quonfig 0.0.8 → 0.0.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 18707780a8ad33c299973f4de01bc0b76d10161902f977b9771c10c2d4a23fde
-  data.tar.gz: 6980b904632659b97f16636e9a317bc8b3e8cbf02cc0b8f75ecf51325b8ba472
+  metadata.gz: e2dfc7385d529233f3b0b7c5fc13dbe7d0d648851ea0815bde792465a1774319
+  data.tar.gz: f6c702ba4eccdebeda95b8f9341fc0bb077a2c141c9397cb7f3dccb1cbfa782a
 SHA512:
-  metadata.gz: 74c6a59b81fd222ddd522e52301ea74a1f9bc76b18ecbfe50c01a46e21539bdc5cea6a38a927938fb497f6003a64a2e796d177f2ed3ee527d5891f6cd9ca63a4
-  data.tar.gz: 94b1c109e6db3df2ea115e62f80f099430752779faa9655ee6f53c20c614fa42ccdc8e350342985cb09861e286bd91b857381508849a81fada865927c98f7f22
+  metadata.gz: 368273026e247c7c01df6e85f11865f94bb588d4c4e512bbc44de65dda0a7659b96a8bd321de6ea676934b9483b0dd99d0fe516d3b288cf93a709f401bbfd824
+  data.tar.gz: be80686fa0c8748c4e1c3f802cfc51c605b1a3e31ec7f9682885a139b5081a79d91d9155833143671bfffa75728bf1091116456defd90bd610d17a5133287e03

data/VERSION

@@ -1 +1 @@
-0.0.8
+0.0.9

data/lib/quonfig/bound_client.rb

@@ -40,6 +40,32 @@ module Quonfig
       @client.get_json(key, default: default, context: @context)
     end
 
+    # ---- Details getters ----------------------------------------------
+
+    def get_bool_details(key)
+      @client.get_bool_details(key, context: @context)
+    end
+
+    def get_string_details(key)
+      @client.get_string_details(key, context: @context)
+    end
+
+    def get_int_details(key)
+      @client.get_int_details(key, context: @context)
+    end
+
+    def get_float_details(key)
+      @client.get_float_details(key, context: @context)
+    end
+
+    def get_string_list_details(key)
+      @client.get_string_list_details(key, context: @context)
+    end
+
+    def get_json_details(key)
+      @client.get_json_details(key, context: @context)
+    end
+
     def enabled?(feature_name)
       @client.enabled?(feature_name, @context)
     end

data/lib/quonfig/client.rb

@@ -32,7 +32,7 @@ module Quonfig
         else
           Quonfig::Options.new(option_kwargs)
         end
-      @global_context = normalize_context(@options.global_context)
+      @global_context = build_initial_global_context(@options)
       @instance_hash = SecureRandom.uuid
       @store = store || Quonfig::ConfigStore.new
       @evaluator = Quonfig::Evaluator.new(@store, env_id: @options.environment)
@@ -103,6 +103,38 @@ module Quonfig
       typed_get(key, :json, default: default, context: context)
     end
 
+    # ---- Details getters ----------------------------------------------
+    #
+    # Mirrors the typed getters above but returns a +Quonfig::EvaluationDetails+
+    # carrying the OpenFeature-aligned resolution +reason+ ("STATIC",
+    # "TARGETING_MATCH", "SPLIT", "DEFAULT", or "ERROR") plus an
+    # +error_code+/+error_message+ on the error path. These methods never
+    # raise — exceptions are caught and rendered as ERROR details.
+
+    def get_bool_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, :bool, context)
+    end
+
+    def get_string_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, String, context)
+    end
+
+    def get_int_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, Integer, context)
+    end
+
+    def get_float_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, Float, context)
+    end
+
+    def get_string_list_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, :string_list, context)
+    end
+
+    def get_json_details(key, context: NO_DEFAULT_PROVIDED)
+      evaluate_details(key, :json, context)
+    end
+
     def enabled?(feature_name, jit_context = NO_DEFAULT_PROVIDED)
       value = get(feature_name, false, jit_context)
       value == true || value == 'true'
@@ -314,7 +346,7 @@ module Quonfig
         config_key: config_field(config, :key),
         config_type: config_field(config, :type),
         conditional_value_index: result.rule_index,
-        weighted_value_index: nil,
+        weighted_value_index: result.weighted_value_index,
         selected_value: result.unwrapped_value,
         reason: result.wire_reason
       )
@@ -441,6 +473,21 @@ module Quonfig
       merge_contexts(@global_context, jit)
     end
 
+    # Combine the customer-supplied globalContext with the optional dev
+    # context loaded from ~/.quonfig/tokens.json. Dev context goes UNDER the
+    # customer's so any explicit `quonfig-user` keys win on collision.
+    def build_initial_global_context(options)
+      customer = normalize_context(options.global_context)
+      enabled = options.enable_quonfig_user_context == true ||
+                ENV['QUONFIG_DEV_CONTEXT'] == 'true'
+      return customer unless enabled
+
+      dev = Quonfig::DevContext.load_quonfig_user_context
+      return customer if dev.nil?
+
+      merge_contexts(dev, customer)
+    end
+
     def normalize_context(ctx)
       return {} if ctx.nil?
       return ctx if ctx.is_a?(Hash)
@@ -485,6 +532,61 @@ module Quonfig
       nil
     end
 
+    # Build a Quonfig::EvaluationDetails for +key+, evaluated against the
+    # caller's context, after coercing/checking +expected_type+. Never
+    # raises; all exceptions become ERROR details.
+    def evaluate_details(key, expected_type, context)
+      jit = context == NO_DEFAULT_PROVIDED ? nil : context
+      ctx = build_context(jit)
+      record_context_for_telemetry(ctx)
+
+      result =
+        begin
+          @resolver.get(key, ctx)
+        rescue Quonfig::Errors::MissingDefaultError => e
+          return Quonfig::EvaluationDetails.new(
+            value: nil,
+            reason: Quonfig::EvaluationDetails::REASON_ERROR,
+            error_code: Quonfig::EvaluationDetails::ERROR_FLAG_NOT_FOUND,
+            error_message: e.message
+          )
+        end
+
+      if result.nil?
+        return Quonfig::EvaluationDetails.new(
+          value: nil,
+          reason: Quonfig::EvaluationDetails::REASON_DEFAULT
+        )
+      end
+
+      record_evaluation_for_telemetry(result)
+
+      raw_value = result.unwrapped_value
+
+      begin
+        coerced = coerce_and_check(key, raw_value, expected_type) unless raw_value.nil?
+      rescue Quonfig::Errors::TypeMismatchError => e
+        return Quonfig::EvaluationDetails.new(
+          value: nil,
+          reason: Quonfig::EvaluationDetails::REASON_ERROR,
+          error_code: Quonfig::EvaluationDetails::ERROR_TYPE_MISMATCH,
+          error_message: e.message
+        )
+      end
+
+      Quonfig::EvaluationDetails.new(
+        value: coerced,
+        reason: result.of_reason
+      )
+    rescue StandardError => e
+      Quonfig::EvaluationDetails.new(
+        value: nil,
+        reason: Quonfig::EvaluationDetails::REASON_ERROR,
+        error_code: Quonfig::EvaluationDetails::ERROR_GENERAL,
+        error_message: e.message
+      )
+    end
+
     def typed_get(key, expected_type, default:, context:)
       jit = context == NO_DEFAULT_PROVIDED ? NO_DEFAULT_PROVIDED : context
       value = get(key, default, jit)

data/lib/quonfig/dev_context.rb

@@ -0,0 +1,41 @@
+# frozen_string_literal: true
+
+require 'json'
+
+module Quonfig
+  # Dev-only context loader. Reads ~/.quonfig/tokens.json (written by
+  # `qfg login`) and returns {'quonfig-user' => {'email' => ...}} when a
+  # userEmail is present. Returns nil when the file is missing, unreadable,
+  # or has no userEmail.
+  #
+  # The attribute is dev-only by construction: production servers do not
+  # run `qfg login` and therefore have no tokens file. Rules keyed on
+  # `quonfig-user.email` are dead code in prod.
+  module DevContext
+    TOKENS_BASENAME = File.join('.quonfig', 'tokens.json')
+
+    def self.load_quonfig_user_context
+      path = File.join(Dir.home, TOKENS_BASENAME)
+      return nil unless File.exist?(path)
+
+      raw = begin
+        File.read(path)
+      rescue StandardError => e
+        warn "[quonfig] dev-context: could not read #{path} (#{e.class}: #{e.message}); skipping injection"
+        return nil
+      end
+
+      parsed = begin
+        JSON.parse(raw)
+      rescue JSON::ParserError => e
+        warn "[quonfig] dev-context: could not parse #{path} (#{e.message}); skipping injection"
+        return nil
+      end
+
+      email = parsed.is_a?(Hash) ? parsed['userEmail'] : nil
+      return nil unless email.is_a?(String) && !email.empty?
+
+      { 'quonfig-user' => { 'email' => email } }
+    end
+  end
+end

data/lib/quonfig/evaluator.rb

@@ -416,14 +416,20 @@ module Quonfig
     REASON_TARGETING_MATCH  = 2
     REASON_SPLIT            = 3
 
-    attr_reader :value, :rule_index, :config
+    attr_reader :value, :rule_index, :config, :reportable_value
     attr_accessor :weighted_value_index
 
-    def initialize(value:, rule_index:, config:, weighted_value_index: nil)
+    def initialize(value:, rule_index:, config:, weighted_value_index: nil, reportable_value: nil)
       @value = value
       @rule_index = rule_index
       @config = config
       @weighted_value_index = weighted_value_index
+      # Telemetry-safe substitute for #unwrapped_value. Set by Resolver when
+      # the underlying Value was confidential / decryptWith, so callers
+      # (the eval-summary aggregator) never see the plaintext. Mirrors
+      # ReforgeHQ/sdk-ruby ConfigValueUnwrapper#reportable_value (the
+      # `*****<5-md5>` hash form).
+      @reportable_value = reportable_value
     end
 
     # Integer reason code for telemetry. Mirrors sdk-node's computeReason:
@@ -436,6 +442,19 @@ module Quonfig
       REASON_TARGETING_MATCH
     end
 
+    # OpenFeature-aligned reason string. Same classification logic as
+    # +wire_reason+ but as a public string the OF provider (and any
+    # third-party consumer of EvaluationDetails) can pass straight through.
+    #
+    # Returns one of: "STATIC", "TARGETING_MATCH", "SPLIT".
+    def of_reason
+      case wire_reason
+      when REASON_STATIC          then EvaluationDetails::REASON_STATIC
+      when REASON_SPLIT           then EvaluationDetails::REASON_SPLIT
+      else                             EvaluationDetails::REASON_TARGETING_MATCH
+      end
+    end
+
     # True if any rule on the config (default or environment) has a
     # non-ALWAYS_TRUE criterion. Used to decide STATIC vs TARGETING_MATCH.
     def self.targeting_rules?(config)

data/lib/quonfig/options.rb

@@ -21,6 +21,7 @@ module Quonfig
     attr_reader :poll_interval
     attr_reader :global_context
     attr_reader :logger_key
+    attr_reader :enable_quonfig_user_context
     attr_accessor :is_fork
 
     module ON_INITIALIZATION_FAILURE
@@ -74,7 +75,8 @@ module Quonfig
       collect_max_evaluation_summaries: DEFAULT_MAX_EVAL_SUMMARIES,
       allow_telemetry_in_local_mode: false,
       global_context: {},
-      logger_key: nil
+      logger_key: nil,
+      enable_quonfig_user_context: false
     )
       @sdk_key = sdk_key
       @environment = environment
@@ -94,6 +96,7 @@ module Quonfig
       @is_fork = false
       @global_context = global_context
       @logger_key = logger_key
+      @enable_quonfig_user_context = enable_quonfig_user_context
 
       # defaults that may be overridden by context_upload_mode
       @collect_shapes = false

data/lib/quonfig/resolver.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'digest'
+
 module Quonfig
   # Public-API resolver: looks up a config by key in a ConfigStore and runs
   # it through an Evaluator against a Context.
@@ -15,6 +17,11 @@ module Quonfig
   # Quonfig::ConfigResolver — the two coexist during the JSON migration.
   class Resolver
     TRUE_VALUES = %w[true 1 t yes].freeze
+    # Prefix the eval-summary aggregator stamps onto redacted confidential
+    # values before the 5-char MD5 hash. Matches CONFIDENTIAL_PREFIX in
+    # ReforgeHQ/sdk-ruby/lib/reforge/config_value_unwrapper.rb so dashboards
+    # built against the predecessor wire format keep working.
+    CONFIDENTIAL_PREFIX = '*****'
 
     attr_reader :store, :evaluator
     attr_accessor :project_env_id
@@ -50,7 +57,8 @@ module Quonfig
         value: resolved_value,
         rule_index: eval_result.rule_index,
         config: config,
-        weighted_value_index: weighted_index
+        weighted_value_index: weighted_index,
+        reportable_value: redacted_reportable_value(eval_result.value)
       )
     end
 
@@ -87,6 +95,26 @@ module Quonfig
 
     private
 
+    # If +value+ is confidential or has a decryptWith key, return the
+    # `*****<5-hex>` redacted string the eval-summary telemetry aggregator
+    # should ship in place of the resolved plaintext. The hash is computed
+    # over the raw `value[:value]` (ciphertext when decryptWith is set,
+    # plaintext-as-stored when only `confidential: true`) — matches
+    # ReforgeHQ/sdk-ruby ConfigValueUnwrapper#reportable_wrapped_value
+    # (CONFIDENTIAL_PREFIX + first 5 chars of MD5).
+    def redacted_reportable_value(value)
+      return nil if value.nil?
+
+      confidential = vget(value, :confidential, 'confidential')
+      decrypt_with = vget(value, :decryptWith, 'decryptWith', :decrypt_with, 'decrypt_with')
+      return nil unless confidential || (decrypt_with && !decrypt_with.to_s.empty?)
+
+      raw = vget(value, :value, 'value')
+      return nil if raw.nil?
+
+      "#{CONFIDENTIAL_PREFIX}#{Digest::MD5.hexdigest(raw.to_s)[0, 5]}"
+    end
+
     def vget(hash, *keys)
       return nil if hash.nil?
 
@@ -179,7 +207,7 @@ module Quonfig
       begin
         plaintext = Quonfig::Encryption.new(secret_key).decrypt(ciphertext)
       rescue StandardError => e
-        raise Quonfig::Errors::DecryptionError.new(config_key(config), e.message)
+        raise Quonfig::Errors::DecryptionError.new(config_key(config), e.message), cause: e
       end
 
       {

data/lib/quonfig/telemetry/telemetry_reporter.rb

@@ -153,11 +153,23 @@ module Quonfig
         @at_exit_registered = true
       end
 
+      # Wait this long for the background reporter thread to exit before
+      # giving up. Bounded so a thread blocked on a dead telemetry endpoint
+      # can't hang process exit.
+      AT_EXIT_THREAD_JOIN_TIMEOUT_SECONDS = 1.0
+
       # Idempotent final drain. Safe to call after #stop has already
       # drained: aggregators return nil when empty and #sync becomes a
-      # no-op.
+      # no-op. Bounded so a stuck reporter thread or dead telemetry
+      # endpoint can't hang process exit.
       def final_drain_on_exit
         @stopped.make_true
+        thread = @thread
+        @thread = nil
+        if thread&.alive?
+          thread.wakeup
+          thread.join(AT_EXIT_THREAD_JOIN_TIMEOUT_SECONDS)
+        end
         sync
       rescue StandardError => e
         LOG.debug "[quonfig] at_exit telemetry drain failed: #{e.class}: #{e.message}"

data/lib/quonfig.rb

@@ -25,6 +25,7 @@ require 'quonfig/error'
 require 'quonfig/duration'
 require 'quonfig/reason'
 require 'quonfig/evaluation'
+require 'quonfig/evaluation_details'
 require 'quonfig/encryption'
 require 'quonfig/exponential_backoff'
 require 'quonfig/periodic_sync'
@@ -39,6 +40,7 @@ require 'quonfig/errors/decryption_error'
 require 'quonfig/errors/missing_environment_error'
 require 'quonfig/errors/invalid_environment_error'
 require 'quonfig/options'
+require 'quonfig/dev_context'
 require 'quonfig/rate_limit_cache'
 require 'quonfig/weighted_value_resolver'
 require 'quonfig/config_store'

data/quonfig.gemspec

@@ -2,16 +2,16 @@
 # DO NOT EDIT THIS FILE DIRECTLY
 # Instead, edit Juwelier::Tasks in Rakefile, and run 'rake gemspec'
 # -*- encoding: utf-8 -*-
-# stub: quonfig 0.0.8 ruby lib
+# stub: quonfig 0.0.9 ruby lib
 
 Gem::Specification.new do |s|
   s.name = "quonfig".freeze
-  s.version = "0.0.8".freeze
+  s.version = "0.0.9".freeze
 
   s.required_rubygems_version = Gem::Requirement.new(">= 0".freeze) if s.respond_to? :required_rubygems_version=
   s.require_paths = ["lib".freeze]
   s.authors = ["Jeff Dwyer".freeze]
-  s.date = "2026-04-26"
+  s.date = "2026-04-27"
   s.description = "Quonfig \u2014 feature flags and live config, stored as files in git.".freeze
   s.email = "jeff@quonfig.com".freeze
   s.extra_rdoc_files = [
@@ -54,6 +54,7 @@ Gem::Specification.new do |s|
     "lib/quonfig/config_store.rb",
     "lib/quonfig/context.rb",
     "lib/quonfig/datadir.rb",
+    "lib/quonfig/dev_context.rb",
     "lib/quonfig/duration.rb",
     "lib/quonfig/encryption.rb",
     "lib/quonfig/error.rb",
@@ -96,6 +97,7 @@ Gem::Specification.new do |s|
     "test/fixtures/datafile.json",
     "test/integration/test_context_precedence.rb",
     "test/integration/test_datadir_environment.rb",
+    "test/integration/test_dev_overrides.rb",
     "test/integration/test_enabled.rb",
     "test/integration/test_enabled_with_contexts.rb",
     "test/integration/test_get.rb",
@@ -119,6 +121,7 @@ Gem::Specification.new do |s|
     "test/test_context_shape.rb",
     "test/test_context_shape_aggregator.rb",
     "test/test_datadir.rb",
+    "test/test_dev_context.rb",
     "test/test_duration.rb",
     "test/test_encryption.rb",
     "test/test_evaluation_summaries_aggregator.rb",

data/test/integration/test_dev_overrides.rb

@@ -0,0 +1,40 @@
+# frozen_string_literal: true
+#
+# AUTO-GENERATED from integration-test-data/tests/eval/dev_overrides.yaml.
+# Regenerate with:
+#   cd integration-test-data/generators && npm run generate -- --target=ruby
+# Source: integration-test-data/generators/src/targets/ruby.ts
+# Do NOT edit by hand — changes will be overwritten.
+
+require 'test_helper'
+require 'integration/test_helpers'
+
+class TestDevOverrides < Minitest::Test
+  def setup
+    @store = IntegrationTestHelpers.build_store("dev_overrides")
+  end
+
+  # override fires when quonfig-user.email matches
+  def test_override_fires_when_quonfig_user_email_matches
+    resolver = IntegrationTestHelpers.build_resolver(@store)
+    IntegrationTestHelpers.assert_enabled(resolver, "feature-flag.dev-override", {"quonfig-user" => {"email" => "bob@foo.com"}}, true)
+  end
+
+  # override does not fire when attribute absent (prod simulation)
+  def test_override_does_not_fire_when_attribute_absent_prod_simulation
+    resolver = IntegrationTestHelpers.build_resolver(@store)
+    IntegrationTestHelpers.assert_enabled(resolver, "feature-flag.dev-override", {"user" => {"email" => "bob@foo.com"}}, false)
+  end
+
+  # override matches any email in IS_ONE_OF list
+  def test_override_matches_any_email_in_is_one_of_list
+    resolver = IntegrationTestHelpers.build_resolver(@store)
+    IntegrationTestHelpers.assert_enabled(resolver, "feature-flag.dev-override.multi-email", {"quonfig-user" => {"email" => "alice@foo.com"}}, true)
+  end
+
+  # override beats customer rule by priority
+  def test_override_beats_customer_rule_by_priority
+    resolver = IntegrationTestHelpers.build_resolver(@store)
+    IntegrationTestHelpers.assert_enabled(resolver, "feature-flag.dev-override.priority", {"quonfig-user" => {"email" => "bob@foo.com"}, "user" => {"country" => "DE"}}, true)
+  end
+end

data/test/integration/test_helpers.rb

@@ -290,6 +290,13 @@ module IntegrationTestHelpers
   # so eval-summary cases can resolve real values for each key.
   class << self
     attr_accessor :last_store
+    # Side-channel populated by record_one_eval whenever we redact a
+    # confidential value before recording it on the aggregator. Keyed by
+    # config_key → { unwrapped:, value_type: }. evaluation_summary_post
+    # consults it so the YAML's `value` / `value_type` fields can still
+    # assert the runtime resolved value while `selected_value` carries
+    # the wire-redacted form.
+    attr_accessor :last_unwrapped_overrides
   end
 
   # Construct an aggregator. +kind+ is one of :context_shape,
@@ -465,6 +472,7 @@ module IntegrationTestHelpers
     ctx = contexts.is_a?(Quonfig::Context) ? contexts : Quonfig::Context.new(contexts || {})
     empty_ctx = Quonfig::Context.new({})
 
+    self.last_unwrapped_overrides = {}
     Array(keys).each { |key| record_one_eval(aggregator, resolver, store, key, ctx) }
     Array(keys_no_ctx).each { |key| record_one_eval(aggregator, resolver, store, key, empty_ctx) }
   end
@@ -482,13 +490,28 @@ module IntegrationTestHelpers
       end
     return if result.nil?
 
+    # Confidential / decryptWith values must never appear in plaintext on
+    # the wire. EvalResult#reportable_value, when populated, is the
+    # `*****<md5>`-redacted substitute the resolver computed pre-decryption.
+    # When we substitute, stash the runtime unwrapped value so the
+    # post-projection can still assert YAML's `value` / `value_type` against
+    # the resolved plaintext (the YAML treats `value` as the runtime view
+    # and `selected_value` as the wire view).
+    selected_for_telemetry = result.unwrapped_value
+    if result.reportable_value
+      selected_for_telemetry = result.reportable_value
+      (self.last_unwrapped_overrides ||= {})[key] = {
+        unwrapped: result.unwrapped_value,
+        value_type: result.value_type
+      }
+    end
     aggregator.record(
       config_id: (cfg[:id] || cfg['id']).to_s,
       config_key: key,
       config_type: (cfg[:type] || cfg['type']).to_s,
       conditional_value_index: result.rule_index,
       weighted_value_index: result.weighted_value_index,
-      selected_value: result.unwrapped_value,
+      selected_value: selected_for_telemetry,
       reason: result.wire_reason
     )
   end
@@ -545,6 +568,7 @@ module IntegrationTestHelpers
 
   def self.evaluation_summary_post(event)
     summaries = event.dig('summaries', 'summaries') || []
+    overrides = last_unwrapped_overrides || {}
     rows = []
     summaries.each do |summary|
       type_label = TYPE_LABELS[summary['type'].to_s] || summary['type'].to_s.upcase
@@ -552,6 +576,15 @@ module IntegrationTestHelpers
       counters.each do |counter|
         selected = counter['selectedValue'] || {}
         unwrapped, value_type = unwrap_selected(selected)
+        # When the resolver redacted this key (confidential / decryptWith),
+        # selected_value carries the redacted form on the wire but YAML's
+        # `value` / `value_type` should still reflect the runtime resolved
+        # plaintext. Restore from the side channel populated in
+        # record_one_eval.
+        if (override = overrides[summary['key']])
+          unwrapped = override[:unwrapped]
+          value_type = override[:value_type] if override[:value_type]
+        end
         row = {
           'key' => summary['key'],
           'type' => type_label,

data/test/integration/test_telemetry.rb

@@ -153,4 +153,18 @@ class TestTelemetry < Minitest::Test
     IntegrationTestHelpers.feed_aggregator(aggregator, :context_shape, {}, contexts: {})
     IntegrationTestHelpers.assert_aggregator_post(aggregator, :context_shape, nil, endpoint: "/api/v1/context-shapes")
   end
+
+  # confidential plain string is redacted in selectedValue
+  def test_confidential_plain_string_is_redacted_in_selectedvalue
+    aggregator = IntegrationTestHelpers.build_aggregator(:evaluation_summary, {})
+    IntegrationTestHelpers.feed_aggregator(aggregator, :evaluation_summary, {"keys" => ["confidential.new.string"]}, contexts: {})
+    IntegrationTestHelpers.assert_aggregator_post(aggregator, :evaluation_summary, [{"key" => "confidential.new.string", "type" => "CONFIG", "value" => "hello.world", "value_type" => "string", "count" => 1, "reason" => 1, "selected_value" => {"string" => "*****18aa7"}, "summary" => {"config_row_index" => 0, "conditional_value_index" => 0}}], endpoint: "/api/v1/telemetry")
+  end
+
+  # confidential encrypted string is redacted using ciphertext hash
+  def test_confidential_encrypted_string_is_redacted_using_ciphertext_hash
+    aggregator = IntegrationTestHelpers.build_aggregator(:evaluation_summary, {})
+    IntegrationTestHelpers.feed_aggregator(aggregator, :evaluation_summary, {"keys" => ["a.secret.config"]}, contexts: {})
+    IntegrationTestHelpers.assert_aggregator_post(aggregator, :evaluation_summary, [{"key" => "a.secret.config", "type" => "CONFIG", "value" => "hello.world", "value_type" => "string", "count" => 1, "reason" => 1, "selected_value" => {"string" => "*****936c9"}, "summary" => {"config_row_index" => 0, "conditional_value_index" => 0}}], endpoint: "/api/v1/telemetry")
+  end
 end

data/test/test_client_telemetry.rb

@@ -129,4 +129,47 @@ class TestClientTelemetry < Minitest::Test
     client.get('does.not.exist', 'fallback')
     assert_nil summaries_agg.drain_event
   end
+
+  # Regression: client used to hardcode weighted_value_index: nil, so split
+  # variants never reported as REASON_SPLIT in telemetry.
+  def test_weighted_value_records_split_reason_and_index
+    weighted_config = {
+      'id' => 'cid-weighted',
+      'key' => 'feature-flag.weighted',
+      'type' => 'feature_flag',
+      'valueType' => 'string',
+      'sendToClientSdk' => false,
+      'default' => {
+        'rules' => [
+          {
+            'criteria' => [{ 'operator' => 'ALWAYS_TRUE' }],
+            'value' => {
+              'type' => 'weighted_values',
+              'value' => {
+                'hashByPropertyName' => 'user.key',
+                'weightedValues' => [
+                  { 'value' => { 'type' => 'string', 'value' => 'control' }, 'weight' => 1 },
+                  { 'value' => { 'type' => 'string', 'value' => 'variant' }, 'weight' => 99 }
+                ]
+              }
+            }
+          }
+        ]
+      },
+      'environment' => nil
+    }
+
+    store = Quonfig::ConfigStore.new
+    store.set('feature-flag.weighted', weighted_config)
+
+    client, _reporter, summaries_agg, _conn = make_client_with_telemetry(store)
+    client.get('feature-flag.weighted', Quonfig::NO_DEFAULT_PROVIDED, 'user' => { 'key' => 'u1' })
+
+    counter = summaries_agg.drain_event['summaries']['summaries'][0]['counters'][0]
+    assert_equal Quonfig::EvalResult::REASON_SPLIT, counter['reason'],
+                 'weighted variant evaluation must report REASON_SPLIT (3)'
+    refute_nil counter['weightedValueIndex'],
+               'weighted variant evaluation must report a weightedValueIndex'
+    assert_kind_of Integer, counter['weightedValueIndex']
+  end
 end

data/test/test_dev_context.rb

@@ -0,0 +1,163 @@
+# frozen_string_literal: true
+
+require 'test_helper'
+require 'json'
+require 'tmpdir'
+require 'fileutils'
+
+# qfg-pj0.5 — Dev-context injection. When enable_quonfig_user_context: true
+# (or env var QUONFIG_DEV_CONTEXT=true), the SDK reads ~/.quonfig/tokens.json
+# (written by `qfg login`) and merges {'quonfig-user' => {'email' => ...}}
+# into globalContext. Customer-supplied keys win on collision.
+#
+# Mirror of sdk-node qfg-pj0.3 / sdk-go qfg-pj0.4.
+class TestDevContext < Minitest::Test
+  def setup
+    super
+    @tmphome = Dir.mktmpdir('quonfig-dev-ctx-')
+    FileUtils.mkdir_p(File.join(@tmphome, '.quonfig'))
+    @old_home = ENV.fetch('HOME', nil)
+    ENV['HOME'] = @tmphome
+    ENV.delete('QUONFIG_DEV_CONTEXT')
+  end
+
+  def teardown
+    ENV['HOME'] = @old_home
+    ENV.delete('QUONFIG_DEV_CONTEXT')
+    FileUtils.remove_entry(@tmphome) if @tmphome && Dir.exist?(@tmphome)
+    super
+  end
+
+  def write_tokens(payload)
+    File.write(File.join(@tmphome, '.quonfig', 'tokens.json'), JSON.generate(payload))
+  end
+
+  def global_context_of(client)
+    client.instance_variable_get(:@global_context)
+  end
+
+  # 1. RED: injects quonfig-user.email when option enabled and file exists
+  def test_injects_quonfig_user_email_when_option_enabled
+    write_tokens(userEmail: 'bob@foo.com', accessToken: 'x', refreshToken: 'y', expiresAt: 0)
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(enable_quonfig_user_context: true),
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({ 'quonfig-user' => { 'email' => 'bob@foo.com' } }, global_context_of(client))
+  end
+
+  # 2. RED: no-op when option disabled and no env var
+  def test_no_op_when_option_disabled
+    write_tokens(userEmail: 'bob@foo.com')
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(global_context: { user: { 'plan' => 'pro' } }),
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({ user: { 'plan' => 'pro' } }, global_context_of(client))
+  end
+
+  # 3. RED: no-op when option enabled but file missing
+  def test_no_op_when_file_missing
+    # No tokens.json written.
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(
+        enable_quonfig_user_context: true,
+        global_context: { user: { 'plan' => 'pro' } }
+      ),
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({ user: { 'plan' => 'pro' } }, global_context_of(client))
+  end
+
+  # 4. RED: no-op when file unparseable; warning emitted; init succeeds
+  def test_no_op_when_file_unparseable
+    File.write(File.join(@tmphome, '.quonfig', 'tokens.json'), '{not valid json')
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(enable_quonfig_user_context: true),
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({}, global_context_of(client))
+    # The dev-context loader emits a warning to stderr that we want to verify.
+    assert_stderr(['quonfig'])
+  end
+
+  # 5. RED: customer-supplied quonfig-user keys win on collision
+  def test_customer_global_context_wins
+    write_tokens(userEmail: 'bob@foo.com')
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(
+        enable_quonfig_user_context: true,
+        global_context: { 'quonfig-user' => { 'email' => 'override@x.com' } }
+      ),
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({ 'quonfig-user' => { 'email' => 'override@x.com' } }, global_context_of(client))
+  end
+
+  # 6. RED: env var QUONFIG_DEV_CONTEXT=true enables when option absent
+  def test_env_var_enables_when_option_absent
+    write_tokens(userEmail: 'bob@foo.com')
+    ENV['QUONFIG_DEV_CONTEXT'] = 'true'
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new,
+      store: Quonfig::ConfigStore.new
+    )
+
+    assert_equal({ 'quonfig-user' => { 'email' => 'bob@foo.com' } }, global_context_of(client))
+  end
+
+  # 7. RED: integration — rule keyed on quonfig-user.email fires when injected
+  def test_attribute_reaches_eval_context
+    write_tokens(userEmail: 'bob@foo.com')
+
+    flag_config = {
+      'id' => 'cfg-flag',
+      'key' => 'my-flag',
+      'type' => 'feature_flag',
+      'valueType' => 'bool',
+      'sendToClientSdk' => false,
+      'default' => {
+        'rules' => [
+          { 'criteria' => [{ 'operator' => 'ALWAYS_TRUE' }], 'value' => { 'type' => 'bool', 'value' => false } }
+        ]
+      },
+      'environment' => {
+        'id' => 'Production',
+        'rules' => [
+          {
+            'criteria' => [{
+              'propertyName' => 'quonfig-user.email',
+              'operator' => 'PROP_IS_ONE_OF',
+              'valueToMatch' => { 'type' => 'string_list', 'value' => ['bob@foo.com'] }
+            }],
+            'value' => { 'type' => 'bool', 'value' => true }
+          },
+          { 'criteria' => [{ 'operator' => 'ALWAYS_TRUE' }], 'value' => { 'type' => 'bool', 'value' => false } }
+        ]
+      }
+    }
+
+    store = Quonfig::ConfigStore.new
+    store.set('my-flag', flag_config)
+
+    client = Quonfig::Client.new(
+      Quonfig::Options.new(
+        enable_quonfig_user_context: true,
+        environment: 'Production'
+      ),
+      store: store
+    )
+
+    assert_equal true, client.get_bool('my-flag')
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: quonfig
 version: !ruby/object:Gem::Version
-  version: 0.0.8
+  version: 0.0.9
 platform: ruby
 authors:
 - Jeff Dwyer
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2026-04-26 00:00:00.000000000 Z
+date: 2026-04-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: concurrent-ruby
@@ -213,6 +213,7 @@ files:
 - lib/quonfig/config_store.rb
 - lib/quonfig/context.rb
 - lib/quonfig/datadir.rb
+- lib/quonfig/dev_context.rb
 - lib/quonfig/duration.rb
 - lib/quonfig/encryption.rb
 - lib/quonfig/error.rb
@@ -255,6 +256,7 @@ files:
 - test/fixtures/datafile.json
 - test/integration/test_context_precedence.rb
 - test/integration/test_datadir_environment.rb
+- test/integration/test_dev_overrides.rb
 - test/integration/test_enabled.rb
 - test/integration/test_enabled_with_contexts.rb
 - test/integration/test_get.rb
@@ -278,6 +280,7 @@ files:
 - test/test_context_shape.rb
 - test/test_context_shape_aggregator.rb
 - test/test_datadir.rb
+- test/test_dev_context.rb
 - test/test_duration.rb
 - test/test_encryption.rb
 - test/test_evaluation_summaries_aggregator.rb