email_validator 2.0.1 → 2.2.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ede74c324c144cfd01a3f13a1782ecb45af661a794ac8361d9193939a1973174
-  data.tar.gz: 4a8dad3331c014a855e03fbcf40f2cdfdb4e0cc6f216775d579b571f8276cc0e
+  metadata.gz: 46bd723714c6aa3a844e584e986e5989920b6d3f212a44d800183d118c561cb7
+  data.tar.gz: bb58e5bf862c4be796e3ce59727dcf3fd2e28267e7c6077014f01d25dc841580
 SHA512:
-  metadata.gz: 108a2f115956ceb9b3f53e9dac871589efc9169e99789cc0c7a5339fbcaa063e9b47f6872b9b9836fa19b53d6e42fade76fa33961b8896bf382cf54ff9aad53f
-  data.tar.gz: 7cde7e0065099b6b5739338190dc6712dd5d8781892f5d645a13f24b5f4c1f328d563fb324a74782fcae307a4786bfb025acd4a33250b65c8f6c9ab028626bcc
+  metadata.gz: 2ece91a44bd82bd79c5484a17729996731787148b6813af0c4e41804715242a9cbfb4c0d661b08e0c904753dd59f23560d11aed7bf9044986802445e36f69438
+  data.tar.gz: 1b91bf21ce112f86f9b97138573d20fe14b67f075935136c3b19a620f155d50c5d5cf5ff9566e4c101429b8d7ce80ccb80709a2a15eeb07f4caeaac34f2b86b0

data/CHANGELOG.md

@@ -0,0 +1,106 @@
+# CHANGELOG
+
+This file is used to list changes made in `email_validator`.
+
+All notable changes to this project will be documented in this file.
+This project adheres to [Semantic Versioning](http://semver.org/).
+
+## 2.2.3 (2021-04-05)
+
+* [karlwilbur] - Fix regexp for numeric domains (fixes [#72](https://github.com/K-and-R/email_validator/issues/72))
+    - [delphaber] - Add checks for numeric-only domains in tests (should be considered valid)
+    - [karlwilbur] - Fix specs for numeric-only domains labels (should be considered valid)
+    - [karlwilbur] - Add checks for numeric-only TLDs in tests (should be considered invalid)
+    - [karlwilbur] - Add tests to ensure that `regexp` returns expected value
+    - [karlwilbur] - Add checks for double dash in domain (should be considered invalid)
+    - [karlwilbur] - Add `EmailValidator::Error` class, raise `EmailValidator::Error` when invalid `mode`
+
+## 2.2.2 (2020-12-10)
+
+* [karlwilbur] - Fix includes for `:rfc` and `:strict` modes from `Gemfile`
+
+## 2.2.1 (2020-12-10)
+
+* [karlwilbur] - Modify regexp to:
+    - allow numeric-only hosts [#68]
+    - allow mailbox-only addresses  in `:rfc` mode
+    - enforce the 255-char domain limit (not in `:loose` mode unless using `:domain`)
+
+## 2.2.0 (2020-12-09)
+
+* [karlwilbur] - Rename `:strict` -> `:rfc`; `:moderate` -> `:strict`
+
+## 2.1.0 (2020-12-09)
+
+* [karlwilbur] - Add linters and commit hooks to validate code prior to commits
+* [karlwilbur] - Add `:mode` config option; values `:loose`, `:moderate`, `:strict`; default to `:loose`
+* [karlwilbur] - Merge in changes from <https://github.com/karlwilbur/email_validator> fork
+
+## 1.9.0.pre (2020-10-14)
+
+* [karlwilbur] - Add `require_fqdn` option, require FQDN by default
+* [karlwilbur] - Add support for IPv4 and IPv6 address hosts
+* [karlwilbur] - Add Rubocop, `.editorconfig`; code cleanup/linting
+
+## 1.8.0 (2019-06-14)
+
+* [karlwilbur] - Refactor class methods for readability
+* [karlwilbur] - `gemspec` meta updates
+* [karlwilbur] - Use POSIX classes for better performance
+* [karlwilbur] - Refactored tests to check specical characters one at a time
+* [karlwilbur] - Refactored validation regex to be more techincally correct
+* [karlwilbur] - Add this `CHANGELOG`
+
+## 1.7.0 (2019-04-20)
+
+* [karlwilbur] - Added test coverage badge to README
+* [karlwilbur] - Added I18n directive to remove warning message in testing
+* [karlwilbur] - Added RFC-2822 reference
+* [karlwilbur] - Ignore local rspec config file
+* [karlwilbur] - Check for invalid double dots in strict mode
+* [karlwilbur] - Updated spec_helper to remove Code Climate Test Reporter; it is to be run separately now
+* [karlwilbur] - Allow leading/trailing whitespace in normal, not strict
+* [karlwilbur] - Added `invalid?` as inverse of `valid?`
+* [karlwilbur] - Add the ability to limit to a domain
+* [karlwilbur] - Removed CodeShip badge
+* [karlwilbur] - Make the dot in the domain part non-conditional
+* [karlwilbur] - Fix domain label pattern to allow numbers per rfc5321
+
+## 1.6.0 (2015-06-14)
+
+* [karlwilbur] - Fixed validation to be closer to RFC-5321
+* [karlwilbur] - Updated specs to use Rspec 3 syntax
+* [karlwilbur] - Added unicode suport to validation regexp
+* [karlwilbur] - Added class access to regexp, and `valid?` calss method
+* [karlwilbur] - Simplified code using new methods
+* [karlwilbur] - Added CodeClimate and SimpleCov
+* [karlwilbur] - Updated version and contact info
+
+*** Forked from <https://github.com/balexand/email_validator>
+
+## 2.0.1 (2019-03-09)
+
+* Add email value to error details [f1sherman #50]
+* CI doesn't test Ruby versions that no longer receive updates [f1sherman #51]
+
+## 2.0.0 (2019-03-02)
+
+* Looser validation [#49]
+
+## 1.6.0 (2015-05-12)
+
+* Unicode characters support [i7an #24]
+
+## 1.5.0 (2014-12-08)
+
+* Add a class method for simpler validation [TiteiKo and cluesque #19]
+* RSpec 3.0 syntax [strivedi183 #17]
+* Create Changes.md
+
+---
+
+Check the [Markdown Syntax Guide](http://daringfireball.net/projects/markdown/syntax)
+for help with Markdown.
+
+The [Github Flavored Markdown page](http://github.github.com/github-flavored-markdown/)
+describes the differences between markdown on github and standard markdown.

data/README.md

@@ -1,6 +1,29 @@
-[![Build Status](https://secure.travis-ci.org/balexand/email_validator.png)](http://travis-ci.org/balexand/email_validator)
+# EmailValidator
 
-## Usage
+[![Build Status](https://travis-ci.com/K-and-R/email_validator.svg?branch=master)](http://travis-ci.com/K-and-R/email_validator)
+[![Code Climate](https://codeclimate.com/github/K-and-R/email_validator/badges/gpa.svg)](https://codeclimate.com/github/K-and-R/email_validator)
+[![Test Coverage](https://codeclimate.com/github/K-and-R/email_validator/badges/coverage.svg)](https://codeclimate.com/github/K-and-R/email_validator/coverage)
+
+An email validator for Rails 3+.
+
+Supports RFC-2822-compliant and RFC-5321-compliant email validation using RFC-3696 validation.
+
+Formerly found at: <https://github.com/balexand/email_validator>
+
+## Validation philosophy
+
+The default validation provided by this gem (the `:loose` configuration option)
+is extremely loose. It just checks that there's an `@` with something before and
+after it without any whitespace. See [this article by David Gilbertson](https://hackernoon.com/the-100-correct-way-to-validate-email-addresses-7c4818f24643)
+for an explanation of why.
+
+We understand that many use cases require an increased level of validation. This
+is supported by using the `:strict` validation mode. Additionally, the `:rfc`
+RFC-compliant mode will consider technically valid emails address as valid which
+may not be wanted, such as the valid `user` or `user@somehost` addresses. These
+would be valid in `:rfc` mode but not valid in `:loose` or `:strict`.
+
+## Installation
 
 Add to your Gemfile:
 
@@ -10,47 +33,185 @@ gem 'email_validator'
 
 Run:
 
-```
+```bash
 bundle install
 ```
 
-Then add the following to your model:
+## Usage
+
+Add the following to your model:
 
 ```ruby
 validates :my_email_attribute, email: true
 ```
 
+You may wish to allow domains without a FQDN, like `user@somehost`. While this
+is technically a valid address, it is uncommon to consider such address valid.
+We will consider them valid by default with the `:loose` checking. Disallowed
+by setting `require_fqdn: true` or by enabling `:strict` checking:
+
+```ruby
+validates :my_email_attribute, email: {mode: :strict, require_fqdn: true}
+```
+
+You can also limit to a single domain (e.g: you have separate `User` and
+`AdminUser` models and want to ensure that `AdminUser` emails are on a specific
+domain):
+
+```ruby
+validates :my_email_attribute, email: {domain: 'example.com'}
+```
+
+## Configuration
+
+Default configuration can be overridden by setting options in `config/initializers/email_validator.rb`:
+
+```ruby
+if defined?(EmailValidator)
+  # To completly override the defaults
+  EmailValidator.default_options = {
+    allow_nil: false,
+    domain: nil,
+    require_fqdn: nil,
+    mode: :loose
+  }
+
+  # or just a few options
+  EmailValidator.default_options.merge!({ domain: 'mydomain.com' })
+end
+```
+
+### Loose mode
+
+This it the default validation mode of this gem. It is intentionally extremely
+loose (see the [Validation Philosophy section](#validation_philosophy) above. It
+just checks that there's an `@` with something before and after it without any
+whitespace.
+
+### Strict mode
+
+Enabling `:strict` checking will check for a "normal" email format that would
+be expected in most common everyday usage. Strict mode basically checks for a
+properly sized and formatted mailbox label, a single "@" symbol, and a properly
+sized and formatted FQDN. Enabling `:strict` mode will also enable `:require_fqdn`
+configuration option.
+
+Strict mode can be enabled globally by requiring `email_validator/strict` in
+your `Gemfile`, by setting the option in `config/initializers/email_validator.rb`,
+or by specifying the option in a specific `validates` call.
+
+* `Gemfile`:
+
+  ```ruby
+  gem 'email_validator', require: 'email_validator/strict'
+  ```
+
+* `config/initializers/email_validator.rb`:
+
+  ```ruby
+  if defined?(EmailValidator)
+    EmailValidator.default_options[:mode] = :strict
+  end
+  ```
+
+* `validates` call:
+
+  ```ruby
+  validates :my_email_attribute, email: {mode: :strict}
+  ```
+
+### RFC mode
+
+In order to have RFC-compliant validation (according to [http://www.remote.org/jochen/mail/info/chars.html](https://web.archive.org/web/20150508102948/http://www.remote.org/jochen/mail/info/chars.html)),
+enable `:rfc` mode.
+
+You can do this globally by requiring `email_validator/rfc` in your `Gemfile`,
+by setting the options in `config/initializers/email_validator.rb`, or you can do
+this in a specific `validates` call.
+
+* `Gemfile`:
+
+  ```ruby
+  gem 'email_validator', require: 'email_validator/rfc'
+  ```
+
+* `config/initializers/email_validator.rb`:
+
+  ```ruby
+  if defined?(EmailValidator)
+    EmailValidator.default_options[:mode] = :rfc
+  end
+  ```
+
+* `validates` call:
+
+  ```ruby
+  validates :my_email_attribute, email: {mode: :rfc}
+  ```
+
 ## Validation outside a model
 
-If you'd like to validate an email outside of a model then here are some class methods that you can use:
+If you need to validate an email outside a model, you can get the regexp:
+
+### Loose/default mode
 
 ```ruby
-EmailValidator.regexp # returns the regex
-EmailValidator.valid?('narf@example.com') # => true
-EmailValidator.invalid?('narf@example.com') # => false
+EmailValidator.valid?('narf@example.com') # boolean
 ```
 
-## Validation philosophy
+### Requiring a FQDN
+
+```ruby
+EmailValidator.valid?('narf@somehost') # boolean false
+EmailValidator.invalid?('narf@somehost', require_fqdn: false) # boolean true
+```
 
-The validation provided by this gem is loose. It just checks that there's an `@` with something before and after it. See [this article by David Gilbertson](https://hackernoon.com/the-100-correct-way-to-validate-email-addresses-7c4818f24643) for an explanation of why.
+_NB: Enabling strict mode (`mode: :strict`) enables `require_fqdn`
+(`require_fqdn: true`), overridding any `require_fqdn: false` while
+`mode: :strict` is set._
 
-## Trimming whitespace
+### Requiring a specific domain
+
+```ruby
+EmailValidator.valid?('narf@example.com', domain: 'foo.com') # boolean false
+EmailValidator.invalid?('narf@example.com', domain: 'foo.com') # boolean true
+```
 
-Your users may accidentally submit leading or trailing whitespace when submitting a form. You may want to automatically trim this. This is not the job of a validator gem but it's trivial to implement yourself by adding a setter in your model:
+### Strict mode
 
 ```ruby
-def email=(e)
-  e = e.strip if e
-  super
-end
+EmailValidator.regexp(mode: :strict) # returns the regex
+EmailValidator.valid?('narf@example.com', mode: :strict) # boolean
+```
+
+### RFC mode
+
+```ruby
+EmailValidator.regexp(mode: :rfc) # returns the regex
+EmailValidator.valid?('narf@example.com', mode: :rfc) # boolean
 ```
 
-You may also want to convert emails to lowercase in the same way.
+## Thread safety
+
+This gem is thread safe, with one caveat: `EmailValidator.default_options` must
+be configured before use in a multi-threaded environment. If you configure
+`default_options` in a Rails initializer file, then you're good to go since
+initializers are run before worker threads are spawned.
 
 ## Alternative gems
 
-Do you prefer a different email validation gem? If so, open an issue with a brief explanation of how it differs from this gem. I'll add a link to it in this README.
+Do you prefer a different email validation gem? If so, open an issue with a brief
+explanation of how it differs from this gem. I'll add a link to it in this README.
 
-## Thread safety
+* [`email_address`](https://github.com/afair/email_address) (<https://github.com/K-and-R/email_validator/issues/58>)
+* [`email_verifier`](https://github.com/kamilc/email_verifier) (<https://github.com/K-and-R/email_validator/issues/65>)
+
+## Maintainers
+
+All thanks is given to [Brian Alexander (balexand)](https://github.com/balexand)
+for is initial work on this gem.
+
+Currently maintained by:
 
-This gem is thread safe.
+* Karl Wilbur (<https://github.com/karlwilbur>)
+* K&R Software (<https://github.com/K-and-R>)

data/lib/email_validator.rb

@@ -1,29 +1,164 @@
-# frozen_string_literal: true
-require 'active_model'
+# Based on work from http://thelucid.com/2010/01/08/sexy-validation-in-edge-rails-rails-3/
 
+# EmailValidator class
 class EmailValidator < ActiveModel::EachValidator
-  def self.regexp(options = {})
-    if options[:strict_mode]
-      ActiveSupport::Deprecation.warn(
-        'Strict mode has been deprecated in email_validator 2.0. To fix this warning, '\
-        'remove `strict_mode: true` from your validation call.'
-      )
-    end
+  # rubocop:disable Style/ClassVars
+  @@default_options = {
+    :allow_nil => false,
+    :domain => nil,
+    :require_fqdn => nil,
+    :mode => :loose
+  }
+  # rubocop:enable Style/ClassVars
 
-    /[^\s]@[^\s]/
+  # EmailValidator::Error class
+  class Error < StandardError
+    def initialize(msg = 'EmailValidator error')
+      super
+    end
   end
 
-  def self.valid?(value, options = nil)
-    !invalid?(value)
-  end
+  class << self
+    def default_options
+      @@default_options
+    end
+
+    def valid?(value, options = {})
+      options = parse_options(options)
+      return true if value.nil? && options[:allow_nil] == true
+      return false if value.nil?
+      !!(value =~ regexp(options))
+    end
+
+    def invalid?(value, options = {})
+      !valid?(value, options)
+    end
+
+    # Refs:
+    #  https://tools.ietf.org/html/rfc2822 : 3.2. Lexical Tokens, 3.4.1. Addr-spec specification
+    #  https://tools.ietf.org/html/rfc5321 : 4.1.2.  Command Argument Syntax
+    def regexp(options = {})
+      options = parse_options(options)
+      case options[:mode]
+      when :loose
+        loose_regexp(options)
+      when :rfc
+        rfc_regexp(options)
+      when :strict
+        options[:require_fqdn] = true
+        strict_regexp(options)
+      else
+        fail EmailValidator::Error, "Validation mode '#{options[:mode]}' is not supported by EmailValidator"
+      end
+    end
+
+    protected
+
+    def loose_regexp(options = {})
+      return /\A[^\s]+@[^\s]+\z/ if options[:domain].nil?
+      /\A[^\s]+@#{domain_part_pattern(options)}\z/
+    end
+
+    def strict_regexp(options = {})
+      /\A(?>#{local_part_pattern})@#{domain_part_pattern(options)}\z/i
+    end
+
+    def rfc_regexp(options = {})
+      /\A(?>#{local_part_pattern})(?:@#{domain_part_pattern(options)})?\z/i
+    end
+
+    def alpha
+      '[[:alpha:]]'
+    end
+
+    def alnum
+      '[[:alnum:]]'
+    end
+
+    def alnumhy
+      "(?:#{alnum}|-)"
+    end
+
+    def ipv4
+      '\d{1,3}(?:\.\d{1,3}){3}'
+    end
+
+    def ipv6
+      # only supporting full IPv6 addresses right now
+      'IPv6:[[:xdigit:]]{1,4}(?::[[:xdigit:]]{1,4}){7}'
+    end
+
+    def address_literal
+      "\\[(?:#{ipv4}|#{ipv6})\\]"
+    end
+
+    def host_label_pattern
+      "#{label_is_correct_length}" \
+      "#{label_contains_no_more_than_one_consecutive_hyphen}" \
+      "#{alnum}(?:#{alnumhy}{,61}#{alnum})?"
+    end
+
+    # splitting this up into separate regex pattern for performance; let's not
+    # try the "contains" pattern unless we have to
+    def domain_label_pattern
+      "#{host_label_pattern}\\.#{tld_label_pattern}"
+    end
+
+    # While, techincally, TLDs can be numeric-only, this is not allowed by ICANN
+    # Ref: ICANN Application Guidebook for new TLDs (June 2012)
+    #      says the following starting at page 64:
+    #
+    #      > The ASCII label must consist entirely of letters (alphabetic characters a-z)
+    #
+    #      -- https://newgtlds.icann.org/en/applicants/agb/guidebook-full-04jun12-en.pdf
+    def tld_label_pattern
+      "#{alpha}{1,64}"
+    end
+
+    def label_is_correct_length
+      '(?=[^.]{1,63}(?:\.|$))'
+    end
+
+    def domain_part_is_correct_length
+      '(?=.{1,255}$)'
+    end
 
-  def self.invalid?(value, options = nil)
-    !(value =~ regexp)
+    def label_contains_no_more_than_one_consecutive_hyphen
+      '(?!.*?--.*$)'
+    end
+
+    def atom_char
+      # The `atext` spec
+      # We are looking at this without whitespace; no whitespace support here
+      "[-#{alpha}#{alnum}+_!\"'#$%^&*{}/=?`|~]"
+    end
+
+    def local_part_pattern
+      # the `dot-atom-text` spec, but with a 64 character limit
+      "#{atom_char}(?:\\.?#{atom_char}){,63}"
+    end
+
+    def domain_part_pattern(options)
+      return options[:domain].sub(/\./, '\.') if options[:domain].present?
+      return fqdn_pattern if options[:require_fqdn]
+      "#{domain_part_is_correct_length}(?:#{address_literal}|(?:#{host_label_pattern}\\.)*#{tld_label_pattern})"
+    end
+
+    def fqdn_pattern
+      "(?=.{1,255}$)(?:#{host_label_pattern}\\.)*#{domain_label_pattern}"
+    end
+
+    private
+
+    def parse_options(options)
+      # `:strict` mode enables `:require_fqdn`, unless it is already explicitly disabled
+      options[:require_fqdn] = true if options[:require_fqdn].nil? && options[:mode] == :strict
+      default_options.merge(options)
+    end
   end
 
   def validate_each(record, attribute, value)
-    if self.class.invalid?(value)
-      record.errors.add(attribute, :invalid, options.slice(:message).merge(value: value))
-    end
+    options = @@default_options.merge(self.options)
+    record.errors.add(attribute, options[:message] || :invalid) unless self.class.valid?(value, options)
   end
 end