chamber 2.14.2 → 2.14.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 89e0b6151f3cafb916f399bd49b780f6df353ab41832012c48a2f5520a03df5d
-  data.tar.gz: 4e976be3b9be2b3b2e30185895a3c2d330daa3880298a65ead34e30ca5befd81
+  metadata.gz: '08e636d1674a305c9d330e9adf5be147b1e5c2d2c57f131da98a216e3d3b3111'
+  data.tar.gz: 7848e6ca2e2e4de843eedc65f9ca5315c18e71f9a8a2ba67a37c0ea46930a482
 SHA512:
-  metadata.gz: aa7e4a481d465da58e4b99f06e868f0b97fd9242e429ad0a233f6b2763930696ab60eb43d276a8e26aa5a245734e1c5dcce7bb08c1b568ebec83bddb9cc7d6c9
-  data.tar.gz: 3f9bdb837c924886b72b685d01debdb5ffcb33d1fa1220cf6c243bfde6e3d2b76f1579b565095cf355af54ee43fef8a722ed871bd2a72f484283b2adefe4e5cc
+  metadata.gz: 8337ba8c0c7cc899f40bb712a455e5ee56e878ed11f6258e0917863acf194b4cac1a4b11ff087a4c72ed7e5550972fc2d097dafd5b26492a40c8094bd33a744a
+  data.tar.gz: 27b49b8592d343b050491f2a2d22cbd69323989ac031abc9d6a2bf375a30887cd16580d9c76259a4475c9f42d6603aa73769754b454bbfa55bac98e493ae9c3b

data/lib/chamber/adapters/cloud/heroku.rb

@@ -20,14 +20,14 @@ class   Heroku
     self.app       = app
   end
 
-  def add_environment_variable(name, value) # rubocop:disable Metrics/AbcSize
+  def add_environment_variable(name, value)
     value   = value.gsub(/\n/, '\n') if value
     request = ::Net::HTTP::Patch.new(config_vars_uri)
 
     request['Authorization'] = "Bearer #{api_token}"
     request['Accept']        = 'application/vnd.heroku+json; version=3'
     request['Content-Type']  = 'application/json'
-    request.body             = ::JSON.dump(Hash[name, value])
+    request.body             = ::JSON.dump({ name => value })
 
     response = ::JSON.parse(response(request).body)
 

data/lib/chamber/encryption_methods/public_key.rb

@@ -20,7 +20,33 @@ class   PublicKey
       unencrypted_value = decryption_key.private_decrypt(decoded_string)
 
       begin
-        _unserialized_value = YAML.load(unencrypted_value)
+        _unserialized_value = begin
+                                YAML.safe_load(unencrypted_value,
+                                               aliases:           true,
+                                               permitted_classes: [
+                                                                    ::Date,
+                                                                    ::Time,
+                                                                    ::Regexp,
+                                                                  ])
+                              rescue ::Psych::DisallowedClass => error
+                                warn <<-HEREDOC
+WARNING: Recursive data structures (complex classes) being loaded from Chamber
+has been deprecated and will be removed in 3.0.
+
+See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
+for full details.
+
+#{error.message}
+
+Called from: '#{caller.to_a[8]}'
+                                HEREDOC
+
+                                if YAML.respond_to?(:unsafe_load)
+                                  YAML.unsafe_load(unencrypted_value)
+                                else
+                                  YAML.load(unencrypted_value)
+                                end
+                              end
       rescue TypeError
         unencrypted_value
       end

data/lib/chamber/encryption_methods/ssl.rb

@@ -35,7 +35,7 @@ class   Ssl
     Base64.strict_encode64(encrypted_data)
   end
 
-  def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize
+  def self.decrypt(key, value, decryption_keys) # rubocop:disable Metrics/AbcSize, Metrics/CyclomaticComplexity, Metrics/PerceivedComplexity, Metrics/MethodLength
     if decryption_keys.nil?
       value
     else
@@ -62,7 +62,33 @@ class   Ssl
       end
 
       begin
-        _unserialized_value = YAML.load(unencrypted_value)
+        _unserialized_value = begin
+                                YAML.safe_load(unencrypted_value,
+                                               aliases:           true,
+                                               permitted_classes: [
+                                                                    ::Date,
+                                                                    ::Time,
+                                                                    ::Regexp,
+                                                                  ])
+                              rescue ::Psych::DisallowedClass => error
+                                warn <<-HEREDOC
+WARNING: Recursive data structures (complex classes) being loaded from Chamber
+has been deprecated and will be removed in 3.0.
+
+See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
+for full details.
+
+#{error.message}
+
+Called from: '#{caller.to_a[8]}'
+                                HEREDOC
+
+                                if YAML.respond_to?(:unsafe_load)
+                                  YAML.unsafe_load(unencrypted_value)
+                                else
+                                  YAML.load(unencrypted_value)
+                                end
+                              end
       rescue TypeError
         unencrypted_value
       end

data/lib/chamber/errors/non_conforming_key.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module  Chamber
+module  Errors
+class   NonConformingKey < ::ArgumentError
+end
+end
+end

data/lib/chamber/file.rb

@@ -139,11 +139,37 @@ class   File < Pathname
     @secure_prefix_pattern ||= Regexp.escape(secure_prefix)
   end
 
-  def file_contents_hash
+  def file_contents_hash # rubocop:disable Metrics/CyclomaticComplexity
     file_contents = read
     erb_result    = ERB.new(file_contents).result
 
-    YAML.load(erb_result) || {}
+    begin
+      YAML.safe_load(erb_result,
+                     aliases:           true,
+                     permitted_classes: [
+                                          ::Date,
+                                          ::Time,
+                                          ::Regexp,
+                                        ]) || {}
+    rescue ::Psych::DisallowedClass => error
+      warn <<-HEREDOC
+WARNING: Recursive data structures (complex classes) being loaded from Chamber
+has been deprecated and will be removed in 3.0.
+
+See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#limiting-complex-classes
+for full details.
+
+#{error.message}
+
+Called from: '#{caller.to_a[2]}'
+      HEREDOC
+
+      if YAML.respond_to?(:unsafe_load)
+        YAML.unsafe_load(erb_result) || {}
+      else
+        YAML.load(erb_result) || {}
+      end
+    end
   rescue Errno::ENOENT
     {}
   end

data/lib/chamber/file_set.rb

@@ -256,9 +256,15 @@ class   FileSet
 
   private
 
+  # rubocop:disable Performance/ChainArrayAllocation
   def all_files
-    @all_files ||= file_globs.map { |fg| Pathname.glob(fg) }.flatten.uniq.sort # rubocop:disable Performance/ChainArrayAllocation
+    @all_files ||= file_globs
+                     .map { |fg| Pathname.glob(fg) }
+                     .flatten
+                     .uniq
+                     .sort
   end
+  # rubocop:enable Performance/ChainArrayAllocation
 
   def non_namespaced_files
     @non_namespaced_files ||= all_files - namespaced_files

data/lib/chamber/filters/decryption_filter.rb

@@ -92,7 +92,7 @@ class   DecryptionFilter
   # rubocop:enable Style/RedundantBegin
 
   def decryption_method(value)
-    if value.respond_to?(:match)
+    if value.is_a?(::String)
       if value.match(BASE64_STRING_PATTERN)
         EncryptionMethods::PublicKey
       elsif value.match(LARGE_DATA_STRING_PATTERN)

data/lib/chamber/filters/encryption_filter.rb

@@ -75,7 +75,7 @@ class     EncryptionFilter
   end
 
   def encryption_method(value)
-    value_is_encrypted = value.respond_to?(:match) &&
+    value_is_encrypted = value.is_a?(::String) &&
                            (value.match(BASE64_STRING_PATTERN) ||
                             value.match(LARGE_DATA_STRING_PATTERN))
 

data/lib/chamber/filters/environment_filter.rb

@@ -110,9 +110,11 @@ class   EnvironmentFilter
         { key => execute(value, environment_keys) }
       end,
       lambda do |key, value, environment_key|
-        { key => convert_environment_value(environment_key,
+        {
+          key => convert_environment_value(environment_key,
                                            ENV[environment_key],
-                                           value) }
+                                           value),
+        }
       end,
     )
   end

data/lib/chamber/keys/base.rb

@@ -39,13 +39,13 @@ class   Base
                  namespaces.map { |n| namespace_to_key_path(n) }
   end
 
-  # rubocop:disable Performance/ChainArrayAllocation
+  # rubocop:disable Performance/ChainArrayAllocation, Performance/MapCompact
   def filenames=(other)
     @filenames = Array(other)
                    .map { |o| Pathname.new(o) }
                    .compact
   end
-  # rubocop:enable Performance/ChainArrayAllocation
+  # rubocop:enable Performance/ChainArrayAllocation, Performance/MapCompact
 
   def namespaces=(other)
     @namespaces = other + %w{signature}

data/lib/chamber/refinements/enumerable.rb

@@ -0,0 +1,25 @@
+# frozen_string_literal: true
+
+require 'chamber/errors/non_conforming_key'
+
+module Chamber
+module Refinements
+class  Enumerable
+  def self.deep_validate_keys(object, &block)
+    case object
+    when ::Hash
+      object.each do |(key, value)|
+        # fail ::Chamber::Errors::NonConformingKey unless key == yield(key)
+        warn "WARNING: Non-String settings keys are deprecated and will be removed in Chamber 3.0. You attempted to access the '#{key}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#all-settings-keys-are-now-stored-as-strings for full details. Called from: '#{caller.to_a.first}'" unless key == yield(key) # rubocop:disable Layout/LineLength
+
+        deep_validate_keys(value, &block)
+      end
+    when ::Array
+      object.map { |v| deep_validate_keys(v, &block) }
+    else
+      object
+    end
+  end
+end
+end
+end

data/lib/chamber/rubinius_fix.rb

@@ -5,7 +5,7 @@ require 'pathname'
 unless Pathname.instance_methods.include?(:write)
   class Pathname
     def write(*args)
-      IO.write @path, *args
+      IO.write @path, *args # rubocop:disable Security/IoMethods
     end
   end
 end

data/lib/chamber/settings.rb

@@ -10,6 +10,7 @@ require 'chamber/filters/secure_filter'
 require 'chamber/filters/translate_secure_keys_filter'
 require 'chamber/filters/insecure_filter'
 require 'chamber/filters/failed_decryption_filter'
+require 'chamber/refinements/enumerable'
 
 ###
 # Internal: Represents the base settings storage needed for Chamber.
@@ -41,6 +42,9 @@ class   Settings
                   settings:          {},
                   **_args
                 )
+
+    ::Chamber::Refinements::Enumerable.deep_validate_keys(settings, &:to_s)
+
     self.decryption_keys   = decryption_keys
     self.encryption_keys   = encryption_keys
     self.namespaces        = namespaces
@@ -228,8 +232,8 @@ class   Settings
   end
 
   def [](key)
-    warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0.  You attempted to access the '#{key}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details." if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
-    warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details." unless data.has_key?(key) # rubocop:disable Layout/LineLength
+    warn "WARNING: Bracket access will require strings instead of symbols in Chamber 3.0.  You attempted to access the '#{key}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-bracket-indifferent-access for full details. Called from: '#{caller.to_a.first}'" if key.is_a?(::Symbol) # rubocop:disable Layout/LineLength
+    warn "WARNING: Accessing a non-existent key ('#{key}') with brackets will fail in Chamber 3.0.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#bracket-access-now-fails-on-non-existent-keys for full details. Called from: '#{caller.to_a.first}'" unless data.has_key?(key) # rubocop:disable Layout/LineLength
 
     data.[](key)
   end
@@ -273,8 +277,8 @@ class   Settings
 
   def method_missing(name, *args)
     if data.respond_to?(name)
-      warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0.  You attempted to access the '#{name}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details." # rubocop:disable Layout/LineLength
-      warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0.  You attempted to access the '#{name}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details." if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
+      warn "WARNING: Object notation access is deprecated and will be removed in Chamber 3.0.  You attempted to access the '#{name}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-object-notation-access for full details. Called from: '#{caller.to_a.first}'" # rubocop:disable Layout/LineLength
+      warn "WARNING: Predicate methods are deprecated and will be removed in Chamber 3.0.  You attempted to access the '#{name}' setting.  See https://github.com/thekompanee/chamber/wiki/Upgrading-To-Chamber-3.0#removal-of-predicate-accessors for full details. Called from: '#{caller.to_a.first}'" if name.to_s.end_with?('?') # rubocop:disable Layout/LineLength
 
       data.public_send(name, *args)
     else

data/lib/chamber/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Chamber
-  VERSION = '2.14.2'
+  VERSION = '2.14.3'
 end

data.tar.gz.sig

@@ -1 +1 @@
-�f�,z�$��^^S�-�4*Pk��kɵ/$�_���݄���Ӭ#�|O0G��-6��Mz����hd���4�a�/�L�
`�	�SY?PLd���t%%�i׉/W���#��B$����o�=]M/��b/ɬe��aiX'��M��0���`Ƹ5��3�c���ߦ�4��=�/-�L����uo+iR��މ�n8�a99=�A���Չ=f�9�J
+~Hߊ�{��BZ�׷����9�B{l�Jg��b�3�BmP��ᩚwֺ`c4}�zߓ����&?�"���4��5I*�M֔o�G�w̩�����%����p��0���T��uK�[�<ZԿ�j9��_n��I�4O��[W��c{3�/�>{i�(DZN�p���+BB:�.c&P%���o

metadata

@@ -1,21 +1,21 @@
 --- !ruby/object:Gem::Specification
 name: chamber
 version: !ruby/object:Gem::Version
-  version: 2.14.2
+  version: 2.14.3
 platform: ruby
 authors:
 - thekompanee
 - jfelchner
 - stevenhallen
 - m5rk
-autorequire:
+autorequire: 
 bindir: bin
 cert_chain:
 - |
   -----BEGIN CERTIFICATE-----
-  MIIEGDCCAoCgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
-  dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjAxMjI2MjIy
-  NTE5WhcNMjExMjI2MjIyNTE5WjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
+  MIIEdjCCAt6gAwIBAgIBATANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDDCdhY2Nv
+  dW50c19ydWJ5Z2Vtcy9EQz10aGVrb21wYW5lZS9EQz1jb20wHhcNMjIwMzA1MjM0
+  OTEzWhcNMjMwMzA1MjM0OTEzWjAyMTAwLgYDVQQDDCdhY2NvdW50c19ydWJ5Z2Vt
   cy9EQz10aGVrb21wYW5lZS9EQz1jb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAw
   ggGKAoIBgQD0Z84PxtE0iiWCMTQbnit6D4w55GGBQZnhpWUCJwC0SpQ/jnT0Fsma
   g8oAIdDclLvLC9jzqSAmkOujlpkJMb5NabgkhKFwHi6cVW/gz/cVnISAv8LQTIM5
@@ -25,18 +25,20 @@ cert_chain:
   NBRKSuO15kpPo2G55N0HLy8abUzbu5cqjhSbIk9hzD6AmdGCT4DqlsdHI5gOrGP0
   BO6VxGpRuRETKoZ4epPCsXC2XAwk3TJXkuuqYkgdcv8ZR4rPW2CiPvRqgG1YVwWj
   SrIy5Dt/dlMvxdIMiTj6ytAQP1kfdKPFWrJTIA2tspl/eNB+LiYsVdj8d0UU/KTY
-  y7jqKMpOE1UCAwEAAaM5MDcwCQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0O
-  BBYEFO/l0LjdONn2Rr8y4WGyMA37MWVfMA0GCSqGSIb3DQEBCwUAA4IBgQDBGn+T
-  HS7SCuLgjCimsT5e3v+Q0VaML1+yJPPqvIVM+HMyTYDpV2ogdAcX1I0lNbUHT9w7
-  5y8pQ7BtYq8LDX6D8EufjvlgpJzunuPpNVh2QQdtkYC2zGabTnk+BJC5scYckBxW
-  PxYXSuOxjXAkFe1r9RhPzeMY8lPVh6aEQKNLVkzbpIjoGzUgAPGPZG/ylKSWycwE
-  qfHiDXzCAqMzSsb3sMQO1+0euciY1oTOyYCHYKo+gemWEI/p8PyJe/qB2tWC9GYs
-  m+we5ul7O4Sq8qKnX0KCqHneqaXakcbuEkhViW6Def432jH8JjYums6EW2mg9570
-  pHS20TH4u9o0+5DIhayfGrmAtdtQutQNCclONqBlk7r3/16Y8Lr376dDHrISZlwd
-  fdbUKgJXqJeb4GYhiKV07l67XExVjmAklMuA6bcB7mk+aSYUkoWNic4ZYGNjVv88
-  AapqLKNG/UPfrJhdhTtFR4ARb8f54rgzONhTaAqVk23Bdp1yoDXaulFCkmU=
+  y7jqKMpOE1UCAwEAAaOBljCBkzAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNV
+  HQ4EFgQU7+XQuN042fZGvzLhYbIwDfsxZV8wLAYDVR0RBCUwI4EhYWNjb3VudHMr
+  cnVieWdlbXNAdGhla29tcGFuZWUuY29tMCwGA1UdEgQlMCOBIWFjY291bnRzK3J1
+  YnlnZW1zQHRoZWtvbXBhbmVlLmNvbTANBgkqhkiG9w0BAQsFAAOCAYEA04F3jVFD
+  BwHv8GVMkvUAc7r247lEEYfYuU/Iq0fivT1ugxN9pqT/ODwyPSdYy4Aqj8j4HHbM
+  2OQcKXb9SXjlIa/u5McPlhbsTQozs77bXOmrlAXN6shRJtTKSKm5ttmM/sDeks6p
+  wdhM0KHu5PBFZQjWfJuqi0hH13l0qQH+8r2GzXTHMKNX+6m1cTAkP81OPFIekn0l
+  boFRgsIr1j335pLV/+hgCRNSlU84E59YVVm+W9kP0Ym/n6051mBaaEMsWnm3td7a
+  c7BNPTxfmZrtz3TVq9VvzdHad3/+1QdNl9+l3VdL7wZ3GKZLhyifn7dc5EXxiZHJ
+  eDcSScq4x5NTMajXoJLKcoQPJDL7rUpPtvGj3v9O20RzHlWVDqVdzeYlswDjIqwe
+  ZjvLRaDI6IVoq0skZju//VZLiN6slVhAYYQj0uka/T0DZieabVYDcT4BVpa9M7Gz
+  CDW/VDWjvEEbsCIW0oYhtUrkqE8GLIdrpLUjefOERbS5TslD7lG/MH5k
   -----END CERTIFICATE-----
-date: 2020-12-31 00:00:00.000000000 Z
+date: 2022-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor
@@ -187,6 +189,7 @@ files:
 - lib/chamber/encryption_methods/ssl.rb
 - lib/chamber/errors/decryption_failure.rb
 - lib/chamber/errors/environment_conversion.rb
+- lib/chamber/errors/non_conforming_key.rb
 - lib/chamber/file.rb
 - lib/chamber/file_set.rb
 - lib/chamber/files/signature.rb
@@ -207,6 +210,7 @@ files:
 - lib/chamber/keys/encryption.rb
 - lib/chamber/namespace_set.rb
 - lib/chamber/rails.rb
+- lib/chamber/refinements/enumerable.rb
 - lib/chamber/rubinius_fix.rb
 - lib/chamber/settings.rb
 - lib/chamber/types/secured.rb
@@ -223,7 +227,7 @@ metadata:
   homepage_uri: https://github.com/thekompanee/chamber
   source_code_uri: https://github.com/thekompanee/chamber
   wiki_uri: https://github.com/thekompanee/chamber/wiki
-post_install_message:
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -238,8 +242,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.3
-signing_key:
+rubygems_version: 3.1.4
+signing_key: 
 specification_version: 4
 summary: A surprisingly configurable convention-based approach to managing your application's
   custom configuration settings.