devise-secure_password 2.0.1 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Changelog.md +8 -0
- data/Gemfile.lock +249 -185
- data/README.md +40 -13
- data/devise-secure_password.gemspec +8 -4
- data/gemfiles/rails_6_1.gemfile +1 -1
- data/gemfiles/rails_7_0.gemfile +66 -0
- data/lib/devise/secure_password/models/password_disallows_frequent_changes.rb +7 -7
- data/lib/devise/secure_password/models/password_disallows_frequent_reuse.rb +1 -1
- data/lib/devise/secure_password/models/password_requires_regular_updates.rb +7 -7
- data/lib/devise/secure_password/version.rb +1 -1
- data/lib/generators/devise/templates/secure_password.rb +1 -1
- data/lib/support/string/character_counter.rb +1 -1
- data/pkg/devise-secure_password-2.0.1.gem +0 -0
- data/pkg/devise-secure_password-2.1.0.gem +0 -0
- metadata +13 -14
- data/gemfiles/rails_6_0.gemfile +0 -57
- data/gemfiles/rails_6_0.gemfile.lock +0 -347
- data/gemfiles/rails_6_1.gemfile.lock +0 -352
- data/pkg/devise-secure_password-2.0.0.gem +0 -0
@@ -24,12 +24,16 @@ Gem::Specification.new do |spec|
|
|
24
24
|
spec.files = Dir['./**/*'].reject do |f|
|
25
25
|
f.match(%r{^./(test|spec|features|lib/tasks)/|Gemfile.lock.ci})
|
26
26
|
end
|
27
|
+
|
28
|
+
spec.metadata = {
|
29
|
+
'rubygems_mfa_required' => 'true'
|
30
|
+
}
|
31
|
+
|
27
32
|
spec.executables = spec.files.grep(%r{^bin/}).map { |f| File.basename(f) }
|
28
|
-
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
29
33
|
spec.require_paths = ['lib']
|
30
34
|
|
31
35
|
spec.add_runtime_dependency 'devise', '>= 4.0.0', '< 5.0.0'
|
32
|
-
spec.add_runtime_dependency 'railties', '>= 5.0.0', '<
|
36
|
+
spec.add_runtime_dependency 'railties', '>= 5.0.0', '< 8.0.0'
|
33
37
|
|
34
38
|
spec.add_development_dependency 'bundler', '>= 2.2.14'
|
35
39
|
spec.add_development_dependency 'capybara', '>= 3.35.3'
|
@@ -38,7 +42,7 @@ Gem::Specification.new do |spec|
|
|
38
42
|
spec.add_development_dependency 'devise', '~> 4.0'
|
39
43
|
spec.add_development_dependency 'flay', '>= 2.10.0'
|
40
44
|
spec.add_development_dependency 'launchy', '>= 2.4.3'
|
41
|
-
spec.add_development_dependency 'rails', '>=
|
45
|
+
spec.add_development_dependency 'rails', '>= 6.1.0'
|
42
46
|
spec.add_development_dependency 'rake', '>= 12.3'
|
43
47
|
spec.add_development_dependency 'rspec', '>= 3.7'
|
44
48
|
spec.add_development_dependency 'rspec_junit_formatter', '>= 0.3'
|
@@ -50,7 +54,7 @@ Gem::Specification.new do |spec|
|
|
50
54
|
spec.add_development_dependency 'selenium-webdriver', '>= 3.7.0'
|
51
55
|
spec.add_development_dependency 'simplecov', '>= 0.18.2'
|
52
56
|
spec.add_development_dependency 'simplecov-console', '>= 0.4.2'
|
53
|
-
spec.add_development_dependency 'sqlite3', '>= 1.
|
57
|
+
spec.add_development_dependency 'sqlite3', '>= 1.7.0'
|
54
58
|
|
55
59
|
spec.required_ruby_version = '>= 2.7'
|
56
60
|
end
|
data/gemfiles/rails_6_1.gemfile
CHANGED
@@ -8,7 +8,7 @@ gemspec path: '../'
|
|
8
8
|
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails', branch: 'main'
|
9
9
|
gem 'rails', '~> 6.1.3', '>= 6.1.3.1'
|
10
10
|
# Use sqlite3 as the database for Active Record
|
11
|
-
gem 'sqlite3', '~> 1.
|
11
|
+
gem 'sqlite3', '~> 1.7.0'
|
12
12
|
# Use Puma as the app server
|
13
13
|
gem 'puma', '~> 5.0'
|
14
14
|
# Use SCSS for stylesheets
|
@@ -0,0 +1,66 @@
|
|
1
|
+
source 'https://rubygems.org'
|
2
|
+
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
|
3
|
+
|
4
|
+
ENV['RAILS_TARGET'] ||= '7.0'
|
5
|
+
|
6
|
+
gemspec path: '../'
|
7
|
+
|
8
|
+
# Bundle edge Rails instead: gem "rails", github: "rails/rails", branch: "main"
|
9
|
+
gem 'rails', '~> 7.1.3', '>= 7.1.3.4'
|
10
|
+
|
11
|
+
# The original asset pipeline for Rails [https://github.com/rails/sprockets-rails]
|
12
|
+
gem 'sprockets-rails'
|
13
|
+
|
14
|
+
# Use sqlite3 as the database for Active Record
|
15
|
+
gem 'sqlite3', '~> 1.4'
|
16
|
+
|
17
|
+
# Use the Puma web server [https://github.com/puma/puma]
|
18
|
+
gem 'puma', '>= 5.0'
|
19
|
+
|
20
|
+
# Use JavaScript with ESM import maps [https://github.com/rails/importmap-rails]
|
21
|
+
gem 'importmap-rails'
|
22
|
+
|
23
|
+
# Hotwire's SPA-like page accelerator [https://turbo.hotwired.dev]
|
24
|
+
gem 'turbo-rails'
|
25
|
+
|
26
|
+
# Hotwire's modest JavaScript framework [https://stimulus.hotwired.dev]
|
27
|
+
gem 'stimulus-rails'
|
28
|
+
|
29
|
+
# Build JSON APIs with ease [https://github.com/rails/jbuilder]
|
30
|
+
gem 'jbuilder'
|
31
|
+
|
32
|
+
# Use Redis adapter to run Action Cable in production
|
33
|
+
# gem "redis", ">= 4.0.1"
|
34
|
+
|
35
|
+
# Use Kredis to get higher-level data types in Redis [https://github.com/rails/kredis]
|
36
|
+
# gem "kredis"
|
37
|
+
|
38
|
+
# Use Active Model has_secure_password [https://guides.rubyonrails.org/active_model_basics.html#securepassword]
|
39
|
+
# gem "bcrypt", "~> 3.1.7"
|
40
|
+
|
41
|
+
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
|
42
|
+
gem 'tzinfo-data', platforms: %i(windows jruby)
|
43
|
+
|
44
|
+
# Reduces boot times through caching; required in config/boot.rb
|
45
|
+
gem 'bootsnap', require: false
|
46
|
+
|
47
|
+
# Use Active Storage variants [https://guides.rubyonrails.org/active_storage_overview.html#transforming-images]
|
48
|
+
# gem "image_processing", "~> 1.2"
|
49
|
+
|
50
|
+
group :development do
|
51
|
+
# Use console on exceptions pages [https://github.com/rails/web-console]
|
52
|
+
gem 'web-console'
|
53
|
+
|
54
|
+
# Speed up commands on slow machines / big apps [https://github.com/rails/spring]
|
55
|
+
# gem "spring"
|
56
|
+
end
|
57
|
+
|
58
|
+
group :test do
|
59
|
+
# Adds support for Capybara system testing and selenium driver
|
60
|
+
gem 'capybara', '>= 3.26'
|
61
|
+
gem 'codecov', require: false
|
62
|
+
gem 'selenium-webdriver'
|
63
|
+
gem 'shoulda-matchers'
|
64
|
+
# Easy installation and use of web drivers to run system tests with browsers
|
65
|
+
gem 'webdrivers'
|
66
|
+
end
|
@@ -37,15 +37,15 @@ module Devise
|
|
37
37
|
def before_resource_initialized
|
38
38
|
return if self.class.respond_to?(:password_previously_used_count)
|
39
39
|
|
40
|
-
raise ConfigurationError,
|
40
|
+
raise ConfigurationError, <<~ERROR
|
41
41
|
|
42
|
-
|
43
|
-
|
44
|
-
|
42
|
+
The password_disallows_frequent_changes module depends on the
|
43
|
+
password_disallows_frequent_reuse module. Verify that you have
|
44
|
+
added both modules to your model, for example:
|
45
45
|
|
46
|
-
|
47
|
-
|
48
|
-
|
46
|
+
devise :database_authenticatable, :registerable,
|
47
|
+
:password_disallows_frequent_reuse,
|
48
|
+
:password_disallows_frequent_changes
|
49
49
|
ERROR
|
50
50
|
end
|
51
51
|
|
@@ -20,15 +20,15 @@ module Devise
|
|
20
20
|
def before_regular_update_initialized
|
21
21
|
return if self.class.respond_to?(:password_previously_used_count)
|
22
22
|
|
23
|
-
raise ConfigurationError,
|
23
|
+
raise ConfigurationError, <<~ERROR
|
24
24
|
|
25
|
-
|
26
|
-
|
27
|
-
|
25
|
+
The password_requires_regular_updates module depends on the
|
26
|
+
password_disallows_frequent_reuse module. Verify that you have
|
27
|
+
added both modules to your model, for example:
|
28
28
|
|
29
|
-
|
30
|
-
|
31
|
-
|
29
|
+
devise :database_authenticatable, :registerable,
|
30
|
+
:password_disallows_frequent_reuse,
|
31
|
+
:password_requires_regular_updates
|
32
32
|
ERROR
|
33
33
|
end
|
34
34
|
|
@@ -18,7 +18,7 @@ Devise.setup do |config|
|
|
18
18
|
# The number of numbers (0-9) required in a password:
|
19
19
|
# config.password_required_number_count = 1
|
20
20
|
|
21
|
-
# The number of special characters (!@#$%^&*()_+-=[]{}|') required in a password:
|
21
|
+
# The number of special characters ( !@#$%^&*()_+-=[]{}|'"/\.,`<>:;?~) required in a password:
|
22
22
|
# config.password_required_special_character_count = 1
|
23
23
|
|
24
24
|
# ==> Configuration for the Devise Secure Password extension
|
@@ -11,7 +11,7 @@ module Support
|
|
11
11
|
uppercase: characters_to_dictionary(('A'..'Z').to_a),
|
12
12
|
lowercase: characters_to_dictionary(('a'..'z').to_a),
|
13
13
|
number: characters_to_dictionary(('0'..'9').to_a),
|
14
|
-
special: characters_to_dictionary(
|
14
|
+
special: characters_to_dictionary([' ', '!', '@', '#', '$', '%', '^', '&', '*', '(', ')', '_', '+', '-', '=', '[', ']', '{', '}', '|', '"', '/', '\\', '.', ',', '`', '<', '>', ':', ';', '?', '~', "'"]),
|
15
15
|
unknown: {}
|
16
16
|
}
|
17
17
|
end
|
Binary file
|
Binary file
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: devise-secure_password
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.0
|
4
|
+
version: 2.1.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mark Eissler
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2024-06-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: devise
|
@@ -39,7 +39,7 @@ dependencies:
|
|
39
39
|
version: 5.0.0
|
40
40
|
- - "<"
|
41
41
|
- !ruby/object:Gem::Version
|
42
|
-
version:
|
42
|
+
version: 8.0.0
|
43
43
|
type: :runtime
|
44
44
|
prerelease: false
|
45
45
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -49,7 +49,7 @@ dependencies:
|
|
49
49
|
version: 5.0.0
|
50
50
|
- - "<"
|
51
51
|
- !ruby/object:Gem::Version
|
52
|
-
version:
|
52
|
+
version: 8.0.0
|
53
53
|
- !ruby/object:Gem::Dependency
|
54
54
|
name: bundler
|
55
55
|
requirement: !ruby/object:Gem::Requirement
|
@@ -154,14 +154,14 @@ dependencies:
|
|
154
154
|
requirements:
|
155
155
|
- - ">="
|
156
156
|
- !ruby/object:Gem::Version
|
157
|
-
version:
|
157
|
+
version: 6.1.0
|
158
158
|
type: :development
|
159
159
|
prerelease: false
|
160
160
|
version_requirements: !ruby/object:Gem::Requirement
|
161
161
|
requirements:
|
162
162
|
- - ">="
|
163
163
|
- !ruby/object:Gem::Version
|
164
|
-
version:
|
164
|
+
version: 6.1.0
|
165
165
|
- !ruby/object:Gem::Dependency
|
166
166
|
name: rake
|
167
167
|
requirement: !ruby/object:Gem::Requirement
|
@@ -322,14 +322,14 @@ dependencies:
|
|
322
322
|
requirements:
|
323
323
|
- - ">="
|
324
324
|
- !ruby/object:Gem::Version
|
325
|
-
version: 1.
|
325
|
+
version: 1.7.0
|
326
326
|
type: :development
|
327
327
|
prerelease: false
|
328
328
|
version_requirements: !ruby/object:Gem::Requirement
|
329
329
|
requirements:
|
330
330
|
- - ">="
|
331
331
|
- !ruby/object:Gem::Version
|
332
|
-
version: 1.
|
332
|
+
version: 1.7.0
|
333
333
|
description: Adds configurable password policy enforcement to devise.
|
334
334
|
email:
|
335
335
|
- mark.eissler@valimail.com
|
@@ -353,10 +353,8 @@ files:
|
|
353
353
|
- "./config/locales/en.yml"
|
354
354
|
- "./devise-secure_password.gemspec"
|
355
355
|
- "./docker-entrypoint.sh"
|
356
|
-
- "./gemfiles/rails_6_0.gemfile"
|
357
|
-
- "./gemfiles/rails_6_0.gemfile.lock"
|
358
356
|
- "./gemfiles/rails_6_1.gemfile"
|
359
|
-
- "./gemfiles/
|
357
|
+
- "./gemfiles/rails_7_0.gemfile"
|
360
358
|
- "./lib/devise/secure_password.rb"
|
361
359
|
- "./lib/devise/secure_password/controllers/devise_helpers.rb"
|
362
360
|
- "./lib/devise/secure_password/controllers/helpers.rb"
|
@@ -372,12 +370,13 @@ files:
|
|
372
370
|
- "./lib/generators/devise/templates/README.txt"
|
373
371
|
- "./lib/generators/devise/templates/secure_password.rb"
|
374
372
|
- "./lib/support/string/character_counter.rb"
|
375
|
-
- "./pkg/devise-secure_password-2.0.0.gem"
|
376
373
|
- "./pkg/devise-secure_password-2.0.1.gem"
|
374
|
+
- "./pkg/devise-secure_password-2.1.0.gem"
|
377
375
|
homepage: https://github.com/valimail/devise-secure_password
|
378
376
|
licenses:
|
379
377
|
- MIT
|
380
|
-
metadata:
|
378
|
+
metadata:
|
379
|
+
rubygems_mfa_required: 'true'
|
381
380
|
post_install_message:
|
382
381
|
rdoc_options: []
|
383
382
|
require_paths:
|
@@ -393,7 +392,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
393
392
|
- !ruby/object:Gem::Version
|
394
393
|
version: '0'
|
395
394
|
requirements: []
|
396
|
-
rubygems_version: 3.
|
395
|
+
rubygems_version: 3.5.9
|
397
396
|
signing_key:
|
398
397
|
specification_version: 4
|
399
398
|
summary: A devise password policy enforcement extension.
|
data/gemfiles/rails_6_0.gemfile
DELETED
@@ -1,57 +0,0 @@
|
|
1
|
-
source 'https://rubygems.org'
|
2
|
-
git_source(:github) { |repo| "https://github.com/#{repo}.git" }
|
3
|
-
|
4
|
-
ENV['RAILS_TARGET'] ||= '6.0'
|
5
|
-
|
6
|
-
gemspec path: '../'
|
7
|
-
|
8
|
-
# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
|
9
|
-
gem 'rails', '~> 6.0.3', '>= 6.0.3.6'
|
10
|
-
# Use sqlite3 as the database for Active Record
|
11
|
-
gem 'sqlite3', '~> 1.4'
|
12
|
-
# Use Puma as the app server
|
13
|
-
gem 'puma', '~> 4.1'
|
14
|
-
# Use SCSS for stylesheets
|
15
|
-
gem 'sass-rails', '>= 6'
|
16
|
-
# Transpile app-like JavaScript. Read more: https://github.com/rails/webpacker
|
17
|
-
gem 'webpacker', '~> 4.0'
|
18
|
-
# Turbolinks makes navigating your web application faster. Read more: https://github.com/turbolinks/turbolinks
|
19
|
-
gem 'turbolinks', '~> 5'
|
20
|
-
# Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
|
21
|
-
gem 'jbuilder', '~> 2.7'
|
22
|
-
# Use Redis adapter to run Action Cable in production
|
23
|
-
# gem 'redis', '~> 4.0'
|
24
|
-
# Use Active Model has_secure_password
|
25
|
-
# gem 'bcrypt', '~> 3.1.7'
|
26
|
-
|
27
|
-
# Use Active Storage variant
|
28
|
-
# gem 'image_processing', '~> 1.2'
|
29
|
-
|
30
|
-
# Reduces boot times through caching; required in config/boot.rb
|
31
|
-
gem 'bootsnap', '>= 1.4.2', require: false
|
32
|
-
|
33
|
-
group :development, :test do
|
34
|
-
# Call 'byebug' anywhere in the code to stop execution and get a debugger console
|
35
|
-
gem 'byebug', platforms: %i(mri mingw x64_mingw)
|
36
|
-
end
|
37
|
-
|
38
|
-
group :development do
|
39
|
-
# Access an interactive console on exception pages or by calling 'console' anywhere in the code.
|
40
|
-
gem 'listen', '~> 3.2'
|
41
|
-
gem 'web-console', '>= 3.3.0'
|
42
|
-
end
|
43
|
-
|
44
|
-
group :test do
|
45
|
-
# Adds support for Capybara system testing and selenium driver
|
46
|
-
gem 'capybara', '>= 2.15'
|
47
|
-
gem 'codecov', require: false
|
48
|
-
gem 'selenium-webdriver'
|
49
|
-
gem 'shoulda-matchers'
|
50
|
-
# Easy installation and use of web drivers to run system tests with browsers
|
51
|
-
gem 'webdrivers'
|
52
|
-
end
|
53
|
-
|
54
|
-
# Windows does not include zoneinfo files, so bundle the tzinfo-data gem
|
55
|
-
gem 'tzinfo-data', platforms: %i(mingw mswin x64_mingw jruby)
|
56
|
-
|
57
|
-
gem 'webrick', '~> 1.7'
|