diffcrypt 0.3.2 → 0.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 2009b6cc9a7318e8f6624d6fbde27562799a4ccd44d7aa1263d6c1ff6dbea2a8
-  data.tar.gz: 9f3aacfbd55710037b3bbadc56d6513b66775da721e4120b20ab5e95f320837e
+  metadata.gz: 5914065f605f66fa0b4bd189b3ffd3f1f837cc4ab3d417215fb9366fea723668
+  data.tar.gz: 18485d4613dbf5503a481cd74bd659cb572c24f0e1a7378348d38f8bb4cfedca
 SHA512:
-  metadata.gz: 5412dc78d1e840f0b8d58eb60f13b3e761945c6a76235ad9eb32fd737eaba8df027892c8ad836a56f7e154a60ecb5085608db448021d1c4cd6aad0e8a87ba696
-  data.tar.gz: 2c3002f8783d0c92f13f3efc13e8e8a23a3d5d80aaa9ea1c20cf7148e8bad6b3ad1a840389412c138f70a8c494c465fc592beea2774f616ca63b8406370d7797
+  metadata.gz: c3de8085e6c26e338ff1cf5239bd66761497bcf98caa2234faf13aefa83e7b559fb6162ca07626fd315ba8ee40fb372043277176456b83fefa2ccded4060f7d8
+  data.tar.gz: d6d2a864d9a845234080d81a986ef6a7859000838558c639dce1c0e1175d6ed6dab836d182e40723eadc57534b8058ae162b53102ded1e17302ae1b24d6fd8a5

data/.circleci/config.yml

@@ -1,12 +1,39 @@
 version: 2.1
 
 jobs:
-  build:
+  bundle:
     docker:
-      - image: circleci/ruby:2.6.6
+      - image: circleci/ruby:2.7.1
+    working_directory: /mnt/ramdisk
     steps:
       - checkout
-      - run: bundle install
+      - restore_cache:
+          keys:
+            - bundler-{{ checksum "diffcrypt.gemspec" }}-{{ .Environment.CACHE_VERSION }}
+      - run:
+          name: bundle install
+          command: |
+            gem install bundler -v '2.1.4'
+            bundle install --path=vendor/bundle --jobs=4 --retry=3
+      - save_cache:
+          key: bundler-{{ checksum "diffcrypt.gemspec" }}-{{ .Environment.CACHE_VERSION }}
+          paths:
+            - vendor/bundle
+
+  test:
+    docker:
+      - image: circleci/ruby:2.7.1
+    working_directory: /mnt/ramdisk
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - bundler-{{ checksum "diffcrypt.gemspec" }}-{{ .Environment.CACHE_VERSION }}
+      - run:
+          name: bundle install
+          command: |
+            gem install bundler -v '2.1.4'
+            bundle install --path=vendor/bundle --jobs=4 --retry=3
       - run:
           name: Setup Code Climate test-reporter
           command: |
@@ -19,7 +46,33 @@ jobs:
             ./cc-test-reporter before-build
             bundle exec rake test
             ./cc-test-reporter after-build --coverage-input-type lcov --exit-code $?
+  rubocop:
+    docker:
+      - image: circleci/ruby:2.7.1
+    working_directory: /mnt/ramdisk
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - bundler-{{ checksum "diffcrypt.gemspec" }}-{{ .Environment.CACHE_VERSION }}
+      - run:
+          name: bundle install
+          command: |
+            gem install bundler -v '2.1.4'
+            bundle install --path=vendor/bundle --jobs=4 --retry=3
       - run:
           name: rubocop
           command: bundle exec rubocop
           when: always
+
+workflows:
+  version: 2
+  all:
+    jobs:
+      - bundle
+      - test:
+          requires:
+            - bundle
+      - rubocop:
+          requires:
+            - bundle

data/.rubocop.yml

@@ -1,5 +1,6 @@
 AllCops:
   NewCops: enable
+  TargetRubyVersion: 2.6
 
 Style/ClassAndModuleChildren:
   Exclude:
@@ -9,10 +10,12 @@ Style/Documentation:
 Metrics/MethodLength:
   Exclude:
     - test/**/*_test.rb
-TrailingCommaInArrayLiteral:
+Style/TrailingCommaInArrayLiteral:
   EnforcedStyleForMultiline: consistent_comma
 Style/TrailingCommaInArguments:
   EnforcedStyleForMultiline: consistent_comma
+Style/TrailingCommaInHashLiteral:
+  EnforcedStyleForMultiline: consistent_comma
 Style/AccessorGrouping:
   EnforcedStyle: separated
 

data/CHANGELOG.md

@@ -7,6 +7,59 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 
 
+## [0.5.1] - 2021-03-29
+
+### Added
+
+- Support for Rails 6.1
+
+
+
+## [0.5.0] - 2020-12-06
+
+### Added
+
+- `Diffcrypt::Rails::ApplicationHelper` to simplify integration
+- `rake diffcrypt:init` command to help setup credentials
+
+### Changed
+
+- Default cipher is now `aes-265-gcm`
+- YAML keys are now sorted
+- Improved support for rails native `aes-128-gcm` cipher
+- Improved test coverage for differing ciphers
+
+
+
+## [0.4.1] - 2020-10-06
+
+### Fixed
+
+- Could not initialize a new file or modify existing rails format file (Thanks @swiknaba #31)
+
+
+
+## [0.4.0] - 2020-10-01
+
+### Changed
+
+- Encryptor can now use other ciphers than the default
+
+### Dependencies
+
+- simplecov: 0.17.0 -> 0.18.0 (#20)
+- rubocop: 0.88.0 -> 0.92.0 (#24)
+
+
+
+## [0.3.3] - 2020-07-25
+
+### Fixed
+
+- Explicit FileUtils require to avoid potentially warning logs
+
+
+
 ## [0.3.2] - 2020-07-20
 
 ### Added

data/Gemfile

@@ -7,6 +7,6 @@ gemspec
 
 gem 'minitest', '~> 5.0'
 gem 'rake', '~> 13.0'
-gem 'rubocop', '~> 0.88.0'
-gem 'simplecov', '~> 0.17.0', require: false # CodeClimate not compatible with 0.18+ yet - https://github.com/codeclimate/test-reporter/issues/413
+gem 'rubocop', '~> 1.11.0'
+gem 'simplecov', '~> 0.21.2', require: false # CodeClimate not compatible with 0.18+ yet - https://github.com/codeclimate/test-reporter/issues/413
 gem 'simplecov-lcov', '< 0.8'

data/README.md

@@ -36,8 +36,8 @@ There are a few ways to use the library, depending on how advanced your use case
 The easiest way to get started is to use the CLI.
 
 ```shell
-diffcrypt decrypt -k $(cat test/fixtures/master.key) test/fixtures/example.yml.enc
-diffcrypt encrypt -k $(cat test/fixtures/master.key) test/fixtures/example.yml
+diffcrypt decrypt -k $(cat test/fixtures/aes-128-gcm.key) test/fixtures/example.yml.enc
+diffcrypt encrypt -k $(cat test/fixtures/aes-128-gcm.key) test/fixtures/example.yml
 ```
 
 
@@ -66,23 +66,27 @@ Currently there is not native support for rails, but ActiveSupport can be monkey
 the built in encrypter. All existing `rails credentials:edit` also work with this method.
 
 ```ruby
-require 'diffcrypt/rails/encrypted_configuration'
+# config/application.rb
 module Rails
   class Application
-    def encrypted(path, key_path: 'config/master.key', env_key: 'RAILS_MASTER_KEY')
-      Diffcrypt::Rails::EncryptedConfiguration.new(
-        config_path: Rails.root.join(path),
-        key_path: Rails.root.join(key_path),
-        env_key: env_key,
-        raise_if_missing_key: config.require_master_key,
-      )
-    end
+    include Diffcrypt::Rails::ApplicationHelper
   end
 end
 ```
 
 
 
+## Converting between ciphers
+
+Sometimes you may want to rotate the cipher used on a file. You can do this programmatically using the ruby code above, or you can also chain the CLI commands like so:
+
+```shell
+diffcrypt decrypt -k $(cat test/fixtures/aes-128-gcm.key) test/fixtures/example.yml.enc > test/fixtures/example.128.yml \
+&& diffcrypt encrypt --cipher aes-256-gcm -k $(cat test/fixtures/aes-256-gcm.key) test/fixtures/example.128.yml > test/fixtures/example.256.yml.enc && rm test/fixtures/example.128.yml
+```
+
+
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake test` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/Rakefile

@@ -8,5 +8,7 @@ Rake::TestTask.new(:test) do |t|
   t.libs << 'lib'
   t.test_files = FileList['test/**/*_test.rb']
 end
-
 task default: :test
+
+path = File.expand_path(__dir__)
+Dir.glob("#{path}/lib/diffcrypt/tasks/**/*.rake").sort.each { |f| load f }

data/diffcrypt.gemspec

@@ -12,7 +12,7 @@ Gem::Specification.new do |spec|
   spec.description   = 'Diffable encrypted configuration files that can be safely committed into a git repository'
   spec.homepage      = 'https://github.com/marcqualie/diffcrypt'
   spec.license       = 'MIT'
-  spec.required_ruby_version = Gem::Requirement.new('>= 2.5.0')
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.6.0')
 
   # spec.metadata["allowed_push_host"] = "TODO: Set to 'http://mygemserver.com'"
 
@@ -22,13 +22,13 @@ Gem::Specification.new do |spec|
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
-  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+  spec.files = Dir.chdir(::File.expand_path(__dir__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
   spec.bindir = 'bin'
   spec.executables = %w[diffcrypt]
   spec.require_paths = ['lib']
 
-  spec.add_runtime_dependency 'activesupport', '~> 6.0.0'
+  spec.add_runtime_dependency 'activesupport', '>= 6.0', '< 6.2'
   spec.add_runtime_dependency 'thor', '>= 0.20', '< 2'
 end

data/lib/diffcrypt.rb

@@ -2,6 +2,7 @@
 
 require 'diffcrypt/encryptor'
 require 'diffcrypt/version'
+require 'diffcrypt/railtie' if defined?(Rails)
 
 module Diffcrypt
   class Error < StandardError; end

data/lib/diffcrypt/cli.rb

@@ -1,6 +1,7 @@
 # frozen_string_literal: true
 
 require_relative './encryptor'
+require_relative './file'
 require_relative './version'
 
 module Diffcrypt
@@ -8,21 +9,22 @@ module Diffcrypt
     desc 'decrypt <path>', 'Decrypt a file'
     method_option :key, aliases: %i[k], required: true
     def decrypt(path)
-      ensure_file_exists(path)
-      contents = File.read(path)
-      puts encryptor.decrypt(contents)
+      file = File.new(path)
+      ensure_file_exists(file)
+      say file.decrypt(key)
     end
 
     desc 'encrypt <path>', 'Encrypt a file'
     method_option :key, aliases: %i[k], required: true
+    method_option :cipher, default: Encryptor::DEFAULT_CIPHER
     def encrypt(path)
-      ensure_file_exists(path)
-      contents = File.read(path)
-      puts encryptor.encrypt(contents)
+      file = File.new(path)
+      ensure_file_exists(file)
+      say file.encrypt(key, cipher: options[:cipher])
     end
 
     desc 'generate-key', 'Generate a 32 bit key'
-    method_option :cipher, default: Encryptor::CIPHER
+    method_option :cipher, default: Encryptor::DEFAULT_CIPHER
     def generate_key
       say Encryptor.generate_key(options[:cipher])
     end
@@ -41,8 +43,9 @@ module Diffcrypt
         @encryptor ||= Encryptor.new(key)
       end
 
-      def ensure_file_exists(path)
-        abort('[ERROR] File does not exist') unless File.exist?(path)
+      # @param [Diffcrypt::File] path
+      def ensure_file_exists(file)
+        abort('[ERROR] File does not exist') unless file.exists?
       end
 
       def self.exit_on_failure?

data/lib/diffcrypt/encryptor.rb

@@ -12,15 +12,16 @@ require_relative './version'
 
 module Diffcrypt
   class Encryptor
-    CIPHER = 'aes-128-gcm'
+    DEFAULT_CIPHER = 'aes-256-gcm'
 
-    def self.generate_key(cipher = CIPHER)
+    def self.generate_key(cipher = DEFAULT_CIPHER)
       SecureRandom.hex(ActiveSupport::MessageEncryptor.key_len(cipher))
     end
 
-    def initialize(key)
+    def initialize(key, cipher: DEFAULT_CIPHER)
       @key = key
-      @encryptor ||= ActiveSupport::MessageEncryptor.new([key].pack('H*'), cipher: CIPHER)
+      @cipher = cipher
+      @encryptor ||= ActiveSupport::MessageEncryptor.new([key].pack('H*'), cipher: cipher)
     end
 
     # @param [String] contents The raw YAML string to be encrypted
@@ -46,11 +47,11 @@ module Diffcrypt
     # @param [String] contents The raw YAML string to be encrypted
     # @param [String, nil] original_encrypted_contents The original (encrypted) content to determine which keys have changed
     # @return [String]
-    def encrypt(contents, original_encrypted_contents = nil)
+    def encrypt(contents, original_encrypted_contents = nil, cipher: nil)
       data = encrypt_data contents, original_encrypted_contents
       YAML.dump(
         'client' => "diffcrypt-#{Diffcrypt::VERSION}",
-        'cipher' => CIPHER,
+        'cipher' => cipher || @cipher,
         'data' => data,
       )
     end
@@ -85,7 +86,7 @@ module Diffcrypt
                       key_changed ? encrypt_string(value) : original_encrypted_value
                     end
       end
-      data
+      data.sort.to_h
     end
     # rubocop:enable Metrics/PerceivedComplexity, Metrics/MethodLength, Metrics/CyclomaticComplexity
 

data/lib/diffcrypt/file.rb

@@ -0,0 +1,73 @@
+# frozen_string_literal: true
+
+require_relative './encryptor'
+
+module Diffcrypt
+  class File
+    attr_reader :file
+
+    def initialize(path)
+      @path = ::File.absolute_path path
+    end
+
+    def encrypted?
+      to_yaml['cipher']
+    end
+
+    # Determines the cipher to use for encryption/decryption
+    def cipher
+      return 'aes-128-gcm' if format == 'activesupport'
+
+      to_yaml['cipher'] || Encryptor::DEFAULT_CIPHER
+    end
+
+    # @return [Boolean]
+    def exists?
+      ::File.exist?(@path)
+    end
+
+    # Determines the format to be used for encryption
+    # @return [String] diffcrypt|activesupport
+    def format
+      return 'diffcrypt' if read == ''
+      return 'diffcrypt' if read.index('---')&.zero?
+
+      'activesupport'
+    end
+
+    # @return [String] Raw contents of the file
+    def read
+      return '' unless ::File.exist?(@path)
+
+      @read ||= ::File.read(@path)
+      @read
+    end
+
+    # Save the encrypted contents back to disk
+    # @return [Boolean] True is file save was successful
+    def write(key, data, cipher: nil)
+      cipher ||= self.cipher
+      yaml = ::YAML.dump(data)
+      contents = Encryptor.new(key, cipher: cipher).encrypt(yaml)
+      ::File.write(@path, contents)
+    end
+
+    # TODO: This seems useless, figure out what's up
+    def encrypt(key, cipher: DEFAULT_CIPHER)
+      return read if encrypted?
+
+      Encryptor.new(key, cipher: cipher).encrypt(read)
+    end
+
+    # TODO: Add a test to verify this does descrypt properly
+    def decrypt(key)
+      return read unless encrypted?
+
+      Encryptor.new(key, cipher: cipher).decrypt(read)
+    end
+
+    def to_yaml
+      @to_yaml ||= YAML.safe_load(read) || {}
+    end
+  end
+end

data/lib/diffcrypt/rails/application_helper.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+require_relative './encrypted_configuration'
+
+module Diffcrypt
+  module Rails
+    module ApplicationHelper
+      def encrypted(path, key_path: 'config/master.key', env_key: 'RAILS_MASTER_KEY')
+        config_path, key_path = resolve_encrypted_paths(path, key_path)
+
+        Diffcrypt::Rails::EncryptedConfiguration.new(
+          config_path: config_path,
+          key_path: key_path,
+          env_key: env_key,
+          raise_if_missing_key: config.require_master_key,
+        )
+      end
+
+      protected
+
+      def resolve_encrypted_paths(config_path, key_path)
+        config_path_abs = ::Rails.root.join(config_path)
+        key_path_abs = ::Rails.root.join(key_path)
+
+        # We always want to use `config/credentials/[environment]` for consistency
+        # If the master credentials do not exist, and a user has not specificed an environment, default to development
+        if config_path == 'config/credentials.yml.enc' && ::File.exist?(config_path_abs.to_s) == false
+          config_path_abs = ::Rails.root.join('config/credentials/development.yml.enc')
+          key_path_abs = ::Rails.root.join('config/credentials/development.key')
+        end
+
+        [
+          config_path_abs,
+          key_path_abs,
+        ]
+      end
+    end
+  end
+end

data/lib/diffcrypt/rails/encrypted_configuration.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require 'fileutils'
 require 'pathname'
 require 'tmpdir'
 
@@ -8,6 +9,8 @@ require 'active_support/core_ext/hash'
 require 'active_support/core_ext/module/delegation'
 require 'active_support/core_ext/object/inclusion'
 
+require 'diffcrypt/file'
+
 module Diffcrypt
   module Rails
     class EncryptedConfiguration
@@ -20,13 +23,13 @@ module Diffcrypt
       delegate_missing_to :options
 
       def initialize(config_path:, key_path:, env_key:, raise_if_missing_key:)
-        @content_path = Pathname.new(File.absolute_path(config_path)).yield_self do |path|
+        @content_path = Pathname.new(::File.absolute_path(config_path)).yield_self do |path|
           path.symlink? ? path.realpath : path
         end
+        @diffcrypt_file = Diffcrypt::File.new(@content_path)
         @key_path = Pathname.new(key_path)
         @env_key = env_key
         @raise_if_missing_key = raise_if_missing_key
-        @active_support_encryptor = ActiveSupport::MessageEncryptor.new([key].pack('H*'), cipher: Encryptor::CIPHER)
       end
 
       # Determines if file is using the diffable format, or still
@@ -50,7 +53,7 @@ module Diffcrypt
         deserialize(contents)
 
         IO.binwrite "#{content_path}.tmp", encrypt(contents, original_encrypted_contents)
-        FileUtils.mv "#{content_path}.tmp", content_path
+        ::FileUtils.mv "#{content_path}.tmp", content_path
       end
 
       def config
@@ -72,7 +75,7 @@ module Diffcrypt
       # rubocop:disable Metrics/AbcSize
       def writing(contents)
         tmp_file = "#{Process.pid}.#{content_path.basename.to_s.chomp('.enc')}"
-        tmp_path = Pathname.new File.join(Dir.tmpdir, tmp_file)
+        tmp_path = Pathname.new ::File.join(Dir.tmpdir, tmp_file)
         tmp_path.binwrite contents
 
         yield tmp_path
@@ -81,10 +84,17 @@ module Diffcrypt
 
         write(updated_contents, content_path_diffable? && content_path.binread)
       ensure
-        FileUtils.rm(tmp_path) if tmp_path&.exist?
+        ::FileUtils.rm(tmp_path) if tmp_path&.exist?
       end
       # rubocop:enable Metrics/AbcSize
 
+      # Standard rails credentials encrypt the entire file. We need to detect this to use the correct
+      # data interface
+      # @return [Boolean]
+      def rails_native_credentials?(contents)
+        contents.index('---').nil?
+      end
+
       # @param [String] contents The new content to be encrypted
       # @param [String] diff_against The original (encrypted) content to determine which keys have changed
       # @return [String] Encrypted content to commit
@@ -95,16 +105,25 @@ module Diffcrypt
       # @param [String] contents
       # @return [String]
       def decrypt(contents)
-        if contents.index('---').nil?
-          @active_support_encryptor.decrypt_and_verify contents
+        if rails_native_credentials?(contents)
+          active_support_encryptor.decrypt_and_verify contents
         else
           encryptor.decrypt contents
         end
       end
 
+      # Rails applications with an existing credentials file, the inbuilt active support encryptor should be used
+      # @return [ActiveSupport::MessageEncryptor]
+      def active_support_encryptor
+        @active_support_encryptor ||= ActiveSupport::MessageEncryptor.new(
+          [key].pack('H*'),
+          cipher: 'aes-128-gcm',
+        )
+      end
+
       # @return [Encryptor]
       def encryptor
-        @encryptor ||= Encryptor.new key
+        @encryptor ||= Encryptor.new key, cipher: @diffcrypt_file.cipher
       end
 
       def read_env_key

data/lib/diffcrypt/railtie.rb

@@ -0,0 +1,14 @@
+# frozen_string_literal: true
+
+require 'diffcrypt/rails/application_helper'
+
+module Diffcrypt
+  class Railtie < ::Rails::Railtie
+    railtie_name :diffcrypt
+
+    rake_tasks do
+      path = ::File.expand_path(__dir__)
+      ::Dir.glob("#{path}/tasks/**/*.rake").each { |f| load f }
+    end
+  end
+end

data/lib/diffcrypt/tasks/rails.rake

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+namespace :diffcrypt do
+  desc 'Initialize credentials for all environments'
+  task :init, %i[environments] do |_t, args|
+    args.with_defaults(
+      environments: 'development,test,staging,production',
+    )
+    environments = args.environments.split(',')
+
+    environments.each do |environment|
+      key_path = Rails.root.join('config', 'credentials', "#{environment}.key")
+      file_path = Rails.root.join('config', 'credentials', "#{environment}.yml.enc")
+      gitignore_path = Rails.root.join('.gitignore')
+      next if File.exist?(file_path) || File.exist?(key_path)
+
+      # Generate a new key
+      key = Diffcrypt::Encryptor.generate_key
+      key_dir = File.dirname(key_path)
+      Dir.mkdir(key_dir) unless Dir.exist?(key_dir)
+      ::File.write(key_path, key)
+
+      # Encrypt default contents
+      file = Diffcrypt::File.new(file_path)
+      data = {
+        'secret_key_base' => SecureRandom.hex(32),
+      }
+      file.write(key, data)
+
+      # Ensure .key files are always ignored
+      ::File.open(gitignore_path, 'a') do |f|
+        f.write("\nconfig/credentials/*.key")
+      end
+    end
+  end
+end

data/lib/diffcrypt/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Diffcrypt
-  VERSION = '0.3.2'
+  VERSION = '0.5.1'
 end

metadata

@@ -1,29 +1,35 @@
 --- !ruby/object:Gem::Specification
 name: diffcrypt
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.5.1
 platform: ruby
 authors:
 - Marc Qualie
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-07-20 00:00:00.000000000 Z
+date: 2021-03-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: '6.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '6.0'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: 6.0.0
+        version: '6.2'
 - !ruby/object:Gem::Dependency
   name: thor
   requirement: !ruby/object:Gem::Requirement
@@ -70,8 +76,13 @@ files:
 - lib/diffcrypt.rb
 - lib/diffcrypt/cli.rb
 - lib/diffcrypt/encryptor.rb
+- lib/diffcrypt/file.rb
+- lib/diffcrypt/rails/application_helper.rb
 - lib/diffcrypt/rails/encrypted_configuration.rb
+- lib/diffcrypt/railtie.rb
+- lib/diffcrypt/tasks/rails.rake
 - lib/diffcrypt/version.rb
+- tmp/.keep
 homepage: https://github.com/marcqualie/diffcrypt
 licenses:
 - MIT
@@ -86,14 +97,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.5.0
+      version: 2.6.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: Diffable encrypted configuration files