RubyGems - omniauth-identity - Versions diffs - 3.1.0 → 3.1.1 - Mend

omniauth-identity 3.1.0 → 3.1.1

Files changed (10) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/CHANGELOG.md +15 -1
data/CONTRIBUTING.md +164 -0
data/{LICENSE → LICENSE.txt} +2 -0
data/SECURITY.md +23 -0
data/lib/omniauth/identity/version.rb +1 -1
data.tar.gz.sig +0 -0
metadata +14 -3
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c1fef55868658b676a13cae194b98acdc6291e95d1ea0cd0aff002c6e4aa0879
-  data.tar.gz: 74b6a02f15f381225dfa00c72693f862297aacb06195b6bb9e14365cc855377c
+  metadata.gz: e2a7eb266545d5ae300646af12c8557a414f49872f05850793ebd1c7b2cc17ca
+  data.tar.gz: 44b4dabec7425f586b1e9b731ea5a14b08902f7c782a360a3bb3ff9c829fa041
 SHA512:
-  metadata.gz: ac2fbae9d13daf604eb9faa346456e27f1498b71452a8623376e54069a56f2c86d4e0441cb9d23ec0e9c9479baf51603212b52f6a899f4ef25076a39264fca3a
-  data.tar.gz: 9e4b925767c8d41354843471122ffd21d8ba2a794a45c185c214cdee797a5e75f74b76b2df02c8f86d3685d6ca8d90236253421e8b112aa7b77245472b1c63cd
+  metadata.gz: ba1eafc9b744438b11dc71db4c8b8e8ec731568413f8dc461fa08df0956903015976669e66ce0402b064259a675db06f325548a54c86a3197f77bee4d1b4d438
+  data.tar.gz: 73e8367e8cb0fe207214cc8fbca53bbe800a76d4770ac0ef4f6b650eab2c2534ea28eb7371efa7537160c89a21d3812c37e6c4c39d4dce91caa826a87cb4518f

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/CHANGELOG.md CHANGED Viewed

@@ -11,6 +11,18 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 ### Fixed
 ### Removed
+## [3.1.1] - 2024-11-18 ([tag][3.1.1t])
+- COVERAGE:  92.00% -- 345/375 lines in 15 files
+- BRANCH COVERAGE:  80.26% -- 61/76 branches in 15 files
+- 44.44% documented
+### Added
+- [PR 130][130] Add SECURITY.md policy by @pboling
+- [PR 130][130] Add Maintainer contact email by @pboling
+### Changed
+- [PR 130][130] Require MFA to publish to RubyGems.org by @pboling
+[130]: https://github.com/omniauth/omniauth-identity/pull/130
 ## [3.1.0] - 2024-11-18 ([tag][3.1.0t])
 - COVERAGE:  91.98% -- 344/374 lines in 15 files
 - BRANCH COVERAGE:  80.26% -- 61/76 branches in 15 files
@@ -150,7 +162,9 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - Gemfile.lock file
 - MongoMapper support; unable to satisfy dependencies of both MongoMapper and Mongoid now that MongoMapper is no longer actively maintained.
-[Unreleased]: https://github.com/omniauth/omniauth-identity/compare/v3.1.0...HEAD
+[Unreleased]: https://github.com/omniauth/omniauth-identity/compare/v3.1.1...HEAD
+[3.1.1]: https://github.com/omniauth/omniauth-identity/compare/v3.1.0...v3.1.1
+[3.1.1t]: https://github.com/omniauth/omniauth-identity/tags/v3.1.1
 [3.1.0]: https://github.com/omniauth/omniauth-identity/compare/v3.0.9...v3.1.0
 [3.1.0t]: https://github.com/omniauth/omniauth-identity/tags/v3.1.0
 [3.0.9]: https://github.com/omniauth/omniauth-identity/compare/v3.0.8...v3.0.9

data/CONTRIBUTING.md ADDED Viewed

@@ -0,0 +1,164 @@
+# Contributing
+Bug reports and pull requests are welcome on GitHub at [https://github.com/omniauth/omniauth-identity][🚎src-main]
+. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to
+the [code of conduct][🤝conduct].
+To submit a patch, please fork the project and create a patch with tests.
+Once you're happy with it send a pull request.
+## You can help!
+Take a look at the `reek` list which is the file called `REEK` and find something to improve.
+Simply follow these instructions:
+1. Fork the repository
+2. Create your feature branch (`git checkout -b my-new-feature`)
+3. Make some fixes.
+4. Commit your changes (`git commit -am 'Added some feature'`)
+5. Push to the branch (`git push origin my-new-feature`)
+6. Make sure to add tests for it. This is important so I don't break it in a future version unintentionally.
+7. Create new Pull Request.
+## Contributors
+Your picture could be here!
+[![Contributors][🖐contributors-img]][🖐contributors]
+Made with [contributors-img][🖐contrib-rocks].
+## The Reek List
+To refresh the `reek` list:
+```bash
+bundle exec reek > REEK
+```
+## Appraisal & Combustion
+### Generate a new set of Appraisal gemfiles:
+```bash
+BUNDLE_GEMFILE=Appraisal.root.gemfile appraisal update
+```
+## Run Tests
+NOTE: In order to run *all* the tests you will need to have the following databases installed, configured, and running.
+1. [RethinkDB](https://rethinkdb.com), an open source, real-time, web database, [installed](https://rethinkdb.com/docs/install/) and [running](https://rethinkdb.com/docs/start-a-server/), e.g.
+   ```bash
+   brew install rethinkdb
+   rethinkdb
+   ```
+2. [MongoDB](https://docs.mongodb.com/manual/administration/install-community/)
+   ```bash
+   brew tap mongodb/brew
+   brew install mongodb-community@4.4
+   mongod --config /usr/local/etc/mongod.conf
+   ```
+3. [CouchDB](https://couchdb.apache.org) - download the .app, or:
+   ```bash
+   brew install couchdb
+   ```
+   CouchDB 3.x requires a set admin password set before startup.
+   Add one to your `$HOMEBREW_PREFIX/etc/local.ini` before starting CouchDB e.g.:
+   ```ini
+   [admins]
+   admin = yourabsolutesecret
+   ```
+   Also add whatever password you set to your `.env.local`:
+   ```dotenv
+   export COUCHDB_PASSWORD=yourabsolutesecret
+   ```
+   Then start the CouchDB service
+   ```bash
+   brew services start couchdb
+   ```
+Now you can run any of the tests!
+To run all tests on all databases (except RethinkDB):
+```bash
+bundle exec rake spec:orm:all
+```
+To run all tests that do not require any additional services, like MongoDB, CouchDB, or RethinkDB:
+```bash
+bundle exec rake test
+```
+To run a specific DB:
+```bash
+# CouchDB / CouchPotato
+bundle exec rspec spec spec_orms --tag 'couchdb'
+# ActiveRecord and Sequel, as they both use the in-memory SQLite driver.
+bundle exec rspec spec spec_orms --tag 'sqlite3'
+# NOTE - mongoid and nobrainer specs can't be isolated with "tag" because it still loads everything,
+#        and the two libraries are fundamentally incompatible.
+# MongoDB / Mongoid
+bundle exec rspec spec_orms/mongoid_spec.rb
+# RethinkDB / NoBrainer (Ignored by CI! see spec file for reasons)
+bundle exec rspec spec_ignored/nobrainer_spec.rb
+```
+## Lint It
+Run all the default tasks, which includes running the gradually autocorrecting linter, `rubocop-gradual`.
+```bash
+bundle exec rake
+```
+Or just run the linter.
+```bash
+bundle exec rubocop_gradual:autocorrect
+```
+## Release
+### One-time, Per-maintainer, Setup
+**IMPORTANT**: Your public key for signing gems will need to be picked up by the line in the
+`gemspec` defining the `spec.cert_chain` (check the relevant ENV variables there),
+in order to sign the new release.
+See: [RubyGems Security Guide][🔒️rubygems-security-guide]
+### To release a new version:
+1. Run `bin/setup && bin/rake` as a tests, coverage, & linting sanity check
+2. Update the version number in `version.rb`
+3. Run `bin/setup && bin/rake` again as a secondary check, and to update `Gemfile.lock`
+4. Run `git commit -am "🔖 Prepare release v<VERSION>"` to commit the changes
+5. Run `git push` to trigger the final CI pipeline before release, & merge PRs
+   - NOTE: Remember to [check the build][🧪build]!
+6. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
+7. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
+8. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure you will release the latest trunk code
+9. Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use same timestamp, and generate same checksums
+   - Run `export SOURCE_DATE_EPOCH=$EPOCHSECONDS && echo $SOURCE_DATE_EPOCH`
+   - If the echo above has no output, then it didn't work.
+   - Note that you'll need the `zsh/datetime` module, if running `zsh`.
+   - In `bash` you can use `date +%s` instead, i.e. `export SOURCE_DATE_EPOCH=$(date +%s) && echo $SOURCE_DATE_EPOCH`
+10. Run `bundle exec rake build`
+11. Run `bin/checksums` (more [context][🔒️rubygems-checksums-pr]) to create SHA-256 and SHA-512 checksums
+    - Checksums will be committed automatically by the script, but not pushed
+12. Run `bundle exec rake release` which will create a git tag for the version,
+    push git commits and tags, and push the `.gem` file to [rubygems.org][💎rubygems]
+[🧪build]: https://github.com/omniauth/omniauth-identity/actions
+[🤝conduct]: https://github.com/omniauth/omniauth-identity/blob/main/CODE_OF_CONDUCT.md
+[🖐contrib-rocks]: https://contrib.rocks
+[🖐contributors]: https://github.com/omniauth/omniauth-identity/graphs/contributors
+[🖐contributors-img]: https://contrib.rocks/image?repo=omniauth/omniauth-identity
+[💎rubygems]: https://rubygems.org
+[🔒️rubygems-security-guide]: https://guides.rubygems.org/security/#building-gems
+[🔒️rubygems-checksums-pr]: https://github.com/rubygems/guides/pull/325
+[🚎src-main]: https://github.com/omniauth/omniauth-identity

data/{LICENSE → LICENSE.txt} RENAMED Viewed

@@ -1,3 +1,5 @@
+MIT License
 Copyright (c) 2021, 2024 Peter H. Boling, and OmniAuth-Identity Maintainers
 Copyright (c) 2020 Peter H. Boling, Andrew Roberts, and Jellybooks Ltd.
 Copyright (c) 2010-2015 Michael Bleigh, and Intridea, Inc.

data/SECURITY.md ADDED Viewed

@@ -0,0 +1,23 @@
+# Security Policy
+## Supported Versions
+| Version | Supported |
+|---------|-----------|
+| 3.1.x   | ✅         |
+| 3.0.x   | ❌         |
+| 2.x     | ❌         |
+| 1.x     | ❌         |
+| 0.x     | ❌         |
+## Reporting a Vulnerability
+Peter Boling is the primary maintainer of this gem. Please find a way
+to [contact him directly](https://railsbling.com/contact) to report the issue. Include as much relevant information as
+possible.
+If you are interested in support for versions older than the latest release,
+please consider sponsoring the project / maintainer @ https://liberapay.com/pboling/donate,
+or find other sponsorship links in the [README].
+[README]: README.md

data/lib/omniauth/identity/version.rb CHANGED Viewed

@@ -3,7 +3,7 @@
 module OmniAuth
   module Identity
     module Version
-      VERSION = "3.1.0"
+      VERSION = "3.1.1"
     end
   end
 end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-identity
 version: !ruby/object:Gem::Version
-  version: 3.1.0
+  version: 3.1.1
 platform: ruby
 authors:
 - Peter Boling
@@ -214,14 +214,17 @@ dependencies:
         version: '1'
 description: Traditional username/password based authentication system for OmniAuth
 email:
+- peter.boling@gmail.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
-- LICENSE
+- CONTRIBUTING.md
+- LICENSE.txt
 - README.md
+- SECURITY.md
 - lib/omniauth-identity.rb
 - lib/omniauth/identity.rb
 - lib/omniauth/identity/model.rb
@@ -236,7 +239,15 @@ files:
 homepage: https://github.com/omniauth/omniauth-identity
 licenses:
 - MIT
-metadata: {}
+metadata:
+  homepage_uri: https://railsbling.com/tags/omniauth-identity/
+  source_code_uri: https://github.com/omniauth/omniauth-identity/tree/v3.1.1
+  changelog_uri: https://github.com/omniauth/omniauth-identity/blob/v3.1.1/CHANGELOG.md
+  bug_tracker_uri: https://github.com/omniauth/omniauth-identity/issues
+  documentation_uri: https://www.rubydoc.info/gems/omniauth-identity/3.1.1
+  wiki_uri: https://github.com/omniauth/omniauth-identity/wiki
+  funding_uri: https://liberapay.com/pboling
+  rubygems_mfa_required: 'true'
 post_install_message:
 rdoc_options: []
 require_paths:

metadata.gz.sig CHANGED Viewed

Binary file