RubyGems - reputable - Versions diffs - 0.1.19 → 0.1.20 - Mend

reputable 0.1.19 → 0.1.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ffc332f72eed47a768d73dae0cac8a2efbbf73de0b41115fcf064ac046cfcc93
-  data.tar.gz: 42abaea0b5b896a54611ebc43946751fc2a303c62f94d4d199345afe846d88a1
+  metadata.gz: 6060e2e9fd11f70f0722c0f9683c1fe334f75aced2791dfde4a6336b5f08b429
+  data.tar.gz: 0c92fbbcc06ec6473e4af1c64b87003c92555c2137643d021b149aa3416a0acc
 SHA512:
-  metadata.gz: f2fd4c2f08d86b89a19d0676d372f4b63f71ad70fe6c426c313e25cf48786544c6ca58ae729981ed4525d9dd8881c757b8c07810ea7984e405c133e82608ed23
-  data.tar.gz: 8e16c4839f384c4dbd4709996efab5e542a8f792522e283b2f3fcdb2db1eab2f13e149556f2f369ef23dc73d2cef7da83515fb95e69eca8a8e86de041afc4544
+  metadata.gz: 1fee3bf3e197dbad2377296119ef87d43657f37a008982af4c14b15f39fcff0c59c13054a8d132b5c568cd31f695183e58b54ab34affac94a342893de7ace262
+  data.tar.gz: 43a20b7d26fcc4a0464e0c29c15be6cf25874335ea841c4b77c704dca2f4b4fdf94d42cd60ec2638ea29c3cbfdefef1bdf5bd161b22c907275853866e83cf703

data/Gemfile.lock CHANGED Viewed

@@ -1,7 +1,7 @@
 PATH
   remote: .
   specs:
-    reputable (0.1.19)
+    reputable (0.1.20)
       connection_pool (~> 2.2)
       redis (>= 4.0, < 6.0)

data/README.md CHANGED Viewed

@@ -528,6 +528,58 @@ Reputable.lookup_reputation(:asn, "15169")
 **Note:** ASNs are normalized automatically - both `"15169"` and `"AS15169"` work.
+### Enforcing ASN Reputation in Controllers
+If you want to challenge or block requests based on ASN reputation (independent of the middleware's IP-based gate), add a controller filter:
+```ruby
+# app/controllers/application_controller.rb
+class ApplicationController < ActionController::Base
+  before_action :enforce_asn_reputation
+  private
+  def enforce_asn_reputation
+    return if reputable_verified?
+    asn = request_asn
+    return unless asn
+    if Reputable.challenged_asn?(asn)
+      redirect_to Reputable.verification_url(
+        return_url: request.original_url,
+        session_id: session.id.to_s
+      ), status: 302, allow_other_host: true
+    elsif Reputable.blocked_asn?(asn)
+      redirect_to Reputable.blocked_page_url, status: 302, allow_other_host: true
+    end
+  end
+  def reputable_verified?
+    session[:reputable_verified] || session[:reputable_verified_at].present?
+  end
+  def request_asn
+    # Option 1: From a header (if HAProxy/Cloudflare provides it)
+    # request.headers["X-ASN"]&.sub(/^AS/i, "")
+    # Option 2: From your own GeoIP lookup
+    # GeoIP.lookup(request.remote_ip)&.asn
+    # Option 3: Stored in request.env from earlier middleware
+    # request.env["app.asn"]
+  end
+end
+```
+To apply only to specific controllers or actions:
+```ruby
+class CheckoutController < ApplicationController
+  before_action :enforce_asn_reputation, only: [:create]
+end
+```
 ---
 ## User Verification & Trust Flow

data/lib/reputable/middleware.rb CHANGED Viewed

@@ -98,6 +98,7 @@ module Reputable
     def safe_reputation_gate(env)
       return nil unless @reputation_gate
       return nil unless Reputable.enabled?
+      return nil unless Reputable.operational?
       return nil if skip_request?(env)
       enforce_reputation_gate(env)

data/lib/reputable/rails.rb CHANGED Viewed

@@ -159,6 +159,9 @@ module Reputable
       )
         return if reputable_verified?(session_key: session_key)
+        # Skip redirect when circuit is open — the Reputable server is likely unreachable
+        return unless Reputable.operational?
         # Check for new format (reputable_s) or legacy format (reputable_signature)
         if params[:reputable_s] || params[:reputable_signature]
           if Reputable.verify_redirect_return(params)
@@ -207,6 +210,9 @@ module Reputable
         blocked_message: nil,
         blocked_show_ip: true
       )
+        # Skip all gating when circuit is open — the Reputable server is likely unreachable
+        return unless Reputable.operational?
         if current_ip_blocked?
           render_reputable_blocked_page(
             status: blocked_status,

data/lib/reputable/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Reputable
-  VERSION = "0.1.19"
+  VERSION = "0.1.20"
 end

data/lib/reputable.rb CHANGED Viewed

@@ -75,6 +75,28 @@ module Reputable
       !enabled?
     end
+    # Check if Reputable is operational (enabled AND circuit breaker is closed)
+    # Use this to guard redirect/gating decisions — when the circuit is open,
+    # the Reputable server is likely unreachable and redirects would fail.
+    # @return [Boolean] true if Reputable can be used, false otherwise
+    def operational?
+      return false unless enabled?
+      return false if Connection.circuit_open?
+      true
+    end
+    # Get a detailed status report for monitoring/debugging
+    # @return [Hash] status information
+    def status
+      {
+        enabled: enabled?,
+        operational: operational?,
+        circuit_breaker: Connection.circuit_open? ? "open" : "closed",
+        failure_count: Connection.failure_count,
+        circuit_opened_at: Connection.circuit_opened_at
+      }
+    end
     # Delegate tracking methods to Tracker
     def track_request(ip:, path:, **options)
       Tracker.track_request(ip: ip, path: path, **options)

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: reputable
 version: !ruby/object:Gem::Version
-  version: 0.1.19
+  version: 0.1.20
 platform: ruby
 authors:
 - Reputable
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2026-02-03 00:00:00.000000000 Z
+date: 2026-02-07 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redis
@@ -137,7 +137,6 @@ files:
 - lib/reputable/reputation.rb
 - lib/reputable/tracker.rb
 - lib/reputable/version.rb
-- reputable.gemspec
 homepage: https://github.com/reputable-click/reputable-rb
 licenses:
 - MIT

data/reputable.gemspec DELETED Viewed

@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-require_relative "lib/reputable/version"
-Gem::Specification.new do |spec|
-  spec.name = "reputable"
-  spec.version = Reputable::VERSION
-  spec.authors = ["Reputable"]
-  spec.email = ["support@reputable.click"]
-  spec.summary = "Ruby client for Reputable - bot detection and reputation scoring"
-  spec.description = "Track requests and manage IP reputation through Redis/Dragonfly integration with Reputable"
-  spec.homepage = "https://github.com/reputable-click/reputable-rb"
-  spec.license = "MIT"
-  spec.required_ruby_version = ">= 2.7.0"
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = spec.homepage
-  spec.metadata["changelog_uri"] = "#{spec.homepage}/blob/main/CHANGELOG.md"
-  spec.files = Dir.chdir(__dir__) do
-    `git ls-files -z`.split("\x0").reject do |f|
-      (f == __FILE__) || f.match(%r{\A(?:(?:bin|test|spec|features)/|\.(?:git|travis|circleci)|appveyor)}) || f.end_with?(".gem")
-    end
-  end
-  spec.bindir = "exe"
-  spec.executables = spec.files.grep(%r{\Aexe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
-  spec.add_dependency "redis", ">= 4.0", "< 6.0"
-  spec.add_dependency "connection_pool", "~> 2.2"
-  spec.add_development_dependency "bundler", "~> 2.0"
-  spec.add_development_dependency "rake", "~> 13.0"
-  spec.add_development_dependency "rspec", "~> 3.12"
-  spec.add_development_dependency "rack", "~> 2.0"
-  spec.add_development_dependency "rubocop", "~> 1.0"
-end