cleanup

- YAML.load => YAML.safe_load - update rubocop + fix warnings, disable some rubocops - cleanup dependencies - bump minimum supported ruby version
square · Aug 1, 2024 · 189969f · 189969f
1 parent d7c0952
commit 189969f
Show file tree

Hide file tree

Showing 12 changed files with 35 additions and 49 deletions.
diff --git a/.github/workflows/mri.yml b/.github/workflows/mri.yml
@@ -15,6 +15,9 @@ jobs:
           - 2.6
           - 2.7
           - 3.0
+          - 3.1
+          - 3.2
+          - 3.3
 
     steps:
     - uses: actions/checkout@v2

diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,31 +1,16 @@
 AllCops:
+  NewCops: enable
   DisplayCopNames: true
-  TargetRubyVersion: 2.3
+  TargetRubyVersion: 2.5
 
 Style/StringLiterals:
   EnforcedStyle: double_quotes
 
 Layout/HashAlignment:
   Enabled: false
 
-Metrics/BlockLength:
-  ExcludedMethods: ['describe', 'context']
-
-Metrics/ParameterLists:
-  Max: 5
-  CountKeywordArgs: false
-
-Metrics/LineLength:
-  Max: 128
-
-Metrics/MethodLength:
-  Max: 25
-
-Metrics/AbcSize:
-  Max: 25
-
-Metrics/CyclomaticComplexity:
-  Max: 8
+Metrics:
+  Enabled: false
 
 Naming/MethodParameterName:
   MinNameLength: 2

diff --git a/Gemfile b/Gemfile
@@ -2,19 +2,13 @@
 
 source "https://rubygems.org"
 
-group :development do
-  gem "guard-rspec"
-end
-
-group :development, :test do
-  gem "activesupport", "~> 4"
-  gem "certificate_authority", require: false
-  gem "coveralls", require: false
-  # Workaround for: https://github.com/bundler/bundler/pull/4650
-  gem "rack", "~> 1.x"
-  gem "rake"
-  gem "rspec"
-  gem "rubocop", "0.77.0"
-end
+gem "activesupport"
+gem "certificate_authority", require: false
+gem "coveralls", require: false
+gem "guard-rspec"
+gem "pry-byebug", platform: :mri
+gem "rake"
+gem "rspec"
+gem "rubocop"
 
 gemspec
diff --git a/lib/rails/auth.rb b/lib/rails/auth.rb
@@ -1,5 +1,8 @@
 # frozen_string_literal: true
 
+require "active_support"
+require "active_support/core_ext/object"
+
 # Pull in core library components that work with any Rack application
 require "rails/auth/rack"
 

diff --git a/lib/rails/auth/acl.rb b/lib/rails/auth/acl.rb
@@ -19,9 +19,14 @@ class ACL
       # @param [String] :yaml serialized YAML to load an ACL from
       def self.from_yaml(yaml, **args)
         require "yaml"
-        # rubocop:todo Security/YAMLLoad
-        new(YAML.load(yaml), **args)
-        # rubocop:enable Security/YAMLLoad
+        new(
+          if YAML::VERSION >= "4.0"
+            YAML.safe_load(yaml, aliases: true)
+          else
+            YAML.safe_load(yaml, [], [], true)
+          end,
+          **args
+        )
       end
 
       # @param [Array<Hash>] :acl Access Control List configuration

diff --git a/lib/rails/auth/rspec/matchers/acl_matchers.rb b/lib/rails/auth/rspec/matchers/acl_matchers.rb
@@ -6,7 +6,7 @@
     credentials = Rails::Auth.credentials(env)
     message     = "allow #{method}s by "
 
-    return message + "unauthenticated clients" if credentials.count.zero?
+    return "#{message}unauthenticated clients" if credentials.count.zero?
 
     message + credentials.values.map(&:inspect).join(", ")
   end

diff --git a/lib/rails/auth/version.rb b/lib/rails/auth/version.rb
@@ -3,6 +3,6 @@
 module Rails
   # Pluggable authentication and authorization for Rack/Rails
   module Auth
-    VERSION = "3.1.0"
+    VERSION = "3.2.0"
   end
 end
diff --git a/lib/rails/auth/x509/filter/pem.rb b/lib/rails/auth/x509/filter/pem.rb
@@ -11,7 +11,7 @@ def call(pem)
             # certificates are normally formatted in otherwise parsing with fail
             # with a 'nested asn1 error'. split(" ") handles sequential whitespace
             # characters like \t, \n, and space.
-            OpenSSL::X509::Certificate.new(pem.split(" ").instance_eval do
+            OpenSSL::X509::Certificate.new(pem.split.instance_eval do
               [[self[0], self[1]].join(" "), self[2...-2], [self[-2], self[-1]].join(" ")]
                 .flatten.join("\n")
             end).freeze

diff --git a/rails-auth.gemspec b/rails-auth.gemspec
@@ -21,15 +21,14 @@ Gem::Specification.new do |spec|
 
   # Only allow gem to be pushed to https://rubygems.org
   spec.metadata["allowed_push_host"] = "https://rubygems.org"
+  spec.metadata["rubygems_mfa_required"] = "true"
 
   spec.files         = `git ls-files`.split("\n")
   spec.bindir        = "exe"
   spec.require_paths = ["lib"]
 
-  spec.required_ruby_version = ">= 2.3.0"
+  spec.required_ruby_version = ">= 2.5.0"
 
-  spec.add_runtime_dependency "rack"
-
-  spec.add_development_dependency "bundler", ">= 1.10", "< 3"
-  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_dependency "activesupport"
+  spec.add_dependency "rack"
 end
diff --git a/spec/rails/auth/controller_methods_spec.rb b/spec/rails/auth/controller_methods_spec.rb
@@ -6,7 +6,7 @@
       attr_reader :request
 
       def initialize(env)
-        @request = OpenStruct.new(env: env)
+        @request = Struct.new(:env).new(env)
       end
 
       include Rails::Auth::ControllerMethods

diff --git a/spec/rails/auth/x509/middleware_spec.rb b/spec/rails/auth/x509/middleware_spec.rb
@@ -14,7 +14,7 @@
     described_class.new(
       app,
       cert_filters: { example_key => cert_filter },
-      logger: Logger.new(STDERR)
+      logger: Logger.new($stderr)
     )
   end
 

diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
@@ -1,8 +1,5 @@
 # frozen_string_literal: true
 
-require "coveralls"
-Coveralls.wear!
-
 $LOAD_PATH.unshift File.expand_path("../lib", __dir__)
 require "rails/auth"
 require "rails/auth/rspec"