try sord

- including review suggestions from @jgraichen

.editorconfig

@@ -1,9 +0,0 @@
-root = true
-
-[*]
-indent_style = space
-indent_size = 2
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = true
-insert_final_newline = true

.github/actionlint-matcher.json

@@ -1,17 +0,0 @@
-{
-  "problemMatcher": [
-    {
-      "owner": "actionlint",
-      "pattern": [
-        {
-          "regexp": "^(?:\\x1b\\[\\d+m)?(.+?)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*:(?:\\x1b\\[\\d+m)*(\\d+)(?:\\x1b\\[\\d+m)*: (?:\\x1b\\[\\d+m)*(.+?)(?:\\x1b\\[\\d+m)* \\[(.+?)\\]$",
-          "file": 1,
-          "line": 2,
-          "column": 3,
-          "message": 4,
-          "code": 5
-        }
-      ]
-    }
-  ]
-}

.github/dependabot.yml

@@ -1,13 +0,0 @@
----
-version: 2
-updates:
-  - package-ecosystem: "bundler"
-    directory: "/"
-    schedule:
-      interval: "weekly"
-    commit-message:
-      prefix: "gems"
-    labels: ["dependabot"]
-    open-pull-requests-limit: 10
-    pull-request-branch-name:
-      separator: "-"

.github/renovate.json5

@@ -1,42 +0,0 @@
-{
-  extends: [
-    "config:recommended",
-    ":dependencyDashboard",
-    ":prHourlyLimitNone",
-    ":prConcurrentLimitNone",
-    ":label(dependency-upgrade)",
-  ],
-  schedule: ["before 8am on thursday"],
-  branchPrefix: "renovate-",
-  dependencyDashboardHeader: "View repository job log [here](https://app.renovatebot.com/dashboard#github/cmur2/dyndnsd).",
-  separateMinorPatch: true,
-  commitMessagePrefix: "project: ",
-  commitMessageAction: "update",
-  commitMessageTopic: "{{depName}}",
-  commitMessageExtra: "to {{#if isSingleVersion}}v{{{newVersion}}}{{else}}{{{newValue}}}{{/if}}",
-  packageRules: [
-    // Ruby dependencies are managed by depfu
-    {
-      matchManagers: ["bundler"],
-      enabled: false,
-    },
-    // Commit message formats
-    {
-      matchDatasources: ["docker"],
-      commitMessagePrefix: "docker: ",
-    },
-    {
-      matchManagers: ["github-actions"],
-      commitMessagePrefix: "ci: ",
-    },
-  ],
-  customManagers: [
-    {
-      customType: "regex",
-      fileMatch: ["\.rb$", "^Rakefile$"],
-      matchStrings: [
-        "renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)\\s.*_version = '(?<currentValue>.*)'\\s"
-      ]
-    },
-  ],
-}

.github/workflows/cd.yml

@@ -1,51 +0,0 @@
-# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
----
-name: cd
-
-on:
-  push:
-    tags:
-    - 'v*.*.*'
-
-jobs:
-  release-dockerimage:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-
-    - name: Extract dyndnsd version from tag name
-      run: |
-        echo "DYNDNSD_VERSION=${GITHUB_REF#refs/*/v}" >> "$GITHUB_ENV"
-
-    - name: Wait for dyndnsd ${{ env.DYNDNSD_VERSION }} gem to be available
-      run: |
-        set +e
-        for retry in $(seq 1 5); do
-          echo "Checking if dyndnsd $DYNDNSD_VERSION gem is retrievable from rubygems.org (try #$retry)..."
-          sudo gem install dyndnsd -v "$DYNDNSD_VERSION"
-          # shellcheck disable=SC2181
-          if [ $? -eq 0 ]; then
-            exit 0
-          fi
-          sleep 60
-        done
-        exit 1
-
-    # https://github.com/marketplace/actions/build-and-push-docker-images
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to Docker Hub
-      uses: docker/login-action@v3
-      with:
-        username: cmur2
-        password: ${{ secrets.DOCKER_TOKEN }}
-
-    - name: Build and push Docker image for dyndnsd ${{ env.DYNDNSD_VERSION }}
-      uses: docker/build-push-action@v5
-      with:
-        context: docker
-        build-args: |
-          DYNDNSD_VERSION=${{ env.DYNDNSD_VERSION }}
-        push: true
-        tags: cmur2/dyndnsd:v${{ env.DYNDNSD_VERSION }}

.github/workflows/ci.yml

@@ -1,55 +0,0 @@
-# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
----
-name: ci
-
-on:
-  push:
-    branches: [master]
-  pull_request:
-    branches: [master]
-  workflow_dispatch:
-  schedule:
-  - cron: '35 4 * * 4'  # weekly on thursday morning
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-      matrix:
-        ruby-version:
-        - '3.0'
-        - '3.1'
-        - '3.2'
-        - '3.3'
-    steps:
-    - uses: actions/checkout@v4
-    - name: Set up Ruby ${{ matrix.ruby-version }}
-      uses: ruby/setup-ruby@v1
-      with:
-        ruby-version: ${{ matrix.ruby-version }}
-        bundler-cache: true  # runs 'bundle install' and caches installed gems automatically
-
-    - name: Lint and Test
-      run: |
-        bundle exec rake ci
-
-  actionlint:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v4
-    - name: Check workflow files
-      run: |
-        echo "::add-matcher::.github/actionlint-matcher.json"
-        bash <(curl https://raw.githubusercontent.com/rhysd/actionlint/main/scripts/download-actionlint.bash)
-        ./actionlint
-
-  renovate-config-validator:
-    runs-on: ubuntu-latest
-    container:
-      image: ghcr.io/renovatebot/renovate
-      options: --user root
-    steps:
-    - uses: actions/checkout@v4
-    - name: Check Renovate config
-      run: renovate-config-validator --strict

.github/workflows/dockerhub.yml

@@ -1,20 +0,0 @@
-# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
----
-name: dockerhub
-
-on:
-  schedule:
-  - cron: '7 4 * * 4'  # weekly on thursday morning
-  workflow_dispatch:
-
-jobs:
-  pull-released-dockerimages:
-    runs-on: ubuntu-latest
-    steps:
-    - name: Avoid stale tags by pulling
-      run: |
-        ALL_IMAGES="$(curl -s https://hub.docker.com/v2/repositories/cmur2/dyndnsd/tags?page_size=1000 | jq -r '.results[].name | "cmur2/dyndnsd:" + .' | grep -e 'cmur2/dyndnsd:v')"
-        for image in $ALL_IMAGES; do
-          echo "Pulling $image to avoid staleness..."
-          docker pull "$image"
-        done

.github/workflows/vulnscan.yml

@@ -1,46 +0,0 @@
-# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
----
-name: vulnscan
-
-on:
-  schedule:
-  - cron: '7 4 * * 4'  # weekly on thursday morning
-  workflow_dispatch:
-
-jobs:
-  scan-released-dockerimages:
-    runs-on: ubuntu-latest
-    env:
-      TRIVY_IGNORE_UNFIXED: 'true'
-      TRIVY_REMOVED_PKGS: 'true'
-    steps:
-    - name: Install Trivy
-      run: |
-        mkdir -p "$GITHUB_WORKSPACE/bin"
-        echo "$GITHUB_WORKSPACE/bin" >> "$GITHUB_PATH"
-        curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/master/contrib/install.sh | sh -s -- -b "$GITHUB_WORKSPACE/bin"
-    - name: Download Trivy DB
-      run: |
-        trivy image --download-db-only
-    - name: Scan vulnerabilities using Trivy
-      env:
-        TRIVY_SKIP_DIRS: 'usr/lib/ruby/gems/2.7.0/gems/jaeger-client-0.10.0/crossdock,usr/lib/ruby/gems/2.7.0/gems/jaeger-client-1.0.0/crossdock,usr/lib/ruby/gems/2.7.0/gems/jaeger-client-1.1.0/crossdock'
-      run: |
-        trivy --version
-
-        # semver sorting as per https://stackoverflow.com/a/40391207/2148786
-        ALL_IMAGES="$(curl -s https://hub.docker.com/v2/repositories/cmur2/dyndnsd/tags?page_size=1000 | jq -r '.results[].name | "cmur2/dyndnsd:" + .' | grep -e 'cmur2/dyndnsd:v' | sed '/-/!{s/$/_/}' | sort -r -V | sed 's/_$//')"
-        EXIT_CODE=0
-        set -e
-        for major_version in $(seq 1 10); do
-          for image in $ALL_IMAGES; do
-            if [[ "$image" = cmur2/dyndnsd:v$major_version.* ]]; then
-              echo -e "\nScanning newest patch release $image of major v$major_version...\n"
-              if ! trivy image --skip-db-update --scanners vuln --exit-code 1 "$image"; then
-                EXIT_CODE=1
-              fi
-              break
-            fi
-          done
-        done
-        exit "$EXIT_CODE"

.gitignore

@@ -1,6 +1,6 @@
 .DS_Store
 *.lock
+doc/*
 pkg/*
 .yardoc
-hadolint
-trivy
+sorbet/rbi/hidden-definitions/errors.txt

.rubocop.yml

@@ -1,15 +1,7 @@
-require:
-- rubocop-rake
-- rubocop-rspec
-
 AllCops:
-  TargetRubyVersion: '3.0'
-  NewCops: enable
+  TargetRubyVersion: '2.3'
 
-Gemspec/DevelopmentDependencies:
-  EnforcedStyle: gemspec
-
-Gemspec/RequireMFA:
+Gemspec/OrderedDependencies:
   Enabled: false
 
 Layout/EmptyLineAfterGuardClause:
@@ -64,6 +56,9 @@ Style/Documentation:
 Style/FormatStringToken:
   Enabled: false
 
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
 Style/GuardClause:
   Enabled: false
 
@@ -79,9 +74,6 @@ Style/HashTransformValues:
 Style/IdenticalConditionalBranches:
   Enabled: false
 
-Style/IfUnlessModifier:
-  Enabled: false
-
 Style/InverseMethods:
   Enabled: false
 
@@ -93,12 +85,3 @@ Style/RescueModifier:
 
 Style/SymbolArray:
   Enabled: false
-
-Style/TrailingCommaInArrayLiteral:
-  Enabled: false
-
-RSpec/ExampleLength:
-  Max: 20
-
-RSpec/MultipleExpectations:
-  Max: 20

.travis.yml

@@ -0,0 +1,9 @@
+---
+os: linux
+language: ruby
+rvm:
+- 2.7
+- 2.6
+- 2.5
+- 2.4
+- 2.3

CHANGELOG.md

@@ -1,282 +1,11 @@
 # Changelog
 
-## 3.10.0
-
-IMPROVEMENTS:
-
-- add Ruby 3.3 support
-
-OTHER:
-
-- update base of Docker image to Alpine 3.19.0 (from 3.18.3 before)
-
-## 3.9.2 (August 10th, 2023)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.18.3 (from 3.18.2 before)
-
-## 3.9.1 (July 6, 2023)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.18.2 (from 3.18.0 before)
-
-## 3.9.0 (June 8, 2023)
-
-IMPROVEMENTS:
-
-- Drop EOL Ruby 2.7 support, now minimum version supported is Ruby 3.0
-
-## 3.8.2 (April 1st, 2023)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.17.3 (from 3.17.2 before)
-
-## 3.8.1 (March 2nd, 2023)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.17.2 (from 3.17.1 before)
-
-## 3.8.0 (January 13th, 2023)
-
-IMPROVEMENTS:
-
-- add Ruby 3.2 support
-
-OTHER:
-
-- update base of Docker image to Alpine 3.17.1 (from 3.17.0 before)
-
-## 3.7.3 (December 29th, 2022)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.17.0 (from 3.16.2 before)
-
-## 3.7.2 (November 10th, 2022)
-
-OTHER:
-
-- re-release 3.7.1 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.7.1 (September 20th, 2022)
-
-IMPROVEMENTS:
-
-- fix [TypeError](https://github.com/cmur2/dyndnsd/issues/205) when user has no hosts configured
-
-## 3.7.0 (September 16th, 2022)
-
-IMPROVEMENTS:
-
-- Update to Rack 3
-
-## 3.6.2 (August 11th, 2022)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.16.2 (from 3.16.1 before)
-
-## 3.6.1 (July 21st, 2022)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.16.1 (from 3.16.0 before)
-
-## 3.6.0 (June 2nd, 2022)
-
-IMPROVEMENTS:
-
-- Drop EOL Ruby 2.6 and lower support, now minimum version supported is Ruby 2.7
-
-OTHER:
-
-- update base of Docker image to Alpine 3.16 (from 3.15.7 before)
-
-## 3.5.3 (May 5th, 2022)
-
-OTHER:
-
-- re-release 3.5.2 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.5.2 (April 7th, 2022)
-
-OTHER:
-
-- re-release 3.5.1 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.5.1 (February 17th, 2022)
-
-OTHER:
-
-- re-release 3.5.0 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.5.0 (January 8th, 2022)
-
-IMPROVEMENTS:
-
-- add Ruby 3.1 support
-
-OTHER:
-
-- update base of Docker image to Alpine 3.15 (from 3.13.7 before, **Note:** please be aware of the quirks around [Alpine 3.14](https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.14.0#faccessat2))
-
-## 3.4.8 (December 11th, 2021)
-
-OTHER:
-
-- re-release 3.4.7 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.7 (November 19th, 2021)
-
-OTHER:
-
-- re-release 3.4.6 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.6 (November 19th, 2021)
-
-OTHER:
-
-- re-release 3.4.5 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.5 (August 26th, 2021)
-
-OTHER:
-
-- re-release 3.4.4 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.4 (August 26th, 2021)
-
-OTHER:
-
-- re-release 3.4.3 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.3 (August 20th, 2021)
-
-OTHER:
-
-- re-release 3.4.2 to rebuild Docker image with security vulnerabilities fixes
-
-## 3.4.2 (July 30, 2021)
-
-IMPROVEMENTS:
-
-- move from OpenTracing to OpenTelemetry for experimental tracing feature
-
-OTHER:
-
-- re-release 3.4.1 to rebuild Docker image with security vulnerabilities fixes
-- adopt Renovate for dependency updates
-
-## 3.4.1 (April 15, 2021)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.13.5 to fix security vulnerabilities
-
-## 3.4.0 (April 2, 2021)
-
-IMPROVEMENTS:
-
-- **change** Docker image to run as non-root user `65534` by default, limits attack surface for security and gives OpenShift compatibility
-
-## 3.3.3 (April 1, 2021)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.13.4 to fix security vulnerabilities
-
-## 3.3.2 (February 20, 2021)
-
-OTHER:
-
-- update to use `docker/build-push-action@v2` for releasing Docker image in GHA
-
-## 3.3.1 (February 18, 2021)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.13.2 to fix security vulnerabilities
-
-## 3.3.0 (January 18, 2021)
-
-OTHER:
-
-- update base of Docker image to Alpine 3.13
-
-## 3.2.0 (January 14, 2021)
-
-IMPROVEMENTS:
-
-- Add Ruby 3.0 support
-
-## 3.1.3 (December 20, 2020)
-
-OTHER:
-
-- fix Docker image release process in Github Actions CI, 3.1.2 was not released as a Docker image
-
-## 3.1.2 (December 20, 2020)
-
-OTHER:
-
-- fixes vulnerabilities in Docker image by using updated Alpine base image
-- start using Github Actions CI for tests and drop Travis CI
-
-## 3.1.1 (October 3, 2020)
-
-IMPROVEMENTS:
-
-- Use webrick gem which contains fixes against [CVE-2020-25613](https://www.ruby-lang.org/en/news/2020/09/29/http-request-smuggling-cve-2020-25613/)
-
-## 3.1.0 (August 19, 2020)
-
-IMPROVEMENTS:
-
-- Add officially maintained [Docker image for dyndnsd](https://hub.docker.com/r/cmur2/dyndnsd)
-
-## 3.0.0 (July 29, 2020)
-
-IMPROVEMENTS:
-
-- Drop EOL Ruby 2.4 and lower support, now minimum version supported is Ruby 2.5
-
-## 2.3.1 (July 27, 2020)
-
-IMPROVEMENTS:
-
-- Fix annoying error message `log writing failed. can't be called from trap context` on shutdown by not attempting to log redundant information there
-
-## 2.3.0 (July 20, 2020)
-
-IMPROVEMENTS:
-
-- Allow enabling debug logging
-- Add updater that uses [DNS zone transfers via AXFR (RFC5936)](https://tools.ietf.org/html/rfc5936) to allow any secondary nameserver(s) to fetch the zone contents after (optionally) receiving a [DNS NOTIFY (RFC1996)](https://tools.ietf.org/html/rfc1996) request
-
-## 2.2.0 (March 6, 2020)
-
-IMPROVEMENTS:
-
-- Refactor gemspec based on [recommendations](https://piotrmurach.com/articles/writing-a-ruby-gem-specification/) so tests are now excluded from gem and binaries move to `./exe` directory
-- Adopt Ruby 2.3 frozen string literals for source code potentially reducing memory consumption
-
-## 2.1.1 (March 1, 2020)
-
-IMPROVEMENTS:
-
-- Fix potential `nil` cases detected by [Sorbet](https://sorbet.org) including refactorings
-
-## 2.1.0 (March 1, 2020)
+## 2.1.0
 
 IMPROVEMENTS:
 
 - Add Ruby 2.7 support
-- Add [solargraph](https://github.com/castwide/solargraph) to dev tooling as Ruby Language Server usable e.g. for IDEs (used solargraph version not compatible with Ruby 2.7 as bundler-audit 0.6.x requires old `thor` gem)
-- Document code using YARD tags, e.g. for type information and better code completion
+- Add experimental [Sorbet](https://sorbet.org) support to development tools, fix surfaced problems
 
 ## 2.0.0 (January 25, 2019)
 
@@ -287,7 +16,7 @@ IMPROVEMENTS:
 - Better code maintainability by refactorings
 - Update dependencies, mainly `rack` to new major version 2
 - Add Ruby 2.5 and Ruby 2.6 support
-- Add experimental [OpenTracing](https://opentracing.io/) support with [CNCF Jaeger](https://github.com/jaegertracing/jaeger)
+- Add experimental [OpenTracing](http://opentracing.io/) support with [CNCF Jaeger](https://github.com/jaegertracing/jaeger)
 - Support host offlining by deleting the associated DNS records
 - Add textfile reporter to write Graphite-style metrics (also compatible with [Prometheus](https://prometheus.io/)) into a file
 
@@ -346,7 +75,7 @@ IMPROVEMENTS:
 
 IMPROVEMENTS:
 
-- Support dropping privileges on startup, also affects external commands run
+- Support dropping priviliges on startup, also affects external commands run
 - Add [metriks](https://github.com/eric/metriks) support for basic metrics in the process title
 - Detach from child processes running external commands to avoid zombie processes
 

Gemfile

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 source 'https://rubygems.org'
 
 gemspec

README.md

@@ -1,23 +1,19 @@
 # dyndnsd.rb
 
-![ci](https://github.com/cmur2/dyndnsd/workflows/ci/badge.svg) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd)
+[![Build Status](https://travis-ci.org/cmur2/dyndnsd.svg?branch=master)](https://travis-ci.org/cmur2/dyndnsd) [![Dependencies](https://badges.depfu.com/badges/4f25da8493f7a29f652ac892fbf9227b/overview.svg)](https://depfu.com/github/cmur2/dyndnsd)
 
 A small, lightweight and extensible DynDNS server written with Ruby and Rack.
 
-
 ## Description
 
-dyndnsd.rb aims to implement a small [DynDNS-compliant](https://help.dyn.com/remote-access-api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in its configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke a so-called *updater*, a small Ruby module that takes care of supplying the current hostname => ip mapping to a DNS server.
+dyndnsd.rb aims to implement a small [DynDNS-compliant](https://help.dyn.com/remote-access-api/) server in Ruby supporting IPv4 and IPv6 addresses. It has an integrated user and hostname database in it's configuration file that is used for authentication and authorization. Besides talking the DynDNS protocol it is able to invoke a so-called *updater*, a small Ruby module that takes care of supplying the current hostname => ip mapping to a DNS server.
 
-There are currently two updaters shipped with dyndnsd.rb:
-- `zone_transfer_server` that uses [DNS zone transfers via AXFR (RFC5936)](https://tools.ietf.org/html/rfc5936) to allow any secondary nameserver(s) to fetch the zone contents after (optionally) receiving a [DNS NOTIFY (RFC1996)](https://tools.ietf.org/html/rfc1996) request
-- `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since its zone files are read by other DNS servers, too) to reload its zone configuration
+There is currently one updater shipped with dyndnsd.rb `command_with_bind_zone` that writes out a zone file in BIND syntax onto the current system and invokes a user-supplied command afterwards that is assumed to trigger the DNS server (not necessarily BIND since it's zone files are read by other DNS servers, too) to reload it's zone configuration.
 
 Because of the mechanisms used, dyndnsd.rb is known to work only on \*nix systems.
 
 See the [changelog](CHANGELOG.md) before upgrading. The older version 1.x of dyndnsd.rb is still available on [branch dyndnsd-1.x](https://github.com/cmur2/dyndnsd/tree/dyndnsd-1.x).
 
-
 ## General Usage
 
 Install the gem:
@@ -29,16 +25,14 @@ Create a configuration file in YAML format somewhere:
 ```yaml
 # listen address and port
 host: "0.0.0.0"
-port: 80
-# optional: drop privileges in case you want to but you may need sudo for external commands
+port: "80"
+# optional: drop priviliges in case you want to but you may need sudo for external commands
 user: "nobody"
 group: "nogroup"
-# logfile is optional, logs to STDOUT otherwise
+# logfile is optional, logs to STDOUT else
 logfile: "dyndnsd.log"
-# internal database file
+# interal database file
 db: "db.json"
-# enable debug mode?
-debug: false
 # all hostnames are required to be cool-name.example.org
 domain: "example.org"
 # configure the updater, here we use command_with_bind_zone, params are updater-specific
@@ -64,98 +58,17 @@ users:
 
 Run dyndnsd.rb by:
 
-```bash
-dyndnsd /path/to/config.yml
-```
+	dyndnsd /path/to/config.yaml
 
+## Using dyndnsd.rb with [NSD](https://www.nlnetlabs.nl/nsd/)
 
-### Docker image
+NSD is a nice opensource, authoritative-only, low-memory DNS server that reads BIND-style zone files (and converts them into it's own database) and has a simple config file.
 
-There is an officially maintained [Docker image for dyndnsd](https://hub.docker.com/r/cmur2/dyndnsd) available at Dockerhub. The goal is to have a minimal secured image available (currently based on Alpine) that works well for the `zone_transfer_server` updater use case.
-
-Users can make extensions by deriving from the official Docker image or building their own.
-
-The Docker image consumes the same configuration file in YAML format as the gem, inside the container it needs to be mounted/available as `/etc/dyndnsd/config.yml`. The following YAML should be used as a base and extended with user's settings:
+A feature NSD is lacking is the [Dynamic DNS update](https://tools.ietf.org/html/rfc2136) functionality BIND offers but one can fake it using the following dyndnsd.rb config:
 
 ```yaml
 host: "0.0.0.0"
-port: 8080
-# omit the logfile: option so logging to STDOUT will happen automatically
-db: "/var/lib/dyndnsd/db.json"
-
-# User's settings for updater and permissions follow here!
-```
-
-more ports might be needed depending on if DNS zone transfer is needed
-
-Run the Docker image exposing the DynDNS-API on host port 8080 via:
-
-```bash
-docker run -d --name dyndnsd \
-           -p 8080:8080 \
-           -v /host/path/to/dyndnsd/config.yml:/etc/dyndnsd/config.yml \
-           -v /host/ptherpath/to/dyndnsd/datadir:/var/lib/dyndnsd \
-           cmur2/dyndnsd:vX.Y.Z
-```
-
-*Note*: You may need to expose more than just port 8080 e.g. if you use the `zone_transfer_server` which can be done by appending additional `-p 5353:5353` flags to the `docker run` command.
-
-
-
-## Using dyndnsd.rb with any nameserver via DNS zone transfers (AXFR)
-
-By using [DNS zone transfers via AXFR (RFC5936)](https://tools.ietf.org/html/rfc5936) any secondary nameserver can retrieve the DNS zone contents from dyndnsd.rb and serve them to clients.
-To speedup propagation after changes dyndnsd.rb can issue a [DNS NOTIFY (RFC1996)](https://tools.ietf.org/html/rfc1996) to inform the nameserver that the DNS zone contents changed and should be fetched even before the time indicated in the SOA record is up.
-Currently, dyndnsd.rb does not support any authentication for incoming DNS zone transfer request, so it should be isolated from the internet on these ports.
-
-This approach has several advantages:
-- dyndnsd.rb can be used in *hidden primary* fashion isolated from client's DNS traffic and does not need to implement full nameserver features
-- any existing, production-grade, caching, geo-replicated nameserver setup can be used to pull DNS zone contents from the *hidden primary* dyndnsd.rb and serve it to clients
-- any nameserver(s) and dyndnsd.rb do not need to be located on the same host
-
-Example dyndnsd.rb configuration:
-
-```yaml
-host: "0.0.0.0"
-port: 8245 # the DynDNS.com alternative HTTP port
-db: "/opt/dyndnsd/db.json"
-domain: "dyn.example.org"
-updater:
-  name: "zone_transfer_server"
-  params:
-    # endpoint(s) to listen for incoming zone transfer (AXFR) requests, default 0.0.0.0@53
-    server_listens:
-    - 127.0.0.1@5300
-    # where to send DNS NOTIFY request(s) to on zone content change
-    send_notifies:
-    - '127.0.0.1'
-    # TTL for all records in the zone (in seconds)
-    zone_ttl: 300  # 5m
-    # zone's NS record(s) (at least one)
-    zone_nameservers:
-    - "dns.example.org."
-    # info for zone's SOA record
-    zone_email_address: "admin.example.org."
-    # zone's additional A/AAAA records
-    zone_additional_ips:
-    - "127.0.0.1"
-users:
-  foo:
-    password: "secret"
-    hosts:
-      - foo.example.org
-```
-
-
-## Using dyndnsd.rb with [NSD](https://www.nlnetlabs.nl/projects/nsd/about/)
-
-NSD is a nice, open source, authoritative-only, low-memory DNS server that reads BIND-style zone files (and converts them into its own database) and has a simple configuration file.
-
-A feature NSD is lacking is the [Dynamic DNS update (RFC2136)](https://tools.ietf.org/html/rfc2136) functionality BIND offers, but one can fake it using the following dyndnsd.rb configuration:
-
-```yaml
-host: "0.0.0.0"
-port: 8245 # the DynDNS.com alternative HTTP port
+port: "8245" # the DynDNS.com alternative HTTP port
 db: "/opt/dyndnsd/db.json"
 domain: "dyn.example.org"
 updater:
@@ -180,15 +93,12 @@ users:
 
 Start dyndnsd.rb before NSD to make sure the zone file exists else NSD complains.
 
-
 ## Using dyndnsd.rb with X
 
 Please provide ideas if you are using dyndnsd.rb with other DNS servers :)
 
-
 ## Advanced topics
 
-
 ### Update URL
 
 The update URL you want to tell your clients (humans or scripts ^^) consists of the following
@@ -197,45 +107,39 @@ The update URL you want to tell your clients (humans or scripts ^^) consists of
 
 where:
 
-* the protocol depends on your (web server/proxy) settings
-* `USER` and `PASSWORD` are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
-* `DOMAIN` should match what you defined in your config.yaml as domain but may be anything else when using a web server as proxy
-* `PORT` depends on your (web server/proxy) settings
-* `HOSTNAMES` is a required list of comma-separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
-* `MYIP` is optional and the HTTP client's IP address will be used if missing
-* `MYIP6` is optional but if present also requires presence of `MYIP`
-
+* the protocol depends on your (webserver/proxy) settings
+* USER and PASSWORD are needed for HTTP Basic Auth and valid combinations are defined in your config.yaml
+* DOMAIN should match what you defined in your config.yaml as domain but may be anything else when using a webserver as proxy
+* PORT depends on your (webserver/proxy) settings
+* HOSTNAMES is a required list of comma separated FQDNs (they all have to end with your config.yaml domain) the user wants to update
+* MYIP is optional and the HTTP client's IP address will be used if missing
+* MYIP6 is optional but if present also requires presence of MYIP
 
 ### IP address determination
 
 The following rules apply:
 
-* use any IP address provided via the `myip` parameter when present, or
-* use any IP address provided via the `X-Real-IP` header e.g. when used behind HTTP reverse proxy such as nginx, or
+* use any IP address provided via the myip parameter when present, or
+* use any IP address provided via the X-Real-IP header e.g. when used behind HTTP reverse proxy such as nginx, or
 * use any IP address used by the connecting HTTP client
 
-If you want to provide an additional IPv6 address as myip6 parameter, the `myip` parameter containing an IPv4 address has to be present, too! No automatism is applied then.
-
+If you want to provide an additional IPv6 address as myip6 parameter the myip parameter containing an IPv4 address has to be present, too! No automatism is applied then.
 
 ### SSL, multiple listen ports
 
-Use a web server as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.
+Use a webserver as a proxy to handle SSL and/or multiple listen addresses and ports. DynDNS.com provides HTTP on port 80 and 8245 and HTTPS on port 443.
 
+### Init scripts
 
-### Startup
-
-There is a [Dockerfile](docs/Dockerfile) that can be used to build a Docker image for running dyndnsd.rb.
-
-The [Debian 6 init.d script](docs/debian-6-init-dyndnsd) assumes that dyndnsd.rb is installed into the system ruby (no RVM support) and the config.yaml is at /opt/dyndnsd/config.yaml. Modify to your needs.
-
+The [Debian 6 init.d script](init.d/debian-6-dyndnsd) assumes that dyndnsd.rb is installed into the system ruby (no RVM support) and the config.yaml is at /opt/dyndnsd/config.yaml. Modify to your needs.
 
 ### Monitoring
 
-For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default, the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter, butt you can also configure a [Graphite](https://graphiteapp.org/) backend for central monitoring or the [textfile_reporter](https://github.com/prometheus/node_exporter/#textfile-collector) which outputs Graphite-style metrics that are also compatible with Prometheus to a file.
+For monitoring dyndnsd.rb uses the [metriks](https://github.com/eric/metriks) framework and exposes several metrics like the number of unauthenticated requests, requests that did (not) update a hostname, etc. By default the most important metrics are shown in the [proctitle](https://github.com/eric/metriks#proc-title-reporter) but you can also configure a [Graphite](https://graphiteapp.org/) backend for central monitoring or the [textfile_reporter](https://github.com/prometheus/node_exporter/#textfile-collector) which outputs Graphite-style metrics that are also compatible with Prometheus to a file.
 
 ```yaml
 host: "0.0.0.0"
-port: 8245 # the DynDNS.com alternative HTTP port
+port: "8245" # the DynDNS.com alternative HTTP port
 db: "/opt/dyndnsd/db.json"
 domain: "dyn.example.org"
 # configure the Graphite backend to be used instead of proctitle
@@ -268,23 +172,23 @@ users:
     password: "ihavenohosts"
 ```
 
-
 ### Tracing (experimental)
 
-For tracing, dyndnsd.rb is instrumented using the [OpenTelemetry](https://opentelemetry.io/docs/ruby/) framework and will emit span tracing data for the most important operations happening during the request/response cycle. Using an [instrumentation for Rack](https://github.com/open-telemetry/opentelemetry-ruby/tree/main/instrumentation/rack) allows handling incoming OpenTelemetry parent span information properly (when desired, turned off by default to reduce attack surface).
-
-Currently, the [OpenTelemetry trace exporter](https://github.com/open-telemetry/opentelemetry-ruby/tree/main/exporter/jaeger) for [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be enabled via dyndnsd.rb configuration. Alternatively, you can also enable other exporters via the environment variable `OTEL_TRACES_EXPORTER`, e.g. `OTEL_TRACES_EXPORTER=console`.
+For tracing dyndnsd.rb is instrumented using the [OpenTracing](http://opentracing.io/) framework and will emit span tracing data for the most important operations happening during the request/response cycle. Using a middleware for Rack allows handling incoming OpenTracing span information properly.
+Currently only one OpenTracing-compatible tracer implementation named [CNCF Jaeger](https://github.com/jaegertracing/jaeger) can be configured to use with dyndnsd.rb.
 
 ```yaml
 host: "0.0.0.0"
-port: 8245 # the DynDNS.com alternative HTTP port
+port: "8245" # the DynDNS.com alternative HTTP port
 db: "/opt/dyndnsd/db.json"
 domain: "dyn.example.org"
 # enable and configure tracing using the (currently only) tracer jaeger
 tracing:
-  trust_incoming_span: false # default value, change to accept incoming OpenTelemetry spans as parents
-  service_name: "my.dyndnsd.identifier" # default unset, will be populated by OpenTelemetry
-  jaeger: true # enables the Jaeger AgentExporter
+  trust_incoming_span: false # default value, change to accept incoming OpenTracing spans as parents
+  jaeger:
+    host: 127.0.0.1 # defaults for host and port of local jaeger-agent
+    port: 6831
+    service_name: "my.dyndnsd.identifier"
 # configure the updater, here we use command_with_bind_zone, params are updater-specific
 updater:
   name: "command_with_bind_zone"
@@ -306,7 +210,6 @@ users:
     password: "ihavenohosts"
 ```
 
-
 ## License
 
 dyndnsd.rb is licensed under the Apache License, Version 2.0. See LICENSE for more information.

Rakefile

@@ -1,5 +1,3 @@
-# frozen_string_literal: true
-
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
 require 'rubocop/rake_task'
@@ -9,66 +7,12 @@ RSpec::Core::RakeTask.new(:spec)
 RuboCop::RakeTask.new
 Bundler::Audit::Task.new
 
-desc 'Run experimental solargraph type checker'
 task :solargraph do
   sh 'solargraph typecheck'
 end
 
-# renovate: datasource=github-tags depName=hadolint/hadolint
-hadolint_version = 'v2.12.0'
-
-# renovate: datasource=github-tags depName=aquasecurity/trivy
-trivy_version = 'v0.50.4'
-
-namespace :docker do
-  ci_image = 'cmur2/dyndnsd:ci'
-
-  desc 'Lint Dockerfile'
-  task :lint do
-    sh "if [ ! -e ./hadolint ]; then wget -q -O ./hadolint https://github.com/hadolint/hadolint/releases/download/#{hadolint_version}/hadolint-Linux-x86_64; fi"
-    sh 'chmod a+x ./hadolint'
-    sh './hadolint --ignore DL3018 docker/Dockerfile'
-    sh './hadolint --ignore DL3018 --ignore DL3028 docker/ci/Dockerfile'
-  end
-
-  desc 'Build CI Docker image'
-  task :build do
-    sh 'docker build -t cmur2/dyndnsd:ci -f docker/ci/Dockerfile .'
-  end
-
-  desc 'Scan CI Docker image for vulnerabilities'
-  task :scan do
-    ver = trivy_version.gsub('v', '')
-    sh "if [ ! -e ./trivy ]; then wget -q -O - https://github.com/aquasecurity/trivy/releases/download/v#{ver}/trivy_#{ver}_Linux-64bit.tar.gz | tar -xzf - trivy; fi"
-    sh "./trivy image #{ci_image}"
-  end
-
-  desc 'End-to-end test the CI Docker image'
-  task :e2e do
-    sh <<~SCRIPT
-      echo -n '{}' > e2e/db.json
-      chmod a+w e2e/db.json
-    SCRIPT
-    sh "docker run -d --name=dyndnsd-ci -v $(pwd)/e2e:/etc/dyndnsd -p 8080:8080 -p 5353:5353 #{ci_image}"
-    sh 'sleep 1'
-    puts '----------------------------------------'
-    # `dig` needs `sudo apt-get install -y -q dnsutils`
-    sh <<~SCRIPT
-      curl -s -o /dev/null -w '%{http_code}' 'http://localhost:8080/' | grep -q '401'
-      curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'good'
-      curl -s 'http://foo:secret@localhost:8080/nic/update?hostname=foo.dyn.example.org&myip=1.2.3.4' | grep -q 'nochg'
-      dig +short AXFR 'dyn.example.org' @127.0.0.1 -p 5353 | grep -q '1.2.3.4'
-    SCRIPT
-    puts '----------------------------------------'
-    sh <<~SCRIPT
-      docker logs dyndnsd-ci
-      docker container rm -f -v dyndnsd-ci
-      rm e2e/db.json
-    SCRIPT
-  end
+task :sorbet do
+  sh 'srb typecheck'
 end
 
-task default: [:rubocop, :spec, 'bundle:audit', :solargraph]
-
-desc 'Run all tasks desired for CI'
-task ci: [:default, 'docker:lint', :build, 'docker:build', 'docker:e2e']
+task default: [:rubocop, :sorbet, :spec, 'bundle:audit']

bin/dyndnsd

@@ -0,0 +1,4 @@
+
+require 'dyndnsd'
+
+Dyndnsd::Daemon.run!

docker/Dockerfile

@@ -1,22 +0,0 @@
-FROM alpine:3.19.1
-
-EXPOSE 5353 8080
-
-ARG DYNDNSD_VERSION
-
-RUN apk --no-cache add openssl ca-certificates && \
-    apk --no-cache add ruby ruby-etc ruby-io-console ruby-json ruby-webrick && \
-    apk --no-cache add --virtual .build-deps linux-headers ruby-dev build-base tzdata && \
-    gem install --no-document dyndnsd -v ${DYNDNSD_VERSION} && \
-    rm -rf /usr/lib/ruby/gems/*/cache/ && \
-    # set timezone to Berlin
-    cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
-    apk del .build-deps
-
-# Follow the principle of least privilege: run as unprivileged user.
-# Running as non-root enables running this image in platforms like OpenShift
-# that do not allow images running as root.
-# User ID 65534 is usually user 'nobody'.
-USER 65534
-
-ENTRYPOINT ["dyndnsd", "/etc/dyndnsd/config.yml"]

docker/ci/Dockerfile

@@ -1,22 +0,0 @@
-FROM alpine:3.19.1
-
-EXPOSE 5353 8080
-
-COPY pkg/dyndnsd-*.gem /tmp/dyndnsd.gem
-
-RUN apk --no-cache add openssl ca-certificates && \
-    apk --no-cache add ruby ruby-etc ruby-io-console ruby-json ruby-webrick && \
-    apk --no-cache add --virtual .build-deps linux-headers ruby-dev build-base tzdata && \
-    gem install --no-document /tmp/dyndnsd.gem && \
-    rm -rf /usr/lib/ruby/gems/*/cache/ && \
-    # set timezone to Berlin
-    cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
-    apk del .build-deps
-
-# Follow the principle of least privilege: run as unprivileged user.
-# Running as non-root enables running this image in platforms like OpenShift
-# that do not allow images running as root.
-# User ID 65534 is usually user 'nobody'.
-USER 65534
-
-ENTRYPOINT ["dyndnsd", "/etc/dyndnsd/config.yml"]

dyndnsd.gemspec

@@ -1,6 +1,7 @@
-# frozen_string_literal: true
 
-require_relative 'lib/dyndnsd/version'
+$LOAD_PATH.push File.expand_path('lib', __dir__)
+
+require 'dyndnsd/version'
 
 Gem::Specification.new do |s|
   s.name = 'dyndnsd'
@@ -8,42 +9,32 @@ Gem::Specification.new do |s|
   s.summary = 'dyndnsd.rb'
   s.description = 'A small, lightweight and extensible DynDNS server written with Ruby and Rack.'
   s.author = 'Christian Nicolai'
-
+  s.email = 'chrnicolai@gmail.com'
   s.homepage = 'https://github.com/cmur2/dyndnsd'
   s.license = 'Apache-2.0'
-  s.metadata = {
-    'bug_tracker_uri' => "#{s.homepage}/issues",
-    'changelog_uri' => "#{s.homepage}/blob/master/CHANGELOG.md",
-    'source_code_uri' => s.homepage
-  }
 
-  s.files = `git ls-files -z`.split("\x0").select do |f|
-    f.match(%r{^(init.d|lib)/})
-  end
+  s.files = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  s.test_files = s.files.grep(%r{^(test|spec|features)/})
   s.require_paths = ['lib']
-  s.bindir = 'exe'
   s.executables = ['dyndnsd']
-  s.extra_rdoc_files = Dir['README.md', 'CHANGELOG.md', 'LICENSE']
 
-  s.required_ruby_version = '>= 3.0'
+  s.required_ruby_version = '>= 2.3'
 
-  s.add_runtime_dependency 'async', '~> 1.31.0'
-  s.add_runtime_dependency 'async-dns', '~> 1.3.0'
+  s.add_runtime_dependency 'rack', '~> 2.0'
+  s.add_runtime_dependency 'json'
   s.add_runtime_dependency 'metriks'
-  s.add_runtime_dependency 'opentelemetry-exporter-jaeger', '~> 0.22.0'
-  s.add_runtime_dependency 'opentelemetry-instrumentation-rack', '~> 0.22.0'
-  s.add_runtime_dependency 'opentelemetry-sdk', '>= 1.2', '< 1.5'
-  s.add_runtime_dependency 'rack', '~> 3.0'
-  s.add_runtime_dependency 'rackup', '~> 2'
-  s.add_runtime_dependency 'webrick', '>= 1.6.1'
+  s.add_runtime_dependency 'opentracing', '~> 0.5.0'
+  s.add_runtime_dependency 'rack-tracer', '~> 0.9.0'
+  s.add_runtime_dependency 'jaeger-client', '~> 0.10.0'
+  s.add_runtime_dependency 'sorbet-runtime', '~> 0.5.0'
 
   s.add_development_dependency 'bundler'
-  s.add_development_dependency 'bundler-audit', '~> 0.9.0'
-  s.add_development_dependency 'rack-test'
   s.add_development_dependency 'rake'
   s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rubocop', '~> 1.61.0'
-  s.add_development_dependency 'rubocop-rake', '~> 0.6.0'
-  s.add_development_dependency 'rubocop-rspec', '~> 2.26.1'
-  s.add_development_dependency 'solargraph', '~> 0.50.0'
+  s.add_development_dependency 'rack-test'
+  s.add_development_dependency 'rubocop', '~> 0.80.0'
+  s.add_development_dependency 'bundler-audit', '~> 0.6.0'
+  s.add_development_dependency 'solargraph'
+  s.add_development_dependency 'sorbet', '~> 0.5.0'
+  s.add_development_dependency 'sord'
 end

e2e/config.yml

@@ -1,31 +0,0 @@
----
-host: "0.0.0.0"
-port: 8080
-
-db: /etc/dyndnsd/db.json
-debug: false
-domain: dyn.example.org
-#responder: RestStyle
-
-updater:
-  name: zone_transfer_server
-  params:
-    server_listens:
-    - 0.0.0.0@5353
-    #send_notifies:
-    #- 10.0.2.15@53
-    zone_ttl: 300  # 5m
-    zone_nameservers:
-    - dns1.example.org.
-    - dns2.example.org.
-    zone_email_address: admin.example.org.
-    zone_additional_ips:
-    - "127.0.0.1"
-    - "::1"
-
-users:
-  foo:
-    password: "secret"
-    hosts:
-    - foo.dyn.example.org
-    - bar.dyn.example.org

exe/dyndnsd

@@ -1,6 +0,0 @@
-#!/usr/bin/env ruby
-# frozen_string_literal: true
-
-require 'dyndnsd'
-
-Dyndnsd::Daemon.run!

lib/dyndnsd.rb

@@ -1,21 +1,19 @@
-# frozen_string_literal: true
+#!/usr/bin/env ruby
+# typed: true
 
-require 'date'
 require 'etc'
 require 'logger'
 require 'ipaddr'
 require 'json'
 require 'yaml'
 require 'rack'
-require 'rackup'
 require 'metriks'
-require 'opentelemetry/instrumentation/rack'
-require 'opentelemetry/sdk'
 require 'metriks/reporter/graphite'
+require 'opentracing'
+require 'rack/tracer'
 
 require 'dyndnsd/generator/bind'
 require 'dyndnsd/updater/command_with_bind_zone'
-require 'dyndnsd/updater/zone_transfer_server'
 require 'dyndnsd/responder/dyndns_style'
 require 'dyndnsd/responder/rest_style'
 require 'dyndnsd/database'
@@ -59,9 +57,9 @@ module Dyndnsd
       @db.load
       @db['serial'] ||= 1
       @db['hosts'] ||= {}
-      @updater.update(@db)
       if @db.changed?
         @db.save
+        @updater.update(@db)
       end
     end
 
@@ -70,7 +68,7 @@ module Dyndnsd
     # @return [Boolean]
     def authorized?(username, password)
       Helper.span('check_authorized') do |span|
-        span.set_attribute('enduser.id', username)
+        span.set_tag('dyndnsd.user', username)
 
         allow = Helper.user_allowed?(username, password, @users)
         if !allow
@@ -82,7 +80,7 @@ module Dyndnsd
     end
 
     # @param env [Hash{String => String}]
-    # @return [Array{Integer,Hash{String => String},Array<String>}]
+    # @return [Array{Integer,Hash{String => String},Array{String}}]
     def call(env)
       return [422, {'X-DynDNS-Response' => 'method_forbidden'}, []] if env['REQUEST_METHOD'] != 'GET'
       return [422, {'X-DynDNS-Response' => 'not_found'}, []] if env['PATH_INFO'] != '/nic/update'
@@ -107,13 +105,13 @@ module Dyndnsd
       puts "DynDNSd version #{Dyndnsd::VERSION}"
       puts "Using config file #{config_file}"
 
-      config = YAML.safe_load_file(config_file)
+      config = YAML.safe_load(File.open(config_file, 'r', &:read))
 
       setup_logger(config)
 
       Dyndnsd.logger.info 'Starting...'
 
-      # drop privileges as soon as possible
+      # drop priviliges as soon as possible
       # NOTE: first change group than user
       if config['group']
         group = Etc.getgrnam(config['group'])
@@ -136,7 +134,7 @@ module Dyndnsd
     private
 
     # @param params [Hash{String => String}]
-    # @return [Array<String>]
+    # @return [Array{String}]
     def extract_v4_and_v6_address(params)
       return [] if !(params['myip'])
       begin
@@ -150,7 +148,7 @@ module Dyndnsd
 
     # @param env [Hash{String => String}]
     # @param params [Hash{String => String}]
-    # @return [Array<String>]
+    # @return [Array{String}]
     def extract_myips(env, params)
       # require presence of myip parameter as valid IPAddr (v4) and valid myip6
       return extract_v4_and_v6_address(params) if params.key?('myip6')
@@ -166,12 +164,12 @@ module Dyndnsd
     end
 
     # @param hostnames [String]
-    # @param myips [Array<String>]
-    # @return [Array<Symbol>]
+    # @param myips [Array{String}]
+    # @return [Array{Symbol}]
     def process_changes(hostnames, myips)
       changes = []
       Helper.span('process_changes') do |span|
-        span.set_attribute('dyndnsd.hostnames', hostnames.join(','))
+        span.set_tag('dyndnsd.hostnames', hostnames.join(','))
 
         hostnames.each do |hostname|
           # myips order is always deterministic
@@ -196,13 +194,13 @@ module Dyndnsd
     def update_db
       @db['serial'] += 1
       Dyndnsd.logger.info "Committing update ##{@db['serial']}"
-      @updater.update(@db)
       @db.save
+      @updater.update(@db)
       Metriks.meter('updates.committed').mark
     end
 
     # @param env [Hash{String => String}]
-    # @return [Array{Integer,Hash{String => String},Array<String>}]
+    # @return [Array{Integer,Hash{String => String},Array{String}}]
     def handle_dyndns_request(env)
       params = Rack::Utils.parse_query(env['QUERY_STRING'])
 
@@ -215,11 +213,10 @@ module Dyndnsd
       invalid_hostnames = hostnames.select { |h| !Helper.fqdn_valid?(h, @domain) }
       return [422, {'X-DynDNS-Response' => 'hostname_malformed'}, []] if invalid_hostnames.any?
 
-      # we can trust this information since user was authorized by middleware
       user = env['REMOTE_USER']
 
       # check for hostnames that the user does not own
-      forbidden_hostnames = hostnames - @users[user].fetch('hosts', [])
+      forbidden_hostnames = hostnames - @users[user]['hosts']
       return [422, {'X-DynDNS-Response' => 'host_forbidden'}, []] if forbidden_hostnames.any?
 
       if params['offline'] == 'YES'
@@ -248,23 +245,22 @@ module Dyndnsd
       if config['logfile']
         Dyndnsd.logger = Logger.new(config['logfile'])
       else
-        Dyndnsd.logger = Logger.new($stdout)
+        Dyndnsd.logger = Logger.new(STDOUT)
       end
 
       Dyndnsd.logger.progname = 'dyndnsd'
       Dyndnsd.logger.formatter = LogFormatter.new
-      Dyndnsd.logger.level = config['debug'] ? Logger::DEBUG : Logger::INFO
-
-      OpenTelemetry.logger = Dyndnsd.logger
     end
 
     # @return [void]
     private_class_method def self.setup_traps
       Signal.trap('INT') do
-        Rackup::Handler::WEBrick.shutdown
+        Dyndnsd.logger.info 'Quitting...'
+        Rack::Handler::WEBrick.shutdown
       end
       Signal.trap('TERM') do
-        Rackup::Handler::WEBrick.shutdown
+        Dyndnsd.logger.info 'Quitting...'
+        Rack::Handler::WEBrick.shutdown
       end
     end
 
@@ -300,31 +296,16 @@ module Dyndnsd
     # @param config [Hash{String => Object}]
     # @return [void]
     private_class_method def self.setup_tracing(config)
-      # by default do not try to emit any traces until the user opts in
-      ENV['OTEL_TRACES_EXPORTER'] ||= 'none'
-
-      # configure OpenTelemetry
-      OpenTelemetry::SDK.configure do |c|
+      # configure OpenTracing
       if config.dig('tracing', 'jaeger')
-          require 'opentelemetry/exporter/jaeger'
+        require 'jaeger/client'
 
-          c.add_span_processor(
-            OpenTelemetry::SDK::Trace::Export::BatchSpanProcessor.new(
-              OpenTelemetry::Exporter::Jaeger::AgentExporter.new
+        host = config['tracing']['jaeger']['host'] || '127.0.0.1'
+        port = config['tracing']['jaeger']['port'] || 6831
+        service_name = config['tracing']['jaeger']['service_name'] || 'dyndnsd'
+        OpenTracing.global_tracer = Jaeger::Client.build(
+          host: host, port: port, service_name: service_name, flush_interval: 1
         )
-          )
-        end
-
-        if config.dig('tracing', 'service_name')
-          c.service_name = config['tracing']['service_name']
-        end
-
-        c.service_version = Dyndnsd::VERSION
-        c.use('OpenTelemetry::Instrumentation::Rack')
-      end
-
-      if !config.dig('tracing', 'trust_incoming_span')
-        OpenTelemetry.propagation = OpenTelemetry::Context::Propagation::NoopTextMapPropagator.new
       end
     end
 
@@ -333,12 +314,7 @@ module Dyndnsd
     private_class_method def self.setup_rack(config)
       # configure daemon
       db = Database.new(config['db'])
-      case config.dig('updater', 'name')
-      when 'command_with_bind_zone'
-        updater = Updater::CommandWithBindZone.new(config['domain'], config.dig('updater', 'params'))
-      when 'zone_transfer_server'
-        updater = Updater::ZoneTransferServer.new(config['domain'], config.dig('updater', 'params'))
-      end
+      updater = Updater::CommandWithBindZone.new(config['domain'], config.dig('updater', 'params')) if config.dig('updater', 'name') == 'command_with_bind_zone'
       daemon = Daemon.new(config, db, updater)
 
       # configure rack
@@ -350,9 +326,10 @@ module Dyndnsd
         app = Responder::DynDNSStyle.new(app)
       end
 
-      app = OpenTelemetry::Instrumentation::Rack::Middlewares::TracerMiddleware.new(app)
+      trust_incoming_span = config.dig('tracing', 'trust_incoming_span') || false
+      app = Rack::Tracer.new(app, trust_incoming_span: trust_incoming_span)
 
-      Rackup::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
+      Rack::Handler::WEBrick.run app, Host: config['host'], Port: config['port']
     end
   end
 end

lib/dyndnsd/database.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 require 'forwardable'
 

lib/dyndnsd/generator/bind.rb

@@ -1,16 +1,16 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
   module Generator
     class Bind
       # @param domain [String]
-      # @param updater_params [Hash{String => Object}]
-      def initialize(domain, updater_params)
+      # @param config [Hash{String => Object}]
+      def initialize(domain, config)
         @domain = domain
-        @ttl = updater_params['ttl']
-        @dns = updater_params['dns']
-        @email_addr = updater_params['email_addr']
-        @additional_zone_content = updater_params['additional_zone_content']
+        @ttl = config['ttl']
+        @dns = config['dns']
+        @email_addr = config['email_addr']
+        @additional_zone_content = config['additional_zone_content']
       end
 
       # @param db [Dyndnsd::Database]
@@ -27,7 +27,7 @@ module Dyndnsd
           ips.each do |ip|
             ip = IPAddr.new(ip).native
             type = ip.ipv6? ? 'AAAA' : 'A'
-            name = hostname.chomp(".#{@domain}")
+            name = hostname.chomp('.' + @domain)
             out << "#{name} IN #{type} #{ip}"
           end
         end

lib/dyndnsd/helper.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 require 'ipaddr'
 
@@ -45,17 +45,24 @@ module Dyndnsd
     # @param block [Proc]
     # @return [void]
     def self.span(operation, &block)
-      tracer = OpenTelemetry.tracer_provider.tracer(Dyndnsd.name, Dyndnsd::VERSION)
-      tracer.in_span(
-        operation,
-        attributes: {'component' => 'dyndnsd'},
-        kind: :server
-      ) do |span|
-        Dyndnsd.logger.debug "Creating span ID #{span.context.hex_span_id} for trace ID #{span.context.hex_trace_id}"
+      scope = OpenTracing.start_active_span(operation)
+      span = scope.span
+      span.set_tag('component', 'dyndnsd')
+      span.set_tag('span.kind', 'server')
+      begin
         block.call(span)
       rescue StandardError => e
-        span.record_exception(e)
-        raise e
+        span.set_tag('error', true)
+        span.log_kv(
+          event: 'error',
+          'error.kind': e.class.to_s,
+          'error.object': e,
+          message: e.message,
+          stack: e.backtrace&.join("\n") || ''
+        )
+        raise
+      ensure
+        scope.close
       end
     end
   end

lib/dyndnsd/responder/dyndns_style.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
   module Responder
@@ -9,7 +9,7 @@ module Dyndnsd
       end
 
       # @param env [Hash{String => String}]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def call(env)
         @app.call(env).tap do |status_code, headers, body|
           if headers.key?('X-DynDNS-Response')
@@ -24,32 +24,30 @@ module Dyndnsd
 
       # @param status_code [Integer]
       # @param headers [Hash{String => String}]
-      # @param body [Array<String>]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @param body [Array{String}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def decorate_dyndnsd_response(status_code, headers, body)
-        case status_code
-        when 200
+        if status_code == 200
           [200, {'Content-Type' => 'text/plain'}, [get_success_body(body[0], body[1])]]
-        when 422
+        elsif status_code == 422
           error_response_map[headers['X-DynDNS-Response']]
         end
       end
 
       # @param status_code [Integer]
       # @param headers [Hash{String => String}]
-      # @param _body [Array<String>]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @param _body [Array{String}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def decorate_other_response(status_code, headers, _body)
-        case status_code
-        when 400
+        if status_code == 400
           [status_code, headers, ['Bad Request']]
-        when 401
+        elsif status_code == 401
           [status_code, headers, ['badauth']]
         end
       end
 
-      # @param changes [Array<Symbol>]
-      # @param myips [Array<String>]
+      # @param changes [Array{Symbol}]
+      # @param myips [Array{String}]
       # @return [String]
       def get_success_body(changes, myips)
         changes.map { |change| "#{change} #{myips.join(' ')}" }.join("\n")

lib/dyndnsd/responder/rest_style.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
   module Responder
@@ -9,7 +9,7 @@ module Dyndnsd
       end
 
       # @param env [Hash{String => String}]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def call(env)
         @app.call(env).tap do |status_code, headers, body|
           if headers.key?('X-DynDNS-Response')
@@ -24,32 +24,30 @@ module Dyndnsd
 
       # @param status_code [Integer]
       # @param headers [Hash{String => String}]
-      # @param body [Array<String>]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @param body [Array{String}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def decorate_dyndnsd_response(status_code, headers, body)
-        case status_code
-        when 200
+        if status_code == 200
           [200, {'Content-Type' => 'text/plain'}, [get_success_body(body[0], body[1])]]
-        when 422
+        elsif status_code == 422
           error_response_map[headers['X-DynDNS-Response']]
         end
       end
 
       # @param status_code [Integer]
       # @param headers [Hash{String => String}]
-      # @param _body [Array<String>]
-      # @return [Array{Integer,Hash{String => String},Array<String>}]
+      # @param _body [Array{String}]
+      # @return [Array{Integer,Hash{String => String},Array{String}}]
       def decorate_other_response(status_code, headers, _body)
-        case status_code
-        when 400
+        if status_code == 400
           [status_code, headers, ['Bad Request']]
-        when 401
+        elsif status_code == 401
           [status_code, headers, ['Unauthorized']]
         end
       end
 
-      # @param changes [Array<Symbol>]
-      # @param myips [Array<String>]
+      # @param changes [Array{Symbol}]
+      # @param myips [Array{String}]
       # @return [String]
       def get_success_body(changes, myips)
         changes.map { |change| change == :good ? "Changed to #{myips.join(' ')}" : "No change needed for #{myips.join(' ')}" }.join("\n")

lib/dyndnsd/textfile_reporter.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 # Adapted from https://github.com/eric/metriks-graphite/blob/master/lib/metriks/reporter/graphite.rb
 
@@ -18,7 +18,7 @@ module Dyndnsd
 
       @registry  = options[:registry] || Metriks::Registry.default
       @interval  = options[:interval] || 60
-      @on_error  = options[:on_error] || proc { |ex| } # default: ignore errors
+      @on_error  = options[:on_error] || proc { |ex| }
     end
 
     # @return [void]
@@ -28,6 +28,7 @@ module Dyndnsd
           sleep @interval
 
           Thread.new do
+            begin
               write
             rescue StandardError => e
               @on_error[e] rescue nil
@@ -35,6 +36,7 @@ module Dyndnsd
           end
         end
       end
+    end
 
     # @return [void]
     def stop
@@ -94,8 +96,8 @@ module Dyndnsd
     # @param file [String]
     # @param base_name [String]
     # @param metric [Object]
-    # @param keys [Array<Symbol>]
-    # @param snapshot_keys [Array<Symbol>]
+    # @param keys [Array{Symbol}]
+    # @param snapshot_keys [Array{Symbol}]
     # @return [void]
     def write_metric(file, base_name, metric, keys, snapshot_keys = [])
       time = Time.now.to_i

lib/dyndnsd/updater/command_with_bind_zone.rb

@@ -1,27 +1,24 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
   module Updater
     class CommandWithBindZone
       # @param domain [String]
-      # @param updater_params [Hash{String => Object}]
-      def initialize(domain, updater_params)
-        @zone_file = updater_params['zone_file']
-        @command = updater_params['command']
-        @generator = Generator::Bind.new(domain, updater_params)
+      # @param config [Hash{String => Object}]
+      def initialize(domain, config)
+        @zone_file = config['zone_file']
+        @command = config['command']
+        @generator = Generator::Bind.new(domain, config)
       end
 
       # @param db [Dyndnsd::Database]
       # @return [void]
       def update(db)
-        # do not regenerate zone file (assumed to be persistent) if DB did not change
-        return if !db.changed?
-
         Helper.span('updater_update') do |span|
-          span.set_attribute('dyndnsd.updater.name', self.class.name&.split('::')&.last || 'None')
+          span.set_tag('dyndnsd.updater.name', self.class.name&.split('::')&.last || 'None')
 
           # write zone file in bind syntax
-          File.write(@zone_file, @generator.generate(db))
+          File.open(@zone_file, 'w') { |f| f.write(@generator.generate(db)) }
           # call user-defined command
           pid = fork do
             exec @command

lib/dyndnsd/updater/zone_transfer_server.rb

@@ -1,158 +0,0 @@
-# frozen_string_literal: true
-
-require 'resolv'
-require 'securerandom'
-
-require 'async/dns'
-
-module Dyndnsd
-  module Updater
-    class ZoneTransferServer
-      DEFAULT_SERVER_LISTENS = ['0.0.0.0@53'].freeze
-
-      # @param domain [String]
-      # @param updater_params [Hash{String => Object}]
-      def initialize(domain, updater_params)
-        @domain = domain
-
-        @server_listens = self.class.parse_endpoints(updater_params['server_listens'] || DEFAULT_SERVER_LISTENS)
-        @notify_targets = (updater_params['send_notifies'] || []).map { |e| self.class.parse_endpoints([e]) }
-
-        @zone_rr_ttl = updater_params['zone_ttl']
-        @zone_nameservers = updater_params['zone_nameservers'].map { |n| Resolv::DNS::Name.create(n) }
-        @zone_email_address = Resolv::DNS::Name.create(updater_params['zone_email_address'])
-        @zone_additional_ips = updater_params['zone_additional_ips'] || []
-
-        @server = ZoneTransferServerHelper.new(@server_listens, @domain)
-
-        # run Async::DNS server in background thread
-        Thread.new do
-          @server.run
-        end
-      end
-
-      # @param db [Dyndnsd::Database]
-      # @return [void]
-      def update(db)
-        Helper.span('updater_update') do |span|
-          span.set_attribute('dyndnsd.updater.name', self.class.name&.split('::')&.last || 'None')
-
-          soa_rr = Resolv::DNS::Resource::IN::SOA.new(
-            @zone_nameservers[0], @zone_email_address,
-            db['serial'],
-            10_800,  # 3h
-            300,     # 5m
-            604_800, # 1w
-            3_600    # 1h
-          )
-
-          default_options = {ttl: @zone_rr_ttl}
-
-          # array containing all resource records for an AXFR request in the right order
-          rrs = []
-          # AXFR responses need to start with zone's SOA RR
-          rrs << [soa_rr, default_options]
-
-          # return RRs for all of the zone's nameservers
-          @zone_nameservers.each do |ns|
-            rrs << [Resolv::DNS::Resource::IN::NS.new(ns), default_options]
-          end
-
-          # return A/AAAA RRs for all additional IPv4s/IPv6s for the domain itself
-          @zone_additional_ips.each do |ip|
-            rrs << [create_addr_rr_for_ip(ip), default_options]
-          end
-
-          # return A/AAAA RRs for the dyndns hostnames
-          db['hosts'].each do |hostname, ips|
-            ips.each do |ip|
-              rrs << [create_addr_rr_for_ip(ip), default_options.merge({name: hostname})]
-            end
-          end
-
-          # AXFR responses need to end with zone's SOA RR again
-          rrs << [soa_rr, default_options]
-
-          # point Async::DNS server thread's variable to this new RR array
-          @server.axfr_rrs = rrs
-
-          # only send DNS NOTIFY if there really was a change
-          if db.changed?
-            send_dns_notify
-          end
-        end
-      end
-
-      # converts into suitable parameter form for Async::DNS::Resolver or Async::DNS::Server
-      #
-      # @param endpoint_list [Array<String>]
-      # @return [Array{Array{Object}}]
-      def self.parse_endpoints(endpoint_list)
-        endpoint_list.map { |addr_string| addr_string.split('@') }
-                     .map { |addr_parts| [addr_parts[0], addr_parts[1].to_i || 53] }
-                     .map { |addr| [:tcp, :udp].map { |type| [type] + addr } }
-                     .flatten(1)
-      end
-
-      private
-
-      # creates correct Resolv::DNS::Resource object for IP address type
-      #
-      # @param ip_string [String]
-      # @return [Resolv::DNS::Resource::IN::A,Resolv::DNS::Resource::IN::AAAA]
-      def create_addr_rr_for_ip(ip_string)
-        ip = IPAddr.new(ip_string).native
-
-        if ip.ipv6?
-          Resolv::DNS::Resource::IN::AAAA.new(ip.to_s)
-        else
-          Resolv::DNS::Resource::IN::A.new(ip.to_s)
-        end
-      end
-
-      # https://tools.ietf.org/html/rfc1996
-      #
-      # @return [void]
-      def send_dns_notify
-        Async::Reactor.run do
-          @notify_targets.each do |notify_target|
-            target = Async::DNS::Resolver.new(notify_target)
-
-            # assemble DNS NOTIFY message
-            request = Resolv::DNS::Message.new(SecureRandom.random_number(2**16))
-            request.opcode = Resolv::DNS::OpCode::Notify
-            request.add_question("#{@domain}.", Resolv::DNS::Resource::IN::SOA)
-
-            _response = target.dispatch_request(request)
-          end
-        end
-      end
-    end
-
-    class ZoneTransferServerHelper < Async::DNS::Server
-      attr_accessor :axfr_rrs
-
-      def initialize(endpoints, domain)
-        super(endpoints, logger: Dyndnsd.logger)
-        @domain = domain
-      end
-
-      # @param name [String]
-      # @param resource_class [Resolv::DNS::Resource]
-      # Since solargraph cannot parse this: param transaction [Async::DNS::Transaction]
-      # @return [void]
-      def process(name, resource_class, transaction)
-        if name != @domain || resource_class != Resolv::DNS::Resource::Generic::Type252_Class1
-          transaction.fail!(:NXDomain)
-          return
-        end
-
-        # https://tools.ietf.org/html/rfc5936
-        transaction.append_question!
-        @axfr_rrs.each do |rr|
-          transaction.add([rr[0]], rr[1])
-        end
-      end
-    end
-  end
-end

lib/dyndnsd/version.rb

@@ -1,5 +1,5 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
-  VERSION = '3.9.2'
+  VERSION = '2.0.0'.freeze
 end

sorbet/config

@@ -0,0 +1,2 @@
+--dir
+.

sorbet/rbi/jaeger-client.rbi

@@ -0,0 +1,5 @@
+# typed: strong
+
+module Jaeger::Client
+    def self.build(*args); end
+end

sorbet/rbi/rack.rbi

@@ -0,0 +1,5 @@
+# typed: strong
+
+class Rack::Auth::Basic
+    def initialize(app, *args); end
+end

sorbet/rbi/sorbet-typed/lib/rainbow/all/rainbow.rbi

@@ -0,0 +1,276 @@
+# This file is autogenerated. Do not edit it by hand. Regenerate it with:
+#   srb rbi sorbet-typed
+#
+# If you would like to make changes to this file, great! Please upstream any changes you make here:
+#
+#   https://github.com/sorbet/sorbet-typed/edit/master/lib/rainbow/all/rainbow.rbi
+#
+# typed: strong
+
+module Rainbow
+  sig { returns(T::Boolean) }
+  attr_accessor :enabled
+
+  class Color
+    sig { returns(Symbol) }
+    attr_reader :ground
+
+    sig do
+      params(
+        ground: Symbol,
+        values: T.any([Integer], [Integer, Integer, Integer])
+      ).returns(Color)
+    end
+    def self.build(ground, values); end
+
+    sig { params(hex: String).returns([Integer, Integer, Integer]) }
+    def self.parse_hex_color(hex); end
+
+    class Indexed < Color
+      sig { returns(Integer) }
+      attr_reader :num
+
+      sig { params(ground: Symbol, num: Integer).returns(Indexed) }
+      def initialize(ground, num); end
+
+      sig { returns(T::Array[Integer]) }
+      def codes; end
+    end
+
+    class Named < Indexed
+      NAMES = T.let(nil, T::Hash[Symbol, Integer])
+
+      sig { returns(T::Array[Symbol]) }
+      def self.color_names; end
+
+      sig { returns(String) }
+      def self.valid_names; end
+
+      sig { params(ground: Symbol, name: Symbol).returns(Named) }
+      def initialize(ground, name); end
+    end
+
+    class RGB < Indexed
+      sig { returns(Integer) }
+      attr_accessor :r, :g, :b
+
+      sig { params(value: Numeric).returns(Integer) }
+      def to_ansi_domain(value); end
+
+      sig { params(ground: Symbol, values: Integer).returns(RGB) }
+      def initialize(ground, *values); end
+
+      sig { returns(T::Array[Integer]) }
+      def codes; end
+    end
+
+    class X11Named < RGB
+      include X11ColorNames
+
+      sig { returns(T::Array[Symbol]) }
+      def self.color_names; end
+
+      sig { returns(String) }
+      def self.valid_names; end
+
+      sig { params(ground: Symbol, name: Symbol).returns(X11Named) }
+      def initialize(ground, name); end
+    end
+  end
+
+  sig { returns(Wrapper) }
+  def self.global; end
+
+  sig { returns(T::Boolean) }
+  def self.enabled; end
+
+  sig { params(value: T::Boolean).returns(T::Boolean) }
+  def self.enabled=(value); end
+
+  sig { params(string: String).returns(String) }
+  def self.uncolor(string); end
+
+  class NullPresenter < String
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(NullPresenter) }
+    def color(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(NullPresenter) }
+    def foreground(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(NullPresenter) }
+    def fg(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(NullPresenter) }
+    def background(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(NullPresenter) }
+    def bg(*values); end
+
+    sig { returns(NullPresenter) }
+    def reset; end
+
+    sig { returns(NullPresenter) }
+    def bright; end
+
+    sig { returns(NullPresenter) }
+    def faint; end
+
+    sig { returns(NullPresenter) }
+    def italic; end
+
+    sig { returns(NullPresenter) }
+    def underline; end
+
+    sig { returns(NullPresenter) }
+    def blink; end
+
+    sig { returns(NullPresenter) }
+    def inverse; end
+
+    sig { returns(NullPresenter) }
+    def hide; end
+
+    sig { returns(NullPresenter) }
+    def cross_out; end
+
+    sig { returns(NullPresenter) }
+    def black; end
+
+    sig { returns(NullPresenter) }
+    def red; end
+
+    sig { returns(NullPresenter) }
+    def green; end
+
+    sig { returns(NullPresenter) }
+    def yellow; end
+
+    sig { returns(NullPresenter) }
+    def blue; end
+
+    sig { returns(NullPresenter) }
+    def magenta; end
+
+    sig { returns(NullPresenter) }
+    def cyan; end
+
+    sig { returns(NullPresenter) }
+    def white; end
+
+    sig { returns(NullPresenter) }
+    def bold; end
+
+    sig { returns(NullPresenter) }
+    def dark; end
+
+    sig { returns(NullPresenter) }
+    def strike; end
+  end
+
+  class Presenter < String
+    TERM_EFFECTS = T.let(nil, T::Hash[Symbol, Integer])
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(Presenter) }
+    def color(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(Presenter) }
+    def foreground(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(Presenter) }
+    def fg(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(Presenter) }
+    def background(*values); end
+
+    sig { params(values: T.any([Integer], [Integer, Integer, Integer])).returns(Presenter) }
+    def bg(*values); end
+
+    sig { returns(Presenter) }
+    def reset; end
+
+    sig { returns(Presenter) }
+    def bright; end
+
+    sig { returns(Presenter) }
+    def faint; end
+
+    sig { returns(Presenter) }
+    def italic; end
+
+    sig { returns(Presenter) }
+    def underline; end
+
+    sig { returns(Presenter) }
+    def blink; end
+
+    sig { returns(Presenter) }
+    def inverse; end
+
+    sig { returns(Presenter) }
+    def hide; end
+
+    sig { returns(Presenter) }
+    def cross_out; end
+
+    sig { returns(Presenter) }
+    def black; end
+
+    sig { returns(Presenter) }
+    def red; end
+
+    sig { returns(Presenter) }
+    def green; end
+
+    sig { returns(Presenter) }
+    def yellow; end
+
+    sig { returns(Presenter) }
+    def blue; end
+
+    sig { returns(Presenter) }
+    def magenta; end
+
+    sig { returns(Presenter) }
+    def cyan; end
+
+    sig { returns(Presenter) }
+    def white; end
+
+    sig { returns(Presenter) }
+    def bold; end
+
+    sig { returns(Presenter) }
+    def dark; end
+
+    sig { returns(Presenter) }
+    def strike; end
+  end
+
+  class StringUtils
+    sig { params(string: String, codes: T::Array[Integer]).returns(String) }
+    def self.wrap_with_sgr(string, codes); end
+
+    sig { params(string: String).returns(String) }
+    def uncolor(string); end
+  end
+
+  VERSION = T.let(nil, String)
+
+  class Wrapper
+    sig { returns(T::Boolean) }
+    attr_accessor :enabled
+
+    sig { params(enabled: T::Boolean).returns(Wrapper) }
+    def initialize(enabled = true); end
+
+    sig { params(string: String).returns(T.any(Rainbow::Presenter, Rainbow::NullPresenter)) }
+    def wrap(string); end
+  end
+
+  module X11ColorNames
+    NAMES = T.let(nil, T::Hash[Symbol, [Integer, Integer, Integer]])
+  end
+end
+
+sig { params(string: String).returns(Rainbow::Presenter) }
+def Rainbow(string); end

sorbet/rbi/sorbet-typed/lib/ruby/all/open3.rbi

@@ -0,0 +1,111 @@
+# This file is autogenerated. Do not edit it by hand. Regenerate it with:
+#   srb rbi sorbet-typed
+#
+# If you would like to make changes to this file, great! Please upstream any changes you make here:
+#
+#   https://github.com/sorbet/sorbet-typed/edit/master/lib/ruby/all/open3.rbi
+#
+# typed: strong
+
+module Open3
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(stdin: IO, stdout: IO, stderr: IO, wait_thr: Process::Waiter).void)
+    ).returns([IO, IO, IO, Process::Waiter])
+  end
+  def self.popen3(*cmd, **opts, &block); end
+
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(stdin: IO, stdout: IO, wait_thr: Process::Waiter).void)
+    ).returns([IO, IO, Process::Waiter])
+  end
+  def self.popen2(*cmd, **opts, &block); end
+
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(stdin: IO, stdout_and_stderr: IO, wait_thr: Process::Waiter).void)
+    ).returns([IO, IO, Process::Waiter])
+  end
+  def self.popen2e(*cmd, **opts, &block); end
+
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      stdin_data: T.nilable(String),
+      binmode: T.any(FalseClass, TrueClass),
+      opts: T::Hash[Symbol, T.untyped]
+    ).returns([String, String, Process::Status])
+  end
+  def self.capture3(*cmd, stdin_data: '', binmode: false, **opts); end
+
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      stdin_data: T.nilable(String),
+      binmode: T.any(FalseClass, TrueClass),
+      opts: T::Hash[Symbol, T.untyped]
+    ).returns([String, Process::Status])
+  end
+  def self.capture2(*cmd, stdin_data: nil, binmode: false, **opts); end
+
+  sig do
+    params(
+      cmd: T.any(String, T::Array[String]),
+      stdin_data: T.nilable(String),
+      binmode: T.any(FalseClass, TrueClass),
+      opts: T::Hash[Symbol, T.untyped]
+    ).returns([String, Process::Status])
+  end
+  def self.capture2e(*cmd, stdin_data: nil, binmode: false, **opts); end
+
+  sig do
+    params(
+      cmds: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(first_stdin: IO, last_stdout: IO, wait_threads: T::Array[Process::Waiter]).void)
+    ).returns([IO, IO, T::Array[Process::Waiter]])
+  end
+  def self.pipeline_rw(*cmds, **opts, &block); end
+
+  sig do
+    params(
+      cmds: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(last_stdout: IO, wait_threads: T::Array[Process::Waiter]).void)
+    ).returns([IO, T::Array[Process::Waiter]])
+  end
+  def self.pipeline_r(*cmds, **opts, &block); end
+
+  sig do
+    params(
+      cmds: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(first_stdin: IO, wait_threads: T::Array[Process::Waiter]).void)
+    ).returns([IO, T::Array[Process::Waiter]])
+  end
+  def self.pipeline_w(*cmds, **opts, &block); end
+
+  sig do
+    params(
+      cmds: T.any(String, T::Array[String]),
+      opts: T.untyped,
+      block: T.nilable(T.proc.params(wait_threads: T::Array[Process::Waiter]).void)
+    ).returns(T::Array[Process::Waiter])
+  end
+  def self.pipeline_start(*cmds, **opts, &block); end
+
+  sig do
+    params(
+      cmds: T.any(String, T::Array[String]),
+      opts: T.untyped
+    ).returns(T::Array[Process::Status])
+  end
+  def self.pipeline(*cmds, **opts); end
+end

sorbet/rbi/sorbet-typed/lib/ruby/all/resolv.rbi

@@ -0,0 +1,543 @@
+# This file is autogenerated. Do not edit it by hand. Regenerate it with:
+#   srb rbi sorbet-typed
+#
+# If you would like to make changes to this file, great! Please upstream any changes you make here:
+#
+#   https://github.com/sorbet/sorbet-typed/edit/master/lib/ruby/all/resolv.rbi
+#
+# typed: strong
+
+class Resolv
+  sig { params(name: String).returns(String) }
+  def self.getaddress(name); end
+
+  sig { params(name: String).returns(T::Array[String]) }
+  def self.getaddresses(name); end
+
+  sig { params(name: String, block: T.proc.params(address: String).void).void }
+  def self.each_address(name, &block); end
+
+  sig { params(address: String).returns(String) }
+  def self.getname(address); end
+
+  sig { params(address: String).returns(T::Array[String]) }
+  def self.getnames(address); end
+
+  sig { params(address: String, proc: T.proc.params(name: String).void).void }
+  def self.each_name(address, &proc); end
+
+  sig { params(resolvers: [Hosts, DNS]).void }
+  def initialize(resolvers=[Hosts.new, DNS.new]); end
+
+  sig { params(name: String).returns(String) }
+  def getaddress(name); end
+
+  sig { params(name: String).returns(T::Array[String]) }
+  def getaddresses(name); end
+
+  sig { params(name: String, block: T.proc.params(address: String).void).void }
+  def each_address(name, &block); end
+
+  sig { params(address: String).returns(String) }
+  def getname(address); end
+
+  sig { params(address: String).returns(T::Array[String]) }
+  def getnames(address); end
+
+  sig { params(address: String, proc: T.proc.params(name: String).void).void }
+  def each_name(address, &proc); end
+
+  class ResolvError < StandardError; end
+  class ResolvTimeout < Timeout::Error; end
+
+  class Hosts
+    DefaultFileName = T.let(T.unsafe(nil), String)
+
+    sig { params(filename: String).void }
+    def initialize(filename = DefaultFileName); end
+
+    sig { params(name: String).returns(String) }
+    def getaddress(name); end
+
+    sig { params(name: String).returns(T::Array[String]) }
+    def getaddresses(name); end
+
+    sig { params(name: String, block: T.proc.params(address: String).void).void }
+    def each_address(name, &block); end
+
+    sig { params(address: String).returns(String) }
+    def getname(address); end
+
+    sig { params(address: String).returns(T::Array[String]) }
+    def getnames(address); end
+
+    sig { params(address: String, proc: T.proc.params(name: String).void).void }
+    def each_name(address, &proc); end
+  end
+
+  class DNS
+    Port = T.let(T.unsafe(nil), Integer)
+
+    UDPSize = T.let(T.unsafe(nil), Integer)
+
+    sig do
+      params(
+        config_info: T.any(
+          NilClass,
+          String,
+          { nameserver: T.any(String, T::Array[String]), search: T::Array[String], ndots: Integer },
+          { nameserver_port: T::Array[[String, Integer]], search: T::Array[String], ndots: Integer }
+        )
+      ).returns(Resolv::DNS)
+    end
+    def self.open(config_info = nil); end
+
+    sig do
+      params(
+        config_info: T.any(
+          NilClass,
+          String,
+          { nameserver: T.any(String, T::Array[String]), search: T::Array[String], ndots: Integer },
+          { nameserver_port: T::Array[[String, Integer]], search: T::Array[String], ndots: Integer }
+        )
+      ).void
+    end
+    def initialize(config_info = nil); end
+
+    sig { params(values: T.any(NilClass, Integer, T::Array[Integer])).void }
+    def timeouts=(values); end
+
+    sig { void }
+    def close; end
+
+    sig { params(name: String).returns(String) }
+    def getaddress(name); end
+
+    sig { params(name: String).returns(T::Array[String]) }
+    def getaddresses(name); end
+
+    sig { params(name: String, block: T.proc.params(address: String).void).void }
+    def each_address(name, &block); end
+
+    sig { params(address: String).returns(String) }
+    def getname(address); end
+
+    sig { params(address: String).returns(T::Array[String]) }
+    def getnames(address); end
+
+    sig { params(address: String, proc: T.proc.params(name: String).void).void }
+    def each_name(address, &proc); end
+
+    sig do
+      params(
+        name: T.any(String, Resolv::DNS::Name),
+        typeclass: T.class_of(Resolv::DNS::Resource)
+      ).returns(Resolv::DNS::Resource)
+    end
+    def getresource(name, typeclass); end
+
+    sig do
+      params(
+        name: T.any(String, Resolv::DNS::Name),
+        typeclass: T.class_of(Resolv::DNS::Resource)
+      ).returns(T::Array[Resolv::DNS::Resource])
+    end
+    def getresources(name, typeclass); end
+
+    sig do
+      params(
+        name: T.any(String, Resolv::DNS::Name),
+        typeclass: T.class_of(Resolv::DNS::Resource),
+        proc: T.proc.params(resource: Resolv::DNS::Resource).void
+      ).void
+    end
+    def each_resource(name, typeclass, &proc); end
+
+    class DecodeError < StandardError; end
+    class EncodeError < StandardError; end
+
+    class Name
+      sig { params(arg: T.any(String, Resolv::DNS::Name)).returns(Resolv::DNS::Name) }
+      def self.create(arg); end
+
+      sig { params(labels: T::Array[String], absolute: T.any(FalseClass, TrueClass)).void }
+      def initialize(labels, absolute=true); end
+
+      sig { returns(T.any(FalseClass, TrueClass)) }
+      def absolute?; end
+
+      sig { params(other: Resolv::DNS::Name).returns(T.any(FalseClass, TrueClass)) }
+      def subdomain_of?(other); end
+    end
+
+    class Query; end
+
+    class Resource < Query
+      sig { returns(T.nilable(Integer)) }
+      attr_reader :ttl
+
+      sig { void }
+      def initialize
+        @ttl = T.let(T.unsafe(nil), T.nilable(Integer))
+      end
+
+      class Generic < Resource
+        sig { params(data: T.untyped).void }
+        def initialize(data)
+          @data = T.let(T.unsafe(nil), T.untyped)
+        end
+
+        sig { returns(T.untyped) }
+        attr_reader :data
+      end
+
+      class DomainName < Resource
+        sig { params(name: String).void }
+        def initialize(name)
+          @name = T.let(T.unsafe(nil), String)
+        end
+
+        sig { returns(String) }
+        attr_reader :name
+      end
+
+      class NS < DomainName; end
+
+      class CNAME < DomainName; end
+
+      class SOA < Resource
+        sig do
+          params(
+            mname: String,
+            rname: String,
+            serial: Integer,
+            refresh: Integer,
+            retry_: Integer,
+            expire: Integer,
+            minimum: Integer
+          ).void
+        end
+        def initialize(mname, rname, serial, refresh, retry_, expire, minimum)
+          @mname = T.let(T.unsafe(nil), String)
+          @rname = T.let(T.unsafe(nil), String)
+          @serial = T.let(T.unsafe(nil), Integer)
+          @refresh = T.let(T.unsafe(nil), Integer)
+          @retry = T.let(T.unsafe(nil), Integer)
+          @expire = T.let(T.unsafe(nil), Integer)
+          @minimum = T.let(T.unsafe(nil), Integer)
+        end
+
+        sig { returns(String) }
+        attr_reader :mname
+
+        sig { returns(String) }
+        attr_reader :rname
+
+        sig { returns(Integer) }
+        attr_reader :serial
+
+        sig { returns(Integer) }
+        attr_reader :refresh
+
+        sig { returns(Integer) }
+        attr_reader :retry
+
+        sig { returns(Integer) }
+        attr_reader :expire
+
+        sig { returns(Integer) }
+        attr_reader :minimum
+      end
+
+      class PTR < DomainName; end
+
+      class HINFO < Resource
+        sig { params(cpu: String, os: String).void }
+        def initialize(cpu, os)
+          @cpu = T.let(T.unsafe(nil), String)
+          @os = T.let(T.unsafe(nil), String)
+        end
+
+        sig { returns(String) }
+        attr_reader :cpu
+
+        sig { returns(String) }
+        attr_reader :os
+      end
+
+      class MINFO < Resource
+        sig { params(rmailbx: String, emailbx: String).void }
+        def initialize(rmailbx, emailbx)
+          @rmailbx = T.let(T.unsafe(nil), String)
+          @emailbx = T.let(T.unsafe(nil), String)
+        end
+
+        sig { returns(String) }
+        attr_reader :rmailbx
+
+        sig { returns(String) }
+        attr_reader :emailbx
+      end
+
+      class MX < Resource
+        sig { params(preference: Integer, exchange: String).void }
+        def initialize(preference, exchange)
+          @preference = T.let(T.unsafe(nil), Integer)
+          @exchange = T.let(T.unsafe(nil), String)
+        end
+
+        sig { returns(Integer) }
+        attr_reader :preference
+
+        sig { returns(String) }
+        attr_reader :exchange
+      end
+
+      class TXT < Resource
+        sig { params(first_string: String, rest_strings: String).void }
+        def initialize(first_string, *rest_strings)
+          @strings = T.let(T.unsafe(nil), T::Array[String])
+        end
+
+        sig { returns(T::Array[String]) }
+        attr_reader :strings
+
+        sig { returns(String) }
+        def data; end
+      end
+
+      class LOC < Resource
+        sig do
+          params(
+            version: String,
+            ssize: T.any(String, Resolv::LOC::Size),
+            hprecision: T.any(String, Resolv::LOC::Size),
+            vprecision: T.any(String, Resolv::LOC::Size),
+            latitude: T.any(String, Resolv::LOC::Coord),
+            longitude: T.any(String, Resolv::LOC::Coord),
+            altitude: T.any(String, Resolv::LOC::Alt)
+          ).void
+        end
+        def initialize(version, ssize, hprecision, vprecision, latitude, longitude, altitude)
+          @version = T.let(T.unsafe(nil), String)
+          @ssize = T.let(T.unsafe(nil), Resolv::LOC::Size)
+          @hprecision = T.let(T.unsafe(nil), Resolv::LOC::Size)
+          @vprecision = T.let(T.unsafe(nil), Resolv::LOC::Size)
+          @latitude = T.let(T.unsafe(nil), Resolv::LOC::Coord)
+          @longitude = T.let(T.unsafe(nil), Resolv::LOC::Coord)
+          @altitude = T.let(T.unsafe(nil), Resolv::LOC::Alt)
+        end
+
+        sig { returns(String) }
+        attr_reader :version
+
+        sig { returns(Resolv::LOC::Size) }
+        attr_reader :ssize
+
+        sig { returns(Resolv::LOC::Size) }
+        attr_reader :hprecision
+
+        sig { returns(Resolv::LOC::Size) }
+        attr_reader :vprecision
+
+        sig { returns(Resolv::LOC::Coord) }
+        attr_reader :latitude
+
+        sig { returns(Resolv::LOC::Coord) }
+        attr_reader :longitude
+
+        sig { returns(Resolv::LOC::Alt) }
+        attr_reader :altitude
+      end
+
+      class ANY < Query; end
+
+      module IN
+        class A < Resource
+          sig { params(address: String).void }
+          def initialize(address)
+            @address = T.let(T.unsafe(nil), Resolv::IPv4)
+          end
+
+          sig { returns(Resolv::IPv4) }
+          attr_reader :address
+        end
+
+        class WKS < Resource
+          sig { params(address: String, protocol: Integer, bitmap: String).void }
+          def initialize(address, protocol, bitmap)
+            @address = T.let(T.unsafe(nil), Resolv::IPv4)
+            @protocol = T.let(T.unsafe(nil), Integer)
+            @bitmap = T.let(T.unsafe(nil), String)
+          end
+
+          sig { returns(Resolv::IPv4) }
+          attr_reader :address
+
+          sig { returns(Integer) }
+          attr_reader :protocol
+
+          sig { returns(String) }
+          attr_reader :bitmap
+        end
+
+        class AAAA < Resource
+          sig { params(address: String).void }
+          def initialize(address)
+            @address = T.let(T.unsafe(nil), Resolv::IPv6)
+          end
+
+          sig { returns(Resolv::IPv6) }
+          attr_reader :address
+        end
+
+        class SRV < Resource
+          # Create a SRV resource record.
+          #
+          # See the documentation for #priority, #weight, #port and #target
+          # for +priority+, +weight+, +port and +target+ respectively.
+
+          sig do
+            params(
+              priority: T.any(Integer, String),
+              weight: T.any(Integer, String),
+              port: T.any(Integer, String),
+              target: T.any(String, Resolv::DNS::Name)
+            ).void
+          end
+          def initialize(priority, weight, port, target)
+            @priority = T.let(T.unsafe(nil), Integer)
+            @weight = T.let(T.unsafe(nil), Integer)
+            @port = T.let(T.unsafe(nil), Integer)
+            @target = T.let(T.unsafe(nil), Resolv::DNS::Name)
+          end
+
+          sig { returns(Integer) }
+          attr_reader :priority
+
+          sig { returns(Integer) }
+          attr_reader :weight
+
+          sig { returns(Integer) }
+          attr_reader :port
+
+          sig { returns(Resolv::DNS::Name) }
+          attr_reader :target
+        end
+      end
+    end
+  end
+
+  class IPv4
+    Regex256 = T.let(T.unsafe(nil), Regexp)
+    Regex = T.let(T.unsafe(nil), Regexp)
+
+    sig { params(arg: T.any(String, Resolv::IPv4)).returns(Resolv::IPv4) }
+    def self.create(arg); end
+
+    sig { params(address: String).void }
+    def initialize(address)
+      @address = T.let(T.unsafe(nil), String)
+    end
+
+    sig { returns(String) }
+    attr_reader :address
+
+    sig { returns(DNS::Name) }
+    def to_name; end
+  end
+
+  class IPv6
+    Regex_8Hex = T.let(T.unsafe(nil), Regexp)
+    Regex_CompressedHex = T.let(T.unsafe(nil), Regexp)
+    Regex_6Hex4Dec = T.let(T.unsafe(nil), Regexp)
+    Regex_CompressedHex4Dec = T.let(T.unsafe(nil), Regexp)
+    Regex = T.let(T.unsafe(nil), Regexp)
+
+    sig { params(arg: T.any(String, Resolv::IPv6)).returns(Resolv::IPv6) }
+    def self.create(arg); end
+
+    sig { params(address: String).void }
+    def initialize(address)
+      @address = T.let(T.unsafe(nil), String)
+    end
+
+    sig { returns(String) }
+    attr_reader :address
+
+    sig { returns(DNS::Name) }
+    def to_name; end
+  end
+
+  class MDNS < DNS
+    Port = T.let(T.unsafe(nil), Integer)
+    AddressV4 = T.let(T.unsafe(nil), String)
+    AddressV6 = T.let(T.unsafe(nil), String)
+    Addresses = T.let(T.unsafe(nil), [[String, Integer], [String, Integer]])
+
+    sig do
+      params(
+        config_info: T.any(
+          NilClass,
+          { nameserver: T.any(String, T::Array[String]), search: T::Array[String], ndots: Integer },
+          { nameserver_port: T::Array[[String, Integer]], search: T::Array[String], ndots: Integer }
+        )
+      ).void
+    end
+    def initialize(config_info = nil); end
+  end
+
+  module LOC
+    class Size
+      Regex = T.let(T.unsafe(nil), Regexp)
+
+      sig { params(arg: T.any(String, Resolv::LOC::Size)).returns(Resolv::LOC::Size) }
+      def self.create(arg); end
+
+      sig { params(scalar: String).void }
+      def initialize(scalar)
+        @scalar = T.let(T.unsafe(nil), String)
+      end
+
+      sig { returns(String) }
+      attr_reader :scalar
+    end
+
+    class Coord
+      Regex = T.let(T.unsafe(nil), Regexp)
+
+      sig { params(arg: T.any(String, Resolv::LOC::Coord)).returns(Resolv::LOC::Coord) }
+      def self.create(arg); end
+
+      sig { params(coordinates: String, orientation: T.enum(%w[lat lon])).void }
+      def initialize(coordinates, orientation)
+        @coordinates = T.let(T.unsafe(nil), String)
+        @orientation = T.let(T.unsafe(nil), T.enum(%w[lat lon]))
+      end
+
+      sig { returns(String) }
+      attr_reader :coordinates
+
+      sig { returns(T.enum(%w[lat lon])) }
+      attr_reader :orientation
+    end
+
+    class Alt
+      Regex = T.let(T.unsafe(nil), Regexp)
+
+      sig { params(arg: T.any(String, Resolv::LOC::Alt)).returns(Resolv::LOC::Alt) }
+      def self.create(arg); end
+
+      sig { params(altitude: String).void }
+      def initialize(altitude)
+        @altitude = T.let(T.unsafe(nil), String)
+      end
+
+      sig { returns(String) }
+      attr_reader :altitude
+    end
+  end
+
+  DefaultResolver = T.let(T.unsafe(nil), Resolv)
+  AddressRegex = T.let(T.unsafe(nil), Regexp)
+end

spec/daemon_spec.rb

@@ -1,12 +1,11 @@
-# frozen_string_literal: true
-
-require_relative '../spec_helper'
+# typed: false
+require 'spec_helper'
 
 describe Dyndnsd::Daemon do
   include Rack::Test::Methods
 
   def app
-    Dyndnsd.logger = Logger.new($stdout)
+    Dyndnsd.logger = Logger.new(STDOUT)
     Dyndnsd.logger.level = Logger::UNKNOWN
 
     config = {
@@ -15,9 +14,6 @@ describe Dyndnsd::Daemon do
         'test' => {
           'password' => 'secret',
           'hosts' => ['foo.example.org', 'bar.example.org']
-        },
-        'test2' => {
-          'password' => 'ihavenohosts'
         }
       }
     }
@@ -27,7 +23,9 @@ describe Dyndnsd::Daemon do
 
     app = Rack::Auth::Basic.new(daemon, 'DynDNS', &daemon.method(:authorized?))
 
-    Dyndnsd::Responder::DynDNSStyle.new(app)
+    app = Dyndnsd::Responder::DynDNSStyle.new(app)
+
+    Rack::Tracer.new(app, trust_incoming_span: false)
   end
 
   it 'requires authentication' do
@@ -102,14 +100,6 @@ describe Dyndnsd::Daemon do
     expect(last_response.body).to eq('notfqdn')
   end
 
-  it 'rejects request if user does not own any hostnames' do
-    authorize 'test2', 'ihavenohosts'
-
-    get '/nic/update?hostname=doesnotexisthost.example.org'
-    expect(last_response).to be_ok
-    expect(last_response.body).to eq('nohost')
-  end
-
   it 'rejects request if user does not own one hostname' do
     authorize 'test', 'secret'
 

spec/spec_helper.rb

@@ -1,10 +1,9 @@
-# frozen_string_literal: true
+# typed: strong
 
 require 'rubygems'
 require 'bundler/setup'
 require 'rack/test'
 
 require 'dyndnsd'
-
-require_relative 'support/dummy_database'
-require_relative 'support/dummy_updater'
+require 'support/dummy_database'
+require 'support/dummy_updater'

spec/support/dummy_database.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 require 'forwardable'
 

spec/support/dummy_updater.rb

@@ -1,4 +1,4 @@
-# frozen_string_literal: true
+# typed: true
 
 module Dyndnsd
   module Updater

upgrade-version.sh

@@ -1,13 +0,0 @@
-#!/bin/bash -eux
-
-sed -i "s/$1/$2/g" lib/dyndnsd/version.rb
-
-release_date=$(LC_ALL=en_US.utf8 date +"%B %-d, %Y")
-
-if grep "## $2 (" CHANGELOG.md; then
-    true
-elif grep "## $2" CHANGELOG.md; then
-    sed -i "s/## $2/## $2 ($release_date)/g" CHANGELOG.md
-else
-    echo "## $2 ($release_date)" >> CHANGELOG.md
-fi