Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check vulnerabilities #143

Closed
wants to merge 204 commits into from

Conversation

zainabott
Copy link

Description

Sasha Gerrand and others added 30 commits October 2, 2018 11:34
* Fix configuration
* Update Vault version
* Add config so a new release is published when a tag is pushed to Github
Integrate CircleCI to run test suites and build and push gems to Artifactory
As a tag could potentially originate from any commit, run the test suite
for any changes. They should pass prior to building and pushing a
released gem.
* Add git to publish-release in .circleci/config.yml for fix builds
* Fix indentation in .circleci/config.yml
Persisting Vault attributes on an `after_save` uses two separate queries:
one for the model `INSERT/UPDATE`, and another to `UPDATE` the ciphertext
for the encrypted attributes. Encrypting the attributes with a `before_save`
avoids the second query. In some cases users might _not_ want to have two
queries when saving a single record. This would be necessary for example,
when one has an auditing table and/or stored procedures that take some action
when a record is changed.
Add serializers for Dates, Integers and Floats
What does this PR do?
---------------------
* Adds support for convergent encryption

Where should the reviewer start?
--------------------------------
* `lib/vault/rails.rb`
* `lib/vault/encrypted_model.rb`

Any background context you want to provide?
-------------------------------------------
* Vault supports convergent encryption since v0.6.1, but this gem
does not take advantage of this functionality.
Only load the attributes that we need to when using vault_lazy_decrypt!
…ecord

Replace Rails dependency with ActiveRecord
If we've included vault-rails in an application that doesn't use rails but
only uses activerecord then we won't have access to
`Rails.application.config` to ask for `encoding`.  We wrap access to this
in some guard clauses.

Ideally we'd use the encoding on the database connection for the model, but
the `Vault::Rails.encrypt` and `Vault::Rails.decrypt` methods don't know
about models.  We could change these methods to take an optional encoding
parameter that the `Vault::Rails::EncryptedModel` will pass in from the
database connection.  However, we'd still need to work out a default for
the cases where we use these methods outside the context of a model, so
being more robust in the absence of a full rails application is good enough
for now.
IsmaelMarinMolina and others added 27 commits September 14, 2023 16:25
```
ActiveRecord::Base.try(:connection_db_config).try(:adapter)
=> "postgresql"

ActiveRecord::Base.try(:connection_config)[:adapter]
W, [2023-11-17T16:12:59.253878+02:00 #22587] DEPRECATION WARNING: connection_config is deprecated and will be removed from Rails 7.0 (Use connection_db_config instead) (called from <main> at (pry):6)
=> "postgresql"
```
Add rails 7 support
Fixes DEPRECATION WARNING: connection_config is deprecated and will be removed from Rails 7.0
Fix deprecation warning when using connection_config
@hashicorp-cla
Copy link

hashicorp-cla commented Feb 28, 2024

CLA assistant check

Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement

Learn more about why HashiCorp requires a CLA and what the CLA includes


0 out of 2 committers have signed the CLA.

  • zainabott
  • bliof-fc

Have you signed the CLA already but the status is still pending? Recheck it.

@zainabott zainabott closed this Jul 16, 2024
@zainabott
Copy link
Author

Triggered by accident in this repo from a forked repo

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.