🚨 [security] Update rubocop-rails 2.25.1 → 2.26.0 (minor) #1344
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![depfu[bot]](https://avatars.githubusercontent.com/in/715?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ rubocop-rails (2.25.1 → 2.26.0) · Repo · Changelog
Release Notes
2.26.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 47 commits:
Cut 2.26.0Update ChangelogMerge pull request #1337 from Earlopain/validation-errorMerge pull request #1336 from koic/add_new_rails_enum_syntax_copMerge pull request #1309 from ytjmt/support-new-enum-syntax-for-enum-hash-cop[Fix #1238] Add new `Rails/EnumSyntax` copMerge pull request #1335 from Earlopain/error-bulk-change-tableFix an error for `Rails/Validation` when passing no argumentsUpdate `Rails/Validation` specs to modern styleMerge pull request #1334 from Earlopain/cop-registry-deprecatedFix an error for `Rails/BulkChangeTable` when the block for `change_table` is emptyDon't use deprecated `Cop.registry` in specsUpdate a changelog file nameMerge pull request #1003 from r7kamura/root-pathname-methods-indexMerge pull request #1323 from Earlopain/where-equal-not[Fix #1199] Make `Rails/WhereEquals` aware of `where.not(...)`Merge pull request #1330 from Earlopain/where-not-errorFix an error for `Rails/WhereNot` without second argumentMerge pull request #1325 from Earlopain/render-plain-text-errorFix an error for `Rails/RenderPlainText` when the content type is passed as a constantMerge pull request #1321 from Earlopain/where-equal-errorFix an error for `Style/WhereEquals` when the second argument is not yet typedMerge pull request #1320 from Earlopain/rails-version-redundant-presence-validation[Fix #1319] Fix false positive for `RedundantPresenceValidationOnBelongsTo`Merge pull request #1316 from Uaitt/documentation-typoCorrect typo in Rails/WhereEquals documentationMerge pull request #1311 from tldn0718/fix-false-negatives-for-action-controller-flash-before-renderMerge pull request #1302 from koic/make_style_collection_compact_aware_of_paramsAllow `params` receiver by default for `Style/CollectionMethods`Merge pull request #1314 from biow0lf/fix-docsUse right ticksMerge pull request #1313 from koic/fix_false_positive_for_rails_compact_blankFix false positives for `Rails/CompactBlank`Merge pull request #1310 from fatkodima/compact_blank-select_presentSupport Rails 7 syntax for Rails/EnumHash copFix false negatives for implicit render or rescue blocksChange `Rails/CompactBlank` to handle `select(&:present?)`Merge pull request #1307 from padarom/fix-pluck-in-where-documentationSuppress RuboCop offensesClarify the wording of the `Rails/PluckInWhere` copMerge pull request #1298 from ytjmt/support-new-enum-syntax-for-enum-uniqueness-copSuppress RuboCop offenseMerge pull request #1306 from Earlopain/pluralization-grammar-byteMake `Rails/PluralizationGrammar` aware of byte methodsMerge pull request #1304 from fatkodima/ignored_skip_action_filter_option-multiple-callbacksChange `Rails/IgnoredSkipActionFilterOption` to handle multiple callbacksSwitch back docs version to masterRelease Notes
5.25.1 (from changelog)
5.25.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 24 commits:
prepped for release- Fix incompatibility caused by minitest-hooks & rails invading minitest internals.- Revert change from =~ to match? to allow for nil if $TERM undefined.prepped for release+ Refactored siginfo handler to reduce runtime costs. Saved ~30%!normalized all actual/expected var names for assert_equal testsAccept colon style Hash#inspect in test. (tompng)- Improve description of test:slow task. (stomar)- Cleaning up ancient code checking for defined?(Encoding) and the like.Minor fix to make deprecation tests pass when using rake testW0oops+ Fixed some inefficiencies filtering and matching (mostly backtraces).More foolish consistency...More foolish consistency... "So many parens!" editionMore foolish consistency..."A foolish consistency is the hobgoblin of little minds, adored by little statesmen and philosophers and divines"—Emerson- Disambiguated some shadowed variables in minitest/compress.Got rid of ANCIENT pre-Integer-merge testsGot rid of ANCIENT RUBY18 conditioned tests- Fixed an ironic bug if using string-literals AND Werror.Finally removed all clean + heredoc for squiggly heredocs in test.- Added missing rdoc to get back to 100% coverage.Double quoted some (ancient) string literals.Fixed 3 tests when using minitest-gcstats.Commits
See the full diff on Github. The new version differs by 3 commits:
v1.26.3Merge pull request #351 from y-yagi/ensure_not_to_use_old_concurrent-rubyEnsure not to use old `concurrent-ruby`Security Advisories 🚨
🚨 REXML denial of service vulnerability
Release Notes
3.3.6
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 15 commits:
Add 3.3.6 entryparser tree: improve namespace conflicted attribute check performanceFix a bug that Stream parser doesn't expand the user-defined entity references for "text" (#200)parser: keep the current namespaces instead of stack of Setparser: move duplicated end tag check to BaseParsertest tree-parser: move common method to base classtest: fix indenttest: fix indentUse loop instead of recursive call for Element#namespaceUse loop instead of recursive call for Element#roottest: split duplicated attribute case and namespace conflict caseFix to not allow parameter entity references at internal subsets (#191)Fix RuntimeError in `REXML::Parsers::BaseParser` for valid feeds (#199)Improve `BaseParser#unnormalize` (#194)Bump versionRelease Notes
1.32.1 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 6 commits:
Cut 1.32.1Update ChangelogMark `RuboCop::AST::EnsureNode` as being in a void context.Fix readme CI badge (#308)Move test `Node#used?` predicate method definitionRestore docs/antora.ymlDepfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase.All Depfu comment commands