omniauth-identity 3.1.4 → 3.1.5

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1299ed56a1450bd936c5b4f7345901c81d3e485cd2191b778074c058344c4d51
-  data.tar.gz: 8b82be0d7c38e24fa01f5741d184c9e27fa6b842d863dc2912b6b6e3a1ac2b6a
+  metadata.gz: eab43fa354af27c298ecb9afdd400e13eecd36e2d456489ea4dce6ffc33ed7b6
+  data.tar.gz: 2ea1d0249b3f4d154411698273969794b45afe734a91d3a24c8fa5ed819d4003
 SHA512:
-  metadata.gz: a0b274d8ab8950e144fef290d150b294ffe5984764ae25d04b90458e3d44a605e0328141cf00fd09e5b4e295aadeb186f2f3386515997e6f1c8f5eae9de40aeb
-  data.tar.gz: cd20cf2c660f0592b9926fc3deac8f7d87e50f37c57393301f57a093988567b4063df04f6b677b7ba06fd3a562fa46328917097ee7962247f950ccd182560cb8
+  metadata.gz: 4b9b26f6fcbbdeec62c3d63d298e9b7491e6e2333d23cea7d275f8fdccc6f11d8a69fcd157bba7af57910d6bedb4201c96d064f600b800a05a99c5b180ed4840
+  data.tar.gz: 886538d3ede5ce008c3fe5014fbb407516fe0097e6a69b5453971ce955a5dfd79ac97226780ec8f366e7be0c6b11ae6d7ed4d701585d2fec08f58c3055c20c00

data/CHANGELOG.md

@@ -1,56 +1,101 @@
 # Changelog
 
-All notable changes to this project since v2.0 will be documented in this file.
+[![SemVer 2.0.0][📌semver-img]][📌semver] [![Keep-A-Changelog 1.0.0][📗keep-changelog-img]][📗keep-changelog]
 
-The format is based on [Keep a Changelog v1](https://keepachangelog.com/en/1.0.0/),
-and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.0.0.html).
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog][📗keep-changelog],
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html),
+and [yes][📌major-versions-not-sacred], platform and engine support are part of the [public API][📌semver-breaking].
+Please file a bug if you notice a violation of semantic versioning.
+
+[📌semver]: https://semver.org/spec/v2.0.0.html
+[📌semver-img]: https://img.shields.io/badge/semver-2.0.0-FFDD67.svg?style=flat
+[📌semver-breaking]: https://github.com/semver/semver/issues/716#issuecomment-869336139
+[📌major-versions-not-sacred]: https://tom.preston-werner.com/2022/05/23/major-version-numbers-are-not-sacred.html
+[📗keep-changelog]: https://keepachangelog.com/en/1.0.0/
+[📗keep-changelog-img]: https://img.shields.io/badge/keep--a--changelog-1.0.0-FFDD67.svg?style=flat
 
 ## [Unreleased]
+
 ### Added
+
 ### Changed
+
 ### Deprecated
+
 ### Removed
+
 ### Fixed
+
 ### Security
 
+## [3.1.5] - 2025-10-13
+
+- TAG: [v3.1.5][3.1.5t]
+- COVERAGE: 93.58% -- 437/467 lines in 14 files
+- BRANCH COVERAGE: 81.00% -- 81/100 branches in 14 files
+- 92.39% documented
+
+### Added
+
+- Adapter support for Hanami and ROM
+- Complete YARD documentation
+- kettle-dev for easier maintenance & dev tooling
+
 ## [3.1.4] - 2025-07-28
+
 - TAG: [v3.1.4][3.1.4t]
 - COVERAGE:  92.06% -- 348/378 lines in 15 files
 - BRANCH COVERAGE:  79.49% -- 62/78 branches in 15 files
 - 44.44% documented
+
 # Added
+
 - More documentation
 - Tracking maintainability and coverage with QLTY.sh
 - Documentation site
   - https://omniauth-identity.galtzo.com
 - Test against bson v5.1.1
 - Test against locked and unlocked, runtime and development, dependencies
+
 ### Changed
+
 - gemspec metadata
 - Test against latest bundler
 - Develop on ruby@3.4.5
 - Switch to [Appraisal2](https://github.com/appraisal-rb/appraisal2)
 
 ## [3.1.3] - 2025-06-08
+
 - TAG: [v3.1.3][3.1.3t]
 - COVERAGE: 92.06% -- 348/378 lines in 15 files
 - BRANCH COVERAGE: 79.49% -- 62/78 branches in 15 files
 - 44.44% documented
+
 ### Added
+
 - More documentation by @pboling
 - Expanded test suite, covering many more points of the dependency matrix by @pboling
 - Test workflows with latest dependencies and more platform and dep HEADs
+
 ### Changed
+
 - Updated Code of Conduct to Contributor Covenant v2.1
+
 ### Fixed
+
 - Set `SKIP_GEM_SIGNING` in env to allow `gem build` without cryptographic signing requirement by @pboling
   - Useful for linux distros whose package managers sign packages independently
 
 ## [3.1.2] - 2025-05-07
+
 - TAG: [v3.1.2][3.1.2t]
 - COVERAGE: 92.02% -- 346/376 lines in 15 files
 - BRANCH COVERAGE: 79.49% -- 62/78 branches in 15 files
+
 ### Added
+
 - 20 year signing cert expires 2045-04-29 by @pboling
 - Added CITATION.cff by @pboling
 - devcontainer for easier maintenance by @pboling
@@ -58,38 +103,52 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - Greatly improved spec suite and CI config by @pboling
   - Testing against JRuby 9.2, 9.3, 9.4, 10.0, and head
   - Testing against many more combinations of Databases, ORMs, Rails, and Ruby versions
+
 ### Changed
+
 - Upgraded Code of Conduct based on Contributor Covenant v2.1 by @pboling
 
 ## [3.1.1] - 2024-11-18
+
 - TAG: [v3.1.1][3.1.1t]
 - COVERAGE: 92.00% -- 345/375 lines in 15 files
 - BRANCH COVERAGE: 80.26% -- 61/76 branches in 15 files
 - 44.44% documented
+
 ### Added
+
 - [PR 130][130] Add SECURITY.md policy by @pboling
 - [PR 130][130] Add Maintainer contact email by @pboling
+
 ### Changed
+
 - [PR 130][130] Require MFA to publish to RubyGems.org by @pboling
 
 [130]: https://github.com/omniauth/omniauth-identity/pull/130
 
 ## [3.1.0] - 2024-11-18
+
 - TAG: [v3.1.0][3.1.0t]
 - COVERAGE: 91.98% -- 344/374 lines in 15 files
 - BRANCH COVERAGE: 80.26% -- 61/76 branches in 15 files
 - 44.44% documented
+
 ### Added
+
 - [PR #123][123] Improve readability in #identity method of OmniAuth::Strategies::Identity by @Xeragus
 - [PR #124][124] Modernized gem structure, and updated dependencies for development by @pboling
   - Gem releases are now cryptographically signed
   - All ORM adapters (except NoBrainer) are tested in CI
 - [PR #127][127] Improved documentation by @pboling
 - [PR #128][128] Instructions for contributing by @pboling
+
 ### Changed
+
 - Deprecate `require 'omniauth/identity'` by @pboling
   - in favor of `require 'omniauth-identity'` (matching the gem name)
+
 ### Fixed
+
 - [PR #120][120] Fix: handling of SCRIPT_NAME for registration_path by @btalbot
 - [PR #122][122] Compatibility with rack v3.1+: use `req.params[]` instead of `req[]` by @emon
   - See: https://github.com/rack/rack/pull/2183
@@ -102,34 +161,49 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 [120]: https://github.com/omniauth/omniauth-identity/pull/120
 
 ## [3.0.9] - 2021-06-16
+
 - TAG: [v3.0.9][3.0.9t]
+
 ### Fixed
+
 - \[Sequel\] Fixes loading the Sequel adapter, issue reported as [#112](https://github.com/omniauth/omniauth-identity/issues/112)
+
 ### Added
+
 - 📝 Document the Database adapters and drivers the gem currently works with
 
 ## [3.0.8] - 2021-03-24
+
 - TAG: [v3.0.8][3.0.8t]
+
 ### Fixed
+
 - \[Model\] Fixes 2 issues raised in a comment on PR [#108](https://github.com/omniauth/omniauth-identity/pull/108#issuecomment-804456604)
   - When `options[:on_validation]` is set `new`/`save`/`persisted?` logic is used.
   - When `options[:on_validation]` is not set `create`/`persisted?` logic is used.
 
 ## [3.0.7] - 2021-03-23
+
 - TAG: [v3.0.7][3.0.7t]
+
 ### Fixed
+
 - \[ActiveRecord\] Fixed [#110](https://github.com/omniauth/omniauth-identity/issues/110) which prevented `OmniAuth::Identity::Models::ActiveRecord`-based records from saving.
 - \[CouchPotato\] Fixed `OmniAuth::Identity::Models::CouchPotato`'s `#save`.
 - \[Sequel\] Fixed `OmniAuth::Identity::Models::Sequel`'s `#save`.
 - \[Model\] Only define `::create`, `#save`, and `#persisted?` when not already defined.
 - \[Model\] Restore original `info` functionality which set `name` based on `first_name`, `last_name`, or `nickname`
+
 ### Changed
+
 - Upgraded to a newer `OmniAuth::Identity::SecurePassword` ripped from [Rails 6-1-stable](https://github.com/rails/rails/blob/6-1-stable/activemodel/lib/active_model/secure_password.rb)
   - Aeons ago the original was ripped from Rails 3.1, and frozen in time.
     While writing specs, it was discovered to be incompatible with this gem's Sequel adapter.
   - Specs validate that the new version does work.
     In any case, the ripped version is only used when the `has_secure_password` macro is not yet defined in the class.
+
 ### Added
+
 - New specs to cover real use cases and implementations of each ORM model adapter that ships with the gem:
   - ActiveRecord (Polyglot - Many Relational Databases)
   - Sequel (Polyglot - Many Relational Databases)
@@ -138,10 +212,15 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
   - NoBrainer (RethinkDB)
 
 ## [3.0.6] - 2021-03-20
+
 - TAG: [v3.0.6][3.0.6t]
+
 ### Fixed
+
 - Fix breaking changes introduced by [#108](https://github.com/omniauth/omniauth-identity/pull/108) which prevented `:on_validation` from firing
+
 ### Added
+
 - New (or finally documented) options:
   - `:create_identity_link_text` defaults to `'Create an Identity'`
   - `:registration_failure_message` defaults to `'One or more fields were invalid'`
@@ -150,33 +229,49 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
   - `:registration_form_title` defaults to `'Register Identity'`
 
 ## [3.0.5] - 2021-03-19
+
 - TAG: [v3.0.5][3.0.5t]
+
 ### Fixed
+
 - Fix breaking changes introduced by [#86's](https://github.com/omniauth/omniauth-identity/pull/86) introduction of `:on_validation`
+
 ### Added
+
 - Define `#save`, `#persisted?` and `::create` on `Omniauth::Identity::Model`
 - Add `@since` YARD tags to interface methods
 - Refactor `Omniauth::Strategies::Identity.registration_phase` to support `Omniauth::Identity::Model`-inheriting classes that do not define `#save`.
   - This support will be dropped in v4.0.
 
 ## [3.0.4] - 2021-02-14
+
 - TAG: [v3.0.4][3.0.4t]
+
 ### Added
+
 - Add support for [sequel ORM](http://sequel.jeremyevans.net/)
 
 ## [3.0.3] - 2021-02-14
+
 - TAG: [v3.0.3][3.0.3t]
+
 ### Added
+
 - Add option `:on_validation`, which can be used to add a Captcha
   - See [example here](https://github.com/omniauth/omniauth-identity/pull/86#issue-63225122)
 - Add support for nobrainer, an ORM for RethinkDB
 - Validation error message on invalid registration form submission
+
 ### Removed
+
 - ruby-head build... simply too slow
 
 ## [3.0.2] - 2021-02-14
+
 - TAG: [v3.0.2][3.0.2t]
+
 ### Fixed
+
 - Github Actions CI Build for Ruby 2.4, 3.0 and ruby-head
 - Updated copyright
 - Code style cleanup
@@ -184,13 +279,19 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - Updated Readme
 
 ## [3.0.1] - 2021-02-14
+
 - TAG: [v3.0.1][3.0.1t]
+
 ### Fixed
+
 - Github Actions CI Build for various Rubies
 
 ## [3.0.0] - 2021-02-13
+
 - TAG: [v3.0.0][3.0.0t]
+
 ### Added
+
 - Compatibility with Ruby 3
 - Add option `:enable_login` to bypass OmniAuth disabling of GET method (default `true`)
   - NOTE: This restores compatibility between this gem and the current, core, omniauth gem!
@@ -201,17 +302,24 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - Minimum Ruby version = 2.4
 - Automatically adds "provider" => "identity" when "provider" column is detected
 - Documentation in README.md
+
 ### Removed
+
 - Support for Rubies < 2.4
 - Support for DataMapper, which died long ago.
 - Unwanted git artifacts
 
 ## [2.0.0] - 2020-09-01
+
 - TAG: [v2.0.0][2.0.0t]
+
 ### Added
+
 - CHANGELOG to maintain a history of changes.
 - Include mongoid-rspec gem.
+
 ### Changed
+
 - Fix failing Specs
 - Update Spec syntax to RSpec 3
 - Fix deprecation Warnings
@@ -220,11 +328,15 @@ and this project adheres to [Semantic Versioning v2](https://semver.org/spec/v2.
 - Dependency version limits so that the most up-to-date gem dependencies are used. (rspec 3+, mongo 2+, mongoid 7+, rake 13+, rack 2+, json 2+)
 - Updated copyright information.
 - Updated MongoMapper section of README to reflect its discontinued support.
+
 ### Removed
+
 - Gemfile.lock file
 - MongoMapper support; unable to satisfy dependencies of both MongoMapper and Mongoid now that MongoMapper is no longer actively maintained.
 
-[Unreleased]: https://github.com/omniauth/omniauth-identity/compare/v3.1.4...HEAD
+[Unreleased]: https://github.com/omniauth/omniauth-identity/compare/v3.1.5...HEAD
+[3.1.5]: https://github.com/omniauth/omniauth-identity/compare/v3.1.4...v3.1.5
+[3.1.5t]: https://github.com/omniauth/omniauth-identity/releases/tag/v3.1.5
 [3.1.4]: https://github.com/omniauth/omniauth-identity/compare/v3.1.3...v3.1.4
 [3.1.4t]: https://github.com/omniauth/omniauth-identity/tags/v3.1.4
 [3.1.3]: https://github.com/omniauth/omniauth-identity/compare/v3.1.2...v3.1.3

data/CITATION.cff

@@ -0,0 +1,20 @@
+cff-version: 1.2.0
+title: omniauth-identity
+message: >-
+  If you use this work and you want to cite it,
+  then you can use the metadata from this file.
+type: software
+authors:
+  - given-names: Peter Hurn
+    family-names: Boling
+    email: peter@railsbling.com
+    affiliation: railsbling.com
+    orcid: 'https://orcid.org/0009-0008-8519-441X'
+identifiers:
+  - type: url
+    value: 'https://github.com/omniauth/omniauth-identity'
+    description: omniauth-identity
+repository-code: 'https://github.com/omniauth/omniauth-identity'
+abstract: >-
+  omniauth-identity
+license: See license file

data/CODE_OF_CONDUCT.md

@@ -1,4 +1,3 @@
-
 # Contributor Covenant Code of Conduct
 
 ## Our Pledge
@@ -61,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-[![Contact BDFL][🚂bdfl-contact-img]][🚂bdfl-contact].
+[![Contact Maintainer][🚂maint-contact-img]][🚂maint-contact].
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the
@@ -131,5 +130,5 @@ For answers to common questions about this code of conduct, see the FAQ at
 [Mozilla CoC]: https://github.com/mozilla/diversity
 [FAQ]: https://www.contributor-covenant.org/faq
 [translations]: https://www.contributor-covenant.org/translations
-[🚂bdfl-contact]: http://www.railsbling.com/contact
-[🚂bdfl-contact-img]: https://img.shields.io/badge/Contact-BDFL-0093D0.svg?style=flat&logo=rubyonrails&logoColor=red
+[🚂maint-contact]: http://www.railsbling.com/contact
+[🚂maint-contact-img]: https://img.shields.io/badge/Contact-Maintainer-0093D0.svg?style=flat&logo=rubyonrails&logoColor=red

data/CONTRIBUTING.md

@@ -1,12 +1,12 @@
 # Contributing
 
-Bug reports and pull requests are welcome on GitHub at [https://github.com/omniauth/omniauth-identity][🚎src-main].
+Bug reports and pull requests are welcome on [CodeBerg][📜src-cb], [GitLab][📜src-gl], or [GitHub][📜src-gh].
 This project should be a safe, welcoming space for collaboration, so contributors agree to adhere to
 the [code of conduct][🤝conduct].
 
 To submit a patch, please fork the project, create a patch with tests, and send a pull request.
 
-Remember to [![Keep A Changelog][📗keep-changelog-img]][📗keep-changelog].
+Remember to [![Keep A Changelog][📗keep-changelog-img]][📗keep-changelog] if you make changes.
 
 ## Help out!
 
@@ -22,49 +22,82 @@ Follow these instructions:
 6. Make sure to add tests for it. This is important, so it doesn't break in a future release.
 7. Create new Pull Request.
 
-## Appraisals
+## Executables vs Rake tasks
 
-From time to time the appraisal gemfiles in `gemfiles/` will need to be updated.
+Executables shipped by omniauth-identity can be used with or without generating the binstubs.
+They will work when omniauth-identity is installed globally (i.e., `gem install omniauth-identity`) and do not require that omniauth-identity be in your bundle.
 
-Create or update them with the commands:
+- kettle-changelog
+- kettle-commit-msg
+- omniauth-identity-setup
+- kettle-dvcs
+- kettle-pre-release
+- kettle-readme-backers
+- kettle-release
 
-```console
-BUNDLE_GEMFILE=Appraisal.root.gemfile bundle
-BUNDLE_GEMFILE=Appraisal.root.gemfile bundle exec appraisal update
-bundle exec rake rubocop_gradual:autocorrect
+However, the rake tasks provided by omniauth-identity do require omniauth-identity to be added as a development dependency and loaded in your Rakefile.
+See the full list of rake tasks in head of Rakefile
+
+**Gemfile**
+```ruby
+group :development do
+  gem "omniauth-identity", require: false
+end
 ```
 
-NOTE: Commands need to be run from the devcontainer if old Rails or old sqlite3 won't install for you locally.
+**Rakefile**
+```ruby
+# Rakefile
+require "omniauth/identity"
+```
 
-When adding an appraisal to CI, check the [runner tool cache][🏃‍♂️runner-tool-cache] to see which runner to use.
+## Environment Variables for Local Development
 
-### We commit, and don't commit, our "gemfile.lock" files
+Below are the primary environment variables recognized by stone_checksums (and its integrated tools). Unless otherwise noted, set boolean values to the string "true" to enable.
 
-Thanks to [Appraisal2](https://github.com/appraisal-rb/appraisal2) we have a `gemfiles/*.gemfile` suite
-in addition to the main `Gemfile` at the root of the project.
-We run a workflow against the main Gemfile, which has a `Gemfile.lock` committed, and
-we also run workflows against each of the Appraisal2 `gemfiles/*.gemfile` suite,
-which **do not** have `gemfiles/*.gemfile.lock` committed.
+General/runtime
+- DEBUG: Enable extra internal logging for this library (default: false)
+- REQUIRE_BENCH: Enable `require_bench` to profile requires (default: false)
+- CI: When set to true, adjusts default rake tasks toward CI behavior
 
-```
-# Lock/Unlock Deps Pattern
-#
-# Two often conflicting goals resolved!
-#
-#  - deps_unlocked.yml
-#    - All runtime & dev dependencies, but does not have a `gemfiles/*.gemfile.lock` committed
-#    - Uses an Appraisal2 "deps_unlocked" gemfile, and the current MRI Ruby release
-#    - Know when new dependency releases will break local dev with unlocked dependencies
-#    - Broken workflow indicates that new releases of dependencies may not work
-#
-#  - deps_locked.yml
-#    - All runtime & dev dependencies, and has a `Gemfile.lock` committed
-#    - Uses the project's main Gemfile, and the current MRI Ruby release
-#    - Matches what contributors and maintainers use locally for development
-#    - Broken workflow indicates that a new contributor will have a bad time
-#
+Coverage (kettle-soup-cover / SimpleCov)
+- K_SOUP_COV_DO: Enable coverage collection (default: true in .envrc)
+- K_SOUP_COV_FORMATTERS: Comma-separated list of formatters (html, xml, rcov, lcov, json, tty)
+- K_SOUP_COV_MIN_LINE: Minimum line coverage threshold (integer, e.g., 100)
+- K_SOUP_COV_MIN_BRANCH: Minimum branch coverage threshold (integer, e.g., 100)
+- K_SOUP_COV_MIN_HARD: Fail the run if thresholds are not met (true/false)
+- K_SOUP_COV_MULTI_FORMATTERS: Enable multiple formatters at once (true/false)
+- K_SOUP_COV_OPEN_BIN: Path to browser opener for HTML (empty disables auto-open)
+- MAX_ROWS: Limit console output rows for simplecov-console (e.g., 1)
+  Tip: When running a single spec file locally, you may want `K_SOUP_COV_MIN_HARD=false` to avoid failing thresholds for a partial run.
+
+GitHub API and CI helpers
+- GITHUB_TOKEN or GH_TOKEN: Token used by `ci:act` and release workflow checks to query GitHub Actions status at higher rate limits
+
+Releasing and signing
+- SKIP_GEM_SIGNING: If set, skip gem signing during build/release
+- GEM_CERT_USER: Username for selecting your public cert in `certs/<USER>.pem` (defaults to $USER)
+- SOURCE_DATE_EPOCH: Reproducible build timestamp. `kettle-release` will set this automatically for the session.
+
+Git hooks and commit message helpers (exe/kettle-commit-msg)
+- GIT_HOOK_BRANCH_VALIDATE: Branch name validation mode (e.g., `jira`) or `false` to disable
+- GIT_HOOK_FOOTER_APPEND: Append a footer to commit messages when goalie allows (true/false)
+- GIT_HOOK_FOOTER_SENTINEL: Required when footer append is enabled — a unique first-line sentinel to prevent duplicates
+- GIT_HOOK_FOOTER_APPEND_DEBUG: Extra debug output in the footer template (true/false)
+
+For a quick starting point, this repository’s `.envrc` shows sane defaults, and `.env.local` can override them locally.
+
+## Appraisals
+
+From time to time the [appraisal2][🚎appraisal2] gemfiles in `gemfiles/` will need to be updated.
+They are created and updated with the commands:
+
+```console
+bin/rake appraisal:update
 ```
 
+When adding an appraisal to CI, check the [runner tool cache][🏃‍♂️runner-tool-cache] to see which runner to use.
+
 ## The Reek List
 
 Take a look at the `reek` list which is the file called `REEK` and find something to improve.
@@ -139,6 +172,13 @@ bundle exec rspec spec_orms/mongoid_spec.rb
 bundle exec rspec spec_ignored/nobrainer_spec.rb
 ```
 
+### Spec organization (required)
+
+- One spec file per class/module. For each class or module under `lib/`, keep all of its unit tests in a single spec file under `spec/` that mirrors the path and file name exactly: `lib/omniauth/identity/*.rb` -> `spec/omniauth/identity/*_spec.rb`.
+- Never add a second spec file for the same class/module. Examples of disallowed names: `*_more_spec.rb`, `*_extra_spec.rb`, `*_status_spec.rb`, or any other suffix that still targets the same class. If you find yourself wanting a second file, merge those examples into the canonical spec file for that class/module.
+- Exception: Integration specs that intentionally span multiple classes. Place these under `spec/integration/` (or a clearly named integration folder), and do not directly mirror a single class. Name them after the scenario, not a class.
+- Migration note: If a duplicate spec file exists, move all examples into the canonical file and delete the duplicate. Do not leave stubs or empty files behind.
+
 ## Lint It
 
 Run all the default tasks, which includes running the gradually autocorrecting linter, `rubocop-gradual`.
@@ -153,12 +193,29 @@ Or just run the linter.
 bundle exec rake rubocop_gradual:autocorrect
 ```
 
+For more detailed information about using RuboCop in this project, please see the [RUBOCOP.md](RUBOCOP.md) guide. This project uses `rubocop_gradual` instead of vanilla RuboCop, which requires specific commands for checking violations.
+
+### Important: Do not add inline RuboCop disables
+
+Never add `# rubocop:disable ...` / `# rubocop:enable ...` comments to code or specs (except when following the few existing `rubocop:disable` patterns for a rule already being disabled elsewhere in the code). Instead:
+
+- Prefer configuration-based exclusions when a rule should not apply to certain paths or files (e.g., via `.rubocop.yml`).
+- When a violation is temporary and you plan to fix it later, record it in `.rubocop_gradual.lock` using the gradual workflow:
+  - `bundle exec rake rubocop_gradual:autocorrect` (preferred)
+  - `bundle exec rake rubocop_gradual:force_update` (only when you cannot fix the violations immediately)
+
+As a general rule, fix style issues rather than ignoring them. For example, our specs should follow RSpec conventions like using `described_class` for the class under test.
+
 ## Contributors
 
+Your picture could be here!
+
 [![Contributors][🖐contributors-img]][🖐contributors]
 
 Made with [contributors-img][🖐contrib-rocks].
 
+Also see GitLab Contributors: [https://gitlab.com/omniauth/omniauth-identity/-/graphs/main][🚎contributors-gl]
+
 ## For Maintainers
 
 ### One-time, Per-maintainer, Setup
@@ -166,13 +223,21 @@ Made with [contributors-img][🖐contrib-rocks].
 **IMPORTANT**: To sign a build,
 a public key for signing gems will need to be picked up by the line in the
 `gemspec` defining the `spec.cert_chain` (check the relevant ENV variables there).
-All releases to RubyGems.org are signed releases.
+All releases are signed releases.
 See: [RubyGems Security Guide][🔒️rubygems-security-guide]
 
 NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in the environment.
 
 ### To release a new version:
 
+#### Automated process
+
+1. Update version.rb to contain the correct version-to-be-released.
+2. Run `bundle exec kettle-changelog`.
+3. Run `bundle exec kettle-release`.
+
+#### Manual process
+
 1. Run `bin/setup && bin/rake` as a "test, coverage, & linting" sanity check
 2. Update the version number in `version.rb`, and ensure `CHANGELOG.md` reflects changes
 3. Run `bin/setup && bin/rake` again as a secondary check, and to update `Gemfile.lock`
@@ -182,7 +247,8 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
 6. Run `export GIT_TRUNK_BRANCH_NAME="$(git remote show origin | grep 'HEAD branch' | cut -d ' ' -f5)" && echo $GIT_TRUNK_BRANCH_NAME`
 7. Run `git checkout $GIT_TRUNK_BRANCH_NAME`
 8. Run `git pull origin $GIT_TRUNK_BRANCH_NAME` to ensure latest trunk code
-9. Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use same timestamp, and generate same checksums
+9. Optional for older Bundler (< 2.7.0): Set `SOURCE_DATE_EPOCH` so `rake build` and `rake release` use the same timestamp and generate the same checksums
+    - If your Bundler is >= 2.7.0, you can skip this; builds are reproducible by default.
     - Run `export SOURCE_DATE_EPOCH=$EPOCHSECONDS && echo $SOURCE_DATE_EPOCH`
     - If the echo above has no output, then it didn't work.
     - Note: `zsh/datetime` module is needed, if running `zsh`.
@@ -192,20 +258,28 @@ NOTE: To build without signing the gem set `SKIP_GEM_SIGNING` to any value in th
     to create SHA-256 and SHA-512 checksums. This functionality is provided by the `stone_checksums`
     [gem][💎stone_checksums].
     - The script automatically commits but does not push the checksums
-12. Run `bundle exec rake release` which will create a git tag for the version,
-    push git commits and tags, and push the `.gem` file to [rubygems.org][💎rubygems]
-
-[🚎src-main]: https://github.com/omniauth/omniauth-identity
+12. Sanity check the SHA256, comparing with the output from the `bin/gem_checksums` command:
+    - `sha256sum pkg/<gem name>-<version>.gem`
+13. Run `bundle exec rake release` which will create a git tag for the version,
+    push git commits and tags, and push the `.gem` file to the gem host configured in the gemspec.
+
+[📜src-gl]: https://gitlab.com/omniauth/omniauth-identity/
+[📜src-cb]: https://codeberg.org/omniauth/omniauth-identity
+[📜src-gh]: https://github.com/omniauth/omniauth-identity
 [🧪build]: https://github.com/omniauth/omniauth-identity/actions
-[🤝conduct]: https://github.com/omniauth/omniauth-identity/blob/main/CODE_OF_CONDUCT.md
+[🤝conduct]: https://gitlab.com/omniauth/omniauth-identity/-/blob/main/CODE_OF_CONDUCT.md
 [🖐contrib-rocks]: https://contrib.rocks
 [🖐contributors]: https://github.com/omniauth/omniauth-identity/graphs/contributors
+[🚎contributors-gl]: https://gitlab.com/omniauth/omniauth-identity/-/graphs/main
 [🖐contributors-img]: https://contrib.rocks/image?repo=omniauth/omniauth-identity
-[💎rubygems]: https://rubygems.org
+[💎gem-coop]: https://gem.coop
 [🔒️rubygems-security-guide]: https://guides.rubygems.org/security/#building-gems
 [🔒️rubygems-checksums-pr]: https://github.com/rubygems/rubygems/pull/6022
 [🔒️rubygems-guides-pr]: https://github.com/rubygems/guides/pull/325
-[💎stone_checksums]: https://github.com/pboling/stone_checksums
+[💎stone_checksums]: https://github.com/galtzo-floss/stone_checksums
 [📗keep-changelog]: https://keepachangelog.com/en/1.0.0/
 [📗keep-changelog-img]: https://img.shields.io/badge/keep--a--changelog-1.0.0-FFDD67.svg?style=flat
+[📌semver-breaking]: https://github.com/semver/semver/issues/716#issuecomment-869336139
+[📌major-versions-not-sacred]: https://tom.preston-werner.com/2022/05/23/major-version-numbers-are-not-sacred.html
+[🚎appraisal2]: https://github.com/appraisal-rb/appraisal2
 [🏃‍♂️runner-tool-cache]: https://github.com/ruby/ruby-builder/releases/tag/toolcache