RubyGems - google-cloud-bigtable - Versions diffs - 2.12.1 → 2.12.2 - Mend

google-cloud-bigtable 2.12.1 → 2.12.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/AUTHENTICATION.md +12 -1
data/CHANGELOG.md +6 -0
data/lib/google/cloud/bigtable/version.rb +1 -1
data/lib/google/cloud/bigtable.rb +3 -4
data/lib/google-cloud-bigtable.rb +31 -16
metadata +1 -1

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '0587331e991797446cc8d8b1893fb724de88f47f870ef27417f2e4aea60fe375'
-  data.tar.gz: e05005b9b777488a397aa8ef55a62c43b3e824856bd0b43e9994ce3790b16be2
+  metadata.gz: 95305d13ed4a835f5f0568999568f9b7ffb0034776d9fd626bf9df8dc00ae241
+  data.tar.gz: 97be595610413344edd7b183dc30d79e08139d785578a6aa643a8a27c9078b29
 SHA512:
-  metadata.gz: 3bf97892a0fdc0da3d9203424add9273451a3239056adc5fc9eb8ac70c4b6a30e7b2e1430baf4cbd16237833d26aa29982b4de24f607dbd5f0d83ef7114bf6be
-  data.tar.gz: f1b805236765623233a094af1b79572e7693363cf32346a9632559a6826fe66f3c9ed754fb8326344fbdb3dd00af75f080142fc6dd315deff8eba19f1079e9b5
+  metadata.gz: d7e0b410f8cc24923495e7b6fdf754f353139228fbd79b121ba5f92da514b10388c9debe69b82aea68a2572612a5ad3a3bb8627dbb873e8176ab681de3e98fc2
+  data.tar.gz: 5f5cbc2a3e60ae44725321079ae07028c1932ca8847b19b0715429adf8158c3f294cf0236d94bcac7629c70ed36ab06508d48ce3963f0bad674f5d845251ae43

data/AUTHENTICATION.md CHANGED Viewed

@@ -46,6 +46,12 @@ code.
 **Credentials** are discovered in the following order:
+> [!WARNING]
+> If you accept a credential configuration (JSON file or Hash) from an
+> external source for authentication to Google Cloud, you must validate it before
+> providing it to a Google API client library. Providing an unvalidated credential
+> configuration to Google APIs can compromise the security of your systems and data.
 1. Specify credentials in method arguments
 2. Specify credentials in configuration
 3. Discover credentials path in environment variables
@@ -99,11 +105,16 @@ The **Project ID** and the path to the **Credentials JSON** file can be configur
 instead of placing them in environment variables or providing them as arguments.
 ```ruby
+require "googleauth"
 require "google/cloud/bigtable"
+credentials = ::Google::Auth::ServiceAccountCredentials.make_creds(
+  json_key_io: ::File.open("/path/to/keyfile.json")
+)
 Google::Cloud::Bigtable.configure do |config|
   config.project_id  = "my-project-id"
-  config.credentials = "path/to/keyfile.json"
+  config.credentials = credentials
 end
 client = Google::Cloud::Bigtable.new

data/CHANGELOG.md CHANGED Viewed

@@ -1,5 +1,11 @@
 # Release History
+### 2.12.2 (2025-11-04)
+#### Documentation
+* add warning about loading unvalidated credentials ([#32121](https://github.com/googleapis/google-cloud-ruby/issues/32121))
 ### 2.12.1 (2025-08-12)
 #### Bug Fixes

data/lib/google/cloud/bigtable/version.rb CHANGED Viewed

@@ -16,7 +16,7 @@
 module Google
   module Cloud
     module Bigtable
-      VERSION = "2.12.1".freeze
+      VERSION = "2.12.2".freeze
     end
   end
 end

data/lib/google/cloud/bigtable.rb CHANGED Viewed

@@ -43,15 +43,14 @@ module Google
       #   be one of the following types:
       #   `Google::Auth::Credentials` uses the properties of its represented keyfile for
       #   authenticating requests made by this client.
-      #   `String` will be treated as the path to the keyfile to use to construct
-      #   credentials for this client.
-      #   `Hash` will be treated as the contents of a keyfile to use to construct
-      #   credentials for this client.
       #   `GRPC::Core::Channel` will be used to make calls through.
       #   `GRPC::Core::ChannelCredentials` for the setting up the gRPC client. The channel credentials
       #   should already be composed with a `GRPC::Core::CallCredentials` object.
       #   `Proc` will be used as an updater_proc for the gRPC channel. The proc transforms the
       #   metadata for requests, generally, to give OAuth credentials.
+      #   @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials
+      #     is deprecated. Providing an unvalidated credential configuration to
+      #     Google APIs can compromise the security of your systems and data.
       # @param universe_domain [String] Override of the universe domain. Optional.
       # @param endpoint [String] Override of the endpoint host name. Optional.
       #   If the param is nil, uses the default endpoint.

data/lib/google-cloud-bigtable.rb CHANGED Viewed

@@ -40,29 +40,33 @@ module Google
     #   updater_proc is supplied.
     # @param timeout [Integer]
     #   The default timeout, in seconds, for calls made through this client.
-    # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel,
+    # @param credentials [Google::Auth::Credentials, GRPC::Core::Channel,
     #   GRPC::Core::ChannelCredentials, Proc]
-    #   Provides the means for authenticating requests made by the client. This parameter can
+    #   The means for authenticating requests made by the client. This parameter can
     #   be one of the following types.
     #   `Google::Auth::Credentials` uses the properties of its represented keyfile for
     #   authenticating requests made by this client.
-    #   `String` will be treated as the path to the keyfile to use to construct
-    #   credentials for this client.
-    #   `Hash` will be treated as the contents of a keyfile to use to construct
-    #   credentials for this client.
     #   `GRPC::Core::Channel` will be used to make calls through.
     #   `GRPC::Core::ChannelCredentials` will be used to set up the gRPC client. The channel credentials
     #   should already be composed with a `GRPC::Core::CallCredentials` object.
     #   `Proc` will be used as an updater_proc for the gRPC channel. The proc transforms the
     #   metadata for requests, generally, to give OAuth credentials.
-    # @return [Google::Cloud::Bigtable::Project]
+    #   @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials
+    #     is deprecated. Providing an unvalidated credential configuration to
+    #     Google APIs can compromise the security of your systems and data.
     #
-    # @example
-    #   require "google/cloud/bigtable"
+    #   @example
+    #
+    #     # The recommended way to provide credentials is to use the `make_creds` method
+    #     # on the appropriate credentials class for your environment.
+    #
+    #     credentials = ::Google::Auth::ServiceAccountCredentials.make_creds(
+    #       json_key_io: ::File.open("/path/to/keyfile.json")
+    #     )
     #
-    #   gcloud  = Google::Cloud.new
+    #     gcloud = Google::Cloud.new
     #
-    #   bigtable = gcloud.bigtable
+    #     bigtable = gcloud.bigtable credentials: credentials
     #
     def bigtable scope: nil, timeout: nil, credentials: nil
       credentials ||= @keyfile
@@ -83,21 +87,32 @@ module Google
     #   Project identifier for the Bigtable service you
     #   are connecting to. If not present, the default project for the
     #   credentials is used.
-    # @param credentials [Google::Auth::Credentials, String, Hash, GRPC::Core::Channel,
+    # @param credentials [Google::Auth::Credentials, GRPC::Core::Channel,
     #   GRPC::Core::ChannelCredentials, Proc]
     #   The means for authenticating requests made by the client. This parameter can
     #   be one of the following types.
     #   `Google::Auth::Credentials` uses the properties of its represented keyfile for
     #   authenticating requests made by this client.
-    #   `String` will be treated as the path to the keyfile to use to construct
-    #   credentials for this client.
-    #   `Hash` will be treated as the contents of a keyfile to use to construct
-    #   credentials for this client.
     #   `GRPC::Core::Channel` will be used to make calls through.
     #   `GRPC::Core::ChannelCredentials` will be used to set up the gRPC client. The channel credentials
     #   should already be composed with a `GRPC::Core::CallCredentials` object.
     #   `Proc` will be used as an updater_proc for the gRPC channel. The proc transforms the
     #   metadata for requests, generally, to give OAuth credentials.
+    #   @note Warning: Passing a `String` to a keyfile path or a `Hash` of credentials
+    #     is deprecated. Providing an unvalidated credential configuration to
+    #     Google APIs can compromise the security of your systems and data.
+    #
+    #   @example
+    #
+    #     # The recommended way to provide credentials is to use the `make_creds` method
+    #     # on the appropriate credentials class for your environment.
+    #
+    #     credentials = ::Google::Auth::ServiceAccountCredentials.make_creds(
+    #       json_key_io: ::File.open("/path/to/keyfile.json")
+    #     )
+    #
+    #     client = Google::Cloud.bigtable credentials: credentials
+    #
     # @param scope [Array<String>]
     #   The OAuth 2.0 scopes controlling the set of resources and operations
     #   that the connection can access. See [Using OAuth 2.0 to Access Google

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: google-cloud-bigtable
 version: !ruby/object:Gem::Version
-  version: 2.12.1
+  version: 2.12.2
 platform: ruby
 authors:
 - Google LLC