From e5d9a788dcf140fc9f3a8603cea06732e9e7cd27 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Mar 2025 19:10:58 +0000 Subject: [PATCH 01/28] Bump rack from 3.1.10 to 3.1.11 in the bundler group Bumps the bundler group with 1 update: [rack](https://github.com/rack/rack). Updates `rack` from 3.1.10 to 3.1.11 - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v3.1.10...v3.1.11) --- updated-dependencies: - dependency-name: rack dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 8c60f672..e08d90d4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -64,7 +64,7 @@ GEM ast (~> 2.4.1) racc racc (1.8.1) - rack (3.1.10) + rack (3.1.11) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest From bb46793a4bffcc354a597ceb3f3977177f489b20 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Mar 2025 19:54:52 +0000 Subject: [PATCH 02/28] Bump actions/attest-build-provenance from 2.2.0 to 2.2.3 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.2.0 to 2.2.3. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/520d128f165991a6c774bcb264f323e3d70747f4...c074443f1aee8d4aeeae555aebba3282517141b2) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 89ccb6c1..6f3dd98d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -39,7 +39,7 @@ jobs: - name: build run: echo "GEM_VERSION=$(gem build ${{ env.GEM_NAME }}.gemspec 2>&1 | grep Version | cut -d':' -f 2 | tr -d " \t\n\r")" >> $GITHUB_ENV - - uses: actions/attest-build-provenance@520d128f165991a6c774bcb264f323e3d70747f4 # pin@v2 + - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # pin@v2 with: subject-path: "${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem" From 4a757fd07fb10095010f3867d1347df857d0e963 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 5 Mar 2025 19:54:58 +0000 Subject: [PATCH 03/28] Bump ruby/setup-ruby from 1.221.0 to 1.222.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.221.0 to 1.222.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/32110d4e311bd8996b2a82bf2a43b714ccc91777...277ba2a127aba66d45bad0fa2dc56f80dbfedffa) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1ae421c7..25fc680d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@32110d4e311bd8996b2a82bf2a43b714ccc91777 # pin@v1.221.0 + - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 with: bundler-cache: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1df707db..ad56c808 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@32110d4e311bd8996b2a82bf2a43b714ccc91777 # pin@v1.221.0 + - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 with: bundler-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 89ccb6c1..edfc45bc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@32110d4e311bd8996b2a82bf2a43b714ccc91777 # pin@v1.221.0 + - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 with: bundler-cache: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index aebd3962..5f897f2e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - name: Update .ruby-version with matrix value run: echo "${{ matrix.ruby_version }}" >| .ruby-version - - uses: ruby/setup-ruby@32110d4e311bd8996b2a82bf2a43b714ccc91777 # pin@v1.221.0 + - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 with: bundler-cache: true From ab69ac0f0860aaaeeb4e7e9b4d90c18f2599ff40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Mar 2025 12:03:42 -0700 Subject: [PATCH 04/28] Bump rack from 3.1.11 to 3.1.12 in the bundler group (#266) Bumps the bundler group with 1 update: [rack](https://github.com/rack/rack). Updates `rack` from 3.1.11 to 3.1.12 - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v3.1.11...v3.1.12) --- updated-dependencies: - dependency-name: rack dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index e08d90d4..682a6a99 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -64,7 +64,7 @@ GEM ast (~> 2.4.1) racc racc (1.8.1) - rack (3.1.11) + rack (3.1.12) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest From b1fd61cdd15b2c948c0224d19fca61ee05f585cd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Mar 2025 12:03:58 -0700 Subject: [PATCH 05/28] Bump rubocop-rails from 2.30.2 to 2.30.3 (#265) Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.30.2 to 2.30.3. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.30.2...v2.30.3) --- updated-dependencies: - dependency-name: rubocop-rails dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 682a6a99..c78dc2db 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) - rubocop (1.73.0) + rubocop (1.73.2) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -92,14 +92,14 @@ GEM lint_roller (~> 1.1) rubocop (>= 1.72.1, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) - rubocop-rails (2.30.2) + rubocop-rails (2.30.3) activesupport (>= 4.2.0) lint_roller (~> 1.1) rack (>= 1.1) rubocop (>= 1.72.1, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) ruby-progressbar (1.13.0) - securerandom (0.4.1) + securerandom (0.3.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (3.1.4) From a9f99a0dcf9bd25701d3b12c4565ccabf312ccfa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Mar 2025 12:04:17 -0700 Subject: [PATCH 06/28] Bump rubocop from 1.73.0 to 1.73.2 (#264) Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.73.0 to 1.73.2. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.73.0...v1.73.2) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> From 9ab738c680a5ee7d57a8206b2c17931dbfde1f14 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 09:06:00 -0700 Subject: [PATCH 07/28] Bump json from 2.10.1 to 2.10.2 in the bundler group (#268) Bumps the bundler group with 1 update: [json](https://github.com/ruby/json). Updates `json` from 2.10.1 to 2.10.2 - [Release notes](https://github.com/ruby/json/releases) - [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md) - [Commits](https://github.com/ruby/json/compare/v2.10.1...v2.10.2) --- updated-dependencies: - dependency-name: json dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index c78dc2db..6207182f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -40,7 +40,7 @@ GEM erubi (1.13.1) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.10.1) + json (2.10.2) language_server-protocol (3.17.0.4) lint_roller (1.1.0) logger (1.6.6) From 8aa75b819d6f3a98b1c8fccb47e9d8c43b3590fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 20:29:55 +0000 Subject: [PATCH 08/28] Bump rubocop from 1.73.2 to 1.74.0 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.73.2 to 1.74.0. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.73.2...v1.74.0) --- updated-dependencies: - dependency-name: rubocop dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6207182f..d43c1050 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) - rubocop (1.73.2) + rubocop (1.74.0) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -86,7 +86,7 @@ GEM rubocop-ast (>= 1.38.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) - rubocop-ast (1.38.1) + rubocop-ast (1.39.0) parser (>= 3.3.1.0) rubocop-performance (1.24.0) lint_roller (~> 1.1) From 8d3e24f45957b5c29ac95ba4d8ebc45f9b85d762 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Mar 2025 20:30:22 +0000 Subject: [PATCH 09/28] Bump minitest from 5.25.4 to 5.25.5 Bumps [minitest](https://github.com/minitest/minitest) from 5.25.4 to 5.25.5. - [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc) - [Commits](https://github.com/minitest/minitest/compare/v5.25.4...v5.25.5) --- updated-dependencies: - dependency-name: minitest dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6207182f..76172031 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -48,7 +48,7 @@ GEM crass (~> 1.0.2) nokogiri (>= 1.12.0) mini_portile2 (2.8.8) - minitest (5.25.4) + minitest (5.25.5) mutex_m (0.3.0) nokogiri (1.18.3) mini_portile2 (~> 2.8.2) From 07fa16d2d4730490d3f211c1fa603d024bb7f106 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Mar 2025 19:44:40 +0000 Subject: [PATCH 10/28] Bump ruby/setup-ruby from 1.222.0 to 1.227.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.222.0 to 1.227.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/277ba2a127aba66d45bad0fa2dc56f80dbfedffa...1a615958ad9d422dd932dc1d5823942ee002799f) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 25fc680d..e3e76439 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 + - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 with: bundler-cache: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ad56c808..f48ca5a4 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 + - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 with: bundler-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ab4ff316..438b2753 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 + - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 with: bundler-cache: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5f897f2e..ed04e702 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - name: Update .ruby-version with matrix value run: echo "${{ matrix.ruby_version }}" >| .ruby-version - - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # pin@v1.222.0 + - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 with: bundler-cache: true From 7c4df38b8e1641232e65381aac3ee658b051ba56 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 26 Mar 2025 19:46:28 +0000 Subject: [PATCH 11/28] Bump ruby/setup-ruby from 1.227.0 to 1.228.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.227.0 to 1.228.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/1a615958ad9d422dd932dc1d5823942ee002799f...7886c6653556e1164c58a7603d88286b5f708293) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e3e76439..9e643d94 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 + - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 with: bundler-cache: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index f48ca5a4..ed41536a 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 + - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 with: bundler-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 438b2753..4c19c1f3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 + - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 with: bundler-cache: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index ed04e702..2aedbd2f 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - name: Update .ruby-version with matrix value run: echo "${{ matrix.ruby_version }}" >| .ruby-version - - uses: ruby/setup-ruby@1a615958ad9d422dd932dc1d5823942ee002799f # pin@v1.227.0 + - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 with: bundler-cache: true From 2c5b1056a98dbf390f51dd59abe037d867356a6f Mon Sep 17 00:00:00 2001 From: Issy Long Date: Thu, 24 Apr 2025 12:14:15 +0100 Subject: [PATCH 12/28] Seeing `unless !thing` breaks my brain - If not not thing, so it's actually yes thing! - Enable the RuboCop rule and add justification to the style guide. --- STYLEGUIDE.md | 17 +++++++++++++++++ config/default.yml | 2 +- 2 files changed, 18 insertions(+), 1 deletion(-) diff --git a/STYLEGUIDE.md b/STYLEGUIDE.md index 6cb942d1..31f33664 100644 --- a/STYLEGUIDE.md +++ b/STYLEGUIDE.md @@ -3,6 +3,7 @@ This is GitHub's Ruby Style Guide, inspired by [RuboCop's guide][rubocop-guide]. ## Table of Contents + 1. [Layout](#layout) 1. [Indentation](#indentation) 2. [Inline](#inline) @@ -763,6 +764,22 @@ if x > 10 end ``` +* Don't use `unless` with a negated condition. + [[link](#no-unless-negation)] + * RuboCop rule: Style/NegatedUnless + +```ruby +# bad +unless !condition? + do_something +end + +# good +if condition? + do_something +end +``` + ### Ternary operator * Avoid the ternary operator (`?:`) except in cases where all expressions are extremely diff --git a/config/default.yml b/config/default.yml index cf5d193e..115d24d6 100644 --- a/config/default.yml +++ b/config/default.yml @@ -1370,7 +1370,7 @@ Style/NegatedIfElseCondition: Enabled: false Style/NegatedUnless: - Enabled: false + Enabled: true Style/NegatedWhile: Enabled: false From c44be760a9a3c7a39bf93cec8fdf1d80109fb5f3 Mon Sep 17 00:00:00 2001 From: Issy Long Date: Thu, 24 Apr 2025 20:32:17 +0000 Subject: [PATCH 13/28] Bump `nokogiri` and the minimum required Ruby version - Fixes https://github.com/github/rubocop-github/security/dependabot/49 and https://github.com/github/rubocop-github/security/dependabot/50. - Dependabot couldn't do this itself because `nokogiri >= 1.18.8` is not compatible with Ruby 3.0, so the minimum required Ruby version in the gemspec needed bumping. --- Gemfile.lock | 8 ++++---- rubocop-github.gemspec | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 1c4e8aaf..2cba1403 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -50,14 +50,14 @@ GEM mini_portile2 (2.8.8) minitest (5.25.5) mutex_m (0.3.0) - nokogiri (1.18.3) + nokogiri (1.18.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.18.3-arm64-darwin) + nokogiri (1.18.8-arm64-darwin) racc (~> 1.4) - nokogiri (1.18.3-x86_64-darwin) + nokogiri (1.18.8-x86_64-darwin) racc (~> 1.4) - nokogiri (1.18.3-x86_64-linux-gnu) + nokogiri (1.18.8-x86_64-linux-gnu) racc (~> 1.4) parallel (1.26.3) parser (3.3.7.1) diff --git a/rubocop-github.gemspec b/rubocop-github.gemspec index 18b5aff9..efc3b000 100644 --- a/rubocop-github.gemspec +++ b/rubocop-github.gemspec @@ -18,7 +18,7 @@ Gem::Specification.new do |s| s.files = Dir["README.md", "STYLEGUIDE.md", "LICENSE", "config/*.yml", "lib/**/*.rb", "guides/*.md"] - s.required_ruby_version = ">= 3.0.0" + s.required_ruby_version = ">= 3.1.0" s.add_dependency "rubocop", ">= 1.72" s.add_dependency "rubocop-performance", ">= 1.24" From dd2a5ce446dfadbdf733346956ed6a200d603d6f Mon Sep 17 00:00:00 2001 From: Issy Long Date: Mon, 28 Apr 2025 14:13:42 +0100 Subject: [PATCH 14/28] Bump version to 0.24.0 --- lib/version.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/version.rb b/lib/version.rb index fd3043d4..ae89f765 100644 --- a/lib/version.rb +++ b/lib/version.rb @@ -1,3 +1,3 @@ # frozen_string_literal: true -VERSION = "0.23.0" +VERSION = "0.24.0" From d5444cd0fbac08605c34cea7ae716ead8652c8bb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 20:38:10 +0000 Subject: [PATCH 15/28] Update actionview requirement from ~> 7.1.5.1 to ~> 7.2.2.1 Updates the requirements on [actionview](https://github.com/rails/rails) to permit the latest version. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.0.2/actionview/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.1.5.1...v7.2.2.1) --- updated-dependencies: - dependency-name: actionview dependency-version: 7.2.2.1 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 20 +++++++++----------- rubocop-github.gemspec | 2 +- 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2cba1403..083c78f0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,32 +9,31 @@ PATH GEM remote: https://rubygems.org/ specs: - actionview (7.1.5.1) - activesupport (= 7.1.5.1) + actionview (7.2.2.1) + activesupport (= 7.2.2.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activesupport (7.1.5.1) + activesupport (7.2.2.1) base64 benchmark (>= 0.3) bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) logger (>= 1.4.2) minitest (>= 5.1) - mutex_m securerandom (>= 0.3) - tzinfo (~> 2.0) + tzinfo (~> 2.0, >= 2.0.5) ast (2.4.2) base64 (0.2.0) benchmark (0.4.0) bigdecimal (3.1.9) builder (3.3.0) concurrent-ruby (1.3.5) - connection_pool (2.5.0) + connection_pool (2.5.3) crass (1.0.6) drb (2.2.1) erubi (1.13.1) @@ -43,13 +42,12 @@ GEM json (2.10.2) language_server-protocol (3.17.0.4) lint_roller (1.1.0) - logger (1.6.6) + logger (1.7.0) loofah (2.24.0) crass (~> 1.0.2) nokogiri (>= 1.12.0) mini_portile2 (2.8.8) minitest (5.25.5) - mutex_m (0.3.0) nokogiri (1.18.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) @@ -99,7 +97,7 @@ GEM rubocop (>= 1.72.1, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) ruby-progressbar (1.13.0) - securerandom (0.3.2) + securerandom (0.4.1) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (3.1.4) @@ -114,7 +112,7 @@ PLATFORMS x86_64-linux DEPENDENCIES - actionview (~> 7.1.5.1) + actionview (~> 7.2.2.1) minitest rake rubocop-github! diff --git a/rubocop-github.gemspec b/rubocop-github.gemspec index efc3b000..43cb7e3d 100644 --- a/rubocop-github.gemspec +++ b/rubocop-github.gemspec @@ -24,7 +24,7 @@ Gem::Specification.new do |s| s.add_dependency "rubocop-performance", ">= 1.24" s.add_dependency "rubocop-rails", ">= 2.23" - s.add_development_dependency "actionview", "~> 7.1.5.1" + s.add_development_dependency "actionview", "~> 7.2.2.1" s.add_development_dependency "minitest" s.add_development_dependency "rake" From 14e8c1f74f7d8cf92b6d9c80875c804c2ae66b58 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Apr 2025 20:56:31 +0000 Subject: [PATCH 16/28] Bump actions/attest-build-provenance from 2.2.3 to 2.3.0 Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) from 2.2.3 to 2.3.0. - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/c074443f1aee8d4aeeae555aebba3282517141b2...db473fddc028af60658334401dc6fa3ffd8669fd) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4c19c1f3..a48f7d7b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -39,7 +39,7 @@ jobs: - name: build run: echo "GEM_VERSION=$(gem build ${{ env.GEM_NAME }}.gemspec 2>&1 | grep Version | cut -d':' -f 2 | tr -d " \t\n\r")" >> $GITHUB_ENV - - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # pin@v2 + - uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # pin@v2 with: subject-path: "${{ env.GEM_NAME }}-${{ env.GEM_VERSION }}.gem" From b4ce745e44b0c6ac83917de07c4d7e3bba7f86d3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 May 2025 14:51:05 +0000 Subject: [PATCH 17/28] Bump rack from 3.1.12 to 3.1.14 in the bundler group Bumps the bundler group with 1 update: [rack](https://github.com/rack/rack). Updates `rack` from 3.1.12 to 3.1.14 - [Release notes](https://github.com/rack/rack/releases) - [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md) - [Commits](https://github.com/rack/rack/compare/v3.1.12...v3.1.14) --- updated-dependencies: - dependency-name: rack dependency-version: 3.1.14 dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2cba1403..16f2121d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -64,7 +64,7 @@ GEM ast (~> 2.4.1) racc racc (1.8.1) - rack (3.1.12) + rack (3.1.14) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest From 2c73d2f76720ab5c029c75c49da9194f52917a9d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 May 2025 19:11:47 +0000 Subject: [PATCH 18/28] Bump ruby/setup-ruby from 1.228.0 to 1.238.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.228.0 to 1.238.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/7886c6653556e1164c58a7603d88286b5f708293...e34163cd15f4bb403dcd72d98e295997e6a55798) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.238.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9e643d94..2e596c5b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 + - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 with: bundler-cache: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index ed41536a..5c9c67d3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 + - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 with: bundler-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4c19c1f3..b025eeb9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 + - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 with: bundler-cache: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2aedbd2f..4a29ce21 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - name: Update .ruby-version with matrix value run: echo "${{ matrix.ruby_version }}" >| .ruby-version - - uses: ruby/setup-ruby@7886c6653556e1164c58a7603d88286b5f708293 # pin@v1.228.0 + - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 with: bundler-cache: true From 344c76613f0966df357e79d4c07742b5a6036a22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 15:21:14 +0000 Subject: [PATCH 19/28] Bump rubocop-performance from 1.24.0 to 1.25.0 Bumps [rubocop-performance](https://github.com/rubocop/rubocop-performance) from 1.24.0 to 1.25.0. - [Release notes](https://github.com/rubocop/rubocop-performance/releases) - [Changelog](https://github.com/rubocop/rubocop-performance/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-performance/compare/v1.24.0...v1.25.0) --- updated-dependencies: - dependency-name: rubocop-performance dependency-version: 1.25.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ebdeef2e..4c9f7d55 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -27,7 +27,7 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) - ast (2.4.2) + ast (2.4.3) base64 (0.2.0) benchmark (0.4.0) bigdecimal (3.1.9) @@ -39,8 +39,8 @@ GEM erubi (1.13.1) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.10.2) - language_server-protocol (3.17.0.4) + json (2.12.0) + language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) loofah (2.24.0) @@ -57,10 +57,11 @@ GEM racc (~> 1.4) nokogiri (1.18.8-x86_64-linux-gnu) racc (~> 1.4) - parallel (1.26.3) - parser (3.3.7.1) + parallel (1.27.0) + parser (3.3.8.0) ast (~> 2.4.1) racc + prism (1.4.0) racc (1.8.1) rack (3.1.14) rails-dom-testing (2.2.0) @@ -73,7 +74,7 @@ GEM rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) - rubocop (1.74.0) + rubocop (1.75.5) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -81,14 +82,15 @@ GEM parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 2.9.3, < 3.0) - rubocop-ast (>= 1.38.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) - rubocop-ast (1.39.0) - parser (>= 3.3.1.0) - rubocop-performance (1.24.0) + rubocop-ast (1.44.1) + parser (>= 3.3.7.2) + prism (~> 1.4) + rubocop-performance (1.25.0) lint_roller (~> 1.1) - rubocop (>= 1.72.1, < 2.0) + rubocop (>= 1.75.0, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) rubocop-rails (2.30.3) activesupport (>= 4.2.0) From d9b9239b8b090e55b622a0aeb6010dc679f41d72 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 May 2025 15:25:17 +0000 Subject: [PATCH 20/28] Bump rubocop-rails from 2.30.3 to 2.31.0 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.30.3 to 2.31.0. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.30.3...v2.31.0) --- updated-dependencies: - dependency-name: rubocop-rails dependency-version: 2.31.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4c9f7d55..ae551f3a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -92,11 +92,11 @@ GEM lint_roller (~> 1.1) rubocop (>= 1.75.0, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) - rubocop-rails (2.30.3) + rubocop-rails (2.31.0) activesupport (>= 4.2.0) lint_roller (~> 1.1) rack (>= 1.1) - rubocop (>= 1.72.1, < 2.0) + rubocop (>= 1.75.0, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) ruby-progressbar (1.13.0) securerandom (0.4.1) From 5ad0f6690492ae4af2a188ec2de42a03357fbb46 Mon Sep 17 00:00:00 2001 From: Issy Long Date: Mon, 12 May 2025 16:30:29 +0100 Subject: [PATCH 21/28] Fix variable naming in `Rails/ViewRenderLiteral` - Fixes https://github.com/github/rubocop-github/security/code-scanning/4 and https://github.com/github/rubocop-github/security/code-scanning/5 by fixing the typo for singular vs. plural `option_pairs` vs. `options_pairs`. --- lib/rubocop/cop/github/rails_view_render_literal.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/rubocop/cop/github/rails_view_render_literal.rb b/lib/rubocop/cop/github/rails_view_render_literal.rb index c8563868..357b2ee1 100644 --- a/lib/rubocop/cop/github/rails_view_render_literal.rb +++ b/lib/rubocop/cop/github/rails_view_render_literal.rb @@ -54,7 +54,7 @@ def on_send(node) if render_literal?(node) && node.arguments.count > 1 locals = node.arguments[1] - elsif options_pairs = render_with_options?(node) + elsif option_pairs = render_with_options?(node) locals = option_pairs.map { |pair| locals_key?(pair) }.compact.first end From 6bc1412cec56ebc6371e7d5e3d13e1a05d50141f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 21 May 2025 19:27:54 +0000 Subject: [PATCH 22/28] Bump ruby/setup-ruby from 1.238.0 to 1.244.0 Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.238.0 to 1.244.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/e34163cd15f4bb403dcd72d98e295997e6a55798...13e7a03dc3ac6c3798f4570bfead2aed4d96abfb) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.244.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/test.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2e596c5b..86059b7c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 + - uses: ruby/setup-ruby@13e7a03dc3ac6c3798f4570bfead2aed4d96abfb # pin@v1.244.0 with: bundler-cache: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5c9c67d3..24ca871b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 + - uses: ruby/setup-ruby@13e7a03dc3ac6c3798f4570bfead2aed4d96abfb # pin@v1.244.0 with: bundler-cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e3db4c81..84778eda 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: checkout uses: actions/checkout@v4 - - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 + - uses: ruby/setup-ruby@13e7a03dc3ac6c3798f4570bfead2aed4d96abfb # pin@v1.244.0 with: bundler-cache: true diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 4a29ce21..af449019 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -23,7 +23,7 @@ jobs: - name: Update .ruby-version with matrix value run: echo "${{ matrix.ruby_version }}" >| .ruby-version - - uses: ruby/setup-ruby@e34163cd15f4bb403dcd72d98e295997e6a55798 # pin@v1.238.0 + - uses: ruby/setup-ruby@13e7a03dc3ac6c3798f4570bfead2aed4d96abfb # pin@v1.244.0 with: bundler-cache: true From 84762bbf7fbf2c5a0a05889d5bd6da426e2b6fbe Mon Sep 17 00:00:00 2001 From: Mike Griffin Date: Tue, 27 May 2025 16:03:04 +0100 Subject: [PATCH 23/28] Specify the plugin class name explicitly This allows rubocop to be run in bundler standalone mode. Without specifying the plugin class name, rubocop errors out with: > Error: Failed to load plugin `rubocop-performance` because the corresponding plugin class could not be determined for instantiation. This is because it's trying to load the gem to find the name, but is unable to. Setting the class name doesn't affect running rubocop through bundler, it will still work properly --- config/default.yml | 3 ++- config/rails.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/config/default.yml b/config/default.yml index 115d24d6..ff7eec81 100644 --- a/config/default.yml +++ b/config/default.yml @@ -5,7 +5,8 @@ require: - rubocop-github plugins: - - rubocop-performance + - rubocop-performance: + plugin_class_name: RuboCop::Performance::Plugin Bundler/DuplicatedGem: Enabled: true diff --git a/config/rails.yml b/config/rails.yml index 80458562..cba38c11 100644 --- a/config/rails.yml +++ b/config/rails.yml @@ -5,7 +5,8 @@ require: - rubocop-github-rails plugins: - - rubocop-rails + - rubocop-rails: + plugin_class_name: RuboCop::Rails::Plugin GitHub/RailsControllerRenderActionSymbol: Enabled: true From d41cdb15b49184bbb324c72f88181b6f4eec5075 Mon Sep 17 00:00:00 2001 From: GrantBirki Date: Tue, 27 May 2025 09:45:59 -0700 Subject: [PATCH 24/28] commit changes from `bundle install` --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index ae551f3a..7a13033a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - rubocop-github (0.23.0) + rubocop-github (0.24.0) rubocop (>= 1.72) rubocop-performance (>= 1.24) rubocop-rails (>= 2.23) From 5bc2937c51015743844f89b1b2d59378f52f934a Mon Sep 17 00:00:00 2001 From: GrantBirki Date: Tue, 27 May 2025 09:46:22 -0700 Subject: [PATCH 25/28] docs --- CONTRIBUTING.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 72cf0a2c..e5ef656b 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -51,6 +51,6 @@ Rubocop regularly releases new versions with new cops. We want to keep up to dat 1. Update [`lib/version.rb`](lib/version.rb) with the next version number 2. Update the `CHANGELOG` with changes and contributor -3. Run `bundle` to update gem version contained in the lockfile +3. Run `bundle install` to update gem version contained in the lockfile 4. Commit your changes and open a pull request 5. When the pull request is approved and merged into `main`, the [`.github/workflows/release.yml`](.github/workflows/release.yml) workflow will automatically run to release the new version to RubyGems and GitHub Packages 🎉. From 5a69181ff75aed885e575ea3d409027254ccef72 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 May 2025 16:49:34 +0000 Subject: [PATCH 26/28] Bump rubocop from 1.75.5 to 1.75.7 Bumps [rubocop](https://github.com/rubocop/rubocop) from 1.75.5 to 1.75.7. - [Release notes](https://github.com/rubocop/rubocop/releases) - [Changelog](https://github.com/rubocop/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop/compare/v1.75.5...v1.75.7) --- updated-dependencies: - dependency-name: rubocop dependency-version: 1.75.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 7a13033a..cf35c017 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -39,7 +39,7 @@ GEM erubi (1.13.1) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.12.0) + json (2.12.2) language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) @@ -74,7 +74,7 @@ GEM rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) - rubocop (1.75.5) + rubocop (1.75.7) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) From 1fab623ae3f97ebcef0e22a503e3c4a45180d505 Mon Sep 17 00:00:00 2001 From: Mike Griffin Date: Tue, 27 May 2025 18:21:18 +0100 Subject: [PATCH 27/28] Bump to version 0.25.0 --- CHANGELOG.md | 10 ++++++++++ Gemfile.lock | 2 +- lib/version.rb | 2 +- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2496c68f..f89036a3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,15 @@ # rubocop-github +## v0.25.0 + +- Read the automatic release notes on [the /releases page for this gem](https://github.com/github/rubocop-github/releases). +- Updated related gems +- Specify plugin class names for included rubocop plugins + +## v0.24.0 + +- Read the automatic release notes on [the /releases page for this gem](https://github.com/github/rubocop-github/releases). + ## v0.23.0 - Read the automatic release notes on [the /releases page for this gem](https://github.com/github/rubocop-github/releases). diff --git a/Gemfile.lock b/Gemfile.lock index cf35c017..e858888a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,7 +1,7 @@ PATH remote: . specs: - rubocop-github (0.24.0) + rubocop-github (0.25.0) rubocop (>= 1.72) rubocop-performance (>= 1.24) rubocop-rails (>= 2.23) diff --git a/lib/version.rb b/lib/version.rb index ae89f765..a9f2b951 100644 --- a/lib/version.rb +++ b/lib/version.rb @@ -1,3 +1,3 @@ # frozen_string_literal: true -VERSION = "0.24.0" +VERSION = "0.25.0" From 2c40fb3ce5f356f0c4f3db003dc75003712601a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 May 2025 18:12:26 +0000 Subject: [PATCH 28/28] Bump rubocop-rails from 2.31.0 to 2.32.0 Bumps [rubocop-rails](https://github.com/rubocop/rubocop-rails) from 2.31.0 to 2.32.0. - [Release notes](https://github.com/rubocop/rubocop-rails/releases) - [Changelog](https://github.com/rubocop/rubocop-rails/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rails/compare/v2.31.0...v2.32.0) --- updated-dependencies: - dependency-name: rubocop-rails dependency-version: 2.32.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e858888a..d4d29779 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -35,7 +35,7 @@ GEM concurrent-ruby (1.3.5) connection_pool (2.5.3) crass (1.0.6) - drb (2.2.1) + drb (2.2.3) erubi (1.13.1) i18n (1.14.7) concurrent-ruby (~> 1.0) @@ -63,7 +63,7 @@ GEM racc prism (1.4.0) racc (1.8.1) - rack (3.1.14) + rack (3.1.15) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest @@ -92,12 +92,12 @@ GEM lint_roller (~> 1.1) rubocop (>= 1.75.0, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) - rubocop-rails (2.31.0) + rubocop-rails (2.32.0) activesupport (>= 4.2.0) lint_roller (~> 1.1) rack (>= 1.1) rubocop (>= 1.75.0, < 2.0) - rubocop-ast (>= 1.38.0, < 2.0) + rubocop-ast (>= 1.44.0, < 2.0) ruby-progressbar (1.13.0) securerandom (0.4.1) tzinfo (2.0.6)