prorate 0.6.0 → 0.7.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: dab868f09fd0b191abe56fdfdb156271331d397e
-  data.tar.gz: 0c9d8670999217b9b14f662a53b589f7c3b0b93d
+SHA256:
+  metadata.gz: bb2c78403fd3d37fd073ccf736618673e532c6fc53efd7e1c342c7edebc4037f
+  data.tar.gz: 497b74b1d07d1590e44f338f7150b6b75fe5ed154af82d052381915a2b174c69
 SHA512:
-  metadata.gz: c7c9909a1ebf831a56b3216a3387598d1c72f20463962329a9d61ea993533f5298769af63f6e16d837a2b22f1f1d1008b7ae2b1413ac80ae58b264f08b72eeb5
-  data.tar.gz: b9c3b0b86240e6d8dd9b504a3c8bc2341bd230138e263edad0fc8e03db900cb9c1ca8e777f3ac22bea5e44f00750bad13568d47c315315d09608ab4bc597cc1c
+  metadata.gz: d2a262971d745073dfd385088d92bf40667fa8108e6c3b71982b17fad41d6ee94472e40f8189badfa6131ac853a0dfe381e9bfbef93a0b7bbd24c3f39339251f
+  data.tar.gz: 33f4f60558e7cee9fd671ebe48f4e35fc67e58c2ea5ad5cde5e40368b8b486e941eabb71ddf3dfaa87a9380689d31c059d56ea81cfa8860a955409d075840824

data/CHANGELOG.md

@@ -0,0 +1,39 @@
+# 0.7.0
+
+* Add a naked `LeakyBucket` object which allows one to build sophisticated rate limiting relying
+  on the Ruby side of things more. It has less features than the `Throttle` but can be used for more
+  fine-graned control of the throttling. It also does not use exceptions for flow control.
+  The `Throttle` object used them because it should make the code abort *loudly* if a throttle is hit, but
+  when the objective is to measure instead a smaller, less opinionated module can be more useful.
+* Refactor the internals of the Throttle class so that it uses a default Logger, and document the arguments.
+* Use fractional time measurement from Redis in Lua code. For our throttle to be precise we cannot really
+  limit ourselves to "anchored slots" on the start of a second, and we would be effectively doing that
+  with our previous setup.
+* Fix the `redis` gem deprecation warnings when using `exists` - we will now use `exists?` if available.
+* Remove dependency on the `ks` gem as we can use vanilla Structs or classes instead.
+
+# 0.6.0
+
+* Add `Throttle#status` method for retrieving the status of a throttle without placing any tokens
+  or raising any exceptions. This is useful for layered throttles.
+
+# 0.5.0
+
+* Allow setting the number of tokens to add to the bucket in `Throttle#throttle!` - this is useful because
+  sometimes a request effectively uses N of some resource in one go, and should thus cause a throttle
+  to fire without having to do repeated calls
+
+# 0.4.0
+
+* When raising a `Throttled` exception, add the name of the throttle to it. This is useful when multiple
+  throttles are used together and one needs to find out which throttle has fired.
+* Reformat code according to wetransfer_style and make it compulsory on CI
+
+# 0.3.0
+
+* Replace the Ruby implementation of the throttle with a Lua script which runs within Redis. This allows us
+  to do atomic gets+sets very rapidly.
+
+# 0.1.0
+
+* Initial release of Prorate

data/README.md

@@ -61,11 +61,11 @@ rescue_from Prorate::Throttled do |e|
 end
 ```
 
-### Throttling and checking of its status
+### Throttling and checking status
 
 More exquisite control can be achieved by combining throttling (see previous
 step) and - in subsequent calls - checking the status of the throttle before
-invoking the throttle.
+invoking the throttle. **When you call `throttle!`, you add tokens to the leaky bucket.**
 
 Let's say you have an endpoint that not only needs throttling, but you want to
 ban [credential stuffers](https://en.wikipedia.org/wiki/Credential_stuffing)
@@ -120,6 +120,37 @@ rescue_from Prorate::Throttled do |e|
 end
 ```
 
+## Using just the leaky bucket
+
+There is also an object for using the heart of Prorate (the leaky bucket) without blocking or exceptions. This is useful
+if you want to implement a more generic rate limiting solution and customise it in a fancier way. The leaky bucket on
+it's own provides the following conveniences only:
+
+* Track the number of tokens added and the number of tokens that have leaked
+* Tracks whether a specific token fillup has overflown the bucket. This is only tracked momentarily if the bucket is limited
+
+Level and leak rate are computed and provided as Floats instead of Integers (in the Throttle class).
+To use it, employ the `LeakyBucket` object:
+
+```ruby
+# The leak_rate is in tokens per second
+leaky_bucket = Prorate::LeakyBucket.new(redis: Redis.new, redis_key_prefix: "user123", leak_rate: 0.8, bucket_capacity: 2)
+leaky_bucket.state.level #=> will return 0.0
+leaky_bucket.state.full? #=> will return "false"
+state_after_add = leaky_bucket.fillup(2) #=> returns a State object_
+state_after_add.full? #=> will return "true"
+state_after_add.level #=> will return 2.0
+```
+
+## Why Lua?
+
+Prorate is implementing throttling using the "Leaky Bucket" algorithm and is extensively described [here](https://github.com/WeTransfer/prorate/blob/master/lib/prorate/throttle.rb). The implementation is using a Lua script, because is the only language available which runs _inside_ Redis. Thanks to the speed benefits of Lua the script runs fast enough to apply it on every throttle call.
+
+Using a Lua script in Prorate helps us achieve the following guarantees:
+
+- **The script will run atomically.** The script is evaluated as a single Redis command. This ensures that the commands in the Lua script will never be interleaved with another client: they will always execute together.
+- **Any usages of time will use the Redis time.** Throttling requires a consistent and monotonic _time source_. The only monotonic and consistent time source which is usable in the context of Prorate, is the `TIME` result of Redis itself. We are throttling requests from different machines, which will invariably have clock drift between them. This way using the Redis server `TIME` helps achieve consistency.
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.

data/Rakefile

@@ -6,7 +6,7 @@ require 'yard'
 YARD::Rake::YardocTask.new(:doc) do |t|
   # The dash has to be between the two to "divide" the source files and
   # miscellaneous documentation files that contain no code
-  t.files = ['lib/**/*.rb', '-', 'LICENSE.txt']
+  t.files = ['lib/**/*.rb', '-', 'LICENSE.txt', 'CHANGELOG.md']
 end
 
 RSpec::Core::RakeTask.new(:spec)

data/lib/prorate.rb

@@ -1,6 +1,4 @@
 require "prorate/version"
-require "ks"
-require "logger"
 require "redis"
 
 module Prorate

data/lib/prorate/leaky_bucket.lua

@@ -0,0 +1,77 @@
+-- Single threaded Leaky Bucket implementation (without blocking).
+-- args: key_base, leak_rate, bucket_ttl, fillup. To just verify the state of the bucket leak_rate of 0 may be passed.
+-- returns: the leve of the bucket in number of tokens
+
+-- this is required to be able to use TIME and writes; basically it lifts the script into IO
+redis.replicate_commands()
+
+-- Redis documentation recommends passing the keys separately so that Redis
+-- can - in the future - verify that they live on the same shard of a cluster, and
+-- raise an error if they are not. As far as can be understood this functionality is not
+-- yet present, but if we can make a little effort to make ourselves more future proof
+-- we should.
+local bucket_level_key = KEYS[1]
+local last_updated_key = KEYS[2]
+
+local leak_rate = tonumber(ARGV[1])
+local fillup = tonumber(ARGV[2]) -- How many tokens this call adds to the bucket.
+local bucket_capacity = tonumber(ARGV[3]) -- How many tokens is the bucket allowed to contain
+
+-- Compute the key TTL for the bucket. We are interested in how long it takes the bucket
+-- to leak all the way to 0, as this is the time when the values stay relevant. We pad with 1 second
+-- to have a little cushion.
+local key_lifetime = math.ceil((bucket_capacity / leak_rate) + 1)
+
+-- Take a timestamp
+local redis_time = redis.call("TIME") -- Array of [seconds, microseconds]
+local now = tonumber(redis_time[1]) + (tonumber(redis_time[2]) / 1000000)
+
+-- get current bucket level. The throttle key might not exist yet in which
+-- case we default to 0
+local bucket_level = tonumber(redis.call("GET", bucket_level_key)) or 0
+
+-- ...and then perform the leaky bucket fillup/leak. We need to do this also when the bucket has
+-- just been created because the initial fillup to add might be so high that it will
+-- immediately overflow the bucket and trigger the throttle, on the first call.
+local last_updated = tonumber(redis.call("GET", last_updated_key)) or now -- use sensible default of 'now' if the key does not exist
+
+-- Subtract the number of tokens leaked since last call
+local dt = now - last_updated
+local new_bucket_level = bucket_level - (leak_rate * dt) + fillup
+
+-- and _then_ and add the tokens we fillup with. Cap the value to be 0 < capacity
+new_bucket_level = math.max(0, math.min(bucket_capacity, new_bucket_level))
+
+-- Since we return a floating point number string-formatted even if the bucket is full we
+-- have some loss of precision in the formatting, even if the bucket was actually full.
+-- This bit of information is useful to preserve.
+local at_capacity = 0
+if new_bucket_level == bucket_capacity then
+  at_capacity = 1
+end
+
+-- If both the initial level was 0, and the level after putting tokens in is 0 we
+-- can avoid setting keys in Redis at all as this was only a level check.
+if new_bucket_level == 0 and bucket_level == 0 then
+  return {"0.0", at_capacity}
+end
+
+-- Save the new bucket level
+redis.call("SETEX", bucket_level_key, key_lifetime, new_bucket_level)
+
+-- Record when we updated the bucket so that the amount of tokens leaked
+-- can be correctly determined on the next invocation
+redis.call("SETEX", last_updated_key, key_lifetime, now)
+
+-- Most Redis adapters when used with the Lua interface truncate floats
+-- to integers (at least in Python that is documented to be the case in
+-- the Redis ebook here
+-- https://redislabs.com/ebook/part-3-next-steps/chapter-11-scripting-redis-with-lua/11-1-adding-functionality-without-writing-c
+-- We need access to the bucket level as a float value since our leak rate might as well be floating point, and to achieve that
+-- we can go two ways. We can turn the float into a Lua string, and then parse it on the other side, or we can convert it to
+-- a tuple of two integer values - one for the integer component and one for fraction.
+-- Now, the unpleasant aspect is that when we do this we will lose precision - the number is not going to be
+-- exactly equal to capacity, thus we lose the bit of information which tells us whether we filled up the bucket or not.
+-- Also since the only moment we can register whether the bucket is above capacity is now - in this script, since
+-- by the next call some tokens will have leaked.
+return {string.format("%.9f", new_bucket_level), at_capacity}

data/lib/prorate/leaky_bucket.rb

@@ -0,0 +1,134 @@
+module Prorate
+
+  # This offers just the leaky bucket implementation with fill control, but without the timed lock.
+  # It does not raise any exceptions, it just tracks the state of a leaky bucket in Redis.
+  #
+  # Important differences from the more full-featured Throttle class are:
+  #
+  # * No logging (as most meaningful code lives in Lua anyway)
+  # * No timed block - if you need to keep track of timed blocking it can be done externally
+  # * Leak rate is specified directly in tokens per second, instead of specifying the block period.
+  # * The bucket level is stored and returned as a Float which allows for finer-grained measurement,
+  #   but more importantly - makes testing from the outside easier.
+  #
+  # It does have a few downsides compared to the Throttle though
+  #
+  # * Bucket is only full momentarily. On subsequent calls some tokens will leak already, so you either
+  #   need to do delta checks on the value or rely on putting the token into the bucket.
+  class LeakyBucket
+    LUA_SCRIPT_CODE = File.read(File.join(__dir__, "leaky_bucket.lua"))
+    LUA_SCRIPT_HASH = Digest::SHA1.hexdigest(LUA_SCRIPT_CODE)
+
+    class BucketState < Struct.new(:level, :full)
+      # Returns the level of the bucket after the operation on the LeakyBucket
+      # object has taken place. There is a guarantee that no tokens have leaked
+      # from the bucket between the operation and the freezing of the BucketState
+      # struct.
+      #
+      # @!attribute [r] level
+      #   @return [Float]
+
+      # Tells whether the bucket was detected to be full when the operation on
+      # the LeakyBucket was performed. There is a guarantee that no tokens have leaked
+      # from the bucket between the operation and the freezing of the BucketState
+      # struct.
+      #
+      # @!attribute [r] full
+      #   @return [Boolean]
+
+      alias_method :full?, :full
+
+      # Returns the bucket level of the bucket state as a Float
+      #
+      # @return [Float]
+      def to_f
+        level.to_f
+      end
+
+      # Returns the bucket level of the bucket state rounded to an Integer
+      #
+      # @return [Integer]
+      def to_i
+        level.to_i
+      end
+    end
+
+    # Creates a new LeakyBucket. The object controls 2 keys in Redis: one
+    # for the last access time, and one for the contents of the key.
+    #
+    # @param redis_key_prefix[String] the prefix that is going to be used for keys.
+    #   If your bucket is specific to a user, a browser or an IP address you need to mix in
+    #   those values into the key prefix as appropriate.
+    # @param leak_rate[Float] the leak rate of the bucket, in tokens per second
+    # @param redis[Redis,#with] a Redis connection or a ConnectonPool instance
+    #   if you are using the connection_pool gem. With a connection pool Prorate will
+    #   checkout a connection using `#with` and check it in when it's done.
+    # @param bucket_capacity[Numeric] how many tokens is the bucket capped at.
+    #   Filling up the bucket using `fillup()` will add to that number, but
+    #   the bucket contents will then be capped at this value. So with
+    #   bucket_capacity set to 12 and a `fillup(14)` the bucket will reach the level
+    #   of 12, and will then immediately start leaking again.
+    def initialize(redis_key_prefix:, leak_rate:, redis:, bucket_capacity:)
+      @redis_key_prefix = redis_key_prefix
+      @redis = NullPool.new(redis) unless redis.respond_to?(:with)
+      @leak_rate = leak_rate.to_f
+      @capacity = bucket_capacity.to_f
+    end
+
+    # Places `n` tokens in the bucket.
+    #
+    # @return [BucketState] the state of the bucket after the operation
+    def fillup(n_tokens)
+      run_lua_bucket_script(n_tokens.to_f)
+    end
+
+    # Returns the current state of the bucket, containing the level and whether the bucket is full
+    #
+    # @return [BucketState] the state of the bucket after the operation
+    def state
+      run_lua_bucket_script(0)
+    end
+
+    # Returns the Redis key for the leaky bucket itself
+    # Note that the key is not guaranteed to contain a value if the bucket has not been filled
+    # up recently.
+    #
+    # @return [String]
+    def leaky_bucket_key
+      "#{@redis_key_prefix}.leaky_bucket.bucket_level"
+    end
+
+    # Returns the Redis key under which the last updated time of the bucket gets stored.
+    # Note that the key is not guaranteed to contain a value if the bucket has not been filled
+    # up recently.
+    #
+    # @return [String]
+    def last_updated_key
+      "#{@redis_key_prefix}.leaky_bucket.last_updated"
+    end
+
+    private
+
+    def run_lua_bucket_script(n_tokens)
+      @redis.with do |r|
+        begin
+          # The script returns a tuple of "whole tokens, microtokens"
+          # to be able to smuggle the float across (similar to Redis TIME command)
+          level_str, is_full_int = r.evalsha(
+            LUA_SCRIPT_HASH,
+            keys: [leaky_bucket_key, last_updated_key], argv: [@leak_rate, n_tokens, @capacity])
+          BucketState.new(level_str.to_f, is_full_int == 1)
+        rescue Redis::CommandError => e
+          if e.message.include? "NOSCRIPT"
+            # The Redis server has never seen this script before. Needs to run only once in the entire lifetime
+            # of the Redis server, until the script changes - in which case it will be loaded under a different SHA
+            r.script(:load, LUA_SCRIPT_CODE)
+            retry
+          else
+            raise e
+          end
+        end
+      end
+    end
+  end
+end

data/lib/prorate/rate_limit.lua

@@ -15,8 +15,10 @@ local max_bucket_capacity = tonumber(ARGV[2])
 local leak_rate = tonumber(ARGV[3])
 local block_duration = tonumber(ARGV[4])
 local n_tokens = tonumber(ARGV[5]) -- How many tokens this call adds to the bucket. Defaults to 1
-local now = tonumber(redis.call("TIME")[1]) --unix timestamp, will be required in all paths
 
+-- Take the Redis timestamp
+local redis_time = redis.call("TIME") -- Array of [seconds, microseconds]
+local now = tonumber(redis_time[1]) + (tonumber(redis_time[2]) / 1000000)
 local key_lifetime = math.ceil(max_bucket_capacity / leak_rate)
 
 local blocked_until = redis.call("GET", block_key)

data/lib/prorate/throttle.rb

@@ -4,15 +4,27 @@ module Prorate
   class MisconfiguredThrottle < StandardError
   end
 
-  class Throttle < Ks.strict(:name, :limit, :period, :block_for, :redis, :logger)
+  class Throttle
     LUA_SCRIPT_CODE = File.read(File.join(__dir__, "rate_limit.lua"))
     LUA_SCRIPT_HASH = Digest::SHA1.hexdigest(LUA_SCRIPT_CODE)
 
-    def initialize(*)
-      super
+    attr_reader :name, :limit, :period, :block_for, :redis, :logger
+
+    def initialize(name:, limit:, period:, block_for:, redis:, logger: Prorate::NullLogger)
+      @name = name.to_s
       @discriminators = [name.to_s]
-      self.redis = NullPool.new(redis) unless redis.respond_to?(:with)
+      @redis = NullPool.new(redis) unless redis.respond_to?(:with)
+      @logger = logger
+      @block_for = block_for
+
       raise MisconfiguredThrottle if (period <= 0) || (limit <= 0)
+
+      # Do not do type conversions here since we want to allow the caller to read
+      # those values back later
+      # (API contract which the previous implementation of Throttle already supported)
+      @limit = limit
+      @period = period
+
       @leak_rate = limit.to_f / period # tokens per second;
     end
 
@@ -75,56 +87,71 @@ module Prorate
     #   with a arbitrary ratio - like 1 token per inserted row. Once the bucket fills up
     #   the Throttled exception is going to be raised. Defaults to 1.
     def throttle!(n_tokens: 1)
-      discriminator = Digest::SHA1.hexdigest(Marshal.dump(@discriminators))
-      identifier = [name, discriminator].join(':')
-
-      redis.with do |r|
-        logger.debug { "Applying throttle counter %s" % name }
-        remaining_block_time, bucket_level = run_lua_throttler(
-          redis: r,
-          identifier: identifier,
-          bucket_capacity: limit,
-          leak_rate: @leak_rate,
-          block_for: block_for,
-          n_tokens: n_tokens)
-
-        if remaining_block_time > 0
-          logger.warn { "Throttle %s exceeded limit of %d in %d seconds and is blocked for the next %d seconds" % [name, limit, period, remaining_block_time] }
-          raise ::Prorate::Throttled.new(name, remaining_block_time)
+      @logger.debug { "Applying throttle counter %s" % @name }
+      remaining_block_time, bucket_level = run_lua_throttler(
+        identifier: identifier,
+        bucket_capacity: @limit,
+        leak_rate: @leak_rate,
+        block_for: @block_for,
+        n_tokens: n_tokens)
+
+      if remaining_block_time > 0
+        @logger.warn do
+          "Throttle %s exceeded limit of %d in %d seconds and is blocked for the next %d seconds" % [@name, @limit, @period, remaining_block_time]
         end
-        return limit - bucket_level # How many calls remain
+        raise ::Prorate::Throttled.new(@name, remaining_block_time)
       end
+
+      @limit - bucket_level # Return how many calls remain
     end
 
     def status
-      discriminator = Digest::SHA1.hexdigest(Marshal.dump(@discriminators))
-      identifier = [name, discriminator].join(':')
-
-      redis.with do |r|
-        is_blocked = r.exists("#{identifier}.block")
-        return Status.new(is_throttled: false, remaining_throttle_seconds: 0) unless is_blocked
-
-        remaining_seconds = r.get("#{identifier}.block").to_i - Time.now.to_i
-        Status.new(is_throttled: true, remaining_throttle_seconds: remaining_seconds)
+      redis_block_key = "#{identifier}.block"
+      @redis.with do |r|
+        is_blocked = redis_key_exists?(r, redis_block_key)
+        if is_blocked
+          remaining_seconds = r.get(redis_block_key).to_i - Time.now.to_i
+          Status.new(_is_throttled = true, remaining_seconds)
+        else
+          remaining_seconds = 0
+          Status.new(_is_throttled = false, remaining_seconds)
+        end
       end
     end
 
     private
 
-    def run_lua_throttler(redis:, identifier:, bucket_capacity:, leak_rate:, block_for:, n_tokens:)
-      redis.evalsha(LUA_SCRIPT_HASH, [], [identifier, bucket_capacity, leak_rate, block_for, n_tokens])
-    rescue Redis::CommandError => e
-      if e.message.include? "NOSCRIPT"
-        # The Redis server has never seen this script before. Needs to run only once in the entire lifetime
-        # of the Redis server, until the script changes - in which case it will be loaded under a different SHA
-        redis.script(:load, LUA_SCRIPT_CODE)
-        retry
-      else
-        raise e
+    def identifier
+      discriminator = Digest::SHA1.hexdigest(Marshal.dump(@discriminators))
+      "#{@name}:#{discriminator}"
+    end
+
+    # redis-rb 4.2 started printing a warning for every single-argument use of `#exists`, because
+    # they intend to break compatibility in a future version (to return an integer instead of a
+    # boolean). The old behavior (returning a boolean) is available using the new `exists?` method.
+    def redis_key_exists?(redis, key)
+      return redis.exists?(key) if redis.respond_to?(:exists?)
+      redis.exists(key)
+    end
+
+    def run_lua_throttler(identifier:, bucket_capacity:, leak_rate:, block_for:, n_tokens:)
+      @redis.with do |redis|
+        begin
+          redis.evalsha(LUA_SCRIPT_HASH, [], [identifier, bucket_capacity, leak_rate, block_for, n_tokens])
+        rescue Redis::CommandError => e
+          if e.message.include? "NOSCRIPT"
+            # The Redis server has never seen this script before. Needs to run only once in the entire lifetime
+            # of the Redis server, until the script changes - in which case it will be loaded under a different SHA
+            redis.script(:load, LUA_SCRIPT_CODE)
+            retry
+          else
+            raise e
+          end
+        end
       end
     end
 
-    class Status < Ks.strict(:is_throttled, :remaining_throttle_seconds)
+    class Status < Struct.new(:is_throttled, :remaining_throttle_seconds)
       def throttled?
         is_throttled
       end

data/lib/prorate/version.rb

@@ -1,3 +1,3 @@
 module Prorate
-  VERSION = "0.6.0"
+  VERSION = "0.7.0"
 end

data/prorate.gemspec

@@ -27,7 +27,6 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "ks"
   spec.add_dependency "redis", ">= 2"
   spec.add_development_dependency "connection_pool", "~> 2"
   spec.add_development_dependency "bundler"
@@ -35,5 +34,5 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rspec", "~> 3.0"
   spec.add_development_dependency 'wetransfer_style', '0.6.5'
   spec.add_development_dependency 'yard', '~> 0.9'
-  spec.add_development_dependency 'pry', '~> 0.12.2'
+  spec.add_development_dependency 'pry', '~> 0.13.1'
 end

metadata

@@ -1,29 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: prorate
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Julik Tarkhanov
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-02-28 00:00:00.000000000 Z
+date: 2020-07-17 00:00:00.000000000 Z
 dependencies:
-- !ruby/object:Gem::Dependency
-  name: ks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
 - !ruby/object:Gem::Dependency
   name: redis
   requirement: !ruby/object:Gem::Requirement
@@ -128,14 +114,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.12.2
+        version: 0.13.1
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 0.12.2
+        version: 0.13.1
 description: Can be used to implement all kinds of throttles
 email:
 - me@julik.nl
@@ -147,6 +133,7 @@ files:
 - ".rspec"
 - ".rubocop.yml"
 - ".travis.yml"
+- CHANGELOG.md
 - Gemfile
 - LICENSE.txt
 - README.md
@@ -154,6 +141,8 @@ files:
 - bin/console
 - bin/setup
 - lib/prorate.rb
+- lib/prorate/leaky_bucket.lua
+- lib/prorate/leaky_bucket.rb
 - lib/prorate/null_logger.rb
 - lib/prorate/null_pool.rb
 - lib/prorate/rate_limit.lua
@@ -184,8 +173,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.11
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Time-restricted rate limiter using Redis