standard_audit 0.4.0 → 0.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6a9a29ab9754c6dbc24134d000864e8d99f60966227691ee782b782423ac7dc7
-  data.tar.gz: 0ee9864f7b073c3376041facfafe575006179b443937883377a5bdda605bc81a
+  metadata.gz: 6dff9827071db99dfcb9dc184f3cc20d0bcfd208de8f5d41c86efff0f7e4c2be
+  data.tar.gz: 979f93e8ed8d293695337e453ade9926b553be7904617d7c61d653ef5997a3ea
 SHA512:
-  metadata.gz: e156d464655ca40f791b064e264b18ac587b63819f454d8bc98b9b7a9168cbd02519795c14d0333cd148be191715d29498244d1218f505365a1ef669c6f591fe
-  data.tar.gz: 2816bb0d249b20d8464cde9655b5799d8b7525cba615b9a97528bd9ef78ca1b1254fd528bca77ac3390001bdf34adc384add86c5b924d43a2e93bf695620ae89
+  metadata.gz: 98bf60f4d4d40d46ff28d9203c8686a5c57765a86c4c3ef1db97c59d32b27e355ac7b585730cd69865e54cf8540109c87546259ea19e4afdfa9a3510b5b52e1f
+  data.tar.gz: dda3b2376d9afcd2a61808fc79025e246365302f7b097c17a801bf47cc6a8f3e26a3e11b411dc19b31f6ebac32dc44107e92582e02813a22476be2fa1eaca32a

data/CHANGELOG.md

@@ -7,6 +7,29 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+## [0.5.0] - 2026-04-29
+
+### Changed
+
+- CI and release workflows migrated to the shared `rarebit-one/.github` reusable workflows (`reusable-gem-ci.yml@v1`, `reusable-gem-release.yml@v1`); `.github/workflows/ci.yml` and `release.yml` are now thin shims.
+- The `standard_audit:install` generator is now idempotent. Re-running it skips the migration when a `*_create_audit_logs.rb` file already exists in `db/migrate/`, and skips the initializer when `config/initializers/standard_audit.rb` already exists. New flags: `--skip-migration`, `--skip-initializer`, and `--force` (overwrite the existing initializer; defaults to skip without an interactive prompt).
+
+### Removed
+
+- **BREAKING:** Removed `Configuration#use_preset` and the `lib/standard_audit/presets/` directory. The preset pattern (`config.use_preset(:standard_id)`) created a direct dependency from `standard_audit` on a specific publisher gem, which inverted the intended dependency direction — `standard_audit` should be a generic event consumer with no knowledge of any particular publisher. Host apps should subscribe to event patterns directly:
+  ```ruby
+  StandardAudit.configure do |c|
+    c.subscribe_to "standard_id.authentication.*"
+    c.subscribe_to "standard_id.session.created"
+    c.subscribe_to "standard_id.session.revoked"
+    c.subscribe_to "standard_id.session.expired"
+    c.subscribe_to "standard_id.account.*"
+  end
+  ```
+  Each publisher gem documents its event namespace.
+- **BREAKING:** Dropped support for Ruby < 4.0. `required_ruby_version` is now `>= 4.0`. Hosts must upgrade to Ruby 4.0+ before bundling this version. CI tests all four published 4.0.x patches.
+- **BREAKING:** Dropped support for Rails < 8.0. `activerecord`, `activejob`, and `activesupport` constraints are now `>= 8.0` (was `>= 7.1`). Hosts on Rails 7.x must upgrade to Rails 8.0+ before bundling this version. Aligns with the org-wide policy of supporting Rails 8 and up.
+
 ## [0.4.0] - 2026-04-19
 
 ### Added

data/README.md

@@ -23,6 +23,8 @@ This creates:
 - A migration for the `audit_logs` table (UUID primary keys, JSON metadata)
 - An initializer at `config/initializers/standard_audit.rb`
 
+The generator is idempotent — re-running it skips the migration when a `*_create_audit_logs.rb` already exists in `db/migrate/`, and skips the initializer when `config/initializers/standard_audit.rb` already exists. Pass `--skip-migration` or `--skip-initializer` to opt out of individual steps, or `--force` to overwrite the existing initializer.
+
 ## Quick Start
 
 ### 1. Subscribe to events

data/lib/generators/standard_audit/install/install_generator.rb

@@ -1,19 +1,85 @@
+require "rails/generators"
+
 module StandardAudit
   module Generators
+    # Installs StandardAudit in a host Rails application.
+    #
+    # Creates the migration for the `audit_logs` table and writes the
+    # initializer at `config/initializers/standard_audit.rb`.
+    #
+    # Idempotent: re-running the generator will skip pieces it has already
+    # installed. Pass `--skip-*` flags to opt out of individual steps and
+    # `--force` to overwrite an existing initializer.
     class InstallGenerator < Rails::Generators::Base
       include Rails::Generators::Migration
       source_root File.expand_path("templates", __dir__)
 
+      desc <<~DESC
+        Installs StandardAudit. By default this:
+          * copies a CreateAuditLogs migration into db/migrate/
+          * writes config/initializers/standard_audit.rb
+
+        Use --skip-* flags to opt out of individual steps when re-running on an
+        existing install. The generator is idempotent — already-installed
+        pieces are skipped with a clear message. Pass --force to overwrite an
+        existing initializer.
+      DESC
+
+      class_option :skip_migration, type: :boolean, default: false,
+        desc: "Do not copy the CreateAuditLogs migration into db/migrate"
+      class_option :skip_initializer, type: :boolean, default: false,
+        desc: "Do not write config/initializers/standard_audit.rb"
+      class_option :force, type: :boolean, default: false,
+        desc: "Overwrite config/initializers/standard_audit.rb if it already exists"
+
       def self.next_migration_number(dirname)
         Time.now.utc.strftime("%Y%m%d%H%M%S")
       end
 
       def copy_migration
+        if options[:skip_migration]
+          say_status("skip", "db/migrate/*_create_audit_logs.rb (--skip-migration)", :yellow)
+          return
+        end
+
+        if existing_migration
+          say_status(
+            "identical",
+            "AuditLog migration already present (#{relative_migration_path(existing_migration)}), skipping",
+            :blue
+          )
+          return
+        end
+
         migration_template "create_audit_logs.rb.erb", "db/migrate/create_audit_logs.rb"
       end
 
       def copy_initializer
-        template "initializer.rb.erb", "config/initializers/standard_audit.rb"
+        initializer_path = "config/initializers/standard_audit.rb"
+
+        if options[:skip_initializer]
+          say_status("skip", "#{initializer_path} (--skip-initializer)", :yellow)
+          return
+        end
+
+        if File.exist?(File.join(destination_root, initializer_path)) && !options[:force]
+          say_status("identical", "#{initializer_path} (already exists; pass --force to overwrite)", :blue)
+          return
+        end
+
+        template "initializer.rb.erb", initializer_path, force: options[:force]
+      end
+
+      no_commands do
+        def existing_migration
+          Dir.glob(File.join(destination_root, "db/migrate/*_create_audit_logs.rb")).first
+        end
+
+        def relative_migration_path(absolute_path)
+          Pathname.new(absolute_path).relative_path_from(Pathname.new(destination_root)).to_s
+        rescue ArgumentError
+          absolute_path
+        end
       end
     end
   end

data/lib/generators/standard_audit/install/templates/initializer.rb.erb

@@ -1,8 +1,11 @@
 StandardAudit.configure do |config|
-  # Use a preset to subscribe to common event patterns
-  # config.use_preset(:standard_id)
-
-  # Or subscribe to ActiveSupport::Notifications patterns manually
+  # Subscribe to ActiveSupport::Notifications / Rails.event patterns.
+  # Each gem documents its own event namespace; subscribe to whichever
+  # patterns you want audited:
+  # config.subscribe_to "standard_id.authentication.*"
+  # config.subscribe_to "standard_id.session.created"
+  # config.subscribe_to "standard_id.session.revoked"
+  # config.subscribe_to "standard_circuit.circuit.*"
   # config.subscribe_to "audit.**"
 
   # Actor extractor from notification payload

data/lib/standard_audit/configuration.rb

@@ -10,7 +10,6 @@ module StandardAudit
 
     def initialize
       @subscriptions = []
-      @applied_presets = []
       @async = false
       @queue_name = :default
       @enabled = true
@@ -56,22 +55,5 @@ module StandardAudit
     def subscriptions
       @subscriptions.dup.freeze
     end
-
-    def use_preset(name)
-      key = name.to_sym
-      return self if @applied_presets.include?(key)
-
-      preset = case key
-      when :standard_id
-        require "standard_audit/presets/standard_id"
-        StandardAudit::Presets::StandardId
-      else
-        raise ArgumentError, "Unknown preset: #{name}. Available presets: :standard_id"
-      end
-
-      preset.apply(self)
-      @applied_presets << key
-      self
-    end
   end
 end

data/lib/standard_audit/rspec.rb

@@ -0,0 +1,29 @@
+require "standard_audit"
+
+# StandardAudit state reset between examples.
+#
+# - Clears the thread-local batch buffer so a spec that exits inside a
+#   `StandardAudit.batch { ... }` block (e.g. via an unhandled error or
+#   abort) cannot leak buffered records into the next example.
+# - Resets the Configuration via `StandardAudit.reset_configuration!` so
+#   that mutations to `StandardAudit.config` (subscriptions, sensitive
+#   keys, async flag, custom resolvers, etc.) do not bleed across specs.
+#   Consumers that customise configuration must re-call
+#   `StandardAudit.configure { |c| ... }` from a `before` hook in their
+#   own suite if they need a non-default baseline.
+#
+# The memoized `Subscriber` and `EventSubscriber` instances are *not*
+# torn down here — they are wired up at engine boot via initializers and
+# rebuilding them per-example would unsubscribe from
+# `ActiveSupport::Notifications` / `Rails.event` for the rest of the run.
+# Specs that need to assert on subscriber behaviour should manage that
+# locally.
+#
+# Intentionally `before(:example)` rather than `after(:example)` so the
+# reset always runs even when a previous example aborted in an after hook.
+RSpec.configure do |config|
+  config.before(:example) do
+    Thread.current[:standard_audit_batch] = nil
+    StandardAudit.reset_configuration!
+  end
+end

data/lib/standard_audit/version.rb

@@ -1,3 +1,3 @@
 module StandardAudit
-  VERSION = "0.4.0"
+  VERSION = "0.5.0"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: standard_audit
 version: !ruby/object:Gem::Version
-  version: 0.4.0
+  version: 0.5.0
 platform: ruby
 authors:
 - Jaryl Sim
@@ -15,42 +15,42 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
 - !ruby/object:Gem::Dependency
   name: activejob
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
 - !ruby/object:Gem::Dependency
   name: activesupport
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '7.1'
+        version: '8.0'
 - !ruby/object:Gem::Dependency
   name: globalid
   requirement: !ruby/object:Gem::Requirement
@@ -65,9 +65,23 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '1.0'
+- !ruby/object:Gem::Dependency
+  name: simplecov
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.22'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.22'
 description: StandardAudit is a standalone Rails gem for database-backed audit logging.
-  On Rails 8.1+ it subscribes to Rails.event; on earlier versions it subscribes to
-  ActiveSupport::Notifications. Generic, flexible, and works with any Rails application.
+  On Rails 8.1+ it subscribes to Rails.event; on Rails 8.0 it falls back to ActiveSupport::Notifications.
+  Generic, flexible, and works with any Rails application.
 email:
 - code@jaryl.dev
 executables: []
@@ -94,7 +108,7 @@ files:
 - lib/standard_audit/configuration.rb
 - lib/standard_audit/engine.rb
 - lib/standard_audit/event_subscriber.rb
-- lib/standard_audit/presets/standard_id.rb
+- lib/standard_audit/rspec.rb
 - lib/standard_audit/subscriber.rb
 - lib/standard_audit/version.rb
 - lib/tasks/standard_audit_tasks.rake
@@ -113,7 +127,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.2'
+      version: '4.0'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="

data/lib/standard_audit/presets/standard_id.rb

@@ -1,22 +0,0 @@
-module StandardAudit
-  module Presets
-    module StandardId
-      # Regex wildcards capture all events in a namespace. Session uses
-      # explicit strings to exclude noisy events like session.validated
-      # that fire on every authenticated request.
-      SUBSCRIPTIONS = [
-        /\Astandard_id\.authentication\./,
-        "standard_id.session.created",
-        "standard_id.session.revoked",
-        "standard_id.session.expired",
-        /\Astandard_id\.account\./,
-        /\Astandard_id\.social\./,
-        /\Astandard_id\.passwordless\./
-      ].freeze
-
-      def self.apply(config)
-        SUBSCRIPTIONS.each { |pattern| config.subscribe_to(pattern) }
-      end
-    end
-  end
-end