Sync GitLab

.envrc

@@ -21,8 +21,8 @@ export K_SOUP_COV_DO=true # Means you want code coverage
 export K_SOUP_COV_COMMAND_NAME="Test Coverage"
 # Available formats are html, xml, rcov, lcov, json, tty
 export K_SOUP_COV_FORMATTERS="html,xml,rcov,lcov,json,tty"
-export K_SOUP_COV_MIN_BRANCH=70 # Means you want to enforce X% branch coverage
-export K_SOUP_COV_MIN_LINE=93 # Means you want to enforce X% line coverage
+export K_SOUP_COV_MIN_BRANCH=78 # Means you want to enforce X% branch coverage
+export K_SOUP_COV_MIN_LINE=98 # Means you want to enforce X% line coverage
 export K_SOUP_COV_MIN_HARD=true # Means you want the build to fail if the coverage thresholds are not met
 export K_SOUP_COV_MULTI_FORMATTERS=true
 export K_SOUP_COV_OPEN_BIN= # Means don't try to open coverage results in browser

.github/workflows/coverage.yml

@@ -6,8 +6,8 @@ permissions:
   id-token: write
 
 env:
-  K_SOUP_COV_MIN_BRANCH: 70
-  K_SOUP_COV_MIN_LINE: 93
+  K_SOUP_COV_MIN_BRANCH: 78
+  K_SOUP_COV_MIN_LINE: 98
   K_SOUP_COV_MIN_HARD: true
   K_SOUP_COV_FORMATTERS: "xml,rcov,lcov,tty"
   K_SOUP_COV_DO: true
@@ -115,7 +115,7 @@ jobs:
           hide_complexity: true
           indicators: true
           output: both
-        thresholds: '93 70'
+          thresholds: '98 78'
         continue-on-error: ${{ matrix.experimental != 'false' }}
 
       - name: Add Coverage PR Comment

.gitignore

@@ -1,3 +1,6 @@
+.project
+.tags
+
 # Build Artifacts
 /pkg/
 /tmp/

.gitlab-ci.yml

@@ -13,7 +13,7 @@
 #  - template: Security/SAST.gitlab-ci.yml
 
 default:
-  image: ruby
+  image: "ruby:${RUBY_VERSION}"
 
 variables:
   BUNDLE_INSTALL_FLAGS: "--quiet --jobs=$(nproc) --retry=3"
@@ -39,7 +39,6 @@ workflow:
     - if: '$CI_COMMIT_TAG'
 
 .test_template-current: &test_definition-current
-  image: ruby:${RUBY_VERSION}
   stage: test
   script:
     # || true so we don't fail here, because it'll probably work even if the gem update fails
@@ -67,7 +66,6 @@ workflow:
       - vendor/ruby
 
 .test_template-legacy: &test_definition-legacy
-  image: ruby:${RUBY_VERSION}
   stage: test
   script:
     # RUBYGEMS_VERSION because we support EOL Ruby still...

.rubocop_gradual.lock

@@ -1,9 +1,9 @@
 {
-  "lib/omniauth-ldap/adaptor.rb:2352927785": [
-    [36, 7, 413, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 105664470],
-    [86, 17, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [86, 30, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
-    [86, 37, 1, "Lint/AssignmentInCondition: Wrap assignment in parentheses if intentional", 177560]
+  "lib/omniauth-ldap/adaptor.rb:715274645": [
+    [64, 7, 413, "Style/ClassMethodsDefinitions: Use `class << self` to define a class method.", 105664470],
+    [114, 17, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
+    [114, 30, 3, "Style/AndOr: Use `&&` instead of `and`.", 193409806],
+    [114, 37, 1, "Lint/AssignmentInCondition: Wrap assignment in parentheses if intentional", 177560]
   ],
   "spec/integration/middleware_spec.rb:4062046892": [
     [3, 16, 39, "RSpec/DescribeClass: The first argument to describe should be the class or module being tested.", 638096201],
@@ -15,29 +15,30 @@
     [4, 3, 12, "RSpec/BeforeAfterAll: Beware of using `before(:all)` as it may cause state to leak between tests. If you are using `rspec-rails`, and `use_transactional_fixtures` is enabled, then records created in `before(:all)` are not automatically rolled back.", 86334566],
     [70, 16, 5, "RSpec/ExpectActual: Provide the actual value you are testing to `expect(...)`.", 237881235]
   ],
-  "spec/omniauth-ldap/adaptor_spec.rb:3624298807": [
-    [72, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
-    [73, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
-    [74, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
-    [80, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
-    [81, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
-    [82, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310]
+  "spec/omniauth-ldap/adaptor_spec.rb:2715031579": [
+    [3, 1, 38, "RSpec/SpecFilePathFormat: Spec path should end with `omni_auth/ldap/adaptor*_spec.rb`.", 1973618936],
+    [206, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
+    [207, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
+    [208, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
+    [214, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
+    [215, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310],
+    [216, 7, 26, "RSpec/StubbedMock: Prefer `allow` over `expect` when configuring a response.", 1924417310]
   ],
-  "spec/omniauth/adaptor_spec.rb:3492754784": [
+  "spec/omniauth/adaptor_spec.rb:1168013709": [
     [3, 1, 38, "RSpec/SpecFilePathFormat: Spec path should end with `omni_auth/ldap/adaptor*_spec.rb`.", 1973618936],
-    [42, 7, 38, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 3627954156],
-    [43, 7, 38, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 3627954156],
-    [80, 7, 48, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 2759780562]
+    [46, 7, 38, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 3627954156],
+    [47, 7, 38, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 3627954156],
+    [84, 7, 48, "RSpec/AnyInstance: Avoid stubbing using `allow_any_instance_of`.", 2759780562]
   ],
-  "spec/omniauth/strategies/ldap_spec.rb:3760791626": [
-    [13, 3, 54, "RSpec/LeakyConstantDeclaration: Stub class constant instead of declaring explicitly.", 2419068710],
-    [76, 13, 9, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1130140517],
-    [101, 17, 28, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3444838747],
-    [110, 17, 23, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1584148894],
-    [121, 17, 32, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1515076977],
-    [129, 19, 19, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2526348694],
-    [141, 17, 56, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2413495789],
-    [156, 13, 9, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3182939526],
-    [189, 15, 19, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2526348694]
+  "spec/omniauth/strategies/ldap_spec.rb:86189447": [
+    [14, 3, 54, "RSpec/LeakyConstantDeclaration: Stub class constant instead of declaring explicitly.", 2419068710],
+    [90, 13, 9, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1130140517],
+    [145, 17, 28, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3444838747],
+    [154, 17, 23, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1584148894],
+    [165, 17, 32, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 1515076977],
+    [174, 19, 19, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2526348694],
+    [187, 17, 56, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2413495789],
+    [202, 13, 9, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 3182939526],
+    [235, 15, 19, "RSpec/ContextWording: Context description should match /^when\\b/, /^with\\b/, or /^without\\b/.", 2526348694]
   ]
 }

CHANGELOG.md

@@ -2,7 +2,9 @@
 
 [![SemVer 2.0.0][📌semver-img]][📌semver] [![Keep-A-Changelog 1.0.0][📗keep-changelog-img]][📗keep-changelog]
 
-All notable changes to this project will be documented in this file.
+Since version v2.3.1, all notable changes to this project will be documented in this file.
+
+This changelog lists the releases of the original omniauth-ldap, and the GitLab forked versions, up until v2.3.0.
 
 The format is based on [Keep a Changelog][📗keep-changelog],
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html),
@@ -20,12 +22,158 @@ Please file a bug if you notice a violation of semantic versioning.
 
 ### Added
 
+- Added RBS types
+- Upgraded RSpec tests to v3 syntax
+- Improved code coverage to 98% lines and 78% branches
+- Added integration tests with a complete Roda-based demo app for specs
+- Well tested support for all versions of OmniAuth >= v1 and Rack >= v1 via appraisals
+
 ### Changed
 
+- Make support for Ruby v2.0 explicit
+- Make support for OmniAuth v1+ explicit
+- Make support for Rack v1+ explicit
+- Modernize codebase to use more recent Ruby syntax (upgrade from Ruby v1 to v2 syntax) and conventions
+
 ### Deprecated
 
 ### Removed
 
 ### Fixed
 
-### Security
+- Prevent key duplication in symbolize_hash_keys
+
+### Security
+
+## [2.3.0-gl] (gitlab fork) - 2025-08-20
+
+- TAG: [v2.3.0][2.3.0t-gl] (gitlab)
+
+## [2.2.0-gl] (gitlab fork) - 2022-06-24
+
+- TAG: [v2.2.0][2.2.0t-gl] (gitlab)
+
+## [2.1.1-gl] (gitlab fork) - 2019-02-22
+
+- TAG: [v2.1.1][2.1.1t-gl] (gitlab)
+
+### Added
+
+- Add a String check to `tls_options` sanitization to allow other objects
+
+## [2.1.0-gl] (gitlab fork) - 2018-06-18
+
+- TAG: [v2.1.0][2.1.0t-gl] (gitlab)
+
+### Added
+
+- Expose `:tls_options` SSL configuration option.
+
+### Deprecated
+
+- Deprecate :ca_file, :ssl_version
+
+## [2.0.4-gl] (gitlab fork) - 2017-08-10
+
+- TAG: [v2.0.4][2.0.4t-gl] (gitlab)
+
+- Improve log message when invalid credentials are used
+
+## 2.0.3 (gitlab fork) - 2017-07-20
+
+- Protects against wrong request method call to callback
+
+## [2.0.2-gl] (gitlab fork) - 2017-06-13
+
+- TAG: [v2.0.2][2.0.2t-gl] (gitlab)
+
+## [2.0.1-gl] (gitlab fork) - 2017-06-09
+
+- TAG: [v2.0.1][2.0.1t-gl] (gitlab)
+
+## [2.0.0-gl] (gitlab fork) - 2017-06-07
+
+- TAG: [v2.0.0][2.0.0t-gl] (gitlab)
+
+## [2.0.0] (intridea) - 2018-01-09
+
+- TAG: [v2.0.0][2.0.0t] (github)
+
+## [1.2.1-gl] (gitlab fork) - 2015-03-17
+
+- TAG: [v1.2.1][1.2.1t-gl] (gitlab)
+
+## [1.2.0-gl] (gitlab fork) - 2014-10-29
+
+- TAG: [v1.2.0][1.2.0t-gl] (gitlab)
+
+## [1.1.0-gl] (gitlab fork) - 2014-09-08
+
+- TAG: [v1.1.0][1.1.0t-gl] (gitlab)
+
+## [1.0.5-gl] - 2016-02-17
+
+- TAG: [v1.0.5][1.0.5t-gl] (gitlab fork, gem not released)
+- TAG: [v1.0.5][1.0.5t] (github)
+
+## 1.0.4
+
+- released 2014-02-03 (intridea)
+- released 2013-11-13 (gitlab fork)
+
+## 1.0.3
+
+- released 2013-01-23 (intridea)
+- released 2013-06-13 (gitlab fork)
+
+## [1.0.2-gl]
+
+- TAG: [v1.0.2][1.0.2t-gl] (gitlab) - released 2012-12-30
+- TAG: [v1.0.2][1.0.2t] (github) - released 2011-12-17
+
+## 1.0.1 - 2011-11-02
+
+## [1.0.0-gl] - 2011-11-02
+
+- TAG: [v1.0.0][1.0.0t-gl] (gitlab)
+- TAG: [v1.0.0][1.0.0t] (github)
+
+[2.3.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.2.0...v2.3.0
+[2.3.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.3.0
+[2.2.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.1.1...v2.2.0
+[2.2.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.2.0
+[2.1.1-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.1.0...v2.1.1
+[2.1.1t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.1.1
+[2.1.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.0.4...v2.1.0
+[2.1.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.1.0
+[2.0.4-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.0.2...v2.0.4
+[2.0.4t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.0.4
+[//]: # ( There is no tag for v2.0.3 on GitLab)
+[2.0.2-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.0.1...v2.0.2
+[2.0.2t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.0.2
+[2.0.1-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v2.0.0...v2.0.1
+[2.0.1t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.0.1
+[2.0.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.2.1...v2.0.0
+[2.0.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/2.0.0
+[2.0.0]: https://github.com/omniauth/omniauth-ldap/compare/v1.0.5...v2.0.0
+[2.0.0t]: https://github.com/omniauth/omniauth-ldap/releases/tag/v2.0.0
+[1.2.1-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.2.0...v1.2.1
+[1.2.1t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.2.1
+[1.2.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.1.0...v1.2.0
+[1.2.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.2.0
+[1.1.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.0.2...v1.1.0
+[1.1.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.1.0
+[1.0.5-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.0.2...v1.0.5
+[1.0.5t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.0.5
+[1.0.5]: https://github.com/omniauth/omniauth-ldap/compare/v1.0.2...v1.0.5
+[1.0.5t]: https://github.com/omniauth/omniauth-ldap/releases/tag/v1.0.5
+[//]: # ( There are no tags for v1.0.3, v1.0.4 on GitHub, or GitLab)
+[1.0.2-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/v1.0.1...v1.0.2
+[1.0.2t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.0.2
+[1.0.2]: https://github.com/omniauth/omniauth-ldap/compare/v1.0.1...v1.0.2
+[1.0.2t]: https://github.com/omniauth/omniauth-ldap/releases/tag/v1.0.2
+[//]: # ( There are no tags for v1.0.1 on GitHub, or GitLab)
+[1.0.0-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/compare/5656da80d4193e0d0584f44bac493a87695e580f...v1.0.0
+[1.0.0t-gl]: https://gitlab.com/gitlab-org/ruby/gems/omniauth-ldap/-/tags/1.0.0
+[1.0.0]: https://github.com/omniauth/omniauth-ldap/compare/5656da80d4193e0d0584f44bac493a87695e580f...v1.0.0
+[1.0.0t]: https://github.com/omniauth/omniauth-ldap/releases/tag/v1.0.0

Gemfile.lock

@@ -13,12 +13,12 @@ GIT
 PATH
   remote: .
   specs:
-    omniauth-ldap (2.0.0)
-      net-ldap (~> 0.16)
-      omniauth (>= 1)
-      pyu-ruby-sasl (~> 0.0.3.3)
-      rack (>= 1)
-      rubyntlm (~> 0.6.2)
+    omniauth-ldap (2.3.0)
+      net-ldap (~> 0.16, < 1)
+      omniauth (>= 1, < 3)
+      pyu-ruby-sasl (>= 0.0.3.3, < 0.1)
+      rack (>= 1, < 4)
+      rubyntlm (~> 0.6.2, < 1)
       version_gem (~> 1.1, >= 1.1.9)
 
 GEM
@@ -157,7 +157,6 @@ GEM
     net-ldap (0.20.0)
       base64
       ostruct
-    nkf (0.2.0)
     nokogiri (1.18.10-x86_64-linux-gnu)
       racc (~> 1.4)
     notiffany (0.1.3)
@@ -393,7 +392,6 @@ DEPENDENCIES
   kramdown-parser-gfm (~> 1.1)
   logger (~> 1.7)
   mutex_m (~> 0.2)
-  nkf
   omniauth-ldap!
   rack-test (~> 2.2)
   rake (~> 13.0)

README.md

@@ -57,12 +57,16 @@ use OmniAuth::Strategies::LDAP,
   title: "My LDAP",
   host: "10.101.10.1",
   port: 389,
-  method: :plain,
+  encryption: :plain,
   base: "dc=intridea,dc=com",
   uid: "sAMAccountName",
   name_proc: proc { |name| name.gsub(/@.*$/, "") },
   bind_dn: "default_bind_dn",
-  password: "password"
+  password: "password",
+  tls_options: {
+    ssl_version: "TLSv1_2",
+    ciphers: ["AES-128-CBC", "AES-128-CBC-HMAC-SHA1", "AES-128-CBC-HMAC-SHA256"],
+  }
 # Or, alternatively:
 # use OmniAuth::Strategies::LDAP, filter: '(&(uid=%{username})(memberOf=cn=myapp-users,ou=groups,dc=example,dc=com))'
 ```
@@ -93,20 +97,6 @@ Compatible with MRI Ruby 2.0+, and concordant releases of JRuby, and TruffleRuby
 |------------------------------------------------|--------------------------------------------------------|
 | 👟 Check it out!                               | ✨ [github.com/appraisal-rb/appraisal2][💎appraisal2] ✨ |
 
-#### Ruby 3.4
-
-nkf/kconv has been part of Ruby since long ago.
-Eventually it became a standard gem, but was changed to a bundled gem in Ruby 3.4.
-In general, kconv and iconv have been superseded since Ruby 1.9 by the built-in
-encoding support provided by String#encode, String#force_encoding, and similar methods.
-But this gem has not yet been updated to remove its dependency on nkf/kconv.
-
-As a result of all this you should add `nkf` to your Gemfile if you are using Ruby 3.4 or later.
-
-```ruby
-gem "nkf", "~> 0.1"
-```
-
 ### Enterprise Support [![Tidelift](https://tidelift.com/badges/package/rubygems/omniauth-ldap)](https://tidelift.com/subscription/pkg/rubygems-omniauth-ldap?utm_source=rubygems-omniauth-ldap&utm_medium=referral&utm_campaign=readme)
 
 Available as part of the Tidelift Subscription.
@@ -642,8 +632,8 @@ Thanks for RTFM. ☺️
 [📌changelog]: CHANGELOG.md
 [📗keep-changelog]: https://keepachangelog.com/en/1.0.0/
 [📗keep-changelog-img]: https://img.shields.io/badge/keep--a--changelog-1.0.0-34495e.svg?style=flat
-[📌gitmoji]:https://gitmoji.dev
-[📌gitmoji-img]:https://img.shields.io/badge/gitmoji_commits-%20%F0%9F%98%9C%20%F0%9F%98%8D-34495e.svg?style=flat-square
+[📌gitmoji]: https://gitmoji.dev
+[📌gitmoji-img]: https://img.shields.io/badge/gitmoji_commits-%20%F0%9F%98%9C%20%F0%9F%98%8D-34495e.svg?style=flat-square
 [🧮kloc]: https://www.youtube.com/watch?v=dQw4w9WgXcQ
 [🧮kloc-img]: https://img.shields.io/badge/KLOC-4.076-FFDD67.svg?style=for-the-badge&logo=YouTube&logoColor=blue
 [🔐security]: SECURITY.md

gemfiles/modular/optional.gemfile

@@ -3,9 +3,3 @@
 # Required for kettle-pre-release
 # URL parsing with Unicode support (falls back to URI if not available)
 gem "addressable", ">= 2.8", "< 3" # ruby >= 2.2
-
-# nkf/kconv has been part of Ruby since long ago.
-# Eventually it became a standard gem, but was changed to a bundled gem in Ruby 3.4.
-# In general, kconv and iconv have been superseded since Ruby 1.9 by the built-in
-#   encoding support provided by String#encode, String#force_encoding, and similar methods.
-gem "nkf"                        # ruby >= 2.3