devise_zxcvbn 4.4.1 → 6.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 9cdd3611652924ce1a2ff81a832d5bc6a8f0ea61
-  data.tar.gz: c8fef0f8d2ba13d3eabce3fa5088531b715dd39b
+SHA256:
+  metadata.gz: d9199b7dc373b012f84a98f47e9c70ebc0e229a7749d70c1d72c73aef57f4b81
+  data.tar.gz: 9b914ad4c1fefca97261f09625ca4ec891a46808bbcaf24ae83bb9b5a848f5e5
 SHA512:
-  metadata.gz: 896fa3543e049ea4d8bd2230ae6a5ce2bbe3bdec4b53482b21c62d912e37ce3ec05f30ac839169a197f0ba195b787e38ee2129413c1ba8424cbe848001676dfd
-  data.tar.gz: c33446dd6366fbc6f9f857ffd8a14f284e0a58aba6c0e05ab3a780d718752bc3f61d2425a0d14ecc4a4635576756f146be27c63c3c48eca8d5f5b3be5ceac6e2
+  metadata.gz: 0645cd5046baf76e3f88f2ca2d60c67823b083a2cc38c17d31c674d2e77578a807cdc810fcb7d8ce7f7d73b3df644ec679a4a1d5676d86f3a751cf79a8351c3a
+  data.tar.gz: 662aec05fc6ff3349cd75b1b63361f61add2eba284454a9c0f75d27d14e9bf7b984665375fc51eb7a1a956a32c05a1cf0a88a25f9a654c19704b488b928b8c58

data/.github/workflows/gem-push.yml

@@ -0,0 +1,31 @@
+name: Ruby Gem
+
+on:
+  push:
+    branches: [ master ]
+
+jobs:
+  build:
+    name: Build + Publish
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby 2.6
+      uses: actions/setup-ruby@v1
+      with:
+        ruby-version: 2.6.x
+
+    - name: Publish to RubyGems
+      run: |
+        mkdir -p $HOME/.gem
+        touch $HOME/.gem/credentials
+        chmod 0600 $HOME/.gem/credentials
+        printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+        gem build *.gemspec
+        gem push *.gem
+      env:
+        GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/ruby.yml

@@ -0,0 +1,35 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
+# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
+
+name: Ruby
+
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+
+jobs:
+  test:
+
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.6', '2.7', '3.0']
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Ruby
+    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
+    # change this to (see https://github.com/ruby/setup-ruby#versioning):
+    # uses: ruby/setup-ruby@v1
+      uses: ruby/setup-ruby@473e4d8fe5dd94ee328fdfca9f8c9c7afc9dae5e
+      with:
+        ruby-version: ${{ matrix.ruby-version }}
+        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+    - name: Run tests
+      run: RAILS_ENV=test bundle exec rspec -r rspec_junit_formatter --format RspecJunitFormatter

data/.gitignore

@@ -15,3 +15,4 @@ spec/reports
 test/tmp
 test/version_tmp
 tmp
+.byebug_history

data/CHANGELOG.md

@@ -0,0 +1,8 @@
+## 6.0 - 2021-12-17
+
+- Switching to [zxcvbn-rb](https://github.com/formigarafa/zxcvbn-rb) so that we do not need to run execjs but still keep compatability with Dropbox's zxcvbn.js.
+  `zxcvbn-rb` is not the same as `zxcvbn-ruby` (which produces different scores which is why we originally used `zxcvbn-js`).
+
+## 5.2 - 2021-12-17
+
+- Fix Ruby 3.0 compatability

data/README.md

@@ -1,10 +1,10 @@
 # devise_zxcvbn
 
-[![Gem Version](https://badge.fury.io/rb/devise_zxcvbn.png)](http://badge.fury.io/rb/devise_zxcvbn)
-[![Circle CI](https://circleci.com/gh/bitzesty/devise_zxcvbn.svg?style=svg)](https://circleci.com/gh/bitzesty/devise_zxcvbn)
+[![Gem Version](https://badge.fury.io/rb/devise_zxcvbn.svg)](http://badge.fury.io/rb/devise_zxcvbn)
+[![Ruby](https://github.com/bitzesty/devise_zxcvbn/actions/workflows/ruby.yml/badge.svg?branch=master)](https://github.com/bitzesty/devise_zxcvbn/actions/workflows/ruby.yml)
 [![Code Climate](https://codeclimate.com/github/bitzesty/devise_zxcvbn/badges/gpa.svg)](https://codeclimate.com/github/bitzesty/devise_zxcvbn)
 
-Plugin for [devise](https://github.com/plataformatec/devise) to reject weak passwords, using [zxcvbn-js](https://github.com/bitzesty/zxcvbn-js) which is a ruby port of [zxcvbn: realistic password strength estimation](https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/).
+Plugin for [devise](https://github.com/plataformatec/devise) to reject weak passwords, using [zxcvbn-rb](https://github.com/formigarafa/zxcvbn-rb) which is a ruby port of [zxcvbn: realistic password strength estimation](https://tech.dropbox.com/2012/04/zxcvbn-realistic-password-strength-estimation/).
 
 The user's password will be rejected if the score is below 4 by default. It also uses the email as user input to zxcvbn, to reject passwords containing parts of the email (if using zxcvbn.js on the frontend you should also do this to get the same score).
 
@@ -14,50 +14,87 @@ The scores 0, 1, 2, 3 or 4 are given when the estimated crack time (seconds) is
 
 Add this line to your application's Gemfile:
 
-    gem 'devise_zxcvbn'
-
+```ruby
+gem 'devise_zxcvbn'
+```
 
 ## Configuration
 
-    class User < ActiveRecord::Base
-      devise :zxcvbnable
+```ruby
+class User < ActiveRecord::Base
+  devise :zxcvbnable
+
+  # Optionally add more weak words to check against:
+  def weak_words
+    ['mysitename', self.name, self.username]
+  end
+end
+```
+
+## Available methods for devise resources
+
+```ruby
+class User < ApplicationRecord
+  devise :zxcvbnable
+end
 
-      # Optionally add more weak words to check against:
-      def weak_words
-        ['mysitename', self.name, self.username]
-      end
-    end
+user = User.new.tap do |user|
+  user.email = "example@example.com"
+  user.password = "123456789"
+end
+
+user.password_score => #<OpenStruct password="123456789", guesses=6, guesses_log10=0.7781512503836435, sequence=[{"pattern"=>"dictionary", "i"=>0, "j"=>8, "token"=>"123456789", "matched_word"=>"123456789", "rank"=>5, "dictionary_name"=>"passwords", "reversed"=>false, "l33t"=>false, "base_guesses"=>5, "uppercase_variations"=>1, "l33t_variations"=>1, "guesses"=>5, "guesses_log10"=>0.6989700043360187}], calc_time=15, crack_times_seconds={"online_throttling_100_per_hour"=>216, "online_no_throttling_10_per_second"=>0.6, "offline_slow_hashing_1e4_per_second"=>0.0006, "offline_fast_hashing_1e10_per_second"=>6.0e-10}, crack_times_display={"online_throttling_100_per_hour"=>"4 minutes", "online_no_throttling_10_per_second"=>"less than a second", "offline_slow_hashing_1e4_per_second"=>"less than a second", "offline_fast_hashing_1e10_per_second"=>"less than a second"}, score=0, feedback={"warning"=>"This is a top-10 common password", "suggestions"=>["Add another word or two. Uncommon words are better."]}>
+# returns a simple OpenStruct object so than you could send another messages to get more info
+
+user.password_weak? => true/false # returns a boolean result of checking of weakness of your set password
+```
 
 ### Default parameters
 
 _A score of less than 3 is not recommended._
 
-    # config/initializers/devise.rb
-    Devise.setup do |config|
-      config.min_password_score = 4
-    end
+```ruby
+# config/initializers/devise.rb
+Devise.setup do |config|
+  config.min_password_score = 4
+end
+```
 
 ### Error Message
 
 The default error message:
 
-    "not strong enough. It scored %{score}. It must score at least %{min_password_score}."
+```yml
+"not strong enough. It scored %{score}. It must score at least %{min_password_score}."
+```
 
 You can customize this error message modifying the `devise` YAML file.
 
-The `feedback`, `crack_time_display`, `score` and `min_password_score` variables are passed through if you need them.
+The `crack_time_display`, `feedback`, `score` and `min_password_score` variables are passed through if you need them.
+
+```yml
+# config/locales/devise.en.yml
+en:
+  errors:
+    messages:
+      weak_password: "not strong enough. Consider adding a number, symbols or more letters to make it stronger."
+```
+
+### Skipping password complexity validation
 
-    # config/locales/devise.en.yml
-    en:
-      errors:
-        messages:
-          weak_password: "not strong enough. Consider adding a number, symbols or more letters to make it stronger."
+To turn off password complexity validation for certain conditions, you could implement a concern (or similar) that overloads `skip_password_complexity?`:
 
+```ruby
+def skip_password_complexity?
+  true
+end
+```
 
 ## Contributing
 
 1. Fork it
 2. Create your feature branch (`git checkout -b my-new-feature`)
-3. Commit your changes (`git commit -am 'Add some feature'`)
-4. Push to the branch (`git push origin my-new-feature`)
-5. Create new Pull Request
+3. Add test coverage for the feature, We use rspec for this purpose
+4. Commit your changes (`git commit -am 'Add some feature'`)
+5. Push to the branch (`git push origin my-new-feature`)
+6. Create new Pull Request

data/devise_zxcvbn.gemspec

@@ -19,11 +19,12 @@ Gem::Specification.new do |spec|
   spec.require_paths = ["lib"]
 
   spec.add_development_dependency "activemodel"
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.add_development_dependency "bundler", "~> 2.2.33"
   spec.add_development_dependency "rake"
   spec.add_development_dependency "rspec"
   spec.add_development_dependency "rspec_junit_formatter"
+  spec.add_development_dependency "byebug"
 
   spec.add_runtime_dependency "devise"
-  spec.add_runtime_dependency("zxcvbn-js", "~> 4.4.1")
+  spec.add_runtime_dependency("zxcvbn", "~> 0.1.7")
 end

data/lib/devise_zxcvbn/errors/devise_zxcvbn_error.rb

@@ -0,0 +1,2 @@
+class DeviseZxcvbnError < StandardError # TODO: we need own hierarchy
+end

data/lib/devise_zxcvbn/model.rb

@@ -1,4 +1,6 @@
-require 'devise_zxcvbn/email_tokeniser'
+require "devise_zxcvbn/email_tokeniser"
+require "devise_zxcvbn/errors/devise_zxcvbn_error"
+require "ostruct"
 
 module Devise
   module Models
@@ -9,18 +11,28 @@ module Devise
       delegate :zxcvbn_tester, to: "self.class"
 
       included do
-        validate :not_weak_password, if: :password_required?
+        validate :strong_password, unless: :skip_password_complexity?
       end
 
       def password_score
-        @pass_score = self.class.password_score(self)
+        @password_score = self.class.password_score(self)
+      end
+
+      def password_weak?
+        password_score.score < min_password_score
+      end
+
+      protected
+
+      def skip_password_complexity?
+        !password_required?
       end
 
       private
 
-      def not_weak_password
-        if errors.messages.blank? && password_score.score < min_password_score
-          errors.add :password, :weak_password, i18n_variables
+      def strong_password
+        if errors.messages.blank? && password_weak?
+          errors.add :password, :weak_password, **i18n_variables
         end
       end
 
@@ -28,28 +40,30 @@ module Devise
         {
           feedback: zxcvbn_feedback,
           crack_time_display: time_to_crack,
-          score: @pass_score.score,
+          score: password_score.score,
           min_password_score: min_password_score
         }
       end
 
       def zxcvbn_feedback
-        feedback = @pass_score.feedback.values.flatten.reject(&:empty?)
-        return 'Add another word or two. Uncommon words are better.' if feedback.empty?
+        feedback = password_score.feedback.values.flatten.reject(&:empty?)
+        return "Add another word or two. Uncommon words are better." if feedback.empty?
 
-        feedback.join('. ').gsub(/\.\s*\./, '.')
+        feedback.join(". ").gsub(/\.\s*\./, ".")
       end
 
       def time_to_crack
-        @pass_score.crack_times_display['offline_fast_hashing_1e10_per_second']
+        password_score.crack_times_display["offline_fast_hashing_1e10_per_second"]
       end
 
-      module ClassMethods
+      class_methods do
         Devise::Models.config(self, :min_password_score)
         Devise::Models.config(self, :zxcvbn_tester)
 
-        def password_score(user, arg_email=nil)
-          password = user.respond_to?(:password) ? user.password.to_s : user
+        def password_score(user, arg_email = nil)
+          return raise DeviseZxcvbnError, "the object must respond to password" unless user.respond_to?(:password)
+
+          password = user.password.to_s
 
           zxcvbn_weak_words = []
 
@@ -58,14 +72,15 @@ module Devise
           end
 
           # User method results are saved locally to prevent repeat calls that might be expensive
-          if user.respond_to? :email
+          if user.respond_to?(:email)
             local_email = user.email
             zxcvbn_weak_words += [local_email, *DeviseZxcvbn::EmailTokeniser.split(local_email)]
           end
 
-          if user.respond_to? :weak_words
+          if user.respond_to?(:weak_words)
+            return raise DeviseZxcvbnError, "weak_words must return an Array" unless user.weak_words.is_a?(Array)
+
             local_weak_words = user.weak_words
-            raise "weak_words must return an Array" unless (local_weak_words.is_a? Array)
             zxcvbn_weak_words += local_weak_words
           end
 

data/lib/devise_zxcvbn/version.rb

@@ -1,3 +1,3 @@
 module DeviseZxcvbn
-  VERSION = "4.4.1"
+  VERSION = "6.0.0"
 end

data/spec/devise_zxcvbn/devise_zxcbn_spec.rb

@@ -1,7 +1,6 @@
 require "devise_zxcvbn"
 
 describe 'Devise zxcvbn' do
-
   it "Returns the default value for min_password_score of 4" do
     expect(Devise.min_password_score).to eq(4)
   end

data/spec/devise_zxcvbn/errors/devise_zxcvbn_error.rb

@@ -0,0 +1,2 @@
+class DeviseZxcvbnError < StandardError # TODO: we need own hierarchy
+end

data/spec/devise_zxcvbn/model_spec.rb

@@ -1,43 +1,130 @@
-require "devise"
-require "devise_zxcvbn"
-require "active_model"
-require "devise_zxcvbn/model"
+require 'active_model'
+require 'devise'
+require 'devise_zxcvbn'
+require 'devise_zxcvbn/model'
 
 describe Devise::Models::Zxcvbnable do
-  describe "#password_score" do
-    it "returns the score from zxcvbn_tester" do
-      password_score = DummyClass.new("12345678").password_score
-      expect(password_score.score).to eq(0)
-      expect(password_score.crack_times_display['offline_fast_hashing_1e10_per_second']).to eq("less than a second")
+  ValidDummyClass = Struct.new(:password, :skip_password_complexity, keyword_init: true) do
+    include ActiveModel::Validations
+    include Devise::Models::Zxcvbnable
+
+    def skip_password_complexity?
+      skip_password_complexity
     end
   end
 
-  describe "Password validation" do
-    it "Invalid if password score is less than the min_password_score" do
-      user = DummyClass.new("12345678")
-      expect(user).to_not be_valid
-      expect(user.errors[:password]).to eq(["not strong enough. It scored 0. It must score at least 4."])
+  let(:skip_password_complexity) { false }
+
+  describe '#password_score' do
+    context 'when password is strong' do
+      let(:user) { ValidDummyClass.new(password: 'Jm1C4C3aaDzC1aRW', skip_password_complexity: skip_password_complexity) }
+
+      it 'returns the score equal 4' do
+        password_score = user.password_score
+
+        expect(password_score.score).to eq(4)
+        expect(password_score.crack_times_display['offline_fast_hashing_1e10_per_second']).to eq('12 days')
+      end
+    end
+
+    context 'when password is weak' do
+      let(:user) { ValidDummyClass.new(password: '12345678', skip_password_complexity: skip_password_complexity) }
+
+      it 'returns the weak score' do
+        password_score = user.password_score
+
+        expect(password_score.score).to eq(0)
+        expect(password_score.crack_times_display['offline_fast_hashing_1e10_per_second']).to eq('less than a second')
+      end
     end
+  end
+
+  describe '#password_weak?' do
+    let(:user) { ValidDummyClass.new(password: 'Jm1C4C3aaDzC1aRW', skip_password_complexity: skip_password_complexity) }
 
-    it "Valid if password score is greater than the min_password_score" do
-      user = DummyClass.new("Jm1C4C3aaDzC")
-      expect(user).to be_valid
-      expect(user.errors[:password]).to be_empty
+    it 'returns false for the call of the method' do
+      expect(user.password_weak?).to be_falsey
     end
   end
 
-  class DummyClass
-    include ActiveModel::Validations
-    include Devise::Models::Zxcvbnable
+  describe 'validations' do
+    subject { resource.validate; resource }
+
+    let(:resource) { ValidDummyClass.new(password: password, skip_password_complexity: skip_password_complexity) }
+
+    context 'when password complexity check is required' do
+      context 'when password is strong' do
+        let(:password) { 'Jm1C4C3aaDzC1aRW' }
 
-    attr_accessor :password
+        it 'expects the model to be valid' do
+          expect(subject).to be_valid
+        end
 
-    def initialize(password)
-      @password = password
+        it 'returns empty validation messages' do
+          expect(subject.errors[:password]).to be_empty
+        end
+      end
+
+      context 'when password is weak' do
+        let(:password) { '12345678' }
+
+        it 'expects the model to be invalid' do
+          expect(subject).to be_invalid
+        end
+
+        it 'returns validation message' do
+          expect(subject.errors[:password])
+            .to eq(['not strong enough. It scored 0. It must score at least 4.'])
+        end
+      end
+    end
+
+    context 'when password complexity check is not required' do
+      let(:skip_password_complexity) { true }
+
+      context 'when password score is strong' do
+        let(:password) { 'Jm1C4C3aaDzC1aRW' }
+
+        it 'expects the model to be valid' do
+          expect(subject).to be_valid
+        end
+      end
+
+      context 'when password score is weak' do
+        let(:password) { '12345678' }
+
+        it 'expects the model to be valid' do
+          expect(subject).to be_valid
+        end
+      end
+    end
+  end
+
+  describe 'exceptions raises' do
+    context 'when password method is not given for instance' do
+      class InvalidPasswordDummyClass < ValidDummyClass
+        undef_method :password
+      end
+
+      let(:user) { InvalidPasswordDummyClass.new }
+
+      it 'raises exception regarding absence password method' do
+        expect { user.password_score }.to raise_error(DeviseZxcvbnError, 'the object must respond to password')
+      end
     end
 
-    def password_required?
-      true
+    context 'when weak_words method returns not Array' do
+      class InvalidWeakWordsDummyClass < ValidDummyClass
+        def weak_words
+          String.new()
+        end
+      end
+
+      let(:user) { InvalidWeakWordsDummyClass.new }
+
+      it 'raises exception regarding type of weak_words method' do
+        expect { user.password_score }.to raise_error(DeviseZxcvbnError, 'weak_words must return an Array')
+      end
     end
   end
 end

data/spec/spec_helper.rb

@@ -1,96 +1,11 @@
-# This file was generated by the `rspec --init` command. Conventionally, all
-# specs live under a `spec` directory, which RSpec adds to the `$LOAD_PATH`.
-# The generated `.rspec` file contains `--require spec_helper` which will cause
-# this file to always be loaded, without a need to explicitly require it in any
-# files.
-#
-# Given that it is always loaded, you are encouraged to keep this file as
-# light-weight as possible. Requiring heavyweight dependencies from this file
-# will add to the boot time of your test suite on EVERY test run, even for an
-# individual file that may not need all of that loaded. Instead, consider making
-# a separate helper file that requires the additional dependencies and performs
-# the additional setup, and require it from the spec files that actually need
-# it.
-#
-# The `.rspec` file also contains a few flags that are not defaults but that
-# users commonly want.
-#
-# See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
+require 'byebug'
+
 RSpec.configure do |config|
-  # rspec-expectations config goes here. You can use an alternate
-  # assertion/expectation library such as wrong or the stdlib/minitest
-  # assertions if you prefer.
   config.expect_with :rspec do |expectations|
-    # This option will default to `true` in RSpec 4. It makes the `description`
-    # and `failure_message` of custom matchers include text for helper methods
-    # defined using `chain`, e.g.:
-    #     be_bigger_than(2).and_smaller_than(4).description
-    #     # => "be bigger than 2 and smaller than 4"
-    # ...rather than:
-    #     # => "be bigger than 2"
     expectations.include_chain_clauses_in_custom_matcher_descriptions = true
   end
 
-  # rspec-mocks config goes here. You can use an alternate test double
-  # library (such as bogus or mocha) by changing the `mock_with` option here.
   config.mock_with :rspec do |mocks|
-    # Prevents you from mocking or stubbing a method that does not exist on
-    # a real object. This is generally recommended, and will default to
-    # `true` in RSpec 4.
     mocks.verify_partial_doubles = true
   end
-
-# The settings below are suggested to provide a good initial experience
-# with RSpec, but feel free to customize to your heart's content.
-=begin
-  # These two settings work together to allow you to limit a spec run
-  # to individual examples or groups you care about by tagging them with
-  # `:focus` metadata. When nothing is tagged with `:focus`, all examples
-  # get run.
-  config.filter_run :focus
-  config.run_all_when_everything_filtered = true
-
-  # Allows RSpec to persist some state between runs in order to support
-  # the `--only-failures` and `--next-failure` CLI options. We recommend
-  # you configure your source control system to ignore this file.
-  config.example_status_persistence_file_path = "spec/examples.txt"
-
-  # Limits the available syntax to the non-monkey patched syntax that is
-  # recommended. For more details, see:
-  #   - http://rspec.info/blog/2012/06/rspecs-new-expectation-syntax/
-  #   - http://www.teaisaweso.me/blog/2013/05/27/rspecs-new-message-expectation-syntax/
-  #   - http://rspec.info/blog/2014/05/notable-changes-in-rspec-3/#zero-monkey-patching-mode
-  config.disable_monkey_patching!
-
-  # This setting enables warnings. It's recommended, but in some cases may
-  # be too noisy due to issues in dependencies.
-  config.warnings = true
-
-  # Many RSpec users commonly either run the entire suite or an individual
-  # file, and it's useful to allow more verbose output when running an
-  # individual spec file.
-  if config.files_to_run.one?
-    # Use the documentation formatter for detailed output,
-    # unless a formatter has already been configured
-    # (e.g. via a command-line flag).
-    config.default_formatter = 'doc'
-  end
-
-  # Print the 10 slowest examples and example groups at the
-  # end of the spec run, to help surface which specs are running
-  # particularly slow.
-  config.profile_examples = 10
-
-  # Run specs in random order to surface order dependencies. If you find an
-  # order dependency and want to debug it, you can fix the order by providing
-  # the seed, which is printed after each run.
-  #     --seed 1234
-  config.order = :random
-
-  # Seed global randomization in this process using the `--seed` CLI option.
-  # Setting this allows you to use `--seed` to deterministically reproduce
-  # test failures related to randomization by passing the same `--seed` value
-  # as the one that triggered the failure.
-  Kernel.srand config.seed
-=end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: devise_zxcvbn
 version: !ruby/object:Gem::Version
-  version: 4.4.1
+  version: 6.0.0
 platform: ruby
 authors:
 - Bit Zesty
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-27 00:00:00.000000000 Z
+date: 2021-12-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activemodel
@@ -30,14 +30,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.2.33
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: 2.2.33
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -80,6 +80,20 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: byebug
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: devise
   requirement: !ruby/object:Gem::Requirement
@@ -95,19 +109,19 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: zxcvbn-js
+  name: zxcvbn
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.4.1
+        version: 0.1.7
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 4.4.1
+        version: 0.1.7
 description: 'This gems works with devise to provide backend password strength checking
   via zxcvbn-js to reject weak passwords '
 email:
@@ -116,21 +130,25 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/gem-push.yml"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
 - Rakefile
-- circle.yml
 - devise_zxcvbn.gemspec
 - lib/devise_zxcvbn.rb
 - lib/devise_zxcvbn/email_tokeniser.rb
+- lib/devise_zxcvbn/errors/devise_zxcvbn_error.rb
 - lib/devise_zxcvbn/locales/en.yml
 - lib/devise_zxcvbn/model.rb
 - lib/devise_zxcvbn/version.rb
 - spec/devise_zxcvbn/devise_zxcbn_spec.rb
 - spec/devise_zxcvbn/email_tokeniser_spec.rb
+- spec/devise_zxcvbn/errors/devise_zxcvbn_error.rb
 - spec/devise_zxcvbn/model_spec.rb
 - spec/spec_helper.rb
 homepage: https://github.com/bitzesty/devise_zxcvbn
@@ -152,13 +170,13 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.5.1
+rubygems_version: 3.0.3.1
 signing_key: 
 specification_version: 4
 summary: Devise plugin to reject weak passwords
 test_files:
 - spec/devise_zxcvbn/devise_zxcbn_spec.rb
 - spec/devise_zxcvbn/email_tokeniser_spec.rb
+- spec/devise_zxcvbn/errors/devise_zxcvbn_error.rb
 - spec/devise_zxcvbn/model_spec.rb
 - spec/spec_helper.rb

data/circle.yml

@@ -1,9 +0,0 @@
-## Customize machine
-machine:
-  ruby:
-    version:
-      2.2.3
-## Customize test commands
-test:
-  override:
-    - RAILS_ENV=test bundle exec rspec -r rspec_junit_formatter --format RspecJunitFormatter -o $CIRCLE_TEST_REPORTS/rspec/junit.xml