📚 Prepare v0.4.0-rc1 release documentation

voltechs · voltechs · commit 268c7c539f2d · 2025-07-23T18:10:43.000-06:00
- Add comprehensive CHANGELOG.md with emoji legend and organized release notes
- Update README.md with new v0.4.0 features: configuration system, Sudo.as_root DSL, graphical password prompts, and timeouts
- Document ASK_PATH_CMD constant for convenient askpass program detection
- Fix spelling errors and improve documentation clarity
- Update VERSION constant to 0.4.0-rc1 for pre-release
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,28 @@
 # Sudo
 
+<!--
+Emoji Legend:
+🎉 Initial Release   ✨ Feature         🐛 Bug Fix        🔒 Security
+🚀 Compatibility    💥 Breaking        🔧 Internal       ✅ Testing
+📚 Documentation    📄 License         🗑️ Removed
+-->
+
+## `v0.4.0-rc1` _(July 23, 2025)_
+
+- 🔒 **Security**: Fix command injection vulnerabilities in system calls
+- 🔒 **Security**: Use SecureRandom for socket paths instead of predictable object_id
+- ✨ **Feature**: Add configuration system with global defaults
+- ✨ **Feature**: Implement sudo -A flag support for graphical password prompts
+- ✨ **Feature**: Add Sudo.as_root convenience method for better DSL
+- ✨ **Feature**: Add configurable timeouts
+- ✨ **Feature**: Add respond_to_missing? for proper method reflection
+- 💥 **Breaking**: Minimum Ruby version bumped to 2.7+ (EOL compliance)
+- 🔧 **Internal**: Modernize Ruby code with keyword arguments and array-form system calls
+- 🔧 **Internal**: Improve test coverage and add configuration tests
+
+<details>
+<summary>📜 Historical Releases</summary>
+
 ## `v0.3.0` _(July 04, 2023)_
 
 - 🚀 **Compatibility**: Add Ruby 3.2 support
@@ -37,3 +60,5 @@
 - ✨ **Feature**: Unix domain socket communication
 - ✨ **Feature**: Process spawning and management
 - ✨ **Feature**: Basic object proxying through sudo
+
+</details>
diff --git a/README.md b/README.md
@@ -53,7 +53,7 @@ sudo[MyClass].my_class_method
 sudo.stop!
 ```
 
-A convienient utility for working with sudo is to use the `run` method and pass it a block.
+A convenient utility for working with sudo is to use the `run` method and pass it a block.
 Run will automatically start and stop the ruby sudo process around the block.
 
 ```ruby
@@ -66,11 +66,72 @@ end
 # Sockets and processes are closed automatically when the block exits
 ```
 
-Both `Sudo::Wrapper.run` and `Sudo::Wrapper.new` take the same named arguments: `ruby_opts` (default: `''` ) and `load_gems` (default: `true`).
+Both `Sudo::Wrapper.run` and `Sudo::Wrapper.new` accept configuration options:
 
-If you'd like to pass options to the sudo-spawned ruby process, pass them as a string to `ruby_opts`.
+- `ruby_opts` (default: `''`) - Options to pass to the sudo-spawned ruby process
+- Any configuration option can be passed to override global settings (e.g., `timeout`, `load_gems`, `socket_dir`, etc.)
 
-If you'd like to prevent the loading of `gems` currently loaded from the calling program, pass `false` to `load_gems`. This will give your sudo process a unmodifed environment. The only things required via the sudo process are `'drb/drb'`, `'fileutils'`, and of course `'sudo'`.
+If you'd like to prevent the loading of `gems` currently loaded from the calling program, pass `load_gems: false`. This will give your sudo process an unmodified environment. The only things required via the sudo process are `'drb/drb'`, `'fileutils'`, and of course `'sudo'`.
+
+### New DSL (v0.4.0+)
+
+For simple operations, you can use the convenience method:
+
+```ruby
+require 'sudo'
+
+# Accepts the same options as Wrapper.run:
+Sudo.as_root(load_gems: false) do |sudo|
+  sudo[FileUtils].mkdir_p '/root/only/path'
+  sudo[File].write '/etc/config', content
+end
+```
+
+### Configuration (v0.4.0+)
+
+Configure global defaults:
+
+```ruby
+Sudo.configure do |config|
+  config.timeout = 30           # Default: 10 seconds
+  config.socket_dir = '/var/run' # Default: '/tmp'
+  config.sudo_askpass = '/usr/bin/ssh-askpass'  # For graphical password prompts
+  config.load_gems = false      # Default: true - whether to load current gems in sudo process
+end
+```
+
+### Graphical Password Prompts (v0.4.0+)
+
+Set `sudo_askpass` to use graphical password prompts via `sudo -A`:
+
+```ruby
+Sudo.configure do |config|
+  config.sudo_askpass = '/usr/bin/ssh-askpass'
+  # Or use the auto-detected constant for convenience:
+  # config.sudo_askpass = Sudo::ASK_PATH_CMD
+end
+
+# Or per-wrapper:
+Sudo::Wrapper.run(sudo_askpass: '/usr/bin/ssh-askpass') do |sudo|
+  sudo[FileUtils].mkdir_p '/secure/path'
+end
+```
+
+### Timeouts (v0.4.0+)
+
+Configure connection timeouts:
+
+```ruby
+# Global configuration
+Sudo.configure do |config|
+  config.timeout = 15  # Wait up to 15 seconds for sudo process to start
+end
+
+# Or per-wrapper
+Sudo::Wrapper.run(timeout: 5) do |sudo|
+  sudo[SomeClass].time_sensitive_operation
+end
+```
 
 ## Credits
 
@@ -88,7 +149,7 @@ Robert M. Koch ([@threadmetal](https://github.com/threadmetal))
 
 Wolfgang Teuber ([@wteuber](https://github.com/wteuber))
 
-### Other aknowledgements
+### Other acknowledgements
 
 
 Thanks to Tony Arcieri and Brian Candler for suggestions on
diff --git a/lib/sudo/constants.rb b/lib/sudo/constants.rb
@@ -1,7 +1,7 @@
 require 'pathname'
 
 module Sudo
-  VERSION = '0.3.0'
+  VERSION = '0.4.0'
 
   def self.root
     @root ||= Pathname.new(File.expand_path('../../', __dir__))
