Merge branch 'main' into jm-random-period-offset

rack · Nov 15, 2023 · a91807b · a91807b
2 parents 71a63ad + ffc2102
commit a91807b
Show file tree

Hide file tree

Showing 54 changed files with 428 additions and 221 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -17,53 +17,92 @@ jobs:
     strategy:
       matrix:
         ruby:
-          - 3.1.2
-          - 3.0.4
-          - 2.7.6
-          - 2.6.10
-          - 2.5.8
+          - '3.2'
+          - '3.1'
+          - '3.0'
+          - '2.7'
+          - '2.6'
+          - '2.5'
         gemfile:
+          - rack_3
           - rack_2
           - rack_1
+          - rails_7_1
           - rails_7_0
           - rails_6_1
           - rails_6_0
           - rails_5_2
-          - rails_4_2
           - dalli3
           - dalli2
+          - redis_5
           - redis_4
-          - redis_3
           - connection_pool_dalli
-          - active_support_redis_cache_store
-          - active_support_redis_cache_store_pooled
+          - active_support_7_1_redis_cache_store
+          - active_support_7_1_redis_cache_store_pooled
+          - active_support_7_0_redis_cache_store
+          - active_support_7_0_redis_cache_store_pooled
+          - active_support_6_redis_cache_store
+          - active_support_6_redis_cache_store_pooled
+          - active_support_5_redis_cache_store
+          - active_support_5_redis_cache_store_pooled
           - redis_store
-          - active_support_redis_store
         exclude:
           - gemfile: rack_1
-            ruby: 3.1.2
+            ruby: '3.2'
           - gemfile: rails_5_2
-            ruby: 3.1.2
-          - gemfile: rails_4_2
-            ruby: 3.1.2
+            ruby: '3.2'
+          - gemfile: active_support_5_redis_cache_store
+            ruby: '3.2'
+          - gemfile: active_support_5_redis_cache_store_pooled
+            ruby: '3.2'
           - gemfile: dalli2
-            ruby: 3.1.2
+            ruby: '3.2'
           - gemfile: rack_1
-            ruby: 3.0.4
+            ruby: '3.1'
           - gemfile: rails_5_2
-            ruby: 3.0.4
-          - gemfile: rails_4_2
-            ruby: 3.0.4
+            ruby: '3.1'
+          - gemfile: active_support_5_redis_cache_store
+            ruby: '3.1'
+          - gemfile: active_support_5_redis_cache_store_pooled
+            ruby: '3.1'
           - gemfile: dalli2
-            ruby: 3.0.4
+            ruby: '3.1'
           - gemfile: rack_1
-            ruby: 2.7.6
-          - gemfile: rails_4_2
-            ruby: 2.7.6
+            ruby: '3.0'
+          - gemfile: rails_5_2
+            ruby: '3.0'
+          - gemfile: active_support_5_redis_cache_store
+            ruby: '3.0'
+          - gemfile: active_support_5_redis_cache_store_pooled
+            ruby: '3.0'
+          - gemfile: dalli2
+            ruby: '3.0'
+          - gemfile: rack_1
+            ruby: '2.7'
           - gemfile: rails_7_0
-            ruby: 2.6.10
+            ruby: '2.6'
           - gemfile: rails_7_0
-            ruby: 2.5.8
+            ruby: '2.5'
+          - gemfile: active_support_7_0_redis_cache_store
+            ruby: '2.6'
+          - gemfile: active_support_7_0_redis_cache_store
+            ruby: '2.5'
+          - gemfile: active_support_7_0_redis_cache_store_pooled
+            ruby: '2.6'
+          - gemfile: active_support_7_0_redis_cache_store_pooled
+            ruby: '2.5'
+          - gemfile: rails_7_1
+            ruby: '2.6'
+          - gemfile: rails_7_1
+            ruby: '2.5'
+          - gemfile: active_support_7_1_redis_cache_store
+            ruby: '2.6'
+          - gemfile: active_support_7_1_redis_cache_store
+            ruby: '2.5'
+          - gemfile: active_support_7_1_redis_cache_store_pooled
+            ruby: '2.6'
+          - gemfile: active_support_7_1_redis_cache_store_pooled
+            ruby: '2.5'
     env:
       BUNDLE_GEMFILE: gemfiles/${{ matrix.gemfile }}.gemfile
     steps:

diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,5 +1,7 @@
 require:
+  - rubocop-minitest
   - rubocop-performance
+  - rubocop-rake
 
 inherit_mode:
   merge:
@@ -56,7 +58,6 @@ Security:
 
 Style/BlockDelimiters:
   Enabled: true
-  IgnoredMethods: [] # Workaround rubocop bug: https://github.com/rubocop-hq/rubocop/issues/6179
 
 Style/ClassAndModuleChildren:
   Enabled: true

diff --git a/Appraisals b/Appraisals
@@ -1,5 +1,9 @@
 # frozen_string_literal: true
 
+appraise "rack_3" do
+  gem "rack", "~> 3.0"
+end
+
 appraise "rack_2" do
   gem "rack", "~> 2.0"
 end
@@ -17,6 +21,10 @@ appraise "rack_1" do
   gem "rack-test", ">= 0.6"
 end
 
+appraise 'rails_7-1' do
+  gem 'railties', '~> 7.1.0'
+end
+
 appraise 'rails_7-0' do
   gem 'railties', '~> 7.0.0'
 end
@@ -33,14 +41,6 @@ appraise 'rails_5-2' do
   gem 'railties', '~> 5.2.0'
 end
 
-appraise 'rails_4-2' do
-  gem 'railties', '~> 4.2.0'
-
-  # Override rack-test version constraint by making it more loose
-  # so it's compatible with actionpack 4.2.x
-  gem "rack-test", ">= 0.6"
-end
-
 appraise 'dalli2' do
   gem 'dalli', '~> 2.0'
 end
@@ -49,34 +49,63 @@ appraise 'dalli3' do
   gem 'dalli', '~> 3.0'
 end
 
-appraise 'redis_4' do
-  gem 'redis', '~> 4.0'
+appraise 'redis_5' do
+  gem 'redis', '~> 5.0'
 end
 
-appraise 'redis_3' do
-  gem 'redis', '~> 3.3'
+appraise 'redis_4' do
+  gem 'redis', '~> 4.0'
 end
 
 appraise "connection_pool_dalli" do
   gem "connection_pool", "~> 2.2"
   gem "dalli", "~> 3.0"
 end
 
-appraise "active_support_redis_cache_store" do
+appraise "active_support_7-1_redis_cache_store" do
+  gem "activesupport", "~> 7.1.0"
+  gem "redis", "~> 5.0"
+end
+
+appraise "active_support_7-1_redis_cache_store_pooled" do
+  gem "activesupport", "~> 7.1.0"
+  gem "connection_pool", "~> 2.2"
+  gem "redis", "~> 5.0"
+end
+
+appraise "active_support_7-0_redis_cache_store" do
+  gem "activesupport", "~> 7.0.0"
+  gem "redis", "~> 5.0"
+end
+
+appraise "active_support_7-0_redis_cache_store_pooled" do
+  gem "activesupport", "~> 7.0.0"
+  gem "connection_pool", "~> 2.2"
+  gem "redis", "~> 5.0"
+end
+
+appraise "active_support_6_redis_cache_store" do
   gem "activesupport", "~> 6.1.0"
-  gem "redis", "~> 4.0"
+  gem "redis", "~> 5.0"
 end
 
-appraise "active_support_redis_cache_store_pooled" do
+appraise "active_support_6_redis_cache_store_pooled" do
   gem "activesupport", "~> 6.1.0"
   gem "connection_pool", "~> 2.2"
-  gem "redis", "~> 4.0"
+  gem "redis", "~> 5.0"
 end
 
-appraise "redis_store" do
-  gem "redis-store", "~> 1.5"
+appraise "active_support_5_redis_cache_store" do
+  gem "activesupport", "~> 5.2.0"
+  gem "redis", "~> 5.0"
 end
 
-appraise "active_support_redis_store" do
-  gem "redis-activesupport", "~> 5.0"
+appraise "active_support_5_redis_cache_store_pooled" do
+  gem "activesupport", "~> 5.2.0"
+  gem "connection_pool", "~> 2.2"
+  gem "redis", "~> 5.0"
+end
+
+appraise "redis_store" do
+  gem "redis-store", "~> 1.5"
 end
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,16 @@
 # Changelog
 
-All notable changes to this project will be documented in this file.
+This file will no longer be updated - all changes after v6.7.0 will only be documented in the relevant release note.
+
+## [6.7.0] - 2023-07-26
+
+- Replace git.io URL by @kyoshidajp in #579
+- test: update rack-test to v2 from v1 by @grzuy in #587
+- Update example description to not suggest using a deprecated method by @MaksimAbramchuk in #589
+- Add note about cache stores and in-memory caches. by @nateberkopec in #604
+- ci: tests against redis gem v5 by @grzuy in #612
+- Support rack 3 by @ioquatix in #586
+- Gem release management. by @ioquatix in #614
 
 ## [6.x.x] = 2022-xx-xx
 
@@ -277,6 +287,7 @@ so your custom code is less prone to race conditions ([#282](https://github.com/
  - Extract mandatory options to constants
 
 
+[6.7.0]: https://github.com/rack/rack-attack/compare/v6.6.1...v6.7.0/
 [6.6.1]: https://github.com/rack/rack-attack/compare/v6.6.0...v6.6.1/
 [6.6.0]: https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0/
 [6.5.0]: https://github.com/rack/rack-attack/compare/v6.4.0...v6.5.0/

diff --git a/Gemfile b/Gemfile
@@ -3,3 +3,8 @@
 source 'https://rubygems.org'
 
 gemspec
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
diff --git a/README.md b/README.md
@@ -305,10 +305,15 @@ end
 Throttle, allow2ban and fail2ban state is stored in a configurable cache (which defaults to `Rails.cache` if present), presumably backed by memcached or redis ([at least gem v3.0.0](https://rubygems.org/gems/redis)).
 
 ```ruby
-Rack::Attack.cache.store = ActiveSupport::Cache::MemoryStore.new # defaults to Rails.cache
+# This is the default
+Rack::Attack.cache.store = Rails.cache 
+# It is recommended to use a separate database for throttling/allow2ban/fail2ban.
+Rack::Attack.cache.store = ActiveSupport::Cache::RedisCacheStore.new(url: "...") 
 ```
 
-Note that `Rack::Attack.cache` is only used for throttling, allow2ban and fail2ban filtering; not blocklisting and safelisting. Your cache store must implement `increment` and `write` like [ActiveSupport::Cache::Store](http://api.rubyonrails.org/classes/ActiveSupport/Cache/Store.html).
+Most applications should use a new, separate database used only for `rack-attack`. During an actual attack or periods of heavy load, this database will come under heavy load. Keeping it on a separate database instance will give you additional resilience and make sure that other functions (like caching for your application) don't go down.
+
+Note that `Rack::Attack.cache` is only used for throttling, allow2ban and fail2ban filtering; not blocklisting and safelisting. Your cache store must implement `increment` and `write` like [ActiveSupport::Cache::Store](http://api.rubyonrails.org/classes/ActiveSupport/Cache/Store.html). This means that other cache stores which inherit from ActiveSupport::Cache::Store are also compatible. In-memory stores which are not backed by an external database, such as `ActiveSupport::Cache::MemoryStore.new`, will be mostly ineffective because each Ruby process in your deployment will have it's own state, effectively multiplying the number of requests each client can make by the number of Ruby processes you have deployed.
 
 ## Customizing responses
 

diff --git a/docs/example_configuration.md b/docs/example_configuration.md
@@ -75,7 +75,7 @@ class Rack::Attack
   # If you want to return 503 so that the attacker might be fooled into
   # believing that they've successfully broken your app (or you just want to
   # customize the response), then uncomment these lines.
-  # self.throttled_response = lambda do |env|
+  # self.throttled_responder = lambda do |env|
   #  [ 503,  # status
   #    {},   # headers
   #    ['']] # body

diff --git a/gemfiles/active_support_5_redis_cache_store.gemfile b/gemfiles/active_support_5_redis_cache_store.gemfile
@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activesupport", "~> 5.2.0"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
+
+gemspec path: "../"
diff --git a/gemfiles/active_support_5_redis_cache_store_pooled.gemfile b/gemfiles/active_support_5_redis_cache_store_pooled.gemfile
@@ -0,0 +1,14 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activesupport", "~> 5.2.0"
+gem "connection_pool", "~> 2.2"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
+
+gemspec path: "../"
diff --git a/.../active_support_redis_cache_store.gemfile → ...ctive_support_6_redis_cache_store.gemfile b/.../active_support_redis_cache_store.gemfile → ...ctive_support_6_redis_cache_store.gemfile
@@ -3,6 +3,11 @@
 source "https://rubygems.org"
 
 gem "activesupport", "~> 6.1.0"
-gem "redis", "~> 4.0"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
 
 gemspec path: "../"
diff --git a/..._support_redis_cache_store_pooled.gemfile → ...upport_6_redis_cache_store_pooled.gemfile b/..._support_redis_cache_store_pooled.gemfile → ...upport_6_redis_cache_store_pooled.gemfile
@@ -4,6 +4,11 @@ source "https://rubygems.org"
 
 gem "activesupport", "~> 6.1.0"
 gem "connection_pool", "~> 2.2"
-gem "redis", "~> 4.0"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
 
 gemspec path: "../"
diff --git a/gemfiles/active_support_7_0_redis_cache_store.gemfile b/gemfiles/active_support_7_0_redis_cache_store.gemfile
@@ -0,0 +1,13 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activesupport", "~> 7.0.0"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
+
+gemspec path: "../"
diff --git a/gemfiles/active_support_7_0_redis_cache_store_pooled.gemfile b/gemfiles/active_support_7_0_redis_cache_store_pooled.gemfile
@@ -0,0 +1,14 @@
+# This file was generated by Appraisal
+
+source "https://rubygems.org"
+
+gem "activesupport", "~> 7.0.0"
+gem "connection_pool", "~> 2.2"
+gem "redis", "~> 5.0"
+
+group :maintenance, optional: true do
+  gem "bake"
+  gem "bake-gem"
+end
+
+gemspec path: "../"