zonesync 0.12.1 → 0.13.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c395a08b3c2cc504eecef12cf44298872295adf778a7087128fb009b8709cfd1
-  data.tar.gz: 38f349d9182226d849c1a4a4688328aaa96d64dbda182803aeedffefea7d99e3
+  metadata.gz: d52bed9a567bd04886887c0846ca81a74086ca75e56636ccfd90ec16ca0a113f
+  data.tar.gz: 7561f624f4360a4977a59941483f917832ab126f48843915216af9a51d0904c6
 SHA512:
-  metadata.gz: 89364406f0bddc66568e3e908424699d3cc6daeb8a0b51ab7da94338369ae3a3f6be302f3c7439e23c0e771e41d5ebe0155c8cef71ad4dfa16184d2d516554d6
-  data.tar.gz: 282091580a65383b954a6b2da783e591d9f4f289e811ee4bc57dd9b61b004c3d3fdfa06f2f000971611b0924059573fd0000d2cf29e96d716fb2fee747f5c434
+  metadata.gz: 9b187df8cf8cce75a84187704c069e12b9d10d3e830f42065f26ab0d223d85ca79889c9b9f6b6d0edebd486fba38184ce5ad7047aa26759d39b6715ca9f1f785
+  data.tar.gz: 021437d1e18832be6dbc131a60a47c7672d5018d01588a3f6de00cff2571948ca265a3f40b8a4185f6362c054d5f35471b876fabee3bb7da9dc2623c351db7b5

data/CLAUDE.md

@@ -21,10 +21,6 @@ Zonesync is a Ruby gem that synchronizes DNS zone files with DNS providers (Clou
 - `bundle exec zonesync --force` - Force sync ignoring checksum mismatches
 - `bundle exec zonesync generate` - Generate Zonefile from DNS provider
 
-### Type Checking (Sorbet)
-- `bundle exec srb tc` - Run Sorbet type checker
-- `bundle exec tapioca gem` - Generate RBI files for gems
-
 ## Architecture
 
 ### Core Components
@@ -73,14 +69,6 @@ Credentials stored in Rails-style encrypted configuration:
 - **Unit specs** test individual classes and methods
 - All tests should pass before committing changes
 
-## Type Safety
-
-Uses **Sorbet** for gradual typing:
-- All files have `# typed: strict` or similar headers
-- Method signatures use `sig { ... }` blocks
-- `extend T::Sig` enables signature checking
-- RBI files in `sorbet/rbi/` define external gem types
-
 ## Error Handling
 
 Custom exceptions in `lib/zonesync/errors.rb`:

data/lib/zonesync/cli.rb

@@ -1,19 +1,15 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 require "thor"
 
 module Zonesync
   class CLI < Thor
-    extend T::Sig
-
     default_command :sync
     desc "sync --source=Zonefile --destination=zonesync", "syncs the contents of the Zonefile to the DNS server configured in Rails.application.credentials.zonesync"
     option :source, default: "Zonefile", desc: "path to the zonefile"
     option :destination, default: "zonesync", desc: "key to the DNS server configuration in Rails.application.credentials"
     method_option :dry_run, type: :boolean, default: false, aliases: :n, desc: "log operations to STDOUT but don't perform the sync"
     method_option :force, type: :boolean, default: false, desc: "ignore checksum mismatches and force the sync"
-    sig { void }
     def sync
       kwargs = options.to_hash.transform_keys(&:to_sym)
       Zonesync.call(**kwargs)
@@ -25,13 +21,11 @@ module Zonesync
     desc "generate --source=zonesync --destination=Zonefile", "generates a Zonefile from the DNS server configured in Rails.application.credentials.zonesync"
     option :source, default: "zonesync", desc: "key to the DNS server configuration in Rails.application.credentials"
     option :destination, default: "Zonefile", desc: "path to the zonefile"
-    sig { void }
     def generate
       kwargs = options.to_hash.transform_keys(&:to_sym)
       Zonesync.generate(**kwargs)
     end
 
-    sig { returns(TrueClass) }
     def self.exit_on_failure? = true
   end
 end

data/lib/zonesync/cloudflare/proxied_support.rb

@@ -0,0 +1,61 @@
+# frozen_string_literal: true
+
+module Zonesync
+  class Cloudflare < Provider
+    # Module that adds proxied support to individual Record instances.
+    # When extended onto a record, it parses cf_tags=cf-proxied:true/false
+    # from the comment and provides a proxied accessor.
+    #
+    # Semantics:
+    # - cf_tags=cf-proxied:true  → explicitly enable Cloudflare proxy
+    # - cf_tags=cf-proxied:false → explicitly disable Cloudflare proxy
+    # - No cf_tags               → don't touch proxied (use Cloudflare default)
+    module ProxiedSupport
+      CF_TAGS_PATTERN = /\bcf_tags=cf-proxied:(true|false)\b/
+
+      def self.extended(record)
+        record.instance_variable_set :@original_comment, record[:comment]
+      end
+
+      def proxied
+        @original_comment&.match(CF_TAGS_PATTERN) { |m| m[1] == "true" }
+      end
+
+      def comment
+        return @original_comment unless @original_comment&.match?(CF_TAGS_PATTERN)
+        cleaned = @original_comment.sub(/\s*#{CF_TAGS_PATTERN}\s*/, " ").strip
+        cleaned.empty? ? nil : cleaned
+      end
+
+      def to_h
+        super.merge(comment: comment, proxied: proxied)
+      end
+
+      def ==(other)
+        other_proxied = other.respond_to?(:proxied) ? other.proxied : nil
+        name == other.name &&
+          type == other.type &&
+          ttl == other.ttl &&
+          rdata == other.rdata &&
+          comment == other.comment &&
+          proxied == other_proxied
+      end
+      alias eql? ==
+
+      def hash
+        [name, type, ttl, rdata, comment, proxied].hash
+      end
+
+      def to_s
+        string = [name, ttl, type, rdata].join(" ")
+
+        comment_parts = []
+        comment_parts << "cf_tags=cf-proxied:true" if proxied == true
+        comment_parts << comment if comment
+
+        string << " ; #{comment_parts.join(' ')}" if comment_parts.any?
+        string
+      end
+    end
+  end
+end

data/lib/zonesync/cloudflare.rb

@@ -1,31 +1,42 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 require "zonesync/record"
 require "zonesync/http"
+require "zonesync/cloudflare/proxied_support"
 
 module Zonesync
   class Cloudflare < Provider
-    sig { returns(String) }
     def read
-      records = [fake_soa] + all.keys
+      records = [fake_soa.extend(ProxiedSupport)] + all.keys
       records.map(&:to_s).join("\n") + "\n"
     end
 
-    sig { params(record: Record).void }
-    def remove record
-      id = all.fetch(record)
+    def diff(other)
+      source_records = other.diffable_records.map { |r| r.extend(ProxiedSupport) }
+      Diff.new(
+        from: diffable_records,
+        to: source_records,
+      )
+    end
+
+    def remove(record)
+      id = find_record_id(record)
       http.delete("/#{id}")
     end
 
-    sig { params(old_record: Record, new_record: Record).void }
-    def change old_record, new_record
-      id = all.fetch(old_record)
+    def change(old_record, new_record)
+      id = find_record_id(old_record)
       http.patch("/#{id}", to_hash(new_record))
     end
 
-    sig { params(record: Record).void }
-    def add record
+    def find_record_id(record)
+      all.each do |existing, id|
+        return id if existing.identical_to?(record)
+      end
+      raise KeyError, "record not found: #{record.inspect}"
+    end
+
+    def add(record)
       add_with_duplicate_handling(record) do
         begin
           http.post("", to_hash(record))
@@ -41,67 +52,71 @@ module Zonesync
       end
     end
 
-    sig { returns(T::Hash[Record, String]) }
     def all
       response = http.get("")
       response["result"].reduce({}) do |map, attrs|
-        map.merge to_record(attrs) => attrs["id"]
+        map.merge(to_record(attrs) => attrs["id"])
       end
     end
 
     private
 
-    sig { params(record: Record).returns(T::Hash[String, String]) }
-    def to_hash record
+    def to_hash(record)
       hash = record.to_h
       content = hash.delete(:rdata)
+      proxied = hash.delete(:proxied)
 
       if record.type == "MX"
         # For MX records, split "priority hostname" into separate fields
-        priority, hostname = T.must(content).split(" ", 2)
+        priority, hostname = content.split(" ", 2)
         hash[:priority] = priority.to_i
         hash[:content] = hostname.sub(/\.$/, "") # remove trailing dot
       else
         hash[:content] = content
       end
 
+      hash[:proxied] = proxied if proxied != nil
       hash[:comment] = hash.delete(:comment) # maintain original order
       hash
     end
 
-    sig { params(attrs: T::Hash[String, String]).returns(Record) }
-    def to_record attrs
+    def to_record(attrs)
       rdata = attrs["content"]
       if %w[CNAME MX].include?(attrs["type"])
-        rdata = normalize_trailing_period(T.must(rdata))
+        rdata = normalize_trailing_period(rdata)
       end
       if attrs["type"] == "MX"
         rdata = "#{attrs["priority"]} #{rdata}"
       end
       if %w[TXT SPF NAPTR].include?(attrs["type"])
-        rdata = normalize_quoting(T.must(rdata))
+        rdata = normalize_quoting(rdata)
       end
-      Record.new(
-        name: normalize_trailing_period(T.must(attrs["name"])),
+
+      record = Record.new(
+        name: normalize_trailing_period(attrs["name"]),
         type: attrs["type"],
         ttl: attrs["ttl"].to_i,
-        rdata:,
-        comment: attrs["comment"],
+        rdata: rdata,
+        comment: comment_with_proxied(attrs["comment"], attrs["proxied"]),
       )
+      record.extend(ProxiedSupport)
     end
 
-    sig { params(value: String).returns(String) }
-    def normalize_trailing_period value
+    def comment_with_proxied(comment, proxied)
+      return comment if proxied.nil?
+      cf_tag = "cf_tags=cf-proxied:#{proxied}"
+      [comment, cf_tag].compact.join(" ")
+    end
+
+    def normalize_trailing_period(value)
       value =~ /\.$/ ? value : value + "."
     end
 
-    sig { params(value: String).returns(String) }
-    def normalize_quoting value
+    def normalize_quoting(value)
       value = value =~ /^".+"$/ ? value : %("#{value}") # handle quote wrapping
       value.gsub('" "', "") # handle multiple txt record joining
     end
 
-    sig { returns(Zonesync::Record) }
     def fake_soa
       zone_name = http.get("/..")["result"]["name"]
       Record.new(
@@ -113,11 +128,10 @@ module Zonesync
       )
     end
 
-    sig { returns(HTTP) }
     def http
       return @http if @http
-      @http = T.let(HTTP.new("https://api.cloudflare.com/client/v4/zones/#{config.fetch(:zone_id)}/dns_records"), T.nilable(Zonesync::HTTP))
-      T.must(@http).before_request do |request|
+      @http = HTTP.new("https://api.cloudflare.com/client/v4/zones/#{config.fetch(:zone_id)}/dns_records")
+      @http.before_request do |request|
         request["Content-Type"] = "application/json"
         if config[:token]
           request["Authorization"] = "Bearer #{config[:token]}"
@@ -126,8 +140,7 @@ module Zonesync
           request["X-Auth-Key"] = config.fetch(:key)
         end
       end
-      T.must(@http)
+      @http
     end
   end
 end
-

data/lib/zonesync/diff.rb

@@ -1,18 +1,11 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 module Zonesync
-  Operation = T.type_alias { [Symbol, T::Array[Record]] }
-
   Diff = Struct.new(:from, :to) do
-    extend T::Sig
-
-    sig { params(from: T::Array[Record], to: T::Array[Record]).returns(T.untyped) }
     def self.call(from:, to:)
       new(from, to).call
     end
 
-    sig { returns(T::Array[[Symbol, T::Array[Record]]]) }
     def call
       # Group records by their primary key (name + type)
       from_by_key = from.group_by { |r| [r.name, r.type] }
@@ -58,4 +51,3 @@ module Zonesync
     end
   end
 end
-

data/lib/zonesync/errors.rb

@@ -1,44 +1,33 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
+
 require "zonesync/record_hash"
 
 module Zonesync
   class ValidationError < StandardError
-    extend T::Sig
-
-    sig { void }
     def initialize
-      @errors = T.let([], T::Array[StandardError])
+      @errors = []
     end
 
-    sig { params(error: StandardError).void }
     def add(error)
       @errors << error
     end
 
-    sig { returns(T::Boolean) }
     def any?
       @errors.any?
     end
 
-    sig { returns(String) }
     def message
       @errors.map(&:message).join("\n\n#{'-' * 60}\n\n")
     end
 
-    sig { returns(T::Array[StandardError]) }
     attr_reader :errors
   end
 
   class ConflictError < StandardError
-    extend T::Sig
-
-    sig { params(conflicts: T::Array[[T.nilable(Record), Record]]).void }
     def initialize(conflicts)
       @conflicts = conflicts
     end
 
-    sig { returns(String) }
     def message
       conflicts_text = @conflicts.sort_by { |_existing, new_rec| new_rec.name }.map do |existing_rec, new_rec|
         "  existing: #{existing_rec}\n  new:      #{new_rec}"
@@ -56,14 +45,10 @@ module Zonesync
   end
 
   class MissingManifestError < StandardError
-    extend T::Sig
-
-    sig { params(manifest: Record).void }
-    def initialize manifest
+    def initialize(manifest)
       @manifest = manifest
     end
 
-    sig { returns(String) }
     def message
       <<~MSG
         The zonesync_manifest TXT record is missing. If this is the very first sync, make sure the Zonefile matches what's on the DNS server exactly. Otherwise, someone else may have removed it.
@@ -73,17 +58,6 @@ module Zonesync
   end
 
   class ChecksumMismatchError < StandardError
-    extend T::Sig
-
-    sig {
-      params(
-        existing: T.nilable(Record),
-        new: T.nilable(Record),
-        expected_record: T.nilable(Record),
-        actual_record: T.nilable(Record),
-        missing_hash: T.nilable(String)
-      ).void
-    }
     def initialize(existing = nil, new = nil, expected_record: nil, actual_record: nil, missing_hash: nil)
       @existing = existing
       @new = new
@@ -92,7 +66,6 @@ module Zonesync
       @missing_hash = missing_hash
     end
 
-    sig { returns(String) }
     def message
       # V2 manifest integrity violation
       if @missing_hash
@@ -109,7 +82,6 @@ module Zonesync
 
     private
 
-    sig { returns(String) }
     def generate_v2_message
       if @expected_record && @actual_record
         # Record was modified
@@ -143,23 +115,17 @@ module Zonesync
   end
 
   class DuplicateRecordError < StandardError
-    extend T::Sig
-
-    sig { params(record: Record, provider_message: T.nilable(String)).void }
-    def initialize record, provider_message = nil
+    def initialize(record, provider_message = nil)
       @record = record
       @provider_message = provider_message
     end
 
-    sig { returns(String) }
     def message
       msg = "Record already exists: #{@record.name} #{@record.type}"
       msg += " (#{@provider_message})" if @provider_message
       msg
     end
 
-    sig { returns(Record) }
     attr_reader :record
   end
 end
-

data/lib/zonesync/generate.rb

@@ -1,11 +1,7 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 module Zonesync
   Generate = Struct.new(:source, :destination) do
-    extend T::Sig
-
-    sig { void }
     def call
       destination.write(source.read)
       nil

data/lib/zonesync/http.rb

@@ -1,52 +1,41 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 require "net/http"
 require "json"
 
 module Zonesync
   HTTP = Struct.new(:base) do
-    extend T::Sig
-
-    sig { params(base: String).void }
     def initialize(base)
       super
-      @before_request = T.let([], T::Array[T.untyped])
-      @after_response = T.let([], T::Array[T.untyped])
+      @before_request = []
+      @after_response = []
     end
 
-    sig { params(path: String).returns(T.untyped) }
-    def get path
+    def get(path)
       request("get", path)
     end
 
-    sig { params(path: String, body: T.untyped).returns(T.untyped) }
-    def post path, body
+    def post(path, body)
       request("post", path, body)
     end
 
-    sig { params(path: String, body: T.untyped).returns(T.untyped) }
-    def patch path, body
+    def patch(path, body)
       request("patch", path, body)
     end
 
-    sig { params(path: String).returns(T.untyped) }
-    def delete path
+    def delete(path)
       request("delete", path)
     end
 
-    sig { params(block: T.proc.params(arg0: T.untyped, arg1: T.untyped, arg2: T.untyped).void).void }
-    def before_request &block
+    def before_request(&block)
       @before_request << block
     end
 
-    sig { params(block: T.proc.params(arg0: T.untyped).void).void }
-    def after_response &block
+    def after_response(&block)
       @after_response << block
     end
 
-    sig { params(method: String, path: String, body: T.untyped).returns(T.untyped) }
-    def request method, path, body=nil
+    def request(method, path, body = nil)
       uri = URI.parse("#{base}#{path}")
       request = Net::HTTP.const_get(method.to_s.capitalize).new(uri.path)
 

data/lib/zonesync/logger.rb

@@ -1,15 +1,11 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 require "logger"
 require "fileutils"
 
 module Zonesync
   class Logger
-    extend T::Sig
-
-    sig { params(method: Symbol, records: T::Array[Record], dry_run: T::Boolean).void }
-    def self.log method, records, dry_run: false
+    def self.log(method, records, dry_run: false)
       loggers = [::Logger.new(STDOUT)]
 
       if !dry_run
@@ -26,4 +22,3 @@ module Zonesync
     end
   end
 end
-

data/lib/zonesync/manifest.rb

@@ -1,5 +1,4 @@
-# typed: strict
-require "sorbet-runtime"
+# frozen_string_literal: true
 
 require "zonesync/record"
 require "zonesync/record_hash"
@@ -7,31 +6,24 @@ require "digest"
 
 module Zonesync
   Manifest = Struct.new(:records, :zone) do
-    extend T::Sig
-    DIFFABLE_RECORD_TYPES =
-      T.let(%w[A AAAA CNAME MX TXT SPF NAPTR PTR].sort, T::Array[String])
+    DIFFABLE_RECORD_TYPES = %w[A AAAA CNAME MX TXT SPF NAPTR PTR].sort
 
-    sig { returns(T.nilable(Zonesync::Record)) }
     def existing
       records.find(&:manifest?)
     end
 
-    sig { returns(T::Boolean) }
     def existing?
       !!existing
     end
 
-    sig { returns(Zonesync::Record) }
     def generate
       generate_v2
     end
 
-    sig { returns(T.nilable(Zonesync::Record)) }
     def existing_checksum
       records.find(&:checksum?)
     end
 
-    sig { returns(Zonesync::Record) }
     def generate_checksum
       input_string = diffable_records.map(&:to_s).join
       sha256 = Digest::SHA256.hexdigest(input_string)
@@ -44,7 +36,6 @@ module Zonesync
       )
     end
 
-    sig { returns(Zonesync::Record) }
     def generate_v2
       hashes = diffable_records.map { |record| RecordHash.generate(record) }
       Record.new(
@@ -56,8 +47,7 @@ module Zonesync
       )
     end
 
-    sig { params(record: Zonesync::Record).returns(T::Boolean) }
-    def diffable? record
+    def diffable?(record)
       if existing?
         matches?(record)
       else
@@ -65,24 +55,21 @@ module Zonesync
       end
     end
 
-    sig { returns(T::Boolean) }
     def v1_format?
       return false unless existing?
-      manifest_data = T.must(existing).rdata[1..-2]
+      manifest_data = existing.rdata[1..-2]
       # V1 format uses "TYPE:" syntax, v2 uses comma-separated hashes
       manifest_data.include?(":") || manifest_data.include?(";")
     end
 
-    sig { returns(T::Boolean) }
     def v2_format?
       return false unless existing?
       !v1_format?
     end
 
-    sig { params(record: Zonesync::Record).returns(T::Boolean) }
-    def matches? record
+    def matches?(record)
       return false unless existing?
-      manifest_data = T.must(existing).rdata[1..-2] # remove quotes
+      manifest_data = existing.rdata[1..-2] # remove quotes
 
       # Check if this is v2 format (comma-separated hashes) or v1 format (type:names)
       if manifest_data.include?(";")
@@ -104,8 +91,7 @@ module Zonesync
       end
     end
 
-    sig { params(record: Zonesync::Record, with_type: T::Boolean).returns(String) }
-    def shorthand_for record, with_type: false
+    def shorthand_for(record, with_type: false)
       shorthand = record.short_name(zone.origin)
       shorthand = "#{record.type}:#{shorthand}" if with_type
       if record.type == "MX"
@@ -116,21 +102,18 @@ module Zonesync
 
     private
 
-    sig { returns(String) }
     def generate_rdata
       generate_manifest.map do |type, short_names|
         "#{type}:#{short_names.join(",")}"
       end.join(";").inspect
     end
 
-    sig { returns(T::Array[Zonesync::Record]) }
     def diffable_records
       records.select do |record|
         diffable?(record)
       end.sort
     end
 
-    sig { returns(T::Hash[String, T::Array[String]]) }
     def generate_manifest
       hash = diffable_records.reduce({}) do |hash, record|
         hash[record.type] ||= []