-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Check vulnerabilities #142
Closed
Closed
+3,886
−781
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Fix configuration * Update Vault version * Add config so a new release is published when a tag is pushed to Github
Integrate CircleCI to run test suites and build and push gems to Artifactory
As a tag could potentially originate from any commit, run the test suite for any changes. They should pass prior to building and pushing a released gem.
CircleCI should support tags
* Add git to publish-release in .circleci/config.yml for fix builds * Fix indentation in .circleci/config.yml
Fix tag builds on CircleCI
Persisting Vault attributes on an `after_save` uses two separate queries: one for the model `INSERT/UPDATE`, and another to `UPDATE` the ciphertext for the encrypted attributes. Encrypting the attributes with a `before_save` avoids the second query. In some cases users might _not_ want to have two queries when saving a single record. This would be necessary for example, when one has an auditing table and/or stored procedures that take some action when a record is changed.
Persist attributes before save
Add serializers for Dates, Integers and Floats
What does this PR do? --------------------- * Adds support for convergent encryption Where should the reviewer start? -------------------------------- * `lib/vault/rails.rb` * `lib/vault/encrypted_model.rb` Any background context you want to provide? ------------------------------------------- * Vault supports convergent encryption since v0.6.1, but this gem does not take advantage of this functionality.
Convergent encryption support
Only load the attributes that we need to when using vault_lazy_decrypt!
Improve lazy decrypt
Update README.md
Bump to v0.5.0
Rename gem to fc-vault-rails.
Remove Rails 4.1 dependency
…ecord Replace Rails dependency with ActiveRecord
Bump to v0.6.0
If we've included vault-rails in an application that doesn't use rails but only uses activerecord then we won't have access to `Rails.application.config` to ask for `encoding`. We wrap access to this in some guard clauses. Ideally we'd use the encoding on the database connection for the model, but the `Vault::Rails.encrypt` and `Vault::Rails.decrypt` methods don't know about models. We could change these methods to take an optional encoding parameter that the `Vault::Rails::EncryptedModel` will pass in from the database connection. However, we'd still need to work out a default for the cases where we use these methods outside the context of a model, so being more robust in the absence of a full rails application is good enough for now.
Adding codeowners
…vault-rails into cd-150-support-rails-7
``` ActiveRecord::Base.try(:connection_db_config).try(:adapter) => "postgresql" ActiveRecord::Base.try(:connection_config)[:adapter] W, [2023-11-17T16:12:59.253878+02:00 #22587] DEPRECATION WARNING: connection_config is deprecated and will be removed from Rails 7.0 (Use connection_db_config instead) (called from <main> at (pry):6) => "postgresql" ```
Add rails 7 support Fixes DEPRECATION WARNING: connection_config is deprecated and will be removed from Rails 7.0
Fix deprecation warning when using connection_config
Fix the promote build
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description