v0.13.0 Release: Ruby Version Upgrade Part #1 (#71)

* Ruby version upgrade to v3.1
bugcrowd · Jul 15, 2024 · 018b71d · 018b71d
1 parent 79d40c4
commit 018b71d
Show file tree

Hide file tree

Showing 11 changed files with 34 additions and 27 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -7,7 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        ruby: ['2.5', '2.6', '2.7']
+        ruby: ['3.1','3.2','3.3']
     name: Test ruby v${{ matrix.ruby }} support
     steps:
     - uses: actions/checkout@v1
@@ -17,7 +17,7 @@ jobs:
         ruby-version: ${{ matrix.ruby }}
     - name: Build with dependencies
       run: |
-        gem install bundler -v 2.1
+        gem install bundler -v 2.5.14
         bundle install
     - name: Test with rspec
       run: |

diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,5 +1,5 @@
 AllCops:
-  TargetRubyVersion: 2.4
+  TargetRubyVersion: 3.1
 
 Style/Documentation:
   Enabled: false

diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM ruby:2.5-alpine
+FROM ruby:3.1
 
 RUN mkdir -p /usr/src/app
 WORKDIR /usr/src/app

diff --git a/lib/vrt.rb b/lib/vrt.rb
@@ -81,7 +81,7 @@ def all_matching_categories(categories)
   def find_node(vrt_id:, preferred_version: nil, max_depth: 'variant', version: nil) # rubocop:disable Lint/UnusedMethodArgument
     new_version = preferred_version || current_version
     if get_map(version: new_version).valid?(vrt_id)
-      get_map(version: new_version).find_node(vrt_id, max_depth: max_depth)
+      get_map(version: new_version).find_node(vrt_id, max_depth:)
     elsif deprecated_node?(vrt_id)
       find_deprecated_node(vrt_id, preferred_version, max_depth)
     else

diff --git a/lib/vrt/cross_version_mapping.rb b/lib/vrt/cross_version_mapping.rb
@@ -32,14 +32,14 @@ def latest_version_for_deprecated_node(vrt_id)
     def find_deprecated_node(vrt_id, new_version = nil, max_depth = 'variant')
       version = latest_version_for_deprecated_node(vrt_id)
       node_id = deprecated_node_json[vrt_id][new_version] || deprecated_node_json[vrt_id][version]
-      new_node = VRT::Map.new(new_version).find_node(node_id, max_depth: max_depth)
+      new_node = VRT::Map.new(new_version).find_node(node_id, max_depth:)
       new_node.nil? ? find_deprecated_node(node_id, new_version, max_depth) : new_node
     end
 
     def find_valid_parent_node(vrt_id, new_version, max_depth)
       new_map = VRT::Map.new(new_version)
       if new_map.valid?(vrt_id)
-        new_map.find_node(vrt_id, max_depth: max_depth)
+        new_map.find_node(vrt_id, max_depth:)
       else
         parent = vrt_id.split('.')[0..-2].join('.')
         return nil if parent.empty?

diff --git a/lib/vrt/map.rb b/lib/vrt/map.rb
@@ -18,7 +18,7 @@ def initialize(version = nil)
     end
 
     def find_node(string, max_depth: 'variant')
-      @_found_nodes[string + max_depth] ||= walk_node_tree(string, max_depth: max_depth)
+      @_found_nodes[string + max_depth] ||= walk_node_tree(string, max_depth:)
     end
 
     def valid?(vrt_id)
@@ -52,7 +52,7 @@ def construct_lineage(string, max_depth)
       return unless valid_identifier?(string)
 
       lineage = ''
-      walk_node_tree(string, max_depth: max_depth) do |ids, node, level|
+      walk_node_tree(string, max_depth:) do |ids, node, level|
         return unless node
 
         lineage += node.name

diff --git a/lib/vrt/mapping.rb b/lib/vrt/mapping.rb
@@ -13,6 +13,8 @@ def initialize(scheme, subdirectory = nil)
     # returns the most specific value provided in the mapping file for the given vrt id
     #
     # if no mapping file exists for the given version, the mapping file for the earliest version available will be used
+    # rubocop:disable Metrics/CyclomaticComplexity
+    # rubocop:disable Metrics/PerceivedComplexity
     def get(id_list, version)
       # update the vrt id to the first version we have a mapping file for
       unless @mappings.key?(version)
@@ -29,15 +31,17 @@ def get(id_list, version)
         # { remediation_advice: { remediation_advice: '...', references: [...] } }
         keys.each_with_object({}) do |key, acc|
           acc[key.to_sym] = get_key(
-            id_list: id_list,
-            mapping: mapping,
-            key: key
+            id_list:,
+            mapping:,
+            key:
           ) || default&.dig(key)
         end
       else
-        get_key(id_list: id_list, mapping: mapping, key: @scheme) || default
+        get_key(id_list:, mapping:, key: @scheme) || default
       end
     end
+    # rubocop:enable Metrics/CyclomaticComplexity
+    # rubocop:enable Metrics/PerceivedComplexity
 
     private
 
@@ -74,7 +78,7 @@ def key_by_id(mapping)
       if mapping.is_a?(Array) && mapping.first.is_a?(Hash) && mapping.first.key?('id')
         mapping.each_with_object({}) { |entry, acc| acc[entry['id'].to_sym] = key_by_id(entry) }
       elsif mapping.is_a?(Hash)
-        mapping.each_with_object({}) { |(key, value), acc| acc[key] = key_by_id(value) }
+        mapping.transform_values { |value| key_by_id(value) }
       else
         mapping
       end

diff --git a/lib/vrt/node.rb b/lib/vrt/node.rb
@@ -24,11 +24,11 @@ def construct_vrt_id
     end
 
     def mappings
-      Hash[VRT.mappings.map { |name, map| [name, map.get(id_list, @version)] }]
+      VRT.mappings.transform_values { |map| map.get(id_list, @version) }
     end
 
     def third_party_links
-      Hash[VRT.third_party_links.map { |name, map| [name, map.get(id_list, @version)] }]
+      VRT.third_party_links.transform_values { |map| map.get(id_list, @version) }
     end
 
     def id_list

diff --git a/lib/vrt/third_party_links.rb b/lib/vrt/third_party_links.rb
@@ -27,7 +27,7 @@ def load_mappings
 
     # For flat third party links ther is no hierarchical step up
     def get_key(id_list:, mapping:, key: nil) # rubocop:disable Lint/UnusedMethodArgument
-      mapping.dig(id_list.join('.'))
+      mapping[id_list.join('.')]
     end
   end
 end
diff --git a/spec/vrt_spec.rb b/spec/vrt_spec.rb
@@ -69,9 +69,9 @@
   describe '#find_node' do
     subject(:found_node) do
       described_class.find_node(
-        vrt_id: vrt_id,
+        vrt_id:,
         preferred_version: new_version,
-        max_depth: max_depth
+        max_depth:
       )
     end
 

diff --git a/vrt.gemspec b/vrt.gemspec
@@ -7,22 +7,25 @@ Gem::Specification.new do |spec|
   spec.name          = 'vrt'
   spec.version       = Vrt::VERSION
   spec.platform      = Gem::Platform::RUBY
-  spec.authors       = ['Barnett Klane', 'Max Schwenk', 'Adam David']
-  spec.email         = ['[email protected]', '[email protected]', '[email protected]']
+  spec.authors       = ['Barnett Klane', 'Max Schwenk', 'Adam David',
+                        'Abhinav Nain']
+  spec.email         = ['[email protected]', '[email protected]',
+                        '[email protected]',
+                        '[email protected]']
   spec.date          = Date.today.to_s
   spec.summary       = "Ruby wrapper for Bugcrowd\'s Vulnerability Rating Taxonomy"
   spec.homepage      = 'https://github.com/bugcrowd/vrt-ruby'
   spec.license       = 'MIT'
   spec.files         = Dir['lib/**/*.{rb,json}']
   spec.require_paths = ['lib']
-  spec.required_ruby_version = '>= 2.4'
+  spec.required_ruby_version = '>= 3.1'
 
-  spec.add_development_dependency 'bundler', '~> 2.1'
-  spec.add_development_dependency 'pry', '~> 0.11'
-  spec.add_development_dependency 'rake', '~> 12.3'
-  spec.add_development_dependency 'rspec', '~> 3.6'
+  spec.add_development_dependency 'bundler', '~> 2.5.14'
+  spec.add_development_dependency 'pry', '~> 0.14.2'
+  spec.add_development_dependency 'rake', '~> 13.2.1'
+  spec.add_development_dependency 'rspec', '~> 3.13'
   # TODO: investigate why rubocop's jaro-winkler dependency fails to install in our alpine linux image
-  spec.add_development_dependency 'rubocop', '0.56.0'
+  spec.add_development_dependency 'rubocop', '1.52.1'
   spec.metadata = {
     'homepage_uri' => 'https://github.com/bugcrowd/vrt-ruby',
     'changelog_uri' => 'https://github.com/bugcrowd/vrt-ruby/blob/master/CHANGELOG.md',