RubyGems - sekrets - Versions diffs - 1.9.1 → 1.10.0 - Mend

sekrets 1.9.1 → 1.10.0

Files changed (10) hide show

checksums.yaml ADDED

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: eae5557799ee5e82130f9e7a15a298f166b10f49
+  data.tar.gz: 3d9e87c57cbb35dfb8826fece73e93eeee51cb3d
+SHA512:
+  metadata.gz: c81545e69ac61d60c5bb36bc5f4f99596c554fdc5c34e97f908458fd6e38a47c7ca1c072d3ceb7313acae958a78d73506c02a18ca525d7b2a7e71baa1d2e7a93
+  data.tar.gz: 4b35556bd48a4183f3c8e9e232553201e03d55f0b5baa8494d50d6e16f610bfae6d70b78cde456165c7a9dec0f7010221e2cc6a66ec09a1f38ab2ae246dd6e2c

data/Gemfile ADDED

	@@ -0,0 +1,2 @@
1	+ source "https://rubygems.org/"
2	+ gemspec

data/Gemfile.lock ADDED

@@ -0,0 +1,34 @@
+PATH
+  remote: .
+  specs:
+    sekrets (1.10.0)
+      coerce (>= 0.0.3)
+      fattr (~> 2.2)
+      highline (~> 1.6)
+      main (~> 6.1)
+      map (~> 6.3)
+GEM
+  remote: https://rubygems.org/
+  specs:
+    arrayfields (4.9.2)
+    chronic (0.10.2)
+    coerce (0.0.8)
+      chronic (>= 0.6.2)
+    fattr (2.3.0)
+    highline (1.7.8)
+    main (6.2.2)
+      arrayfields (~> 4.7, >= 4.7.4)
+      chronic (~> 0.6, >= 0.6.2)
+      fattr (~> 2.2, >= 2.2.0)
+      map (~> 6.1, >= 6.1.0)
+    map (6.6.0)
+PLATFORMS
+  ruby
+DEPENDENCIES
+  sekrets!
+BUNDLED WITH
+   1.14.6

data/LICENSE ADDED

@@ -0,0 +1,22 @@
+Copyright 2013 Ara T. Howard
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
+ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

data/README.md ADDED

@@ -0,0 +1,109 @@
+# NAME
+sekrets.rb
+## SYNOPSIS
+sekrets is a command line tool and library used to securely manage encrypted files and settings in your rails' applications and git repositories.
+## INSTALL
+    gem install sekrets
+## DESCRIPTION
+sekrets provides commandline tools and a library to manage and access encrypted files in your code base.
+It allows one to check encrypted infomation into a repository and to manage it alongside the rest of the code base. It elimnates the need to check in unencrypted information, keys, or other sensitive infomation.
+sekrets provides both a general mechanism for managing arbitrary encrypted files and a specific mechanism for managing encrypted config files.
+## USAGE
+create an encrypted config file
+    ruby -r yaml -e'puts({:api_key => 1234}.to_yaml)' | sekrets write config/settings.yml.enc --key 42
+display it
+    sekrets read config/settings.yml.enc --key 42
+ edit it
+    sekrets edit config/settings.yml.enc --key 42
+see that it's encrypted
+    cat config/settings.yml.enc
+commit it
+    git add config/settings.yml.enc
+put the decryption key in a file
+    echo 42 > .sekrets.key
+ignore this file in git
+    echo .sekrets.key >> .gitignore
+you now no longer need to provide the `--key` argument to commands
+    sekrets read config/settings.yml.enc
+    sekrets edit config/settings.yml.enc
+make sure this file gets deployed on your server
+    echo " require 'sekrets/capistrano' " >> Capfile
+commit and deploy
+    git add config/settings.yml.enc
+    git commit -am'encrypted settings yo'
+    git pull && git push && cap staging deploy
+access these settings in your application code
+    settings = Sekrets.settings_for('./config/settings.yml.enc')
+## RAILS
+    gem 'sekrets' # Gemfile
+    bundle install
+    rake sekrets:generate:key
+    rake sekrets:generate:editor
+    rake sekrets:generate:config
+## KEY LOOKUP
+for *all* operations, from the command line or otherwise, sekrets uses the following algorithm to search for a decryption key:
+- any key passed directly as a parameter to a library call will be preferred
+- otherwise the code looks for a companion key file.  for example, given the file `config/sekrets.yml.enc` sekrets will look for a key at `config/.sekrets.yml.enc.key`
+- If either of these is found to be non-empty the contents of the file will be used as the decryption key for that file. You should **never** commit these key files and also add them to your `.gitignore` - or similar.
+- Next a project key file is looked for. The path of this file is `./.sekrets.key` normally and, in a rails' application `RAILS_ROOT/.sekrets.key`
+- If that is not found sekrets looks for the key in the environment under the env var `SEKRETS_KEY` (the env var used is configurable in the library)
+- Next the global key file is search for, the path of this file is `~/.sekrets.key`
+- Finally, if no key has yet been specified or found, the user is prompted to input the key. Prompt only occurs if the user us attached to a tty. So, for example, no prompt will hang an application being started in the background (such as a rails' application being managed by passenger).
+see `Sekrets.key_for` for explicit details
+## KEY DISTRIBUTION
+sekrets does *not* attempt to solve the key distribution problem for you,with one exception:
+If you are using capistrano to do a *vanilla* ssh based deploy, a simple recipe is provided which will detect a local keyfile and scp it onto the remote server(s) on deploy.
+sekrets assumes that the local keyfile, if it exists, is correct.
+In plain english the capistrano recipe does:
+    scp ./sekrets.key deploy@remote.host.com:/rails_root/current/sekrets.key
+It goes without saying that the local keyfile should *never* be checked in and also should be in `.gitignore`.
+Distribution of this key among developers is outside the scope of the library. Encrypted email is likely the best mechanism for distribution, but you've still got to solve this problem for yourself ;-/

data/Rakefile CHANGED

@@ -90,6 +90,7 @@ task :gemspec do
   test_files  = test(?e, "test/#{ lib }.rb") ? "test/#{ lib }.rb" : nil
   summary     = object.respond_to?(:summary) ? object.summary : "summary: #{ lib } kicks the ass"
   description = object.respond_to?(:description) ? object.description : "description: #{ lib } kicks the ass"
+  license     = object.respond_to?(:license) ? object.license : "BSD-2-Clause"
   if This.extensions.nil?
     This.extensions = []
@@ -118,34 +119,38 @@ task :gemspec do
     else
       Template {
         <<-__
-          ## <%= lib %>.gemspec
+          # DO NOT EDIT - This file is automatically generated
+          # Make changes to Rakefile and regenerate with `rake gemspec`
+          ## #{ lib }.gemspec
           #
           Gem::Specification::new do |spec|
-            spec.name = <%= lib.inspect %>
-            spec.version = <%= version.inspect %>
+            spec.name = #{ lib.inspect }
+            spec.version = #{ version.inspect }
             spec.platform = Gem::Platform::RUBY
-            spec.summary = <%= lib.inspect %>
-            spec.description = <%= description.inspect %>
-            spec.license = "Same as Ruby's"
+            spec.summary = #{ summary.inspect }
+            spec.description = #{ description.inspect }
+            spec.license = #{ license.inspect }
+            spec.files =\n#{ files.sort.pretty_inspect }
+            spec.executables = #{ executables.inspect }
-            spec.files =\n<%= files.sort.pretty_inspect %>
-            spec.executables = <%= executables.inspect %>
             spec.require_path = "lib"
-            spec.test_files = <%= test_files.inspect %>
+            spec.test_files = #{ test_files.inspect }
             <% dependencies.each do |lib_version| %>
               spec.add_dependency(*<%= Array(lib_version).flatten.inspect %>)
             <% end %>
-            spec.extensions.push(*<%= extensions.inspect %>)
+            spec.extensions.push(*#{ extensions.inspect })
+            spec.rubyforge_project = #{ This.rubyforge_project.inspect }
+            spec.author = #{ This.author.inspect }
+            spec.email = #{ This.email.inspect }
+            spec.homepage = #{ This.homepage.inspect }
-            spec.rubyforge_project = <%= This.rubyforge_project.inspect %>
-            spec.author = <%= This.author.inspect %>
-            spec.email = <%= This.email.inspect %>
-            spec.homepage = <%= This.homepage.inspect %>
+            spec.required_ruby_version = '>= 1.9'
           end
         __
       }
@@ -294,7 +299,7 @@ BEGIN {
 # discover full path to this ruby executable
 #
-  c = Config::CONFIG
+  c = RbConfig::CONFIG
   bindir = c["bindir"] || c['BINDIR']
   ruby_install_name = c['ruby_install_name'] || c['RUBY_INSTALL_NAME'] || 'ruby'
   ruby_ext = c['EXEEXT'] || ''

data/lib/sekrets.rb CHANGED

@@ -6,6 +6,13 @@ class Sekrets
   Fattr(:project_key){ File.join(root, '.sekrets.key') }
   Fattr(:global_key){ File.join(File.expand_path('~'), '.sekrets.key') }
+  Fattr(:summary){ "securely manage encrypted files and settings" }
+  Fattr(:description){
+    "sekrets is a command line tool and library used to securely manage encrypted files and settings in your rails' applications and git repositories."
+  }
 #
   def Sekrets.key_for(*args)
     options = Map.options_for!(args)
@@ -292,8 +299,8 @@ class Sekrets
 #
   module Blowfish
     def cipher(mode, key, data)
-      cipher = OpenSSL::Cipher::Cipher.new('bf-cbc').send(mode)
-      cipher.key = Digest::SHA256.digest(key.to_s)
+      cipher = OpenSSL::Cipher.new('bf-cbc').send(mode)
+      cipher.key = Digest::SHA256.digest(key.to_s).slice(0,16)
       cipher.update(data) << cipher.final
     end
@@ -333,7 +340,7 @@ BEGIN {
   require 'tmpdir'
   class Sekrets < ::String
-    Version = '1.9.1' unless defined?(Version)
+    Version = '1.10.0' unless defined?(Version)
     class << Sekrets
       def version
@@ -342,11 +349,11 @@ BEGIN {
       def dependencies
         {
-          'highline' => [ 'highline' , ' >= 1.6.15'  ] ,
-          'map'      => [ 'map'      , ' >= 6.3.0'   ]  ,
-          'fattr'    => [ 'fattr'    , ' >= 2.2.1'   ]  ,
-          'coerce'   => [ 'coerce'   , ' >= 0.0.3'   ]  ,
-          'main'     => [ 'main'     , ' >= 5.1.1'   ]  ,
+          'highline' => [ 'highline' , ' ~> 1.6'   ] ,
+          'map'      => [ 'map'      , ' ~> 6.3'   ] ,
+          'fattr'    => [ 'fattr'    , ' ~> 2.2'   ] ,
+          'coerce'   => [ 'coerce'   , ' ~> 0.0.3' ] ,
+          'main'     => [ 'main'     , ' ~> 6.1'   ] ,
         }
       end
@@ -382,14 +389,6 @@ BEGIN {
     require(lib)
   end
-  Sekrets.fattr(:description){
-    <<-__
-      foobar
-    __
-  }
   if defined?(Rails)
     class Sekrets

data/sekrets.gemspec CHANGED

@@ -1,16 +1,21 @@
+# DO NOT EDIT - This file is automatically generated
+# Make changes to Rakefile and regenerate with `rake gemspec`
 ## sekrets.gemspec
 #
 Gem::Specification::new do |spec|
   spec.name = "sekrets"
-  spec.version = "1.9.1"
+  spec.version = "1.10.0"
   spec.platform = Gem::Platform::RUBY
-  spec.summary = "sekrets"
-  spec.description = "description: sekrets kicks the ass"
-  spec.license = "Same as Ruby's"
+  spec.summary = "securely manage encrypted files and settings"
+  spec.description = "sekrets is a command line tool and library used to securely manage encrypted files and settings in your rails' applications and git repositories."
+  spec.license = "BSD-2-Clause"
   spec.files =
-["README",
+["Gemfile",
+ "Gemfile.lock",
+ "LICENSE",
+ "README.md",
  "Rakefile",
  "bin",
  "bin/sekrets",
@@ -28,21 +33,21 @@ Gem::Specification::new do |spec|
  "test/sekrets_test.rb"]
   spec.executables = ["sekrets"]
   spec.require_path = "lib"
   spec.test_files = nil
-    spec.add_dependency(*["highline", " >= 1.6.15"])
+    spec.add_dependency(*["highline", " ~> 1.6"])
-    spec.add_dependency(*["map", " >= 6.3.0"])
+    spec.add_dependency(*["map", " ~> 6.3"])
-    spec.add_dependency(*["fattr", " >= 2.2.1"])
+    spec.add_dependency(*["fattr", " ~> 2.2"])
-    spec.add_dependency(*["coerce", " >= 0.0.3"])
+    spec.add_dependency(*["coerce", " ~> 0.0.3"])
-    spec.add_dependency(*["main", " >= 5.1.1"])
+    spec.add_dependency(*["main", " ~> 6.1"])
   spec.extensions.push(*[])
@@ -51,4 +56,6 @@ Gem::Specification::new do |spec|
   spec.author = "Ara T. Howard"
   spec.email = "ara.t.howard@gmail.com"
   spec.homepage = "https://github.com/ahoward/sekrets"
+  spec.required_ruby_version = '>= 1.9'
 end

metadata CHANGED

@@ -1,104 +1,97 @@
 --- !ruby/object:Gem::Specification
 name: sekrets
 version: !ruby/object:Gem::Version
-  version: 1.9.1
-  prerelease:
+  version: 1.10.0
 platform: ruby
 authors:
 - Ara T. Howard
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-04-01 00:00:00.000000000 Z
+date: 2017-04-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: highline
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.15
+        version: '1.6'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 1.6.15
+        version: '1.6'
 - !ruby/object:Gem::Dependency
   name: map
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.3.0
+        version: '6.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 6.3.0
+        version: '6.3'
 - !ruby/object:Gem::Dependency
   name: fattr
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: '2.2'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 2.2.1
+        version: '2.2'
 - !ruby/object:Gem::Dependency
   name: coerce
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.0.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
         version: 0.0.3
 - !ruby/object:Gem::Dependency
   name: main
   requirement: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.1.1
+        version: '6.1'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
-    none: false
     requirements:
-    - - ! '>='
+    - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.1.1
-description: ! 'description: sekrets kicks the ass'
+        version: '6.1'
+description: sekrets is a command line tool and library used to securely manage encrypted
+  files and settings in your rails' applications and git repositories.
 email: ara.t.howard@gmail.com
 executables:
 - sekrets
 extensions: []
 extra_rdoc_files: []
 files:
-- README
+- Gemfile
+- Gemfile.lock
+- LICENSE
+- README.md
 - Rakefile
 - bin/sekrets
 - lib/sekrets.rb
@@ -110,28 +103,26 @@ files:
 - test/sekrets_test.rb
 homepage: https://github.com/ahoward/sekrets
 licenses:
-- Same as Ruby's
+- BSD-2-Clause
+metadata: {}
 post_install_message:
 rdoc_options: []
 require_paths:
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '1.9'
 required_rubygems_version: !ruby/object:Gem::Requirement
-  none: false
   requirements:
-  - - ! '>='
+  - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
 rubyforge_project: codeforpeople
-rubygems_version: 1.8.23.2
+rubygems_version: 2.6.8
 signing_key:
-specification_version: 3
-summary: sekrets
+specification_version: 4
+summary: securely manage encrypted files and settings
 test_files: []
-has_rdoc:

data/README DELETED

@@ -1,144 +0,0 @@
-NAME
-  sekrets.rb
-SYNOPSIS
-  sekrets is a command line tool and library used to securely manage encrypted
-  files and settings in your rails' applications and git repositories.
-INSTALL
-  gem install sekrets
-  gem 'sekrets'
-DESCRIPTION
-  TL;DR
-    # create an encrypted config file
-      ruby -r yaml -e'puts({:api_key => 1234}.to_yaml)' | sekrets write config/settings.yml.enc --key 42
-    # display it
-      sekrets read config/settings.yml.enc --key 42
-    # edit it
-      sekrets edit config/settings.yml.enc --key 42
-    # see that it's encrypted
-      cat config/settings.yml.enc
-    # commit it
-      git add config/settings.yml.enc
-    # put the decryption key in a file
-      echo 42 > .sekrets.key
-    # ignore this file in git
-      echo .sekrets.key >> .gitignore
-    # you now no longer need to provide the --key argument to commands
-      sekrets read config/settings.yml.enc
-      sekrets edit config/settings.yml.enc
-    # make sure this file gets deployed on your server
-      echo " require 'sekrets/capistrano' " >> Capfile
-    # commit and deploy
-      git add config/settings.yml.enc
-      git commit -am'encrypted settings yo'
-      git pull && git push && cap staging deploy
-    # access these settings in your application code
-      settings = Sekrets.settings_for('./config/settings.yml.enc')
-  RAILS
-    gem 'sekrets' # Gemfile
-    bundle install
-    rake sekrets:generate:key
-    rake sekrets:generate:editor
-    rake sekrets:generate:config
-  DESCRIPTION
-    sekrets provides commandline tools and a library to manage and access
-    encrypted files in your code base.
-    it allows one to check encrypted infomation into a repository and to manage
-    it alongside the rest of the code base.  it elimnates the need to check in
-    unencrypted information, keys, or other sensitive infomation.
-    sekrets provides both a general mechanism for managing arbitrary encrypted
-    files and a specific mechanism for managing encrypted config files.
-  KEY LOOKUP
-    for *all* operations, from the command line or otherwise, sekrets uses the
-    following algorithm to search for a decryption key:
-    - any key passed directly as a parameter to a library call will be preferred
-    - otherwise the code looks for a companion key file.  for example, given the
-      file 'config/sekrets.yml.enc' sekrets will look for a key at
-        config/.sekrets.yml.enc.key
-      if either of these is found to be non-empty the contents of the file will
-      be used as the decryption key for that file.  you should *never* commit
-      these key files and also add them to your .gitignore - or similar.
-    - next a project key file is looked for.  the path of this file is
-        ./.sekrets.key
-      normally and, in a rails' application
-        RAILS_ROOT/.sekrets.key
-    - if that is not found sekrets looks for the key in the environment under
-      the env var
-        SEKRETS_KEY
-      the env var used is configurable in the library
-    - next the global key file is search for, the path of this file is
-        ~/.sekrets.key
-    - finally, if no key has yet been specified or found, the user is prompted
-      to input the key.  prompt only occurs if the user us attached to a tty.
-      so, for example, no prompt will hang and application being started in the
-      background such as a rails' application being managed by passenger.
-    see Sekrets.key_for for more details
-  KEY DISTRIBUTION
-    sekrets does *not* attempt to solve the key distribution problem for you,
-    with one exception:
-    if you are using capistrano to do a 'vanilla' ssh based deploy a simple
-    recipe is provided which will detect a local keyfile and scp it onto the
-    remote server(s) on deploy.
-    sekrets assumes that the local keyfile, if it exists, is correct.
-    in plain english the capistrano recipe does:
-      scp ./sekrets.key deploy@remote.host.com:/rails_root/current/sekrets.key
-    it goes without saying that the local keyfile should *never* be checked in
-    and also should be in .gitignore
-    distribution of this key among developers is outside the scope of the
-    library.  encrypted email is likely the best mechanism for distribution,
-    but you've still got to sovle this problem for yourself ;-/