zxcvbn-ruby 1.2.2 → 1.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7132f3b910a1849c47f1edcb52d2dd2f6f3954472ad912bd20520c942fbc0bda
-  data.tar.gz: 45c893886c18c81fcb03627b7dd341eecab816a5fab4e7a9efb9ab5ca0ff9375
+  metadata.gz: 52ddbaaabcb2929e59d34d91104bce81b86f223428001218872294363d79f2ac
+  data.tar.gz: 5c488ab8d0dfbd6c46b2b5b05f3b878355e09babe09304c3653c9e45dcf64d02
 SHA512:
-  metadata.gz: 259633b2081be2ddd35ae1dfbcf17cf44e50f099e2bff7accbe15ffc6f1faa92217517a6ffdb060540276170f1a12d4cb8fab3ef256ee152efc525b6a902d3c2
-  data.tar.gz: 73e728a75b41c46e87074a95a7a8b1849eb6fcb50899e3b3bee6900d77ca0ecacd85f7d2ed539a180420423f0a6d705dc9da377bce107db5e21cb7f661682230
+  metadata.gz: 6ac904b4f3e4219981def358d1f7aa69870e9e33605c3696123e95f936d4880b39d2b5e1d5f323fd89ebc7b2ff43eaa93f22c598ac40ea20bdd768072a082162
+  data.tar.gz: f32d688a3ee53867c1f47f0e52527d3da4397e26c93854305ee5cbcf224e9dad104f087ab80174848b3765dd41a086a6fd33a4ab72a1b72d8ea05209aa88b289

data/CHANGELOG.md

@@ -6,14 +6,34 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-[Unreleased]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.2...HEAD
+[Unreleased]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.4...HEAD
+
+## [1.2.4] - 2025-12-07
+
+### Changed
+ - Address security issues found by RuboCop ([#57])
+
+[1.2.4]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.3...v1.2.4
+[#57]: https://github.com/envato/zxcvbn-ruby/pull/57
+
+## [1.2.3] - 2025-12-07
+
+### Changed
+ - Address linting issues found by RuboCop ([#52])
+ - Address style issues found by RuboCop ([#53], [#54], [#55])
+
+[1.2.3]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.2...v1.2.3
+[#52]: https://github.com/envato/zxcvbn-ruby/pull/52
+[#53]: https://github.com/envato/zxcvbn-ruby/pull/53
+[#54]: https://github.com/envato/zxcvbn-ruby/pull/54
+[#55]: https://github.com/envato/zxcvbn-ruby/pull/55
 
 ## [1.2.2] - 2025-12-06
 
 ### Changed
  - Address layout and frozen string literal issues ([#49])
 
-[1.2.2]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.1...v.1.2.2
+[1.2.2]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.1...v1.2.2
 [#49]: https://github.com/envato/zxcvbn-ruby/pull/49
 
 ## [1.2.1] - 2025-12-05
@@ -22,7 +42,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Removed the dependency on the Ruby `benchmark` module ([#44]).
 - Tests are no longer included in the gem package ([#45]).
 
-[1.2.1]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.0...v.1.2.1
+[1.2.1]: https://github.com/envato/zxcvbn-ruby/compare/v1.2.0...v1.2.1
 [#44]: https://github.com/envato/zxcvbn-ruby/pull/44
 [#45]: https://github.com/envato/zxcvbn-ruby/pull/45
 
@@ -35,7 +55,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
  - Use [mini\_racer] for running JavaScript specs (thanks [@RSO] ([#33]))
  - Moved CI to GitHub Actions ([#34])
 
-[1.2.0]: https://github.com/envato/zxcvbn-ruby/compare/v1.1.0...v.1.2.0
+[1.2.0]: https://github.com/envato/zxcvbn-ruby/compare/v1.1.0...v1.2.0
 [@rso]: https://github.com/RSO
 [mini\_racer]: https://rubygems.org/gems/mini_racer/
 [#32]: https://github.com/envato/zxcvbn-ruby/pull/32

data/README.md

@@ -126,11 +126,6 @@ attacker. For this reason we advise you not to store the results of
  - [GitHub project](https://github.com/envato/zxcvbn-ruby)
  - Bug reports and feature requests are welcome via [GitHub Issues](https://github.com/envato/zxcvbn-ruby/issues)
 
-## Maintainers
-
- - [Pete Johns](https://github.com/johnsyweb)
- - [Steve Hodgkiss](https://github.com/stevehodgkiss)
-
 ## Authors
 
  - [Steve Hodgkiss](https://github.com/stevehodgkiss)
@@ -162,18 +157,14 @@ For larger new features: Do everything as above, but first also make contact wit
 
 ## About [![code with heart by Envato](https://img.shields.io/badge/%3C%2F%3E%20with%20%E2%99%A5%20by-Envato-ff69b4.svg?style=flat-square)](https://github.com/envato/zxcvbn-ruby)
 
-This project is maintained by the [Envato engineering team][webuild] and funded by [Envato][envato].
-
-[<img src="http://opensource.envato.com/images/envato-oss-readme-logo.png" alt="Envato logo">][envato]
+This project is maintained by the Envato engineering team and funded by [Envato][envato].
 
 Encouraging the use and creation of open source software is one of the ways we
-serve our community. See [our other projects][oss] or [come work with us][careers]
+serve our community. Perhaps [come work with us][careers]
 where you'll find an incredibly diverse, intelligent and capable group of people
 who help make our company succeed and make our workplace fun, friendly and
 happy.
 
  [careers]: https://envato.com/careers/?utm_source=github
  [envato]: https://envato.com?utm_source=github
- [oss]: https://opensource.envato.com/?utm_source=github
- [webuild]: https://webuild.envato.com?utm_source=github
  [zxcvbn.js]: https://github.com/dropbox/zxcvbn

data/lib/zxcvbn/crack_time.rb

@@ -12,14 +12,13 @@ module Zxcvbn
     end
 
     def crack_time_to_score(seconds)
-      case
-      when seconds < 10**2
+      if seconds < 10**2
         0
-      when seconds < 10**4
+      elsif seconds < 10**4
         1
-      when seconds < 10**6
+      elsif seconds < 10**6
         2
-      when seconds < 10**8
+      elsif seconds < 10**8
         3
       else
         4
@@ -34,18 +33,17 @@ module Zxcvbn
       year    = month * 12
       century = year * 100
 
-      case
-      when seconds < minute
+      if seconds < minute
         'instant'
-      when seconds < hour
+      elsif seconds < hour
         "#{1 + (seconds / minute).ceil} minutes"
-      when seconds < day
+      elsif seconds < day
         "#{1 + (seconds / hour).ceil} hours"
-      when seconds < month
+      elsif seconds < month
         "#{1 + (seconds / day).ceil} days"
-      when seconds < year
+      elsif seconds < year
         "#{1 + (seconds / month).ceil} months"
-      when seconds < century
+      elsif seconds < century
         "#{1 + (seconds / year).ceil} years"
       else
         'centuries'

data/lib/zxcvbn/data.rb

@@ -7,13 +7,13 @@ module Zxcvbn
   class Data
     def initialize
       @ranked_dictionaries = DictionaryRanker.rank_dictionaries(
-        "english" => read_word_list("english.txt"),
-        "female_names" => read_word_list("female_names.txt"),
-        "male_names" => read_word_list("male_names.txt"),
-        "passwords" => read_word_list("passwords.txt"),
-        "surnames" => read_word_list("surnames.txt")
+        'english' => read_word_list('english.txt'),
+        'female_names' => read_word_list('female_names.txt'),
+        'male_names' => read_word_list('male_names.txt'),
+        'passwords' => read_word_list('passwords.txt'),
+        'surnames' => read_word_list('surnames.txt')
       )
-      @adjacency_graphs = JSON.load(DATA_PATH.join('adjacency_graphs.json').read)
+      @adjacency_graphs = JSON.parse(DATA_PATH.join('adjacency_graphs.json').read)
     end
 
     attr_reader :ranked_dictionaries, :adjacency_graphs
@@ -25,7 +25,7 @@ module Zxcvbn
     private
 
     def read_word_list(file)
-      DATA_PATH.join("frequency_lists", file).read.split
+      DATA_PATH.join('frequency_lists', file).read.split
     end
   end
 end

data/lib/zxcvbn/dictionary_ranker.rb

@@ -3,8 +3,8 @@
 module Zxcvbn
   class DictionaryRanker
     def self.rank_dictionaries(lists)
-      lists.each_with_object({}) do |(dict_name, words), dictionaries|
-        dictionaries[dict_name] = rank_dictionary(words)
+      lists.transform_values do |words|
+        rank_dictionary(words)
       end
     end
 

data/lib/zxcvbn/entropy.rb

@@ -58,20 +58,19 @@ module Zxcvbn::Entropy
   NUM_MONTHS = 12
   NUM_DAYS = 31
 
-  def year_entropy(match)
+  def year_entropy(_match)
     lg(NUM_YEARS)
   end
 
   def date_entropy(match)
-    if match.year < 100
-      entropy = lg(NUM_DAYS * NUM_MONTHS * 100)
-    else
-      entropy = lg(NUM_DAYS * NUM_MONTHS * NUM_YEARS)
-    end
+    entropy =
+      if match.year < 100
+        lg(NUM_DAYS * NUM_MONTHS * 100)
+      else
+        lg(NUM_DAYS * NUM_MONTHS * NUM_YEARS)
+      end
 
-    if match.separator
-      entropy += 2
-    end
+    entropy += 2 if match.separator
 
     entropy
   end
@@ -84,10 +83,10 @@ module Zxcvbn::Entropy
     match.base_entropy + match.uppercase_entropy + match.l33t_entropy
   end
 
-  START_UPPER = /^[A-Z][^A-Z]+$/
-  END_UPPER   = /^[^A-Z]+[A-Z]$/
-  ALL_UPPER   = /^[A-Z]+$/
-  ALL_LOWER   = /^[a-z]+$/
+  START_UPPER = /^[A-Z][^A-Z]+$/.freeze
+  END_UPPER   = /^[^A-Z]+[A-Z]$/.freeze
+  ALL_UPPER   = /^[A-Z]+$/.freeze
+  ALL_LOWER   = /^[a-z]+$/.freeze
 
   def extra_uppercase_entropy(match)
     word = match.token
@@ -116,11 +115,11 @@ module Zxcvbn::Entropy
       end
     end
     entropy = lg(possibilities)
-    entropy == 0 ? 1 : entropy
+    entropy.zero? ? 1 : entropy
   end
 
   def spatial_entropy(match)
-    if %w|qwerty dvorak|.include? match.graph
+    if %w[qwerty dvorak].include? match.graph
       starting_positions = starting_positions_for_graph('qwerty')
       average_degree     = average_degree_for_graph('qwerty')
     else

data/lib/zxcvbn/feedback_giver.rb

@@ -18,14 +18,14 @@ module Zxcvbn
 
     def self.get_feedback(score, sequence)
       # starting feedback
-      return DEFAULT_FEEDBACK if sequence.length.zero?
+      return DEFAULT_FEEDBACK if sequence.empty?
 
       # no feedback if score is good or great.
       return EMPTY_FEEDBACK if score > 2
 
       # tie feedback to the longest match for longer sequences
       longest_match = sequence[0]
-      for match in sequence[1..-1]
+      sequence[1..-1].each do |match|
         longest_match = match if match.token.length > longest_match.token.length
       end
 
@@ -47,7 +47,6 @@ module Zxcvbn
         get_dictionary_match_feedback match, is_sole_match
 
       when 'spatial'
-        layout = match.graph.upcase
         warning = if match.turns == 1
                     'Straight rows of keys are easy to guess'
                   else

data/lib/zxcvbn/matchers/date.rb

@@ -7,23 +7,23 @@ module Zxcvbn
     class Date
       include RegexHelpers
 
-      YEAR_SUFFIX = /
+      YEAR_SUFFIX = %r{
         ( \d{1,2} )                         # day or month
-        ( \s | \- | \/ | \\ | \_ | \. )     # separator
+        ( \s | - | / | \\ | _ | \. )        # separator
         ( \d{1,2} )                         # month or day
         \2                                  # same separator
         ( 19\d{2} | 200\d | 201\d | \d{2} ) # year
-      /x
+      }x.freeze
 
-      YEAR_PREFIX = /
+      YEAR_PREFIX = %r{
         ( 19\d{2} | 200\d | 201\d | \d{2} ) # year
-        ( \s | - | \/ | \\ | _ | \. )       # separator
+        ( \s | - | / | \\ | _ | \. )        # separator
         ( \d{1,2} )                         # day or month
         \2                                  # same separator
         ( \d{1,2} )                         # month or day
-      /x
+      }x.freeze
 
-      WITHOUT_SEPARATOR = /\d{4,8}/
+      WITHOUT_SEPARATOR = /\d{4,8}/.freeze
 
       def matches(password)
         match_with_separator(password) + match_without_separator(password)
@@ -54,9 +54,11 @@ module Zxcvbn
 
       def match_without_separator(password)
         result = []
-        re_match_all(WITHOUT_SEPARATOR, password) do |match, re_match|
+        re_match_all(WITHOUT_SEPARATOR, password) do |match, _re_match|
           extract_dates(match.token).each do |candidate|
-            day, month, year = candidate[:day], candidate[:month], candidate[:year]
+            day = candidate[:day]
+            month = candidate[:month]
+            year = candidate[:year]
 
             match.pattern = 'date'
             match.day = day
@@ -73,11 +75,11 @@ module Zxcvbn
         dates = []
         date_patterns_for_length(token.length).map do |pattern|
           candidate = {
-            :year => +'',
-            :month => +'',
-            :day => +''
+            year: +'',
+            month: +'',
+            day: +''
           }
-          for i in 0...token.length
+          (0...token.length).each do |i|
             candidate[PATTERN_CHAR_TO_SYM[pattern[i]]] << token[i]
           end
           candidate.each do |component, value|
@@ -94,18 +96,18 @@ module Zxcvbn
       end
 
       DATE_PATTERN_FOR_LENGTH = {
-        8 => %w[yyyymmdd ddmmyyyy mmddyyyy],
-        7 => %w[yyyymdd yyyymmd ddmyyyy dmmyyyy],
-        6 => %w[yymmdd ddmmyy mmddyy],
-        5 => %w[yymdd yymmd ddmyy dmmyy mmdyy mddyy],
-        4 => %w[yymd dmyy mdyy]
-      }
+        8 => %w[yyyymmdd ddmmyyyy mmddyyyy].freeze,
+        7 => %w[yyyymdd yyyymmd ddmyyyy dmmyyyy].freeze,
+        6 => %w[yymmdd ddmmyy mmddyy].freeze,
+        5 => %w[yymdd yymmd ddmyy dmmyy mmdyy mddyy].freeze,
+        4 => %w[yymd dmyy mdyy].freeze
+      }.freeze
 
       PATTERN_CHAR_TO_SYM = {
         'y' => :year,
         'm' => :month,
         'd' => :day
-      }
+      }.freeze
 
       def date_patterns_for_length(length)
         DATE_PATTERN_FOR_LENGTH[length] || []
@@ -123,7 +125,7 @@ module Zxcvbn
       end
 
       def expand_year(year)
-        return year
+        year
         # Block dates with 2 digit years for now to be compatible with the JS version
         # return year unless year < 100
         # now = Time.now.year

data/lib/zxcvbn/matchers/dictionary.rb

@@ -20,15 +20,17 @@ module Zxcvbn
         (0..password_length).each do |i|
           (i...password_length).each do |j|
             word = lowercased_password[i..j]
-            if @ranked_dictionary.has_key?(word)
-              results << Match.new(:matched_word => word,
-                                   :token => password[i..j],
-                                   :i => i,
-                                   :j => j,
-                                   :rank => @ranked_dictionary[word],
-                                   :pattern => 'dictionary',
-                                   :dictionary_name => @name)
-            end
+            next unless @ranked_dictionary.key?(word)
+
+            results << Match.new(
+              matched_word: word,
+              token: password[i..j],
+              i: i,
+              j: j,
+              rank: @ranked_dictionary[word],
+              pattern: 'dictionary',
+              dictionary_name: @name
+            )
           end
         end
         results

data/lib/zxcvbn/matchers/digits.rb

@@ -7,7 +7,7 @@ module Zxcvbn
     class Digits
       include RegexHelpers
 
-      DIGITS_REGEX = /\d{3,}/
+      DIGITS_REGEX = /\d{3,}/.freeze
 
       def matches(password)
         result = []

data/lib/zxcvbn/matchers/l33t.rb

@@ -4,19 +4,19 @@ module Zxcvbn
   module Matchers
     class L33t
       L33T_TABLE = {
-        'a' => ['4', '@'],
-        'b' => ['8'],
-        'c' => ['(', '{', '[', '<'],
-        'e' => ['3'],
-        'g' => ['6', '9'],
-        'i' => ['1', '!', '|'],
-        'l' => ['1', '|', '7'],
-        'o' => ['0'],
-        's' => ['$', '5'],
-        't' => ['+', '7'],
-        'x' => ['%'],
-        'z' => ['2']
-      }
+        'a' => ['4', '@'].freeze,
+        'b' => ['8'].freeze,
+        'c' => ['(', '{', '[', '<'].freeze,
+        'e' => ['3'].freeze,
+        'g' => ['6', '9'].freeze,
+        'i' => ['1', '!', '|'].freeze,
+        'l' => ['1', '|', '7'].freeze,
+        'o' => ['0'].freeze,
+        's' => ['$', '5'].freeze,
+        't' => ['+', '7'].freeze,
+        'x' => ['%'].freeze,
+        'z' => ['2'].freeze
+      }.freeze
 
       def initialize(dictionary_matchers)
         @dictionary_matchers = dictionary_matchers
@@ -117,7 +117,7 @@ module Zxcvbn
         subs.each do |sub|
           assoc = sub.dup
 
-          assoc.sort! rescue debugger
+          assoc.sort!
           label = assoc.map { |k, v| "#{k},#{v}" }.join('-')
           unless members.include?(label)
             members << label

data/lib/zxcvbn/matchers/new_l33t.rb

@@ -4,19 +4,19 @@ module Zxcvbn
   module Matchers
     class L33t
       L33T_TABLE = {
-        'a' => ['4', '@'],
-        'b' => ['8'],
-        'c' => ['(', '{', '[', '<'],
-        'e' => ['3'],
-        'g' => ['6', '9'],
-        'i' => ['1', '!', '|'],
-        'l' => ['1', '|', '7'],
-        'o' => ['0'],
-        's' => ['$', '5'],
-        't' => ['+', '7'],
-        'x' => ['%'],
-        'z' => ['2']
-      }
+        'a' => ['4', '@'].freeze,
+        'b' => ['8'].freeze,
+        'c' => ['(', '{', '[', '<'].freeze,
+        'e' => ['3'].freeze,
+        'g' => ['6', '9'].freeze,
+        'i' => ['1', '!', '|'].freeze,
+        'l' => ['1', '|', '7'].freeze,
+        'o' => ['0'].freeze,
+        's' => ['$', '5'].freeze,
+        't' => ['+', '7'].freeze,
+        'x' => ['%'].freeze,
+        'z' => ['2'].freeze
+      }.freeze
 
       def initialize(dictionary_matchers)
         @dictionary_matchers = dictionary_matchers
@@ -26,17 +26,15 @@ module Zxcvbn
         matches = []
         lowercased_password = password.downcase
         combinations_to_try = substitution_combinations(relevant_l33t_substitutions(lowercased_password))
-        # debugger if password == 'abcdefghijk987654321'
-        combinations_to_try.each do |substitution|
+        combinations_to_try.each do |substitutions|
           @dictionary_matchers.each do |matcher|
-            subbed_password = substitute(lowercased_password, substitution)
+            subbed_password = substitute(lowercased_password, substitutions)
             matcher.matches(subbed_password).each do |match|
               token = lowercased_password[match.i..match.j]
               next if token == match.matched_word.downcase
 
-              # debugger if token == '1'
               match_substitutions = {}
-              substitution.each do |letter, substitution|
+              substitutions.each do |letter, substitution|
                 match_substitutions[substitution] = letter if token.include?(substitution)
               end
               match.l33t = true
@@ -52,9 +50,9 @@ module Zxcvbn
         matches
       end
 
-      def substitute(password, substitution)
+      def substitute(password, substitutions)
         subbed_password = password.dup
-        substitution.each do |letter, substitution|
+        substitutions.each do |letter, substitution|
           subbed_password.gsub!(substitution, letter)
         end
         subbed_password
@@ -67,9 +65,7 @@ module Zxcvbn
         end
         L33T_TABLE.each do |letter, substibutions|
           password.each_char do |password_char|
-            if substibutions.include?(password_char)
-              subs[letter] << password_char
-            end
+            subs[letter] << password_char if substibutions.include?(password_char)
           end
         end
         subs
@@ -97,15 +93,13 @@ module Zxcvbn
         end
 
         # convert back to simple hash per substitution combination
-        combination_hashes = combinations.map do |combination_set|
+        combinations.map do |combination_set|
           hash = {}
           combination_set.each do |combination_hash|
             hash.merge!(combination_hash)
           end
           hash
         end
-
-        combination_hashes
       end
 
       # expand possible combinations if multiple characters can be substituted

data/lib/zxcvbn/matchers/regex_helpers.rb

@@ -7,15 +7,15 @@ module Zxcvbn
     module RegexHelpers
       def re_match_all(regex, password)
         pos = 0
-        while re_match = regex.match(password, pos)
+        while (re_match = regex.match(password, pos))
           i, j = re_match.offset(0)
           pos = j
           j -= 1
 
           match = Match.new(
-            :i => i,
-            :j => j,
-            :token => password[i..j]
+            i: i,
+            j: j,
+            token: password[i..j]
           )
           yield match, re_match
         end

data/lib/zxcvbn/matchers/repeat.rb

@@ -11,17 +11,15 @@ module Zxcvbn
         while i < password.length
           cur_char = password[i]
           j = i + 1
-          while cur_char == password[j]
-            j += 1
-          end
+          j += 1 while cur_char == password[j]
 
           if j - i > 2 # don't consider length 1 or 2 chains.
             result << Match.new(
-              :pattern => 'repeat',
-              :i => i,
-              :j => j - 1,
-              :token => password[i...j],
-              :repeated_char => cur_char
+              pattern: 'repeat',
+              i: i,
+              j: j - 1,
+              token: password[i...j],
+              repeated_char: cur_char
             )
           end
 

data/lib/zxcvbn/matchers/sequences.rb

@@ -9,7 +9,7 @@ module Zxcvbn
         'lower' => 'abcdefghijklmnopqrstuvwxyz',
         'upper' => 'ABCDEFGHIJKLMNOPQRSTUVWXYZ',
         'digits' => '01234567890'
-      }
+      }.freeze
 
       def seq_match_length(password, from, direction, seq)
         index_from = seq.index(password[from])
@@ -27,14 +27,12 @@ module Zxcvbn
         SEQUENCES.each do |name, sequence|
           index1 = sequence.index(password[i])
           index2 = sequence.index(password[i + 1])
-          if index1 and index2
-            seq_direction = index2 - index1
-            if [-1, 1].include?(seq_direction)
-              return [name, sequence, seq_direction]
-            else
-              return nil
-            end
-          end
+          next unless index1 && index2
+
+          seq_direction = index2 - index1
+          return [name, sequence, seq_direction] if [-1, 1].include?(seq_direction)
+
+          return nil
         end
       end
 
@@ -48,13 +46,13 @@ module Zxcvbn
             length = seq_match_length(password, i, seq_direction, seq)
             if length > 2
               result << Match.new(
-                :pattern => 'sequence',
-                :i => i,
-                :j => i + length - 1,
-                :token => password[i, length],
-                :sequence_name => seq_name,
-                :sequence_space => seq.length,
-                :ascending => seq_direction == 1
+                pattern: 'sequence',
+                i: i,
+                j: i + length - 1,
+                token: password[i, length],
+                sequence_name: seq_name,
+                sequence_space: seq.length,
+                ascending: seq_direction == 1
               )
             end
             i += length - 1

data/lib/zxcvbn/matchers/spatial.rb

@@ -36,22 +36,22 @@ module Zxcvbn
               cur_char = password[j]
               adjacents.each do |adj|
                 cur_direction += 1
-                if adj && adj.index(cur_char)
-                  found = true
-                  found_direction = cur_direction
-                  if adj.index(cur_char) == 1
-                    # index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
-                    # for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
-                    shifted_count += 1
-                  end
-                  if last_direction != found_direction
-                    # adding a turn is correct even in the initial case when last_direction is null:
-                    # every spatial pattern starts with a turn.
-                    turns += 1
-                    last_direction = found_direction
-                  end
-                  break
+                next unless adj&.index(cur_char)
+
+                found = true
+                found_direction = cur_direction
+                if adj.index(cur_char) == 1
+                  # index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
+                  # for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
+                  shifted_count += 1
+                end
+                if last_direction != found_direction
+                  # adding a turn is correct even in the initial case when last_direction is null:
+                  # every spatial pattern starts with a turn.
+                  turns += 1
+                  last_direction = found_direction
                 end
+                break
               end
             end
             # if the current pattern continued, extend j and try to grow again
@@ -61,13 +61,13 @@ module Zxcvbn
               # otherwise push the pattern discovered so far, if any...
               if j - i > 2 # don't consider length 1 or 2 chains.
                 result << Match.new(
-                  :pattern => 'spatial',
-                  :i => i,
-                  :j => j - 1,
-                  :token => password[i...j],
-                  :graph => graph_name,
-                  :turns => turns,
-                  :shifted_count => shifted_count
+                  pattern: 'spatial',
+                  i: i,
+                  j: j - 1,
+                  token: password[i...j],
+                  graph: graph_name,
+                  turns: turns,
+                  shifted_count: shifted_count
                 )
               end
               # ...and then start a new search for the rest of the password.

data/lib/zxcvbn/matchers/year.rb

@@ -7,7 +7,7 @@ module Zxcvbn
     class Year
       include RegexHelpers
 
-      YEAR_REGEX = /19\d\d|200\d|201\d/
+      YEAR_REGEX = /19\d\d|200\d|201\d/.freeze
 
       def matches(password)
         result = []

data/lib/zxcvbn/math.rb

@@ -32,12 +32,12 @@ module Zxcvbn
 
     def nCk(n, k)
       return 0 if k > n
-      return 1 if k == 0
+      return 1 if k.zero?
 
       r = 1
       (1..k).each do |d|
-        r = r * n
-        r = r / d
+        r *= n
+        r /= d
         n -= 1
       end
       r

data/lib/zxcvbn/password_strength.rb

@@ -13,7 +13,7 @@ module Zxcvbn
     end
 
     def test(password, user_inputs = [])
-      password = password || ''
+      password ||= ''
       result = nil
       calc_time = Clock.realtime do
         matches = @omnimatch.matches(password, user_inputs)

data/lib/zxcvbn/scorer.rb

@@ -24,15 +24,16 @@ module Zxcvbn
       backpointers = []
       (0...password.length).each do |k|
         # starting scenario to try and beat: adding a brute-force character to the minimum entropy sequence at k-1.
-        previous_k_entropy = k > 0 ? up_to_k[k - 1] : 0
+        previous_k_entropy = k.positive? ? up_to_k[k - 1] : 0
         up_to_k[k] = previous_k_entropy + lg(bruteforce_cardinality)
         backpointers[k] = nil
         matches.select do |match|
           match.j == k
         end.each do |match|
-          i, j = match.i, match.j
+          i = match.i
+          j = match.j
           # see if best entropy up to i-1 + entropy of this match is less than the current minimum at j.
-          previous_i_entropy = i > 0 ? up_to_k[i - 1] : 0
+          previous_i_entropy = i.positive? ? up_to_k[i - 1] : 0
           candidate_entropy = previous_i_entropy + calc_entropy(match)
           if up_to_k[j] && candidate_entropy < up_to_k[j]
             up_to_k[j] = candidate_entropy
@@ -58,18 +59,18 @@ module Zxcvbn
       score_for(password, match_sequence, up_to_k)
     end
 
-    def score_for password, match_sequence, up_to_k
+    def score_for(password, match_sequence, up_to_k)
       min_entropy = up_to_k[password.length - 1] || 0 # or 0 corner case is for an empty password ''
       crack_time = entropy_to_crack_time(min_entropy)
 
       # final result object
       Score.new(
-        :password => password,
-        :entropy => min_entropy.round(3),
-        :match_sequence => match_sequence,
-        :crack_time => crack_time.round(3),
-        :crack_time_display => display_time(crack_time),
-        :score => crack_time_to_score(crack_time)
+        password: password,
+        entropy: min_entropy.round(3),
+        match_sequence: match_sequence,
+        crack_time: crack_time.round(3),
+        crack_time_display: display_time(crack_time),
+        score: crack_time_to_score(crack_time)
       )
     end
 
@@ -77,9 +78,7 @@ module Zxcvbn
       k = 0
       match_sequence_copy = []
       match_sequence.each do |match|
-        if match.i > k
-          match_sequence_copy << make_bruteforce_match(password, k, match.i - 1, bruteforce_cardinality)
-        end
+        match_sequence_copy << make_bruteforce_match(password, k, match.i - 1, bruteforce_cardinality) if match.i > k
         k = match.j + 1
         match_sequence_copy << match
       end
@@ -94,12 +93,12 @@ module Zxcvbn
     # match1.j == match2.i - 1 for every adjacent match1, match2.
     def make_bruteforce_match(password, i, j, bruteforce_cardinality)
       Match.new(
-        :pattern => 'bruteforce',
-        :i => i,
-        :j => j,
-        :token => password[i..j],
-        :entropy => lg(bruteforce_cardinality**(j - i + 1)),
-        :cardinality => bruteforce_cardinality
+        pattern: 'bruteforce',
+        i: i,
+        j: j,
+        token: password[i..j],
+        entropy: lg(bruteforce_cardinality**(j - i + 1)),
+        cardinality: bruteforce_cardinality
       )
     end
   end

data/lib/zxcvbn/tester.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
-require "zxcvbn/data"
-require "zxcvbn/password_strength"
+require 'zxcvbn/data'
+require 'zxcvbn/password_strength'
 
 module Zxcvbn
   # Allows you to test the strength of multiple passwords without reading and

data/lib/zxcvbn/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Zxcvbn
-  VERSION = '1.2.2'
+  VERSION = '1.2.4'
 end

data/lib/zxcvbn.rb

@@ -5,9 +5,9 @@ require 'zxcvbn/version'
 require 'zxcvbn/tester'
 
 module Zxcvbn
-  extend self
+  module_function
 
-  DATA_PATH = Pathname(File.expand_path('../../data', __FILE__))
+  DATA_PATH = Pathname(File.expand_path('../data', __dir__))
 
   # Returns a Zxcvbn::Score for the given password
   #

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: zxcvbn-ruby
 version: !ruby/object:Gem::Version
-  version: 1.2.2
+  version: 1.2.4
 platform: ruby
 authors:
 - Steve Hodgkiss