sift 4.5.0 → 4.6.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 71be696ff04ffb1503d22a724241e5087809d2ffa2ab29f08666939ecd6bb98b
-  data.tar.gz: e2e841d8259fbea8c247b1b2bd3cdf208bd53ded613a765a75f595714a2e1e8d
+  metadata.gz: f52238626726ed4acc2b903b57bc393b46b2e8df162a021abd0b94d084631acc
+  data.tar.gz: 4576e4a7bb68d34b9687a8cea83d7e767cb9d10aacbf354d6dcf6167cd0de89b
 SHA512:
-  metadata.gz: 9b578f6bccf6323d4ef53947cea5a517678920d882439da1d1df262cf5eb39e45064aab3a1dee702da01f41f29a522df0c5e7b850c68e1ac302fa0f7d9830e29
-  data.tar.gz: 3c4565ffc5f98626ac67a07b378adfd80aaef787e47ffc50d84780da4b62788bdfb43e1b2e4ed90ca59cb4ee0fe23ec727dad8d1c0dd9413c137d7ec1de95510
+  metadata.gz: 3b7c07547207731c7592c0a08f229adde8400511855ad54ed7ae86de0b891acbb7b4fa91b7666df2e4927a7f9483898554daa8658f28ed9d5e0a49875139a011
+  data.tar.gz: 3d3fd96f0ed512504cdd4f52f353ef9264ee74395b1c1af58c6d583c17114e3cdd971ec577397d28339ceea68e0d69c495e817bdb42dc16aac61a7b6e348f7a5

data/.github/workflows/ci.yml

@@ -0,0 +1,49 @@
+name: Ruby-ci
+
+on:
+  push:
+    branches:
+      - master
+  pull_request:
+    branches:
+      - master
+
+env:
+  ACCOUNT_ID: ${{ secrets.ACCOUNT_ID }}
+  API_KEY: ${{ secrets.API_KEY }}
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        ruby-version: ['2.7', '3.1', '3.2', '3.3']
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+      - name: Run tests
+        run: bundle exec rspec --format RspecJunitFormatter --out test_results/rspec.xml --format progress
+
+  run_integration_tests:
+    runs-on: ubuntu-latest
+    if: ${{ github.ref == 'refs/heads/master' }}
+    strategy:
+      matrix:
+        ruby-version: ['2.7', '3.1', '3.2', '3.3']
+    steps:
+      - uses: actions/checkout@v4
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby-version }}
+          bundler-cache: true # runs 'bundle install' and caches installed gems automatically
+      - name: Run tests
+        run: |
+          bundle exec ruby test_integration_app/main.rb 

data/HISTORY

@@ -1,3 +1,12 @@
+=== 4.6.0 2026-02-10
+- Bump the minimum version of httparty to 0.23.3 to ensure protection against CVE-2025-68696
+- Refactor Client to use dedicated internal HTTP clients for different API endpoints
+- Fix Verification API methods to use correct version parameter
+- Increase minimum required version for Ruby to 2.7.0
+
+=== 4.5.1 2025-04-07
+- Fix Verification URLs
+
 === 4.5.0 2024-05-16
 - Support for warnings in Events API
 

data/README.md

@@ -4,7 +4,7 @@ The official Ruby bindings for the latest version (v205) of the [Sift API](https
 
 ## Requirements
 
-  * Ruby 2.0.0 or above.
+  * Ruby 2.7.0 or above.
 
 
 ## Installation

data/lib/sift/client/decision/apply_to.rb

@@ -21,7 +21,7 @@ module Sift
           time
         }
 
-        attr_reader :decision_id, :configs, :getter, :api_key
+        attr_reader :decision_id, :configs, :getter, :api_key, :client_class
 
         PROPERTIES.each do |attribute|
           class_eval %{
@@ -31,11 +31,12 @@ module Sift
           }
         end
 
-        def initialize(api_key, decision_id, configs)
+        def initialize(api_key, decision_id, configs, client_class = Sift::Client)
           @api_key = api_key
           @decision_id = decision_id
           @configs = configs
           @getter = Utils::HashGetter.new(configs)
+          @client_class = client_class
         end
 
         def run
@@ -58,7 +59,8 @@ module Sift
         def send_request
           Router.post(path, {
             body: request_body,
-            headers: headers
+            headers: headers,
+            client_class: client_class
           })
         end
 
@@ -79,6 +81,8 @@ module Sift
             validator.valid_order?
           elsif applying_to_session?
             validator.valid_session?
+          elsif applying_to_content?
+            validator.valid_content?
           else
             validator.valid_user?
           end

data/lib/sift/client/decision.rb

@@ -10,11 +10,12 @@ module Sift
     class Decision
       FILTER_PARAMS = %w{ limit entity_type abuse_types from }
 
-      attr_reader :account_id, :api_key
+      attr_reader :account_id, :api_key, :client_class
 
-      def initialize(api_key, account_id)
+      def initialize(api_key, account_id, client_class = Sift::Client)
         @account_id = account_id
         @api_key = api_key
+        @client_class = client_class
       end
 
       def list(options = {})
@@ -25,7 +26,8 @@ module Sift
         else
           Router.get(index_path, {
             query: build_query(getter),
-            headers: auth_header
+            headers: auth_header,
+            client_class: client_class
           })
         end
       end
@@ -44,7 +46,7 @@ module Sift
         getter = Utils::HashGetter.new(configs)
         configs[:account_id] = account_id
 
-        ApplyTo.new(api_key, getter.get(:decision_id), configs).run
+        ApplyTo.new(api_key, getter.get(:decision_id), configs, client_class).run
       end
 
       def index_path
@@ -54,7 +56,7 @@ module Sift
       private
 
       def request_next_page(path)
-        Router.get(path, headers: auth_header)
+        Router.get(path, headers: auth_header, client_class: client_class)
       end
 
       def auth_header
@@ -63,4 +65,3 @@ module Sift
     end
   end
 end
-

data/lib/sift/client.rb

@@ -2,9 +2,6 @@ require "httparty"
 require "multi_json"
 require "base64"
 
-require_relative "./client/decision"
-require_relative "./error"
-
 module Sift
 
   # Represents the payload returned from a call through the track API
@@ -94,17 +91,36 @@ module Sift
     API_ENDPOINT = ENV["SIFT_RUBY_API_URL"] || 'https://api.siftscience.com'
     API3_ENDPOINT = ENV["SIFT_RUBY_API3_URL"] || 'https://api3.siftscience.com'
 
+    # Maintain backward compatibility for users who may rely on HTTParty methods
     include HTTParty
     base_uri API_ENDPOINT
 
     attr_reader :api_key, :account_id
 
-    def self.build_auth_header(api_key)
-      { "Authorization" => "Basic #{Base64.encode64(api_key)}" }
-    end
+    class << self
+      def build_auth_header(api_key)
+        { "Authorization" => "Basic #{Base64.strict_encode64(api_key + ":")}" }
+      end
+
+      def user_agent
+        "sift-ruby/#{VERSION}"
+      end
+
+      # Factory methods for internal API executors that inherit from the current class context.
+      # This ensures that subclasses of Client propagate their HTTParty configuration
+      # to these internal clients.
 
-    def self.user_agent
-      "sift-ruby/#{VERSION}"
+      def api_client
+        @api_client ||= Class.new(self) do
+          base_uri API_ENDPOINT
+        end
+      end
+
+      def api3_client
+        @api3_client ||= Class.new(self) do
+          base_uri API3_ENDPOINT
+        end
+      end
     end
 
     # Constructor
@@ -139,6 +155,7 @@ module Sift
       @api_key = opts[:api_key] || Sift.api_key
       @account_id = opts[:account_id] || Sift.account_id
       @version = opts[:version] || API_VERSION
+      @verification_version = opts[:verification_version] || VERIFICATION_API_VERSION
       @timeout = opts[:timeout] || 2  # 2-second timeout by default
       @path = opts[:path] || Sift.rest_api_path(@version)
 
@@ -201,7 +218,7 @@ module Sift
     #
     #   :path::
     #     Overrides the URI path for this API call.
-    # 
+    #
     #   :include_score_percentiles::
     #     include_score_percentiles(optional) : Whether to add new parameter in the query parameter.
     #
@@ -255,7 +272,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.post(path, options)
+      response = self.class.api_client.post(path, options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -286,7 +303,7 @@ module Sift
     #
     #   :version::
     #     Overrides the version of the Events API to call.
-    # 
+    #
     #   :include_score_percentiles::
     #     include_score_percentiles(optional) : Whether to add new parameter in the query parameter.
     #
@@ -318,7 +335,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.get(Sift.score_api_path(user_id, version), options)
+      response = self.class.api_client.get(Sift.score_api_path(user_id, version), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -350,7 +367,7 @@ module Sift
     #
     #   :timeout::
     #     Overrides the timeout (in seconds) for this call.
-    # 
+    #
     #   :include_score_percentiles::
     #     include_score_percentiles(optional) : Whether to add new parameter in the query parameter.
     #
@@ -363,6 +380,7 @@ module Sift
       abuse_types = opts[:abuse_types]
       api_key = opts[:api_key] || @api_key
       timeout = opts[:timeout] || @timeout
+      version = opts[:version] || @version
       include_score_percentiles = opts[:include_score_percentiles]
 
       raise("user_id must be a non-empty string") if (!user_id.is_a? String) || user_id.to_s.empty?
@@ -381,7 +399,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.get(Sift.user_score_api_path(user_id, @version), options)
+      response = self.class.api_client.get(Sift.user_score_api_path(user_id, version), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -419,6 +437,7 @@ module Sift
       abuse_types = opts[:abuse_types]
       api_key = opts[:api_key] || @api_key
       timeout = opts[:timeout] || @timeout
+      version = opts[:version] || @version
 
       raise("user_id must be a non-empty string") if (!user_id.is_a? String) || user_id.to_s.empty?
       raise("Bad api_key parameter") if api_key.empty?
@@ -433,7 +452,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.post(Sift.user_score_api_path(user_id, @version), options)
+      response = self.class.api_client.post(Sift.user_score_api_path(user_id, version), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -531,7 +550,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.delete(Sift.users_label_api_path(user_id, version), options)
+      response = self.class.api_client.delete(Sift.users_label_api_path(user_id, version), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -568,8 +587,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      uri = API3_ENDPOINT + Sift.workflow_status_path(account_id, run_id)
-      response = self.class.get(uri, options)
+      response = self.class.api3_client.get(Sift.workflow_status_path(account_id, run_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -606,8 +624,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      uri = API3_ENDPOINT + Sift.user_decisions_api_path(account_id, user_id)
-      response = self.class.get(uri, options)
+      response = self.class.api3_client.get(Sift.user_decisions_api_path(account_id, user_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -644,8 +661,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      uri = API3_ENDPOINT + Sift.order_decisions_api_path(account_id, order_id)
-      response = self.class.get(uri, options)
+      response = self.class.api3_client.get(Sift.order_decisions_api_path(account_id, order_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -684,8 +700,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      uri = API3_ENDPOINT + Sift.session_decisions_api_path(account_id, user_id, session_id)
-      response = self.class.get(uri, options)
+      response = self.class.api3_client.get(Sift.session_decisions_api_path(account_id, user_id, session_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -724,8 +739,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      uri = API3_ENDPOINT + Sift.content_decisions_api_path(account_id, user_id, content_id)
-      response = self.class.get(uri, options)
+      response = self.class.api3_client.get(Sift.content_decisions_api_path(account_id, user_id, content_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -747,7 +761,7 @@ module Sift
 
     def build_default_headers_post(api_key)
       {
-        "Authorization" => "Basic #{Base64.encode64(api_key+":")}",
+        "Authorization" => "Basic #{Base64.strict_encode64(api_key+":")}",
         "User-Agent" => "SiftScience/v#{@version} sift-ruby/#{VERSION}",
         "Content-Type" => "application/json"
       }
@@ -755,7 +769,7 @@ module Sift
 
     def verification_send(properties = {}, opts = {})
       api_key = opts[:api_key] || @api_key
-      version = opts[:version] || @version
+      version = opts[:verification_version] || @verification_version
       timeout = opts[:timeout] || @timeout
 
       raise("properties cannot be empty") if properties.empty?
@@ -767,14 +781,13 @@ module Sift
         :headers => build_default_headers_post(api_key)
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
-
-      response = self.class.post(Sift.verification_api_send_path(@version), options)
+      response = self.class.api_client.post(Sift.verification_api_send_path(version), options)
       Response.new(response.body, response.code, response.response)
     end
 
     def verification_resend(properties = {}, opts = {})
       api_key = opts[:api_key] || @api_key
-      version = opts[:version] || @version
+      version = opts[:verification_version] || @verification_version
       timeout = opts[:timeout] || @timeout
 
       raise("properties cannot be empty") if properties.empty?
@@ -787,13 +800,13 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.post(Sift.verification_api_resend_path(@version), options)
+      response = self.class.api_client.post(Sift.verification_api_resend_path(version), options)
       Response.new(response.body, response.code, response.response)
     end
 
     def verification_check(properties = {}, opts = {})
       api_key = opts[:api_key] || @api_key
-      version = opts[:version] || @version
+      version = opts[:verification_version] || @verification_version
       timeout = opts[:timeout] || @timeout
 
       raise("properties cannot be empty") if properties.empty?
@@ -806,7 +819,7 @@ module Sift
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
 
-      response = self.class.post(Sift.verification_api_check_path(@version), options)
+      response = self.class.api_client.post(Sift.verification_api_check_path(version), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -831,7 +844,7 @@ module Sift
         :basic_auth => { :username => api_key, :password => "" }
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
-      response = self.class.post(API_ENDPOINT + Sift.psp_merchant_api_path(account_id), options)
+      response = self.class.api_client.post(Sift.psp_merchant_api_path(account_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -858,7 +871,7 @@ module Sift
         :basic_auth => { :username => api_key, :password => "" }
       }
       options.merge!(:timeout => timeout) unless timeout.nil?
-      response = self.class.put(API_ENDPOINT + Sift.psp_merchant_id_api_path(account_id, merchant_id), options)
+      response = self.class.api_client.put(Sift.psp_merchant_id_api_path(account_id, merchant_id), options)
       Response.new(response.body, response.code, response.response)
     end
 
@@ -882,7 +895,7 @@ module Sift
       :basic_auth => { :username => api_key, :password => "" }
     }
     options.merge!(:timeout => timeout) unless timeout.nil?
-    response = self.class.get(API_ENDPOINT + Sift.psp_merchant_id_api_path(account_id, merchant_id), options)
+    response = self.class.api_client.get(Sift.psp_merchant_id_api_path(account_id, merchant_id), options)
     Response.new(response.body, response.code, response.response)
   end
 
@@ -911,7 +924,7 @@ module Sift
       :query => query
     }
     options.merge!(:timeout => timeout) unless timeout.nil?
-    response = self.class.get(API_ENDPOINT + Sift.psp_merchant_api_path(account_id), options)
+    response = self.class.api_client.get(Sift.psp_merchant_api_path(account_id), options)
     Response.new(response.body, response.code, response.response)
   end
 
@@ -926,7 +939,7 @@ module Sift
     end
 
     def decision_instance
-      @decision_instance ||= Decision.new(api_key, account_id)
+      @decision_instance ||= Decision.new(api_key, account_id, self.class)
     end
 
     def delete_nils(properties)
@@ -943,4 +956,8 @@ module Sift
       end
     end
   end
+
+  require_relative "./client/decision"
+  require_relative "./error"
+
 end

data/lib/sift/router.rb

@@ -2,20 +2,23 @@ require_relative "./version"
 require_relative "./client"
 
 module Sift
-  class Router
-    include HTTParty
+  class Router < Client
 
     class << self
       def get(path, options = {})
+        client_class = options.delete(:client_class) || Sift::Client
+        options[:base_uri] = nil
         serialize_body(options)
         add_default_headers(options)
-        wrap_response(super(path, options))
+        wrap_response(client_class.api3_client.get(path, options))
       end
 
       def post(path, options = {})
+        client_class = options.delete(:client_class) || Sift::Client
+        options[:base_uri] = nil
         serialize_body(options)
         add_default_headers(options)
-        wrap_response(super(path, options))
+        wrap_response(client_class.api3_client.post(path, options))
       end
 
       def serialize_body(options)

data/lib/sift/version.rb

@@ -1,4 +1,5 @@
 module Sift
-  VERSION = "4.5.0"
+  VERSION = "4.6.0"
   API_VERSION = "205"
+  VERIFICATION_API_VERSION = "1.1"
 end

data/lib/sift.rb

@@ -10,17 +10,17 @@ module Sift
   end
 
   # Returns the path for the specified API version
-  def self.verification_api_send_path(version=API_VERSION)
+  def self.verification_api_send_path(version=VERIFICATION_API_VERSION)
     "/v#{version}/verification/send"
   end
 
   # Returns the path for the specified API version
-  def self.verification_api_resend_path(version=API_VERSION)
+  def self.verification_api_resend_path(version=VERIFICATION_API_VERSION)
     "/v#{version}/verification/resend"
   end
 
   # Returns the path for the specified API version
-  def self.verification_api_check_path(version=API_VERSION)
+  def self.verification_api_check_path(version=VERIFICATION_API_VERSION)
     "/v#{version}/verification/check"
   end
 

data/sift.gemspec

@@ -7,10 +7,10 @@ Gem::Specification.new do |s|
   s.version     = Sift::VERSION
   s.platform    = Gem::Platform::RUBY
   s.authors     = ["Fred Sadaghiani", "Yoav Schatzberg", "Jacob Burnim"]
-  s.email       = ["support@siftscience.com"]
-  s.homepage    = "http://siftscience.com"
-  s.summary     = %q{Sift Science Ruby API Gem}
-  s.description = %q{Sift Science Ruby API. Please see http://siftscience.com for more details.}
+  s.email       = ["support@sift.com"]
+  s.homepage    = "http://sift.com"
+  s.summary     = %q{Sift Ruby API Gem}
+  s.description = %q{Sift Ruby API. Please see http://sift.com for more details.}
 
   s.rubyforge_project = "sift"
 
@@ -19,6 +19,8 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ["lib"]
 
+  s.required_ruby_version     = '>= 2.7.0'
+
   # Gems that must be intalled for sift to compile and build
   s.add_development_dependency "rspec", "~> 3.5"
   s.add_development_dependency "rspec_junit_formatter"
@@ -26,7 +28,7 @@ Gem::Specification.new do |s|
   s.add_development_dependency "webmock", ">= 1.16.0", "< 2"
 
   # Gems that must be intalled for sift to work
-  s.add_dependency "httparty", ">= 0.11.0"
+  s.add_dependency "httparty", ">= 0.23.3"
   s.add_dependency "multi_json", ">= 1.0"
 
   s.add_development_dependency("rake")

data/spec/unit/client/decision/apply_to_spec.rb

@@ -254,7 +254,7 @@ module Sift
         def put_auth_in_url(api_key, url)
           protocal, uri = url.split(/(?<=https\:\/\/)/)
 
-          protocal + api_key + "@" + uri
+          protocal + api_key + ":@" + uri
         end
       end
     end

data/spec/unit/client/decision_spec.rb

@@ -20,7 +20,7 @@ module Sift
         #
         protocal, uri = decision.index_path.split(/(?<=https\:\/\/)/)
 
-        protocal + api_key + "@" + uri
+        protocal + api_key + ":@" + uri
       }
 
       describe "#list" do

data/spec/unit/client_validationapi_spec.rb

@@ -88,4 +88,50 @@ describe Sift::Client do
 
   end
 
+  # Regression tests for verification API version bug fix
+  # These tests ensure verification methods use verification_version (1.1)
+  # instead of the events API version (205)
+
+  it "Uses verification API version (1.1) not events API version (205) for verification_send" do
+    api_key = "test_key"
+    response_json = { :status => 0, :error_message => "OK"}
+
+    # Should call v1.1, NOT v205
+    stub_request(:post, "https://test_key:@api.siftscience.com/v1.1/verification/send")
+      .to_return(:status => 200, :body => MultiJson.dump(response_json))
+
+    # Client defaults: version=205 (events), verification_version=1.1
+    response = Sift::Client.new(:api_key => api_key).verification_send(valid_send_properties)
+
+    expect(response.ok?).to eq(true)
+  end
+
+  it "Uses verification API version (1.1) not events API version (205) for verification_resend" do
+    api_key = "test_key"
+    response_json = { :status => 0, :error_message => "OK"}
+
+    # Should call v1.1, NOT v205
+    stub_request(:post, "https://test_key:@api.siftscience.com/v1.1/verification/resend")
+      .to_return(:status => 200, :body => MultiJson.dump(response_json))
+
+    # Client defaults: version=205 (events), verification_version=1.1
+    response = Sift::Client.new(:api_key => api_key).verification_resend(valid_resend_properties)
+
+    expect(response.ok?).to eq(true)
+  end
+
+  it "Uses verification API version (1.1) not events API version (205) for verification_check" do
+    api_key = "test_key"
+    response_json = { :status => 0, :error_message => "OK"}
+
+    # Should call v1.1, NOT v205
+    stub_request(:post, "https://test_key:@api.siftscience.com/v1.1/verification/check")
+      .to_return(:status => 200, :body => MultiJson.dump(response_json))
+
+    # Client defaults: version=205 (events), verification_version=1.1
+    response = Sift::Client.new(:api_key => api_key).verification_check(valid_check_properties)
+
+    expect(response.ok?).to eq(true)
+  end
+
 end

data/spec/unit/configuration_spec.rb

@@ -0,0 +1,67 @@
+require_relative "../spec_helper"
+require "sift"
+require "logger"
+
+describe "Sift::Client Configuration Patterns" do
+  let(:api_key) { "test_api_key" }
+
+  it "propagates global Sift::Client configuration to internal clients" do
+    Sift::Client.default_timeout 5
+    
+    # Internal executors should inherit this
+    expect(Sift::Client.api_client.default_options[:timeout]).to eq(5)
+    expect(Sift::Client.api3_client.default_options[:timeout]).to eq(5)
+    
+    # Reset
+    Sift::Client.default_timeout 2
+  end
+
+  it "allows independent subclass configurations" do
+    class SubclassA < Sift::Client; end
+    class SubclassB < Sift::Client; end
+
+    SubclassA.default_timeout 10
+    SubclassB.default_timeout 20
+
+    expect(SubclassA.api_client.default_options[:timeout]).to eq(10)
+    expect(SubclassB.api_client.default_options[:timeout]).to eq(20)
+    
+    # Ensure they didn't leak to parent
+    expect(Sift::Client.api_client.default_options[:timeout]).to be <= 5
+  end
+
+  it "propagates complex settings like loggers to subclasses" do
+    class LoggingClient < Sift::Client; end
+    
+    logger = Logger.new(nil)
+    LoggingClient.logger logger, :debug, :curl
+
+    expect(LoggingClient.api_client.default_options[:logger]).to eq(logger)
+    expect(LoggingClient.api_client.default_options[:log_level]).to eq(:debug)
+    expect(LoggingClient.api_client.default_options[:log_format]).to eq(:curl)
+    
+    # Ensure Sift::Client remains untouched
+    expect(Sift::Client.api_client.default_options[:logger]).to be_nil
+  end
+
+  it "respects inheritance chain for Decisions and Router" do
+    class DecisionClient < Sift::Client; end
+    DecisionClient.default_timeout 15
+
+    client = DecisionClient.new(api_key: api_key, account_id: "acc")
+    
+    # Verify the executor used by the Router is the one from DecisionClient
+    expect(DecisionClient.api3_client.default_options[:timeout]).to eq(15)
+
+    # We want to ensure that when Router.get is called, it uses DecisionClient.api3_client
+    # In lib/sift/router.rb, we have:
+    # wrap_response(client_class.api3_client.get(path, options))
+    
+    expect(DecisionClient.api3_client).to receive(:get).and_call_original
+
+    # Mock the request to avoid network calls
+    stub_request(:get, /api3.siftscience.com/)
+    
+    client.get_user_decisions("user_1")
+  end
+end

data/test_integration_app/verification_api/test_verification_api.rb

@@ -2,13 +2,13 @@ require "sift"
 
 class VerificationAPI
 
-    @@client = Sift::Client.new(:api_key => ENV["API_KEY"],  :version=>1.1)
+    @@client = Sift::Client.new(:api_key => ENV["API_KEY"],  :version => 1.1)
 
     def send()
         properties = {
             "$user_id"            => $user_id,
             "$send_to"            => $user_email,
-            "$verification_type"            => "$email",
+            "$verification_type"  => "$email",
             "$brand_name"         => "MyTopBrand",
             "$language"           => "en",
             "$site_country" => "IN",
@@ -28,5 +28,5 @@ class VerificationAPI
         
         return @@client.verification_send(properties)
     end
-    
+
 end

metadata

@@ -1,16 +1,16 @@
 --- !ruby/object:Gem::Specification
 name: sift
 version: !ruby/object:Gem::Version
-  version: 4.5.0
+  version: 4.6.0
 platform: ruby
 authors:
 - Fred Sadaghiani
 - Yoav Schatzberg
 - Jacob Burnim
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-05-17 00:00:00.000000000 Z
+date: 2026-03-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rspec
@@ -80,14 +80,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.23.3
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 0.11.0
+        version: 0.23.3
 - !ruby/object:Gem::Dependency
   name: multi_json
   requirement: !ruby/object:Gem::Requirement
@@ -116,18 +116,17 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Sift Science Ruby API. Please see http://siftscience.com for more details.
+description: Sift Ruby API. Please see http://sift.com for more details.
 email:
-- support@siftscience.com
+- support@sift.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".circleci/config.yml"
 - ".github/pull_request_template.md"
+- ".github/workflows/ci.yml"
 - ".github/workflows/publishing_sift_ruby.yml"
 - ".gitignore"
-- ".jenkins/Jenkinsfile"
 - Gemfile
 - HISTORY
 - LICENSE
@@ -158,6 +157,7 @@ files:
 - spec/unit/client_psp_merchant_spec.rb
 - spec/unit/client_spec.rb
 - spec/unit/client_validationapi_spec.rb
+- spec/unit/configuration_spec.rb
 - spec/unit/router_spec.rb
 - spec/unit/validate/decision_spec.rb
 - spec/unit/validate/primitive_spec.rb
@@ -168,10 +168,10 @@ files:
 - test_integration_app/psp_merchants_api/test_psp_merchant_api.rb
 - test_integration_app/score_api/test_score_api.rb
 - test_integration_app/verification_api/test_verification_api.rb
-homepage: http://siftscience.com
+homepage: http://sift.com
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -179,7 +179,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.7.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
@@ -187,7 +187,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.6
-signing_key: 
+signing_key:
 specification_version: 4
-summary: Sift Science Ruby API Gem
+summary: Sift Ruby API Gem
 test_files: []

data/.circleci/config.yml

@@ -1,105 +0,0 @@
-version: 2.1
-
-orbs:
-  slack: circleci/slack@4.4.2
-
-commands:
-  export_slack_id:
-    steps:
-      - run:
-          name  : Exporting circleci username as slack id.
-          command: echo 'export SLACK_PARAM_MENTIONS="$CIRCLE_USERNAME"' >> "$BASH_ENV"
-      - run:
-          name : CircleCi To Slack user mapping.
-          command: |
-            echo $GITHUB_SLACK_USERMAPPING | base64 --decode > github_slack
-            while read -r line || [[ -n $line ]];
-            do
-              [[ ${line//[[:space:]]/} =~ ^#.* || -z "$line" ]] && continue
-              echo "$line" | tr "=" "\n" | while read -r key; do
-              read -r value
-              if [ "$CIRCLE_USERNAME" = "${key}" ]; then
-                echo "export SLACK_PARAM_MENTIONS='<@${value}>'" >> $BASH_ENV
-              fi
-              done
-            done < github_slack
-            rm github_slack
-
-slack/notify: &slack_notify
-  branch_pattern: master
-  event: fail
-  channel: ci-build-status
-  template: SLACK_TAG_CI_FAILURE_TEMPLATE
-
-context: &context
-  - slack-templates
-  - slack_Oauth
-  - Github_Slack_UserMapping
-
-jobs:
-  build:
-    parallelism: 3 # run three instances of this job in parallel
-    docker:
-      - image: circleci/ruby:2.4.2-jessie-node
-        environment:
-          BUNDLE_JOBS: 3
-          BUNDLE_RETRY: 3
-          BUNDLE_PATH: vendor/bundle
-    steps:
-      - checkout
-      - export_slack_id
-
-      - run:
-          name: Which bundler?
-          command: bundle -v
-
-      - restore_cache:
-          keys:
-            - sift-bundle-{{ checksum "sift.gemspec" }}
-            - sift-bundle-
-
-      - run:
-          name: Bundle Install
-          command: bundle check || bundle install
-
-      - save_cache:
-          key: sift-bundle-{{ checksum "sift.gemspec" }}
-          paths:
-            - vendor/bundle
-
-      - run:
-          name: Run rspec in parallel
-          command: |
-            bundle exec rspec --profile 10 \
-                              --format RspecJunitFormatter \
-                              --out test_results/rspec.xml \
-                              --format progress \
-                              $(circleci tests glob "spec/**/*_spec.rb" | circleci tests split --split-by=timings)
-
-      - store_test_results:
-          path: test_results
-      - slack/notify:
-          <<: *slack_notify
-
-  run_integration_tests:
-    docker:
-        - image: circleci/ruby:2.4.2-jessie-node
-    steps:
-      - checkout
-      - run:
-          name: Install bundle and run the tests
-          command: | 
-            bundle check || bundle install
-            bundle exec ruby test_integration_app/main.rb      
-
-workflows:
-  ruby-test:
-    jobs:
-      - build:
-          context: *context
-  ruby-integration-tests:
-    jobs:
-      - run_integration_tests:
-          filters:
-            branches:
-              only: master

data/.jenkins/Jenkinsfile

@@ -1,103 +0,0 @@
-// Load Jenkins shared library
-jenkinsBranch = 'v0.37.0'
-sharedLib = library("shared-lib@${jenkinsBranch}")
-
-def siftRubyWorkflow = sharedLib.com.sift.ci.SiftRubyWorkflow.new()
-def ciUtil = sharedLib.com.sift.ci.CIUtil.new()
-def stackdriver = sharedLib.com.sift.ci.StackDriverMetrics.new()
-
-// Default GitHub status context for automatically triggered builds
-def defaultStatusContext = 'Jenkins:auto'
-
-// Pod template file for Jenkins agent pod
-// Pod template yaml file is defined in https://github.com/SiftScience/jenkins/tree/master/resources/jenkins-k8s-pod-templates
-def ruby2PodTemplateFile = 'ruby-2-4-2-pod-template.yaml'
-def ruby2PodLabel = "ruby2-${BUILD_TAG}"
-
-
-// GitHub repo name
-def repoName = 'sift-ruby'
-
-pipeline {
-    agent none
-    options {
-        timestamps()
-        skipDefaultCheckout()
-        disableConcurrentBuilds()
-        disableRestartFromStage()
-        parallelsAlwaysFailFast()
-        buildDiscarder logRotator(artifactDaysToKeepStr: '', artifactNumToKeepStr: '', daysToKeepStr: '30', numToKeepStr: '')
-        timeout(time: 1, unit: 'HOURS')
-    }
-    environment {
-        GIT_BRANCH = "${env.CHANGE_BRANCH != null? env.CHANGE_BRANCH : env.BRANCH_NAME}"
-    }
-    stages {
-        stage('Initialize') {
-            steps {
-                script {
-                    statusContext = defaultStatusContext
-                    // Get the commit sha for the build
-                    commitSha = ciUtil.commitHashForBuild()
-                    ciUtil.updateGithubCommitStatus(repoName, statusContext, 'Started', 'pending', commitSha)
-                }
-            }
-        }
-        stage ('Build and Test Workflows') {
-            steps {
-                script {
-                    def workflows = [:]
-                    def stage1 = 'Run Integration Tests - ruby'
-                    workflows[stage1] = {
-                        stage(stage1) {
-                            if (env.GIT_BRANCH.equals('master')) {
-                                ciUtil.updateGithubCommitStatus(repoName, stage1, 'Started', 'pending', commitSha)
-                                try {
-                                    siftRubyWorkflow.runSiftRubyIntegration(ruby2PodTemplateFile, ruby2PodLabel)
-                                    ciUtil.updateGithubCommitStatus(repoName, stage1, 'SUCCESS', 'success', commitSha)
-                                } catch (Exception e) {
-                                    ciUtil.updateGithubCommitStatus(repoName, stage1, 'FAILURE', 'failure', commitSha)
-                                    print("${stage1} failed")
-                                    throw e
-                                }
-                            }
-                        }
-                    }
-                    def stage2 = 'Test - ruby'
-                    workflows[stage2] = {
-                        stage(stage2) {
-                            ciUtil.updateGithubCommitStatus(repoName, stage2, 'Started', 'pending', commitSha)
-                            try {
-                                siftRubyWorkflow.runSiftRubyTest(ruby2PodTemplateFile, ruby2PodLabel)
-                                ciUtil.updateGithubCommitStatus(repoName, stage2, 'SUCCESS', 'success', commitSha)
-                            } catch (Exception e) {
-                                ciUtil.updateGithubCommitStatus(repoName, stage2, 'FAILURE', 'failure', commitSha)
-                                print("${stage2} failed")
-                                throw e
-                            }
-                        }
-                    }
-                    parallel workflows
-                }
-            }
-        }
-    }
-    post {
-        success {
-            script {
-                ciUtil.updateGithubCommitStatus(repoName, statusContext, currentBuild.currentResult, 'success', commitSha)
-            }
-        }
-        unsuccessful {
-            script {
-                ciUtil.updateGithubCommitStatus(repoName, statusContext, currentBuild.currentResult, 'failure', commitSha)
-                ciUtil.notifySlack(repoName, commitSha)
-            }
-        }
-        always {
-            script {
-                stackdriver.updatePipelineStatistics(this)
-            }
-        }
-    }
-}