pii_safe_schema 1.3.2 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1ebd5e7d63f153bb4cedccaa5345086238c221520e0a9a65e4874c5cdb5e4b0a
-  data.tar.gz: c788254ae8852acc2dc8a8e1b62fb4463cd4133fdec748499715cbfb4132cd40
+  metadata.gz: a5a9abd519262fb092e04490f3b99c5f7e0293a777b1e29ee9a87b3fe0827728
+  data.tar.gz: 43c6fc045b82b8075bb73f345d0d60a3f6384a4981edc6c9472fbd8c04e2a9d7
 SHA512:
-  metadata.gz: 3ff11da6f69694f15a90b66d4d9ed8a81beb01db60f6ab119120cae2af2019b82026b0721ffb441ef66d199ab794b6d6212ffae25d276f80fb14e8fb8cd68344
-  data.tar.gz: e3f2cb9127b90fc06ffc56c8a109097dc2dd4b67c2e238ebd3afd4336aca218d2e27606f13936becb4f4e84947c24b0b3db20527baeef6cb4647a345d970e820
+  metadata.gz: 26ab3012c6310654ef6a3d8b7f0cd99129105ecee059fa1611f3803da96efba70b1c0bdff854086ff7cc446ce7e84676887dc4299b035fe89507169730c0c68d
+  data.tar.gz: 7153c208b0ca0574e61eaa186be393d20bec4cab360531f0c8644a1bd68da78695bcd513194477f73713c44839355e715e754f9da6e8259bdb46c9178695d0b1

data/.github/CODEOWNERS

@@ -1 +1 @@
-* @wealthsimple/security
+* @wealthsimple/platform-security

data/.github/workflows/default.yml

@@ -0,0 +1,71 @@
+name: Default
+
+# This workflow runs on all pushes to the repo so we can test changes and provide
+# fast feedback. It also gets run when a pull request is created so that we can
+# run the Sonarqube quality gate (which needs information from the PR). Subsequent
+# pushes to the branch will provide PR information of any open PRs.
+on:
+  push:
+  pull_request:
+    types: [opened, reopened]
+
+concurrency:
+  group: default-${{ github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  preflight_check:
+    name: Preflight Check
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: [2.7.5, 3.0.3]
+    steps:
+      # Need to fetch all refs, so we can check if the version has been bumped
+      - uses: actions/checkout@v2
+        with:
+          fetch-depth: 0
+
+      - name: Set up Ruby ${{ matrix.ruby-version }}
+        uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+          ruby-version: ${{ matrix.ruby-version }}
+
+      - name: Lint
+        uses: wealthsimple/toolbox-script@v1
+        with:
+          script: toolbox.ruby.lint.run();
+
+      - name: Test
+        uses: wealthsimple/toolbox-script@v1
+        with:
+          script: toolbox.ruby.test.run();
+
+  publish:
+    name: Publish package
+    runs-on: ubuntu-latest
+    if: github.ref == 'refs/heads/main' || github.ref == 'refs/heads/master'
+    needs:
+      - preflight_check
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+
+      - name: Release the gem
+        run: |
+          mkdir -p ~/.gem
+          cat << EOF > ~/.gem/credentials
+          ---
+          :github: Bearer ${GITHUB_TOKEN}
+          :rubygems_api_key: ${RUBYGEMS_API_KEY}
+          EOF
+          chmod 0600 ~/.gem/credentials
+          git config user.email "noreply@wealthsimple.com"
+          git config user.name "Wolfbot"
+          bundle exec rake release
+        env:
+          RUBYGEMS_API_KEY: ${{ secrets.RUBYGEMS_API_KEY }}

data/.ruby-version

@@ -1 +1 @@
-2.7.2
+2.7.5

data/CHANGELOG.md

@@ -4,6 +4,26 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 1.4.0 - 2021-12-31
+### Changed
+- Add Ruby 3.0.x support
+
+## 1.3.5 - 2021-03-15
+### Changed
+- Add support for Rails 7
+
+## 1.3.4 - 2021-10-21
+### Changed
+- Switched to Github Actions
+
+## 1.3.3 - 2021-03-15
+### Changed
+- Pull CI images from ECR repository
+
+## 1.3.2 - 2021-03-15
+### Changed
+- Update development to Ruby 2.7.2
+
 ## 1.3.1 - 2019-11-06
 ### Fixed
 - Passing arguments to `rake pii_safe_schema:generate_migrations` actually works
@@ -28,7 +48,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Added MIT License
 
 ## 1.0.4 - 2019-4-16
-### Fixed 
+### Fixed
 - converted any hyphens to underscores for consistency.
 
 ## 1.0.3

data/README.md

@@ -1,4 +1,5 @@
-# PII Safe Schema [![CircleCI](https://circleci.com/gh/wealthsimple/pii_safe_schema.svg?style=svg)](https://circleci.com/gh/wealthsimple/pii_safe_schema) [![Coverage Status](https://coveralls.io/repos/github/wealthsimple/pii_safe_schema/badge.svg?branch=master)](https://coveralls.io/github/wealthsimple/pii_safe_schema?branch=master)
+# PII Safe Schema
+![CI](https://github.com/wealthsimple/pii_safe_schema/actions/workflows/default.yml/badge.svg)
 
 Schema migration tool for checking and adding comments on *Personally Identifiable Information* (PII) columns in Rails.
 
@@ -96,4 +97,4 @@ git clone https://github.com/wealthsimple/pii_safe_schema.git
 cd pii_safe_schema
 bundle install
 bundle exec rspec
-```
+```

data/lib/pii_safe_schema/migration_generator.rb

@@ -31,8 +31,8 @@ module PiiSafeSchema
       def generate_migration_lines(table, columns)
         migration_lines = columns.map do |c|
           "#{' ' * (safety_assured? ? 6 : 4)}"\
-          "change_column :#{table}, :#{c.column.name}, :#{c.column.type}, "\
-          "comment: \'#{c.suggestion.to_json}\'"\
+            "change_column :#{table}, :#{c.column.name}, :#{c.column.type}, "\
+            "comment: \'#{c.suggestion.to_json}\'"\
         end
         wrap_in_safety_assured(migration_lines)
       end

data/lib/pii_safe_schema/version.rb

@@ -1,3 +1,3 @@
 module PiiSafeSchema
-  VERSION = '1.3.2'.freeze
+  VERSION = '1.4.0'.freeze
 end

data/lib/pii_safe_schema.rb

@@ -55,7 +55,7 @@ module PiiSafeSchema
     end
   end
 
-  def self.print_help!(do_exit: true) # rubocop:disable Metrics/MethodLength
+  def self.print_help!(do_exit: true)
     puts <<~HELPMSG # rubocop:disable Rails/Output
       Usage:
         rake pii_safe_schema:generate_migrations [table:column:annotation_type] ...

data/pii_safe_schema.gemspec

@@ -21,18 +21,16 @@ Gem::Specification.new do |s|
   s.executables   = s.files.grep(%r{^exe/}) { |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_dependency 'activesupport', '>= 5', '< 7'
   s.add_dependency 'colorize'
-  s.add_dependency 'rails', '>= 5', '< 7'
+  s.add_dependency 'rails', '>= 5', '< 8'
 
   s.add_development_dependency 'bundler', '>= 1.16'
   s.add_development_dependency 'bundler-audit'
-  s.add_development_dependency 'coveralls'
   s.add_development_dependency 'dogstatsd-ruby'
   s.add_development_dependency 'git'
   s.add_development_dependency 'guard-rspec'
   s.add_development_dependency 'pry'
-  s.add_development_dependency 'rails', '>= 5.2.3', '< 7'
+  s.add_development_dependency 'rails', '>= 5', '< 8'
   s.add_development_dependency 'rake', '>= 10.0'
   s.add_development_dependency 'rspec', '< 4', '>= 3.0'
   s.add_development_dependency 'rspec-collection_matchers'

metadata

@@ -1,35 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: pii_safe_schema
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.4.0
 platform: ruby
 authors:
 - Alexi Garrow
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2021-03-15 00:00:00.000000000 Z
+date: 2022-01-04 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: activesupport
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '7'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '5'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '7'
 - !ruby/object:Gem::Dependency
   name: colorize
   requirement: !ruby/object:Gem::Requirement
@@ -53,7 +33,7 @@ dependencies:
         version: '5'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '8'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -63,7 +43,7 @@ dependencies:
         version: '5'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '8'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -92,20 +72,6 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: coveralls
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: dogstatsd-ruby
   requirement: !ruby/object:Gem::Requirement
@@ -168,20 +134,20 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 5.2.3
+        version: '5'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '8'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 5.2.3
+        version: '5'
     - - "<"
       - !ruby/object:Gem::Version
-        version: '7'
+        version: '8'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -335,9 +301,9 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".circleci/config.yml"
 - ".github/CODEOWNERS"
 - ".github/PULL_REQUEST_TEMPLATE.md"
+- ".github/workflows/default.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
@@ -381,7 +347,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.1.6
 signing_key: 
 specification_version: 4
 summary: Schema migration tool for checking and adding comments on PII columns.

data/.circleci/config.yml

@@ -1,118 +0,0 @@
-version: 2
-
-defaults: &defaults
-  working_directory: /home/circleci/wealthsimple
-  docker:
-    - image: circleci/ruby:2.7.2
-    - image: circleci/postgres:9.5.9-alpine
-      environment:
-        POSTGRES_USER: circleci
-        POSTGRES_DB: pii_safe_schema_test
-
-# These are common snippets that are referenced in multiple workflows.
-references:
-  attach_code_workspace: &attach_code_workspace
-    attach_workspace:
-      at: /home/circleci/wealthsimple
-
-  restore_bundle_dependencies: &restore_bundle_dependencies
-    run:
-      name: Restore bundle dependencies from workspace
-      command: bundle --path vendor/bundle
-
-jobs:
-  checkout_and_bundle:
-    <<: *defaults
-    steps:
-      - checkout
-      - run:
-          command: bundle install --jobs=4 --retry=3 --path vendor/bundle
-      - persist_to_workspace:
-          root: .
-          paths: .
-
-  rspec:
-    <<: *defaults
-    steps:
-      - *attach_code_workspace
-      - *restore_bundle_dependencies
-      - run:
-          command: sudo apt install -y postgresql-client || true
-      - run:
-          command: bundle exec bundle-audit update && bundle exec bundle-audit check
-      - run:
-          command: bundle exec rspec
-
-  lint_check:
-    <<: *defaults
-    steps:
-      - *attach_code_workspace
-      - *restore_bundle_dependencies
-      - run:
-          command: bundle exec rubocop
-
-  vulnerability_check:
-    <<: *defaults
-    steps:
-      - *attach_code_workspace
-      - *restore_bundle_dependencies
-      - run:
-          command: bundle exec bundle-audit update && bundle exec bundle-audit check
-
-  release:
-    <<: *defaults
-    steps:
-      - add_ssh_keys:
-          fingerprints:
-            - "46:b5:cb:ee:57:dc:14:95:31:be:12:13:4f:11:94:a4"
-      - *attach_code_workspace
-      - *restore_bundle_dependencies
-      - run:
-          name: Release to rubygems.org
-          command: |
-            mkdir ~/.gem
-            echo ":rubygems_api_key: ${RUBYGEMS_API_KEY}" >> ~/.gem/credentials
-            chmod 600 ~/.gem/credentials
-            mkdir -p ~/.ssh
-            echo "github.com,192.30.253.112 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" >> ~/.ssh/known_hosts
-            bundle exec rake release
-
-workflows:
-  version: 2
-  build_and_test:
-    jobs:
-      - checkout_and_bundle:
-          context: wealthsimple
-      - rspec:
-          requires:
-            - checkout_and_bundle
-      - lint_check:
-          requires:
-            - checkout_and_bundle
-      - vulnerability_check:
-          requires:
-            - checkout_and_bundle
-      - release:
-          context: wealthsimple
-          filters:
-            branches:
-              only: master
-          requires:
-          - rspec
-          - lint_check
-          - vulnerability_check
-
-  security-audit:
-    triggers:
-      - schedule:
-          # 11:45 am UTC: 6:45 am EST / 7:45 am EDT
-          cron: "45 11 * * *"
-          filters:
-            branches:
-              only: master
-    jobs:
-      - checkout_and_bundle:
-          context: wealthsimple
-      - vulnerability_check:
-          requires:
-            - checkout_and_bundle