clearance 2.10.0 → 2.12.0

data/spec/dummy/config/environments/test.rb

@@ -5,7 +5,7 @@ Rails.application.configure do
 
   config.eager_load = ENV["CI"].present?
 
-  config.public_file_server.headers = { "Cache-Control" => "public, max-age=#{1.hour.to_i}" }
+  config.public_file_server.headers = {"Cache-Control" => "public, max-age=#{1.hour.to_i}"}
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local = true
@@ -19,13 +19,13 @@ Rails.application.configure do
   config.action_mailer.perform_caching = false
   config.action_mailer.delivery_method = :test
 
-  config.action_mailer.default_url_options = { host: "www.example.com" }
+  config.action_mailer.default_url_options = {host: "www.example.com"}
 
   config.active_support.deprecation = :stderr
   config.active_support.disallowed_deprecation = :raise
   config.active_support.disallowed_deprecation_warnings = []
 
-  config.factory_bot.definition_file_paths = [File.expand_path('../../../factories', __dir__)]
+  config.factory_bot.definition_file_paths = [File.expand_path("../../../factories", __dir__)]
 
   config.middleware.use Clearance::BackDoor
 end

data/spec/factories/users.rb

@@ -5,15 +5,15 @@ FactoryBot.define do
 
   factory :user do
     email
-    password { 'password' }
+    password { "password" }
 
     trait :with_forgotten_password do
       confirmation_token { Clearance::Token.new }
     end
 
-    factory :user_with_optional_password, class: 'UserWithOptionalPassword' do
+    factory :user_with_optional_password, class: "UserWithOptionalPassword" do
       password { nil }
-      encrypted_password { '' }
+      encrypted_password { "" }
     end
   end
 end

data/spec/generators/clearance/install/install_generator_spec.rb

@@ -117,13 +117,13 @@ describe Clearance::Generators::InstallGenerator, :generator do
         existing_columns = [Struct::Named.new("remember_token")]
         existing_indexes = [Struct::Named.new("index_users_on_remember_token")]
 
-        allow(ActiveRecord::Base.connection).to receive(:columns).
-          with(:users).
-          and_return(existing_columns)
+        allow(ActiveRecord::Base.connection).to receive(:columns)
+          .with(:users)
+          .and_return(existing_columns)
 
-        allow(ActiveRecord::Base.connection).to receive(:indexes).
-          with(:users).
-          and_return(existing_indexes)
+        allow(ActiveRecord::Base.connection).to receive(:indexes)
+          .with(:users)
+          .and_return(existing_indexes)
 
         run_generator
         migration = migration_file("db/migrate/add_clearance_to_users.rb")
@@ -136,10 +136,10 @@ describe Clearance::Generators::InstallGenerator, :generator do
         expect(migration).not_to contain("t.string :remember_token")
         expect(migration).not_to contain("add_index :users, :remember_token")
         expect(migration).to(
-          contain("add_index :users, :confirmation_token, unique: true"),
+          contain("add_index :users, :confirmation_token, unique: true")
         )
         expect(migration).to(
-          contain("remove_index :users, :confirmation_token, unique: true"),
+          contain("remove_index :users, :confirmation_token, unique: true")
         )
       end
     end
@@ -147,9 +147,9 @@ describe Clearance::Generators::InstallGenerator, :generator do
 
   def table_does_not_exist(name)
     connection = ActiveRecord::Base.connection
-    allow(connection).to receive(:data_source_exists?).
-      with(name).
-      and_return(false)
+    allow(connection).to receive(:data_source_exists?)
+      .with(name)
+      .and_return(false)
   end
 
   def preserve_original_primary_key_type_setting

data/spec/generators/clearance/routes/routes_generator_spec.rb

@@ -15,7 +15,7 @@ describe Clearance::Generators::RoutesGenerator, :generator do
     expect(initializer).to contain("config.routes = false")
     expect(routes).to have_correct_syntax
     expect(routes).to contain(
-      'get "/sign_in" => "clearance/sessions#new", as: "sign_in"'
+      'get "/sign_in" => "clearance/sessions#new", :as => "sign_in"'
     )
   end
 end

data/spec/generators/clearance/specs/specs_generator_spec.rb

@@ -5,7 +5,7 @@ describe Clearance::Generators::SpecsGenerator, :generator do
   it "copies specs to host app" do
     run_generator
 
-    specs = %w(
+    specs = %w[
       factories/clearance
       features/clearance/user_signs_out_spec
       features/clearance/visitor_resets_password_spec
@@ -14,7 +14,7 @@ describe Clearance::Generators::SpecsGenerator, :generator do
       features/clearance/visitor_updates_password_spec
       support/clearance
       support/features/clearance_helpers
-    )
+    ]
 
     spec_files = specs.map { |spec| file("spec/#{spec}.rb") }
 

data/spec/generators/clearance/views/views_generator_spec.rb

@@ -5,7 +5,7 @@ describe Clearance::Generators::ViewsGenerator, :generator do
   it "copies clearance views to the host application" do
     run_generator
 
-    views = %w(
+    views = %w[
       clearance_mailer/change_password.html.erb
       clearance_mailer/change_password.text.erb
       passwords/create.html.erb
@@ -15,7 +15,7 @@ describe Clearance::Generators::ViewsGenerator, :generator do
       sessions/new.html.erb
       users/_form.html.erb
       users/new.html.erb
-    )
+    ]
 
     view_files = views.map { |view| file("app/views/#{view}") }
 

data/spec/mailers/clearance_mailer_spec.rb

@@ -1,5 +1,7 @@
 require "spec_helper"
 
+Person = Class.new(User)
+
 describe ClearanceMailer do
   it "is from DO_NOT_REPLY" do
     user = create(:user)
@@ -59,7 +61,6 @@ describe ClearanceMailer do
   context "when using a custom model" do
     it "contains a link for a custom model" do
       define_people_routes
-      Person = Class.new(User)
       person = Person.new(email: "person@example.com", password: "password")
 
       person.forgot_password!
@@ -82,7 +83,7 @@ describe ClearanceMailer do
           resource(
             :password,
             controller: "clearance/passwords",
-            only: %i[edit update],
+            only: %i[edit update]
           )
         end
       end

data/spec/models/user_spec.rb

@@ -60,7 +60,7 @@ describe User do
         User.authenticate("bad_email@example.com", password)
       end
 
-      expect(user_does_not_exist_time). to be_within(0.01).of(user_exists_time)
+      expect(user_does_not_exist_time).to be_within(0.01).of(user_exists_time)
     end
 
     it "takes the same amount of time to fail authentication regardless of whether user exists" do
@@ -74,7 +74,7 @@ describe User do
         User.authenticate("bad_email@example.com", "bad_password")
       end
 
-      expect(user_does_not_exist_time). to be_within(0.01).of(user_exists_time)
+      expect(user_does_not_exist_time).to be_within(0.01).of(user_exists_time)
     end
 
     it "is retrieved via a case-insensitive search" do

data/spec/password_strategies/argon2_spec.rb

@@ -16,8 +16,8 @@ describe Clearance::PasswordStrategies::Argon2 do
     it "encrypts with Argon2 using default cost in non test environments" do
       hasher = stub_argon2_password
       model_instance = fake_model_with_argon2_strategy
-      allow(Rails).to receive(:env).
-        and_return(ActiveSupport::StringInquirer.new("production"))
+      allow(Rails).to receive(:env)
+        .and_return(ActiveSupport::StringInquirer.new("production"))
 
       model_instance.password = password
 
@@ -69,7 +69,7 @@ describe Clearance::PasswordStrategies::Argon2 do
 
   def fake_model_with_argon2_strategy
     @fake_model_with_argon2_strategy ||= fake_model_with_password_strategy(
-      Clearance::PasswordStrategies::Argon2,
+      Clearance::PasswordStrategies::Argon2
     )
   end
 

data/spec/password_strategies/bcrypt_spec.rb

@@ -1,7 +1,8 @@
 require "spec_helper"
-include FakeModelWithPasswordStrategy
 
 describe Clearance::PasswordStrategies::BCrypt do
+  include FakeModelWithPasswordStrategy
+
   describe "#password=" do
     it "encrypts the password into encrypted_password" do
       stub_bcrypt_password
@@ -15,14 +16,14 @@ describe Clearance::PasswordStrategies::BCrypt do
     it "encrypts with BCrypt using default cost in non test environments" do
       stub_bcrypt_password
       model_instance = fake_model_with_bcrypt_strategy
-      allow(Rails).to receive(:env).
-        and_return(ActiveSupport::StringInquirer.new("production"))
+      allow(Rails).to receive(:env)
+        .and_return(ActiveSupport::StringInquirer.new("production"))
 
       model_instance.password = password
 
       expect(BCrypt::Password).to have_received(:create).with(
         password,
-        cost: ::BCrypt::Engine::DEFAULT_COST,
+        cost: ::BCrypt::Engine::DEFAULT_COST
       )
     end
 

data/spec/password_strategies/password_strategies_spec.rb

@@ -1,7 +1,8 @@
 require "spec_helper"
-include FakeModelWithoutPasswordStrategy
 
 describe "Password strategy configuration" do
+  include FakeModelWithoutPasswordStrategy
+
   describe "when Clearance.configuration.password_strategy is set" do
     it "includes the value it is set to" do
       mock_password_strategy = Module.new

data/spec/requests/authentication_cookie_spec.rb

@@ -2,6 +2,7 @@ require "spec_helper"
 
 class PagesController < ApplicationController
   include Clearance::Controller
+
   before_action :require_login, only: :private
 
   # A page requiring user authentication
@@ -39,8 +40,8 @@ describe "Authentication cookies in the response" do
 
   def draw_test_routes
     Rails.application.routes.draw do
-      get "/private" => "pages#private", as: :private
-      get "/public" => "pages#public", as: :public
+      get "/private" => "pages#private", :as => :private
+      get "/public" => "pages#public", :as => :public
       resource :session, controller: "clearance/sessions", only: [:create]
     end
   end
@@ -49,7 +50,7 @@ describe "Authentication cookies in the response" do
     user = create(:user, password: "password")
 
     post session_path, params: {
-      session: { email: user.email, password: "password" },
+      session: {email: user.email, password: "password"}
     }
   end
 end

data/spec/requests/backdoor_spec.rb

@@ -12,7 +12,7 @@ describe "Backdoor Middleware" do
   it "removes the `as` param but leaves other parameters unchanged" do
     user = create(:user)
 
-    get root_path(as: user.to_param, foo: 'bar')
+    get root_path(as: user.to_param, foo: "bar")
 
     expect(response.body).to include('{"foo":"bar","controller":"application","action":"show"}')
   end

data/spec/requests/cookie_options_spec.rb

@@ -13,7 +13,7 @@ describe "Cookie options" do
         get sign_in_path
 
         post session_path, params: {
-          session: { email: user.email, password: "password" },
+          session: {email: user.email, password: "password"}
         }
       end
 
@@ -33,7 +33,7 @@ describe "Cookie options" do
         get sign_in_path
 
         post session_path, params: {
-          session: { email: user.email, password: "password" },
+          session: {email: user.email, password: "password"}
         }
       end
 

data/spec/requests/csrf_rotation_spec.rb

@@ -16,7 +16,7 @@ describe "CSRF Rotation" do
         original_token = csrf_token
 
         post session_path, params: {
-          authenticity_token: csrf_token, session: { email: user.email, password: "password" }
+          authenticity_token: csrf_token, session: {email: user.email, password: "password"}
         }
 
         expect(csrf_token).not_to eq original_token

data/spec/requests/password_maintenance_spec.rb

@@ -8,7 +8,7 @@ describe "Password maintenance" do
       put user_password_url(user), params: {
         user_id: user,
         token: user.confirmation_token,
-        password_reset: { password: "my_new_password" },
+        password_reset: {password: "my_new_password"}
       }
 
       expect(response).to redirect_to(Clearance.configuration.redirect_url)

data/spec/requests/token_expiration_spec.rb

@@ -15,7 +15,7 @@ describe "Token expiration" do
     it "should have a remember_token cookie with a future expiration" do
       expect(first_cookie.expires).to be_between(
         1.years.from_now - 1.second,
-        1.years.from_now,
+        1.years.from_now
       )
     end
   end
@@ -53,7 +53,7 @@ describe "Token expiration" do
     get sign_in_path
 
     post session_path, params: {
-      session: { email: user.email, password: "password" },
+      session: {email: user.email, password: "password"}
     }
   end
 end

data/spec/routing/clearance_routes_spec.rb

@@ -1,18 +1,18 @@
-require 'spec_helper'
+require "spec_helper"
 
-describe 'routes for Clearance' do
-  context 'routes enabled' do
-    it 'draws the default routes' do
-      expect(get: 'sign_up').to be_routable
-      expect(get: 'sign_in').to be_routable
-      expect(get: 'passwords/new').to be_routable
-      expect(post: 'session').to be_routable
-      expect(post: 'passwords').to be_routable
-      expect(post: 'users').to be_routable
+describe "routes for Clearance" do
+  context "routes enabled" do
+    it "draws the default routes" do
+      expect(get: "sign_up").to be_routable
+      expect(get: "sign_in").to be_routable
+      expect(get: "passwords/new").to be_routable
+      expect(post: "session").to be_routable
+      expect(post: "passwords").to be_routable
+      expect(post: "users").to be_routable
     end
   end
 
-  context 'routes disabled' do
+  context "routes disabled" do
     around do |example|
       Clearance.configure { |config| config.routes = false }
       Rails.application.reload_routes!
@@ -21,17 +21,17 @@ describe 'routes for Clearance' do
       Rails.application.reload_routes!
     end
 
-    it 'does not draw any routes' do
-      expect(get: 'sign_up').not_to be_routable
-      expect(get: 'sign_in').not_to be_routable
-      expect(get: 'passwords/new').not_to be_routable
-      expect(post: 'session').not_to be_routable
-      expect(post: 'passwords').not_to be_routable
-      expect(post: 'users').not_to be_routable
+    it "does not draw any routes" do
+      expect(get: "sign_up").not_to be_routable
+      expect(get: "sign_in").not_to be_routable
+      expect(get: "passwords/new").not_to be_routable
+      expect(post: "session").not_to be_routable
+      expect(post: "passwords").not_to be_routable
+      expect(post: "users").not_to be_routable
     end
   end
 
-  context 'signup disabled' do
+  context "signup disabled" do
     around do |example|
       Clearance.configure { |config| config.allow_sign_up = false }
       Rails.application.reload_routes!
@@ -40,30 +40,30 @@ describe 'routes for Clearance' do
       Rails.application.reload_routes!
     end
 
-    it 'does not route sign_up' do
-      expect(get: 'sign_up').not_to be_routable
+    it "does not route sign_up" do
+      expect(get: "sign_up").not_to be_routable
     end
 
-    it 'does not route to users#create' do
-      expect(post: 'users').not_to be_routable
+    it "does not route to users#create" do
+      expect(post: "users").not_to be_routable
     end
 
-    it 'does not route to users#new' do
-      expect(get: 'users/new').not_to be_routable
+    it "does not route to users#new" do
+      expect(get: "users/new").not_to be_routable
     end
   end
 
-  context 'signup enabled' do
-    it 'does route sign_up' do
-      expect(get: 'sign_up').to be_routable
+  context "signup enabled" do
+    it "does route sign_up" do
+      expect(get: "sign_up").to be_routable
     end
 
-    it 'does route to users#create' do
-      expect(post: 'users').to be_routable
+    it "does route to users#create" do
+      expect(post: "users").to be_routable
     end
   end
 
-  context 'password reset disabled' do
+  context "password reset disabled" do
     around do |example|
       Clearance.configure { |config| config.allow_password_reset = false }
       Rails.application.reload_routes!
@@ -72,24 +72,24 @@ describe 'routes for Clearance' do
       Rails.application.reload_routes!
     end
 
-    it 'does not route password edit' do
+    it "does not route password edit" do
       user = create(:user)
       expect(get: "users/#{user.id}/password/edit").not_to be_routable
     end
 
-    it 'does not route to clearance/passwords#update' do
+    it "does not route to clearance/passwords#update" do
       user = create(:user)
       expect(patch: "/users/#{user.id}/password").not_to be_routable
     end
   end
 
-  context 'reset enabled' do
-    it 'does route password edit' do
+  context "reset enabled" do
+    it "does route password edit" do
       user = create(:user)
       expect(get: "users/#{user.id}/password/edit").to be_routable
     end
 
-    it 'does route to clearance/passwords#update' do
+    it "does route to clearance/passwords#update" do
       user = create(:user)
       expect(patch: "/users/#{user.id}/password").to be_routable
     end

data/spec/support/clearance.rb

@@ -1,4 +1,4 @@
-require 'clearance'
+require "clearance"
 
 Clearance.configure do |config|
   # need an empty block to initialize the configuration object

data/spec/support/fake_model_without_password_strategy.rb

@@ -5,8 +5,11 @@ module FakeModelWithoutPasswordStrategy
 
       validates_with UniquenessValidator
 
-      def self.before_validation(*); end
-      def self.before_create(*); end
+      def self.before_validation(*)
+      end
+
+      def self.before_create(*)
+      end
 
       include Clearance::User
     end.new

data/spec/support/generator_spec_helpers.rb

@@ -1,5 +1,5 @@
-require "ammeter/rspec/generator/example.rb"
-require "ammeter/rspec/generator/matchers.rb"
+require "ammeter/rspec/generator/example"
+require "ammeter/rspec/generator/matchers"
 require "ammeter/init"
 
 module GeneratorSpecHelpers

data/spec/support/request_with_remember_token.rb

@@ -7,7 +7,7 @@ module RememberTokenHelpers
       cookies[Clearance.configuration.cookie_name] = remember_token
     end
 
-    env = { clearance: Clearance::Session.new(cookies.request.env) }
+    env = {clearance: Clearance::Session.new(cookies.request.env)}
     Rack::Request.new env
   end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: clearance
 version: !ruby/object:Gem::Version
-  version: 2.10.0
+  version: 2.12.0
 platform: ruby
 authors:
 - Dan Croak
@@ -24,10 +24,11 @@ authors:
 - Josh Steiner
 - Dorian Marié
 - Sara Jackson
+- Fernando Perales
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-28 00:00:00.000000000 Z
+date: 2026-04-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bcrypt
@@ -148,8 +149,10 @@ extra_rdoc_files:
 files:
 - ".erb_lint.yml"
 - ".github/dependabot.yml"
+- ".github/workflows/codeql.yml"
 - ".github/workflows/dynamic-readme.yml"
 - ".github/workflows/dynamic-security.yml"
+- ".github/workflows/standardrb.yml"
 - ".github/workflows/tests.yml"
 - ".gitignore"
 - ".yardopts"
@@ -185,9 +188,9 @@ files:
 - clearance.gemspec
 - config/locales/clearance.en.yml
 - config/routes.rb
-- gemfiles/rails_7.1.gemfile
 - gemfiles/rails_7.2.gemfile
 - gemfiles/rails_8.0.gemfile
+- gemfiles/rails_8.1.gemfile
 - lib/clearance.rb
 - lib/clearance/authentication.rb
 - lib/clearance/authorization.rb
@@ -316,7 +319,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 3.1.6
+      version: 3.3.11
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="