New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →

inline_encryption

Package Overview

Dependencies

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

Install

inline_encryption

2.1.0
Rubygems

Version published: 3 years ago

Maintainers: 1

Created: 3 years ago

Source

inline_encryption

Simple encryption relying on convention and designed to be used inline as string replacements.

PLEASE upgrade to version 2.0 - previous versions lend themselves to making human errors which could lead to exploitation.

Upgrading from 1.0 to 2.0

Recommended, but optional - generate a new RSA key pair
For a properly configured production environment, simply configure with a private key
Pass along the public key to any developers on the team that will need to encrypt new values

Usage

Imagine you have a file named database.yml that contains passwords.

Before:

password: '123456'

After:

password: <%= InlineEncryption.decrypt(encrypted stuff goes here) %>

To set up:

InlineEncryption.config[:key] = '/some/rsa_key'

An example of different keys per environment:

InlineEncryption.config[:key] = ENV['INLINE_ENCRYPTION_KEY']

If you've configured with a private key, you can both encrypt and decrypt. If you've configured with a public key, you can only encrypt.

FAQs

What is inline_encryption?

Is inline_encryption well maintained?

Package last updated on 11 Jan 2022

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

inline_encryption

Upgrading from 1.0 to 2.0

Usage

Related posts

North Korean APT Lazarus Targets Developers with Malicious npm Package

CISA Brings KEV Data to GitHub