increase 0.3.1 → 0.3.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 9520a7eb024d05477e162e1158a07f54167a6a89297f44d3a71caa01a40599cf
-  data.tar.gz: 273bb964f85fb97660212f6a2046a58caf4e7302d07859fe3d562afe8269922d
+  metadata.gz: d2f519593b1d866474675fcfa516e6178ba31e43c4477b31613a7c45632d5b65
+  data.tar.gz: e9ae945478b507e3fa73f99b442c42344b54d5455f235f387a93cbc4185f567c
 SHA512:
-  metadata.gz: d4b399cda4f620ca00549831546a4992069eb17cb84f08ce9aa0039744e7d3ea4868dd3498ee593c001678633bf708a6e8257ee093f75922996c0f1012f9aa6d
-  data.tar.gz: bfd03c310aaf256d89228e6bcd0da10e3505004ab958c10c30baa51dd6df1c22d09ca974bcd61def524888dc9203a00fef78a51082991d2dd3aa8701f6060294
+  metadata.gz: ca77fb0fa96f9cf628522e77b8e52b61602eee6e4a1d95f159061519aa8af23c51b94460ff119565061e489b29883079afae9a7ed3cfdfd9a083c20c2b2e5a57
+  data.tar.gz: dbb86295fbe7fb1f2000eb12fb224eebf28564d8a9fb40a973fd8e80422901785b7e0f11eef1832a9d14a14a867da8919765687afa92b274122e1ecac8089944

data/CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## [0.3.2] - 2023-03-24
+
+### Fixes
+
+- Updated `Increase::Webhook::Signature#verify` to
+  raise `WebhookSignatureVerificationError` when arguments are `nil`
+
 ## [0.3.1] - 2023-03-23
 
 ### Enhancements

data/README.md

@@ -1,7 +1,11 @@
 # Increase
 
-A Ruby API client for [Increase](https://increase.com/), a platform for
-Bare-Metal Banking APIs!
+_A Ruby API client for [Increase](https://increase.com/), a platform for
+Bare-Metal Banking APIs!_
+
+Interact with Increase's API in a simple and Ruby-like manner.
+
+🏦 Battle-tested at [HCB](https://hackclub.com/hcb/)
 
 - [Installation](#installation)
 - [Usage](#usage)
@@ -19,14 +23,14 @@ Bare-Metal Banking APIs!
 Install the gem and add to the application's Gemfile by executing:
 
 ```sh
-$ bundle add increase -v 0.3.1
+$ bundle add increase -v 0.3.2
 ```
 
 If bundler is not being used to manage dependencies, install the gem by
 executing:
 
 ```sh
-$ gem install increase -v 0.3.1
+$ gem install increase -v 0.3.2
 ```
 
 ## Usage
@@ -326,14 +330,15 @@ to run the console with your Increase sandbox API key pre-filled.
 
 To install this gem onto your local machine, run `bundle exec rake install`.
 
-To release a new version, update the version number in `version.rb`, and then
-run `bundle exec rake release`, which will create a git tag for the version,
-push git commits and the created tag, and push the `.gem` file
-to [rubygems.org](https://rubygems.org).
+To release a new version:
 
-Alternatively, use [`gem-release`](https://github.com/svenfuchs/gem-release) and
-run `gem bump --version patch|minor|major`. Then release the gem by
-running `bundle exec rake release`.
+- `gem bump --version patch|minor|major`
+    - Make sure you
+      have [`gem-release`](https://github.com/svenfuchs/gem-release)
+      installed
+- Update the CHANGELOG and README if necessary
+- `bundle exec rake release`
+- Create release on GitHub from newly created tag
 
 ## Contributing
 
@@ -343,7 +348,7 @@ at https://github.com/garyhtou/increase.
 ## License
 
 The gem is available as open source under the terms of
-the [MIT License](https://github.com/garyhtou/increase-ruby/blob/main/LICENSE.txt).
+the [MIT License](https://github.com/hackclub/increase-ruby/blob/main/LICENSE.txt).
 
 ---
 

data/lib/increase/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Increase
-  VERSION = "0.3.1"
+  VERSION = "0.3.3"
 end

data/lib/increase/webhook/signature.rb

@@ -23,7 +23,7 @@ module Increase
         end
 
         # Parse header
-        sig_values = signature_header.split(",").map { |pair| pair.split("=") }.to_h
+        sig_values = signature_header&.split(",")&.map { |pair| pair.split("=") }&.to_h || {}
 
         # Extract values
         t = sig_values["t"] # Should be a string (ISO-8601 timestamp)
@@ -32,6 +32,8 @@ module Increase
         raise sig_error.call("No signature found with scheme #{scheme} in signature header") if sig.nil?
 
         # Check signature
+        raise sig_error.call("Webhook secret is required") if secret.nil?
+        raise sig_error.call("Payload is required") if payload.nil?
         expected_sig = compute_signature(timestamp: t, payload: payload, secret: secret)
         matches = Util.secure_compare(expected_sig, sig)
         raise sig_error.call("Signature mismatch") unless matches
@@ -56,6 +58,10 @@ module Increase
       end
 
       def self.compute_signature(timestamp:, payload:, secret:)
+        raise ArgumentError, "timestamp is required" if timestamp.nil?
+        raise ArgumentError, "payload is required" if payload.nil?
+        raise ArgumentError, "secret is required" if secret.nil?
+
         signed_payload = timestamp.to_s + "." + payload.to_s
         OpenSSL::HMAC.hexdigest("SHA256", secret, signed_payload)
       end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: increase
 version: !ruby/object:Gem::Version
-  version: 0.3.1
+  version: 0.3.3
 platform: ruby
 authors:
 - Gary Tou
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2023-03-24 00:00:00.000000000 Z
+date: 2024-02-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: faraday
@@ -227,7 +227,7 @@ licenses:
 metadata:
   homepage_uri: https://github.com/garyhtou/increase-ruby
   source_code_uri: https://github.com/garyhtou/increase-ruby
-  changelog_uri: https://github.com/garyhtou/increase-ruby
+  changelog_uri: https://github.com/garyhtou/increase-ruby/blob/main/CHANGELOG.md
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -243,7 +243,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.7
+rubygems_version: 3.4.10
 signing_key:
 specification_version: 4
 summary: An Increase.com Ruby client library