RubyGems - sensitive_data_filter - Versions diffs - 0.4.0 → 0.7.0 - Mend

sensitive_data_filter 0.4.0 → 0.7.0

Files changed (14) hide show

checksums.yaml +5 -5
data/.github/dependabot.yml +6 -0
data/.github/workflows/release.yml +59 -0
data/.github/workflows/ruby.yml +21 -0
data/.ruby-version +1 -1
data/CHANGELOG.md +15 -0
data/README.md +21 -12
data/lib/sensitive_data_filter/middleware/env_parser.rb +7 -3
data/lib/sensitive_data_filter/version.rb +1 -1
data/sensitive_data_filter.gemspec +10 -12
metadata +42 -71
data/.travis.yml +0 -14
data/gemfiles/Gemfile.ruby-2.1.rb +0 -10
data/gemfiles/Gemfile.ruby-2.2.rb +0 -10

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6cce4248617024392c3ae4361addc7aba426cc1a
-  data.tar.gz: 63bfa17fd66e237d54e549b5fda77f66d2c809a7
+SHA256:
+  metadata.gz: 324e48c964c091761fe5f2e851d3174dab532f2d39cf8cabb404a22fda78449d
+  data.tar.gz: 1ac9c36380e2f246787d807fd380454b36e69f82d72f227366557747685c4460
 SHA512:
-  metadata.gz: fc9f481f0ed4edd51af68e2d0e02ecb8bebf1e67bdd6e1d845373ee6bbf19260e384df5356364dad8ad95e60c9a6698885a6d4da98f937af61ef0e77e63a735a
-  data.tar.gz: ee718699451224d75f88ad945c27aa6cdf32a1892b6e9bf6b3a584c2c33f768c757603605c2d91d5512b68b578efe12ddb2d8ee7d5ec054a865eff1cb48bb691
+  metadata.gz: b0b92e9a4e71b6259f98865e95f2531feb875bcf19ae587a0f59df882d80a80fdc65c7fed4c436a44af4c1c9973c46f93c0c0405a94e38e4fce8c8b20ed7eea1
+  data.tar.gz: d4a993de8e04e29b869e702e42467778cbfa7843ff2a6a1562e479edb5c76e701400569f0ae9221c59a3411af504df4585845768b532ce2e8bf380b4f4321c42

data/.github/dependabot.yml ADDED Viewed

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "bundler"
+    directory: "/"
+    schedule:
+      interval: "daily"

data/.github/workflows/release.yml ADDED Viewed

@@ -0,0 +1,59 @@
+name: Release
+on:
+  push:
+    tags:
+      - "v*"
+jobs:
+  build:
+    name: Build
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          bundler-cache: true
+      - run: bundle exec rake
+  release:
+    needs: build
+    name: Release
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Generate Changelog
+        run: |
+          # Get version from github ref (remove 'refs/tags/' and prefix 'v')
+          version="${GITHUB_REF#refs/tags/v}"
+          npx changelog-parser CHANGELOG.md | jq -cr ".versions | .[] | select(.version == \"$version\") | .body" > ${{ github.workflow }}-CHANGELOG.txt
+      - name: Release
+        uses: softprops/action-gh-release@v1
+        with:
+          body_path: ${{ github.workflow }}-CHANGELOG.txt
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  publish:
+    needs: [build, release]
+    name: Publish
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+      - name: Publish to RubyGems
+        run: |
+          mkdir -p $HOME/.gem
+          touch $HOME/.gem/credentials
+          chmod 0600 $HOME/.gem/credentials
+          printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
+          gem build *.gemspec
+          gem push *.gem
+        env:
+          GEM_HOST_API_KEY: "${{secrets.RUBYGEMS_AUTH_TOKEN}}"

data/.github/workflows/ruby.yml ADDED Viewed

@@ -0,0 +1,21 @@
+name: Build and Test
+on: [push, pull_request]
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        ruby: ["2.6", "2.7", "3.0", "3.1"]
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+      - run: bundle exec rake
+      - name: Coveralls
+        uses: coverallsapp/github-action@master
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          path-to-lcov: coverage/lcov.info

data/.ruby-version CHANGED Viewed

	@@ -1 +1 @@
1	- 2.3.3
1	+ 3.1.0

data/CHANGELOG.md CHANGED Viewed

@@ -3,6 +3,21 @@ All notable changes to this project will be documented in this file.
 This project adheres to [Semantic Versioning](http://semver.org/).
 This changelog adheres to [Keep a CHANGELOG](http://keepachangelog.com/).
+## 0.7.0
+- [PLAT-183] Ruby 3.1 and publish coverage with github action
+## 0.6.0
+- [TT-8626] Update to build with github actions / ruby 3.0 / rails 6.1
+## [0.5.0]
+- [TT-5815] Relax version dependencies and tested on latest ruby versions
+## [0.4.1] - 2018-03-08
+### Changed
+- [TT-3686] Don't mutate env vars unless the key already exists
 ## [0.4.0] - 2018-01-18
 ### Changed
 - [TT-3520] No longer clone the "env" middleware variable

data/README.md CHANGED Viewed

@@ -1,10 +1,8 @@
 # SensitiveDataFilter
 [![Gem Version](https://badge.fury.io/rb/sensitive_data_filter.svg)](http://badge.fury.io/rb/sensitive_data_filter)
-[![Build Status](https://travis-ci.org/sealink/sensitive_data_filter.svg?branch=master)](https://travis-ci.org/sealink/sensitive_data_filter)
+[![Build Status](https://github.com/sealink/sensitive_data_filter/workflows/Build%20and%20Test/badge.svg?branch=master)](https://github.com/sealink/sensitive_data_filter/actions)
 [![Coverage Status](https://coveralls.io/repos/sealink/sensitive_data_filter/badge.svg)](https://coveralls.io/r/sealink/sensitive_data_filter)
-[![Dependency Status](https://gemnasium.com/sealink/sensitive_data_filter.svg)](https://gemnasium.com/sealink/sensitive_data_filter)
-[![Code Climate](https://codeclimate.com/github/sealink/sensitive_data_filter/badges/gpa.svg)](https://codeclimate.com/github/sealink/sensitive_data_filter)
 A Rack Middleware filter for sensitive data
@@ -37,7 +35,7 @@ E.g. for Rails, add the following in application.rb
 config.middleware.insert_before 'ActionDispatch::ParamsParser', SensitiveDataFilter::Middleware::Filter
 ```
-To ensure that no sensitive data is accessed at any level of the stack, insert the middleware at the top of the stack.
+To ensure that no sensitive data is accessed at any level of the stack, insert the middleware at the top of the stack.
 E.g.
@@ -49,7 +47,7 @@ config.middleware.insert_before 0, SensitiveDataFilter::Middleware::Filter
 #### Important note for Rails
 Rails logs the URI of the request in ``Rails::Rack::Logger``. At this point of the stack, Rails generally has not yet set the session in the env.
-If you insert the sensitive data filtering middleware before this middleware you will prevent sensitive data from appearing in the logs,
+If you insert the sensitive data filtering middleware before this middleware you will prevent sensitive data from appearing in the logs,
 but you will not have access to the session via the occurrence or the env in the occurrence handling block.
 ### Configuration
@@ -57,7 +55,7 @@ but you will not have access to the session via the occurrence or the env in the
 ```ruby
 SensitiveDataFilter.config do |config|
   config.enable_types :credit_card # Already defaults to :credit_card if not specified
-  config.on_occurrence do |occurrence|
+  config.on_occurrence do |occurrence|
     # Report occurrence
   end
   config.whitelist pattern1, pattern2 # Allows specifying patterns to whitelist matches
@@ -83,7 +81,7 @@ An occurrence object has the following properties:
 * changeset:             the modified rack env variables
 It also exposes `to_h` and `to_s` methods for hash and string representation respectively.
-Please note that these representations omit sensitive data,
+Please note that these representations omit sensitive data,
 i.e. `original_query_params`, `original_body_params` and `matches` are not included.
 #### Important Notes
@@ -106,10 +104,10 @@ filtered_body_params = if @occurrence.filtered_body_params.is_a? Hash
 #### Whitelisting
-A list of whitelisting patterns can be passed to `config.whitelist`.
+A list of whitelisting patterns can be passed to `config.whitelist`.
 Any sensitive data match which also matches any of these patterns will be ignored.
-A list of whitelisting patterns can be passed to `config.whitelist_key`.
+A list of whitelisting patterns can be passed to `config.whitelist_key`.
 When scanning and matching hashes, any value whose key matches any of these patterns will be ignored.
 #### Parameter Parsing
@@ -119,9 +117,9 @@ The arguments for `config.register_parser` are:
 * a pattern to match the content type
 * a parser for the parameters
 * an unparser to convert parameters back to the encoded format
 The parser and unparser must be objects that respond to `call` and accept the parameters as an argument (e.g. procs or lambdas).
-The parser should handle parsing exceptions gracefully by returning the arguments.
+The parser should handle parsing exceptions gracefully by returning the arguments.
 This ensures that sensitive data scanning and masking is applied on the raw parameters.
 ## Development
@@ -130,6 +128,18 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags, and push the `.gem` file to [rubygems.org](https://rubygems.org).
+## Release
+To publish a new version of this gem the following steps must be taken.
+* Update the version in the following files
+  ```
+    CHANGELOG.md
+    lib/sensitive_data_filter/version.rb
+  ````
+* Create a tag using the format v0.1.0
+* Follow build progress in GitHub actions
 ## Contributing
 Bug reports and pull requests are welcome on GitHub at https://github.com/sealink/sensitive_data_filter. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the [Contributor Covenant](http://contributor-covenant.org) code of conduct.
@@ -138,4 +148,3 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/sealin
 ## License
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).

data/lib/sensitive_data_filter/middleware/env_parser.rb CHANGED Viewed

@@ -34,15 +34,15 @@ module SensitiveDataFilter
       end
       def query_params=(new_params)
-        @env[QUERY_STRING] = Rack::Utils.build_query(new_params)
+        set_key_if_exists(QUERY_STRING, Rack::Utils.build_query(new_params))
       end
       def body_params=(new_params)
-        @env[RACK_INPUT] = StringIO.new @parameter_parser.unparse(new_params)
+        set_key_if_exists(RACK_INPUT, StringIO.new(@parameter_parser.unparse(new_params)))
       end
       def request_params=(new_params)
-        @env[REQUEST_PARAMS] = new_params
+        set_key_if_exists(REQUEST_PARAMS, new_params)
       end
       def mutate(mutation)
@@ -55,6 +55,10 @@ module SensitiveDataFilter
       private
+      def set_key_if_exists(key, value)
+        @env[key] = value if @env.key?(key)
+      end
       def file_upload?
         @request.media_type == 'multipart/form-data'
       end

data/lib/sensitive_data_filter/version.rb CHANGED Viewed

@@ -1,4 +1,4 @@
 # frozen_string_literal: true
 module SensitiveDataFilter
-  VERSION = '0.4.0'
+  VERSION = '0.7.0'
 end

data/sensitive_data_filter.gemspec CHANGED Viewed

@@ -21,18 +21,16 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.1'
+  spec.required_ruby_version = '>= 2.6'
-  spec.add_dependency 'rack', '>= 1.4'
-  spec.add_dependency 'facets', '~> 3.1'
-  spec.add_dependency 'credit_card_validations', '~> 3.4'
+  spec.add_dependency 'rack'
+  spec.add_dependency 'facets'
+  spec.add_dependency 'credit_card_validations'
-  spec.add_development_dependency 'bundler', '~> 1.13'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rspec', '~> 3.5'
-  spec.add_development_dependency 'coverage-kit', '~> 0.1'
-  spec.add_development_dependency 'simplecov-rcov', '~> 0.2'
-  spec.add_development_dependency 'coveralls', '~> 0.8'
-  spec.add_development_dependency 'rubocop', '~> 0.52'
-  spec.add_development_dependency 'travis', '~> 1.8'
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'coverage-kit'
+  spec.add_development_dependency 'rubocop'
+  spec.add_development_dependency 'pry'
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: sensitive_data_filter
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.7.0
 platform: ruby
 authors:
 - Alessandro Berardi
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2018-01-19 00:00:00.000000000 Z
+date: 2022-01-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rack
@@ -17,154 +17,126 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '1.4'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: facets
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.1'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: credit_card_validations
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.4'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.13'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '10.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '3.5'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: coverage-kit
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.1'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.1'
-- !ruby/object:Gem::Dependency
-  name: simplecov-rcov
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '0.2'
-- !ruby/object:Gem::Dependency
-  name: coveralls
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.8'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.52'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.52'
+        version: '0'
 - !ruby/object:Gem::Dependency
-  name: travis
+  name: pry
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.8'
+        version: '0'
 description: A Rack Middleware level filter for sensitive data
 email:
 - berardialessandro@gmail.com
@@ -173,11 +145,13 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/dependabot.yml"
+- ".github/workflows/release.yml"
+- ".github/workflows/ruby.yml"
 - ".gitignore"
 - ".rspec"
 - ".rubocop.yml"
 - ".ruby-version"
-- ".travis.yml"
 - CHANGELOG.md
 - CODE_OF_CONDUCT.md
 - Gemfile
@@ -186,8 +160,6 @@ files:
 - Rakefile
 - bin/console
 - bin/setup
-- gemfiles/Gemfile.ruby-2.1.rb
-- gemfiles/Gemfile.ruby-2.2.rb
 - lib/sensitive_data_filter.rb
 - lib/sensitive_data_filter/config.rb
 - lib/sensitive_data_filter/mask.rb
@@ -214,15 +186,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.1'
+      version: '2.6'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project:
-rubygems_version: 2.5.2
+rubygems_version: 3.3.3
 signing_key:
 specification_version: 4
 summary: Rack Middleware filter for sensitive data

data/.travis.yml DELETED Viewed

@@ -1,14 +0,0 @@
-sudo: false
-language: ruby
-rvm:
-  - 2.3.0 # The version of RVM installed on Travis doesn't yet recognise 2.3 as an alias of 2.3.0
-matrix:
-  include:
-    - rvm: 2.1
-      gemfile: gemfiles/Gemfile.ruby-2.1.rb
-    - rvm: 2.2
-      gemfile: gemfiles/Gemfile.ruby-2.2.rb
-before_install: gem install bundler -v 1.13.6
-notifications:
-  email:
-    - support@travellink.com.au

data/gemfiles/Gemfile.ruby-2.1.rb DELETED Viewed

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-source 'https://rubygems.org'
-# ruby-2.1 compatible gems
-gem 'rack', '~> 1.4'
-gem 'activemodel', '>= 3', '< 5'
-gem 'activesupport', '>= 3', '< 5'
-# Specify your gem's dependencies in sensitive_data_filter.gemspec
-gemspec path: '../'

data/gemfiles/Gemfile.ruby-2.2.rb DELETED Viewed

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-source 'https://rubygems.org'
-# ruby-2.2 compatible gems
-gem 'rack', '~> 1.4'
-gem 'activemodel', '>= 3', '< 5'
-gem 'activesupport', '>= 3', '< 5'
-# Specify your gem's dependencies in sensitive_data_filter.gemspec
-gemspec path: '../'