sidekiq-encrypted_args 1.1.1 → 2.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0fdd24a7aeee28447ee34b8bddaa462a967a4d01ded3b9e0fc1c3561310c9a0a
-  data.tar.gz: 42e1f30f93d6c1c9c71e25b9ef46ea1334d89a09746f4cb75f6facf38c0943be
+  metadata.gz: aed8d03eeb0b589556b436823f85c13331ab6c1703d732d425321b4cc1b2bc71
+  data.tar.gz: 2f2a42257c669731f97ee25cfc52da48a4cbdbe18b59e0fd84bcebbe50820e89
 SHA512:
-  metadata.gz: c6c1409dac2ed256f73c5f18d303adaba6e28fec7114b97ea943d16e1aaa34cb3107233c0cce4ab372b085430c7c4b4b2efbc555b123f13aef72bd2691d44170
-  data.tar.gz: 765dea1c7d85313a4ef7451f1ce5293ee7a8cfab53304037ff1f4f4d056831fb7250e3478e87bce8e92023c03cca4788f1276e923830d6343e7edc9e1574ab52
+  metadata.gz: cbdd4e2d8144eddf2e3699ac30ab52114de6ab8e09b97e75909e2e67defc81f5c4cd71e43efb22c404ac4890213abd6c300ee45117ae7e1428cf5b2b1794595c
+  data.tar.gz: 6644bca285087c5de5b2c68aba368f4192b2061f3f5f6095125d8ca7e16888b40214e2ce7b9a3c2a2ec39b808be6ccadefc7a1c7777c0bd3edecf1ef935f7a18

data/CHANGE_LOG.md

@@ -4,40 +4,62 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 2.0.0
+
+### Changed
+
+- A secret key is now required to be set. Previously the code would silently fail if no key was set. This change improves security by protecting against misconfiguration leaking data into Redis.
+- Bumped minimum required Ruby version to 2.7 and Sidekiq to 6.3.
+
+## 1.2.0
+
+### Removed
+
+- Removed deprecated method of setting encrypted args with a hash with numeric keys. This method stopped working with Sidekiq 7.1.
+- Removed deprecated method of setting encrypted args with an array of booleans.
+- Removed deprecated method of setting encrypted args with a mix of symbols and integers.
+
 ## 1.1.1
 
 ### Fixed
+
 - Client middleware will no longer encrypt already encrypted arguments when a job is retried.
 
 ## 1.1.0
 
 ### Added
+
 - Use `to_json` if it is defined when serializing encrypted args to JSON.
 - Add client middleware to the server default configuration. This ensures that arguments will be encrypted if a worker enqueues a job with encrypted arguments.
 - Client middleware now reads sidekiq options from the job hash instead of from the worker class so that the list of encrypted arguments is always in sync on the job payload.
 - Added additional option to specify encrypted args with array of argument indexes.
 
 ### Changed
+
 - Client middleware is now prepended while server middleware is appended.
 
 ### Fixed
+
 - Don't raise error if undefined class name is passed to client middleware as a string.
 
 ### Deprecated
+
 - Deprecated setting encrypted args as hash or array of booleans.
 
 ## 1.0.2
 
 ### Changed
+
 - Remove overly noisy log warning when running without the secret set
 
 ## 1.0.1
 
-### Added
-
 ### Fixed
+
 - Added support for scheduled jobs
 
 ## 1.0.0
 
+### Added
+
 - Initial release

data/README.md

@@ -1,7 +1,8 @@
 # Sidekiq Encrypted Args
 
-[![Continuous Integration](https://github.com/bdurand/sidekiq-encrypted_args/workflows/Continuous%20Integration/badge.svg?branch=master)](https://github.com/bdurand/sidekiq-encrypted_args/actions?query=workflow%3A%22Continuous+Integration%22)
+[![Continuous Integration](https://github.com/bdurand/sidekiq-encrypted_args/actions/workflows/continuous_integration.yml/badge.svg)](https://github.com/bdurand/sidekiq-encrypted_args/actions/workflows/continuous_integration.yml)
 [![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/testdouble/standard)
+[![Gem Version](https://badge.fury.io/rb/sidekiq-encrypted_args.svg)](https://badge.fury.io/rb/sidekiq-encrypted_args)
 
 Support for encrypting arguments for [Sidekiq](https://github.com/mperham/sidekiq).
 
@@ -21,7 +22,7 @@ To use the gem, you will need to specify a secret that will be used to encrypt t
 Sidekiq::EncryptedArgs.configure!(secret: "YourSecretKey")
 ```
 
-If the secret is not set, the value of the `SIDEKIQ_ENCRYPTED_ARGS_SECRET` environment variable will be used as the secret. If this variable is not set, job arguments will not be encrypted.
+If the secret is not set explicitly, the value of the `SIDEKIQ_ENCRYPTED_ARGS_SECRET` environment variable will be used as the secret. If you call `configure!` without setting a secret (either explicitly or via the environment variable), an error will be raised.
 
 The call to `Sidekiq::EncryptedArgs.configure!` will **prepend** the client encryption middleware and **append** server decryption middleware. By doing this, any other middleware you register will only receive the encrypted parameters (e.g. logging middleware will receive the encrypted parameters).
 
@@ -41,7 +42,8 @@ Sidekiq.configure_server do |config|
     chain.add Sidekiq::EncryptedArgs::ServerMiddleware
   end
 
-  # register client middleware on the server so that starting jobs in a Sidekiq::Worker also get encrypted args
+  # Register client middleware on the server so that starting jobs from within
+  # another also get encrypted args.
   # https://github.com/mperham/sidekiq/wiki/Middleware#client-middleware-registered-in-both-places
   config.client_middleware do |chain|
     chain.prepend Sidekiq::EncryptedArgs::ClientMiddleware
@@ -57,7 +59,7 @@ Setting the option to `true` will encrypt all the arguments passed to the `perfo
 
 ```ruby
 class SecretWorker
-  include Sidekiq::Worker
+  include Sidekiq::Job
 
   sidekiq_options encrypted_args: true
 
@@ -66,20 +68,24 @@ class SecretWorker
 end
 ```
 
-You can also choose to only encrypt specific arguments with an array of either argument names (symbols or strings) or indexes. This is useful to preserve visibility into non-sensitive arguments for troubleshooting or other reasons. Both of these examples encrypt just the second argument to the `perform` method.
+You can also choose to only encrypt specific arguments by specifying either argument names (as symbols or strings) or argument positions (as integers). This is useful to preserve visibility into non-sensitive arguments for troubleshooting or other reasons. All of these examples encrypt just the second argument to the `perform` method.
 
 ```ruby
-# Pass in a list of argument names that should be encrypted
+# Pass in a single argument name
+sidekiq_options encrypted_args: :arg_2
+# or as a string
+sidekiq_options encrypted_args: "arg_2"
+# or as an array
 sidekiq_options encrypted_args: [:arg_2]
-# or
-sidekiq_options encrypted_args: ["arg_2"]
 
 def perform(arg_1, arg_2, arg_3)
 end
 ```
 
 ```ruby
-# Pass in an array of integers indicating which argument positions should be encrypted
+# Pass in an integer indicating which argument position should be encrypted (0-indexed)
+sidekiq_options encrypted_args: 1
+# or as an array
 sidekiq_options encrypted_args: [1]
 
 def perform(arg_1, arg_2, arg_3)
@@ -98,7 +104,7 @@ Sidekiq::EncryptedArgs.secret = ["CurrentSecret", "OldSecret", "EvenOlderSecret"
 
 The first (left most) key will be considered the current key, and is used for encrypting arguments. When decrypting, we iterate over the secrets list until we find the correct one. This allows you to switch you secret keys without breaking jobs already enqueued in Redis.
 
-If you are using the `SIDEKIQ_ENCRYPTED_ARGS_SECRET` environment variable to specify your secret, you can delimit multiple keys with a spaces.
+If you are using the `SIDEKIQ_ENCRYPTED_ARGS_SECRET` environment variable to specify your secret, you can separate multiple keys with whitespace (spaces or tabs).
 
 You can also safely add encryption to an existing worker. Any jobs that are already enqueued will still run even without having the arguments encrypted in Redis.
 

data/VERSION

@@ -1 +1 @@
-1.1.1
+2.0.0

data/lib/sidekiq/encrypted_args/client_middleware.rb

@@ -4,8 +4,22 @@ module Sidekiq
   module EncryptedArgs
     # Sidekiq client middleware for encrypting arguments on jobs for workers
     # with `encrypted_args` set in the `sidekiq_options`.
+    #
+    # This middleware is responsible for encrypting job arguments before they
+    # are sent to Redis. It runs on the client side when jobs are enqueued.
+    #
+    # @see ServerMiddleware
     class ClientMiddleware
-      # Encrypt specified arguments before they're sent off to the queue
+      include Sidekiq::ClientMiddleware if defined?(Sidekiq::ClientMiddleware)
+
+      # Encrypt specified arguments before they're sent off to the queue.
+      #
+      # @param [String, Class] worker_class The worker class or class name
+      # @param [Hash] job The Sidekiq job hash containing arguments and metadata
+      # @param [String] queue The name of the queue
+      # @param [Object, nil] redis_pool Optional Redis connection pool (legacy parameter)
+      # @return [void]
+      # @yield Passes control to the next middleware in the chain
       def call(worker_class, job, queue, redis_pool = nil)
         if job.include?("encrypted_args")
           encrypted_args = EncryptedArgs.encrypted_args_option(worker_class, job)
@@ -21,7 +35,7 @@ module Sidekiq
       #
       # Additionally, set `job["encrypted_args"]` to the canonicalized version (i.e. `Array<Integer>`)
       #
-      # @param [Hash]
+      # @param [Hash] job The Sidekiq job hash containing arguments and metadata
       # @param [Array<Integer>] encrypted_args array of indexes in job to encrypt
       # @return [void]
       def encrypt_job_arguments!(job, encrypted_args)

data/lib/sidekiq/encrypted_args/server_middleware.rb

@@ -3,12 +3,27 @@
 module Sidekiq
   module EncryptedArgs
     # Sidekiq server middleware for decrypting arguments on jobs that have encrypted args.
+    #
+    # This middleware is responsible for decrypting job arguments before they
+    # are passed to the worker's perform method. It runs on the server side
+    # when jobs are processed.
+    #
+    # @see ClientMiddleware
     class ServerMiddleware
-      # Wrap the server process to decrypt incoming arguments
+      include Sidekiq::ServerMiddleware if defined?(Sidekiq::ServerMiddleware)
+
+      # Wrap the server process to decrypt incoming arguments.
+      #
+      # @param [Object] worker The worker instance that will process the job
+      # @param [Hash] job The Sidekiq job hash containing arguments and metadata
+      # @param [String] queue The name of the queue
+      # @return [void]
+      # @yield Passes control to the worker's perform method
       def call(worker, job, queue)
         encrypted_args = job["encrypted_args"]
+
         if encrypted_args
-          encrypted_args = backward_compatible_encrypted_args(encrypted_args, worker.class, job)
+          encrypted_args = EncryptedArgs.encrypted_args_option(worker.class, job)
           job_args = job["args"]
           encrypted_args.each do |position|
             value = job_args[position]
@@ -18,17 +33,6 @@ module Sidekiq
 
         yield
       end
-
-      private
-
-      # Ensure that the encrypted args is an array of integers. If not re-read it from the class
-      # definition since gem version 1.0.2 and earlier did not update the encrypted_args on the job.
-      def backward_compatible_encrypted_args(encrypted_args, worker_class, job)
-        unless encrypted_args.is_a?(Array) && encrypted_args.all? { |position| position.is_a?(Integer) }
-          encrypted_args = EncryptedArgs.encrypted_args_option(worker_class, job)
-        end
-        encrypted_args
-      end
     end
   end
 end

data/lib/sidekiq/encrypted_args/version.rb

@@ -2,6 +2,7 @@
 
 module Sidekiq
   module EncryptedArgs
+    # The current version of the sidekiq-encrypted_args gem.
     VERSION = File.read(File.join(__dir__, "..", "..", "..", "VERSION")).chomp.freeze
   end
 end

data/lib/sidekiq/encrypted_args.rb

@@ -5,12 +5,16 @@ require "secret_keys"
 require "sidekiq"
 
 module Sidekiq
+  # Provides middleware for encrypting sensitive arguments in Sidekiq jobs.
+  #
+  # This module allows you to specify which job arguments should be encrypted
+  # in Redis to protect sensitive information like API keys, passwords, or
+  # personally identifiable information.
   module EncryptedArgs
+    @encryptors = nil
+
     # Error thrown when the secret is invalid
     class InvalidSecretError < StandardError
-      def initialize
-        super("Cannot decrypt. Invalid secret provided.")
-      end
     end
 
     class << self
@@ -25,10 +29,16 @@ module Sidekiq
       # when decrypting the arguments when the job gets run. If you are using the
       # environment variable, separate the keys with spaces.
       #
-      # @param [String] value One or more secrets to use for encrypting arguments.
+      # @example Setting a single secret
+      #   Sidekiq::EncryptedArgs.secret = "your_secret_key"
+      #
+      # @example Rolling secrets (multiple keys for backward compatibility)
+      #   Sidekiq::EncryptedArgs.secret = ["new_secret", "old_secret", "older_secret"]
+      #
+      # @param [String, Array<String>] value One or more secrets to use for encrypting arguments.
       # @return [void]
       def secret=(value)
-        @encryptors = make_encryptors(value)
+        @encryptors = make_encryptors(value).freeze
       end
 
       # Add the client and server middleware to the default Sidekiq
@@ -37,9 +47,17 @@ module Sidekiq
       #
       # This method prepends client middleware and appends server middleware.
       #
+      # @example Basic configuration
+      #   Sidekiq::EncryptedArgs.configure!(secret: "your_secret_key")
+      #
+      # @example Configuration using environment variable
+      #   ENV['SIDEKIQ_ENCRYPTED_ARGS_SECRET'] = "your_secret_key"
+      #   Sidekiq::EncryptedArgs.configure!
+      #
       # @param [String] secret optionally set the secret here. See {.secret=}
       def configure!(secret: nil)
         self.secret = secret unless secret.nil?
+        encryptors # Calling encryptors will validate that a secret is set.
 
         Sidekiq.configure_client do |config|
           config.client_middleware do |chain|
@@ -59,6 +77,12 @@ module Sidekiq
 
       # Encrypt a value.
       #
+      # @example Encrypting a simple value
+      #   EncryptedArgs.encrypt("secret_value") #=> "encrypted_string"
+      #
+      # @example Encrypting complex data
+      #   EncryptedArgs.encrypt({api_key: "secret", user_id: 123}) #=> "encrypted_string"
+      #
       # @param [#to_json, Object] data Data to encrypt. You can pass any JSON compatible data types or structures.
       #
       # @return [String]
@@ -76,6 +100,12 @@ module Sidekiq
 
       # Decrypt data
       #
+      # @example Decrypting an encrypted value
+      #   EncryptedArgs.decrypt("encrypted_string") #=> "original_value"
+      #
+      # @example Handling unencrypted data
+      #   EncryptedArgs.decrypt("unencrypted_string") #=> "unencrypted_string"
+      #
       # @param [String] encrypted_data Data that was previously encrypted. If the value passed in is
       # an unencrypted string, then the string itself will be returned.
       #
@@ -97,7 +127,10 @@ module Sidekiq
       # can be `true` or an array indicating if each positional argument should be encrypted, or a hash
       # with keys for the argument position and true as the value.
       #
-      # @private
+      # @param [String, Class] worker_class The worker class or class name
+      # @param [Hash] job The Sidekiq job hash containing arguments and metadata
+      # @return [Array<Integer>, nil] Array of argument positions to encrypt, or nil if encryption is not configured
+      # @api private
       def encrypted_args_option(worker_class, job)
         option = job["encrypted_args"]
         return nil if option.nil?
@@ -107,11 +140,9 @@ module Sidekiq
         if option == true
           job["args"].size.times { |i| indexes << i }
         elsif option.is_a?(Hash)
-          deprecation_warning("hash")
-          indexes = replace_argument_positions(worker_class, option)
+          raise ArgumentError.new("Hash-based argument encryption is no longer supported.")
         else
           array_type = nil
-          deprecation_message = nil
           Array(option).each_with_index do |val, position|
             current_type = nil
             if val.is_a?(Integer)
@@ -123,16 +154,15 @@ module Sidekiq
               indexes << position if position
               current_type = :symbol
             else
-              deprecation_message = "boolean array"
-              indexes << position if val
+              raise ArgumentError.new("Encrypted args must be specified as integers or symbols.")
             end
-            if array_type && current_type
-              deprecation_message = "array of mixed types"
+
+            if array_type && current_type != array_type
+              raise ArgumentError.new("Encrypted args cannot mix integers and symbols.")
             else
               array_type ||= current_type
             end
           end
-          deprecation_warning(deprecation_message) if deprecation_message
         end
         indexes
       end
@@ -146,38 +176,47 @@ module Sidekiq
       def encrypt_string(value)
         encryptor = encryptors.first
         return value if encryptor.nil?
+
         encryptor.encrypt(value)
       end
 
       def decrypt_string(value)
-        return value if encryptors == [nil]
         encryptors.each do |encryptor|
-          begin
-            return encryptor.decrypt(value) if encryptor
-          rescue OpenSSL::Cipher::CipherError
-            # Not the right key, try the next one
-          end
+          return encryptor.decrypt(value)
+        rescue OpenSSL::Cipher::CipherError
+          # Not the right key, try the next one
         end
-        raise InvalidSecretError
+
+        # None of the keys worked
+        raise InvalidSecretError.new("Cannot decrypt. Invalid secret provided.")
       end
 
       def encryptors
-        if !defined?(@encryptors) || @encryptors.empty?
-          @encryptors = make_encryptors(ENV["SIDEKIQ_ENCRYPTED_ARGS_SECRET"].to_s.split)
+        if @encryptors.nil?
+          secret = ENV.fetch("SIDEKIQ_ENCRYPTED_ARGS_SECRET", "").strip
+          if secret.empty?
+            raise InvalidSecretError.new("Secret not set. Call Sidekiq::EncryptedArgs.secret= or set the SIDEKIQ_ENCRYPTED_ARGS_SECRET environment variable.")
+          end
+
+          @encryptors = make_encryptors(secret.split).freeze
         end
         @encryptors
       end
 
+      # Create encryptors from secrets.
+      #
+      # @param [String, Array<String>] secrets One or more secrets to create encryptors from
+      # @return [Array<SecretKeys::Encryptor>, nil] Array of encryptors or nil if no secrets provided
       def make_encryptors(secrets)
-        Array(secrets).map { |val| val.nil? ? nil : SecretKeys::Encryptor.from_password(val, SALT) }
-      end
+        return nil if secrets.nil?
 
-      def deprecation_warning(message)
-        warn("Sidekiq::EncryptedArgs: setting encrypted_args to #{message} is deprecated; support will be removed in version 1.2.")
+        Array(secrets).map { |val| SecretKeys::Encryptor.from_password(val, SALT) }
       end
 
-      # @param [String] class_name name of a class
-      # @return [Class] class that was referenced by name
+      # Convert a string class name into the actual class constant.
+      #
+      # @param [String] class_name Name of a class (e.g., "MyModule::MyClass")
+      # @return [Class] The class constant that was referenced by name
       def constantize(class_name)
         names = class_name.split("::")
         # Clear leading :: for root namespace since we're already calling from object
@@ -187,20 +226,11 @@ module Sidekiq
         names.inject(Object) { |constant, name| constant.const_get(name, false) }
       end
 
-      def replace_argument_positions(worker_class, encrypt_option_hash)
-        encrypted_indexes = []
-        encrypt_option_hash.each do |key, value|
-          next unless value
-          if key.is_a?(Symbol) || key.is_a?(String)
-            position = perform_method_parameter_index(worker_class, key)
-            encrypted_indexes << position if position
-          elsif key.is_a?(Integer)
-            encrypted_indexes << key
-          end
-        end
-        encrypted_indexes
-      end
-
+      # Get the index of a parameter in the worker's perform method.
+      #
+      # @param [Class] worker_class The worker class to inspect
+      # @param [String, Symbol] parameter The parameter name to find
+      # @return [Integer, nil] The zero-based index of the parameter, or nil if not found
       def perform_method_parameter_index(worker_class, parameter)
         if worker_class
           parameter = parameter.to_sym

data/sidekiq-encrypted_args.gemspec

@@ -8,6 +8,12 @@ Gem::Specification.new do |spec|
   spec.homepage = "https://github.com/bdurand/sidekiq-encrypted_args"
   spec.license = "MIT"
 
+  spec.metadata = {
+    "homepage_uri" => spec.homepage,
+    "source_code_uri" => spec.homepage,
+    "changelog_uri" => "#{spec.homepage}/blob/main/CHANGE_LOG.md"
+  }
+
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   ignore_files = %w[
@@ -15,6 +21,7 @@ Gem::Specification.new do |spec|
     Appraisals
     Gemfile
     Gemfile.lock
+    benchmark.rb
     Rakefile
     gemfiles/
     spec/
@@ -27,10 +34,10 @@ Gem::Specification.new do |spec|
   spec.bindir = "bin"
   spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
 
-  spec.required_ruby_version = ">= 2.4"
+  spec.required_ruby_version = ">= 2.7"
 
-  spec.add_dependency "sidekiq", ">= 4.0"
+  spec.add_dependency "sidekiq", ">= 6.3"
   spec.add_dependency "secret_keys"
 
-  spec.add_development_dependency "bundler", "~>2.0"
+  spec.add_development_dependency "bundler"
 end

metadata

@@ -1,15 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sidekiq-encrypted_args
 version: !ruby/object:Gem::Version
-  version: 1.1.1
+  version: 2.0.0
 platform: ruby
 authors:
 - Brian Durand
 - Winston Durand
-autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-04-03 00:00:00.000000000 Z
+date: 1980-01-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: sidekiq
@@ -17,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '6.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '4.0'
+        version: '6.3'
 - !ruby/object:Gem::Dependency
   name: secret_keys
   requirement: !ruby/object:Gem::Requirement
@@ -43,17 +42,16 @@ dependencies:
   name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
-description:
+        version: '0'
 email:
 - bbdurand@gmail.com
 - me@winstondurand.com
@@ -65,7 +63,6 @@ files:
 - MIT_LICENSE.txt
 - README.md
 - VERSION
-- benchmark.rb
 - lib/sidekiq-encrypted_args.rb
 - lib/sidekiq/encrypted_args.rb
 - lib/sidekiq/encrypted_args/client_middleware.rb
@@ -75,8 +72,10 @@ files:
 homepage: https://github.com/bdurand/sidekiq-encrypted_args
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  homepage_uri: https://github.com/bdurand/sidekiq-encrypted_args
+  source_code_uri: https://github.com/bdurand/sidekiq-encrypted_args
+  changelog_uri: https://github.com/bdurand/sidekiq-encrypted_args/blob/main/CHANGE_LOG.md
 rdoc_options: []
 require_paths:
 - lib
@@ -84,15 +83,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.4'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.2.22
-signing_key:
+rubygems_version: 4.0.3
 specification_version: 4
 summary: Support for encrypting arguments that contain sensitive information in sidekiq
   jobs.

data/benchmark.rb

@@ -1,38 +0,0 @@
-# frozen_string_literal: true
-
-require "bundler/setup"
-
-require "benchmark"
-require "sidekiq"
-require_relative "lib/sidekiq/encrypted_args"
-
-class WorkerWithoutEncryption
-  include Sidekiq::Worker
-
-  def perform(arg_1, arg_2, arg_3)
-  end
-end
-
-class WorkerWithEncryption
-  include Sidekiq::Worker
-
-  sidekiq_options encrypted_args: [true, true, true]
-
-  def perform(arg_1, arg_2, arg_3)
-  end
-end
-
-middleware = ->(worker_class) {
-  job = {"args" => ["foo", "bar", "baz"]}
-  Sidekiq::EncryptedArgs::ClientMiddleware.new.call(worker_class, job, "default") do
-    worker = worker_class.new
-    Sidekiq::EncryptedArgs::ServerMiddleware.new.call(worker, job, "default") do
-      worker.perform(*job["args"])
-    end
-  end
-}
-
-Benchmark.bm do |benchmark|
-  benchmark.report("No Encryption:  ") { 10000.times { middleware.call(WorkerWithoutEncryption) } }
-  benchmark.report("With Encryption:") { 10000.times { middleware.call(WorkerWithEncryption) } }
-end