Skip to content

Replace attr_encrypted with Ruby 3 compatible vendored version

Matthias Käppler requested to merge 372221-attr-encrypted-fork into master

What does this MR do and why?

The attr_encrypted gem is unmaintained and had no working build setup. We also identified issues with Ruby 3 support.

We had initially forked it into gitlab-org and published the fork to RubyGems, but this caused problems with the dependency graph as we had renamed the gem to use the gitlab- prefix. Since this gem is in maintenance mode and will not evolve outside of security/compatibility patches we decided it was better to vendor it with gitlab-rails. This also allows us to remove various monkey patches since these issues are now fixed in the vendor module.

NOTE: Since we forked from upstream master, there are additional changes that were not present in the previous 3.1.0 release: https://github.com/attr-encrypted/attr_encrypted/compare/3.1.0...master. I think the most notable one might be this: https://github.com/attr-encrypted/attr_encrypted/commit/333775b767cc18f22a283cb0631dc82b2227cb82 (it changes the timing for when the gem inserts its extensions into AR)

These changes we made are referenced as version 3.2.4.

Here is the full diff of these changes: !98528 (comment 1118715801)

Some references:

Refs #372221 (closed)

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related to #372221 (closed)

Edited by Matthias Käppler

Merge request reports