stripe 4.10.0 → 5.0.0

data/lib/stripe/stripe_object.rb

@@ -4,7 +4,7 @@ module Stripe
   class StripeObject
     include Enumerable
 
-    @@permanent_attributes = Set.new([:id])
+    @@permanent_attributes = Set.new([:id]) # rubocop:disable Style/ClassVars
 
     # The default :id method is deprecated and isn't useful to us
     undef :id if method_defined?(:id)
@@ -93,10 +93,12 @@ module Stripe
     # considered to be equal if they have the same set of values and each one
     # of those values is the same.
     def ==(other)
-      other.is_a?(StripeObject) && @values == other.instance_variable_get(:@values)
+      other.is_a?(StripeObject) &&
+        @values == other.instance_variable_get(:@values)
     end
 
-    # Hash equality. As with `#==`, we consider two equivalent Stripe objects equal.
+    # Hash equality. As with `#==`, we consider two equivalent Stripe objects
+    # equal.
     def eql?(other)
       # Defer to the implementation on `#==`.
       self == other
@@ -121,21 +123,10 @@ module Stripe
 
     def inspect
       id_string = respond_to?(:id) && !id.nil? ? " id=#{id}" : ""
-      "#<#{self.class}:0x#{object_id.to_s(16)}#{id_string}> JSON: " + JSON.pretty_generate(@values)
+      "#<#{self.class}:0x#{object_id.to_s(16)}#{id_string}> JSON: " +
+        JSON.pretty_generate(@values)
     end
 
-    # Re-initializes the object based on a hash of values (usually one that's
-    # come back from an API call). Adds or removes value accessors as necessary
-    # and updates the state of internal data.
-    #
-    # Please don't use this method. If you're trying to do mass assignment, try
-    # #initialize_from instead.
-    def refresh_from(values, opts, partial = false)
-      initialize_from(values, opts, partial)
-    end
-    extend Gem::Deprecate
-    deprecate :refresh_from, "#update_attributes", 2016, 1
-
     # Mass assigns attributes on the model.
     #
     # This is a version of +update_attributes+ that takes some extra options
@@ -162,12 +153,12 @@ module Stripe
       end
     end
 
-    def [](k)
-      @values[k.to_sym]
+    def [](key)
+      @values[key.to_sym]
     end
 
-    def []=(k, v)
-      send(:"#{k}=", v)
+    def []=(key, value)
+      send(:"#{key}=", value)
     end
 
     def keys
@@ -178,17 +169,20 @@ module Stripe
       @values.values
     end
 
-    def to_json(*_a)
+    def to_json(*_opts)
+      # TODO: pass opts to JSON.generate?
       JSON.generate(@values)
     end
 
-    def as_json(*a)
-      @values.as_json(*a)
+    def as_json(*opts)
+      @values.as_json(*opts)
     end
 
     def to_hash
       maybe_to_hash = lambda do |value|
-        value && value.respond_to?(:to_hash) ? value.to_hash : value
+        return nil if value.nil?
+
+        value.respond_to?(:to_hash) ? value.to_hash : value
       end
 
       @values.each_with_object({}) do |(key, value), acc|
@@ -251,10 +245,11 @@ module Stripe
         #      values within in that its parent StripeObject doesn't know about.
         #
         unsaved = @unsaved_values.include?(k)
-        if options[:force] || unsaved || v.is_a?(StripeObject)
-          update_hash[k.to_sym] =
-            serialize_params_value(@values[k], @original_values[k], unsaved, options[:force], key: k)
-        end
+        next unless options[:force] || unsaved || v.is_a?(StripeObject)
+
+        update_hash[k.to_sym] = serialize_params_value(
+          @values[k], @original_values[k], unsaved, options[:force], key: k
+        )
       end
 
       # a `nil` that makes it out of `#serialize_params_value` signals an empty
@@ -264,16 +259,6 @@ module Stripe
       update_hash
     end
 
-    class << self
-      # This class method has been deprecated in favor of the instance method
-      # of the same name.
-      def serialize_params(obj, options = {})
-        obj.serialize_params(options)
-      end
-      extend Gem::Deprecate
-      deprecate :serialize_params, "#serialize_params", 2016, 9
-    end
-
     # A protected field is one that doesn't get an accessor assigned to it
     # (i.e. `obj.public = ...`) and one which is not allowed to be updated via
     # the class level `Model.update(id, { ... })`.
@@ -281,13 +266,11 @@ module Stripe
       []
     end
 
-    protected
-
-    def metaclass
+    protected def metaclass
       class << self; self; end
     end
 
-    def remove_accessors(keys)
+    protected def remove_accessors(keys)
       # not available in the #instance_eval below
       protected_fields = self.class.protected_fields
 
@@ -313,7 +296,7 @@ module Stripe
               #
               # Here we swallow that error and issue a warning so at least
               # the program doesn't crash.
-              $stderr.puts("WARNING: Unable to remove method `#{method_name}`; " \
+              warn("WARNING: Unable to remove method `#{method_name}`; " \
                 "if custom, please consider renaming to a name that doesn't " \
                 "collide with an API property name.")
             end
@@ -322,7 +305,7 @@ module Stripe
       end
     end
 
-    def add_accessors(keys, values)
+    protected def add_accessors(keys, values)
       # not available in the #instance_eval below
       protected_fields = self.class.protected_fields
 
@@ -359,7 +342,11 @@ module Stripe
       end
     end
 
-    def method_missing(name, *args)
+    # Disabling the cop because it's confused by the fact that the methods are
+    # protected, but we do define `#respond_to_missing?` just below. Hopefully
+    # this is fixed in more recent Rubocop versions.
+    # rubocop:disable Style/MissingRespondToMissing
+    protected def method_missing(name, *args)
       # TODO: only allow setting in updateable classes.
       if name.to_s.end_with?("=")
         attr = name.to_s[0...-1].to_sym
@@ -375,7 +362,9 @@ module Stripe
         begin
           mth = method(name)
         rescue NameError
-          raise NoMethodError, "Cannot set #{attr} on this object. HINT: you can't set: #{@@permanent_attributes.to_a.join(', ')}"
+          raise NoMethodError,
+                "Cannot set #{attr} on this object. HINT: you can't set: " \
+                "#{@@permanent_attributes.to_a.join(', ')}"
         end
         return mth.call(args[0])
       elsif @values.key?(name)
@@ -390,11 +379,17 @@ module Stripe
         # raise right away.
         raise unless @transient_values.include?(name)
 
-        raise NoMethodError, e.message + ".  HINT: The '#{name}' attribute was set in the past, however.  It was then wiped when refreshing the object with the result returned by Stripe's API, probably as a result of a save().  The attributes currently available on this object are: #{@values.keys.join(', ')}"
+        raise NoMethodError,
+              e.message + ".  HINT: The '#{name}' attribute was set in the " \
+              "past, however.  It was then wiped when refreshing the object " \
+              "with the result returned by Stripe's API, probably as a " \
+              "result of a save().  The attributes currently available on " \
+              "this object are: #{@values.keys.join(', ')}"
       end
     end
+    # rubocop:enable Style/MissingRespondToMissing
 
-    def respond_to_missing?(symbol, include_private = false)
+    protected def respond_to_missing?(symbol, include_private = false)
       @values && @values.key?(symbol) || super
     end
 
@@ -410,7 +405,7 @@ module Stripe
     # * +:opts:+ Options for StripeObject like an API key.
     # * +:partial:+ Indicates that the re-initialization should not attempt to
     #   remove accessors.
-    def initialize_from(values, opts, partial = false)
+    protected def initialize_from(values, opts, partial = false)
       @opts = Util.normalize_opts(opts)
 
       # the `#send` is here so that we can keep this method private
@@ -420,8 +415,8 @@ module Stripe
       added = Set.new(values.keys - @values.keys)
 
       # Wipe old state before setting new.  This is useful for e.g. updating a
-      # customer, where there is no persistent card parameter.  Mark those values
-      # which don't persist as transient
+      # customer, where there is no persistent card parameter.  Mark those
+      # values which don't persist as transient
 
       remove_accessors(removed)
       add_accessors(added, values)
@@ -441,7 +436,8 @@ module Stripe
       self
     end
 
-    def serialize_params_value(value, original, unsaved, force, key: nil)
+    protected def serialize_params_value(value, original, unsaved, force,
+                                         key: nil)
       if value.nil?
         ""
 
@@ -516,11 +512,9 @@ module Stripe
       end
     end
 
-    private
-
     # Produces a deep copy of the given object including support for arrays,
     # hashes, and StripeObjects.
-    def self.deep_copy(obj)
+    private_class_method def self.deep_copy(obj)
       case obj
       when Array
         obj.map { |e| deep_copy(e) }
@@ -540,9 +534,8 @@ module Stripe
         obj
       end
     end
-    private_class_method :deep_copy
 
-    def dirty_value!(value)
+    private def dirty_value!(value)
       case value
       when Array
         value.map { |v| dirty_value!(v) }
@@ -553,12 +546,14 @@ module Stripe
 
     # Returns a hash of empty values for all the values that are in the given
     # StripeObject.
-    def empty_values(obj)
+    private def empty_values(obj)
       values = case obj
                when Hash         then obj
                when StripeObject then obj.instance_variable_get(:@values)
                else
-                 raise ArgumentError, "#empty_values got unexpected object type: #{obj.class.name}"
+                 raise ArgumentError,
+                       "#empty_values got unexpected object type: " \
+                       "#{obj.class.name}"
                end
 
       values.each_with_object({}) do |(k, _), update|

data/lib/stripe/stripe_response.rb

@@ -4,6 +4,53 @@ module Stripe
   # StripeResponse encapsulates some vitals of a response that came back from
   # the Stripe API.
   class StripeResponse
+    # Headers provides an access wrapper to an API response's header data. It
+    # mainly exists so that we don't need to expose the entire
+    # `Net::HTTPResponse` object while still getting some of its benefits like
+    # case-insensitive access to header names and flattening of header values.
+    class Headers
+      # Initializes a Headers object from a Net::HTTP::HTTPResponse object.
+      def self.from_net_http(resp)
+        new(resp.to_hash)
+      end
+
+      # `hash` is expected to be a hash mapping header names to arrays of
+      # header values. This is the default format generated by calling
+      # `#to_hash` on a `Net::HTTPResponse` object because headers can be
+      # repeated multiple times. Using `#[]` will collapse values down to just
+      # the first.
+      def initialize(hash)
+        if !hash.is_a?(Hash) ||
+           !hash.keys.all? { |n| n.is_a?(String) } ||
+           !hash.values.all? { |a| a.is_a?(Array) } ||
+           !hash.values.all? { |a| a.all? { |v| v.is_a?(String) } }
+          raise ArgumentError,
+                "expect hash to be a map of string header names to arrays of " \
+                "header values"
+        end
+
+        @hash = {}
+
+        # This shouldn't be strictly necessary because `Net::HTTPResponse` will
+        # produce a hash with all headers downcased, but do it anyway just in
+        # case an object of this class was constructed manually.
+        #
+        # Also has the effect of duplicating the hash, which is desirable for a
+        # little extra object safety.
+        hash.each do |k, v|
+          @hash[k.downcase] = v
+        end
+      end
+
+      def [](name)
+        values = @hash[name.downcase]
+        if values && values.count > 1
+          warn("Duplicate header values for `#{name}`; returning only first")
+        end
+        values ? values.first : nil
+      end
+    end
+
     # The data contained by the HTTP body of the response deserialized from
     # JSON.
     attr_accessor :data
@@ -20,30 +67,15 @@ module Stripe
     # The Stripe request ID of the response.
     attr_accessor :request_id
 
-    # Initializes a StripeResponse object from a Hash like the kind returned as
-    # part of a Faraday exception.
-    #
-    # This may throw JSON::ParserError if the response body is not valid JSON.
-    def self.from_faraday_hash(http_resp)
-      resp = StripeResponse.new
-      resp.data = JSON.parse(http_resp[:body], symbolize_names: true)
-      resp.http_body = http_resp[:body]
-      resp.http_headers = http_resp[:headers]
-      resp.http_status = http_resp[:status]
-      resp.request_id = http_resp[:headers]["Request-Id"]
-      resp
-    end
-
-    # Initializes a StripeResponse object from a Faraday HTTP response object.
-    #
-    # This may throw JSON::ParserError if the response body is not valid JSON.
-    def self.from_faraday_response(http_resp)
+    # Initializes a StripeResponse object from a Net::HTTP::HTTPResponse
+    # object.
+    def self.from_net_http(http_resp)
       resp = StripeResponse.new
       resp.data = JSON.parse(http_resp.body, symbolize_names: true)
       resp.http_body = http_resp.body
-      resp.http_headers = http_resp.headers
-      resp.http_status = http_resp.status
-      resp.request_id = http_resp.headers["Request-Id"]
+      resp.http_headers = Headers.from_net_http(http_resp)
+      resp.http_status = http_resp.code.to_i
+      resp.request_id = http_resp["request-id"]
       resp
     end
   end

data/lib/stripe/util.rb

@@ -24,98 +24,27 @@ module Stripe
       OPTS_USER_SPECIFIED + Set[:client] - Set[:idempotency_key]
     ).freeze
 
-    def self.objects_to_ids(h)
-      case h
+    def self.objects_to_ids(obj)
+      case obj
       when APIResource
-        h.id
+        obj.id
       when Hash
         res = {}
-        h.each { |k, v| res[k] = objects_to_ids(v) unless v.nil? }
+        obj.each { |k, v| res[k] = objects_to_ids(v) unless v.nil? }
         res
       when Array
-        h.map { |v| objects_to_ids(v) }
+        obj.map { |v| objects_to_ids(v) }
       else
-        h
+        obj
       end
     end
 
-    def self.object_classes # rubocop:disable Metrics/MethodLength
-      @object_classes ||= {
-        # data structures
-        ListObject::OBJECT_NAME => ListObject,
-
-        # business objects
-        Account::OBJECT_NAME                      => Account,
-        AccountLink::OBJECT_NAME                  => AccountLink,
-        AlipayAccount::OBJECT_NAME                => AlipayAccount,
-        ApplePayDomain::OBJECT_NAME               => ApplePayDomain,
-        ApplicationFee::OBJECT_NAME               => ApplicationFee,
-        ApplicationFeeRefund::OBJECT_NAME         => ApplicationFeeRefund,
-        Balance::OBJECT_NAME                      => Balance,
-        BalanceTransaction::OBJECT_NAME           => BalanceTransaction,
-        BankAccount::OBJECT_NAME                  => BankAccount,
-        BitcoinReceiver::OBJECT_NAME              => BitcoinReceiver,
-        BitcoinTransaction::OBJECT_NAME           => BitcoinTransaction,
-        Card::OBJECT_NAME                         => Card,
-        Charge::OBJECT_NAME                       => Charge,
-        Checkout::Session::OBJECT_NAME            => Checkout::Session,
-        CountrySpec::OBJECT_NAME                  => CountrySpec,
-        Coupon::OBJECT_NAME                       => Coupon,
-        Customer::OBJECT_NAME                     => Customer,
-        Dispute::OBJECT_NAME                      => Dispute,
-        EphemeralKey::OBJECT_NAME                 => EphemeralKey,
-        Event::OBJECT_NAME                        => Event,
-        ExchangeRate::OBJECT_NAME                 => ExchangeRate,
-        File::OBJECT_NAME                         => File,
-        File::OBJECT_NAME_ALT                     => File,
-        FileLink::OBJECT_NAME                     => FileLink,
-        Invoice::OBJECT_NAME                      => Invoice,
-        InvoiceItem::OBJECT_NAME                  => InvoiceItem,
-        InvoiceLineItem::OBJECT_NAME              => InvoiceLineItem,
-        IssuerFraudRecord::OBJECT_NAME            => IssuerFraudRecord,
-        Issuing::Authorization::OBJECT_NAME       => Issuing::Authorization,
-        Issuing::Card::OBJECT_NAME                => Issuing::Card,
-        Issuing::CardDetails::OBJECT_NAME         => Issuing::CardDetails,
-        Issuing::Cardholder::OBJECT_NAME          => Issuing::Cardholder,
-        Issuing::Dispute::OBJECT_NAME             => Issuing::Dispute,
-        Issuing::Transaction::OBJECT_NAME         => Issuing::Transaction,
-        LoginLink::OBJECT_NAME                    => LoginLink,
-        Order::OBJECT_NAME                        => Order,
-        OrderReturn::OBJECT_NAME                  => OrderReturn,
-        PaymentIntent::OBJECT_NAME                => PaymentIntent,
-        PaymentMethod::OBJECT_NAME                => PaymentMethod,
-        Payout::OBJECT_NAME                       => Payout,
-        Person::OBJECT_NAME                       => Person,
-        Plan::OBJECT_NAME                         => Plan,
-        Product::OBJECT_NAME                      => Product,
-        Radar::ValueList::OBJECT_NAME             => Radar::ValueList,
-        Radar::ValueListItem::OBJECT_NAME         => Radar::ValueListItem,
-        Recipient::OBJECT_NAME                    => Recipient,
-        RecipientTransfer::OBJECT_NAME            => RecipientTransfer,
-        Refund::OBJECT_NAME                       => Refund,
-        Reporting::ReportRun::OBJECT_NAME         => Reporting::ReportRun,
-        Reporting::ReportType::OBJECT_NAME        => Reporting::ReportType,
-        Reversal::OBJECT_NAME                     => Reversal,
-        Review::OBJECT_NAME                       => Review,
-        SKU::OBJECT_NAME                          => SKU,
-        Sigma::ScheduledQueryRun::OBJECT_NAME     => Sigma::ScheduledQueryRun,
-        Source::OBJECT_NAME                       => Source,
-        SourceTransaction::OBJECT_NAME            => SourceTransaction,
-        Subscription::OBJECT_NAME                 => Subscription,
-        SubscriptionItem::OBJECT_NAME             => SubscriptionItem,
-        SubscriptionSchedule::OBJECT_NAME         => SubscriptionSchedule,
-        SubscriptionScheduleRevision::OBJECT_NAME => SubscriptionScheduleRevision,
-        Terminal::ConnectionToken::OBJECT_NAME    => Terminal::ConnectionToken,
-        Terminal::Location::OBJECT_NAME           => Terminal::Location,
-        Terminal::Reader::OBJECT_NAME             => Terminal::Reader,
-        ThreeDSecure::OBJECT_NAME                 => ThreeDSecure,
-        Token::OBJECT_NAME                        => Token,
-        Topup::OBJECT_NAME                        => Topup,
-        Transfer::OBJECT_NAME                     => Transfer,
-        UsageRecord::OBJECT_NAME                  => UsageRecord,
-        UsageRecordSummary::OBJECT_NAME           => UsageRecordSummary,
-        WebhookEndpoint::OBJECT_NAME              => WebhookEndpoint,
-      }
+    def self.object_classes
+      @object_classes ||= Stripe::ObjectTypes.object_names_to_classes
+    end
+
+    def self.object_name_matches_class?(object_name, klass)
+      Util.object_classes[object_name] == klass
     end
 
     # Converts a hash of fields or an array of hashes into a +StripeObject+ or
@@ -131,12 +60,16 @@ module Stripe
     # * +opts+ - Options for +StripeObject+ like an API key that will be reused
     #   on subsequent API calls.
     def self.convert_to_stripe_object(data, opts = {})
+      opts = normalize_opts(opts)
+
       case data
       when Array
         data.map { |i| convert_to_stripe_object(i, opts) }
       when Hash
-        # Try converting to a known object class.  If none available, fall back to generic StripeObject
-        object_classes.fetch(data[:object], StripeObject).construct_from(data, opts)
+        # Try converting to a known object class.  If none available, fall back
+        # to generic StripeObject
+        object_classes.fetch(data[:object], StripeObject)
+                      .construct_from(data, opts)
       else
         data
       end
@@ -145,24 +78,24 @@ module Stripe
     def self.log_error(message, data = {})
       if !Stripe.logger.nil? ||
          !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_ERROR
-        log_internal(message, data, color: :cyan,
-                                    level: Stripe::LEVEL_ERROR, logger: Stripe.logger, out: $stderr)
+        log_internal(message, data, color: :cyan, level: Stripe::LEVEL_ERROR,
+                                    logger: Stripe.logger, out: $stderr)
       end
     end
 
     def self.log_info(message, data = {})
       if !Stripe.logger.nil? ||
          !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_INFO
-        log_internal(message, data, color: :cyan,
-                                    level: Stripe::LEVEL_INFO, logger: Stripe.logger, out: $stdout)
+        log_internal(message, data, color: :cyan, level: Stripe::LEVEL_INFO,
+                                    logger: Stripe.logger, out: $stdout)
       end
     end
 
     def self.log_debug(message, data = {})
       if !Stripe.logger.nil? ||
          !Stripe.log_level.nil? && Stripe.log_level <= Stripe::LEVEL_DEBUG
-        log_internal(message, data, color: :blue,
-                                    level: Stripe::LEVEL_DEBUG, logger: Stripe.logger, out: $stdout)
+        log_internal(message, data, color: :blue, level: Stripe::LEVEL_DEBUG,
+                                    logger: Stripe.logger, out: $stdout)
       end
     end
 
@@ -265,11 +198,13 @@ module Stripe
 
     def self.check_string_argument!(key)
       raise TypeError, "argument must be a string" unless key.is_a?(String)
+
       key
     end
 
     def self.check_api_key!(key)
       raise TypeError, "api_key must be a string" unless key.is_a?(String)
+
       key
     end
 
@@ -297,13 +232,13 @@ module Stripe
 
     # Constant time string comparison to prevent timing attacks
     # Code borrowed from ActiveSupport
-    def self.secure_compare(a, b)
-      return false unless a.bytesize == b.bytesize
+    def self.secure_compare(str_a, str_b)
+      return false unless str_a.bytesize == str_b.bytesize
 
-      l = a.unpack "C#{a.bytesize}"
+      l = str_a.unpack "C#{str_a.bytesize}"
 
       res = 0
-      b.each_byte { |byte| res |= byte ^ l.shift }
+      str_b.each_byte { |byte| res |= byte ^ l.shift }
       res.zero?
     end
 
@@ -312,14 +247,14 @@ module Stripe
     #
 
     COLOR_CODES = {
-      black:   0, light_black:   60,
-      red:     1, light_red:     61,
-      green:   2, light_green:   62,
-      yellow:  3, light_yellow:  63,
-      blue:    4, light_blue:    64,
+      black: 0, light_black: 60,
+      red: 1, light_red: 61,
+      green: 2, light_green: 62,
+      yellow: 3, light_yellow: 63,
+      blue: 4, light_blue: 64,
       magenta: 5, light_magenta: 65,
-      cyan:    6, light_cyan:    66,
-      white:   7, light_white:   67,
+      cyan: 6, light_cyan: 66,
+      white: 7, light_white: 67,
       default: 9,
     }.freeze
     private_constant :COLOR_CODES
@@ -348,23 +283,32 @@ module Stripe
     end
     private_class_method :level_name
 
-    # TODO: Make these named required arguments when we drop support for Ruby
-    # 2.0.
-    def self.log_internal(message, data = {}, color: nil, level: nil, logger: nil, out: nil)
+    def self.log_internal(message, data = {}, color:, level:, logger:, out:)
       data_str = data.reject { |_k, v| v.nil? }
                      .map do |(k, v)|
-        format("%s=%s", colorize(k, color, logger.nil? && !out.nil? && out.isatty), wrap_logfmt_value(v))
+        format("%<key>s=%<value>s",
+               key: colorize(k, color, logger.nil? && !out.nil? && out.isatty),
+               value: wrap_logfmt_value(v))
       end.join(" ")
 
       if !logger.nil?
         # the library's log levels are mapped to the same values as the
         # standard library's logger
         logger.log(level,
-                   format("message=%s %s", wrap_logfmt_value(message), data_str))
+                   format("message=%<message>s %<data_str>s",
+                          message: wrap_logfmt_value(message),
+                          data_str: data_str))
       elsif out.isatty
-        out.puts format("%s %s %s", colorize(level_name(level)[0, 4].upcase, color, out.isatty), message, data_str)
+        out.puts format("%<level>s %<message>s %<data_str>s",
+                        level: colorize(level_name(level)[0, 4].upcase,
+                                        color, out.isatty),
+                        message: message,
+                        data_str: data_str)
       else
-        out.puts format("message=%s level=%s %s", wrap_logfmt_value(message), level_name(level), data_str)
+        out.puts format("message=%<message>s level=%<level>s %<data_str>s",
+                        message: wrap_logfmt_value(message),
+                        level: level_name(level),
+                        data_str: data_str)
       end
     end
     private_class_method :log_internal
@@ -382,7 +326,7 @@ module Stripe
       if %r{[^\w\-/]} =~ val
         # If the string contains any special characters, escape any double
         # quotes it has, remove newlines, and wrap the whole thing in quotes.
-        format(%("%s"), val.gsub('"', '\"').delete("\n"))
+        format(%("%<value>s"), value: val.gsub('"', '\"').delete("\n"))
       else
         # Otherwise use the basic value if it looks like a standard set of
         # characters (and allow a few special characters like hyphens, and

data/lib/stripe/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Stripe
-  VERSION = "4.10.0".freeze
+  VERSION = "5.0.0"
 end

data/lib/stripe/webhook.rb

@@ -8,7 +8,8 @@ module Stripe
     #
     # This may raise JSON::ParserError if the payload is not valid JSON, or
     # SignatureVerificationError if the signature verification fails.
-    def self.construct_event(payload, sig_header, secret, tolerance: DEFAULT_TOLERANCE)
+    def self.construct_event(payload, sig_header, secret,
+                             tolerance: DEFAULT_TOLERANCE)
       Signature.verify_header(payload, sig_header, secret, tolerance: tolerance)
 
       # It's a good idea to parse the payload only after verifying it. We use
@@ -21,7 +22,7 @@ module Stripe
     end
 
     module Signature
-      EXPECTED_SCHEME = "v1".freeze
+      EXPECTED_SCHEME = "v1"
 
       def self.compute_signature(payload, secret)
         OpenSSL::HMAC.hexdigest(OpenSSL::Digest.new("sha256"), secret, payload)
@@ -50,7 +51,8 @@ module Stripe
       # Returns true otherwise
       def self.verify_header(payload, header, secret, tolerance: nil)
         begin
-          timestamp, signatures = get_timestamp_and_signatures(header, EXPECTED_SCHEME)
+          timestamp, signatures =
+            get_timestamp_and_signatures(header, EXPECTED_SCHEME)
         rescue StandardError
           raise SignatureVerificationError.new(
             "Unable to extract timestamp and signatures from header",