secret_string 1.1.0 → 1.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/lib/secret_string/version.rb +1 -1
- data/lib/secret_string.rb +14 -6
- data/spec/secret_string_test/tests/secret_string_spec.rb +25 -1
- metadata +16 -15
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e77a20a0c153f8012adddf70b9103da583df65d61c0ac7783c3d8ac3d662605
|
|
4
|
+
data.tar.gz: 7e644205ca247b7c9eed5b17cde7123f507bf8f4833274496eb20ca64499f8dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c46c73bec6d745a64ddabe0c53779ccb31b6e8d4d6b30ae2d0b69104d8a45ba0d08e8853234cc371fcfa237e38b2ecbb354edad58c7b7360ecf9b06d1f809b07
|
|
7
|
+
data.tar.gz: 293481686e52118664d4231ee351416c0dbe083191d87059aab55f8ba87ae9056dfbe2706e218fe2123a1945eabd3c956ad1d4bb6d4ebf3808521e11a19b991d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,15 @@
|
|
|
1
|
+
# [v1.1.2](https://github.com/Muriel-Salvan/secret_string/compare/v1.1.1...v1.1.2) (2022-12-31 11:23:01)
|
|
2
|
+
|
|
3
|
+
### Patches
|
|
4
|
+
|
|
5
|
+
* [Update to Ruby 3.1 - Support of 2.7 dropped](https://github.com/Muriel-Salvan/secret_string/commit/a339478b3ab6e4477971d9a7b583595586dfcce8)
|
|
6
|
+
|
|
7
|
+
# [v1.1.1](https://github.com/Muriel-Salvan/secret_string/compare/v1.1.0...v1.1.1) (2021-08-13 09:59:55)
|
|
8
|
+
|
|
9
|
+
### Patches
|
|
10
|
+
|
|
11
|
+
* [[Fix] [#2] Handle frozen strings with correct exception messages before using them](https://github.com/Muriel-Salvan/secret_string/commit/b3e21e57613a6d39feca2118d272264cb77bdb5f)
|
|
12
|
+
|
|
1
13
|
# [v1.1.0](https://github.com/Muriel-Salvan/secret_string/compare/v1.0.1...v1.1.0) (2021-07-07 10:21:42)
|
|
2
14
|
|
|
3
15
|
### Features
|
data/lib/secret_string.rb
CHANGED
|
@@ -12,6 +12,8 @@ class SecretString
|
|
|
12
12
|
# Parameters::
|
|
13
13
|
# * *secret* (String): The secret to erase from memory
|
|
14
14
|
def erase(secret)
|
|
15
|
+
raise 'Can\'t erase a frozen string' if secret.frozen?
|
|
16
|
+
|
|
15
17
|
secret_size = secret.bytesize
|
|
16
18
|
io = StringIO.new("\0" * secret_size)
|
|
17
19
|
io.read(secret_size, secret)
|
|
@@ -21,16 +23,20 @@ class SecretString
|
|
|
21
23
|
# Make sure the String will be erased at the end of its access.
|
|
22
24
|
#
|
|
23
25
|
# Parameters::
|
|
24
|
-
# * *str* (String): String to protect
|
|
26
|
+
# * *str* (String): String to protect, unfrozen
|
|
25
27
|
# * *silenced_str* (String): The protected representation of this string [default: 'XXXXX']
|
|
26
28
|
# * Proc: Code called with the string secured
|
|
27
29
|
# * Parameters::
|
|
28
30
|
# * *secretstring* (SecretString): The secret string
|
|
29
31
|
def protect(str, silenced_str: 'XXXXX')
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
32
|
+
raise 'Can\'t protect a frozen string' if str.frozen?
|
|
33
|
+
|
|
34
|
+
begin
|
|
35
|
+
secret_string = SecretString.new(str, silenced_str:)
|
|
36
|
+
yield secret_string
|
|
37
|
+
ensure
|
|
38
|
+
secret_string.erase
|
|
39
|
+
end
|
|
34
40
|
end
|
|
35
41
|
|
|
36
42
|
end
|
|
@@ -38,9 +44,11 @@ class SecretString
|
|
|
38
44
|
# Constructor
|
|
39
45
|
#
|
|
40
46
|
# Parameters::
|
|
41
|
-
# * *str* (String): The original string to protect
|
|
47
|
+
# * *str* (String): The original string to protect, unfrozen
|
|
42
48
|
# * *silenced_str* (String): The silenced representation of this string [default: 'XXXXX']
|
|
43
49
|
def initialize(str, silenced_str: 'XXXXX')
|
|
50
|
+
raise 'Can\'t silence a frozen string' if str.frozen?
|
|
51
|
+
|
|
44
52
|
@str = str
|
|
45
53
|
# Make sure we manipulate @str without cloning or modifying it from now on.
|
|
46
54
|
@silenced_str = silenced_str
|
|
@@ -30,7 +30,7 @@ describe SecretString do
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
it 'matches correctly using the =~ operator with a string having the same content' do
|
|
33
|
-
expect(secret =~ /Secret/).not_to
|
|
33
|
+
expect(secret =~ /Secret/).not_to be_nil
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
it 'reports the correct size' do
|
|
@@ -39,6 +39,14 @@ describe SecretString do
|
|
|
39
39
|
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
context 'with a silenced frozen string' do
|
|
43
|
+
|
|
44
|
+
it 'fails to initialize a secret string frozen' do
|
|
45
|
+
expect { described_class.new('MySecret'.freeze, silenced_str: 'SilencedString') }.to raise_error 'Can\'t silence a frozen string'
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
end
|
|
49
|
+
|
|
42
50
|
describe 'erase' do
|
|
43
51
|
|
|
44
52
|
it 'erases a String' do
|
|
@@ -47,6 +55,11 @@ describe SecretString do
|
|
|
47
55
|
expect(str).not_to eq 'MySecret'
|
|
48
56
|
end
|
|
49
57
|
|
|
58
|
+
it 'fails to erase a frozen String' do
|
|
59
|
+
str = 'MySecret'.freeze
|
|
60
|
+
expect { described_class.erase(str) }.to raise_error 'Can\'t erase a frozen string'
|
|
61
|
+
end
|
|
62
|
+
|
|
50
63
|
end
|
|
51
64
|
|
|
52
65
|
describe 'protect' do
|
|
@@ -61,6 +74,17 @@ describe SecretString do
|
|
|
61
74
|
expect(str.to_s).not_to eq 'MySecret'
|
|
62
75
|
end
|
|
63
76
|
|
|
77
|
+
it 'fails to protect a frozen String' do
|
|
78
|
+
str = 'MySecret'.freeze
|
|
79
|
+
called = false
|
|
80
|
+
expect do
|
|
81
|
+
described_class.protect(str, silenced_str: 'SilencedString') do
|
|
82
|
+
called = true
|
|
83
|
+
end
|
|
84
|
+
end.to raise_error 'Can\'t protect a frozen string'
|
|
85
|
+
expect(called).to be false
|
|
86
|
+
end
|
|
87
|
+
|
|
64
88
|
end
|
|
65
89
|
|
|
66
90
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secret_string
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Muriel Salvan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-12-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -16,65 +16,65 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '3.
|
|
19
|
+
version: '3.12'
|
|
20
20
|
type: :development
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '3.
|
|
26
|
+
version: '3.12'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: sem_ver_components
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '0.
|
|
33
|
+
version: '0.3'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '0.
|
|
40
|
+
version: '0.3'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rubocop
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '1.
|
|
47
|
+
version: '1.41'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '1.
|
|
54
|
+
version: '1.41'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: rubocop-rspec
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '2.
|
|
61
|
+
version: '2.16'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '2.
|
|
68
|
+
version: '2.16'
|
|
69
69
|
description: Remove secrets (passwords, keys...) from memory
|
|
70
70
|
email:
|
|
71
71
|
- muriel@x-aeon.com
|
|
72
72
|
executables: []
|
|
73
73
|
extensions: []
|
|
74
74
|
extra_rdoc_files:
|
|
75
|
-
- README.md
|
|
76
|
-
- LICENSE.md
|
|
77
75
|
- CHANGELOG.md
|
|
76
|
+
- LICENSE.md
|
|
77
|
+
- README.md
|
|
78
78
|
files:
|
|
79
79
|
- CHANGELOG.md
|
|
80
80
|
- LICENSE.md
|
|
@@ -90,7 +90,8 @@ files:
|
|
|
90
90
|
homepage:
|
|
91
91
|
licenses:
|
|
92
92
|
- BSD-3-Clause
|
|
93
|
-
metadata:
|
|
93
|
+
metadata:
|
|
94
|
+
rubygems_mfa_required: 'true'
|
|
94
95
|
post_install_message:
|
|
95
96
|
rdoc_options: []
|
|
96
97
|
require_paths:
|
|
@@ -99,14 +100,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
99
100
|
requirements:
|
|
100
101
|
- - "~>"
|
|
101
102
|
- !ruby/object:Gem::Version
|
|
102
|
-
version: '
|
|
103
|
+
version: '3.1'
|
|
103
104
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
104
105
|
requirements:
|
|
105
106
|
- - ">="
|
|
106
107
|
- !ruby/object:Gem::Version
|
|
107
108
|
version: '0'
|
|
108
109
|
requirements: []
|
|
109
|
-
rubygems_version: 3.
|
|
110
|
+
rubygems_version: 3.3.26
|
|
110
111
|
signing_key:
|
|
111
112
|
specification_version: 4
|
|
112
113
|
summary: Secret String
|