d287315dbf
attr_encrypted (1.3.4 => 3.0.1) Changelog: https://github.com/attr-encrypted/attr_encrypted/blob/master/CHANGELOG.m d attr_encrypted 2.x included a vulnerability, so that major version is skipped. 3.x requires that the algorithm and mode used by each encrypted attribute is specified explicitly. `nil` is no longer a valid value for the encrypted_value_iv field, so it’s changed to a randomly generated string.
19 lines
564 B
Ruby
19 lines
564 B
Ruby
module Ci
|
|
class Variable < ActiveRecord::Base
|
|
extend Ci::Model
|
|
|
|
belongs_to :project, class_name: '::Project', foreign_key: :gl_project_id
|
|
|
|
validates_uniqueness_of :key, scope: :gl_project_id
|
|
validates :key,
|
|
presence: true,
|
|
length: { within: 0..255 },
|
|
format: { with: /\A[a-zA-Z0-9_]+\z/,
|
|
message: "can contain only letters, digits and '_'." }
|
|
|
|
attr_encrypted :value,
|
|
mode: :per_attribute_iv_and_salt,
|
|
key: Gitlab::Application.secrets.db_key_base,
|
|
algorithm: 'aes-256-cbc'
|
|
end
|
|
end
|