lockbox 2.1.0 → 2.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 732b29630e94d7e05292a10ff4106f05152418a335fb7a5e7da9b5a632c05856
-  data.tar.gz: 8d7d40d7d4f8bb5ecc4737c4664a87bfc33d1f331b0a46d36ebc6a3ce5573ee2
+  metadata.gz: b3a6c05fd83da2e2fc8474f2daf3b55f27ee61dd8a86ff3264df772816bcf92b
+  data.tar.gz: d269773e126958e5288a2fcb48ee228dbcd3918648e02834057c8be04f36ec45
 SHA512:
-  metadata.gz: 11ba243e0e997a3140a5f3682f38023b9dcf29fdd9c181ea9f693404b4204bd7e83a4caef669126ff9fe432882773ff8f52e129117c201f0dc6eae7de9539849
-  data.tar.gz: 206197fbff415597cb816f77d9354fc8b2ee0c60ceccfb1b5414a44cf19a14b1b9224e09d1c7b0148a9ecb4b0d6673f70f2f35008b6a105bab8e02a55fdf81ce
+  metadata.gz: f05224cd3e90993ba6a5b7cadfd2bdac839e6590ae3a5702935dc1146b1349ce76d41d3de989f9e10b3510cf420a86936d283968cc343a7eaccfa119a4dff1b6
+  data.tar.gz: d185de56bd634a6ba6753d3a1acf91a7f3940edb02ccbcaa89b22839ef4e57e62a5c698074b6cff821bc5869e3b423dee94781fad4a7e0961794982fa2ed1faa

data/CHANGELOG.md

@@ -1,3 +1,7 @@
+## 2.2.0 (2026-04-04)
+
+- Dropped support for Active Record < 7.2 and Ruby < 3.3
+
 ## 2.1.0 (2025-10-15)
 
 - Added warning for `download_chunk` method

data/LICENSE.txt

@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2018-2025 Andrew Kane
+Copyright (c) 2018-2026 Andrew Kane
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

data/README.md

@@ -72,7 +72,7 @@ Then follow the instructions below for the data you want to encrypt.
 Create a migration with:
 
 ```ruby
-class AddEmailCiphertextToUsers < ActiveRecord::Migration[8.0]
+class AddEmailCiphertextToUsers < ActiveRecord::Migration[8.1]
   def change
     add_column :users, :email_ciphertext, :text
   end
@@ -251,7 +251,7 @@ User.decrypt_email_ciphertext(user.email_ciphertext)
 Create a migration with:
 
 ```ruby
-class AddBodyCiphertextToRichTexts < ActiveRecord::Migration[8.0]
+class AddBodyCiphertextToRichTexts < ActiveRecord::Migration[8.1]
   def change
     add_column :action_text_rich_texts, :body_ciphertext, :text
   end
@@ -382,7 +382,7 @@ Encryption is applied to all versions after processing.
 You can mount the uploader [as normal](https://github.com/carrierwaveuploader/carrierwave#activerecord). With Active Record, this involves creating a migration:
 
 ```ruby
-class AddLicenseToUsers < ActiveRecord::Migration[8.0]
+class AddLicenseToUsers < ActiveRecord::Migration[8.1]
   def change
     add_column :users, :license, :string
   end
@@ -910,7 +910,7 @@ end
 You can use `binary` columns for the ciphertext instead of `text` columns.
 
 ```ruby
-class AddEmailCiphertextToUsers < ActiveRecord::Migration[8.0]
+class AddEmailCiphertextToUsers < ActiveRecord::Migration[8.1]
   def change
     add_column :users, :email_ciphertext, :binary
   end
@@ -961,7 +961,7 @@ end
 Create a migration with:
 
 ```ruby
-class MigrateToLockbox < ActiveRecord::Migration[8.0]
+class MigrateToLockbox < ActiveRecord::Migration[8.1]
   def change
     add_column :users, :name_ciphertext, :text
     add_column :users, :email_ciphertext, :text
@@ -994,7 +994,7 @@ end
 Then remove the previous gem from your Gemfile and drop its columns.
 
 ```ruby
-class RemovePreviousEncryptedColumns < ActiveRecord::Migration[8.0]
+class RemovePreviousEncryptedColumns < ActiveRecord::Migration[8.1]
   def change
     remove_column :users, :encrypted_name, :text
     remove_column :users, :encrypted_name_iv, :text

data/lib/lockbox/active_storage_extensions.rb

@@ -118,13 +118,6 @@ module Lockbox
         super
       end
 
-      if ActiveStorage::VERSION::STRING.to_f == 7.1 && ActiveStorage.version >= "7.1.4"
-        def transform_variants_later
-          blob.instance_variable_set(:@lockbox_encrypted, true) if Utils.encrypted_options(record, name)
-          super
-        end
-      end
-
       def open(**options)
         blob.open(**options) do |file|
           options = Utils.encrypted_options(record, name)
@@ -149,12 +142,6 @@ module Lockbox
     end
 
     module Blob
-      if ActiveStorage::VERSION::STRING.to_f == 7.1 && ActiveStorage.version >= "7.1.4"
-        def preview_image_needed_before_processing_variants?
-          !instance_variable_defined?(:@lockbox_encrypted) && super
-        end
-      end
-
       private
 
       def extract_content_type(io)

data/lib/lockbox/model.rb

@@ -259,18 +259,16 @@ module Lockbox
                 result
               end
 
-              if ActiveRecord::VERSION::STRING.to_f >= 7.2
-                def self.insert(attributes, **options)
-                  super(lockbox_map_record_attributes(attributes), **options)
-                end
+              def self.insert(attributes, **options)
+                super(lockbox_map_record_attributes(attributes), **options)
+              end
 
-                def self.insert!(attributes, **options)
-                  super(lockbox_map_record_attributes(attributes), **options)
-                end
+              def self.insert!(attributes, **options)
+                super(lockbox_map_record_attributes(attributes), **options)
+              end
 
-                def self.upsert(attributes, **options)
-                  super(lockbox_map_record_attributes(attributes, check_readonly: true), **options)
-                end
+              def self.upsert(attributes, **options)
+                super(lockbox_map_record_attributes(attributes, check_readonly: true), **options)
               end
 
               def self.insert_all(attributes, **options)
@@ -344,20 +342,9 @@ module Lockbox
             end
 
             # warn on default attributes
-            if ActiveRecord::VERSION::STRING.to_f >= 7.2
-              # TODO improve
-              if pending_attribute_modifications.any? { |v| v.is_a?(ActiveModel::AttributeRegistration::ClassMethods::PendingDefault) && v.name == name.to_s }
-                warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
-              end
-            elsif attributes_to_define_after_schema_loads.key?(name.to_s)
-              opt = attributes_to_define_after_schema_loads[name.to_s][1]
-
-              # not ideal, since NO_DEFAULT_PROVIDED is private
-              has_default = opt != ActiveRecord::Attributes::ClassMethods.const_get(:NO_DEFAULT_PROVIDED)
-
-              if has_default
-                warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
-              end
+            # TODO improve
+            if pending_attribute_modifications.any? { |v| v.is_a?(ActiveModel::AttributeRegistration::ClassMethods::PendingDefault) && v.name == name.to_s }
+              warn "[lockbox] WARNING: attributes with `:default` option are not supported. Use `after_initialize` instead."
             end
 
             # preference:
@@ -385,7 +372,7 @@ module Lockbox
               when :array
                 serialize name, type: Array, coder: default_column_serializer || YAML
               end
-            elsif ActiveRecord::VERSION::STRING.to_f >= 7.2
+            else
               decorate_attributes([name]) do |attr_name, cast_type|
                 if cast_type.instance_of?(ActiveRecord::Type::Value)
                   original_type = pending_attribute_modifications.find { |v| v.is_a?(ActiveModel::AttributeRegistration::ClassMethods::PendingType) && v.name == original_name.to_s && !v.type.nil? }&.type
@@ -405,27 +392,6 @@ module Lockbox
                   cast_type
                 end
               end
-            elsif !attributes_to_define_after_schema_loads.key?(name.to_s)
-              # when migrating it's best to specify the type directly
-              # however, we can try to use the original type if its already defined
-              if attributes_to_define_after_schema_loads.key?(original_name.to_s)
-                attribute name, attributes_to_define_after_schema_loads[original_name.to_s].first
-              elsif options[:migrating]
-                # we use the original attribute for serialization in the encrypt and decrypt methods
-                # so we can use a generic value here
-                attribute name, ActiveRecord::Type::Value.new
-              else
-                attribute name, :string
-              end
-            elsif attributes_to_define_after_schema_loads[name.to_s].first.is_a?(Proc)
-              # hack for Active Record 6.1+ to set string type after serialize
-              # otherwise, type gets set to ActiveModel::Type::Value
-              # which always returns false for changed_in_place?
-              # earlier versions of Active Record take the previous code path
-              attribute_type = attributes_to_define_after_schema_loads[name.to_s].first.call(nil)
-              if attribute_type.is_a?(ActiveRecord::Type::Serialized) && attribute_type.subtype.nil?
-                attribute name, ActiveRecord::Type::Serialized.new(ActiveRecord::Type::String.new, attribute_type.coder)
-              end
             end
 
             define_method("#{name}_was") do

data/lib/lockbox/version.rb

@@ -1,3 +1,3 @@
 module Lockbox
-  VERSION = "2.1.0"
+  VERSION = "2.2.0"
 end

data/lib/lockbox.rb

@@ -98,8 +98,10 @@ end
 if defined?(ActiveSupport.on_load)
   ActiveSupport.on_load(:active_record) do
     ar_version = ActiveRecord::VERSION::STRING.to_f
-    if ar_version < 7.1
-      if ar_version >= 7.0
+    if ar_version < 7.2
+      if ar_version >= 7.1
+        raise Lockbox::Error, "Active Record #{ActiveRecord::VERSION::STRING} requires Lockbox < 2.2"
+      elsif ar_version >= 7.0
         raise Lockbox::Error, "Active Record #{ActiveRecord::VERSION::STRING} requires Lockbox < 2.1"
       elsif ar_version >= 5.2
         raise Lockbox::Error, "Active Record #{ActiveRecord::VERSION::STRING} requires Lockbox < 2"

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: lockbox
 version: !ruby/object:Gem::Version
-  version: 2.1.0
+  version: 2.2.0
 platform: ruby
 authors:
 - Andrew Kane
@@ -48,14 +48,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.2'
+      version: '3.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.9
+rubygems_version: 4.0.6
 specification_version: 4
 summary: Modern encryption for Ruby and Rails
 test_files: []