🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

rahasia

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

rahasia

bundlerRubygems
Version
0.0.2
Version published
Maintainers
1
Created
Source

Rahasia

Build Status

WARNING this gem is alpha version. Do not use on production. Currently support String type and ActiveRecord.

Welcome to your new gem! In this directory, you'll find the files you need to be able to package up your Ruby library into a gem. Put your Ruby code in the file lib/rahasia. To experiment with that code, run bin/console for an interactive prompt.

This Gem is wrapper for Lockbox, Vault and Vault Transit.

This gem wraps the endpoints for HashiCorp's Vault Transit secret backend. It is dependent upon the vault gem. This gem has patterns and code copied from HashiCorp's vault-ruby gem. Use this gem when you simply want to use the Transit secret backend and you don't need the Rails integration.

TODO: Delete this and the text above, and describe your gem

Installation

Add this line to your application's Gemfile:

gem 'rahasia'

And then execute:

$ bundle

Or install it yourself as:

$ gem install rahasia

Usage

Install Library Rahasia using Rails generator

rails generate rahasia:install

# config/initializer/rahasia.rb
# frozen_string_literal: true

Rahasia.setup do |config|
  config.master_key = 'please-change-me-at-config-initializers-rahasia' # SecureRandom.hex(32)
  config.adapter = 'lockbox' # available ['vault','lockbox']
  config.vault_app = 'qontak'
  config.vault = {address: 'http://localhost', ssl_verify: false, token: 'token'}
end

Create Migration to add encrypted_column

rails generate rahasia:migration credentials token

It will generate column token and token_encrypted. Please comment the token if your column already exists.

class RahasiaCredentialstokenUserId < ActiveRecord::Migration
  def change
    add_column :credentials, :token, :string
    add_column :credentials, :token_encrypted, :text
  end
end

Run Migration on Rails

bundle exec rake db:migrate

ig or for Rails 5 above

bundle exec rails db:migrate

Model

# app/model/credential.rb
class Credential < ActiveRecord::Base
  include Rahasia
  enrcypt_column :token, type: :string
end

Lockbox

Configuration :

Rahasia.setup do |config|
  config.master_key = 'please-change-me-at-config-initializers-rahasia'
  config.adapter = 'lockbox'
end

Save encryptrion

credential = Credential.new(token: 'ThisIsMyToken!')
credential.save

credential.token
# ThisIsMyToken!

On the database save

credential.token
# Actual Record on Database:
# '--encrypted:29bb68380340aa4be790438e83400c30---'

# Show on irb:
# ThisIsMyToken!

credential.token_encrypted
# 7GifGwD7+Ls23FX8jyvt5JLWySPGd3300axNyc325sh/

Vault

Rahasia.setup do |config|
  config.adapter = 'vault'
  config.vault_app = 'qontak'
  config.vault = {address: 'http://localhost', ssl_verify: false, token: 'token'}
end

Save encryptrion

credential = Credential.new(token: 'ThisIsMyToken!')
credential.save

credential.token
# ThisIsMyToken!

On the database save

credential.token
# Actual Record on Database:
# '--encrypted:49bb68380340a23be790438e83400c29---'
# Show on irb:
# ThisIsMyToken!

credential.token_encrypted
# Actual Record on Database:
# 'vault:v1:ex/xISRe7exDqeHkIPfTeUmGusyVI/szlwRk83wGyLidc9oO+om2fp6a'

Development

After checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.

To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/qontak-dev/rahasia. This project is intended to be a safe, welcoming space for collaboration, and contributors are expected to adhere to the Contributor Covenant code of conduct.

TODO:

  • Create Travis for Rails 4, 5, 6
  • Create Travis for Ruby 2.1.0, 2.2.0, 2.3.8, 2.4.5, 2.5.3, 2.6.2
  • Create test for generate installer
  • Create test for generate migration

License

The gem is available as open source under the terms of the MIT License.

Code of Conduct

Everyone interacting in the Rahasia project’s codebases, issue trackers, chat rooms and mailing lists is expected to follow the code of conduct.

FAQs

Package last updated on 15 Feb 2020

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks

Research

Inside the GitHub Infrastructure Powering North Korea’s Contagious Interview npm Attacks

Socket Threat Research maps a rare inside look at OtterCookie’s npm-Vercel-GitHub chain, adding 197 malicious packages and evidence of North Korean operators.

By Kirill Boychenko  -  Nov 26, 2025
Shai Hulud Strikes Again (v2)

Research

/

Security News

Shai Hulud Strikes Again (v2)

Another wave of Shai-Hulud campaign has hit npm with more than 500 packages and 700+ versions affected.

By Socket Research Team  -  Nov 24, 2025