email_validator 1.6.0 → 2.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 3a61b5f5394d7e3995cb72b8020ed8877539658f
-  data.tar.gz: e1781250b91b5b62faf766b6120c0e91ae2cbd0e
+SHA256:
+  metadata.gz: c6952edf85fc0eafbe159b4a3b812731c81361ee0a15f22927e270a3eb885c9d
+  data.tar.gz: 8b5a56e059f652f1822c93cbcec0be9da23842433e9c7e5f97478496ba888ff9
 SHA512:
-  metadata.gz: 7c0d25c20be026d62ef9bda3a775efe42e21f87be95323f3fbd5be16df2ed761d31066c0d54a3578ef1b7f22562e09df80152de910dd6a6517de936efce70279
-  data.tar.gz: 2c6bd876e48aa9f27ac6d2ce53942961b52207cfe508d80dad93cd9df2ed0b0d1bc346ca3fc1ff8c218463b499b7d2fa5630af5374c3df013aec9cce183d93b7
+  metadata.gz: 158307d4196989b8d73872fa91c302ee9eab174b25f0686f3d61fe395796fa0b8e6c1c08185a4accf6c9581e23ba66bbebb8e3e8dc46b7ded935ed80a2484b53
+  data.tar.gz: 7f9ccf405a9bcf08d809fa58819d9e6d8489871a52020115802f3c755eddc3962b3533928f8f7c40e8122b055ad185c6f72cf1878ad6c920ba1b86872c0362a8

data/CHANGELOG.md

@@ -0,0 +1,131 @@
+# CHANGELOG
+
+This file is used to list changes made in `email_validator`.
+
+All notable changes to this project will be documented in this file.
+This project adheres to [Semantic Versioning](http://semver.org/).
+
+## 2.2.4 (2022-11-09)
+
+* [karlwilbur] - Remove Ruby 2.4 from tested versions; add Ruby 3.0 and 3.1 to tested versions
+* [karlwilbur] - Fix issue where `domain: ''` wasn't requiring empty domain
+* [karlwilbur] - Remove checks for double hyphens (fixes [#87](https://github.com/K-and-R/email_validator/issues/87))
+* [dependabot] - Security updates
+    - [#89](https://github.com/K-and-R/email_validator/pull/89)
+        + Bump `minimist` from `1.2.5` to `1.2.7`
+    - [#86](https://github.com/K-and-R/email_validator/pull/86)
+        + Bump `node-fetch` from `2.6.1` to `2.6.7`
+        + Add `whatwg-url` at `5.0.0`
+        + Add `tr46` at `0.0.3`
+        + Add `webidl-conversions` at `3.0.0`
+    - [#80](https://github.com/K-and-R/email_validator/pull/80)
+        + Bump `tar` from `6.0.5` to `6.1.11`
+        + Bump `minipass` from `3.1.3` to `3.1.5`
+    - [#79](https://github.com/K-and-R/email_validator/pull/79)
+        + Bump `path-parse` from `1.0.6` to `1.0.7`
+    - [#76](https://github.com/K-and-R/email_validator/pull/76)
+        + Bump `lodash` from `4.17.20` to `4.17.21`
+    - [#75](https://github.com/K-and-R/email_validator/pull/75)
+        + Bump `hosted-git-info` from `2.8.8` to `2.8.9`
+* [msands] - Fix URL in `README.md` [#81](https://github.com/K-and-R/email_validator/pull/81)
+* [kerolloz] - Fix typo in `README.md` [#73](https://github.com/K-and-R/email_validator/pull/73)
+
+## 2.2.3 (2021-04-05)
+
+* [karlwilbur] - Fix regexp for numeric domains (fixes [#72](https://github.com/K-and-R/email_validator/issues/72))
+    - [delphaber] - Add checks for numeric-only domains in tests (should be considered valid)
+    - [karlwilbur] - Fix specs for numeric-only domains labels (should be considered valid)
+    - [karlwilbur] - Add checks for numeric-only TLDs in tests (should be considered invalid)
+    - [karlwilbur] - Add tests to ensure that `regexp` returns expected value
+* [karlwilbur] - Add checks for double dash in domain (should be considered invalid)
+* [karlwilbur] - Add `EmailValidator::Error` class, raise `EmailValidator::Error` when invalid `mode`
+
+## 2.2.2 (2020-12-10)
+
+* [karlwilbur] - Fix includes for `:rfc` and `:strict` modes from `Gemfile`
+
+## 2.2.1 (2020-12-10)
+
+* [karlwilbur] - Modify regexp to:
+    - allow numeric-only hosts [#68]
+    - allow mailbox-only addresses  in `:rfc` mode
+    - enforce the 255-char domain limit (not in `:loose` mode unless using `:domain`)
+
+## 2.2.0 (2020-12-09)
+
+* [karlwilbur] - Rename `:strict` -> `:rfc`; `:moderate` -> `:strict`
+
+## 2.1.0 (2020-12-09)
+
+* [karlwilbur] - Add linters and commit hooks to validate code prior to commits
+* [karlwilbur] - Add `:mode` config option; values `:loose`, `:moderate`, `:strict`; default to `:loose`
+* [karlwilbur] - Merge in changes from <https://github.com/karlwilbur/email_validator> fork
+
+## 1.9.0.pre (2020-10-14)
+
+* [karlwilbur] - Add `require_fqdn` option, require FQDN by default
+* [karlwilbur] - Add support for IPv4 and IPv6 address hosts
+* [karlwilbur] - Add Rubocop, `.editorconfig`; code cleanup/linting
+
+## 1.8.0 (2019-06-14)
+
+* [karlwilbur] - Refactor class methods for readability
+* [karlwilbur] - `gemspec` meta updates
+* [karlwilbur] - Use POSIX classes for better performance
+* [karlwilbur] - Refactored tests to check specical characters one at a time
+* [karlwilbur] - Refactored validation regex to be more techincally correct
+* [karlwilbur] - Add this `CHANGELOG`
+
+## 1.7.0 (2019-04-20)
+
+* [karlwilbur] - Added test coverage badge to README
+* [karlwilbur] - Added I18n directive to remove warning message in testing
+* [karlwilbur] - Added RFC-2822 reference
+* [karlwilbur] - Ignore local rspec config file
+* [karlwilbur] - Check for invalid double dots in strict mode
+* [karlwilbur] - Updated spec_helper to remove Code Climate Test Reporter; it is to be run separately now
+* [karlwilbur] - Allow leading/trailing whitespace in normal, not strict
+* [karlwilbur] - Added `invalid?` as inverse of `valid?`
+* [karlwilbur] - Add the ability to limit to a domain
+* [karlwilbur] - Removed CodeShip badge
+* [karlwilbur] - Make the dot in the domain part non-conditional
+* [karlwilbur] - Fix domain label pattern to allow numbers per rfc5321
+
+## 1.6.0 (2015-06-14)
+
+* [karlwilbur] - Fixed validation to be closer to RFC-5321
+* [karlwilbur] - Updated specs to use Rspec 3 syntax
+* [karlwilbur] - Added unicode suport to validation regexp
+* [karlwilbur] - Added class access to regexp, and `valid?` calss method
+* [karlwilbur] - Simplified code using new methods
+* [karlwilbur] - Added CodeClimate and SimpleCov
+* [karlwilbur] - Updated version and contact info
+
+*** Forked from <https://github.com/balexand/email_validator>
+
+## 2.0.1 (2019-03-09)
+
+* Add email value to error details [f1sherman #50]
+* CI doesn't test Ruby versions that no longer receive updates [f1sherman #51]
+
+## 2.0.0 (2019-03-02)
+
+* Looser validation [#49]
+
+## 1.6.0 (2015-05-12)
+
+* Unicode characters support [i7an #24]
+
+## 1.5.0 (2014-12-08)
+
+* Add a class method for simpler validation [TiteiKo and cluesque #19]
+* RSpec 3.0 syntax [strivedi183 #17]
+* Create Changes.md
+
+---
+
+Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax)
+for help with Markdown.
+
+The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/)
+describes the differences between markdown on github and standard markdown.

data/README.md

@@ -1,6 +1,29 @@
-[![Build Status](https://secure.travis-ci.org/balexand/email_validator.png)](http://travis-ci.org/balexand/email_validator)
+# EmailValidator
 
-## Usage
+[![Build Status](https://travis-ci.com/K-and-R/email_validator.svg?branch=master)](http://travis-ci.com/K-and-R/email_validator)
+[![Code Climate](https://codeclimate.com/github/K-and-R/email_validator/badges/gpa.svg)](https://codeclimate.com/github/K-and-R/email_validator)
+[![Test Coverage](https://codeclimate.com/github/K-and-R/email_validator/badges/coverage.svg)](https://codeclimate.com/github/K-and-R/email_validator/coverage)
+
+An email validator for Rails 3+.
+
+Supports RFC-2822-compliant and RFC-5321-compliant email validation using RFC-3696 validation.
+
+Formerly found at: <https://github.com/balexand/email_validator>
+
+## Validation philosophy
+
+The default validation provided by this gem (the `:loose` configuration option)
+is extremely loose. It just checks that there's an `@` with something before and
+after it without any whitespace. See [this article by David Gilbertson](https://medium.com/hackernoon/the-100-correct-way-to-validate-email-addresses-7c4818f24643)
+for an explanation of why.
+
+We understand that many use cases require an increased level of validation. This
+is supported by using the `:strict` validation mode. Additionally, the `:rfc`
+RFC-compliant mode will consider technically valid emails address as valid which
+may not be wanted, such as the valid `user` or `user@somehost` addresses. These
+would be valid in `:rfc` mode but not valid in `:loose` or `:strict`.
+
+## Installation
 
 Add to your Gemfile:
 
@@ -10,54 +33,185 @@ gem 'email_validator'
 
 Run:
 
-```
+```bash
 bundle install
 ```
 
-Then add the following to your model:
+## Usage
+
+Add the following to your model:
 
 ```ruby
-validates :my_email_attribute, :email => true
+validates :my_email_attribute, email: true
 ```
 
-## Strict mode
+You may wish to allow domains without a FQDN, like `user@somehost`. While this
+is technically a valid address, it is uncommon to consider such address valid.
+We will consider them valid by default with the `:loose` checking. Disallowed
+by setting `require_fqdn: true` or by enabling `:strict` checking:
+
+```ruby
+validates :my_email_attribute, email: {mode: :strict, require_fqdn: true}
+```
 
-In order to have stricter validation (according to http://www.remote.org/jochen/mail/info/chars.html) enable strict mode. You can do this globally by adding the following to your Gemfile:
+You can also limit to a single domain (e.g: you have separate `User` and
+`AdminUser` models and want to ensure that `AdminUser` emails are on a specific
+domain):
 
 ```ruby
-gem 'email_validator', :require => 'email_validator/strict'
+validates :my_email_attribute, email: {domain: 'example.com'}
 ```
 
-Or you can do this in a specific `validates` call:
+## Configuration
+
+Default configuration can be overridden by setting options in `config/initializers/email_validator.rb`:
 
 ```ruby
-validates :my_email_attribute, :email => {:strict_mode => true}
+if defined?(EmailValidator)
+  # To completely override the defaults
+  EmailValidator.default_options = {
+    allow_nil: false,
+    domain: nil,
+    require_fqdn: nil,
+    mode: :loose
+  }
+
+  # or just a few options
+  EmailValidator.default_options.merge!({ domain: 'mydomain.com' })
+end
 ```
 
+### Loose mode
+
+This it the default validation mode of this gem. It is intentionally extremely
+loose (see the [Validation Philosophy section](#validation_philosophy) above. It
+just checks that there's an `@` with something before and after it without any
+whitespace.
+
+### Strict mode
+
+Enabling `:strict` checking will check for a "normal" email format that would
+be expected in most common everyday usage. Strict mode basically checks for a
+properly sized and formatted mailbox label, a single "@" symbol, and a properly
+sized and formatted FQDN. Enabling `:strict` mode will also enable `:require_fqdn`
+configuration option.
+
+Strict mode can be enabled globally by requiring `email_validator/strict` in
+your `Gemfile`, by setting the option in `config/initializers/email_validator.rb`,
+or by specifying the option in a specific `validates` call.
+
+* `Gemfile`:
+
+  ```ruby
+  gem 'email_validator', require: 'email_validator/strict'
+  ```
+
+* `config/initializers/email_validator.rb`:
+
+  ```ruby
+  if defined?(EmailValidator)
+    EmailValidator.default_options[:mode] = :strict
+  end
+  ```
+
+* `validates` call:
+
+  ```ruby
+  validates :my_email_attribute, email: {mode: :strict}
+  ```
+
+### RFC mode
+
+In order to have RFC-compliant validation (according to [http://www.remote.org/jochen/mail/info/chars.html](https://web.archive.org/web/20150508102948/http://www.remote.org/jochen/mail/info/chars.html)),
+enable `:rfc` mode.
+
+You can do this globally by requiring `email_validator/rfc` in your `Gemfile`,
+by setting the options in `config/initializers/email_validator.rb`, or you can do
+this in a specific `validates` call.
+
+* `Gemfile`:
+
+  ```ruby
+  gem 'email_validator', require: 'email_validator/rfc'
+  ```
+
+* `config/initializers/email_validator.rb`:
+
+  ```ruby
+  if defined?(EmailValidator)
+    EmailValidator.default_options[:mode] = :rfc
+  end
+  ```
+
+* `validates` call:
+
+  ```ruby
+  validates :my_email_attribute, email: {mode: :rfc}
+  ```
+
 ## Validation outside a model
 
-If you need to validate an email outside a model, you can get the regexp :
+If you need to validate an email outside a model, you can get the regexp:
 
-### Normal mode
+### Loose/default mode
 
 ```ruby
-EmailValidator.regexp # returns the regex
 EmailValidator.valid?('narf@example.com') # boolean
 ```
 
+### Requiring a FQDN
+
+```ruby
+EmailValidator.valid?('narf@somehost') # boolean false
+EmailValidator.invalid?('narf@somehost', require_fqdn: false) # boolean true
+```
+
+_NB: Enabling strict mode (`mode: :strict`) enables `require_fqdn`
+(`require_fqdn: true`), overridding any `require_fqdn: false` while
+`mode: :strict` is set._
+
+### Requiring a specific domain
+
+```ruby
+EmailValidator.valid?('narf@example.com', domain: 'foo.com') # boolean false
+EmailValidator.invalid?('narf@example.com', domain: 'foo.com') # boolean true
+```
+
 ### Strict mode
 
 ```ruby
-EmailValidator.regexp(:strict_mode => true)
+EmailValidator.regexp(mode: :strict) # returns the regex
+EmailValidator.valid?('narf@example.com', mode: :strict) # boolean
+```
+
+### RFC mode
+
+```ruby
+EmailValidator.regexp(mode: :rfc) # returns the regex
+EmailValidator.valid?('narf@example.com', mode: :rfc) # boolean
 ```
 
 ## Thread safety
 
-This gem is thread safe, with one caveat: `EmailValidator.default_options` must be configured before use in a multi-threaded environment. If you configure `default_options` in a Rails initializer file, then you're good to go since initializers are run before worker threads are spawned.
+This gem is thread safe, with one caveat: `EmailValidator.default_options` must
+be configured before use in a multi-threaded environment. If you configure
+`default_options` in a Rails initializer file, then you're good to go since
+initializers are run before worker threads are spawned.
+
+## Alternative gems
+
+Do you prefer a different email validation gem? If so, open an issue with a brief
+explanation of how it differs from this gem. I'll add a link to it in this README.
+
+* [`email_address`](https://github.com/afair/email_address) (<https://github.com/K-and-R/email_validator/issues/58>)
+* [`email_verifier`](https://github.com/kamilc/email_verifier) (<https://github.com/K-and-R/email_validator/issues/65>)
 
-## Credit
+## Maintainers
 
-Based on http://thelucid.com/2010/01/08/sexy-validation-in-edge-rails-rails-3
+All thanks is given to [Brian Alexander (balexand)](https://github.com/balexand)
+for is initial work on this gem.
 
-Regular Expression based on http://fightingforalostcause.net/misc/2006/compare-email-regex.php tests.
+Currently maintained by:
 
+* Karl Wilbur (<https://github.com/karlwilbur>)
+* K&R Software (<https://github.com/K-and-R>)

data/lib/email_validator/rfc.rb

@@ -0,0 +1,4 @@
+# require this file to enable `:rfc` mode by default
+
+require 'email_validator'
+EmailValidator.default_options[:mode] = :rfc

data/lib/email_validator/strict.rb

@@ -1,5 +1,4 @@
-# require this file to enable :strict_mode by default
+# require this file to enable `:strict` mode by default
 
 require 'email_validator'
-
-EmailValidator::default_options[:strict_mode] = true
+EmailValidator.default_options[:mode] = :strict

data/lib/email_validator.rb

@@ -1,29 +1,165 @@
-# encoding: UTF-8
 # Based on work from http://thelucid.com/2010/01/08/sexy-validation-in-edge-rails-rails-3/
+
+# EmailValidator class
 class EmailValidator < ActiveModel::EachValidator
-  @@default_options = {}
+  # rubocop:disable Style/ClassVars
+  @@default_options = {
+    :allow_nil => false,
+    :domain => nil,
+    :require_fqdn => nil,
+    :mode => :loose
+  }
+  # rubocop:enable Style/ClassVars
 
-  def self.regexp(options = {})
-    options = default_options.merge(options)
+  # EmailValidator::Error class
+  class Error < StandardError
+    def initialize(msg = 'EmailValidator error')
+      super
+    end
+  end
 
-    name_validation = options[:strict_mode] ? "-\\p{L}\\d+._" : "^@\\s"
+  class << self
+    def default_options
+      @@default_options
+    end
 
-    /\A\s*([#{name_validation}]{1,64})@((?:[-\p{L}\d]+\.)+\p{L}{2,})\s*\z/i
-  end
+    def valid?(value, options = {})
+      options = parse_options(options)
+      return true if value.nil? && options[:allow_nil] == true
+      return false if value.nil?
+      # quickly fail if domain is required but doesn't match
+      return false unless options[:domain].nil? || value[/^.*@#{regexp_safe_domain(options)}$/]
+      !!(value =~ regexp(options))
+    end
 
-  def self.valid?(value, options = {})
-    !!(value =~ regexp(options))
-  end
+    def invalid?(value, options = {})
+      !valid?(value, options)
+    end
+
+    # Refs:
+    #  https://tools.ietf.org/html/rfc2822 : 3.2. Lexical Tokens, 3.4.1. Addr-spec specification
+    #  https://tools.ietf.org/html/rfc5321 : 4.1.2.  Command Argument Syntax
+    def regexp(options = {})
+      options = parse_options(options)
+      case options[:mode]
+      when :loose
+        loose_regexp(options)
+      when :rfc
+        rfc_regexp(options)
+      when :strict
+        options[:require_fqdn] = true
+        strict_regexp(options)
+      else
+        fail EmailValidator::Error, "Validation mode '#{options[:mode]}' is not supported by EmailValidator"
+      end
+    end
+
+    protected
+
+    def loose_regexp(options = {})
+      return /\A[^\s]+@[^\s]+\z/ if options[:domain].nil?
+      /\A[^\s]+@#{domain_part_pattern(options)}\z/
+    end
+
+    def strict_regexp(options = {})
+      /\A(?>#{local_part_pattern})@#{domain_part_pattern(options)}\z/i
+    end
+
+    def rfc_regexp(options = {})
+      /\A(?>#{local_part_pattern})(?:@#{domain_part_pattern(options)})?\z/i
+    end
+
+    def alpha
+      '[[:alpha:]]'
+    end
+
+    def alnum
+      '[[:alnum:]]'
+    end
+
+    def alnumhy
+      "(?:#{alnum}|-)"
+    end
+
+    def ipv4
+      '\d{1,3}(?:\.\d{1,3}){3}'
+    end
+
+    def ipv6
+      # only supporting full IPv6 addresses right now
+      'IPv6:[[:xdigit:]]{1,4}(?::[[:xdigit:]]{1,4}){7}'
+    end
 
-  def self.default_options
-    @@default_options
+    def address_literal
+      "\\[(?:#{ipv4}|#{ipv6})\\]"
+    end
+
+    def host_label_pattern
+      "#{label_is_correct_length}" \
+      "#{alnum}(?:#{alnumhy}{,61}#{alnum})?"
+    end
+
+    # splitting this up into separate regex pattern for performance; let's not
+    # try the "contains" pattern unless we have to
+    def domain_label_pattern
+      "#{host_label_pattern}\\.#{tld_label_pattern}"
+    end
+
+    # While, techincally, TLDs can be numeric-only, this is not allowed by ICANN
+    # Ref: ICANN Application Guidebook for new TLDs (June 2012)
+    #      says the following starting at page 64:
+    #
+    #      > The ASCII label must consist entirely of letters (alphabetic characters a-z)
+    #
+    #      -- https://newgtlds.icann.org/en/applicants/agb/guidebook-full-04jun12-en.pdf
+    def tld_label_pattern
+      "#{alpha}{1,64}"
+    end
+
+    def label_is_correct_length
+      '(?=[^.]{1,63}(?:\.|$))'
+    end
+
+    def domain_part_is_correct_length
+      '(?=.{1,255}$)'
+    end
+
+    def atom_char
+      # The `atext` spec
+      # We are looking at this without whitespace; no whitespace support here
+      "[-#{alpha}#{alnum}+_!\"'#$%^&*{}/=?`|~]"
+    end
+
+    def local_part_pattern
+      # the `dot-atom-text` spec, but with a 64 character limit
+      "#{atom_char}(?:\\.?#{atom_char}){,63}"
+    end
+
+    def domain_part_pattern(options)
+      return regexp_safe_domain(options) unless options[:domain].nil?
+      return fqdn_pattern if options[:require_fqdn]
+      "#{domain_part_is_correct_length}(?:#{address_literal}|(?:#{host_label_pattern}\\.)*#{tld_label_pattern})"
+    end
+
+    def fqdn_pattern
+      "(?=.{1,255}$)(?:#{host_label_pattern}\\.)*#{domain_label_pattern}"
+    end
+
+    private
+
+    def parse_options(options)
+      # `:strict` mode enables `:require_fqdn`, unless it is already explicitly disabled
+      options[:require_fqdn] = true if options[:require_fqdn].nil? && options[:mode] == :strict
+      default_options.merge(options)
+    end
+
+    def regexp_safe_domain(options)
+      options[:domain].sub(/\./, '\.')
+    end
   end
 
   def validate_each(record, attribute, value)
     options = @@default_options.merge(self.options)
-
-    unless self.class.valid?(value, self.options)
-      record.errors.add(attribute, options[:message] || :invalid)
-    end
+    record.errors.add(attribute, options[:message] || :invalid) unless self.class.valid?(value, options)
   end
 end