devise_revocable_session 0.1.4 → 0.1.6

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f121d19ea59cbf8337a25cc083d8a408c6aec671d6f55f34bf2302386abe64ce
-  data.tar.gz: 274c68241060e072ac0b49f2adcb0dff13d3728066ea7281c38a5b00b2e77f52
+  metadata.gz: 5b7209edf540e2961cce60a3d781de9e60b2b5d057cb52b176f503c1a8016df3
+  data.tar.gz: 5679f680c85705d06ec77814e62e9596abb97d8a067ded5d596c6424a98ac880
 SHA512:
-  metadata.gz: '06992900b962228b692e2502366c101f06daf873a324c306ea2325c5204e5714bd3da5c7e7d282f100462133ff60a12c508e3c96f7a4c580f7dc614fa0272b50'
-  data.tar.gz: 7d8bf87dbf7a9e76bdbdd43a92739b4ca70587e243e56e33755b8a5891d6504b763532da61b0cf00aeb8924984f2b3ba429c02cfaea9792128381f073a8086e3
+  metadata.gz: a6180589c5d4ac5317619ae7dc5286b9652cda3f35cac2a276ad85722b76b08858c667664e1b84d035bd753f78b1829ce68ab42f41633cf19c56063a69cab732
+  data.tar.gz: '084174bdc4bd370dd65ce3720908bf38ecdb48ebdb0413070df6772c5856a7b0ebf0b689bc73d25f36ec584a47195c0355bb0ebc4943f728403d719307a9403c'

data/.github/issue_template.md

@@ -0,0 +1,21 @@
+<!--
+Your audience for this issue description is **other engineers**. Help them understand the technical requirements, questions, etc involved.
+-->
+
+## What's the issue?
+
+<!--
+What is wrong, or what is the reason you're making this issue? Is there a bug, general question, just want a reminder note of something, etc?
+-->
+
+## Related URLs
+
+<!--
+Links to bug tickets, user stories, or other merge requests.
+-->
+
+## Anything else people should know?
+
+<!--
+What else should readers of this issue know?  If there's a bug, how do you reproduce it and what is the expected behavior? If it's a feature request, what other solutions have you considered? Do you have any suggestions for how else to fix this issue?
+-->

data/.github/pull_request_template.md

@@ -0,0 +1,47 @@
+<!--
+Your audience for this merge request description is **code reviewers**. Help them understand the technical implications involved in this change. The JIRA ticket should outline the user-facing details.
+
+Remember that Product and QA teams may have other test cases, verifications, and requirements associated with this change. Your Verification and QA plan should be directed towards Code Reviewers.
+-->
+
+## What and Why
+
+<!--
+What are you changing? Describe impact and scope. Why is this being changed? Provide some context that may help future developers understand the reasoning behind these changes. Quote and/or link to requirements, keeping in mind that JIRA links may not be available in the future.
+-->
+
+## Deploy Plan
+
+<!--
+Is there anything special about this deploy? Are migrations present? Are there other merge requests that need to be shipped before this one? Are there any manual steps required, such as data migrations, search reindexes, etc?
+-->
+
+## Rollback Plan
+
+<!--
+Is there anything special about this rollback plan? Does this merge request anything that may need to be cleaned up manually (data migrations, search reindexes, etc)? Are there other associated merge requests that would also need to be reverted?
+-->
+
+To roll back this change, revert the merge with: `git revert -m 1 MERGE_SHA` and perform another deploy.
+
+## Related URLs
+
+<!--
+Links to bug tickets, user stories, or other merge requests.
+-->
+
+## Verification and QA Plan
+
+<!--
+Fill in scenarios below in checklist format and complete them before merging. Evaluate the risk level and label this merge request or indicate risk in this description. Ensure the Verification and QA Plan matches the risk level appropriately.
+
+Consider these topics:
+* regressions (did we break something else related to this change?)
+* edge cases (weird scenarios we don't immediately think of, but could occur)
+* happy path (testing the new feature directly)
+* data model changes
+  * data elements to add or remove from indexes
+  * changes in data models requiring migrations to be performed
+-->
+
+- [ ] Example scenario

data/.github/workflows/gitleaks.toml

@@ -0,0 +1,8 @@
+[allowlist]
+description = 'A list of commits and secrets to skip when scanning for secrets'
+commits = [
+  'ExampleCommit'
+]
+regexes = [
+  'ExampleSecret'
+]

data/.github/workflows/scheduled.yml

@@ -0,0 +1,29 @@
+name: Scheduled
+on:
+  schedule:
+    - cron: "0 4 * * 1" # 4am UTC on Mondays (10pm/11pm CT on Sundays)
+
+jobs:
+  bundler-audit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - uses: ruby/setup-ruby@v1
+      with:
+        bundler-cache: true
+    - run: |
+        gem install bundler-audit
+        bundler-audit update
+        bundler-audit
+  bundle-outdated:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - uses: ruby/setup-ruby@v1
+      with:
+        bundler-cache: true
+    - run: bundle outdated --strict

data/.github/workflows/test.yml

@@ -0,0 +1,50 @@
+name: Test
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+env:
+  GITLEAKS_VERSION: v8.13.0
+
+jobs:
+  pronto:
+    if: github.EVENT_NAME == 'pull_request'
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - uses: HeRoMo/pronto-action@v1.32.0
+      with:
+        github_token: ${{ secrets.GITHUB_TOKEN }}
+  gitleaks:
+    if: github.EVENT_NAME == 'pull_request'
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        fetch-depth: 0
+    - run: |
+        curl -H "Accept: application/vnd.github.v3.raw" \
+          -L "https://api.github.com/repos/zricethezav/gitleaks/contents/config/gitleaks.toml?ref=${{ env.GITLEAKS_VERSION }}" \
+          >> ${{ github.WORKSPACE }}/.github/workflows/original.toml
+        sed "/\[allowlist\]/,/^$/d" ${{ github.WORKSPACE }}/.github/workflows/original.toml >> ${{ github.WORKSPACE }}/.github/workflows/official.toml
+        cat .github/workflows/gitleaks.toml >> .github/workflows/official.toml
+        if [[ ${{ github.REF }} == 'refs/heads/main' ]]; then
+          CURRENT_COMMIT="${{ github.SHA }}"
+        else
+          CURRENT_COMMIT="${{ github.EVENT.PULL_REQUEST.HEAD.SHA }}"
+        fi
+        echo "LOG_OPTS='^origin/main $CURRENT_COMMIT'" >> $GITHUB_ENV
+    - uses: addnab/docker-run-action@v3
+      with:
+        image: zricethezav/gitleaks:${{ env.GITLEAKS_VERSION }}
+        options: -v ${{ github.WORKSPACE }}:/app
+        run: |
+          cd /app
+          git config --global --add safe.directory /app
+          gitleaks detect --verbose --source='./' \
+            --config='.github/workflows/official.toml' \
+            --log-opts=${{ env.LOG_OPTS }}

data/.rubocop.yml

@@ -0,0 +1,48 @@
+AllCops:
+  NewCops: enable
+  SuggestExtensions: false
+  TargetRubyVersion: 3.1
+  Exclude:
+    - vendor/**/*
+
+Gemspec/RequiredRubyVersion:
+  Enabled: false
+
+Gemspec/RequireMFA:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Layout/LineLength:
+  Exclude:
+    - spec/**/*
+
+Lint/EmptyClass:
+  Enabled: false
+
+Lint/EmptyBlock:
+  Enabled: false
+
+Lint/MissingSuper:
+  Enabled: false
+
+Metrics/BlockLength:
+  Enabled: true
+  Exclude:
+    - spec/**/*
+    - ninny.gemspec
+
+Metrics/MethodLength:
+  Max: 15
+
+Style/AccessModifierDeclarations:
+  EnforcedStyle: inline
+
+Style/BlockDelimiters:
+  Enabled: true
+  Exclude:
+    - spec/**/*
+
+Style/OptionalBooleanParameter:
+  Enabled: false

data/.ruby_version

@@ -0,0 +1 @@
+3.1.2

data/LICENSE.txt

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Dispatch
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -2,7 +2,7 @@
 
 A module for devise to revoke sessions.
 
-This is borrowed heavily from: https://github.com/mkhairi/devise_revocable and https://www.jonathanleighton.com/articles/2013/revocable-sessions-with-devise/
+This is borrowed heavily from: https://github.com/mkhairi/devise_revocable and https://www.jonathanleighton.com/articles/2013/revocable-sessions-with-devise/.
 
 ## Installation
 
@@ -14,26 +14,57 @@ gem 'devise_revocable_session'
 
 And then execute:
 
-    $ bundle
+```bash
+$ bundle install
+```
 
 Or install it yourself as:
 
-    $ gem install devise_revocable_session
+```bash
+$ gem install devise_revocable_session
+```
 
 ## Usage
 
 Install using the generator
 
-    $ rails g devise_revocable_sessions
+```bash
+$ rails g devise_revocable_sessions
+```
+
+Add `:revocable_session` to your model's devise declaration.
+
+## Development
 
+### Making Changes
 
-Add `:revocable_session` to your model's devise declaration
+1. Clone or fork the repository
+2. Create a feature branch for your changes
+3. Run `bundle install`
+4. Make your changes
+6. Test the gem locally
+    * Run `gem build *.gemspec` to build the gem locally
+    * Run `gem install --local devise_revocable_session-X.X.X.gem` to install the gem locally
+7. Make a pull request back to this repository
 
+### Releasing
+
+1. Make sure the `lib/devise_revocable_session/version.rb` file is updated with a new version
+2. Run `git tag vX.X.X && git push --tag`
+3. Run `gem build *.gemspec`
+4. Run `gem push *.gem` to push the new version to RubyGems
+5. Run `rm *.gem` to clean up your local repository
+
+To set up your local machine to push to RubyGems via the API, see the [RubyGems documentation](https://guides.rubygems.org/publishing/#publishing-to-rubygemsorg).
 
 ## Contributing
 
-Bug reports and pull requests are welcome on GitHub at https://github.com/carlallen/devise_revocable_session. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+Bug reports and pull requests are welcome on GitHub at https://github.com/dispatchitinc/devise_revocable_session. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
+
+## Code of Conduct
+
+Everyone interacting in the DeviseRevocableSession project's codebases, issue trackers, chat rooms, and mailing lists is expected to follow the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
 
-## License
+## Copyright
 
-The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
+Copyright (c) 2022 Dispatch. See [MIT License](LICENSE.txt) for further details.

data/app/models/devise/revocable_session.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 module Devise
   class RevocableSession < ApplicationRecord
     belongs_to :resource, polymorphic: true

data/devise_revocable_session.gemspec

@@ -1,26 +1,31 @@
-$:.push File.expand_path("../lib", __FILE__)
-require "devise_revocable_session/version"
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'devise_revocable_session/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "devise_revocable_session"
+  spec.name          = 'devise_revocable_session'
+  spec.license       = 'MIT'
   spec.version       = DeviseRevocableSession::VERSION
-  spec.authors       = ['Carl Allen']
-  spec.email         = ["github@allenofmn.com"]
+  spec.authors       = ['DispatchIt, Inc. Engineers']
+  spec.email         = ['engineers@dispatchit.com']
 
   spec.summary       = 'A module for devise to revoke sessions'
   spec.description   = 'A module for devise to revoke sessions'
-  spec.homepage      = 'http://github.com/carlallen/devise_revocable_session'
-  spec.license       = 'MIT'
+  spec.homepage      = 'http://github.com/dispatchitinc/devise_revocable_session'
+  spec.metadata      = { 'rubygems_mfa_required' => 'false' }
 
-  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
-    f.match(%r{^(test|spec|features)/})
+  spec.files         = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
+
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
+
+  spec.add_development_dependency 'rake', '~> 10.0'
 
-  spec.add_development_dependency "bundler", "~> 1.16"
-  spec.add_development_dependency "rake", "~> 10.0"
-  spec.add_dependency "devise"
-  spec.add_dependency "activemodel"
+  spec.add_dependency 'activemodel'
+  spec.add_dependency 'devise'
 end

data/lib/devise_revocable_session/hooks/revocable_session.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 # After authenticating, we’re removing any session activation that may already
 # exist, and creating a new session# activation. We generate our own random id
 # (in User#activate_session) and store it in the auth_id key. There is already

data/lib/devise_revocable_session/models/revocable_session.rb

@@ -58,9 +58,7 @@ module Devise
         def devise_writer_wrapper
           role = Rails.application.config.active_record.writing_role || :writing
           ActiveRecord::Base.connected_to(role: role) do
-            ActiveRecord::Base.connection_handler.while_preventing_writes(false) do
-              yield
-            end
+            ActiveRecord.legacy_connection_handling
           end
         end
 

data/lib/devise_revocable_session/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module DeviseRevocableSession
-  VERSION = "0.1.4"
+  VERSION = '0.1.6'
 end

data/lib/devise_revocable_session.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require "devise_revocable_session/version"
 require 'devise'
 require 'devise_revocable_session/hooks/revocable_session'

data/lib/generators/devise_revocable_session/devise_revocable_session_generator.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'rails/generators/migration'
 
 class DeviseRevocableSessionGenerator < Rails::Generators::Base

data/lib/generators/devise_revocable_session/templates/migration.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class CreateRevocableSessions < ActiveRecord::Migration<%= migration_version %>
   def change
     create_table :revocable_sessions do |t|
@@ -21,4 +23,3 @@ class CreateRevocableSessions < ActiveRecord::Migration<%= migration_version %>
     end
   end
 end
-

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: devise_revocable_session
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.6
 platform: ruby
 authors:
-- Carl Allen
-autorequire: 
+- DispatchIt, Inc. Engineers
+autorequire:
 bindir: exe
 cert_chain: []
-date: 2020-03-24 00:00:00.000000000 Z
+date: 2022-09-28 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '1.16'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -39,7 +25,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: devise
+  name: activemodel
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -53,7 +39,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: activemodel
+  name: devise
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -68,14 +54,21 @@ dependencies:
         version: '0'
 description: A module for devise to revoke sessions
 email:
-- github@allenofmn.com
+- engineers@dispatchit.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/issue_template.md"
+- ".github/pull_request_template.md"
+- ".github/workflows/gitleaks.toml"
+- ".github/workflows/scheduled.yml"
+- ".github/workflows/test.yml"
 - ".gitignore"
+- ".rubocop.yml"
+- ".ruby_version"
 - Gemfile
-- LICENSE
+- LICENSE.txt
 - README.md
 - Rakefile
 - app/models/devise/revocable_session.rb
@@ -88,11 +81,12 @@ files:
 - lib/devise_revocable_session/version.rb
 - lib/generators/devise_revocable_session/devise_revocable_session_generator.rb
 - lib/generators/devise_revocable_session/templates/migration.rb
-homepage: http://github.com/carlallen/devise_revocable_session
+homepage: http://github.com/dispatchitinc/devise_revocable_session
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  rubygems_mfa_required: 'false'
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -107,8 +101,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
-signing_key: 
+rubygems_version: 3.3.7
+signing_key:
 specification_version: 4
 summary: A module for devise to revoke sessions
 test_files: []

data/LICENSE

@@ -1,21 +0,0 @@
-MIT License
-
-Copyright (c) 2019 Carl Allen
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.