sym 2.6.2 → 2.6.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c169c37700945822d66dd59d354351489dc8f0c3
-  data.tar.gz: 96d3d0f19ddd0c2c853bbedb6aa66e315214a8a0
+  metadata.gz: b8adac417a1a9a351450a8ae059f225888e7b879
+  data.tar.gz: 63fc6a18b5f455433960d47f74cbd1132b645fa4
 SHA512:
-  metadata.gz: 9fb78214630982559137dea9f572833ca31a51b0bf1b91605af3a6ede7412533d997660298c7176c43741f03e35e1a6cc613697e9993da3d78e3ccddabe7d3cb
-  data.tar.gz: 68d3c33eca5d9093ac3a3896271864edf063c18a4f8a8b2aa06d2cb9beb6f9200471124412a156c4c8f839fe773d8559384ddfe0f5dec82e1e5ef60158a40385
+  metadata.gz: 93d4ea799ed150b26039848545401fa53818f348f8f9255b983213e30b05f241c3510b320e21507c52756b520972586788f380c45c34fd9714dac16859e4a5c3
+  data.tar.gz: a7052d5ed8d08a02e0dc80dfb2bb9fcd00f50ffbb01a2a70b40a74e222051c9c74b840ca7678f4ac6e7b3f460fa195307d073c20247d4f16b0b46cd69f5bb713

data/.travis.yml

@@ -1,12 +1,14 @@
 language: ruby
+cache: bundler
 env:
-- CODECLIMATE_REPO_TOKEN=c71874cc22acffe1e2543d3388d3a96c73a65f0cfe17169dadd8de4a6c062c39
+- CODECLIMATE_REPO_TOKEN=c71874cc22acffe1e2543d3388d3a96c73a65f0cfe17169dadd8de4a6c062c39 TEST_DRB=true
 services:
 - memcached
 rvm:
-- 2.4.0
+- 2.2.6
 - 2.3.3
-script: rake
+- 2.4.0
+- jruby-9.1.7.0
 notifications:
   email:
     recipients:

data/CHANGELOG.md

@@ -2,7 +2,57 @@
 
 ## [HEAD](https://github.com/kigster/sym/tree/HEAD)
 
-[Changes since the last tag](https://github.com/kigster/sym/compare/v2.5.1...HEAD)
+[Changes since the last tag](https://github.com/kigster/sym/compare/v2.6.3...HEAD)
+
+## [v2.6.3](https://github.com/kigster/sym/tree/v2.6.3) (2017-03-13)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.6.2...v2.6.3)
+
+ * Much faster unit tests thanks to running Aruba tests in-process
+ * Better error reporting, and catching the case when STDIN is not a TTY
+   and yet password is required to decrypt the key.
+
+## [v2.6.2](https://github.com/kigster/sym/tree/v2.6.2) (2017-03-12)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.6.1...v2.6.2)
+
+ * Updating gem description for RubyGems.
+
+## [v2.6.1](https://github.com/kigster/sym/tree/v2.6.1) (2017-03-12)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.6.0...v2.6.1)
+
+ * Mostly updating gem descriptions and README
+
+## [v2.6.0](https://github.com/kigster/sym/tree/v2.6.0) (2017-03-12)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.5.3...v2.6.0)
+
+ * Added `Sym::MagicFile` API for easy access to encrypted files.
+ * Moving output processing into the `Sym::Application` class.
+
+## [v2.5.3](https://github.com/kigster/sym/tree/v2.5.3) (2017-03-11)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.5.2...v2.5.3)
+
+ * Added a "\n" to all printouts to STDOUT as long as it's a TTY
+
+## [v2.5.2](https://github.com/kigster/sym/tree/v2.5.2) (2017-03-07)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.5.1...v2.5.2)
+
+ * Minor bug fixes around `symit` bash script, and `--bash-support` flag.
+
+## [v2.5.1](https://github.com/kigster/sym/tree/v2.5.0) (2017-03-07)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.5.0...v2.5.1)
+
+ * Moved `symit` into `bin/` folder, and now installing it into `~/.sym.symit` with `-B/--bash-support` flag.
+ * `symit` now works as a bash function installed together with the completion.
+ * Updated `Sym::Constants` module.
+ 
+## [v2.5.0](https://github.com/kigster/sym/tree/v2.5.0) (2017-03-04)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.4.3...v2.5.0)
+
+ * Updated README
+ * Remove `-M` flag; make `SYM_ARGS` environment be only used when `-A` flag is supplied
+ * Change `--bash-completion` to use `-B`
+ * Major fix up for sym.completion
+## [v2.6.1](https://github.com/kigster/sym/tree/v2.6.1) (2017-03-11)
+[Full Changelog](https://github.com/kigster/sym/compare/v2.6.0...v2.6.1)
 
 ## [v2.6.0](https://github.com/kigster/sym/tree/v2.6.0) (2017-03-11)
 [Full Changelog](https://github.com/kigster/sym/compare/v2.5.3...v2.6.0)

data/README.md

@@ -25,6 +25,16 @@
 
 </div>
 
+## Supported Ruby Versions
+
+Sym currently builds and runs on the following ruby versions, which can be verified on Travis CI:
+[![Build Status](https://travis-ci.org/kigster/sym.svg?branch=master)](https://travis-ci.org/kigster/sym)
+
+ * 2.2.5
+ * 2.3.3
+ * 2.4.0
+ * jruby-9.1.7.0 
+
 ### Motivation
 
 The main goal when writing this tool was to streamline and simplify handling of sensitive data in a  trasparent and easy to use way without sacrificing security.

data/lib/sym/app.rb

@@ -17,12 +17,18 @@ module Sym
   module App
     class << self
       attr_accessor :exit_code
+      attr_accessor :stdin, :stdout, :stderr
+
     end
 
     self.exit_code = 0
 
+    self.stdin     = STDIN
+    self.stdout    = STDOUT
+    self.stderr    = STDERR
+
     def self.out
-      STDERR
+      self.stderr
     end
 
     def self.log(level, *args, **opts)
@@ -42,18 +48,18 @@ module Sym
       error_type    = "#{(type || exception.class.name)}"
       error_details = (details || exception.message)
 
+      operation = command ? "to #{command.class.short_name.to_s.humanize.downcase}" : ''
+      reason    = exception.message if exception
+
       if exception && (config && config[:trace] || reason == 'Unknown Error')
-        lines << "#{error_type.red.underlined}: #{error_details.white.on.red}\n"
+        lines << "#{error_type.red.on.white.bold}:\n#{error_details.white.on.red}\n" + ''.normal
         lines << exception.backtrace.join("\n").red.bold if config[:trace]
         lines << "\n"
+      else
+        lines << "| SYM Error #{operation} → |".white.on.red + (reason ? " #{reason} ".bold.black.on.white : " #{error_details}")[0..70] + ' '.normal + "\n"
+        lines << "#{comments}" if comments
       end
 
-      operation = command ? "to #{command.class.short_name.to_s.humanize.downcase}" : ''
-      reason    = exception.message if reason.nil? && exception
-
-      lines << " error #{operation} → ".white.on.red+ " #{reason}".bold.red if reason
-      lines << "#{comments}" if comments
-
       error_report = lines.compact.join("\n") || 'Undefined error'
 
       self.out.puts(error_report) if error_report.present?

data/lib/sym/app/cli.rb

@@ -56,11 +56,21 @@ module Sym
       # brings in #parse(Array[String] args)
       include CLISlop
 
-      attr_accessor :opts, :application, :outputs
+      attr_accessor :opts, :application, :outputs, :stdin, :stdout, :stderr, :kernel
 
-      def initialize(argv)
-        begin
 
+      def initialize(argv, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
+
+        self.stdin  = stdin
+        self.stdout = stdout
+        self.stderr = stderr
+        self.kernel = kernel
+
+        Sym::App.stdin  = stdin
+        Sym::App.stdout = stdout
+        Sym::App.stderr = stderr
+
+        begin
           # Re-map any legacy options to the new options
           self.opts = parse(argv)
           if opts[:sym_args]
@@ -69,7 +79,7 @@ module Sym
           end
 
           # Disable coloring if requested, or if piping STDOUT
-          if opts[:no_color] || !STDOUT.tty?
+          if opts[:no_color] || !self.stdout.tty?
             Colored2.disable! # reparse options without the colors to create new help msg
             self.opts = parse(argv)
           end
@@ -80,7 +90,7 @@ module Sym
           return
         end
 
-        self.application = ::Sym::Application.new(opts)
+        self.application = ::Sym::Application.new(opts, stdin, stdout, stderr, kernel)
       end
 
       def append_sym_args(argv)
@@ -95,6 +105,10 @@ module Sym
         ENV[Sym::Constants::ENV_ARGS_VARIABLE_NAME]
       end
 
+      def execute!
+        execute
+      end
+
       def execute
         return Sym::App.exit_code if Sym::App.exit_code != 0
         result = application.execute
@@ -106,12 +120,15 @@ module Sym
       end
 
       def command
-        @command ||= self.application&.command
+        @command ||= self.application.command if self.application
       end
 
       def output_proc(proc = nil)
-        self.application&.output = proc if proc
-        self.application&.output
+        if self.application
+          self.application.output = proc if proc
+          return self.application.output
+        end
+        nil
       end
 
       def opts_present

data/lib/sym/app/commands/base_command.rb

@@ -50,7 +50,7 @@ module Sym
         extend Forwardable
 
         attr_accessor :application
-        def_delegators :@application, :opts, :opts_original, :key
+        def_delegators :@application, :opts, :opts_slop, :key, :stdin, :stdout, :stderr, :kernel
 
         def initialize(application)
           self.application = application
@@ -61,7 +61,7 @@ module Sym
         end
 
         def content
-          @content ||= (opts[:string] || (opts[:file].eql?('-') ? STDIN.read : ::File.read(opts[:file]).chomp))
+          @content ||= (opts[:string] || (opts[:file].eql?('-') ? stdin.read : ::File.read(opts[:file]).chomp))
         end
 
         def to_s

data/lib/sym/app/commands/generate_key.rb

@@ -23,7 +23,7 @@ module Sym
           add_to_keychain_if_needed(the_key)
           the_key
         rescue Sym::Errors::PasswordsDontMatch, Sym::Errors::PasswordTooShort => e
-          STDERR.puts e.message.bold
+          stderr.puts e.message.bold
           retry if (retries += 1) < 3
         end
       end

data/lib/sym/app/commands/keychain_add_key.rb

@@ -15,6 +15,7 @@ module Sym
           if Sym.default_key? && Sym.default_key == self.key
             raise 'Refusing to import key specified in the default key file ' + Sym.default_key_file.italic
           end
+          raise Sym::Errors::NoPrivateKeyFound.new("Unable to resolve private key from argument '#{opts[:key]}'") if self.key.nil?
           add_to_keychain_if_needed(self.key)
           self.key unless opts[:quiet]
         end

data/lib/sym/app/commands/password_protect_key.rb

@@ -11,6 +11,7 @@ module Sym
 
         def execute
           retries ||= 0
+          raise Sym::Errors::NoPrivateKeyFound.new("Unable to resolve private key from argument '#{opts[:key]}'") if self.key.nil?
 
           the_key = self.key
 
@@ -24,7 +25,7 @@ module Sym
 
           the_key
         rescue Sym::Errors::PasswordsDontMatch, Sym::Errors::PasswordTooShort => e
-          STDERR.puts e.message.bold
+          stderr.puts e.message.bold
           retry if (retries += 1) < 3
         end
 

data/lib/sym/app/commands/print_key.rb

@@ -1,5 +1,6 @@
 require 'sym/app/commands/base_command'
 require 'sym/app/keychain'
+require 'sym/errors'
 module Sym
   module App
     module Commands
@@ -9,6 +10,7 @@ module Sym
         try_after :show_examples, :generate_key, :encrypt, :decrypt, :password_protect_key, :keychain_add_key
 
         def execute
+          raise Sym::Errors::NoPrivateKeyFound.new("Unable to resolve private key from argument '#{opts[:key]}'") if self.key.nil?
           self.key
         end
       end

data/lib/sym/app/commands/show_help.rb

@@ -7,7 +7,7 @@ module Sym
         required_options :help, ->(opts) { opts.keys.all? { |k| !opts[k] } }
 
         def execute
-          opts_original.to_s(prefix: ' ' * 2)
+          opts_slop.to_s(prefix: ' ' * 2)
         end
       end
     end

data/lib/sym/app/input/handler.rb

@@ -4,22 +4,31 @@ module Sym
   module App
     module Input
       class Handler
+        attr_accessor :stdin, :stdout, :stderr, :kernel
+
+        def initialize(stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
+          self.stdin  = stdin
+          self.stdout = stdout
+          self.stderr = stderr
+          self.kernel = kernel
+        end
 
         def ask
           retries ||= 0
           prompt('Password: ', :green)
         rescue ::OpenSSL::Cipher::CipherError
-          STDERR.puts 'Invalid password. Please try again.'
+          stderr.puts 'Invalid password. Please try again.'
           retry if (retries += 1) < 3
           nil
         end
 
         def puts(*args)
-          STDERR.puts args
+          stderr.puts args
         end
 
         def prompt(message, color)
-          HighLine.new(STDIN, STDERR).ask(message.bold) { |q| q.echo = '•'.send(color) }
+          raise Sym::Errors::CantReadPasswordNoTTY.new('key requires a password, however STDIN is not a TTY') unless stdin.tty?
+          HighLine.new(stdin, stderr).ask(message.bold) { |q| q.echo = '•'.send(color) }
         end
 
         def new_password

data/lib/sym/app/output/base.rb

@@ -4,10 +4,14 @@ module Sym
     module Output
       class Base
 
-        attr_accessor :opts
-
-        def initialize(opts)
-          self.opts = opts
+        attr_accessor :opts, :stdin, :stdout, :stderr, :kernel
+
+        def initialize(opts, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
+          self.opts   = opts
+          self.stdin  = stdin
+          self.stdout = stdout
+          self.stderr = stderr
+          self.kernel = kernel
         end
 
         @outputs = []

data/lib/sym/app/output/stdout.rb

@@ -6,8 +6,8 @@ module Sym
         required_option nil
         def output_proc
           ->(argument) do
-            printf '%s', argument
-            printf "\n" if STDOUT.tty?
+            self.stdout.printf '%s', argument
+            self.stdout.printf "\n" if self.stdout.tty?
           end
         end
       end

data/lib/sym/app/password/providers/memcached_provider.rb

@@ -1,6 +1,5 @@
 require 'forwardable'
 require 'dalli'
-require 'sym/app/password/cache'
 
 module Sym
   module App

data/lib/sym/application.rb

@@ -5,12 +5,21 @@ require 'openssl'
 require 'json'
 
 module Sym
+  # Main Application controller class for Sym.
+  #
+  # Accepts a hash with CLI options set (as symbols), for example
+  #
+  # Example
+  # =======
+  #
+  #     app = Sym::Application.new( encrypt: true, file: '/tmp/secrets.yml', output: '/tmp/secrets.yml.enc')
+  #     result = app.execute
+  #
+  #
   class Application
 
     attr_accessor :opts,
-                  :opts_original,
-                  :opts,
-                  :provided_options,
+                  :opts_slop,
                   :args,
                   :action,
                   :key,
@@ -19,11 +28,18 @@ module Sym
                   :key_handler,
                   :output,
                   :result,
-                  :password_cache
+                  :password_cache,
+                  :stdin, :stdout, :stderr, :kernel
 
-    def initialize(opts)
-      self.opts_original = opts
-      self.opts          = opts.is_a?(Hash) ? opts : opts.to_hash
+    def initialize(opts, stdin = STDIN, stdout = STDOUT, stderr = STDERR, kernel = nil)
+
+      self.stdin  = stdin
+      self.stdout = stdout
+      self.stderr = stderr
+      self.kernel = kernel
+
+      self.opts_slop = opts.clone
+      self.opts      = opts.is_a?(Hash) ? opts : opts.to_hash
 
       process_negated_option(opts[:negate]) if opts[:negate]
 
@@ -36,32 +52,11 @@ module Sym
       initialize_input_handler
     end
 
-    def execute!
-      initialize_key_source
-      unless command
-        raise Sym::Errors::InsufficientOptionsError,
-              " Can not determine what to do
-        from the options: \ n " +
-                " #{self.provided_options.inspect.green.bold}\n" +
-                "and flags #{self.provided_flags.to_s.green.bold}"
-      end
-      log :info, "command located is #{command.class.name.blue.bold}"
-      self.result = command.execute.tap do |result|
-        log :info, "result is  #{result.nil? ? 'nil' : result[0..10].to_s.blue.bold }..." if opts[:trace]
-      end
-    end
-
-    def process_output(result)
-      unless result.is_a?(Hash)
-        self.output.call(result)
-        result
-      else
-        result
-      end
-    end
-
+    # Main action method — it looksup the command, and executes it, translating
+    # various exception conditions into meaningful error messages.
     def execute
       process_output(execute!)
+
     rescue ::OpenSSL::Cipher::CipherError => e
       { reason:    'Invalid key provided',
         exception: e }
@@ -88,42 +83,65 @@ module Sym
       @command
     end
 
-    def log(*args)
-      Sym::App.log(*args, **opts)
+    def provided_flags
+      provided_flags = provided_options
+      provided_flags.delete_if { |k, v| ![false, true].include?(v) }
+      provided_flags.keys
     end
 
-    def editor
-      editors_to_try.find { |editor| File.exist?(editor) }
+    def provided_value_options
+      provided = provided_options(safe: true)
+      provided.delete_if { |k, v| [false, true].include?(v) }
+      provided
     end
 
-    def provided_options
+    def provided_options(**opts)
       provided_opts = self.opts.clone
       provided_opts.delete_if { |k, v| !v }
-      provided_opts
+      if opts[:safe]
+        provided_options.map do |k, v|
+          k == :key && [44, 45].include?(v.size) ?
+            [k, '[reducted]'] :
+            [k, v]
+        end.to_h
+      else
+        provided_opts
+      end
     end
 
-    def provided_safe_options
-      provided_options.map do |k, v|
-        k == :key && [44, 45].include?(v.size) ?
-          [k, '[reducted]'] :
-          [k, v]
-      end.to_h
+    def editor
+      editors_to_try.find { |editor| File.exist?(editor) }
     end
 
-    def provided_flags
-      provided_flags = provided_options
-      provided_flags.delete_if { |k, v| ![false, true].include?(v) }
-      provided_flags.keys
+    def process_output(result)
+      unless result.is_a?(Hash)
+        self.output.call(result)
+        result
+      else
+        result
+      end
     end
 
-    def provided_value_options
-      provided = provided_safe_options
-      provided.delete_if { |k, v| [false, true].include?(v) }
-      provided
-    end
+    private
 
+    def execute!
+      initialize_key_source
+      unless command
+        raise Sym::Errors::InsufficientOptionsError,
+              " Can not determine what to do
+        from the options: \ n " +
+                " #{self.provided_options.inspect.green.bold}\n" +
+                "and flags #{self.provided_flags.to_s.green.bold}"
+      end
+      log :info, "command located is #{command.class.name.blue.bold}"
+      self.result = command.execute.tap do |result|
+        log :info, "result is  #{result.nil? ? 'nil' : result[0..10].to_s.blue.bold }..." if opts[:trace]
+      end
+    end
 
-    private
+    def log(*args)
+      Sym::App.log(*args, **opts)
+    end
 
     def editors_to_try
       [
@@ -145,10 +163,10 @@ module Sym
       unless output_klass && output_klass.is_a?(Class)
         raise "Can not determine output type from arguments #{provided_options}"
       end
-      self.output = output_klass.new(opts).output_proc
+      self.output = output_klass.new(opts, stdin, stdout, stderr, kernel).output_proc
     end
 
-    def initialize_input_handler(handler = ::Sym::App::Input::Handler.new)
+    def initialize_input_handler(handler = ::Sym::App::Input::Handler.new(stdin, stdout, stderr, kernel))
       self.input_handler = handler
     end
 
@@ -191,7 +209,7 @@ module Sym
     # If we are encrypting or decrypting, and no data has been provided, check if we
     # should read from STDIN
     def initialize_data_source
-      if self.action && opts[:string].nil? && opts[:file].nil? && !(STDIN.tty?)
+      if self.action && opts[:string].nil? && opts[:file].nil? && !(self.stdin.tty?)
         opts[:file] = '-'
       end
     end
@@ -201,10 +219,9 @@ module Sym
     # In any case, attempt to initialize the key one way or another.
     def initialize_key_source
       detect_key_source
-
       if args.require_key? && !self.key
         log :error, 'Unable to determine the key, which appears to be required with current args'
-        raise Sym::Errors::NoPrivateKeyFound, 'Private key is required when ' + provided_flags.join(', ') << 'ing.'
+        raise Sym::Errors::NoPrivateKeyFound, 'Private key is required when ' + (self.action ? self.action.to_s + 'ypting' : provided_flags.join(', '))
       end
       log :debug, "initialize_key_source: detected key ends with [...#{(key ? key[-5..-1] : 'nil').bold.magenta}]"
       log :debug, "opts: #{self.provided_value_options.to_s.green.bold}"

data/lib/sym/errors.rb

@@ -11,6 +11,7 @@ module Sym
     class NoPasswordProvided < Sym::Errors::PasswordError; end
     class PasswordsDontMatch < Sym::Errors::PasswordError; end
     class PasswordTooShort < Sym::Errors::PasswordError; end
+    class CantReadPasswordNoTTY < Sym::Errors::PasswordError; end
 
     class EditorExitedAbnormally < Sym::Errors::Error; end
 

data/lib/sym/version.rb

@@ -1,5 +1,5 @@
 module Sym
-  VERSION     = '2.6.2'
+  VERSION     = '2.6.3'
   DESCRIPTION = <<-eof
 Sym is a ruby library (gem) that offers both the command line interface (CLI) and a set of rich Ruby APIs, which make it rather trivial to add encryption and decryption of sensitive data to your development or deployment flow. As a layer of additional security, you can encrypt the private key itself with a password.  Unlike many other existing encryption tools, Sym focuses on getting out of the way — by offering its streamlined interface, hoping to make encryption of application secrets nearly completely transparent to the developers.  For the data encryption Sym uses a symmetric 256-bit key with the AES-256-CBC cipher, same cipher as used by the US Government. For password-protecting the key Sym uses AES-128-CBC cipher. The resulting data is zlib-compressed and base64-encoded. The keys are also base64 encoded for easy copying/pasting/etc.
   

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sym
 version: !ruby/object:Gem::Version
-  version: 2.6.2
+  version: 2.6.3
 platform: ruby
 authors:
 - Konstantin Gredeskoul
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2017-03-12 00:00:00.000000000 Z
+date: 2017-03-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colored2