devise-security 0.11.1 → 0.12.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (69) hide show
  1. checksums.yaml +5 -5
  2. data/.circleci/config.yml +41 -0
  3. data/.gitignore +1 -0
  4. data/.rubocop.yml +22 -2
  5. data/.ruby-version +1 -1
  6. data/.travis.yml +15 -3
  7. data/Appraisals +19 -0
  8. data/Gemfile +1 -0
  9. data/README.md +15 -10
  10. data/Rakefile +3 -1
  11. data/app/controllers/devise/paranoid_verification_code_controller.rb +1 -1
  12. data/app/controllers/devise/password_expired_controller.rb +1 -1
  13. data/app/views/devise/paranoid_verification_code/show.html.erb +2 -2
  14. data/app/views/devise/password_expired/show.html.erb +5 -5
  15. data/config/locales/de.yml +7 -7
  16. data/config/locales/en.yml +8 -8
  17. data/config/locales/es.yml +8 -8
  18. data/devise-security.gemspec +12 -6
  19. data/gemfiles/rails_4.1_stable.gemfile +8 -0
  20. data/gemfiles/rails_4.2_stable.gemfile +8 -0
  21. data/gemfiles/rails_5.0_stable.gemfile +8 -0
  22. data/gemfiles/rails_5.1_stable.gemfile +8 -0
  23. data/gemfiles/rails_5.2_rc1.gemfile +8 -0
  24. data/lib/devise-security/controllers/helpers.rb +2 -2
  25. data/lib/devise-security/hooks/session_limitable.rb +3 -3
  26. data/lib/devise-security/models/compatibility.rb +22 -0
  27. data/lib/devise-security/models/expirable.rb +13 -13
  28. data/lib/devise-security/models/old_password.rb +1 -1
  29. data/lib/devise-security/models/paranoid_verification.rb +5 -2
  30. data/lib/devise-security/models/password_archivable.rb +34 -38
  31. data/lib/devise-security/models/password_expirable.rb +1 -1
  32. data/lib/devise-security/models/secure_validatable.rb +16 -14
  33. data/lib/devise-security/models/security_questionable.rb +1 -2
  34. data/lib/devise-security/models/session_limitable.rb +3 -3
  35. data/lib/devise-security/orm/active_record.rb +1 -3
  36. data/lib/devise-security/patches/confirmations_controller_captcha.rb +2 -2
  37. data/lib/devise-security/patches/confirmations_controller_security_question.rb +2 -2
  38. data/lib/devise-security/patches/passwords_controller_captcha.rb +2 -2
  39. data/lib/devise-security/patches/passwords_controller_security_question.rb +2 -2
  40. data/lib/devise-security/patches/registrations_controller_captcha.rb +2 -2
  41. data/lib/devise-security/patches/sessions_controller_captcha.rb +3 -3
  42. data/lib/devise-security/patches/unlocks_controller_captcha.rb +2 -2
  43. data/lib/devise-security/patches/unlocks_controller_security_question.rb +2 -2
  44. data/lib/devise-security/rails.rb +2 -2
  45. data/lib/devise-security/routes.rb +2 -3
  46. data/lib/devise-security/schema.rb +11 -6
  47. data/lib/devise-security/version.rb +1 -1
  48. data/test/dummy/app/models/application_record.rb +3 -0
  49. data/test/dummy/app/models/captcha_user.rb +1 -1
  50. data/test/dummy/app/models/security_question_user.rb +2 -3
  51. data/test/dummy/app/models/user.rb +21 -4
  52. data/test/dummy/app/models/widget.rb +4 -0
  53. data/test/dummy/config/environments/test.rb +10 -2
  54. data/test/dummy/config/initializers/devise.rb +1 -0
  55. data/test/dummy/config/secrets.yml +1 -2
  56. data/test/dummy/db/migrate/20120508165529_create_tables.rb +9 -3
  57. data/test/dummy/db/migrate/20180318103603_add_expireable_columns.rb +6 -0
  58. data/test/dummy/db/migrate/20180318105329_add_confirmable_columns.rb +8 -0
  59. data/test/dummy/db/migrate/20180318105732_add_rememberable_columns.rb +5 -0
  60. data/test/dummy/db/migrate/20180318111336_add_recoverable_columns.rb +6 -0
  61. data/test/dummy/db/migrate/20180319114023_add_widget.rb +8 -0
  62. data/test/test_captcha_controller.rb +13 -13
  63. data/test/test_helper.rb +7 -0
  64. data/test/test_paranoid_verification.rb +2 -2
  65. data/test/test_password_archivable.rb +27 -13
  66. data/test/test_password_expirable.rb +2 -2
  67. data/test/test_password_expired_controller.rb +25 -10
  68. data/test/test_security_question_controller.rb +45 -21
  69. metadata +90 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 34e1123d37456a09b6554cde544c4e49c796447f
4
- data.tar.gz: d3cc451de684f054e4404e9ce3d8a7a47ccc9b46
2
+ SHA256:
3
+ metadata.gz: 4ccd3b9a01ec2f531013bbed8d14cbf3131f2630d2c2d1a56d119268f1aa696c
4
+ data.tar.gz: f9305b860b267fd4f49dc724864d1d822c1e4d0f952be56f78d02d1c6b1a1b3c
5
5
  SHA512:
6
- metadata.gz: 8f5c352c7234af43ab916d1b741799460289e96c843f9d90696f7bd8c2cc7b709009fbaf35ff61e99886c646941e2c186db43988f3ed64915ea7e80e491738a9
7
- data.tar.gz: bcfff1037167e404e0998a225115713443675adfff7c3c13fa77a75611106286c1b33654ee3ec69280db693cbc4d234fa9b209377a8d1b38bd0441888ab98df3
6
+ metadata.gz: f176d4afaee6b712cc7fa83c234cca6f286729f8a03660c33d10cf5cd363f49f70e56440f3e9e960f275ef4f7b2a846f60984af73e46e55f73266b431314cee1
7
+ data.tar.gz: 00e810e6e1c6c1845cc67d534206378c111499f09bb849a8d4129b20bc4c52a89b9261cfaf07ec7bb243995cc016f50f26c99eba29a9c1c148b3d9ec8b6632c5
@@ -0,0 +1,41 @@
1
+ # Ruby CircleCI 2.0 configuration file
2
+ #
3
+ # Check https://circleci.com/docs/2.0/language-ruby/ for more details
4
+ #
5
+ version: 2
6
+ jobs:
7
+ build:
8
+ docker:
9
+ # specify the version you desire here
10
+ - image: circleci/ruby:2.4.1-node-browsers
11
+
12
+ # Specify service dependencies here if necessary
13
+ # CircleCI maintains a library of pre-built images
14
+ # documented at https://circleci.com/docs/2.0/circleci-images/
15
+ # - image: circleci/postgres:9.4
16
+
17
+ working_directory: ~/repo
18
+
19
+ steps:
20
+ - checkout
21
+
22
+ # Download and cache dependencies
23
+ - restore_cache:
24
+ keys:
25
+ # fallback to using the latest cache if no exact match is found
26
+ - v1-dependencies-
27
+
28
+ - run:
29
+ name: install dependencies
30
+ command: |
31
+ bundle install --jobs=4 --retry=3 --path vendor/bundle
32
+
33
+ - save_cache:
34
+ paths:
35
+ - ./vendor/bundle
36
+ key: v1-dependencies-{{ checksum "Gemfile.lock" }}
37
+
38
+ # run tests!
39
+ - run:
40
+ name: run tests
41
+ command: bundle exec rake
data/.gitignore CHANGED
@@ -37,3 +37,4 @@ log
37
37
  test/tmp/*
38
38
  *.gem
39
39
  Gemfile.lock
40
+ *.lock
data/.rubocop.yml CHANGED
@@ -1,5 +1,5 @@
1
1
  AllCops:
2
- TargetRubyVersion: 2.2
2
+ TargetRubyVersion: 2.3
3
3
  Include:
4
4
  - '**/Rakefile'
5
5
  - '**/config.ru'
@@ -20,9 +20,29 @@ Rails:
20
20
  Metrics/MethodLength:
21
21
  Enabled: false
22
22
 
23
+ Metrics/LineLength:
24
+ Max: 100
25
+
26
+ Naming/FileName:
27
+ Exclude: ["devise-security.gemspec"]
28
+
29
+ Style/ClassAndModuleChildren:
30
+ EnforcedStyle: compact
31
+ SupportedStyles:
32
+ - nested
33
+ - compact
34
+
35
+ Style/HashSyntax:
36
+ EnforcedStyle: ruby19
37
+
38
+ Style/SymbolArray:
39
+ EnforcedStyle: brackets
40
+
23
41
  # Trailing commas make for clearer diffs because the last line won't appear
24
42
  # to have been changed, as it would if it lacked a comma and had one added.
25
- Style/TrailingCommaInLiteral:
43
+ Style/TrailingCommaInArrayLiteral:
44
+ EnforcedStyleForMultiline: comma
45
+ Style/TrailingCommaInHashLiteral:
26
46
  EnforcedStyleForMultiline: comma
27
47
  Style/TrailingCommaInArguments:
28
48
  EnforcedStyleForMultiline: comma
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- 2.2.8
1
+ 2.2.9
data/.travis.yml CHANGED
@@ -4,10 +4,22 @@ install: bundle install --jobs=3 --retry=3
4
4
  before_script: bundle install
5
5
  script: bundle exec rake
6
6
  rvm:
7
- - 2.2.8
8
- - 2.3.5
9
- - 2.4.2
7
+ - 2.2.9
8
+ - 2.3.6
9
+ - 2.4.3
10
+ - 2.5.0
10
11
  - ruby-head
11
12
  matrix:
12
13
  allow_failures:
13
14
  - rvm: ruby-head
15
+ - gemfile: gemfiles/rails_5.2_rc1.gemfile
16
+ - rvm: 2.4.3
17
+ gemfile: gemfiles/rails_4.1_stable.gemfile
18
+ - rvm: 2.5.0
19
+ gemfile: gemfiles/rails_4.1_stable.gemfile
20
+ gemfile:
21
+ - gemfiles/rails_4.1_stable.gemfile
22
+ - gemfiles/rails_4.2_stable.gemfile
23
+ - gemfiles/rails_5.0_stable.gemfile
24
+ - gemfiles/rails_5.1_stable.gemfile
25
+ - gemfiles/rails_5.2_rc1.gemfile
data/Appraisals ADDED
@@ -0,0 +1,19 @@
1
+ appraise 'rails-4.1-stable' do
2
+ gem 'rails', '~> 4.1.0'
3
+ end
4
+
5
+ appraise 'rails-4.2-stable' do
6
+ gem 'rails', '~> 4.2.0'
7
+ end
8
+
9
+ appraise 'rails-5.0-stable' do
10
+ gem 'rails', '~> 5.0.0'
11
+ end
12
+
13
+ appraise 'rails-5.1-stable' do
14
+ gem 'rails', '~> 5.1.0'
15
+ end
16
+
17
+ appraise 'rails-5.2-rc1' do
18
+ gem 'rails', '~> 5.2.0.rc1'
19
+ end
data/Gemfile CHANGED
@@ -1,2 +1,3 @@
1
1
  source "https://rubygems.org"
2
2
  gemspec
3
+ gem 'omniauth'
data/README.md CHANGED
@@ -1,12 +1,14 @@
1
1
  # Devise Security
2
2
 
3
3
  [![Build Status](https://travis-ci.org/devise-security/devise-security.svg?branch=master)](https://travis-ci.org/devise-security/devise-security)
4
+ [![Coverage Status](https://coveralls.io/repos/github/devise-security/devise-security/badge.svg?branch=master)](https://coveralls.io/github/devise-security/devise-security?branch=master)
5
+ [![Maintainability](https://api.codeclimate.com/v1/badges/ace7cd003a0db8bffa5a/maintainability)](https://codeclimate.com/github/devise-security/devise-security/maintainability)
4
6
 
5
7
  A [Devise](https://github.com/plataformatec/devise) extension to add additional security features required by modern web applications. Forked from [Devise Security Extension](https://github.com/phatworx/devise_security_extension)
6
8
 
7
9
  It is composed of 7 additional Devise modules:
8
10
 
9
- * `:password_expirable` - passwords will expire after a configured time (and will need an update). You will most likely want to use `:password_expirable` together with the `:password_archivable` module to [prevent the current expired password being reused](https://github.com/phatworx/devise-security/issues/175) immediately as the new password.
11
+ * `:password_expirable` - passwords will expire after a configured time (and will need an update). You will most likely want to use `:password_expirable` together with the `:password_archivable` module to [prevent the current expired password being reused](https://github.com/phatworx/devise_security_extension/issues/175) immediately as the new password.
10
12
  * `:secure_validatable` - better way to validate a model (email, stronger password validation). Don't use with Devise `:validatable` module!
11
13
  * `:password_archivable` - save used passwords in an `old_passwords` table for history checks (don't be able to use a formerly used password)
12
14
  * `:session_limitable` - ensures, that there is only one session usable per account at once
@@ -22,7 +24,7 @@ Configuration and database schema for each module below.
22
24
 
23
25
  ## Getting started
24
26
 
25
- Devise Security works with Devise on Rails 3.2 onwards. You can add it to your Gemfile after you successfully set up Devise (see [Devise documentation](https://github.com/plataformatec/devise)) with:
27
+ Devise Security works with Devise on Rails 4.1 onwards. You can add it to your Gemfile after you successfully set up Devise (see [Devise documentation](https://github.com/plataformatec/devise)) with:
26
28
 
27
29
  ```ruby
28
30
  gem 'devise-security'
@@ -120,6 +122,8 @@ rails generate easy_captcha:install
120
122
 
121
123
  ## Schema
122
124
 
125
+ Note: Unlike Devise, devise-security does not currently support mongoid. Pull requests are welcome!
126
+
123
127
  ### Password expirable
124
128
  ```ruby
125
129
  create_table :the_resources do |t|
@@ -133,12 +137,13 @@ add_index :the_resources, :password_changed_at
133
137
  ### Password archivable
134
138
  ```ruby
135
139
  create_table :old_passwords do |t|
136
- t.string :encrypted_password, :null => false
137
- t.string :password_archivable_type, :null => false
138
- t.integer :password_archivable_id, :null => false
140
+ t.string :encrypted_password, null: false
141
+ t.string :password_archivable_type, null: false
142
+ t.integer :password_archivable_id, null: false
143
+ t.string :password_salt # Optional. bcrypt stores the salt in the encrypted password field so this column may not be necessary.
139
144
  t.datetime :created_at
140
145
  end
141
- add_index :old_passwords, [:password_archivable_type, :password_archivable_id], :name => :index_password_archivable
146
+ add_index :old_passwords, [:password_archivable_type, :password_archivable_id], name: :index_password_archivable
142
147
  ```
143
148
 
144
149
  ### Session limitable
@@ -146,7 +151,7 @@ add_index :old_passwords, [:password_archivable_type, :password_archivable_id],
146
151
  create_table :the_resources do |t|
147
152
  # other devise fields
148
153
 
149
- t.string :unique_session_id, :limit => 20
154
+ t.string :unique_session_id, limit: 20
150
155
  end
151
156
  ```
152
157
 
@@ -189,8 +194,8 @@ end
189
194
 
190
195
  ```ruby
191
196
  create_table :security_questions do |t|
192
- t.string :locale, :null => false
193
- t.string :name, :null => false
197
+ t.string :locale, null: false
198
+ t.string :name, null: false
194
199
  end
195
200
 
196
201
  SecurityQuestion.create! locale: :de, name: 'Wie lautet der Geburstname Ihrer Mutter?'
@@ -222,7 +227,7 @@ end
222
227
  ## Requirements
223
228
 
224
229
  * Devise (https://github.com/plataformatec/devise)
225
- * Rails 3.2 onwards (http://github.com/rails/rails)
230
+ * Rails 4.1 onwards (http://github.com/rails/rails)
226
231
  * recommendations:
227
232
  * `autocomplete-off` (http://github.com/phatworx/autocomplete-off)
228
233
  * `easy_captcha` (http://github.com/phatworx/easy_captcha)
data/Rakefile CHANGED
@@ -1,4 +1,6 @@
1
- $:.unshift File.join(File.dirname(__FILE__), 'lib')
1
+ # frozen_string_literal: true
2
+
3
+ $LOAD_PATH.unshift File.join(File.dirname(__FILE__), 'lib')
2
4
  require 'rubygems'
3
5
  require 'bundler'
4
6
  require 'rake/testtask'
@@ -1,6 +1,6 @@
1
1
  class Devise::ParanoidVerificationCodeController < DeviseController
2
2
  skip_before_action :handle_paranoid_verification
3
- prepend_before_action :authenticate_scope!, :only => [:show, :update]
3
+ prepend_before_action :authenticate_scope!, only: [:show, :update]
4
4
 
5
5
  def show
6
6
  if !resource.nil? && resource.need_paranoid_verification?
@@ -1,7 +1,7 @@
1
1
  class Devise::PasswordExpiredController < DeviseController
2
2
  skip_before_action :handle_password_change
3
3
  before_action :skip_password_change, only: [:show, :update]
4
- prepend_before_action :authenticate_scope!, :only => [:show, :update]
4
+ prepend_before_action :authenticate_scope!, only: [:show, :update]
5
5
 
6
6
  def show
7
7
  respond_with(resource)
@@ -1,10 +1,10 @@
1
1
  <h2>Submit verification code</h2>
2
2
 
3
- <%= form_for(resource, :as => resource_name, :url => [resource_name, :paranoid_verification_code], :html => { :method => :put }) do |f| %>
3
+ <%= form_for(resource, as: resource_name, url: [resource_name, :paranoid_verification_code], html: { method: :put }) do |f| %>
4
4
  <%= devise_error_messages! %>
5
5
 
6
6
  <p><%= f.label :paranoid_verification_code, 'Verification code' %><br />
7
7
  <%= f.text_field :paranoid_verification_code, value: '' %></p>
8
8
 
9
- <p><%= f.submit "Submit" %></p>
9
+ <p><%= f.submit 'Submit' %></p>
10
10
  <% end %>
@@ -1,16 +1,16 @@
1
1
  <h2>Renew your password</h2>
2
2
 
3
- <%= form_for(resource, :as => resource_name, :url => [resource_name, :password_expired], :html => { :method => :put }) do |f| %>
3
+ <%= form_for(resource, as: resource_name, url: [resource_name, :password_expired], html: { method: :put }) do |f| %>
4
4
  <%= devise_error_messages! %>
5
5
 
6
- <p><%= f.label :current_password, "Current password" %><br />
6
+ <p><%= f.label :current_password, 'Current password' %><br />
7
7
  <%= f.password_field :current_password %></p>
8
8
 
9
- <p><%= f.label :password, "New password" %><br />
9
+ <p><%= f.label :password, 'New password' %><br />
10
10
  <%= f.password_field :password %></p>
11
11
 
12
- <p><%= f.label :password_confirmation, "Confirm new password" %><br />
12
+ <p><%= f.label :password_confirmation, 'Confirm new password' %><br />
13
13
  <%= f.password_field :password_confirmation %></p>
14
14
 
15
- <p><%= f.submit "Change my password" %></p>
15
+ <p><%= f.submit 'Change my password' %></p>
16
16
  <% end %>
@@ -1,16 +1,16 @@
1
1
  de:
2
2
  errors:
3
3
  messages:
4
- taken_in_past: "wurde bereits in der Vergangenheit verwendet!"
5
- equal_to_current_password: "darf nicht dem aktuellen Passwort entsprechen!"
6
- password_format: "müssen große, kleine Buchstaben und Ziffern enthalten"
4
+ taken_in_past: 'wurde bereits in der Vergangenheit verwendet!'
5
+ equal_to_current_password: 'darf nicht dem aktuellen Passwort entsprechen!'
6
+ password_format: 'müssen große, kleine Buchstaben und Ziffern enthalten'
7
7
  devise:
8
- invalid_captcha: "Die Captchaeingabe ist nicht gültig!"
8
+ invalid_captcha: 'Die Captchaeingabe ist nicht gültig!'
9
9
  paranoid_verify:
10
- code_required: "Bitte geben Sie den Code unser Support-Team zur Verfügung gestellt"
10
+ code_required: 'Bitte geben Sie den Code unser Support-Team zur Verfügung gestellt'
11
11
  password_expired:
12
- updated: "Das neue Passwort wurde übernommen."
13
- change_required: "Ihr Passwort ist abgelaufen. Bitte vergeben sie ein neues Passwort!"
12
+ updated: 'Das neue Passwort wurde übernommen.'
13
+ change_required: 'Ihr Passwort ist abgelaufen. Bitte vergeben sie ein neues Passwort!'
14
14
  failure:
15
15
  session_limited: 'Ihre Anmeldedaten wurden in einem anderen Browser genutzt. Bitte melden Sie sich erneut an, um in diesem Browser fortzufahren.'
16
16
  expired: 'Ihr Account ist aufgrund zu langer Inaktiviät abgelaufen. Bitte kontaktieren Sie den Administrator.'
@@ -1,17 +1,17 @@
1
1
  en:
2
2
  errors:
3
3
  messages:
4
- taken_in_past: "was used previously."
5
- equal_to_current_password: "must be different than the current password."
6
- password_format: "must contain big, small letters and digits"
4
+ taken_in_past: 'was used previously.'
5
+ equal_to_current_password: 'must be different than the current password.'
6
+ password_format: 'must contain big, small letters and digits'
7
7
  devise:
8
- invalid_captcha: "The captcha input was invalid."
9
- invalid_security_question: "The security question answer was invalid."
8
+ invalid_captcha: 'The captcha input was invalid.'
9
+ invalid_security_question: 'The security question answer was invalid.'
10
10
  paranoid_verify:
11
- code_required: "Please enter the code our support team provided"
11
+ code_required: 'Please enter the code our support team provided'
12
12
  password_expired:
13
- updated: "Your new password is saved."
14
- change_required: "Your password is expired. Please renew your password."
13
+ updated: 'Your new password is saved.'
14
+ change_required: 'Your password is expired. Please renew your password.'
15
15
  failure:
16
16
  session_limited: 'Your login credentials were used in another browser. Please sign in again to continue in this browser.'
17
17
  expired: 'Your account has expired due to inactivity. Please contact the site administrator.'
@@ -1,17 +1,17 @@
1
1
  es:
2
2
  errors:
3
3
  messages:
4
- taken_in_past: "la contraseña fue usada previamente, favor elegir otra."
5
- equal_to_current_password: "tiene que ser diferente a la contraseña actual."
6
- password_format: "tiene que contener mayúsculas, minúsculas y digitos "
4
+ taken_in_past: 'la contraseña fue usada previamente, favor elegir otra.'
5
+ equal_to_current_password: 'tiene que ser diferente a la contraseña actual.'
6
+ password_format: 'tiene que contener mayúsculas, minúsculas y digitos '
7
7
  devise:
8
- invalid_captcha: "El captcha ingresado es inválido."
9
- invalid_security_question: "La respuesta a la pregunta de suguridad fue incorrecta."
8
+ invalid_captcha: 'El captcha ingresado es inválido.'
9
+ invalid_security_question: 'La respuesta a la pregunta de suguridad fue incorrecta.'
10
10
  paranoid_verify:
11
- code_required: "Por favor ingrese el código provisto por nuestro equipo de soporte"
11
+ code_required: 'Por favor ingrese el código provisto por nuestro equipo de soporte'
12
12
  password_expired:
13
- updated: "Su nueva contraña ha sido guardada."
14
- change_required: "Su contraña ha expirado. Por favor renueve su contraseña."
13
+ updated: 'Su nueva contraña ha sido guardada.'
14
+ change_required: 'Su contraña ha expirado. Por favor renueve su contraseña.'
15
15
  failure:
16
16
  session_limited: 'Sus credenciales de inicio de sesión fueron usadas en otro navegador. Por favor inicie sesión nuevamente para continuar en éste navegador.'
17
17
  expired: 'Su cuenta ha expirado debido a inactividad. Por favor contacte al administrador de la aplicación.'
@@ -1,5 +1,7 @@
1
1
  # -*- encoding: utf-8 -*-
2
- $LOAD_PATH.unshift(File.expand_path('../lib', __FILE__))
2
+ # frozen_string_literal: true
3
+
4
+ $LOAD_PATH.push File.expand_path('../lib', __FILE__)
3
5
  require 'devise-security/version'
4
6
 
5
7
  Gem::Specification.new do |s|
@@ -10,7 +12,7 @@ Gem::Specification.new do |s|
10
12
  s.summary = 'Security extension for devise'
11
13
  s.email = 'natebird@gmail.com'
12
14
  s.homepage = 'https://github.com/devise-security/devise-security'
13
- s.description = 'An enterprise security extension for devise, trying to meet industrial standard security demands for web applications.'
15
+ s.description = 'An enterprise security extension for devise.'
14
16
  s.authors = [
15
17
  'Marco Scholl', 'Alexander Dreher', 'Nate Bird', 'Dillon Welch'
16
18
  ]
@@ -18,20 +20,24 @@ Gem::Specification.new do |s|
18
20
  s.files = `git ls-files`.split("\n")
19
21
  s.test_files = `git ls-files -- test/*`.split("\n")
20
22
  s.require_paths = ['lib']
21
- s.required_ruby_version = '>= 2.2.2'
23
+ s.required_ruby_version = '>= 2.2.9'
22
24
 
23
25
  if RUBY_VERSION >= '2.4'
24
- s.add_runtime_dependency 'rails', '>= 4.2.8', '< 6.0'
26
+ s.add_runtime_dependency 'rails', '>= 4.1.0', '< 6.0'
25
27
  else
26
- s.add_runtime_dependency 'railties', '>= 3.2.6', '< 6.0'
28
+ s.add_runtime_dependency 'railties', '>= 4.1.0', '< 6.0'
27
29
  end
28
30
  s.add_runtime_dependency 'devise', '>= 4.2.0', '< 5.0'
29
31
 
32
+ s.add_development_dependency 'appraisal'
30
33
  s.add_development_dependency 'bundler', '>= 1.3.0', '< 2.0'
31
34
  s.add_development_dependency 'coveralls', '~> 0.8'
32
35
  s.add_development_dependency 'easy_captcha', '~> 0'
33
36
  s.add_development_dependency 'm'
34
- s.add_development_dependency 'minitest', '~> 5.0'
37
+ s.add_development_dependency 'minitest', '5.10.3' # see https://github.com/seattlerb/minitest/issues/730
38
+ s.add_development_dependency 'pry-byebug'
39
+ s.add_development_dependency 'pry-rescue'
40
+ s.add_development_dependency 'pry'
35
41
  s.add_development_dependency 'rails_email_validator', '~> 0'
36
42
  s.add_development_dependency 'rubocop', '~> 0'
37
43
  s.add_development_dependency 'sqlite3', '~> 1.3', '>= 1.3.10'
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "omniauth"
6
+ gem "rails", "~> 4.1.0"
7
+
8
+ gemspec path: "../"
@@ -0,0 +1,8 @@
1
+ # This file was generated by Appraisal
2
+
3
+ source "https://rubygems.org"
4
+
5
+ gem "omniauth"
6
+ gem "rails", "~> 4.2.0"
7
+
8
+ gemspec path: "../"