secret_string 1.1.0 → 1.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/lib/secret_string/version.rb +1 -1
- data/lib/secret_string.rb +14 -6
- data/spec/secret_string_test/tests/secret_string_spec.rb +25 -1
- metadata +16 -15
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4e77a20a0c153f8012adddf70b9103da583df65d61c0ac7783c3d8ac3d662605
|
|
4
|
+
data.tar.gz: 7e644205ca247b7c9eed5b17cde7123f507bf8f4833274496eb20ca64499f8dc
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c46c73bec6d745a64ddabe0c53779ccb31b6e8d4d6b30ae2d0b69104d8a45ba0d08e8853234cc371fcfa237e38b2ecbb354edad58c7b7360ecf9b06d1f809b07
|
|
7
|
+
data.tar.gz: 293481686e52118664d4231ee351416c0dbe083191d87059aab55f8ba87ae9056dfbe2706e218fe2123a1945eabd3c956ad1d4bb6d4ebf3808521e11a19b991d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,3 +1,15 @@
|
|
|
1
|
+
# [v1.1.2](https://github.com/Muriel-Salvan/secret_string/compare/v1.1.1...v1.1.2) (2022-12-31 11:23:01)
|
|
2
|
+
|
|
3
|
+
### Patches
|
|
4
|
+
|
|
5
|
+
* [Update to Ruby 3.1 - Support of 2.7 dropped](https://github.com/Muriel-Salvan/secret_string/commit/a339478b3ab6e4477971d9a7b583595586dfcce8)
|
|
6
|
+
|
|
7
|
+
# [v1.1.1](https://github.com/Muriel-Salvan/secret_string/compare/v1.1.0...v1.1.1) (2021-08-13 09:59:55)
|
|
8
|
+
|
|
9
|
+
### Patches
|
|
10
|
+
|
|
11
|
+
* [[Fix] [#2] Handle frozen strings with correct exception messages before using them](https://github.com/Muriel-Salvan/secret_string/commit/b3e21e57613a6d39feca2118d272264cb77bdb5f)
|
|
12
|
+
|
|
1
13
|
# [v1.1.0](https://github.com/Muriel-Salvan/secret_string/compare/v1.0.1...v1.1.0) (2021-07-07 10:21:42)
|
|
2
14
|
|
|
3
15
|
### Features
|
data/lib/secret_string.rb
CHANGED
|
@@ -12,6 +12,8 @@ class SecretString
|
|
|
12
12
|
# Parameters::
|
|
13
13
|
# * *secret* (String): The secret to erase from memory
|
|
14
14
|
def erase(secret)
|
|
15
|
+
raise 'Can\'t erase a frozen string' if secret.frozen?
|
|
16
|
+
|
|
15
17
|
secret_size = secret.bytesize
|
|
16
18
|
io = StringIO.new("\0" * secret_size)
|
|
17
19
|
io.read(secret_size, secret)
|
|
@@ -21,16 +23,20 @@ class SecretString
|
|
|
21
23
|
# Make sure the String will be erased at the end of its access.
|
|
22
24
|
#
|
|
23
25
|
# Parameters::
|
|
24
|
-
# * *str* (String): String to protect
|
|
26
|
+
# * *str* (String): String to protect, unfrozen
|
|
25
27
|
# * *silenced_str* (String): The protected representation of this string [default: 'XXXXX']
|
|
26
28
|
# * Proc: Code called with the string secured
|
|
27
29
|
# * Parameters::
|
|
28
30
|
# * *secretstring* (SecretString): The secret string
|
|
29
31
|
def protect(str, silenced_str: 'XXXXX')
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
32
|
+
raise 'Can\'t protect a frozen string' if str.frozen?
|
|
33
|
+
|
|
34
|
+
begin
|
|
35
|
+
secret_string = SecretString.new(str, silenced_str:)
|
|
36
|
+
yield secret_string
|
|
37
|
+
ensure
|
|
38
|
+
secret_string.erase
|
|
39
|
+
end
|
|
34
40
|
end
|
|
35
41
|
|
|
36
42
|
end
|
|
@@ -38,9 +44,11 @@ class SecretString
|
|
|
38
44
|
# Constructor
|
|
39
45
|
#
|
|
40
46
|
# Parameters::
|
|
41
|
-
# * *str* (String): The original string to protect
|
|
47
|
+
# * *str* (String): The original string to protect, unfrozen
|
|
42
48
|
# * *silenced_str* (String): The silenced representation of this string [default: 'XXXXX']
|
|
43
49
|
def initialize(str, silenced_str: 'XXXXX')
|
|
50
|
+
raise 'Can\'t silence a frozen string' if str.frozen?
|
|
51
|
+
|
|
44
52
|
@str = str
|
|
45
53
|
# Make sure we manipulate @str without cloning or modifying it from now on.
|
|
46
54
|
@silenced_str = silenced_str
|
|
@@ -30,7 +30,7 @@ describe SecretString do
|
|
|
30
30
|
end
|
|
31
31
|
|
|
32
32
|
it 'matches correctly using the =~ operator with a string having the same content' do
|
|
33
|
-
expect(secret =~ /Secret/).not_to
|
|
33
|
+
expect(secret =~ /Secret/).not_to be_nil
|
|
34
34
|
end
|
|
35
35
|
|
|
36
36
|
it 'reports the correct size' do
|
|
@@ -39,6 +39,14 @@ describe SecretString do
|
|
|
39
39
|
|
|
40
40
|
end
|
|
41
41
|
|
|
42
|
+
context 'with a silenced frozen string' do
|
|
43
|
+
|
|
44
|
+
it 'fails to initialize a secret string frozen' do
|
|
45
|
+
expect { described_class.new('MySecret'.freeze, silenced_str: 'SilencedString') }.to raise_error 'Can\'t silence a frozen string'
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
end
|
|
49
|
+
|
|
42
50
|
describe 'erase' do
|
|
43
51
|
|
|
44
52
|
it 'erases a String' do
|
|
@@ -47,6 +55,11 @@ describe SecretString do
|
|
|
47
55
|
expect(str).not_to eq 'MySecret'
|
|
48
56
|
end
|
|
49
57
|
|
|
58
|
+
it 'fails to erase a frozen String' do
|
|
59
|
+
str = 'MySecret'.freeze
|
|
60
|
+
expect { described_class.erase(str) }.to raise_error 'Can\'t erase a frozen string'
|
|
61
|
+
end
|
|
62
|
+
|
|
50
63
|
end
|
|
51
64
|
|
|
52
65
|
describe 'protect' do
|
|
@@ -61,6 +74,17 @@ describe SecretString do
|
|
|
61
74
|
expect(str.to_s).not_to eq 'MySecret'
|
|
62
75
|
end
|
|
63
76
|
|
|
77
|
+
it 'fails to protect a frozen String' do
|
|
78
|
+
str = 'MySecret'.freeze
|
|
79
|
+
called = false
|
|
80
|
+
expect do
|
|
81
|
+
described_class.protect(str, silenced_str: 'SilencedString') do
|
|
82
|
+
called = true
|
|
83
|
+
end
|
|
84
|
+
end.to raise_error 'Can\'t protect a frozen string'
|
|
85
|
+
expect(called).to be false
|
|
86
|
+
end
|
|
87
|
+
|
|
64
88
|
end
|
|
65
89
|
|
|
66
90
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: secret_string
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.2
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Muriel Salvan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-12-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rspec
|
|
@@ -16,65 +16,65 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: '3.
|
|
19
|
+
version: '3.12'
|
|
20
20
|
type: :development
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: '3.
|
|
26
|
+
version: '3.12'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: sem_ver_components
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
30
30
|
requirements:
|
|
31
31
|
- - "~>"
|
|
32
32
|
- !ruby/object:Gem::Version
|
|
33
|
-
version: '0.
|
|
33
|
+
version: '0.3'
|
|
34
34
|
type: :development
|
|
35
35
|
prerelease: false
|
|
36
36
|
version_requirements: !ruby/object:Gem::Requirement
|
|
37
37
|
requirements:
|
|
38
38
|
- - "~>"
|
|
39
39
|
- !ruby/object:Gem::Version
|
|
40
|
-
version: '0.
|
|
40
|
+
version: '0.3'
|
|
41
41
|
- !ruby/object:Gem::Dependency
|
|
42
42
|
name: rubocop
|
|
43
43
|
requirement: !ruby/object:Gem::Requirement
|
|
44
44
|
requirements:
|
|
45
45
|
- - "~>"
|
|
46
46
|
- !ruby/object:Gem::Version
|
|
47
|
-
version: '1.
|
|
47
|
+
version: '1.41'
|
|
48
48
|
type: :development
|
|
49
49
|
prerelease: false
|
|
50
50
|
version_requirements: !ruby/object:Gem::Requirement
|
|
51
51
|
requirements:
|
|
52
52
|
- - "~>"
|
|
53
53
|
- !ruby/object:Gem::Version
|
|
54
|
-
version: '1.
|
|
54
|
+
version: '1.41'
|
|
55
55
|
- !ruby/object:Gem::Dependency
|
|
56
56
|
name: rubocop-rspec
|
|
57
57
|
requirement: !ruby/object:Gem::Requirement
|
|
58
58
|
requirements:
|
|
59
59
|
- - "~>"
|
|
60
60
|
- !ruby/object:Gem::Version
|
|
61
|
-
version: '2.
|
|
61
|
+
version: '2.16'
|
|
62
62
|
type: :development
|
|
63
63
|
prerelease: false
|
|
64
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
65
65
|
requirements:
|
|
66
66
|
- - "~>"
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
|
-
version: '2.
|
|
68
|
+
version: '2.16'
|
|
69
69
|
description: Remove secrets (passwords, keys...) from memory
|
|
70
70
|
email:
|
|
71
71
|
- muriel@x-aeon.com
|
|
72
72
|
executables: []
|
|
73
73
|
extensions: []
|
|
74
74
|
extra_rdoc_files:
|
|
75
|
-
- README.md
|
|
76
|
-
- LICENSE.md
|
|
77
75
|
- CHANGELOG.md
|
|
76
|
+
- LICENSE.md
|
|
77
|
+
- README.md
|
|
78
78
|
files:
|
|
79
79
|
- CHANGELOG.md
|
|
80
80
|
- LICENSE.md
|
|
@@ -90,7 +90,8 @@ files:
|
|
|
90
90
|
homepage:
|
|
91
91
|
licenses:
|
|
92
92
|
- BSD-3-Clause
|
|
93
|
-
metadata:
|
|
93
|
+
metadata:
|
|
94
|
+
rubygems_mfa_required: 'true'
|
|
94
95
|
post_install_message:
|
|
95
96
|
rdoc_options: []
|
|
96
97
|
require_paths:
|
|
@@ -99,14 +100,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
99
100
|
requirements:
|
|
100
101
|
- - "~>"
|
|
101
102
|
- !ruby/object:Gem::Version
|
|
102
|
-
version: '
|
|
103
|
+
version: '3.1'
|
|
103
104
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
104
105
|
requirements:
|
|
105
106
|
- - ">="
|
|
106
107
|
- !ruby/object:Gem::Version
|
|
107
108
|
version: '0'
|
|
108
109
|
requirements: []
|
|
109
|
-
rubygems_version: 3.
|
|
110
|
+
rubygems_version: 3.3.26
|
|
110
111
|
signing_key:
|
|
111
112
|
specification_version: 4
|
|
112
113
|
summary: Secret String
|