clearance 2.7.1 → 2.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: f0877a789add508c0031bbccf949369fa360271e2f42d9bfb32f16259b9135a3
4
- data.tar.gz: 9ca1d73291bd91c1811edbfc69f3acef51d35edad753743badfb38341687d20b
3
+ metadata.gz: e9ebc10e226aa134b16da93b71b4c3a711c3f83f151446fea8efddcaa6bd732f
4
+ data.tar.gz: '09513f61deaff3967af0226d46e1ab26239919ed6d6ce4dcfa9883e7d2cc68f2'
5
5
  SHA512:
6
- metadata.gz: 67e231abb3b4ee087b0da4c258fab6ba07190945a365b7c3ac37577a9e84a2982fedfccb6578d6d661e8301fb293d061ddcad67af17da1faf8254e31bc336f3e
7
- data.tar.gz: 4bede194d2b6adc4cab0caaf4297435440df9967075a167aca064a3dd9dfa4ebc648f5fdc0588a2c1364f3c43c29aeefcff882e031d02c65e9cf5f0e517eb934
6
+ metadata.gz: 27db1cc19f4846fd087600086ea7d00fb99e2730ae63a09047400e1a9239b5cbc31461c48a49a053a06ec88c89e571694d96d377bf7afea05e1bb0910a69b51c
7
+ data.tar.gz: 5dded1584c8fa0485d60e3eeb7175f45d93b03a1c5afb9644fe3064d09af1c9e5da70eabe11e35e6bd8d31bb8ea9c997ab35537b4b72d3320da4e994250b0119
data/CHANGELOG.md CHANGED
@@ -5,9 +5,19 @@ complete changelog, see the git history for each version via the version links.
5
5
 
6
6
  ## [Unreleased]
7
7
 
8
- [Unreleased]: https://github.com/thoughtbot/clearance/compare/v2.7.1...main
8
+ [Unreleased]: https://github.com/thoughtbot/clearance/compare/v2.7.2...main
9
9
 
10
- ## [2.7.1] May 8, 2024
10
+ ## [2.7.2] - June 28, 2024
11
+ - Fix method redefinition and circular require issues (#1027)
12
+ - Add specs for email validator strict mode (#1001)
13
+ - Create SECURITY.md (#972)
14
+ - Fix validating email in strict mode (#976)
15
+ - Update the example config in README.md (#977)
16
+ - Remove Hound README badge (#1020)
17
+
18
+ [2.7.2]: https://github.com/thoughtbot/clearance/compare/v2.7.1...v2.7.2
19
+
20
+ ## [2.7.1] - May 8, 2024
11
21
  - Update sqlite3 and erb_lint gems (#1017) Jos O'shea
12
22
 
13
23
  [2.7.1]: https://github.com/thoughtbot/clearance/compare/v2.7.0...v2.7.1
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- clearance (2.7.0)
4
+ clearance (2.7.2)
5
5
  actionmailer (>= 5.0)
6
6
  activemodel (>= 5.0)
7
7
  activerecord (>= 5.0)
@@ -130,7 +130,7 @@ GEM
130
130
  mini_mime (1.1.2)
131
131
  mini_portile2 (2.8.6)
132
132
  minitest (5.22.3)
133
- net-imap (0.4.10)
133
+ net-imap (0.4.11)
134
134
  date
135
135
  net-protocol
136
136
  net-pop (0.1.2)
data/README.md CHANGED
@@ -3,7 +3,6 @@
3
3
  [![Build Status](https://github.com/thoughtbot/clearance/actions/workflows/tests.yml/badge.svg)]( https://github.com/thoughtbot/clearance/actions/workflows/tests.yml?query=branch%3Amain)
4
4
  [![Code Climate](https://codeclimate.com/github/thoughtbot/clearance.svg)](https://codeclimate.com/github/thoughtbot/clearance)
5
5
  [![Documentation Quality](https://inch-ci.org/github/thoughtbot/clearance.svg?branch=main)](https://inch-ci.org/github/thoughtbot/clearance)
6
- [![Reviewed by Hound](https://img.shields.io/badge/Reviewed_by-Hound-8E64B0.svg)](https://houndci.com)
7
6
 
8
7
  Rails authentication with email & password.
9
8
 
@@ -63,7 +62,7 @@ Clearance.configure do |config|
63
62
  config.url_after_denied_access_when_signed_out = nil
64
63
  config.rotate_csrf_on_sign_in = true
65
64
  config.same_site = nil
66
- config.secure_cookie = false
65
+ config.secure_cookie = Rails.configuration.force_ssl
67
66
  config.signed_cookie = false
68
67
  config.sign_in_guards = []
69
68
  config.user_model = "User"
@@ -497,4 +496,19 @@ redistributed under the terms specified in the [`LICENSE`] file.
497
496
  [`LICENSE`]: /LICENSE
498
497
 
499
498
  <!-- START /templates/footer.md -->
499
+ ## About thoughtbot
500
+
501
+ ![thoughtbot](https://thoughtbot.com/thoughtbot-logo-for-readmes.svg)
502
+
503
+ This repo is maintained and funded by thoughtbot, inc.
504
+ The names and logos for thoughtbot are trademarks of thoughtbot, inc.
505
+
506
+ We love open source software!
507
+ See [our other projects][community].
508
+ We are [available for hire][hire].
509
+
510
+ [community]: https://thoughtbot.com/community?utm_source=github
511
+ [hire]: https://thoughtbot.com/hire-us?utm_source=github
512
+
513
+
500
514
  <!-- END /templates/footer.md -->
data/SECURITY.md ADDED
@@ -0,0 +1,16 @@
1
+ # Security Policy
2
+
3
+ ## Supported Versions
4
+
5
+ We will provide security updates for the latest 3 versions.
6
+
7
+ | Version | Security updates |
8
+ | - | - |
9
+ | 2.7.x | ✅ |
10
+ | 2.6.x | ✅ |
11
+ | 2.5.x | ✅ |
12
+ | < 2.5.0 | :x: |
13
+
14
+ ## Reporting a Vulnerability
15
+
16
+ You can contact <security@thoughtbot.com>. See <https://thoughtbot.com/security> for more information about our security policy.
@@ -135,7 +135,7 @@ module Clearance
135
135
  # The parameter for user routes. By default this is derived from the user
136
136
  # model.
137
137
  # @return [Symbol]
138
- attr_accessor :user_parameter
138
+ attr_writer :user_parameter
139
139
 
140
140
  # Controls wether users are automatically signed in after successfully
141
141
  # resetting their password.
@@ -1,4 +1,3 @@
1
- require "clearance"
2
1
  require "rails/engine"
3
2
 
4
3
  module Clearance
@@ -150,7 +150,7 @@ module Clearance
150
150
 
151
151
  included do
152
152
  validates :email,
153
- email: { strict_mode: true },
153
+ email: { mode: :strict },
154
154
  presence: true,
155
155
  uniqueness: { allow_blank: true, case_sensitive: true },
156
156
  unless: :email_optional?
@@ -1,3 +1,3 @@
1
1
  module Clearance
2
- VERSION = "2.7.1".freeze
2
+ VERSION = "2.7.2".freeze
3
3
  end
data/lib/clearance.rb CHANGED
@@ -5,9 +5,9 @@ require 'clearance/rack_session'
5
5
  require 'clearance/back_door'
6
6
  require 'clearance/controller'
7
7
  require 'clearance/user'
8
- require 'clearance/engine'
9
8
  require 'clearance/password_strategies'
10
9
  require 'clearance/constraints'
10
+ require 'clearance/engine'
11
11
 
12
12
  module Clearance
13
13
  end
@@ -5,15 +5,16 @@ describe User do
5
5
  it { is_expected.to have_db_index(:remember_token) }
6
6
  it { is_expected.to validate_presence_of(:email) }
7
7
  it { is_expected.to validate_presence_of(:password) }
8
- it { is_expected.to allow_value("foo;@example.com").for(:email) }
9
- it { is_expected.to allow_value("foo@.example.com").for(:email) }
10
- it { is_expected.to allow_value("foo@example..com").for(:email) }
11
8
  it { is_expected.to allow_value("foo@example.co.uk").for(:email) }
12
9
  it { is_expected.to allow_value("foo@example.com").for(:email) }
13
10
  it { is_expected.to allow_value("foo+bar@example.com").for(:email) }
14
11
  it { is_expected.not_to allow_value("example.com").for(:email) }
15
12
  it { is_expected.not_to allow_value("foo").for(:email) }
16
13
  it { is_expected.not_to allow_value("foo@").for(:email) }
14
+ it { is_expected.not_to allow_value("foo@bar").for(:email) }
15
+ it { is_expected.not_to allow_value("foo;@example.com").for(:email) }
16
+ it { is_expected.not_to allow_value("foo@.example.com").for(:email) }
17
+ it { is_expected.not_to allow_value("foo@example..com").for(:email) }
17
18
 
18
19
  describe "#email" do
19
20
  it "stores email in down case and removes whitespace" do
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: clearance
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.7.1
4
+ version: 2.7.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dan Croak
@@ -26,7 +26,7 @@ authors:
26
26
  autorequire:
27
27
  bindir: bin
28
28
  cert_chain: []
29
- date: 2024-05-08 00:00:00.000000000 Z
29
+ date: 2024-06-28 00:00:00.000000000 Z
30
30
  dependencies:
31
31
  - !ruby/object:Gem::Dependency
32
32
  name: bcrypt
@@ -160,6 +160,7 @@ files:
160
160
  - README.md
161
161
  - RELEASING.md
162
162
  - Rakefile
163
+ - SECURITY.md
163
164
  - app/controllers/clearance/base_controller.rb
164
165
  - app/controllers/clearance/passwords_controller.rb
165
166
  - app/controllers/clearance/sessions_controller.rb