minfraud 2.7.1 → 2.9.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 94219dcd7ef78fdea77b06565b3a73ff8073ea56755f2a9ab25a0d4ba97eb692
-  data.tar.gz: a7e3cfa6b732da9f5d23877b4abef0cb7e7641ed30d690af2fc141ee6298cec8
+  metadata.gz: 7182466f12206a3a2d7639cabb6d7937e10d91dc7bac4684482b38b27dc1237e
+  data.tar.gz: 2a304dbe22670677bd3aaa7fbdba6b738ea460652893c351bf686861e63dd56d
 SHA512:
-  metadata.gz: d79f083900533abbe2fc0d82b5c67d91c8bf81cee4ac95ef37c42c40eb50cf8f1bd1642acc6b80fdc50234f1cded773f47a62548fa0d360bab92c5fcd6b3cbb5
-  data.tar.gz: 5d868acf7b455dd212b8481e0c31e1cc9156e5c39a38ddf38d9d230b2344250fbae51551aec91556e532a601f2e51e4424e8c2b02eca024e84b4b23a600f0c2b
+  metadata.gz: 347bc9a5c45f747e1bca1608b6d4c0623d11627cdbca48657b45fd3bf7f04b21d4aae579fe81333935477a6dcd5d6e59a95a0ba5df18560a7969385661aab0ac
+  data.tar.gz: 90eeb55ddfc1f93fcf3eb981ed34a79402910e6ca097b7e4cb7098c847e414c01c628dc1f5a3d113d299621596172e2a5adef1affd88c6103e0e8217b37206e2

data/.rubocop.yml

@@ -1,5 +1,11 @@
+plugins:
+    - rubocop-performance
+    - rubocop-rake
+    - rubocop-rspec
+    - rubocop-thread_safety
+
 AllCops:
-    TargetRubyVersion: '3.0'
+    TargetRubyVersion: '3.2'
     NewCops: enable
 
 # Metrics.
@@ -88,3 +94,20 @@ Naming/VariableNumber:
 
 Gemspec/DevelopmentDependencies:
   Enabled: false
+
+# This might make sense, but I don't think it's worth moving things around for.
+RSpec/SpecFilePathFormat:
+  Enabled: false
+# Sometimes it makes sense to have lots of assertions.
+RSpec/MultipleExpectations:
+  Enabled: false
+# Sometimes it makes sense to have long tests.
+RSpec/ExampleLength:
+  Enabled: false
+# This seems okay.
+RSpec/MultipleDescribes:
+  Enabled: false
+# This seems to give a bunch of false positives. Specifically it's flagging
+# things where we are creating an object and checking no exception happens.
+RSpec/NoExpectationExample:
+  Enabled: false

data/CHANGELOG.md

@@ -1,5 +1,49 @@
 # Changelog
 
+## v2.9.0 (2025-11-20)
+
+* Added the processor `:securepay` to `Minfraud::Components::Payment`.
+* Ruby 3.2+ is now required. If you're using Ruby 3.0 or 3.1, please use
+  version 2.8.0 of this gem.
+* Added `/event/type` values `:credit_application` and `:fund_transfer` to
+  `Minfraud::Components::Event`.
+* Added the `/event/type` value `:sim_swap` to
+  `Minfraud::Components::Event`.
+* Added the input `/event/party`. This is the party submitting the
+  transaction. You may provide this using the `party` attribute on
+  `Minfraud::Components::Event`.
+* Added the input `/payment/method`. This is the payment method associated
+  with the transaction. You may provide this using the `method` attribute
+  on `Minfraud::Components::Payment`.
+* Added support for new email domain outputs on `Minfraud::Model::EmailDomain`:
+  * `/email/domain/classification` - The domain type (e.g., business,
+    education, government, isp_email). Available as the `classification`
+    attribute.
+  * `/email/domain/risk` - A risk score from 0.01 to 99 for the domain.
+    Available as the `risk` attribute.
+  * `/email/domain/volume` - Activity across the minFraud network expressed
+    as sightings per million. Available as the `volume` attribute.
+  * `/email/domain/visit` - Information from an automated visit to the
+    domain. Available as the `visit` attribute, which returns a
+    `Minfraud::Model::EmailDomainVisit` object.
+* Added support for email domain visit outputs on
+  `Minfraud::Model::EmailDomainVisit`:
+  * `/email/domain/visit/has_redirect` - Whether the domain redirects to
+    another URL. Available as the `has_redirect` attribute.
+  * `/email/domain/visit/last_visited_on` - The date the automated visit
+    was completed. Available as the `last_visited_on` attribute.
+  * `/email/domain/visit/status` - The status of the domain (e.g., live,
+    dns_error, parked). Available as the `status` attribute.
+* Updated `maxmind-geoip2` to 1.4, which includes new anonymizer and IP
+  risk outputs.
+
+## v2.8.0 (2025-05-23)
+
+* Added support for the `/billing_phone/matches_postal` and
+  `/shipping_phone/matches_postal` outputs. These are available as the
+  `matches_postal` attribute on `Minfraud::Model::Phone`.
+* Added the processor `:cryptomus` to `Minfraud::Components::Payment`.
+
 ## v2.7.1 (2025-02-10)
 
 * Re-release due to bug in release workflow.

data/CLAUDE.md

@@ -0,0 +1,443 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+**minfraud-api-ruby** is MaxMind's official Ruby client library for the minFraud web services:
+- **minFraud Score, Insights, and Factors**: Fraud detection and risk scoring endpoints
+- **minFraud Report Transaction API**: Report fraudulent or legitimate transactions
+
+The library provides a request builder pattern through components that are assembled into assessments, then sent to the service endpoints. Responses are returned as strongly-typed model objects.
+
+**Key Technologies:**
+- Ruby 3.2+ (uses frozen string literals and modern Ruby features)
+- HTTP gem for web service client functionality and persistent connections
+- ConnectionPool for thread-safe connection management
+- RSpec for testing
+- RuboCop with multiple plugins for code quality
+
+## Code Architecture
+
+### Package Structure
+
+```
+lib/minfraud/
+├── components/         # Request components (Account, Device, Email, etc.)
+│   └── report/         # Report Transaction components
+├── model/              # Response models (Score, Insights, Factors, etc.)
+├── http_service/       # HTTP response wrapper
+├── assessments.rb      # Main request builder for Score/Insights/Factors
+├── report.rb           # Report Transaction API
+├── resolver.rb         # Maps component parameters to component objects
+├── enum.rb             # Enum helper for validated attributes
+├── validates.rb        # Input validation methods
+├── errors.rb           # Custom exceptions
+└── version.rb          # Version constant
+```
+
+### Key Design Patterns
+
+#### 1. **Component-Based Request Building**
+
+Requests are built using component objects that represent different aspects of a transaction:
+
+```ruby
+assessment = Minfraud::Assessments.new(
+  device: { ip_address: '1.2.3.4' },
+  event: { type: :purchase },
+  billing: { country: 'US' },
+)
+```
+
+**Component Architecture:**
+- All components extend `Minfraud::Components::Base`
+- Components use `attr_accessor` for attributes
+- Components implement `#to_json` to convert to API request format
+- The `Resolver` module maps hash parameters to component objects
+- Components with enum attributes include `Minfraud::Enum` module
+
+**Resolver Pattern:**
+The `Minfraud::Resolver` module handles converting hashes to component objects:
+- Maintains a `MAPPING` constant from keys to component classes
+- The `#assign` method creates components from hashes or uses existing component objects
+- Raises `RequestFormatError` for unknown keys
+- Used by `Minfraud::Assessments` in initialization
+
+#### 2. **Enum Attributes with Validation**
+
+Components with restricted value sets use the `Enum` module:
+
+```ruby
+class Event < Base
+  include ::Minfraud::Enum
+
+  enum_accessor :type, %i[
+    account_creation
+    purchase
+    payout
+    recurring_purchase
+    referral
+    account_login
+  ]
+end
+```
+
+**Key Points:**
+- `enum_accessor` creates getter/setter methods with validation
+- Values are stored as symbols internally
+- Raises `NotEnumValueError` if invalid value assigned
+- The class gets a `{attribute}_values` method returning permitted values
+
+#### 3. **Optional Client-Side Validation**
+
+Components can optionally include `Minfraud::Validates` for input validation:
+
+```ruby
+class Device < Base
+  include ::Minfraud::Validates
+
+  def ip_address=(ip_address)
+    validate_ip('ip_address', ip_address) if Minfraud.enable_validation
+    @ip_address = ip_address
+  end
+end
+```
+
+**Key Points:**
+- Validation is disabled by default
+- Enable with `Minfraud.configure { |c| c.enable_validation = true }`
+- Validation happens in setters before assignment
+- Validates types, formats, lengths, ranges, etc.
+- Raises `InvalidInputError` for invalid values
+
+#### 4. **Model Inheritance and Composition**
+
+Response models follow a clear hierarchy:
+
+```
+Abstract → Score → Insights → Factors
+```
+
+- `Abstract` provides `#get` method for safe hash access
+- `Score` has basic risk scoring fields
+- `Insights` extends `Score` with detailed fraud data (addresses, phones, device, etc.)
+- `Factors` extends `Insights` with subscores and risk reasons
+
+**Model Composition:**
+Models compose smaller model objects representing nested data:
+
+```ruby
+class Insights < Score
+  attr_reader :billing_address
+  attr_reader :credit_card
+  attr_reader :device
+  attr_reader :email
+
+  def initialize(record, locales)
+    super
+    @billing_address = Minfraud::Model::BillingAddress.new(get('billing_address'))
+    @credit_card = Minfraud::Model::CreditCard.new(get('credit_card'))
+    # ...
+  end
+end
+```
+
+#### 5. **Connection Pooling for Thread Safety**
+
+The library uses ConnectionPool for thread-safe persistent HTTP connections:
+
+```ruby
+@connection_pool = ConnectionPool.new(size: 5) do
+  HTTP.basic_auth(user: @account_id, pass: @license_key)
+    .persistent("https://#{host}")
+end
+```
+
+**Key Points:**
+- Pool is created in `Minfraud.configure`
+- Assessments and Reports use `Minfraud.connection_pool.with { |client| ... }`
+- Enables persistent connections without manual management
+- Safe for multi-threaded use
+- Must call `Minfraud.configure` before using from multiple threads
+
+## Testing Conventions
+
+### Running Tests
+
+```bash
+# Install dependencies
+bundle install
+
+# Run all tests
+bundle exec rake spec
+
+# Run tests and RuboCop
+bundle exec rake  # default task
+
+# Run RuboCop only
+bundle exec rake rubocop
+
+# Run specific test file
+bundle exec rspec spec/assessments_spec.rb
+
+# Run specific test
+bundle exec rspec spec/assessments_spec.rb:10
+```
+
+### Test Structure
+
+Tests use RSpec and are organized by functionality:
+- `spec/assessments_spec.rb` - Main assessment request builder tests
+- `spec/report_spec.rb` - Report Transaction API tests
+- `spec/components/*_spec.rb` - Component tests
+- `spec/model/*_spec.rb` - Response model tests
+- `spec/enum_spec.rb` - Enum validation tests
+- `spec/http_spec.rb` - HTTP integration tests
+
+### Test Patterns
+
+Tests use RSpec with test data hashes:
+
+```ruby
+describe Minfraud::Model::Score do
+  let(:raw) do
+    {
+      'disposition' => { 'action' => 'accept' },
+      'funds_remaining' => 10.01,
+      'id' => '27d26476-e2bc-11e4-92b8-962e705b4af5',
+      'risk_score' => 0.01,
+    }
+  end
+
+  let(:model) { described_class.new(raw, ['en']) }
+
+  it 'has risk_score' do
+    expect(model.risk_score).to eq(0.01)
+  end
+end
+```
+
+When adding new fields:
+1. Add field to test data hash
+2. Add expectation to verify the field is accessible
+3. Test nil handling if field is optional
+4. Test validation if applicable
+
+## Working with This Codebase
+
+### Adding New Fields to Components
+
+For input components (request data):
+
+1. **Add an attr_accessor**:
+   ```ruby
+   # A description of the field.
+   #
+   # @return [String, nil]
+   attr_accessor :new_field
+   ```
+
+2. **Add validation if needed**:
+   ```ruby
+   def new_field=(value)
+     validate_string('new_field', 255, value) if Minfraud.enable_validation
+     @new_field = value
+   end
+   ```
+
+3. **Update tests** to include the new field
+
+### Adding New Fields to Models
+
+For output models (response data):
+
+1. **Add an attr_reader** (models are immutable):
+   ```ruby
+   # A description of the field.
+   #
+   # @return [Type, nil]
+   attr_reader :new_field
+   ```
+
+2. **Initialize in constructor**:
+   ```ruby
+   def initialize(record, locales)
+     super
+     @new_field = get('new_field')
+   end
+   ```
+
+3. **For nested objects**, create a model class:
+   ```ruby
+   @new_field = Minfraud::Model::NewField.new(get('new_field'))
+   ```
+
+4. **Update tests** with test data and expectations
+
+### Adding New Enum Values
+
+When adding new values to an enum attribute:
+
+1. **Add to the enum_accessor array**:
+   ```ruby
+   enum_accessor :type, %i[
+     existing_value
+     new_value
+   ]
+   ```
+
+2. **Update CHANGELOG.md** with the new value
+3. **Add test** to verify the new value is accepted
+
+### Adding New Components
+
+When creating a new component class:
+
+1. **Extend Base** and include Enum/Validates if needed:
+   ```ruby
+   class NewComponent < Base
+     include ::Minfraud::Enum
+     include ::Minfraud::Validates
+   end
+   ```
+
+2. **Add to Resolver::MAPPING** in lib/minfraud/resolver.rb:
+   ```ruby
+   MAPPING = {
+     new_component: ::Minfraud::Components::NewComponent,
+     # ...
+   }.freeze
+   ```
+
+3. **Add attr_accessor** to Assessments or Report
+4. **Require the file** in lib/minfraud.rb
+5. **Add tests** for the component
+
+### CHANGELOG.md Format
+
+Always update `CHANGELOG.md` for user-facing changes.
+
+**Important**: Do not add a date to changelog entries until release time.
+
+- If there's an existing version entry without a date (e.g., `v2.9.0`), add your changes there
+- If creating a new version entry, don't include a date - it will be added at release time
+- Use past tense for descriptions
+- Use bullet points starting with `*`
+
+```markdown
+## v2.10.0
+
+* Added the `new_field` attribute to `Minfraud::Components::Device`. This
+  allows you to provide...
+* Added the `/output/path` to the Insights response. This is available
+  as the `field_name` attribute on `Minfraud::Model::Insights`.
+```
+
+## Common Pitfalls and Solutions
+
+### Problem: Components Not Registering
+
+A new component doesn't work when passed to Assessments.
+
+**Solution**: Make sure you:
+1. Added the component to `Resolver::MAPPING`
+2. Required the file in lib/minfraud.rb
+3. Added the attr_accessor to Assessments or Report
+
+### Problem: Thread Safety Issues
+
+Getting connection errors or state issues in multi-threaded code.
+
+**Solution**:
+- Always call `Minfraud.configure` before spawning threads
+- Never share `Minfraud::Assessments` or `Minfraud::Report` objects across threads
+- Create new Assessment/Report instances per thread
+
+### Problem: Validation Not Working
+
+Validation doesn't catch invalid inputs.
+
+**Solution**:
+- Validation is disabled by default
+- Enable with `Minfraud.configure { |c| c.enable_validation = true }`
+- Make sure the component setter calls the appropriate `validate_*` method
+
+### Problem: Enum Values Rejected
+
+A valid enum value raises `NotEnumValueError`.
+
+**Solution**:
+- Enum values must be symbols (`:value` not `"value"`)
+- Check the enum_accessor definition includes the value
+- Values are case-sensitive
+
+## Code Style Requirements
+
+- **RuboCop enforced** with plugins: performance, rake, rspec, thread_safety
+- **Frozen string literals** (`# frozen_string_literal: true`) in all files
+- **Target Ruby 3.2+**
+- **Max line length: 150 characters**
+- **Hash alignment: table style** (aligned rockets and colons)
+- **Trailing commas allowed** in arrays, hashes, and arguments
+- **Use `if !condition`** instead of `unless condition` (NegatedIf disabled)
+- **Metrics cops disabled** - AbcSize, ClassLength, MethodLength, etc.
+
+Key RuboCop configurations:
+- Guard clauses not enforced
+- Conditional assignment not enforced
+- Format string token checks disabled
+- Multiple assertions allowed in RSpec tests
+- Extra spacing with force equal sign alignment enabled
+
+## Development Workflow
+
+### Setup
+```bash
+bundle install
+```
+
+### Before Committing
+```bash
+# Run tests and linting
+bundle exec rake
+
+# Or run separately
+bundle exec rake spec
+bundle exec rake rubocop
+```
+
+### Running Single Test
+```bash
+bundle exec rspec spec/assessments_spec.rb
+```
+
+### Testing Against Sandbox
+```ruby
+Minfraud.configure do |c|
+  c.account_id = 12345
+  c.license_key = 'your_license_key'
+  c.host = 'sandbox.maxmind.com'
+end
+```
+
+### Version Requirements
+- **Ruby 3.2+** required
+- Target compatibility should match current supported Ruby versions
+
+## API Endpoints
+
+The library supports three assessment endpoints:
+- `assessment.score` - Basic risk score (Score model)
+- `assessment.insights` - Score + detailed fraud data (Insights model)
+- `assessment.factors` - Insights + subscores + risk reasons (Factors model)
+
+Report Transaction API:
+- `reporter.report_transaction` - Report transaction outcomes
+
+## Additional Resources
+
+- [API Documentation](https://www.rubydoc.info/gems/minfraud)
+- [minFraud Web Services Docs](https://dev.maxmind.com/minfraud)
+- [Report Transaction API Docs](https://dev.maxmind.com/minfraud/report-a-transaction)
+- GitHub Issues: https://github.com/maxmind/minfraud-api-ruby/issues

data/README.md

@@ -86,6 +86,7 @@ assessment = Minfraud::Assessments.new(
     user_agent:      'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36',
   },
   event: {
+    party:          :customer,
     transaction_id: 'txn3134133',
     shop_id:        's2123',
     time:           '2012-04-12T23:20:50+00:00',
@@ -127,6 +128,7 @@ assessment = Minfraud::Assessments.new(
     delivery_speed:     :same_day,
   },
   payment: {
+    method:         :card,
     processor:      :stripe,
     was_authorized: false,
     decline_code:   'invalid number',
@@ -275,7 +277,7 @@ to the client API, please see
 
 ## Requirements
 
-This gem works with Ruby 3.0 and above.
+This gem works with Ruby 3.2 and above.
 
 ## Contributing
 

data/Rakefile

@@ -8,5 +8,5 @@ RSpec::Core::RakeTask.new(:spec)
 
 RuboCop::RakeTask.new
 
-task default: :spec
-task default: :rubocop
+desc 'Run tests and RuboCop'
+task default: %i[spec rubocop]

data/lib/minfraud/components/base.rb

@@ -42,6 +42,8 @@ module Minfraud
 
       # Keys that have to remain boolean
       BOOLS = %w[was_authorized is_gift has_gift_message].freeze
+
+      private_constant :BOOLS
     end
   end
 end

data/lib/minfraud/components/email.rb

@@ -99,7 +99,7 @@ module Minfraud
         end
 
         if domain == 'gmail.com'
-          local_part.gsub!('.', '')
+          local_part.delete!('.')
         end
 
         domain_parts = domain.split('.')
@@ -384,7 +384,7 @@ module Minfraud
 
         idx = domain.rindex('.')
         if !idx.nil?
-          tld = domain[idx + 1..]
+          tld = domain[(idx + 1)..]
           if TYPO_TLDS.key?(tld)
             domain = "#{domain[0, idx]}.#{TYPO_TLDS[tld]}"
           end

data/lib/minfraud/components/event.rb

@@ -9,6 +9,18 @@ module Minfraud
       include ::Minfraud::Enum
       include Minfraud::Validates
 
+      # The party submitting the transaction. This must be one of +:agent+ or
+      # +:customer+.
+      #
+      # @!attribute party
+      #
+      # @return [Symbol, nil]
+      enum_accessor :party,
+                    %i[
+                      agent
+                      customer
+                    ]
+
       # Your internal ID for the transaction. MaxMind can use this to locate a
       # specific transaction in logs, and it will also show up in email alerts
       # and notifications from MaxMind to you. No specific format is required.
@@ -35,9 +47,10 @@ module Minfraud
       attr_accessor :time
 
       # The type of event being scored. This must be one of
-      # +:account_creation+, +:account_login+, +:email_change+,
-      # +:password_reset+, +:payout_change+, +:purchase+,
-      # +:recurring_purchase+, +:referral+, or +:survey+.
+      # +:account_creation+, +:account_login+, +:credit_application+,
+      # +:email_change+, +:fund_transfer+, +:password_reset+,
+      # +:payout_change+, +:purchase+, +:recurring_purchase+, +:referral+,
+      # +:sim_swap+, or +:survey+.
       #
       # @!attribute type
       #
@@ -46,18 +59,22 @@ module Minfraud
                     %i[
                       account_creation
                       account_login
+                      credit_application
                       email_change
+                      fund_transfer
                       password_reset
                       payout_change
                       purchase
                       recurring_purchase
                       referral
+                      sim_swap
                       survey
                     ]
 
       # @param params [Hash] Hash of parameters. Each key/value should
       #   correspond to one of the available attributes.
       def initialize(params = {})
+        self.party      = params[:party]
         @transaction_id = params[:transaction_id]
         @shop_id        = params[:shop_id]
         @time           = params[:time]

data/lib/minfraud/components/payment.rb

@@ -9,6 +9,28 @@ module Minfraud
       include ::Minfraud::Enum
       include Minfraud::Validates
 
+      # The payment method associated with the transaction. This must be one of
+      # +:bank_debit+, +:bank_redirect+, +:bank_transfer+, +:buy_now_pay_later+,
+      # +:card+, +:crypto+, +:digital_wallet+, +:gift_card+,
+      # +:real_time_payment+, or +:rewards+.
+      #
+      # @!attribute method
+      #
+      # @return [Symbol, nil]
+      enum_accessor :method,
+                    %i[
+                      bank_debit
+                      bank_redirect
+                      bank_transfer
+                      buy_now_pay_later
+                      card
+                      crypto
+                      digital_wallet
+                      gift_card
+                      real_time_payment
+                      rewards
+                    ]
+
       # The payment processor used for the transaction. The value is one
       # listed as a valid value, as a symbol.
       #
@@ -50,6 +72,7 @@ module Minfraud
         coregateway
         creditguard
         credorax
+        cryptomus
         ct_payments
         cuentadigital
         curopayments
@@ -146,6 +169,7 @@ module Minfraud
         rewardspay
         safecharge
         sagepay
+        securepay
         securetrading
         shopify_payments
         simplify_commerce
@@ -194,6 +218,7 @@ module Minfraud
       def initialize(params = {})
         @was_authorized = params[:was_authorized]
         @decline_code   = params[:decline_code]
+        self.method     = params[:method]
         self.processor  = params[:processor]
 
         validate

data/lib/minfraud/components/report/transaction.rb

@@ -95,15 +95,15 @@ module Minfraud
           validate_uuid('minfraud_id', @minfraud_id)
 
           if ip_address.nil? &&
-             (minfraud_id.nil? || empty_uuid(minfraud_id)) &&
+             (minfraud_id.nil? || empty_uuid?(minfraud_id)) &&
              (maxmind_id.nil? || maxmind_id.empty?) &&
              (transaction_id.nil? || transaction_id.empty?)
             raise ArgumentError, 'At least one of the following is required: ip_address, minfraud_id, maxmind_id, transaction_id.'
           end
         end
 
-        def empty_uuid(value)
-          stripped_value = value.to_s.gsub('-', '')
+        def empty_uuid?(value)
+          stripped_value = value.to_s.delete('-')
           stripped_value == '0' * 32
         end
       end

data/lib/minfraud/components/shopping_cart.rb

@@ -17,7 +17,7 @@ module Minfraud
       #   to an item's field, or as a Minfraud:::Components::ShoppingCartItem
       #   object.
       def initialize(params = [])
-        @items = params.map(&method(:resolve))
+        @items = params.map { |param| resolve(param) }
       end
 
       # A JSON representation of Minfraud::Components::ShoppingCart items.

data/lib/minfraud/enum.rb

@@ -15,7 +15,10 @@ module Minfraud
       #
       # @return [Hash]
       def mapping
+        # rubocop:disable ThreadSafety/ClassInstanceVariable
+        # This is a false positive - this is set during class definition and then only read
         @mapping ||= {}
+        # rubocop:enable ThreadSafety/ClassInstanceVariable
       end
 
       # Create a set of methods for enum-like behavior of the attribute.

data/lib/minfraud/http_service/response.rb

@@ -71,6 +71,8 @@ module Minfraud
         insights: Minfraud::Model::Insights,
         score:    Minfraud::Model::Score
       }.freeze
+
+      private_constant :ENDPOINT_TO_CLASS
     end
   end
 end

data/lib/minfraud/model/email_domain.rb

@@ -1,11 +1,21 @@
 # frozen_string_literal: true
 
 require 'minfraud/model/abstract'
+require 'minfraud/model/email_domain_visit'
 
 module Minfraud
   module Model
     # Model containing information about the email domain.
     class EmailDomain < Abstract
+      # A classification of the domain. Possible values are:
+      # * business
+      # * education
+      # * government
+      # * isp_email
+      #
+      # @return [String, nil]
+      attr_reader :classification
+
       # A date string (e.g. 2017-04-24) to identify the date an email domain
       # was first seen by MaxMind. This is expressed using the ISO 8601 date
       # format.
@@ -13,11 +23,33 @@ module Minfraud
       # @return [String, nil]
       attr_reader :first_seen
 
+      # A risk score ranging from 0.01 to 99. Higher values indicate greater
+      # risk.
+      #
+      # @return [Float, nil]
+      attr_reader :risk
+
+      # An object containing information about an automated visit to the email
+      # domain.
+      #
+      # @return [Minfraud::Model::EmailDomainVisit, nil]
+      attr_reader :visit
+
+      # Activity across the minFraud network expressed as sightings per
+      # million. The value ranges from 0.001 to 1,000,000.
+      #
+      # @return [Float, nil]
+      attr_reader :volume
+
       # @!visibility private
       def initialize(record)
         super
 
-        @first_seen = get('first_seen')
+        @classification = get('classification')
+        @first_seen     = get('first_seen')
+        @risk           = get('risk')
+        @visit          = EmailDomainVisit.new(get('visit'))
+        @volume         = get('volume')
       end
     end
   end

data/lib/minfraud/model/email_domain_visit.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'minfraud/model/abstract'
+
+module Minfraud
+  module Model
+    # Model containing information about an automated visit to the email
+    # domain.
+    class EmailDomainVisit < Abstract
+      # Whether the domain redirects to another URL.
+      #
+      # @return [Boolean, nil]
+      attr_reader :has_redirect
+
+      # A date string (e.g. 2025-11-15) identifying the date the automated
+      # visit was completed. This is expressed using the ISO 8601 date format.
+      #
+      # @return [String, nil]
+      attr_reader :last_visited_on
+
+      # The status of the domain. Possible values are:
+      # * live - The domain is operational and serving content.
+      # * dns_error - The domain has missing, expired, or misconfigured DNS.
+      # * network_error - The domain is offline or unreachable.
+      # * http_error - The domain is reachable, but has an application error.
+      # * parked - The domain is reachable and in a parked state.
+      # * pre_development - The domain is reachable and in a pre-development
+      #   state.
+      #
+      # @return [String, nil]
+      attr_reader :status
+
+      # @!visibility private
+      def initialize(record)
+        super
+
+        @has_redirect    = get('has_redirect')
+        @last_visited_on = get('last_visited_on')
+        @status          = get('status')
+      end
+    end
+  end
+end

data/lib/minfraud/model/phone.rb

@@ -21,6 +21,15 @@ module Minfraud
       # @return [Boolean, nil]
       attr_reader :is_voip
 
+      # This property is true if the phone number's prefix is commonly
+      # associated with the postal code. It is false if the prefix is not
+      # associated with the postal code. It is non-nil only when the phone
+      # number is in the US, the number prefix is in our database, and the
+      # postal code and country are provided in the request.
+      #
+      # @return [Boolean, nil]
+      attr_reader :matches_postal
+
       # The name of the original network operator associated with the phone
       # number. This attribute does not reflect phone numbers that have been
       # ported from the original operator to another, nor does it identify
@@ -41,6 +50,7 @@ module Minfraud
 
         @country          = get('country')
         @is_voip          = get('is_voip')
+        @matches_postal   = get('matches_postal')
         @network_operator = get('network_operator')
         @number_type      = get('number_type')
       end

data/lib/minfraud/model/risk_score_reason.rb

@@ -14,9 +14,9 @@ module Minfraud
       # @return [Float]
       attr_reader :multiplier
 
-      # This field contains Risk objects that describe one of the reasons for the multiplier.
+      # Reasons for the multiplier.
       #
-      # @return [Array<Minfraud::Model::Risk>]
+      # @return [Array<Minfraud::Model::Reason>]
       attr_reader :reasons
 
       # @!visibility private

data/lib/minfraud/validates.rb

@@ -27,7 +27,7 @@ module Minfraud
     def validate_uuid(field, value)
       return if !value
 
-      stripped_value = value.to_s.gsub('-', '')
+      stripped_value = value.to_s.delete('-')
 
       # Define a regex pattern for a valid UUID without dashes
       uuid_regex = /\A[0-9a-f]{32}\z/i
@@ -78,7 +78,7 @@ module Minfraud
         raise InvalidInputError, "The #{field} value is not valid. It must contain only non-space printable ASCII characters."
       end
 
-      if /\A[0-9]{1,19}\z/.match(s)
+      if /\A[0-9]{1,19}\z/.match?(s)
         raise InvalidInputError, "The #{field} value is not valid. If it is all digits, it must be longer than 19 characters."
       end
     end
@@ -147,7 +147,7 @@ module Minfraud
     def validate_email(field, value)
       return if !value
 
-      if /.@./.match(value)
+      if /.@./.match?(value)
         validate_string(field, 255, value)
         return
       end

data/lib/minfraud/version.rb

@@ -2,5 +2,5 @@
 
 module Minfraud
   # The Gem version.
-  VERSION = '2.7.1'
+  VERSION = '2.9.0'
 end

data/lib/minfraud.rb

@@ -32,6 +32,9 @@ require 'minfraud/report'
 # for the gem's classes.
 module Minfraud
   class << self
+    # rubocop:disable ThreadSafety/ClassAndModuleAttributes
+    # This is a false positive - these configuration attributes are set during initialization
+
     # The MaxMind account ID that is used for authorization.
     #
     # @return [Integer, nil]
@@ -57,6 +60,8 @@ module Minfraud
     # @return [String, nil]
     attr_accessor :license_key
 
+    # rubocop:enable ThreadSafety/ClassAndModuleAttributes
+
     # @!visibility private
     attr_reader :connection_pool
 
@@ -67,8 +72,11 @@ module Minfraud
       yield self
 
       pool_size        = 5
+      # rubocop:disable ThreadSafety/ClassInstanceVariable
+      # This is a false positive - this configuration is set during initialization
       host             = @host.nil? ? 'minfraud.maxmind.com' : @host
       @connection_pool = ConnectionPool.new(size: pool_size) do
+        # rubocop:enable ThreadSafety/ClassInstanceVariable
         make_http_client.persistent("https://#{host}")
       end
     end
@@ -76,10 +84,13 @@ module Minfraud
     private
 
     def make_http_client
+      # rubocop:disable ThreadSafety/ClassInstanceVariable
+      # This is a false positive - this configuration is set during initialization
       HTTP.basic_auth(
         user: @account_id,
         pass: @license_key,
       ).headers(
+        # rubocop:enable ThreadSafety/ClassInstanceVariable
         accept:     'application/json',
         user_agent: "minfraud-api-ruby/#{Minfraud::VERSION} ruby/#{RUBY_VERSION} http/#{HTTP::VERSION}",
       )

data/minfraud.gemspec

@@ -15,7 +15,7 @@ Gem::Specification.new do |spec|
   spec.homepage      = 'https://github.com/maxmind/minfraud-api-ruby'
   spec.license       = 'MIT'
 
-  spec.required_ruby_version = '>= 3.0'
+  spec.required_ruby_version = '>= 3.2'
 
   spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^.gitignore$|^(?:\.github|dev-bin|spec)/}) }
   spec.bindir        = 'exe'
@@ -24,13 +24,17 @@ Gem::Specification.new do |spec|
 
   spec.add_dependency 'connection_pool', '~> 2.2'
   spec.add_dependency 'http', '>= 4.3', '< 6.0'
-  spec.add_dependency 'maxmind-geoip2', '~> 1.2'
+  spec.add_dependency 'maxmind-geoip2', '~> 1.4'
   spec.add_dependency 'simpleidn', '~> 0.1', '>= 0.1.1'
 
   spec.add_development_dependency 'bundler', '~> 2.2'
   spec.add_development_dependency 'rake', '~> 13.0'
   spec.add_development_dependency 'rspec', '~> 3.0'
   spec.add_development_dependency 'rubocop', '~> 1.23'
+  spec.add_development_dependency 'rubocop-performance'
+  spec.add_development_dependency 'rubocop-rake'
+  spec.add_development_dependency 'rubocop-rspec'
+  spec.add_development_dependency 'rubocop-thread_safety'
   spec.add_development_dependency 'webmock', '~> 3.14'
   spec.metadata = {
     'rubygems_mfa_required' => 'true'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: minfraud
 version: !ruby/object:Gem::Version
-  version: 2.7.1
+  version: 2.9.0
 platform: ruby
 authors:
 - kushnir.yb
 - William Storey
 bindir: exe
 cert_chain: []
-date: 2025-02-10 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: connection_pool
@@ -50,14 +50,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.4'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.2'
+        version: '1.4'
 - !ruby/object:Gem::Dependency
   name: simpleidn
   requirement: !ruby/object:Gem::Requirement
@@ -134,6 +134,62 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.23'
+- !ruby/object:Gem::Dependency
+  name: rubocop-performance
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rubocop-thread_safety
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: webmock
   requirement: !ruby/object:Gem::Requirement
@@ -157,6 +213,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - CHANGELOG.md
+- CLAUDE.md
 - CODE_OF_CONDUCT.md
 - Gemfile
 - LICENSE.txt
@@ -194,6 +251,7 @@ files:
 - lib/minfraud/model/disposition.rb
 - lib/minfraud/model/email.rb
 - lib/minfraud/model/email_domain.rb
+- lib/minfraud/model/email_domain_visit.rb
 - lib/minfraud/model/error.rb
 - lib/minfraud/model/factors.rb
 - lib/minfraud/model/geoip2_location.rb
@@ -226,14 +284,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.0'
+      version: '3.2'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.6.2
+rubygems_version: 3.6.9
 specification_version: 4
 summary: Ruby API for the minFraud Score, Insights, Factors, and Report Transactions
   services