Support Rails 8.1, drop support for EOL Ruby/Rails

Author: zhuravel

.github/workflows/test.yml

@@ -1,44 +1,44 @@
-name: gha-workflow-authlogic-test
+name: CI
 on: [push, pull_request]
 jobs:
   # Linting is a separate job, primary because it only needs to be done once,
   # and secondarily because jobs are performed concurrently.
-  gha-job-authlogic-lint:
+  lint:
     name: Lint
     runs-on: ubuntu-latest
     steps:
       - name: Checkout source
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup ruby
         uses: ruby/setup-ruby@v1
         with:
           # Set to `TargetRubyVersion` in `.rubocop.yml`
-          ruby-version: 2.6
+          ruby-version: 3.2
       - name: Bundle
         run: |
-          gem install bundler -v 2.4.22
+          gem install bundler
           bundle install --jobs 4 --retry 3
       - name: Lint
         run: bundle exec rubocop
 
   # The test job is a matrix of ruby/rails versions.
-  gha-job-authlogic-test:
+  test:
     name: Ruby ${{ matrix.ruby }}, Rails ${{ matrix.rails }}
     runs-on: ubuntu-latest
     services:
-      gha-service-authlogic-mysql:
+      mysql:
         env:
           MYSQL_ALLOW_EMPTY_PASSWORD: yes
           MYSQL_DATABASE: authlogic
         image: mysql:8.0
         options: >-
-          --health-cmd="mysqladmin ping"
-          --health-interval=10s
-          --health-timeout=5s
-          --health-retries=3
+          --health-cmd "mysqladmin ping"
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 3
         ports:
           - 3306:3306
-      gha-service-authlogic-postgres:
+      postgres:
         env:
           POSTGRES_PASSWORD: asdfasdf
         image: postgres
@@ -56,28 +56,15 @@ jobs:
       # have set this up with each database as a separate job, but then we'd be
       # duplicating the matrix configuration three times.
       matrix:
-        # To keep matrix size down, only test highest and lowest rubies. In
-        # `.rubocop.yml`, set `TargetRubyVersion`, to the lowest ruby version
+        # In `.rubocop.yml`, set `TargetRubyVersion`, to the lowest Ruby version
         # tested here.
-        ruby: ["3.1", "3.2", "3.3", "3.4"]
-        rails: ["7.0", "7.1", "7.2", "8.0"]
-        exclude:
-          # rails 7 requires ruby >= 2.7.0
-          - rails: "7.0"
-            ruby: "3.1"
-          - rails: "7.0"
-            ruby: "3.2"
-          - rails: "7.0"
-            ruby: "3.3"
-          - rails: "7.0"
-            ruby: "3.4"
-          - rails: "8.0"
-            ruby: "3.1"
+        ruby: ["3.2", "3.3", "3.4"]
+        rails: ["7.2", "8.0", "8.1"]
     env:
       BUNDLE_GEMFILE: gemfiles/rails_${{ matrix.rails }}.rb
     steps:
       - name: Checkout source
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - name: Setup ruby
         uses: ruby/setup-ruby@v1
         with:

.rubocop.yml

@@ -12,7 +12,7 @@ AllCops:
   # rubies on CI.
   #
   # Should be same as `ruby-version` in `.github/workflows/test.yml`
-  TargetRubyVersion: 2.6
+  TargetRubyVersion: 3.2
 
 # Avoid empty lines in methods, they are a sign the method is too big.
 Layout/EmptyLineAfterGuardClause:

.rubocop_todo.yml

@@ -1,13 +1,13 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config --exclude-limit 1000`
-# on 2020-03-24 00:02:43 -0400 using RuboCop version 0.80.1.
+# on 2025-10-16 20:21:05 UTC using RuboCop version 1.81.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
 # Offense count: 7
-# Cop supports --auto-correct.
+# This cop supports safe autocorrection (--autocorrect).
 # Configuration parameters: EnforcedStyle, IndentationWidth.
 # SupportedStyles: with_first_argument, with_fixed_indentation
 Layout/ArgumentAlignment:
@@ -16,49 +16,155 @@ Layout/ArgumentAlignment:
     - 'lib/authlogic/acts_as_authentic/single_access_token.rb'
     - 'test/libs/user.rb'
 
-# Offense count: 14
-# Cop supports --auto-correct.
-Lint/SendWithMixinArgument:
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: Severity.
+# SupportedStylesAlignWith: start_of_line, begin
+Layout/BeginEndAlignment:
+  EnforcedStyleAlignWith: begin
+
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowAliasSyntax, AllowedMethods.
+# AllowedMethods: alias_method, public, protected, private
+Layout/EmptyLinesAroundAttributeAccessor:
+  Exclude:
+    - 'lib/authlogic/crypto_providers/scrypt.rb'
+    - 'test/libs/user_session.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+Layout/RescueEnsureAlignment:
+  Exclude:
+    - 'lib/authlogic/acts_as_authentic/session_maintenance.rb'
+
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowForAlignment, EnforcedStyleForExponentOperator, EnforcedStyleForRationalLiterals.
+# SupportedStylesForExponentOperator: space, no_space
+# SupportedStylesForRationalLiterals: space, no_space
+Layout/SpaceAroundOperators:
   Exclude:
-    - 'lib/authlogic/acts_as_authentic/base.rb'
-    - 'lib/authlogic/controller_adapters/sinatra_adapter.rb'
     - 'lib/authlogic/test_case.rb'
 
-# Offense count: 3
+# Offense count: 1
+# Configuration parameters: AllowComments.
+Lint/EmptyFile:
+  Exclude:
+    - 'test/session_test/credentials_test.rb'
+
+# Offense count: 4
+# Configuration parameters: AllowedParentClasses.
+Lint/MissingSuper:
+  Exclude:
+    - 'lib/authlogic/test_case/mock_api_controller.rb'
+    - 'lib/authlogic/test_case/mock_controller.rb'
+    - 'lib/authlogic/test_case/mock_cookie_jar.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AllowedMethods, InferNonNilReceiver, AdditionalNilMethods.
+# AllowedMethods: instance_of?, kind_of?, is_a?, eql?, respond_to?, equal?
+# AdditionalNilMethods: present?, blank?, try, try!
+Lint/RedundantSafeNavigation:
+  Exclude:
+    - 'lib/authlogic/test_case/mock_request.rb'
+
+# Offense count: 1
+# Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes.
 Metrics/AbcSize:
-  Max: 16.03
+  Max: 21
+
+# Offense count: 2
+# Configuration parameters: EnforcedStyle, CheckMethodNames, CheckSymbols, AllowedIdentifiers, AllowedPatterns.
+# SupportedStyles: snake_case, normalcase, non_integer
+# AllowedIdentifiers: TLS1_1, TLS1_2, capture3, iso8601, rfc1123_date, rfc822, rfc2822, rfc3339, x86_64
+Naming/VariableNumber:
+  Exclude:
+    - 'test/acts_as_authentic_test/perishable_token_test.rb'
+    - 'test/session_test/session_test.rb'
+
+# Offense count: 4
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: EnforcedStyle.
+# SupportedStyles: separated, grouped
+Style/AccessorGrouping:
+  Exclude:
+    - 'lib/authlogic/crypto_providers/sha1.rb'
+    - 'lib/authlogic/crypto_providers/sha1/v2.rb'
+
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: AllowedMethods, AllowedPatterns.
+# AllowedMethods: ==, equal?, eql?
+Style/ClassEqualityComparison:
+  Exclude:
+    - 'lib/authlogic/session/base.rb'
 
 # Offense count: 5
 Style/ClassVars:
   Exclude:
     - 'lib/authlogic/i18n.rb'
 
-# Offense count: 4
-Style/MethodMissingSuper:
+# Offense count: 1
+# This cop supports unsafe autocorrection (--autocorrect-all).
+Style/GlobalStdStream:
   Exclude:
-    - 'lib/authlogic/controller_adapters/abstract_adapter.rb'
-    - 'lib/authlogic/controller_adapters/sinatra_adapter.rb'
-    - 'lib/authlogic/test_case/mock_request.rb'
+    - 'test/test_helper.rb'
 
 # Offense count: 3
 Style/MissingRespondToMissing:
   Exclude:
     - 'lib/authlogic/controller_adapters/sinatra_adapter.rb'
     - 'lib/authlogic/test_case/mock_request.rb'
 
-# Offense count: 6
-# Cop supports --auto-correct.
-# Configuration parameters: ExactNameMatch, AllowPredicates, AllowDSLWriters, IgnoreClassMethods, AllowedMethods.
-# AllowedMethods: to_ary, to_a, to_c, to_enum, to_h, to_hash, to_i, to_int, to_io, to_open, to_path, to_proc, to_r, to_regexp, to_str, to_s, to_sym
-Style/TrivialAccessors:
+# Offense count: 5
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowMethodComparison, ComparisonsThreshold.
+Style/MultipleComparison:
   Exclude:
     - 'lib/authlogic/session/base.rb'
 
-Style/HashEachMethods:
-  Enabled: false
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantFreeze:
+  Exclude:
+    - 'test/libs/user.rb'
 
-Style/HashTransformKeys:
-  Enabled: false
+# Offense count: 2
+# This cop supports safe autocorrection (--autocorrect).
+Style/RedundantRegexpEscape:
+  Exclude:
+    - 'test/libs/user.rb'
+
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: ConvertCodeThatCanStartToReturnNil, AllowedMethods, MaxChainLength.
+# AllowedMethods: present?, blank?, presence, try, try!
+Style/SafeNavigation:
+  Exclude:
+    - 'lib/authlogic/acts_as_authentic/session_maintenance.rb'
+    - 'lib/authlogic/session/base.rb'
 
-Style/HashTransformValues:
-  Enabled: false
+# Offense count: 1
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: AllowModifier.
+Style/SoleNestedConditional:
+  Exclude:
+    - 'lib/authlogic/session/base.rb'
+
+# Offense count: 3
+# This cop supports unsafe autocorrection (--autocorrect-all).
+# Configuration parameters: Mode.
+Style/StringConcatenation:
+  Exclude:
+    - 'test/session_test/existence_test.rb'
+    - 'test/test_helper.rb'
+
+# Offense count: 7
+# This cop supports safe autocorrection (--autocorrect).
+# Configuration parameters: ExactNameMatch, AllowPredicates, AllowDSLWriters, IgnoreClassMethods, AllowedMethods.
+# AllowedMethods: to_ary, to_a, to_c, to_enum, to_h, to_hash, to_i, to_int, to_io, to_open, to_path, to_proc, to_r, to_regexp, to_str, to_s, to_sym
+Style/TrivialAccessors:
+  Exclude:
+    - 'lib/authlogic/session/base.rb'

CHANGELOG.md

@@ -7,6 +7,14 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ## Unreleased
 
+- Breaking Changes
+  - Dropped support for EOL Ruby versions (< 3.2)
+  - Dropped support for EOL Rails versions (< 7.2)
+- Added
+  - Added support for Rails 8.1
+- Fixed
+  - None
+
 ## 6.5.0 (2025-04-10)
 
 - Breaking Changes
@@ -46,7 +54,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Added
   - `Authlogic::Session::Base.session_fixation_defense` - Reset the Rack
     session ID after authentication, to protect against Session Fixation
-    attacks. (https://guides.rubyonrails.org/security.html#session-fixation)
+    attacks. (<https://guides.rubyonrails.org/security.html#session-fixation>)
     Default: true
 - Fixed
   - None
@@ -135,5 +143,3 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## Previous major version
 
 See eg. the `5-1-stable` branch
-
-[1]: https://github.com/binarylogic/authlogic/blob/master/doc/use_normal_rails_validation.md