chamber 2.14.2 → 2.14.3

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 89e0b6151f3cafb916f399bd49b780f6df353ab41832012c48a2f5520a03df5d
4
- data.tar.gz: 4e976be3b9be2b3b2e30185895a3c2d330daa3880298a65ead34e30ca5befd81
3
+ metadata.gz: '08e636d1674a305c9d330e9adf5be147b1e5c2d2c57f131da98a216e3d3b3111'
4
+ data.tar.gz: 7848e6ca2e2e4de843eedc65f9ca5315c18e71f9a8a2ba67a37c0ea46930a482
5
5
  SHA512:
6
- metadata.gz: aa7e4a481d465da58e4b99f06e868f0b97fd9242e429ad0a233f6b2763930696ab60eb43d276a8e26aa5a245734e1c5dcce7bb08c1b568ebec83bddb9cc7d6c9
7
- data.tar.gz: 3f9bdb837c924886b72b685d01debdb5ffcb33d1fa1220cf6c243bfde6e3d2b76f1579b565095cf355af54ee43fef8a722ed871bd2a72f484283b2adefe4e5cc
6
+ metadata.gz: 8337ba8c0c7cc899f40bb712a455e5ee56e878ed11f6258e0917863acf194b4cac1a4b11ff087a4c72ed7e5550972fc2d097dafd5b26492a40c8094bd33a744a
7
+ data.tar.gz: 27b49b8592d343b050491f2a2d22cbd69323989ac031abc9d6a2bf375a30887cd16580d9c76259a4475c9f42d6603aa73769754b454bbfa55bac98e493ae9c3b
checksums.yaml.gz.sig CHANGED
Binary file
@@ -20,14 +20,14 @@ class Heroku
20
20
  self.app = app
21
21
  end
22
22
 
23
- def add_environment_variable(name, value) # rubocop:disable Metrics/AbcSize
23
+ def add_environment_variable(name, value)
24
24
  value = value.gsub(/\n/, '\n') if value
25
25
  request = ::Net::HTTP::Patch.new(config_vars_uri)
26
26
 
27
27
  request['Authorization'] = "Bearer #{api_token}"
28
28
  request['Accept'] = 'application/vnd.heroku+json; version=3'
29
29
  request['Content-Type'] = 'application/json'
30
- request.body = ::JSON.dump(Hash[name, value])
30
+ request.body = ::JSON.dump({ name => value })
31
31
 
32
32
  response = ::JSON.parse(response(request).body)
33
33
 
@@ -20,7 +20,33 @@ class PublicKey
20
20
  unencrypted_value = decryption_key.private_decrypt(decoded_string)
21
21
 
22
22
  begin
23
- _unserialized_value = YAML.load(unencrypted_value)
23
+ _unserialized_value = begin
24
+ YAML.safe_load(unencrypted_value,
25
+ aliases: true,
26
+ permitted_classes: [
27
+ ::Date,
28
+ ::Time,
29
+ ::Regexp,
30
+ ])
31
+ rescue ::Psych::DisallowedClass => error
32
+ warn <<-HEREDOC
33
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
34
+ has been deprecated and will be removed in 3.0.
35
+
36
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
37
+ for full details.
38
+
39
+ #{error.message}
40
+
41
+ Called from: '#{caller.to_a[8]}'
42
+ HEREDOC
43
+
44
+ if YAML.respond_to?(:unsafe_load)
45
+ YAML.unsafe_load(unencrypted_value)
46
+ else
47
+ YAML.load(unencrypted_value)
48
+ end
49
+ end
24
50
  rescue TypeError
25
51
  unencrypted_value
26
52
  end
@@ -35,7 +35,7 @@ class Ssl
35
35
  Base64.strict_encode64(encrypted_data)
36
36
  end
37
37
 
38
- def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize
38
+ def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
39
39
  if decryption_keys.nil?
40
40
  value
41
41
  else
@@ -62,7 +62,33 @@ class Ssl
62
62
  end
63
63
 
64
64
  begin
65
- _unserialized_value = YAML.load(unencrypted_value)
65
+ _unserialized_value = begin
66
+ YAML.safe_load(unencrypted_value,
67
+ aliases: true,
68
+ permitted_classes: [
69
+ ::Date,
70
+ ::Time,
71
+ ::Regexp,
72
+ ])
73
+ rescue ::Psych::DisallowedClass => error
74
+ warn <<-HEREDOC
75
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
76
+ has been deprecated and will be removed in 3.0.
77
+
78
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
79
+ for full details.
80
+
81
+ #{error.message}
82
+
83
+ Called from: '#{caller.to_a[8]}'
84
+ HEREDOC
85
+
86
+ if YAML.respond_to?(:unsafe_load)
87
+ YAML.unsafe_load(unencrypted_value)
88
+ else
89
+ YAML.load(unencrypted_value)
90
+ end
91
+ end
66
92
  rescue TypeError
67
93
  unencrypted_value
68
94
  end
@@ -0,0 +1,8 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Chamber
4
+ module Errors
5
+ class NonConformingKey < ::ArgumentError
6
+ end
7
+ end
8
+ end
data/lib/chamber/file.rb CHANGED
@@ -139,11 +139,37 @@ class File < Pathname
139
139
  @secure_prefix_pattern ||= Regexp.escape(secure_prefix)
140
140
  end
141
141
 
142
- def file_contents_hash
142
+ def file_contents_hash # rubocop:disable Metrics/CyclomaticComplexity
143
143
  file_contents = read
144
144
  erb_result = ERB.new(file_contents).result
145
145
 
146
- YAML.load(erb_result) || {}
146
+ begin
147
+ YAML.safe_load(erb_result,
148
+ aliases: true,
149
+ permitted_classes: [
150
+ ::Date,
151
+ ::Time,
152
+ ::Regexp,
153
+ ]) || {}
154
+ rescue ::Psych::DisallowedClass => error
155
+ warn <<-HEREDOC
156
+ WARNING: Recursive data structures (complex classes) being loaded from Chamber
157
+ has been deprecated and will be removed in 3.0.
158
+
159
+ See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
160
+ for full details.
161
+
162
+ #{error.message}
163
+
164
+ Called from: '#{caller.to_a[2]}'
165
+ HEREDOC
166
+
167
+ if YAML.respond_to?(:unsafe_load)
168
+ YAML.unsafe_load(erb_result) || {}
169
+ else
170
+ YAML.load(erb_result) || {}
171
+ end
172
+ end
147
173
  rescue Errno::ENOENT
148
174
  {}
149
175
  end
@@ -256,9 +256,15 @@ class FileSet
256
256
 
257
257
  private
258
258
 
259
+ # rubocop:disable Performance/ChainArrayAllocation
259
260
  def all_files
260
- @all_files ||= file_globs.map { |fg| Pathname.glob(fg) }.flatten.uniq.sort # rubocop:disable Performance/ChainArrayAllocation
261
+ @all_files ||= file_globs
262
+ .map { |fg| Pathname.glob(fg) }
263
+ .flatten
264
+ .uniq
265
+ .sort
261
266
  end
267
+ # rubocop:enable Performance/ChainArrayAllocation
262
268
 
263
269
  def non_namespaced_files
264
270
  @non_namespaced_files ||= all_files - namespaced_files
@@ -92,7 +92,7 @@ class DecryptionFilter
92
92
  # rubocop:enable Style/RedundantBegin
93
93
 
94
94
  def decryption_method(value)
95
- if value.respond_to?(:match)
95
+ if value.is_a?(::String)
96
96
  if value.match(BASE64_STRING_PATTERN)
97
97
  EncryptionMethods::PublicKey
98
98
  elsif value.match(LARGE_DATA_STRING_PATTERN)
@@ -75,7 +75,7 @@ class EncryptionFilter
75
75
  end
76
76
 
77
77
  def encryption_method(value)
78
- value_is_encrypted = value.respond_to?(:match) &&
78
+ value_is_encrypted = value.is_a?(::String) &&
79
79
  (value.match(BASE64_STRING_PATTERN) ||
80
80
  value.match(LARGE_DATA_STRING_PATTERN))
81
81
 
@@ -110,9 +110,11 @@ class EnvironmentFilter
110
110
  { key => execute(value, environment_keys) }
111
111
  end,
112
112
  lambda do |key, value, environment_key|
113
- { key => convert_environment_value(environment_key,
113
+ {
114
+ key => convert_environment_value(environment_key,
114
115
  ENV[environment_key],
115
- value) }
116
+ value),
117
+ }
116
118
  end,
117
119
  )
118
120
  end
@@ -39,13 +39,13 @@ class Base
39
39
  namespaces.map { |n| namespace_to_key_path(n) }
40
40
  end
41
41
 
42
- # rubocop:disable Performance/ChainArrayAllocation
42
+ # rubocop:disable Performance/ChainArrayAllocation, Performance/MapCompact
43
43
  def filenames=(other)
44
44
  @filenames = Array(other)
45
45
  .map { |o| Pathname.new(o) }
46
46
  .compact
47
47
  end
48
- # rubocop:enable Performance/ChainArrayAllocation
48
+ # rubocop:enable Performance/ChainArrayAllocation, Performance/MapCompact
49
49
 
50
50
  def namespaces=(other)
51
51
  @namespaces = other + %w{signature}
@@ -0,0 +1,25 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'chamber/errors/non_conforming_key'
4
+
5
+ module Chamber
6
+ module Refinements
7
+ class Enumerable
8
+ def self.deep_validate_keys(object, &block)
9
+ case object
10
+ when ::Hash
11
+ object.each do |(key, value)|
12
+ # fail ::Chamber::Errors::NonConformingKey unless key == yield(key)
13
+ warn "WARNING: Non-String settings keys are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#all-settings-keys-are-now-stored-as-strings for full details. Called from: '#{caller.to_a.first}'" unless key == yield(key) # rubocop:disable Layout/LineLength
14
+
15
+ deep_validate_keys(value, &block)
16
+ end
17
+ when ::Array
18
+ object.map { |v| deep_validate_keys(v, &block) }
19
+ else
20
+ object
21
+ end
22
+ end
23
+ end
24
+ end
25
+ end
@@ -5,7 +5,7 @@ require 'pathname'
5
5
  unless Pathname.instance_methods.include?(:write)
6
6
  class Pathname
7
7
  def write(*args)
8
- IO.write @path, *args
8
+ IO.write @path, *args # rubocop:disable Security/IoMethods
9
9
  end
10
10
  end
11
11
  end
@@ -10,6 +10,7 @@ require 'chamber/filters/secure_filter'
10
10
  require 'chamber/filters/translate_secure_keys_filter'
11
11
  require 'chamber/filters/insecure_filter'
12
12
  require 'chamber/filters/failed_decryption_filter'
13
+ require 'chamber/refinements/enumerable'
13
14
 
14
15
  ###
15
16
  # Internal: Represents the base settings storage needed for Chamber.
@@ -41,6 +42,9 @@ class Settings
41
42
  settings: {},
42
43
  **_args
43
44
  )
45
+
46
+ ::Chamber::Refinements::Enumerable.deep_validate_keys(settings, &:to_s)
47
+
44
48
  self.decryption_keys = decryption_keys
45
49
  self.encryption_keys = encryption_keys
46
50
  self.namespaces = namespaces
@@ -228,8 +232,8 @@ class Settings
228
232
  end
229
233
 
230
234
  def [](key)
231
- warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details." if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
232
- warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details." unless data.has_key?(key) # rubocop:disable Layout/LineLength
235
+ warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0. You attempted to access the '#{key}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details. Called from: '#{caller.to_a.first}'" if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
236
+ warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details. Called from: '#{caller.to_a.first}'" unless data.has_key?(key) # rubocop:disable Layout/LineLength
233
237
 
234
238
  data.[](key)
235
239
  end
@@ -273,8 +277,8 @@ class Settings
273
277
 
274
278
  def method_missing(name, *args)
275
279
  if data.respond_to?(name)
276
- warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details." # rubocop:disable Layout/LineLength
277
- warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details." if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
280
+ warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details. Called from: '#{caller.to_a.first}'" # rubocop:disable Layout/LineLength
281
+ warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{name}' setting. See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details. Called from: '#{caller.to_a.first}'" if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
278
282
 
279
283
  data.public_send(name, *args)
280
284
  else
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Chamber
4
- VERSION = '2.14.2'
4
+ VERSION = '2.14.3'
5
5
  end
data.tar.gz.sig CHANGED
@@ -1 +1 @@
1
- f�,z�$��^^S�-�4*Pk��kɵ/$�_���݄���Ӭ#�|O0G��-6��Mz����hd���4a�/�L�`� SY?PLd���t%%�i׉/W���#��B$����o�=]M/��b/ɬe��aiX'��M��0���`Ƹ5��3�c���ߦ�4��=�/-�L����uo+iR��މ �n8�a99=�A���Չ=f�9�J
1
+ ~Hߊ�{��BZ�׷����9B{l� Jg��b�3�BmP��ᩚwֺ`c4}�zߓ����&?�"���4��5I*�M֔o�G�w̩�����%����p��0���T��uK[ <ZԿ�j9��_n��I�4O��[ W��c{3�/�>{i(DZN�p���+BB:�.c&P%���o
metadata CHANGED
@@ -1,21 +1,21 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: chamber
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.14.2
4
+ version: 2.14.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - thekompanee
8
8
  - jfelchner
9
9
  - stevenhallen
10
10
  - m5rk
11
- autorequire:
11
+ autorequire:
12
12
  bindir: bin
13
13
  cert_chain:
14
14
  - |
15
15
  -----BEGIN CERTIFICATE-----
16
- MIIEGDCCAoCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
17
- dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjAxMjI2MjIy
18
- NTE5WhcNMjExMjI2MjIyNTE5WjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
16
+ MIIEdjCCAt6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
17
+ dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjIwMzA1MjM0
18
+ OTEzWhcNMjMwMzA1MjM0OTEzWjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
19
19
  cy9EQz10aGVrb21wYW5lZS9EQz1jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw
20
20
  ggGKAoIBgQD0Z84PxtE0iiWCMTQbnit6D4w55GGBQZnhpWUCJwC0SpQ/jnT0Fsma
21
21
  g8oAIdDclLvLC9jzqSAmkOujlpkJMb5NabgkhKFwHi6cVW/gz/cVnISAv8LQTIM5
@@ -25,18 +25,20 @@ cert_chain:
25
25
  NBRKSuO15kpPo2G55N0HLy8abUzbu5cqjhSbIk9hzD6AmdGCT4DqlsdHI5gOrGP0
26
26
  BO6VxGpRuRETKoZ4epPCsXC2XAwk3TJXkuuqYkgdcv8ZR4rPW2CiPvRqgG1YVwWj
27
27
  SrIy5Dt/dlMvxdIMiTj6ytAQP1kfdKPFWrJTIA2tspl/eNB+LiYsVdj8d0UU/KTY
28
- y7jqKMpOE1UCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
29
- BBYEFO/l0LjdONn2Rr8y4WGyMA37MWVfMA0GCSqGSIb3DQEBCwUAA4IBgQDBGn+T
30
- HS7SCuLgjCimsT5e3v+Q0VaML1+yJPPqvIVM+HMyTYDpV2ogdAcX1I0lNbUHT9w7
31
- 5y8pQ7BtYq8LDX6D8EufjvlgpJzunuPpNVh2QQdtkYC2zGabTnk+BJC5scYckBxW
32
- PxYXSuOxjXAkFe1r9RhPzeMY8lPVh6aEQKNLVkzbpIjoGzUgAPGPZG/ylKSWycwE
33
- qfHiDXzCAqMzSsb3sMQO1+0euciY1oTOyYCHYKo+gemWEI/p8PyJe/qB2tWC9GYs
34
- m+we5ul7O4Sq8qKnX0KCqHneqaXakcbuEkhViW6Def432jH8JjYums6EW2mg9570
35
- pHS20TH4u9o0+5DIhayfGrmAtdtQutQNCclONqBlk7r3/16Y8Lr376dDHrISZlwd
36
- fdbUKgJXqJeb4GYhiKV07l67XExVjmAklMuA6bcB7mk+aSYUkoWNic4ZYGNjVv88
37
- AapqLKNG/UPfrJhdhTtFR4ARb8f54rgzONhTaAqVk23Bdp1yoDXaulFCkmU=
28
+ y7jqKMpOE1UCAwEAAaOBljCBkzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
29
+ HQ4EFgQU7+XQuN042fZGvzLhYbIwDfsxZV8wLAYDVR0RBCUwI4EhYWNjb3VudHMr
30
+ cnVieWdlbXNAdGhla29tcGFuZWUuY29tMCwGA1UdEgQlMCOBIWFjY291bnRzK3J1
31
+ YnlnZW1zQHRoZWtvbXBhbmVlLmNvbTANBgkqhkiG9w0BAQsFAAOCAYEA04F3jVFD
32
+ BwHv8GVMkvUAc7r247lEEYfYuU/Iq0fivT1ugxN9pqT/ODwyPSdYy4Aqj8j4HHbM
33
+ 2OQcKXb9SXjlIa/u5McPlhbsTQozs77bXOmrlAXN6shRJtTKSKm5ttmM/sDeks6p
34
+ wdhM0KHu5PBFZQjWfJuqi0hH13l0qQH+8r2GzXTHMKNX+6m1cTAkP81OPFIekn0l
35
+ boFRgsIr1j335pLV/+hgCRNSlU84E59YVVm+W9kP0Ym/n6051mBaaEMsWnm3td7a
36
+ c7BNPTxfmZrtz3TVq9VvzdHad3/+1QdNl9+l3VdL7wZ3GKZLhyifn7dc5EXxiZHJ
37
+ eDcSScq4x5NTMajXoJLKcoQPJDL7rUpPtvGj3v9O20RzHlWVDqVdzeYlswDjIqwe
38
+ ZjvLRaDI6IVoq0skZju//VZLiN6slVhAYYQj0uka/T0DZieabVYDcT4BVpa9M7Gz
39
+ CDW/VDWjvEEbsCIW0oYhtUrkqE8GLIdrpLUjefOERbS5TslD7lG/MH5k
38
40
  -----END CERTIFICATE-----
39
- date: 2020-12-31 00:00:00.000000000 Z
41
+ date: 2022-03-05 00:00:00.000000000 Z
40
42
  dependencies:
41
43
  - !ruby/object:Gem::Dependency
42
44
  name: thor
@@ -187,6 +189,7 @@ files:
187
189
  - lib/chamber/encryption_methods/ssl.rb
188
190
  - lib/chamber/errors/decryption_failure.rb
189
191
  - lib/chamber/errors/environment_conversion.rb
192
+ - lib/chamber/errors/non_conforming_key.rb
190
193
  - lib/chamber/file.rb
191
194
  - lib/chamber/file_set.rb
192
195
  - lib/chamber/files/signature.rb
@@ -207,6 +210,7 @@ files:
207
210
  - lib/chamber/keys/encryption.rb
208
211
  - lib/chamber/namespace_set.rb
209
212
  - lib/chamber/rails.rb
213
+ - lib/chamber/refinements/enumerable.rb
210
214
  - lib/chamber/rubinius_fix.rb
211
215
  - lib/chamber/settings.rb
212
216
  - lib/chamber/types/secured.rb
@@ -223,7 +227,7 @@ metadata:
223
227
  homepage_uri: https://github.com/thekompanee/chamber
224
228
  source_code_uri: https://github.com/thekompanee/chamber
225
229
  wiki_uri: https://github.com/thekompanee/chamber/wiki
226
- post_install_message:
230
+ post_install_message:
227
231
  rdoc_options: []
228
232
  require_paths:
229
233
  - lib
@@ -238,8 +242,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
238
242
  - !ruby/object:Gem::Version
239
243
  version: '0'
240
244
  requirements: []
241
- rubygems_version: 3.2.3
242
- signing_key:
245
+ rubygems_version: 3.1.4
246
+ signing_key:
243
247
  specification_version: 4
244
248
  summary: A surprisingly configurable convention-based approach to managing your application's
245
249
  custom configuration settings.
metadata.gz.sig CHANGED
Binary file