devise-secure_password 2.0.1 → 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. checksums.yaml +4 -4
  2. data/Changelog.md +8 -0
  3. data/Gemfile.lock +249 -185
  4. data/README.md +40 -13
  5. data/devise-secure_password.gemspec +8 -4
  6. data/gemfiles/rails_6_1.gemfile +1 -1
  7. data/gemfiles/rails_7_0.gemfile +66 -0
  8. data/lib/devise/secure_password/models/password_disallows_frequent_changes.rb +7 -7
  9. data/lib/devise/secure_password/models/password_disallows_frequent_reuse.rb +1 -1
  10. data/lib/devise/secure_password/models/password_requires_regular_updates.rb +7 -7
  11. data/lib/devise/secure_password/version.rb +1 -1
  12. data/lib/generators/devise/templates/secure_password.rb +1 -1
  13. data/lib/support/string/character_counter.rb +1 -1
  14. data/pkg/devise-secure_password-2.0.1.gem +0 -0
  15. data/pkg/devise-secure_password-2.1.0.gem +0 -0
  16. metadata +13 -14
  17. data/gemfiles/rails_6_0.gemfile +0 -57
  18. data/gemfiles/rails_6_0.gemfile.lock +0 -347
  19. data/gemfiles/rails_6_1.gemfile.lock +0 -352
  20. data/pkg/devise-secure_password-2.0.0.gem +0 -0
data/devise-secure_password.gemspec CHANGED
@@ -24,12 +24,16 @@ Gem::Specification.new do |spec|
24
24
  spec.files = Dir['./**/*'].reject do |f|
25
25
  f.match(%r{^./(test|spec|features|lib/tasks)/|Gemfile.lock.ci})
26
26
  end
27
+
28
+ spec.metadata = {
29
+ 'rubygems_mfa_required' => 'true'
30
+ }
31
+
27
32
  spec.executables = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
28
- spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
29
33
  spec.require_paths = ['lib']
30
34
 
31
35
  spec.add_runtime_dependency 'devise', '>= 4.0.0', '< 5.0.0'
32
- spec.add_runtime_dependency 'railties', '>= 5.0.0', '< 7.0.0'
36
+ spec.add_runtime_dependency 'railties', '>= 5.0.0', '< 8.0.0'
33
37
 
34
38
  spec.add_development_dependency 'bundler', '>= 2.2.14'
35
39
  spec.add_development_dependency 'capybara', '>= 3.35.3'
@@ -38,7 +42,7 @@ Gem::Specification.new do |spec|
38
42
  spec.add_development_dependency 'devise', '~> 4.0'
39
43
  spec.add_development_dependency 'flay', '>= 2.10.0'
40
44
  spec.add_development_dependency 'launchy', '>= 2.4.3'
41
- spec.add_development_dependency 'rails', '>= 5.2.0'
45
+ spec.add_development_dependency 'rails', '>= 6.1.0'
42
46
  spec.add_development_dependency 'rake', '>= 12.3'
43
47
  spec.add_development_dependency 'rspec', '>= 3.7'
44
48
  spec.add_development_dependency 'rspec_junit_formatter', '>= 0.3'
@@ -50,7 +54,7 @@ Gem::Specification.new do |spec|
50
54
  spec.add_development_dependency 'selenium-webdriver', '>= 3.7.0'
51
55
  spec.add_development_dependency 'simplecov', '>= 0.18.2'
52
56
  spec.add_development_dependency 'simplecov-console', '>= 0.4.2'
53
- spec.add_development_dependency 'sqlite3', '>= 1.3.13'
57
+ spec.add_development_dependency 'sqlite3', '>= 1.7.0'
54
58
 
55
59
  spec.required_ruby_version = '>= 2.7'
56
60
  end
data/gemfiles/rails_6_1.gemfile CHANGED
@@ -8,7 +8,7 @@ gemspec path: '../'
8
8
  # Bundle edge Rails instead: gem 'rails', github: 'rails/rails', branch: 'main'
9
9
  gem 'rails', '~> 6.1.3', '>= 6.1.3.1'
10
10
  # Use sqlite3 as the database for Active Record
11
- gem 'sqlite3', '~> 1.4'
11
+ gem 'sqlite3', '~> 1.7.0'
12
12
  # Use Puma as the app server
13
13
  gem 'puma', '~> 5.0'
14
14
  # Use SCSS for stylesheets
data/gemfiles/rails_7_0.gemfile ADDED
@@ -0,0 +1,66 @@
1
+ source 'https://rubygems.org'
2
+ git_source(:github) { |repo| "https://github.com/#{repo}.git" }
3
+
4
+ ENV['RAILS_TARGET'] ||= '7.0'
5
+
6
+ gemspec path: '../'
7
+
8
+ # Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main"
9
+ gem 'rails', '~> 7.1.3', '>= 7.1.3.4'
10
+
11
+ # The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
12
+ gem 'sprockets-rails'
13
+
14
+ # Use sqlite3 as the database for Active Record
15
+ gem 'sqlite3', '~> 1.4'
16
+
17
+ # Use the Puma web server [https://github.com/puma/puma]
18
+ gem 'puma', '>= 5.0'
19
+
20
+ # Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
21
+ gem 'importmap-rails'
22
+
23
+ # Hotwire's SPA-like page accelerator [https://turbo.hotwired.dev]
24
+ gem 'turbo-rails'
25
+
26
+ # Hotwire's modest JavaScript framework [https://stimulus.hotwired.dev]
27
+ gem 'stimulus-rails'
28
+
29
+ # Build JSON APIs with ease [https://github.com/rails/jbuilder]
30
+ gem 'jbuilder'
31
+
32
+ # Use Redis adapter to run Action Cable in production
33
+ # gem "redis", ">= 4.0.1"
34
+
35
+ # Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis]
36
+ # gem "kredis"
37
+
38
+ # Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
39
+ # gem "bcrypt", "~> 3.1.7"
40
+
41
+ # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
42
+ gem 'tzinfo-data', platforms: %i(windows jruby)
43
+
44
+ # Reduces boot times through caching; required in config/boot.rb
45
+ gem 'bootsnap', require: false
46
+
47
+ # Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
48
+ # gem "image_processing", "~> 1.2"
49
+
50
+ group :development do
51
+ # Use console on exceptions pages [https://github.com/rails/web-console]
52
+ gem 'web-console'
53
+
54
+ # Speed up commands on slow machines / big apps [https://github.com/rails/spring]
55
+ # gem "spring"
56
+ end
57
+
58
+ group :test do
59
+ # Adds support for Capybara system testing and selenium driver
60
+ gem 'capybara', '>= 3.26'
61
+ gem 'codecov', require: false
62
+ gem 'selenium-webdriver'
63
+ gem 'shoulda-matchers'
64
+ # Easy installation and use of web drivers to run system tests with browsers
65
+ gem 'webdrivers'
66
+ end
data/lib/devise/secure_password/models/password_disallows_frequent_changes.rb CHANGED
@@ -37,15 +37,15 @@ module Devise
37
37
  def before_resource_initialized
38
38
  return if self.class.respond_to?(:password_previously_used_count)
39
39
 
40
- raise ConfigurationError, <<-ERROR.strip_heredoc
40
+ raise ConfigurationError, <<~ERROR
41
41
 
42
- The password_disallows_frequent_changes module depends on the
43
- password_disallows_frequent_reuse module. Verify that you have
44
- added both modules to your model, for example:
42
+ The password_disallows_frequent_changes module depends on the
43
+ password_disallows_frequent_reuse module. Verify that you have
44
+ added both modules to your model, for example:
45
45
 
46
- devise :database_authenticatable, :registerable,
47
- :password_disallows_frequent_reuse,
48
- :password_disallows_frequent_changes
46
+ devise :database_authenticatable, :registerable,
47
+ :password_disallows_frequent_reuse,
48
+ :password_disallows_frequent_changes
49
49
  ERROR
50
50
  end
51
51
 
data/lib/devise/secure_password/models/password_disallows_frequent_reuse.rb CHANGED
@@ -41,7 +41,7 @@ module Devise
41
41
  end
42
42
 
43
43
  def previous_password?(password)
44
- salts = previous_passwords.select(:salt).map(&:salt)
44
+ salts = previous_passwords.pluck(:salt)
45
45
  pepper = self.class.pepper.presence || ''
46
46
 
47
47
  salts.each do |salt|
data/lib/devise/secure_password/models/password_requires_regular_updates.rb CHANGED
@@ -20,15 +20,15 @@ module Devise
20
20
  def before_regular_update_initialized
21
21
  return if self.class.respond_to?(:password_previously_used_count)
22
22
 
23
- raise ConfigurationError, <<-ERROR.strip_heredoc
23
+ raise ConfigurationError, <<~ERROR
24
24
 
25
- The password_requires_regular_updates module depends on the
26
- password_disallows_frequent_reuse module. Verify that you have
27
- added both modules to your model, for example:
25
+ The password_requires_regular_updates module depends on the
26
+ password_disallows_frequent_reuse module. Verify that you have
27
+ added both modules to your model, for example:
28
28
 
29
- devise :database_authenticatable, :registerable,
30
- :password_disallows_frequent_reuse,
31
- :password_requires_regular_updates
29
+ devise :database_authenticatable, :registerable,
30
+ :password_disallows_frequent_reuse,
31
+ :password_requires_regular_updates
32
32
  ERROR
33
33
  end
34
34
 
data/lib/devise/secure_password/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  module Devise
2
2
  module SecurePassword
3
- VERSION = '2.0.1'.freeze
3
+ VERSION = '2.1.0'.freeze
4
4
  end
5
5
  end
data/lib/generators/devise/templates/secure_password.rb CHANGED
@@ -18,7 +18,7 @@ Devise.setup do |config|
18
18
  # The number of numbers (0-9) required in a password:
19
19
  # config.password_required_number_count = 1
20
20
 
21
- # The number of special characters (!@#$%^&*()_+-=[]{}|') required in a password:
21
+ # The number of special characters ( !@#$%^&*()_+-=[]{}|'"/\.,`<>:;?~) required in a password:
22
22
  # config.password_required_special_character_count = 1
23
23
 
24
24
  # ==> Configuration for the Devise Secure Password extension
data/lib/support/string/character_counter.rb CHANGED
@@ -11,7 +11,7 @@ module Support
11
11
  uppercase: characters_to_dictionary(('A'..'Z').to_a),
12
12
  lowercase: characters_to_dictionary(('a'..'z').to_a),
13
13
  number: characters_to_dictionary(('0'..'9').to_a),
14
- special: characters_to_dictionary(%w(! @ # $ % ^ & * ( ) _ + - = [ ] { } | ')),
14
+ special: characters_to_dictionary([' ', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '+', '-', '=', '[', ']', '{', '}', '|', '"', '/', '\\', '.', ',', '`', '<', '>', ':', ';', '?', '~', "'"]),
15
15
  unknown: {}
16
16
  }
17
17
  end
data/pkg/devise-secure_password-2.0.1.gem CHANGED
Binary file
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: devise-secure_password
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.1
4
+ version: 2.1.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Mark Eissler
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-04 00:00:00.000000000 Z
11
+ date: 2024-06-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: devise
@@ -39,7 +39,7 @@ dependencies:
39
39
  version: 5.0.0
40
40
  - - "<"
41
41
  - !ruby/object:Gem::Version
42
- version: 7.0.0
42
+ version: 8.0.0
43
43
  type: :runtime
44
44
  prerelease: false
45
45
  version_requirements: !ruby/object:Gem::Requirement
@@ -49,7 +49,7 @@ dependencies:
49
49
  version: 5.0.0
50
50
  - - "<"
51
51
  - !ruby/object:Gem::Version
52
- version: 7.0.0
52
+ version: 8.0.0
53
53
  - !ruby/object:Gem::Dependency
54
54
  name: bundler
55
55
  requirement: !ruby/object:Gem::Requirement
@@ -154,14 +154,14 @@ dependencies:
154
154
  requirements:
155
155
  - - ">="
156
156
  - !ruby/object:Gem::Version
157
- version: 5.2.0
157
+ version: 6.1.0
158
158
  type: :development
159
159
  prerelease: false
160
160
  version_requirements: !ruby/object:Gem::Requirement
161
161
  requirements:
162
162
  - - ">="
163
163
  - !ruby/object:Gem::Version
164
- version: 5.2.0
164
+ version: 6.1.0
165
165
  - !ruby/object:Gem::Dependency
166
166
  name: rake
167
167
  requirement: !ruby/object:Gem::Requirement
@@ -322,14 +322,14 @@ dependencies:
322
322
  requirements:
323
323
  - - ">="
324
324
  - !ruby/object:Gem::Version
325
- version: 1.3.13
325
+ version: 1.7.0
326
326
  type: :development
327
327
  prerelease: false
328
328
  version_requirements: !ruby/object:Gem::Requirement
329
329
  requirements:
330
330
  - - ">="
331
331
  - !ruby/object:Gem::Version
332
- version: 1.3.13
332
+ version: 1.7.0
333
333
  description: Adds configurable password policy enforcement to devise.
334
334
  email:
335
335
  - mark.eissler@valimail.com
@@ -353,10 +353,8 @@ files:
353
353
  - "./config/locales/en.yml"
354
354
  - "./devise-secure_password.gemspec"
355
355
  - "./docker-entrypoint.sh"
356
- - "./gemfiles/rails_6_0.gemfile"
357
- - "./gemfiles/rails_6_0.gemfile.lock"
358
356
  - "./gemfiles/rails_6_1.gemfile"
359
- - "./gemfiles/rails_6_1.gemfile.lock"
357
+ - "./gemfiles/rails_7_0.gemfile"
360
358
  - "./lib/devise/secure_password.rb"
361
359
  - "./lib/devise/secure_password/controllers/devise_helpers.rb"
362
360
  - "./lib/devise/secure_password/controllers/helpers.rb"
@@ -372,12 +370,13 @@ files:
372
370
  - "./lib/generators/devise/templates/README.txt"
373
371
  - "./lib/generators/devise/templates/secure_password.rb"
374
372
  - "./lib/support/string/character_counter.rb"
375
- - "./pkg/devise-secure_password-2.0.0.gem"
376
373
  - "./pkg/devise-secure_password-2.0.1.gem"
374
+ - "./pkg/devise-secure_password-2.1.0.gem"
377
375
  homepage: https://github.com/valimail/devise-secure_password
378
376
  licenses:
379
377
  - MIT
380
- metadata: {}
378
+ metadata:
379
+ rubygems_mfa_required: 'true'
381
380
  post_install_message:
382
381
  rdoc_options: []
383
382
  require_paths:
@@ -393,7 +392,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
393
392
  - !ruby/object:Gem::Version
394
393
  version: '0'
395
394
  requirements: []
396
- rubygems_version: 3.2.16
395
+ rubygems_version: 3.5.9
397
396
  signing_key:
398
397
  specification_version: 4
399
398
  summary: A devise password policy enforcement extension.
data/gemfiles/rails_6_0.gemfile DELETED
@@ -1,57 +0,0 @@
1
- source 'https://rubygems.org'
2
- git_source(:github) { |repo| "https://github.com/#{repo}.git" }
3
-
4
- ENV['RAILS_TARGET'] ||= '6.0'
5
-
6
- gemspec path: '../'
7
-
8
- # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
9
- gem 'rails', '~> 6.0.3', '>= 6.0.3.6'
10
- # Use sqlite3 as the database for Active Record
11
- gem 'sqlite3', '~> 1.4'
12
- # Use Puma as the app server
13
- gem 'puma', '~> 4.1'
14
- # Use SCSS for stylesheets
15
- gem 'sass-rails', '>= 6'
16
- # Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker
17
- gem 'webpacker', '~> 4.0'
18
- # Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
19
- gem 'turbolinks', '~> 5'
20
- # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
21
- gem 'jbuilder', '~> 2.7'
22
- # Use Redis adapter to run Action Cable in production
23
- # gem 'redis', '~> 4.0'
24
- # Use Active Model has_secure_password
25
- # gem 'bcrypt', '~> 3.1.7'
26
-
27
- # Use Active Storage variant
28
- # gem 'image_processing', '~> 1.2'
29
-
30
- # Reduces boot times through caching; required in config/boot.rb
31
- gem 'bootsnap', '>= 1.4.2', require: false
32
-
33
- group :development, :test do
34
- # Call 'byebug' anywhere in the code to stop execution and get a debugger console
35
- gem 'byebug', platforms: %i(mri mingw x64_mingw)
36
- end
37
-
38
- group :development do
39
- # Access an interactive console on exception pages or by calling 'console' anywhere in the code.
40
- gem 'listen', '~> 3.2'
41
- gem 'web-console', '>= 3.3.0'
42
- end
43
-
44
- group :test do
45
- # Adds support for Capybara system testing and selenium driver
46
- gem 'capybara', '>= 2.15'
47
- gem 'codecov', require: false
48
- gem 'selenium-webdriver'
49
- gem 'shoulda-matchers'
50
- # Easy installation and use of web drivers to run system tests with browsers
51
- gem 'webdrivers'
52
- end
53
-
54
- # Windows does not include zoneinfo files, so bundle the tzinfo-data gem
55
- gem 'tzinfo-data', platforms: %i(mingw mswin x64_mingw jruby)
56
-
57
- gem 'webrick', '~> 1.7'