Upgrade attr_encrypted and encryptor

attr_encrypted (1.3.4 => 3.0.1) Changelog: https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m d attr_encrypted 2.x included a vulnerability, so that major version is skipped. 3.x requires that the algorithm and mode used by each encrypted attribute is specified explicitly. `nil` is no longer a valid value for the encrypted_value_iv field, so it’s changed to a randomly generated string.
author: Connor Shea <connor.james.shea@gmail.com> 2016-05-19 13:55:25 -0500
committer: Connor Shea <connor.james.shea@gmail.com> 2016-05-30 13:51:21 -0600
commit: d287315dbf1a1493e3f2c2511e559204cc914ff8 (patch)
tree: e8ad832255adec67b700a73e4cf853392e27bbb8 /spec/models/ci/variable_spec.rb
parent: d47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff)
download: gitlab-ce-d287315dbf1a1493e3f2c2511e559204cc914ff8.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/spec/models/ci/variable_spec.rb b/spec/models/ci/variable_spec.rb
index c712d211b0f..98f60087cf5 100644
--- a/spec/models/ci/variable_spec.rb
+++ b/spec/models/ci/variable_spec.rb
@@ -23,7 +23,7 @@ describe Ci::Variable, models: true do
     end
 
     it 'fails to decrypt if iv is incorrect' do
-      subject.encrypted_value_iv = nil
+      subject.encrypted_value_iv = SecureRandom.hex
       subject.instance_variable_set(:@value, nil)
       expect { subject.value }.
         to raise_error(OpenSSL::Cipher::CipherError, 'bad decrypt')
author	Connor Shea <connor.james.shea@gmail.com>	2016-05-19 13:55:25 -0500
committer	Connor Shea <connor.james.shea@gmail.com>	2016-05-30 13:51:21 -0600
commit	d287315dbf1a1493e3f2c2511e559204cc914ff8 (patch)
tree	e8ad832255adec67b700a73e4cf853392e27bbb8 /spec/models/ci/variable_spec.rb
parent	d47b2b92c9b5e80eb3430e2b4950e17646b8efd8 (diff)
download	gitlab-ce-d287315dbf1a1493e3f2c2511e559204cc914ff8.tar.gz