31
- 5y8pQ7BtYq8LDX6D8EufjvlgpJzunuPpNVh2QQdtkYC2zGabTnk+BJC5scYckBxW
32
- PxYXSuOxjXAkFe1r9RhPzeMY8lPVh6aEQKNLVkzbpIjoGzUgAPGPZG/ylKSWycwE
33
- qfHiDXzCAqMzSsb3sMQO1+0euciY1oTOyYCHYKo+gemWEI/p8PyJe/qB2tWC9GYs
34
- m+we5ul7O4Sq8qKnX0KCqHneqaXakcbuEkhViW6Def432jH8JjYums6EW2mg9570
35
- pHS20TH4u9o0+5DIhayfGrmAtdtQutQNCclONqBlk7r3/16Y8Lr376dDHrISZlwd
36
- fdbUKgJXqJeb4GYhiKV07l67XExVjmAklMuA6bcB7mk+aSYUkoWNic4ZYGNjVv88
37
- AapqLKNG/UPfrJhdhTtFR4ARb8f54rgzONhTaAqVk23Bdp1yoDXaulFCkmU=
28
+ y7jqKMpOE1UCAwEAAaOBljCBkzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
29
+ HQ4EFgQU7+XQuN042fZGvzLhYbIwDfsxZV8wLAYDVR0RBCUwI4EhYWNjb3VudHMr
30
+ cnVieWdlbXNAdGhla29tcGFuZWUuY29tMCwGA1UdEgQlMCOBIWFjY291bnRzK3J1
31
+ YnlnZW1zQHRoZWtvbXBhbmVlLmNvbTANBgkqhkiG9w0BAQsFAAOCAYEA04F3jVFD
32
+ BwHv8GVMkvUAc7r247lEEYfYuU/Iq0fivT1ugxN9pqT/ODwyPSdYy4Aqj8j4HHbM
33
+ 2OQcKXb9SXjlIa/u5McPlhbsTQozs77bXOmrlAXN6shRJtTKSKm5ttmM/sDeks6p
34
+ wdhM0KHu5PBFZQjWfJuqi0hH13l0qQH+8r2GzXTHMKNX+6m1cTAkP81OPFIekn0l
35
+ boFRgsIr1j335pLV/+hgCRNSlU84E59YVVm+W9kP0Ym/n6051mBaaEMsWnm3td7a
36
+ c7BNPTxfmZrtz3TVq9VvzdHad3/+1QdNl9+l3VdL7wZ3GKZLhyifn7dc5EXxiZHJ
37
+ eDcSScq4x5NTMajXoJLKcoQPJDL7rUpPtvGj3v9O20RzHlWVDqVdzeYlswDjIqwe
38
+ ZjvLRaDI6IVoq0skZju//VZLiN6slVhAYYQj0uka/T0DZieabVYDcT4BVpa9M7Gz
39
+ CDW/VDWjvEEbsCIW0oYhtUrkqE8GLIdrpLUjefOERbS5TslD7lG/MH5k
38
40
  -----END CERTIFICATE-----
39
- date: 2020-12-31 00:00:00.000000000 Z
41
+ date: 2022-03-05 00:00:00.000000000 Z
40
42
  dependencies:
41
43
  - !ruby/object:Gem::Dependency
42
44
  name: thor
@@ -187,6 +189,7 @@ files:
187
189
  - lib/chamber/encryption_methods/ssl.rb
188
190
  - lib/chamber/errors/decryption_failure.rb
189
191
  - lib/chamber/errors/environment_conversion.rb
192
+ - lib/chamber/errors/non_conforming_key.rb
190
193
  - lib/chamber/file.rb
191
194
  - lib/chamber/file_set.rb
192
195
  - lib/chamber/files/signature.rb
@@ -207,6 +210,7 @@ files:
207
210
  - lib/chamber/keys/encryption.rb
208
211
  - lib/chamber/namespace_set.rb
209
212
  - lib/chamber/rails.rb
213
+ - lib/chamber/refinements/enumerable.rb
210
214
  - lib/chamber/rubinius_fix.rb
211
215
  - lib/chamber/settings.rb
212
216
  - lib/chamber/types/secured.rb
@@ -223,7 +227,7 @@ metadata:
223
227
  homepage_uri: https://github.com/thekompanee/chamber
224
228
  source_code_uri: https://github.com/thekompanee/chamber
225
229
  wiki_uri: https://github.com/thekompanee/chamber/wiki
226
- post_install_message:
230
+ post_install_message:
227
231
  rdoc_options: []
228
232
  require_paths:
229
233
  - lib
@@ -238,8 +242,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
238
242
  - !ruby/object:Gem::Version
239
243
  version: '0'
240
244
  requirements: []
241
- rubygems_version: 3.2.3
242
- signing_key:
245
+ rubygems_version: 3.1.4
246
+ signing_key:
243
247
  specification_version: 4
244
248
  summary: A surprisingly configurable convention-based approach to managing your application's
245
249
  custom configuration settings.
metadata.gz.sig CHANGED
Binary file