Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ruby 3.4 warnings: freezing strings and base64 no longer default gem #25

Open
larouxn opened this issue Dec 21, 2024 · 0 comments · May be fixed by #26
Open

Ruby 3.4 warnings: freezing strings and base64 no longer default gem #25

larouxn opened this issue Dec 21, 2024 · 0 comments · May be fixed by #26

Comments

@larouxn
Copy link

larouxn commented Dec 21, 2024
edited
Loading

With Ruby 3.4 to be released in a few days, on December 25, I tried out the release candidate in our application and came across a few warnings/issues.

https://www.ruby-lang.org/en/news/2024/12/12/ruby-3-4-0-rc1-released/

It appears the file in question, aes_kw.rb, both lacks # frozen_string_literal: true directive at the top of the file and adding so exposes that this library does a lot of string manipulation that will likely need to be adjusted as freezing strings breaks some stuff according to tests.

Console warning:

ruby-3.4.0-rc1/gems/jwe-0.4.0/lib/jwe/alg/aes_kw.rb:11: warning: literal string will be frozen in the future (run with --debug-frozen-string-literal for more information)

Cause (3.4.0-rc1 release notes):

String literals in files without a frozen_string_literal comment now emit a deprecation warning when they are mutated. These warnings can be enabled with -W:deprecated or by setting Warning[:deprecated] = true. To disable this change, you can run Ruby with the --disable-frozen-string-literal command line argument. [Feature #20205]

test logs after freezing `aes_kw.rb` 
Failures:

  1) JWE::Alg::A192kw decrypts the encrypted key to the original key
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:88:in 'block (3 levels) in <top (required)>'

  2) JWE::Alg::A192kw#encrypt returns an encrypted string
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:83:in 'block (4 levels) in <top (required)>'

  3) JWE::Alg::A128kw decrypts the encrypted key to the original key
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:88:in 'block (3 levels) in <top (required)>'

  4) JWE::Alg::A128kw#encrypt returns an encrypted string
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:83:in 'block (4 levels) in <top (required)>'

  5) JWE::Alg::A256kw decrypts the encrypted key to the original key
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:88:in 'block (3 levels) in <top (required)>'

  6) JWE::Alg::A256kw#encrypt returns an encrypted string
     Failure/Error: self.iv = iv.force_encoding('ASCII-8BIT')
     
     FrozenError:
       can't modify frozen String: "\xA6\xA6\xA6\xA6\xA6\xA6\xA6\xA6"
     # ./lib/jwe/alg/aes_kw.rb:13:in 'String#force_encoding'
     # ./lib/jwe/alg/aes_kw.rb:13:in 'JWE::Alg::AesKw#initialize'
     # ./spec/jwe/alg_spec.rb:79:in 'Class#new'
     # ./spec/jwe/alg_spec.rb:79:in 'block (3 levels) in <top (required)>'
     # ./spec/jwe/alg_spec.rb:83:in 'block (4 levels) in <top (required)>'

Finished in 0.13322 seconds (files took 0.09102 seconds to load)
149 examples, 6 failures

Failed examples:

rspec './spec/jwe/alg_spec.rb[6:2]' # JWE::Alg::A192kw decrypts the encrypted key to the original key
rspec './spec/jwe/alg_spec.rb[6:1:1]' # JWE::Alg::A192kw#encrypt returns an encrypted string
rspec './spec/jwe/alg_spec.rb[5:2]' # JWE::Alg::A128kw decrypts the encrypted key to the original key
rspec './spec/jwe/alg_spec.rb[5:1:1]' # JWE::Alg::A128kw#encrypt returns an encrypted string
rspec './spec/jwe/alg_spec.rb[7:2]' # JWE::Alg::A256kw decrypts the encrypted key to the original key
rspec './spec/jwe/alg_spec.rb[7:1:1]' # JWE::Alg::A256kw#encrypt returns an encrypted string

Additionally, ran into the following warning which was resolved by adding base64 to the Gemspec.

bundle exec rspec
/Users/larouxn/src/github.com/larouxn/ruby-jwe/spec/spec_helper.rb:5: warning: base64 was loaded from the standard library, but is not part of the default gems starting from Ruby 3.4.0.
You can add base64 to your Gemfile or gemspec to silence this warning.

An error occurred while loading spec_helper. - Did you mean?
                    rspec ./spec/spec_helper.rb

Failure/Error: require 'base64'

LoadError:
  cannot load such file -- base64
# ./lib/jwe.rb:1:in '<top (required)>'
# ./spec/spec_helper.rb:5:in '<top (required)>'
No examples found.
No examples found.


Finished in 0.00002 seconds (files took 0.86318 seconds to load)
0 examples, 0 failures, 1 error occurred outside of examples

Finished in 0.00002 seconds (files took 0.86318 seconds to load)
0 examples, 0 failures, 1 error occurred outside of examples


Coverage report generated for RSpec to /Users/larouxn/src/github.com/larouxn/ruby-jwe/coverage. 1 / 62 LOC (1.61%) covered.
@larouxn larouxn linked a pull request Dec 21, 2024 that will close this issue
Open
@larouxn larouxn changed the title Ruby 3.4 warnings: base64 no longer default gem and freezing strings Ruby 3.4 warnings: freezing strings and base64 no longer default gem Dec 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Support Ruby 3.4 larouxn/ruby-jwe
1 participant
@larouxn