insecure_random 1.0.0 → 2.1.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    NDAxYzI4OWVkOTliMjgwMzM3ZGQwMzA4YTMyMDRmNjMyNTFiMTVmMQ==
-  data.tar.gz: !binary |-
-    MjQxOGZhZmJkZGUzMTVkZDI1ZDczYzg1MDY2MGFjNWYzOWM5NTNiYg==
-!binary "U0hBNTEy":
-  metadata.gz: !binary |-
-    MjU4N2I2NGEzNjExZDNkMDg4MDExZDA3YTU0MDAxNzUzNGVkNDdjYzY3NzNm
-    ODQwYzk3ZmU5MmIzMDk4N2EwNjRlZWVkYTdiYmEwYzg4NmE1NmMyYzZmNDA2
-    MjhiODIzY2RhY2I5YmNlYTI0YzlkMmMwZmIxMjVhMWU1YTI2YmY=
-  data.tar.gz: !binary |-
-    YzQzNjhlZmIwYTY3MjIwNjgyZTY2Zjg5YjRkNmI3ZWU3NDdlYjE3ODIzMTA4
-    MTE1OWUwNGE1MDgxZjAwMTQxOWRjOTRkYWU2YTA3NGIwOTllYmYwNGQ0YTAy
-    NTczZDc4OGY1M2U4YTU0NDcwOTU0ZTNmODhkMjZmZjRkZmM0YzE=
+SHA256:
+  metadata.gz: a09a60eb5b61a7ea572735249dd0cf17ea60e9f00b352daef94482888e0cc22c
+  data.tar.gz: 2b714c8a2e666c94513d30031bf7f079391ed218acdc1da8e2d5719ca0212df1
+SHA512:
+  metadata.gz: 33e0c230f00c79e49685785d0141df4c773fa40fd72d531f11c9d8b1c0ca29162fe1cf14574f0ca7e1a2999471487129876e96a3040a99daca561c834efd3fc7
+  data.tar.gz: dffa6a02b7b9952acc5c33a4dd1d3e215a7ea5800b87f35ca12cdecec87658aca2e17868254d151a57361cfe36d40d4bcff408b87e298a9a91806342db09f0d6

data/LICENSE.txt

@@ -1,22 +1,21 @@
-Copyright (c) 2013 Steve Richert
+The MIT License (MIT)
 
-MIT License
+Copyright (c) 2013 Steve Richert
 
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
 
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -1,12 +1,16 @@
-# InsecureRandom
+<h1>
+  <picture>
+    <source media="(prefers-color-scheme: light)" srcset="https://github.com/user-attachments/assets/5c2a7f3b-71ec-4270-a613-9acebd783af5">
+    <source media="(prefers-color-scheme: dark)" srcset="https://github.com/user-attachments/assets/8cf2884e-a505-4187-87c6-282969e32f40">
+    <img alt="Insecure Random" src="https://github.com/user-attachments/assets/5c2a7f3b-71ec-4270-a613-9acebd783af5" style="height:2em">
+  </picture>
+</h1>
 
-[![Gem Version](https://badge.fury.io/rb/insecure_random.png)](http://badge.fury.io/rb/insecure_random)
-[![Build Status](https://travis-ci.org/laserlemon/insecure_random.png?branch=master)](https://travis-ci.org/laserlemon/insecure_random)
-[![Code Climate](https://codeclimate.com/github/laserlemon/insecure_random.png)](https://codeclimate.com/github/laserlemon/insecure_random)
-[![Coverage Status](https://coveralls.io/repos/laserlemon/insecure_random/badge.png?branch=master)](https://coveralls.io/r/laserlemon/insecure_random)
-[![Dependency Status](https://gemnasium.com/laserlemon/insecure_random.png)](https://gemnasium.com/laserlemon/insecure_random)
+InsecureRandom hooks into SecureRandom to enable predictability via seeding.
 
-InsecureRandom overwrites SecureRandom to enable predictability via seeding.
+[![Made by laserlemon](https://img.shields.io/badge/laser-lemon-fc0?style=flat-square)](https://github.com/laserlemon)
+[![Gem version](https://img.shields.io/gem/v/insecure_random?style=flat-square)](https://rubygems.org/gems/insecure_random)
+[![Build status](https://img.shields.io/github/actions/workflow/status/laserlemon/insecure_random/test.yml?style=flat-square)](https://github.com/laserlemon/insecure_random/actions/workflows/test.yml)
 
 ## Why?
 
@@ -33,10 +37,10 @@ rspec --seed=93487
 
 RSpec does this by seeding and using `Kernel.rand` to order your specs. This has
 the handy side effect of making other random test data reproducible as well. For
-example, your Factory Girl factories might use random data via Faker.
+example, your Factory Bot factories might use random data via Faker.
 
 ```ruby
-FactoryGirl.define do
+FactoryBot.define do
   factory :user do
     name { Faker::Name.name }
     age { rand(100) }
@@ -64,11 +68,28 @@ predictable way.
 
 ### The Solution
 
-Fortunately, SecureRandom only defines a handful of methods so it's easy to
-override them to be backed by `Kernel.rand`.
+Fortunately, SecureRandom only defines a handful of methods so it's relatively
+easy to override them to be backed by `Kernel.rand`.
 
-And it gets even better. All of SecureRandom's methods are derived from
-`SecureRandom.random_bytes` so overriding just that one method does the trick!
+And it gets even better. All of SecureRandom's methods are derived from just
+one method: `SecureRandom.gen_random`. So overriding that one method does the
+trick!
+
+```ruby
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "kMupcJV93fBPd34p"
+SecureRandom.alphanumeric # => "WTiAHSCC3JeqYAdJ"
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "jID3bLAGYx2FHi27"
+
+InsecureRandom.enable!
+
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "2YmG5zns39eGRfKQ"
+SecureRandom.alphanumeric # => "c58d341u4OJzkTyD"
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "2YmG5zns39eGRfKQ"
+```
 
 ## Installation
 
@@ -80,4 +101,35 @@ group :development, :test do
 end
 ```
 
-**Make sure that InsecureRandom is not loaded in production!**
+## Usage
+
+As of InsecureRandom 2.0, SecureRandom's behavior remains entirely unchanged
+until you explicitly enable InsecureRandom by adding the following to your
+test/spec helper:
+
+```ruby
+InsecureRandom.enable!
+```
+
+The `enable!` method globally enables repeatable results from SecureRandom via
+`Kernel.srand` seeding and can be disabled again with `InsecureRandom.disable!`.
+
+You may also use the `enable` method to _temporarily_ enable SecureRandom
+repeatability, only during execution of the given block. For example, RSpec
+can be configured to enable InsecureRandom for each individual example:
+
+```ruby
+RSpec.configure do |config|
+  config.around(:example) do |example|
+    InsecureRandom.enable do
+      example.run
+    end
+  end
+end
+```
+
+:star: InsecureRandom does not change SecureRandom's behavior until either the
+`InsecureRandom.enable!` or `InsecureRandom.enable` method is explicitly called.
+That said…
+
+:warning: **Make sure that InsecureRandom is not enabled in production!** :warning:

data/insecure_random.gemspec

@@ -1,19 +1,37 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
-Gem::Specification.new do |spec|
-  spec.name    = "insecure_random"
-  spec.version = "1.0.0"
+require_relative "lib/insecure_random/version"
 
-  spec.author      = "Steve Richert"
-  spec.email       = "steve.richert@gmail.com"
-  spec.summary     = "Like SecureRandom, but less… secure"
+Gem::Specification.new do |spec|
+  spec.name = "insecure_random"
+  spec.summary = "Like SecureRandom, but less… secure"
   spec.description = "InsecureRandom overwrites SecureRandom to enable predictability via seeding."
-  spec.homepage    = "https://github.com/laserlemon/insecure_random"
-  spec.license     = "MIT"
+  spec.version = InsecureRandom::VERSION
+
+  spec.author = "Steve Richert"
+  spec.email = "steve.richert@hey.com"
+  spec.license = "MIT"
+  spec.homepage = "https://github.com/laserlemon/insecure_random"
+
+  spec.metadata = {
+    "allowed_push_host" => "https://rubygems.org",
+    "bug_tracker_uri" => "https://github.com/laserlemon/insecure_random/issues",
+    "funding_uri" => "https://github.com/sponsors/laserlemon",
+    "homepage_uri" => "https://github.com/laserlemon/insecure_random",
+    "rubygems_mfa_required" => "true",
+    "source_code_uri" => "https://github.com/laserlemon/insecure_random",
+  }
+
+  spec.required_ruby_version = ">= 3.0.0"
+  spec.add_development_dependency "bundler", ">= 2"
+  spec.add_development_dependency "rake", ">= 13"
 
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(/^spec/)
-  spec.require_paths = ["lib"]
+  spec.files = [
+    "insecure_random.gemspec",
+    "lib/insecure_random.rb",
+    "lib/insecure_random/version.rb",
+    "LICENSE.txt",
+  ]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.extra_rdoc_files = ["README.md"]
 end

data/lib/insecure_random/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module InsecureRandom
+  VERSION = Gem::Version.new("2.1.0")
+end

data/lib/insecure_random.rb

@@ -1,8 +1,94 @@
-require "securerandom"
+# frozen_string_literal: true
+
+# The InsecureRandom module is the interface for enabling and disabling the
+# ability to seed SecureRandom's output. Outside of enabling or disabling this
+# ability, there should be no need to call methods on the InsecureRandom module
+# directly. Simply use SecureRandom as you normally would, with the confidence
+# that its output is now repeatable by seeding via Kernel.srand.
+module InsecureRandom
+  # This module is mixed into SecureRandom. Because the Hook module is empty,
+  # mixing it in changes no behavior, but this module gives us a foothold in
+  # SecureRandom so that adding instance methods to Hook module adds the same
+  # method to SecureRandom as a singleton method.
+  module Hook
+  end
+
+  # The Overrides module holds all of the method overrides necessary to change
+  # SecureRandom's behavior to repeatable by seeding.
+  module Overrides
+    def gen_random(n)
+      Random.bytes(n)
+    end
+  end
+
+  # Returns whether SecureRandom's behavior is currently repeatable by seeding.
+  def self.enabled?
+    Hook.instance_methods.any?
+  end
+
+  # Returns whether SecureRandom's behavior is not currently repeatable.
+  def self.disabled?
+    !enabled?
+  end
+
+  # Change SecureRandom's behavior to be repeatable by seeding. Enablement
+  # occurs globally and remains enabled until explicitly disabled. See:
+  # InsecureRandom.disable! below.
+  #
+  # Returns true if enabled successfully or false if already enabled.
+  def self.enable!
+    return false if enabled?
+
+    Overrides.instance_methods.each do |method|
+      Hook.define_method(method, Overrides.instance_method(method))
+    end
 
-module SecureRandom
-  def self.random_bytes(n = nil)
-    n = n ? n.to_int : 16
-    Array.new(n) { Kernel.rand(256) }.pack("C*")
+    true
+  end
+
+  # Reverts SecureRandom's behavior to no longer be repeatable by seeding.
+  # Disablement occurs globally and remains disabled until explicity
+  # enabled. See: InsecureRandom.enable! above.
+  #
+  # Returns true if disabled successfully or false if already disabled.
+  def self.disable!
+    return false unless enabled?
+
+    Hook.instance_methods.each do |method|
+      Hook.remove_method(method)
+    end
+
+    true
+  end
+
+  # Enables SecureRandom's repeatable behavior for the duration of the given
+  # block, then reliably restores SecureRandom's original enablement.
+  #
+  # Returns the return value of the given block.
+  def self.enable
+    toggled = enable!
+    yield
+  ensure
+    disable! if toggled
+  end
+
+  # Disables SecureRandom's repeatable behavior for the duration of the given
+  # block, then reliably restores SecureRandom's original enablement.
+  #
+  # Returns the return value of the given block.
+  def self.disable
+    toggled = disable!
+    yield
+  ensure
+    enable! if toggled
   end
 end
+
+# Install InsecureRandom.
+#
+# THIS DOES NOT *ENABLE* InsecureRandom. You must explicitly enable via
+# the InsecureRandom.enable! or InsecureRandom.enable methods. Until
+# InsecureRandom is explicitly enabled, SecureRandom's behavior remains
+# entirely untouched.
+require "securerandom"
+SecureRandom.singleton_class.prepend(InsecureRandom::Hook)

metadata

@@ -1,71 +1,79 @@
 --- !ruby/object:Gem::Specification
 name: insecure_random
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.1.0
 platform: ruby
 authors:
 - Steve Richert
-autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-04 00:00:00.000000000 Z
+date: 2025-07-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13'
 description: InsecureRandom overwrites SecureRandom to enable predictability via seeding.
-email: steve.richert@gmail.com
+email: steve.richert@hey.com
 executables: []
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
 files:
-- .gitignore
-- .travis.yml
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - insecure_random.gemspec
 - lib/insecure_random.rb
-- spec/insecure_random_spec.rb
-- spec/spec_helper.rb
-- spec/support/random.rb
+- lib/insecure_random/version.rb
 homepage: https://github.com/laserlemon/insecure_random
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  allowed_push_host: https://rubygems.org
+  bug_tracker_uri: https://github.com/laserlemon/insecure_random/issues
+  funding_uri: https://github.com/sponsors/laserlemon
+  homepage_uri: https://github.com/laserlemon/insecure_random
+  rubygems_mfa_required: 'true'
+  source_code_uri: https://github.com/laserlemon/insecure_random
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.0.3
-signing_key: 
+rubygems_version: 3.6.2
 specification_version: 4
 summary: Like SecureRandom, but less… secure
-test_files:
-- spec/insecure_random_spec.rb
-- spec/spec_helper.rb
-- spec/support/random.rb
+test_files: []

data/.gitignore

@@ -1,17 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

data/.travis.yml

@@ -1,5 +0,0 @@
-language: ruby
-rvm:
-  - 1.8.7
-  - 1.9.3
-  - 2.0.0

data/Gemfile

@@ -1,7 +0,0 @@
-source "https://rubygems.org"
-
-gemspec
-
-gem "coveralls", "~> 0.6", :require => false
-gem "rake", "~> 10.0"
-gem "rspec", "~> 2.13"

data/Rakefile

@@ -1,6 +0,0 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-
-RSpec::Core::RakeTask.new(:spec)
-
-task :default => :spec

data/spec/insecure_random_spec.rb

@@ -1,84 +0,0 @@
-require "spec_helper"
-
-describe SecureRandom do
-  let(:seed) { Kernel.srand }
-
-  describe ".random_bytes" do
-    it "is a 16 byte string" do
-      value = SecureRandom.random_bytes
-
-      expect(value).to be_a(String)
-      expect(value.size).to eq(16)
-    end
-
-    it "accepts an integer length argument" do
-      value = SecureRandom.random_bytes(32)
-
-      expect(value.size).to eq(32)
-    end
-
-    it "accepts a decimal length argument" do
-      value = SecureRandom.random_bytes(32.9)
-
-      expect(value.size).to eq(32)
-    end
-
-    it "accepts a nil length argument" do
-      value = SecureRandom.random_bytes(nil)
-
-      expect(value.size).to eq(16)
-    end
-
-    it "is random-ish" do
-      sample = []
-      1000.times do
-        SecureRandom.random_bytes.bytes.each do |byte|
-          sample << byte
-        end
-      end
-
-      # MATH!
-      mean = sample.inject(:+).to_f / sample.size
-      variance = sample.inject(0) { |memo, value|
-        memo + (value - mean) ** 2
-      }.to_f / (sample.size - 1)
-      actual_standard_deviation = Math.sqrt(variance)
-      expected_standard_deviation = Math.sqrt(((256 ** 2) - 1).to_f / 12)
-
-      expect(actual_standard_deviation).to be_within(1).
-        of(expected_standard_deviation)
-    end
-
-    it "is reproducible" do
-      Kernel.srand(seed)
-      value1 = SecureRandom.random_bytes
-
-      Kernel.srand(seed)
-      value2 = SecureRandom.random_bytes
-
-      expect(value2).to eq(value1)
-    end
-  end
-
-  %w(
-    hex
-    base64
-    urlsafe_base64
-    random_number
-    uuid
-  ).each do |method|
-    if SecureRandom.respond_to?(method)
-      describe ".#{method}" do
-        it "is reproducible" do
-          Kernel.srand(seed)
-          value1 = SecureRandom.send(method)
-
-          Kernel.srand(seed)
-          value2 = SecureRandom.send(method)
-
-          expect(value2).to eq(value1)
-        end
-      end
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,6 +0,0 @@
-require "coveralls"
-Coveralls.wear!
-
-require "insecure_random"
-
-Dir[File.expand_path("../support/*.rb", __FILE__)].each { |f| require f }

data/spec/support/random.rb

@@ -1,3 +0,0 @@
-RSpec.configure do |config|
-  config.order = "random"
-end