Ruby - Digest::Digest Is Deprecated; Use Digest

Ruby - Digest::Digest is deprecated; Use Digest

Borrowing the reply from this thread

OpenSSL::Digest::Digest has been discouraged to use from very ancient era such as Ruby 1.8 and finally was deprecated recently.

If you search for the error message, you will see that a lot of gems, including fog, were still using the deprecated syntax.

I assume it will take a while before all the gems will be updated. If you came across the deprecation in one of the libs you use, I encourage you to report it to the maintainer.

Here's a few examples

• https://github.com/fog/fog/pull/2473
• https://github.com/alexreisner/geocoder/pull/580
• https://github.com/ruby/ruby/pull/446

It's likely your Rails app depends on a gem that is using that old syntax.

Digest::Digest is deprecated; use Digest

It is most likely used by one of the gems your app is dependent on.

install (unless already installed) ack tool and run the following command:

# of course, the path to your gems will be different
ack Digest::Digest /Users/username/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.1/gems/

It will show you whether any of the gems use it, and if yes - will show you the source code lines.

But basically there is not much you can do:

1. Check, whether this gem has a newer version, which solves the deprecation warning
2. Write a patch to the gem, which solves the warning and use patched verions (not cool idea IMO)
3. Live with warning until gem maintainers work on that

4. You can silence the depreciation warnings altogether with ActiveSupport::Deprecation.silenced = true (not cool idea as well IMO). There is also a way to silence specific warning, as @max says in comments):

   silenced = [
     /Digest::Digest is deprecated; use Digest/,
     /some other warning/,
   ]
   
   silenced_expr = Regexp.new(silenced.join('|'))
   
   ActiveSupport::Deprecation.behavior = lambda do |msg, stack|
     unless msg =~ silenced_expr
       ActiveSupport::Deprecation::DEFAULT_BEHAVIORS[:stderr].call(msg, stack)
     end
   end
   

5. Do not use this gem

Warning: Calling `sha256 digest with Brew on macOS

You need to specify the path of your Formula to fix it, try to run this command below.

brew style --fix /usr/local/Homebrew/Library/Taps/henkrehorst/homebrew-bc/Formula

example

$ brew style --fix /usr/local/Homebrew/Library/Taps/pnbv/homebrew-ffmpegvidstab/ffmpeg.rb
Fetching gem metadata from https://rubygems.org/.........
Using ...
Fetching ...
Installing ...
Bundle complete! 31 Gemfile dependencies, 84 gems now installed.
Bundled gems are installed into `../../usr/local/Homebrew/Library/Homebrew/vendor/bundle`
Removing ...
 /usr/local/Homebrew/Library/Taps/pnbv/homebrew-ffmpegvidstab/ffmpeg.rb:9:5: C: [Corrected] sha256 should use new syntax
    sha256 "468153bac4b90b445fa5c6adfb70ec3213ebc0f63c7a97a6b2a1649d9c32a786" => :mojave
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
1 file inspected, 21 offenses detected, 21 offenses corrected

DEPRECATION WARNING: alias_method_chain is deprecated

Install (unless already installed) ack and run in the terminal:

ack alias_method_chain /Users/username/.rbenv/versions/2.3.1/lib/ruby/gems/2.3.1/gems/

It will indicate all places where alias_method_chain is used (files and code lines).

99% chance it is used in some of your gems.

See my answer for a list of things you can do about it.

Ruby way to generate a HMAC-SHA1 signature for OAuth

The following is equivalent to your PHP code, though I chose not to wrap it in a single line.

I'm using the gem ruby-hmac, because it works with 1.8 as well as Ruby 1.9. If you're exclusively using Ruby 1.9 I believe the standard library package 'digest' has HMAC implemented (but this is missing in the 1.8 version of the package). Make sure to gem install ruby-hmac

require 'rubygems'
require 'base64'
require 'cgi'
require 'hmac-sha1'

key = '1234'
signature = 'abcdef'
hmac = HMAC::SHA1.new(key)
hmac.update(signature)
puts CGI.escape(Base64.encode64("#{hmac.digest}\n"))

# equivalent to:
# php -r "echo rawurlencode(base64_encode(hash_hmac('sha1', 'abcdef', '1234', true)));"

Better yet, use the standard library package OpenSSL (which most Linux and MacOS have out of the box). This code will work on Ruby 1.8 and 1.9:

require 'base64'
require 'cgi'
require 'openssl'

key = '1234'
signature = 'abcdef'
puts CGI.escape(Base64.encode64("#{OpenSSL::HMAC.digest('sha1',key, signature)}\n"))

# equivalent to:
# php -r "echo rawurlencode(base64_encode(hash_hmac('sha1', 'abcdef', '1234', true)));"

Ruby HMAC-SHA Differs from Python

You made two mistakes:

1. Python's hmac.new takes key, method, digest - so you should write

   hmac.new("SUPERSECRET",data + "\0", sha)

2. The default digest method for OpenSSL::Digest in Ruby isn't SHA1 (I'm not sure what it is). You should just use:

   OpenSSL::HMAC.hexdigest('sha1',"SUPERSECRET",data+"\0")[0,16]

Both methods (first in Python, second in Ruby) return the same output.

Library not loaded (libcrypto)

I did a quick test:

rvm 2.6.5

To determine that ruby-2.6.5 was not installed, so I installed it:

rvm install "ruby-2.6.5"

---

Related Topics