🚨 [security] Update rubocop 0.85.1 → 1.63.0 (major) #130
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ rubocop (0.85.1 → 1.63.0) · Repo · Changelog
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by 75 commits:
Cut 1.63
Update Changelog
[Fix #11878] Add new `Style/MapIntoArray` cop
Fix rubocop#12547 : fix text
Fix rubocop#12547 : drop the quotes around the URL
Fix rubocop#12547 : add a changelog
Fix rubocop#12547 : fix rspec
Fix rubocop#12547 : Added comment with suggestion to bring Rubocop up to the latest version in case of 'Infinite loop detected' error.
Run tests with Prism 0.25+
Merge pull request #12816 from artur-intech/master
Exclude `Rakefile.rb` from `Naming/FileName` check
Merge pull request #12820 from ydah/support-more-debugger-entry-point
Merge pull request #12821 from koic/workaround_for_prism_25
Workaround for incompatibilities between Prism 0.24.0 and 0.25.0
Tweak a character in a spec
Add support more Capybara debugger entry points for `Lint/Debugger`
Make `rubocop -V` display rubocop-rspec_rails version when using it
Add .vscode to .gitignore
Use RuboCop RSpec 2.29
Replace regex with `Bundler::LockfileParser`
Use RuboCop RSpec 2.28
Allow `AllCops/SomeParameter` for valid cop name spec
[Fix #11920] Skip files that don't satisfy gem version reqs
Add new `requires_gem` API
Add new `Config#gem_versions_in_target` API
Add method for retrieving locked gem versions
Parameterize lockfile path of `RuboCop::Lockfile`
Document `RuboCop::Lockfile`
[Fix #12676] Adjust offending range in LSP
Merge pull request #12813 from ydah/add-rubocop-rspec_rails
Respect RFC 3092
Add rubocop-rspec_rails to suggested extensions and extension doc
Use `RESTRICT_ON_SEND` for `Style/RedundantCurrentDirectoryInPath`
Use RuboCop Performance 1.21
Use `block_literal?`
Remove useless `require 'timeout'`
Merge pull request #12812 from koic/fix_false_positives_for_style_redundant_argument
[Fix #12794] Fix false positives for `Style/RedundantArgument`
[Fix #12793] Fix false positives for `Style/RedundantLineContinuation`
Update lib/rubocop/cop/mixin/safe_assignment.rb
[Fix #12731] Treat csend the same way as send for setter methods
Remove unnecessary condition
Return global offenses for `Style/Copyright` when the file is empty.
Merge pull request #12811 from Earlopain/tweakinging-profiling-docs
Small tweaks to profiling docs
Merge pull request #12808 from koic/fix_false_positives_for_naming_block_forwarding
Merge pull request #12806 from koic/fix_false_positive_for_style_redundant_line_continuation
[Fix #12807] Fix false positives for `Naming/BlockForwarding`
Fix false positives for `Style/RedundantLineContinuation`
Merge pull request #12803 from koic/fix_incorrect_autocorrect_for_style_collection_compact
Merge pull request #12802 from Earlopain/global-offenses-for-filename-issues
Return global offenses for `Naming/FileName` and `Naming/InclusiveLanguage`
[Fix #12801] Fix incorrect autocorrect for `Style/CollectionCompact`
[Fix #12797] Fix false positives for `Style/RedundantLineContinuation`
Merge pull request #12800 from sambostock/handle-empty-obsoletions-config
Handle empty obsoletion config
Merge pull request #12796 from koic/fix_false_positives_for_style_eval_with_location
Fix false positives for `Style/EvalWithLocation`
Merge pull request #12776 from Earlopain/testing-tests
Add tests for `expect_no_corrections` and `expect_correction` loop behaviour
Merge pull request #12789 from boardfish/redundant-percent-q-multiline
[Fix #12786] Make Style/RedundantPercentQ handle multiline source safely
Merge pull request #12790 from koic/fix_a_false_positive_for_lint_redundant_with_index
[Fix #12769] Fix a false positive for `Lint/RedundantWithIndex`
Merge pull request #12782 from Earlopain/fix-error-for-style-alias-spec
Fix an error for `Style/Alias` when calling `alias_method` with fewer than 2 arguments.
Merge pull request #12781 from Earlopain/fix-error-for-style-exact-regexp-match
Merge pull request #12780 from Earlopain/fix-error-for-style-redundant-each
Fix an error for `Style/ExactRegexpMatch` when calling `match` without a receiver
Fix an error for `Style/RedundantEach` when using `reverse_each.each` without a block
Add support for `InternalAffairs/ExampleDescription` when using "registers no offense"
Use 'registers no offense' instead of 'register no offense'
[Fix #12721] Add `DebuggerRequires` to `Lint/Debugger`
Fix a description of example for `Lint/UselessTimes`
Reset the docs version
Commits
See the full diff on Github. The new version differs by 12 commits:
Bump version.
Run tests using github actions (#32)
added dummy test github action
Enable matching with `Node#deconstruct` (#31)
Add Truffleruby head to CI
Bump version.
Fixed AST::Node#updated to always return a copy. (#25)
Removed unused dependencies from gemspec.
update ci
bump rake
Only ship the necessary library files in the gem artifact
Fix typo.
Commits
See the full diff on Github. The new version differs by 73 commits:
v1.24.0
Merge pull request #340 from grosser/grosser/order
polish
Merge pull request #339 from shaicoleman/finish-in-order
Add :finish_in_order option
v1.23.0
Merge pull request #336 from grosser/grosser/filter-map
add filter-map
Merge pull request #333 from M-Yamashita01/fix-inline-method-in-processor-count
Inline the methods of ProcessorCount module.
Merge pull request #331 from msasaki666/add-ruby-3.2-to-ci
add ruby 3.2 to ci
Merge pull request #330 from grosser/grosser/docs
small docs fix
improve ractor docs
v1.22.1
Merge pull request #322 from enumag/patch-1
Fix compilation on windows
v1.22.0
Merge pull request #317 from grosser/grosser/ractor
WIP
Merge pull request #321 from grosser/grosser/31
add ruby 3.1
Merge pull request #320 from grosser/grosser/rspec
gem update
Merge pull request #313 from grosser/grosser/flake
make test not be flaky when other ruby processes get started
Merge pull request #312 from grosser/grosser/ruby
Make sure to run test cases with target Ruby version
Merge pull request #309 from olleolleolle/patch-2
CI: use matrix.task to select Rake task
Merge pull request #308 from grosser/grosser/spec
do not run rubocop for each ruby version
v1.21.0
Add support for darwin20
fix rubocop
rubocop
Merge pull request #303 from henrich/patch-1
Avoid thousands of lsof warnings in chroot
Merge pull request #301 from pedromartinez/revert-299-patch-1
Revert "Add support for darwin20"
v1.20.2
Merge pull request #299 from pedromartinez/patch-1
Add support for darwin20
Merge pull request #295 from okuramasafumi/patch-1
Change CI badge from Travis to GitHub Actions
Merge pull request #293 from kachick/tomosan
Merge pull request #292 from kachick/follow-ruby-3
Fix Contributors link
Test against ruby 3.0
`bundle update --conservative minitest`
v1.20.1
Merge pull request #287 from grosser/grosser/eol
bring back ruby 2.4 since that broke rubocop builds because of some dependency foobar
Merge pull request #288 from grosser/grosser/ga
use GA
v1.20.0
Merge pull request #285 from grosser/grosser/break
allow breaking with value
Merge pull request #278 from grosser/grosser/ci
remove cert
fix errors
bump rake to fix warnings
bump rails
bump ruby requirements
bump AR
fix ci
v1.19.2
Merge pull request #277 from grosser/grosser/timeout
Allow timeout usage inside of threads
simplify activerecord wording
Merge pull request #272 from kakra/fixes/issue-150
docs: Improve notes about ActiveRecord
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
3.1.1 (from changelog)
3.1.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 29 commits:
v3.1.1
fix: Include all lib/ files
Add screenshot of example in README
Update .travis.yml
Update .travis.yml
RuboCop: configure new 0.81.0 rules
Pin RuboCop to 0.81.0 to support Ruby 2.3
v3.1.0
v3.1.0 Changelog
(chore) Add v0.80 RuboCop cops
CI: Use JRuby 9.2.11.0
CI: Update matrix
Fix RuboCop offenses and warnings about .rubocop.yml
Gemspec: List files using Ruby
CI: Use 2.4.6, 2.5.5, 2.6.3, jruby-9.2.7.0 (#94)
Use rubocop latest, drop support for Ruby 2.1, 2.2 (#91)
CI: Allow Bundler 2, add Rubies to CI matrix (#89)
Remove specific TargetRubyVersion from .rubocop.yml (#88)
README: Add cross_out, strike to presenters docs
Add test with non-existent :color (#86)
introducing #cross_out (#84)
Simplify `wrap_with_sgr` method (#85)
Merge pull request #83 from chiting/add-hex-check
Make rubocop happy
Add hexadecimal format checking
Add unit test for non hexadecimal string
Merge pull request #81 from nicolasleger/patch-1
[CI] Test against new Ruby 2.5 and patched
Update changelog
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Security Advisories 🚨
🚨 XML round-trip vulnerability in REXML
Release Notes
3.2.6
3.2.5 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
1.13.0 (from changelog)
1.12.0 (from changelog)
1.11.0 (from changelog)
Does any of this look wrong? Please let us know.
Release Notes
2.5.0 (from changelog)
2.4.2 (from changelog)
2.4.1 (from changelog)
2.4.0 (from changelog)
2.3.0 (from changelog)
2.2.0 (from changelog)
2.1.0 (from changelog)
1.8.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
🆕 json (added, 2.7.2)
🆕 language_server-protocol (added, 3.17.0.3)
🆕 racc (added, 1.7.3)
Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase
.All Depfu comment commands