insecure_random 1.0.0 → 2.0.0

checksums.yaml

@@ -1,15 +1,7 @@
 ---
-!binary "U0hBMQ==":
-  metadata.gz: !binary |-
-    NDAxYzI4OWVkOTliMjgwMzM3ZGQwMzA4YTMyMDRmNjMyNTFiMTVmMQ==
-  data.tar.gz: !binary |-
-    MjQxOGZhZmJkZGUzMTVkZDI1ZDczYzg1MDY2MGFjNWYzOWM5NTNiYg==
-!binary "U0hBNTEy":
-  metadata.gz: !binary |-
-    MjU4N2I2NGEzNjExZDNkMDg4MDExZDA3YTU0MDAxNzUzNGVkNDdjYzY3NzNm
-    ODQwYzk3ZmU5MmIzMDk4N2EwNjRlZWVkYTdiYmEwYzg4NmE1NmMyYzZmNDA2
-    MjhiODIzY2RhY2I5YmNlYTI0YzlkMmMwZmIxMjVhMWU1YTI2YmY=
-  data.tar.gz: !binary |-
-    YzQzNjhlZmIwYTY3MjIwNjgyZTY2Zjg5YjRkNmI3ZWU3NDdlYjE3ODIzMTA4
-    MTE1OWUwNGE1MDgxZjAwMTQxOWRjOTRkYWU2YTA3NGIwOTllYmYwNGQ0YTAy
-    NTczZDc4OGY1M2U4YTU0NDcwOTU0ZTNmODhkMjZmZjRkZmM0YzE=
+SHA256:
+  metadata.gz: 519f7b609b76294dc750839c577871d059c37cdb691f31d453b22f26b36f4a04
+  data.tar.gz: 9a48762906039310db603629f2daf97725707abb1d1789ccc3ec5765eb28c10e
+SHA512:
+  metadata.gz: a328decddeb3f2296d71da543f53e1684fa09bec2f70c4d1b7c566a137362a2586c62a7217e636572ef540872265a04ea1e69a667bc0c88c62a033aabd98140c
+  data.tar.gz: beece2427521fc912ac56d354eabadb43ce192c34aa85ad7b3f584e97fccfdd80bac21740c858e07a7920fec075f758210aa2ba39fbbcfe7bc4b3253c20c565c

data/LICENSE.txt

@@ -1,22 +1,21 @@
-Copyright (c) 2013 Steve Richert
+The MIT License (MIT)
 
-MIT License
+Copyright (c) 2013 Steve Richert
 
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
 
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
 
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -1,12 +1,9 @@
 # InsecureRandom
 
-[![Gem Version](https://badge.fury.io/rb/insecure_random.png)](http://badge.fury.io/rb/insecure_random)
-[![Build Status](https://travis-ci.org/laserlemon/insecure_random.png?branch=master)](https://travis-ci.org/laserlemon/insecure_random)
-[![Code Climate](https://codeclimate.com/github/laserlemon/insecure_random.png)](https://codeclimate.com/github/laserlemon/insecure_random)
-[![Coverage Status](https://coveralls.io/repos/laserlemon/insecure_random/badge.png?branch=master)](https://coveralls.io/r/laserlemon/insecure_random)
-[![Dependency Status](https://gemnasium.com/laserlemon/insecure_random.png)](https://gemnasium.com/laserlemon/insecure_random)
+[![Gem Version](https://img.shields.io/gem/v/insecure_random)](http://rubygems.org/gems/insecure_random)
+[![Build Status](https://img.shields.io/github/actions/workflow/status/laserlemon/insecure_random/rake.yml)](https://github.com/laserlemon/insecure_random/actions/workflows/rake.yml)
 
-InsecureRandom overwrites SecureRandom to enable predictability via seeding.
+InsecureRandom hooks into SecureRandom to enable predictability via seeding.
 
 ## Why?
 
@@ -33,10 +30,10 @@ rspec --seed=93487
 
 RSpec does this by seeding and using `Kernel.rand` to order your specs. This has
 the handy side effect of making other random test data reproducible as well. For
-example, your Factory Girl factories might use random data via Faker.
+example, your Factory Bot factories might use random data via Faker.
 
 ```ruby
-FactoryGirl.define do
+FactoryBot.define do
   factory :user do
     name { Faker::Name.name }
     age { rand(100) }
@@ -64,11 +61,28 @@ predictable way.
 
 ### The Solution
 
-Fortunately, SecureRandom only defines a handful of methods so it's easy to
-override them to be backed by `Kernel.rand`.
+Fortunately, SecureRandom only defines a handful of methods so it's relatively
+easy to override them to be backed by `Kernel.rand`.
 
-And it gets even better. All of SecureRandom's methods are derived from
-`SecureRandom.random_bytes` so overriding just that one method does the trick!
+And it gets even better. All of SecureRandom's methods are derived from just
+one method: `SecureRandom.gen_random`. So overriding that one method does the
+trick!
+
+```ruby
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "kMupcJV93fBPd34p"
+SecureRandom.alphanumeric # => "WTiAHSCC3JeqYAdJ"
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "jID3bLAGYx2FHi27"
+
+InsecureRandom.enable!
+
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "2YmG5zns39eGRfKQ"
+SecureRandom.alphanumeric # => "c58d341u4OJzkTyD"
+Kernel.srand(123)
+SecureRandom.alphanumeric # => "2YmG5zns39eGRfKQ"
+```
 
 ## Installation
 
@@ -80,4 +94,35 @@ group :development, :test do
 end
 ```
 
-**Make sure that InsecureRandom is not loaded in production!**
+## Usage
+
+As of InsecureRandom 2.0, SecureRandom's behavior remains entirely unchanged
+until you explicitly enable InsecureRandom by adding the following to your
+test/spec helper:
+
+```ruby
+InsecureRandom.enable!
+```
+
+The `enable!` method globally enables repeatable results from SecureRandom via
+`Kernel.srand` seeding and can be disabled again with `InsecureRandom.disable!`.
+
+You may also use the `enable` method to _temporarily_ enable SecureRandom
+repeatability, only during execution of the given block. For example, RSpec
+can be configured to enable InsecureRandom for each individual example:
+
+```ruby
+RSpec.configure do |config|
+  config.around(:example) do |example|
+    InsecureRandom.enable do
+      example.run
+    end
+  end
+end
+```
+
+:star: InsecureRandom does not change SecureRandom's behavior until either the
+`InsecureRandom.enable!` or `InsecureRandom.enable` method is explicitly called.
+That said…
+
+:warning: **Make sure that InsecureRandom is not enabled in production!** :warning:

data/insecure_random.gemspec

@@ -1,19 +1,37 @@
-# encoding: utf-8
+# frozen_string_literal: true
 
-Gem::Specification.new do |spec|
-  spec.name    = "insecure_random"
-  spec.version = "1.0.0"
+require_relative "lib/insecure_random/version"
 
-  spec.author      = "Steve Richert"
-  spec.email       = "steve.richert@gmail.com"
-  spec.summary     = "Like SecureRandom, but less… secure"
+Gem::Specification.new do |spec|
+  spec.name = "insecure_random"
+  spec.summary = "Like SecureRandom, but less… secure"
   spec.description = "InsecureRandom overwrites SecureRandom to enable predictability via seeding."
-  spec.homepage    = "https://github.com/laserlemon/insecure_random"
-  spec.license     = "MIT"
+  spec.version = InsecureRandom::VERSION
+
+  spec.author = "Steve Richert"
+  spec.email = "steve.richert@hey.com"
+  spec.license = "MIT"
+  spec.homepage = "https://github.com/laserlemon/insecure_random"
+
+  spec.metadata = {
+    "allowed_push_host" => "https://rubygems.org",
+    "bug_tracker_uri" => "https://github.com/laserlemon/insecure_random/issues",
+    "funding_uri" => "https://github.com/sponsors/laserlemon",
+    "homepage_uri" => "https://github.com/laserlemon/insecure_random",
+    "rubygems_mfa_required" => "true",
+    "source_code_uri" => "https://github.com/laserlemon/insecure_random",
+  }
+
+  spec.required_ruby_version = ">= 3.0.0"
+  spec.add_development_dependency "bundler", ">= 2"
+  spec.add_development_dependency "rake", ">= 13"
 
-  spec.files         = `git ls-files`.split($/)
-  spec.test_files    = spec.files.grep(/^spec/)
-  spec.require_paths = ["lib"]
+  spec.files = [
+    "insecure_random.gemspec",
+    "lib/insecure_random.rb",
+    "lib/insecure_random/version.rb",
+    "LICENSE.txt",
+  ]
 
-  spec.add_development_dependency "bundler", "~> 1.3"
+  spec.extra_rdoc_files = ["README.md"]
 end

data/lib/insecure_random/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module InsecureRandom
+  VERSION = Gem::Version.new("2.0.0")
+end

data/lib/insecure_random.rb

@@ -1,8 +1,92 @@
+# frozen_string_literal: true
+
 require "securerandom"
 
-module SecureRandom
-  def self.random_bytes(n = nil)
-    n = n ? n.to_int : 16
-    Array.new(n) { Kernel.rand(256) }.pack("C*")
+# The InsecureRandom module is the interface for enabling and disabling the
+# ability to seed SecureRandom's output. Outside of enabling or disabling this
+# ability, there should be no need to call methods on the InsecureRandom module
+# directly. Simply use SecureRandom as you normally would, with the confidence
+# that its output is now repeatable by seeding via Kernel.srand.
+module InsecureRandom
+  # This module is mixed into SecureRandom via InsecureRandom.hook! Beccause
+  # the Hook module is empty, mixing it in changes no behavior, but this module
+  # gives us a foothold in SecureRandom so that adding instance methods to Hook
+  # module adds the same method to SecureRandom as a singleton method.
+  module Hook
+  end
+
+  # The Overrides module holds all of the method overrides necessary to change
+  # SecureRandom's behavior to repeatable by seeding.
+  module Overrides
+    def gen_random(n)
+      Random.bytes(n)
+    end
+  end
+
+  # Calling InsecureRandom.hook! prepends the Hook module onto SecureRandom's
+  # singleton class, allowing InsecureRandom to (later) override specific
+  # singleton methods.
+  #
+  # InsecureRandom.hook! is called at the bottom of this file and only needs
+  # to be called once. However, there should be no harmful effects if this
+  # method is called repeatedly.
+  def self.hook!
+    ::SecureRandom.singleton_class.prepend(Hook)
+
+    true
+  end
+
+  # Returns whether SecureRandom's behavior is currently repeatable by seeding.
+  def self.enabled?
+    Hook.instance_methods.any?
+  end
+
+  # Change SecureRandom's behavior to be repeatable by seeding. Enablement
+  # occurs globally and remains enabled until explicitly disabled. See:
+  # InsecureRandom.disable! below.
+  #
+  # Returns true if enabled successfully or false if already enabled.
+  def self.enable!
+    return false if enabled?
+
+    Overrides.instance_methods.each do |method|
+      Hook.define_method(method, Overrides.instance_method(method))
+    end
+
+    true
+  end
+
+  # Reverts SecureRandom's behavior to no longer be repeatable by seeding.
+  # Disablement occurs globally and remains disabled until explicity
+  # enabled. See: InsecureRandom.enable! above.
+  #
+  # Returns true if disabled successfully or false if already disabled.
+  def self.disable!
+    return false unless enabled?
+
+    Hook.instance_methods.each do |method|
+      Hook.remove_method(method)
+    end
+
+    true
+  end
+
+  # Enables SecureRandom's repeatable behavior for the duration of the given
+  # block, then reliably disables SecureRandom's repeatability.
+  #
+  # Returns the return value of the given block.
+  def self.enable
+    enable!
+    yield
+  ensure
+    disable!
   end
 end
+
+# Install InsecureRandom.
+#
+# THIS DOES NOT *ENABLE* InsecureRandom. You must explicitly enable via
+# the InsecureRandom.enable! or InsecureRandom.enable methods. Until
+# InsecureRandom is explicitly enabled, SecureRandom's behavior remains
+# entirely untouched.
+InsecureRandom.hook!

metadata

@@ -1,71 +1,82 @@
 --- !ruby/object:Gem::Specification
 name: insecure_random
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 2.0.0
 platform: ruby
 authors:
 - Steve Richert
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-04 00:00:00.000000000 Z
+date: 2024-04-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - ~>
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.3'
+        version: '2'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '13'
 description: InsecureRandom overwrites SecureRandom to enable predictability via seeding.
-email: steve.richert@gmail.com
+email: steve.richert@hey.com
 executables: []
 extensions: []
-extra_rdoc_files: []
+extra_rdoc_files:
+- README.md
 files:
-- .gitignore
-- .travis.yml
-- Gemfile
 - LICENSE.txt
 - README.md
-- Rakefile
 - insecure_random.gemspec
 - lib/insecure_random.rb
-- spec/insecure_random_spec.rb
-- spec/spec_helper.rb
-- spec/support/random.rb
+- lib/insecure_random/version.rb
 homepage: https://github.com/laserlemon/insecure_random
 licenses:
 - MIT
-metadata: {}
+metadata:
+  allowed_push_host: https://rubygems.org
+  bug_tracker_uri: https://github.com/laserlemon/insecure_random/issues
+  funding_uri: https://github.com/sponsors/laserlemon
+  homepage_uri: https://github.com/laserlemon/insecure_random
+  rubygems_mfa_required: 'true'
+  source_code_uri: https://github.com/laserlemon/insecure_random
 post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.0.3
+rubygems_version: 3.4.19
 signing_key: 
 specification_version: 4
 summary: Like SecureRandom, but less… secure
-test_files:
-- spec/insecure_random_spec.rb
-- spec/spec_helper.rb
-- spec/support/random.rb
+test_files: []

data/.gitignore

@@ -1,17 +0,0 @@
-*.gem
-*.rbc
-.bundle
-.config
-.yardoc
-Gemfile.lock
-InstalledFiles
-_yardoc
-coverage
-doc/
-lib/bundler/man
-pkg
-rdoc
-spec/reports
-test/tmp
-test/version_tmp
-tmp

data/.travis.yml

@@ -1,5 +0,0 @@
-language: ruby
-rvm:
-  - 1.8.7
-  - 1.9.3
-  - 2.0.0

data/Gemfile

@@ -1,7 +0,0 @@
-source "https://rubygems.org"
-
-gemspec
-
-gem "coveralls", "~> 0.6", :require => false
-gem "rake", "~> 10.0"
-gem "rspec", "~> 2.13"

data/Rakefile

@@ -1,6 +0,0 @@
-require "bundler/gem_tasks"
-require "rspec/core/rake_task"
-
-RSpec::Core::RakeTask.new(:spec)
-
-task :default => :spec

data/spec/insecure_random_spec.rb

@@ -1,84 +0,0 @@
-require "spec_helper"
-
-describe SecureRandom do
-  let(:seed) { Kernel.srand }
-
-  describe ".random_bytes" do
-    it "is a 16 byte string" do
-      value = SecureRandom.random_bytes
-
-      expect(value).to be_a(String)
-      expect(value.size).to eq(16)
-    end
-
-    it "accepts an integer length argument" do
-      value = SecureRandom.random_bytes(32)
-
-      expect(value.size).to eq(32)
-    end
-
-    it "accepts a decimal length argument" do
-      value = SecureRandom.random_bytes(32.9)
-
-      expect(value.size).to eq(32)
-    end
-
-    it "accepts a nil length argument" do
-      value = SecureRandom.random_bytes(nil)
-
-      expect(value.size).to eq(16)
-    end
-
-    it "is random-ish" do
-      sample = []
-      1000.times do
-        SecureRandom.random_bytes.bytes.each do |byte|
-          sample << byte
-        end
-      end
-
-      # MATH!
-      mean = sample.inject(:+).to_f / sample.size
-      variance = sample.inject(0) { |memo, value|
-        memo + (value - mean) ** 2
-      }.to_f / (sample.size - 1)
-      actual_standard_deviation = Math.sqrt(variance)
-      expected_standard_deviation = Math.sqrt(((256 ** 2) - 1).to_f / 12)
-
-      expect(actual_standard_deviation).to be_within(1).
-        of(expected_standard_deviation)
-    end
-
-    it "is reproducible" do
-      Kernel.srand(seed)
-      value1 = SecureRandom.random_bytes
-
-      Kernel.srand(seed)
-      value2 = SecureRandom.random_bytes
-
-      expect(value2).to eq(value1)
-    end
-  end
-
-  %w(
-    hex
-    base64
-    urlsafe_base64
-    random_number
-    uuid
-  ).each do |method|
-    if SecureRandom.respond_to?(method)
-      describe ".#{method}" do
-        it "is reproducible" do
-          Kernel.srand(seed)
-          value1 = SecureRandom.send(method)
-
-          Kernel.srand(seed)
-          value2 = SecureRandom.send(method)
-
-          expect(value2).to eq(value1)
-        end
-      end
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,6 +0,0 @@
-require "coveralls"
-Coveralls.wear!
-
-require "insecure_random"
-
-Dir[File.expand_path("../support/*.rb", __FILE__)].each { |f| require f }

data/spec/support/random.rb

@@ -1,3 +0,0 @@
-RSpec.configure do |config|
-  config.order = "random"
-end