Open
Conversation
… for API responses
…ith dev dependencies
… languages Added 8 missing DTO fields to achieve complete parity with Python, JavaScript, .NET, and Java SDKs: - KeeperRecord.links - Array of linked record references - KeeperRecord.is_editable - Boolean indicating edit permissions (defaults to true) - KeeperRecord.inner_folder_uid - Actual folder UID where record is located - KeeperFile.thumbnail_url - Thumbnail image URL - KeeperFile.last_modified - File modification timestamp - QueryOptions.request_links - Flag to request linked records in query - UpdatePayload.links2_remove - Array of link UIDs to remove during updates - SecretsManagerResponse.expires_on - Token expiration timestamp Added UpdateOptions class with transaction_type and links_to_remove support. Added/updated methods: - update_secret_with_options(record, update_options) - New method for advanced updates - update_secret(record, transaction_type:) - Refactored to use update_secret_with_options - prepare_update_payload - Now accepts UpdateOptions, filters fileRef fields - prepare_get_payload - Now supports request_links parameter - download_thumbnail(file_data) - New method for downloading file thumbnails
…hierarchy tests
Added 3 new RSpec integration test files (79 new examples):
- totp_spec.rb (35 examples) - TOTP generation/validation for all algorithms and periods
- file_operations_spec.rb (19 examples) - File metadata, MIME types, multiple files
- folder_hierarchy_spec.rb (25 examples) - Tree operations, path resolution, queries
Fixed mock infrastructure (test/integration/mock_helper.rb):
- Implemented proper AES-256-GCM encryption for records (was Base64 only)
- Implemented AES-CBC encryption for folder data
- Added transmission key encryption/decryption
- Enabled complete offline testing without config.base64
Fixed manual integration test scripts:
- test_totp.rb - Enabled SHA256/SHA512 algorithm and custom period tests
- test_file_operations.rb - Enabled multiple file upload, metadata, and deletion tests
- test_offline_mock.rb - Updated to work completely offline with proper encryption
Updated GitHub Actions workflow:
- Renamed 'Run unit tests' step to 'Run RSpec tests (unit + integration)'
- Removed error suppression from offline mock test
…ectory with dev dependencies" This reverts commit 56754eb.
…res and consistent from_file() initialization
…issions Fix file permissions for Ruby SDK config files
The mock token key was 30 bytes instead of required 32 bytes for AES-256-GCM. Changed 'test_token_key_32_bytes_long!!' to 'test_token_key_32_bytes_long!!!!' to make it exactly 32 bytes. This fixes the ArgumentError: key must be 32 bytes error in CI. Test results: - All 660 tests pass (0 failures, 13 pending) - Coverage: 63.28% → 67.97% (+4.69 percentage points) - Offline mock test passes
The decrypt_aes_gcm function expects encrypted data in the format: [IV (12 bytes)][Ciphertext (variable)][Tag (16 bytes)] The previous implementation was only including [Ciphertext][Tag], missing the IV at the beginning. This caused decryption to fail with CipherError. Fixed by: - Storing the IV in a variable before setting it on the cipher - Prepending the IV to the final encrypted data: iv + ciphertext + tag Why it passed locally but failed in CI: - The previous commit (aa7b9a3) fixed the key length issue, allowing the test to run further into the decryption logic - Different OpenSSL versions or Ruby configurations between local and CI may have caused different error manifestations - The missing IV would consistently cause decryption failure, but the specific error might vary by environment Test results: - All 660 tests pass (0 failures, 13 pending) - Offline mock test passes
Deduplicate records by UID before checking for ambiguity. When a KSM
application has access to both an original record and its shortcut,
the same UID appears multiple times but should not be treated as
ambiguous.
- Add deduplication logic using uniq { |r| r.uid }
- Preserve genuine ambiguity check for different records with same title
- Add test case for duplicate UID handling
…18-ruby KSM-743: add transmission public key #18 for Gov Cloud Dev support
…d-ruby KSM-734: Fix notation lookup with record shortcuts (Ruby)
Removed PAM features (moved to v17.3.0): - KSM-687 PAM DTO fields and methods - KSM-694 convenience methods (upload_file_from_path, try_get_notation) - complete_transaction method for PAM rotation workflows - PAM linked records example (11_pam_linked_records.rb) Removed comprehensive tests (moved to v17.3.0 for KSM-697): - errors_spec.rb (343 lines - error handling coverage) - field_types_spec.rb (733 lines - field types coverage) - totp_spec.rb (479 lines - TOTP coverage) - core_spec.rb (387 lines - core initialization coverage) - test_pam_linked_records.rb (PAM integration tests) - test_pam_rotation.rb (PAM integration tests) Kept feature-specific tests for v17.2.0: - cache_spec.rb (tests KSM-686 caching) - proxy_spec.rb (tests KSM-692 proxy) - notation_spec.rb (tests KSM-734 duplicate UID fix) - test_caching.rb (integration tests) - test_proxy.rb (integration tests) Updated CHANGELOG: - Removed PAM features from v17.2.0 section - Added note about PAM features moving to v17.3.0 - Updated test count from 569 to ~100-150 (feature-specific only) - Added QA scope note (1 week vs 2 weeks) v17.2.0 now focuses on: bug fixes, Gov Cloud support, caching, proxy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Ruby SDK v17.2.0 - Bug Fixes, Gov Cloud Support, and Enterprise Features
This release focuses on critical bug fixes, Gov Cloud Dev support, disaster recovery caching, and HTTP proxy support for enterprise environments.
Note: PAM features and comprehensive test coverage moved to v17.3.0 for easier QA and faster release cycle.
Changes
Fixed
CreateOptions.subfolder_uidparameter is now correctly sent to API when creating recordsCachingPostFunctionto match other SDKsget_secretandget_foldersendpointsCacheclass for file-based encrypted cache storage@cacheand@cache_expiryinstance variables fromSecretsManageruniq { |r| r.uid }before ambiguity checkAdded
KeeperSecretsManager::CachingPostFunction- Built-in disaster recovery cachingKeeperSecretsManager::Cache- File-based cache management (save, load, clear)KSM_CACHE_DIRenvironment variableproxy_urlinitialization parameter for explicit proxy configurationKeeperSecretsManager.from_config(config_base64, options = {})- Convenience method for initializing from base64 config stringbin/console) for interactive SDK exploration using Pry REPLChanged
test/integration/test_caching.rb- Integration tests for disaster recovery cachingtest/integration/test_proxy.rb- Integration tests for HTTP proxy supportspec/keeper_secrets_manager/unit/cache_spec.rb- Unit tests for Cache classspec/keeper_secrets_manager/unit/proxy_spec.rb- Unit tests for proxy configurationmock_helper.rb10_custom_caching.rb- Disaster recovery caching examples12_proxy_usage.rb- HTTP proxy configuration examplesTesting
Unit Tests
Test coverage:
cache_spec.rb: Cache hit/miss, expiration, encryptionproxy_spec.rb: Proxy configuration (env vars, explicit, authenticated)notation_spec.rb: Duplicate UID handling with shortcutsManual QA Checklist
Breaking Changes
None. This release is fully backward compatible with v17.1.0.
Release Notes
Ruby SDK 17.2.0 provides critical bug fixes and enterprise-ready features:
Bug Fixes:
Enterprise Features:
Test Coverage: Feature-specific tests for all new functionality (~100-150 examples)