Update rubocop-rails 2.22.2 → 2.25.1 (minor)

[depfu]

Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.

What changed?

✳️ rubocop-rails (2.22.2 → 2.25.1) · Repo · Changelog

Release Notes

2.25.1

Bug fixes

• #1280: Look for change_column_null for Rails/BulkChangeTable. (@ccutrer)
• #1299: Fix an error for Rails/NotNullColumn when the block for change_table is empty. (@earlopain)
• #1281: Fix Rails/WhereRange autocorrect for complex expressions. (@fatkodima)
• #1282: Fix Rails/WhereRange to correctly handle template strings with extra spaces. (@fatkodima)

Changes

• #1295: Cover validates_comparison_of in Rails/Validation. (@ChaelCodes)
• #1288: Let Rails/LinkToBlank look into link_to_if and link_to_unless, too. (@fwolfst)
• #1286: Mark Rails/SkipsModelValidations as unsafe. (@koic)
• #1283: Mark Rails/WhereRange as unsafe autocorrect. (@fatkodima)

2.25.0

New features

• #1272: Add new Rails/WhereRange cop. (@fatkodima)

Bug fixes

• #1270: Fix an incorrect autocorrect for Rails/Validation when using validates_size_of. (@koic)
• #1278: Fix a false positive for Rails/SkipsModelValidations when using insert or insert! with a safe navigator. (@tldn0718)
• #1260: Fix a performance regression caused by Rails/UnknownEnv when using Rails 7.1. (@lukasfroehlich1)

Changes

• #1249: Disable Rails/UnusedIgnoredColumns by default. (@earlopain)
• #1266: Check change_table calls for offenses. (@ccutrer)
• #1267: Make Rails/HttpStatus aware of Rails-specific response assertions. (@tldn0718)
• #1137: Migrate to TargetRailsVersion the new requires_gem API. (@amomchilov)

2.24.1

Bug fixes

• #1244: Fix a false positive for Rails/ActionControllerFlashBeforeRender when returning redirect_to. (@earlopain)
• #1255: Fix an error for Rails/UniqBeforePluck with EnforcedStyle: aggressive when no receiver. (@earlopain)
• #1247: Fix an error for Rails/UnusedIgnoredColumns when without tables in db/schema.rb. (@koic)
• #1253: Fix an error for Rails/WhereMissing with leading where without receiver. (@earlopain)
• #1254: Fix an error for Rails/ExpandedDateRange when passing an argument only to the first method call for weeks. (@earlopain)
• #1256: Fix an error for Rails/ActiveSupportOnLoad when calling without arguments. (@earlopain)
• #1230: Fix a false positive for Rails/SaveBang if persisted? is checked on parenthesised expression. (@earlopain)
• #1200: Make Rails/TimeZone aware of safe navigation. (@earlopain)

Changes

• #1257: Add Rails 7.1 load hooks and active_record_sqlite3adapter to Rails/ActiveSupportOnLoad. (@earlopain)

2.24.0

New features

• #1245: Support Prism as a Ruby parser (experimental). (@koic)

Bug fixes

• #1234: Fix an incorrect autocorrect for Rails/FindBy when using multi-line leading dot method calls. (@ymap)
• #1241: Fix an error for Rails/WhereExists with EnforcedStyle: where and implicit receivers. (@earlopain)

Changes

• #1229: Make Rails/EnvironmentVariableAccess aware of initializers. (@markokajzer)
• #1231: Remove object_id from Rails/DangerousColumnNames targets. (@r7kamura)

2.23.1

Bug fixes

• #1221: Fix an exception in Rails/WhereNot when calling .where on an implicit receiver (e.g. inside model code). (@bquorning)

2.23.0

New features

• #1183: Support PostGIS adapter for PostgreSQL. (@Dania02525)

Bug fixes

• #1206: Fix an error for Rails/WhereMissing where join method is called without arguments. (@fatkodima)
• #1189: Fix false negatives for Rails/Pluck when using safe navigation method calls. (@koic)
• #1204: Make Rails/ActiveSupportAliases, Rails/FindBy, Rails/FindById, Rails/Inquiry, Rails/Pick Rails/PluckId, Rails/PluckInWhere, Rails/WhereEquals, Rails/WhereExists, and Rails/WhereNot cops aware of safe navigation operator. (@koic)

Changes

• #1213: Update Rails/PluckInWhere to check for .ids call. (@fatkodima)
• #1181: Support Nokogiri::HTML.parse and Nokogiri::HTML5.parse on Rails/ResponseParsedBody. (@r7kamura)
• #1198: Support where.not for Rails/PluckInWhere. (@fatkodima)

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by more commits than we can show here.

↗️ concurrent-ruby (indirect, 1.3.1 → 1.3.3) · Repo · Changelog

Release Notes

1.3.3

What's Changed

• Improve speed for windows Get-CimInstance by @Earlopain in #1053

Full Changelog: v1.3.2...v1.3.3

1.3.2

What's Changed

• Fix method name in CHANGELOG.md by @nertzy in #1049
• Remove dependency on win32ole by @Earlopain in #1051

New Contributors

• @nertzy made their first contribution in #1049
• @Earlopain made their first contribution in #1051

Full Changelog: v1.3.1...v1.3.2

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 12 commits:

• 1.3.3
• Improve speed for windows `Get-CimInstance`
• 1.3.2
• Add a windows job to CI
• Remove dependency on `win32ole`
• Automatically run bundle install before running tests
• Release edge 0.7.1
• Make it possible to publish edge without base
• Ensure JRuby is used in release tests
• Fix concurrent-ruby-edge to depend on `~> MAJOR.MINOR` of concurrent-ruby
• Get RakeCompilerDock to work with either podman or docker, based on what is installed
• Fix method name in CHANGELOG.md

↗️ minitest (indirect, 5.23.1 → 5.24.1) · Repo · Changelog

Release Notes

5.24.0 (from changelog)

• 2 minor enhancements:

  • Added Minitest.register_plugin.

  • Extended plugin system to work with modules/classes for opt-out plugins.

• 1 bug fix:

  • Removed anacronism, but allow load_plugins to exit gracefully if –disable=gems.

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 8 commits:

• Branching minitest to version 5.24.1
• - Fix the error message when an extension is invalid value. (y-yagi)
• prepped for release
• + Added Minitest.register_plugin.
• Remove more anacronisms. Allow tests to pass w/o rubygems loaded.
• - Removed anacronism, but allow load_plugins to exit gracefully if --disable=gems.
• Fix one failing tests when string literals are frozen.
• Moved some methods around to follow actual call structure a bit better.

↗️ parallel (indirect, 1.24.0 → 1.25.1) · Repo

Commits

See the full diff on Github. The new version differs by 19 commits:

• v1.25.1
• Merge pull request #347 from Earlopain/speedup-windows-cpu
• Improve speed for `Get-CimInstance`
• v1.25.0
• Merge pull request #346 from Earlopain/drop-win32ole
• Add Ruby 3.3 to CI
• Bump `sqlite3` to solve compilation failures with latest lib
• Bump `actions/checkout` to v4
• Remove dependency on `win32ole`
• Merge pull request #344 from grosser/grosser/read
• example for proc usage
• Merge pull request #343 from grosser/grosser/bump
• rubocop: fix assignment in condition
• update rubocop
• fix rubocop
• update ruby requirements
• Merge pull request #341 from MITSUBOSHI/remove-unneeded-travis-env
• Remove unneeded ENV['TRAVIS'] from spec
• thx for the pr

↗️ parser (indirect, 3.3.2.0 → 3.3.3.0) · Repo · Changelog

Release Notes

3.3.3.0 (from changelog)

API modifications:

• Bump maintenance branches to 3.3.3 (#1023) (Koichi ITO)
• Bump Racc to 1.8.0 (#1018) (Koichi ITO)

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 5 commits:

• Update changelog.
• Bump version.
• * Bump maintenance branches to 3.3.3 (#1023)
• * Bump Racc to 1.8.0 (#1018)
• Update changelog.

↗️ rack (indirect, 3.0.11 → 3.1.4) · Repo · Changelog

Release Notes

3.1.4 (from changelog)

Fixed

• Fix Rack::Lint matching some paths incorrectly as authority form. (#2220, @ioquatix)

3.1.2 (from changelog)

• Rack::Response will take in to consideration chunked encoding responses (#2204, [@tenderlove])

3.1.1 (from changelog)

• Oops! I shouldn't have shipped that

3.1.0 (from changelog)

Rack v3.1 is primarily a maintenance release that removes features deprecated in Rack v3.0. Alongside these removals, there are several improvements to the Rack SPEC, mainly focused on enhancing input and output handling. These changes aim to make Rack more efficient and align better with the requirements of server implementations and relevant HTTP specifications.

SPEC Changes

• rack.input is now optional. (#1997, #2018, @ioquatix)
• PATH_INFO is now validated according to the HTTP/1.1 specification. (#2117, #2181, @ioquatix)
  • OPTIONS * is now accepted. (#2114, @doriantaylor)
• Introduce optional rack.protocol request and response header for handling connection upgrades. (#1954, @ioquatix)

Added

• Introduce Rack::Multipart::MissingInputError for improved handling of missing input in #parse_multipart. (#2018, @ioquatix)
• Introduce module Rack::BadRequest which is included in multipart and query parser errors. (#2019, @ioquatix)
• Add .mjs MIME type (#2057, @axilleas)
• set_cookie_header utility now supports the partitioned cookie attribute. This is required by Chrome in some embedded contexts. (#2131, @flavio-b)
• Introduce rack.early_hints for sending 103 Early Hints informational responses. (#1831, @casperisfine, @jeremyevans)

Changed

• MIME type for JavaScript files (.js) changed from application/javascript to text/javascript (1bd0f15, @ioquatix)
• Update MIME types associated to .ttf, .woff, .woff2 and .otf extensions to use mondern font/* types. (#2065, @davidstosik)
• Rack::Utils.escape_html is now delegated to CGI.escapeHTML. ' is escaped to #39; instead of #x27;. (decimal vs hexadecimal) (#2099, @JunichiIto)
• Clarify use of @buffered and only update content-length when Rack::Response#finish is invoked. (#2149, @ioquatix)

Deprecated

• Deprecate automatic cache invalidation in Request#{GET,POST} (#2073, @jeremyevans)
• Only cookie keys that are not valid according to the HTTP specifications are escaped. We are planning to deprecate this behaviour, so now a deprecation message will be emitted in this case. In the future, invalid cookie keys may not be accepted. (#2191, @ioquatix)
• Rack::Logger is deprecated. (#2197, @ioquatix)
• Add fallback lookup and deprecation warning for obsolete status symbols. (#2137, @wtn)

Removed

• Remove deprecated Rack::Auth::Digest with no replacement. (#1966, @ioquatix)
• Remove deprecated Rack::Cascade::NotFound with no replacement. (#1966, @ioquatix)
• Remove deprecated Rack::Chunked with no replacement. (#1966, @ioquatix)
• Remove deprecated Rack::File, use Rack::Files instead. (#1966, @ioquatix)
• Remove deprecated Rack::QueryParser key_space_limit parameter with no replacement. (#1966, @ioquatix)
• Remove deprecated Rack::Response#header, use Rack::Response#headers instead. (#1966, @ioquatix)
• Remove deprecated cookie methods from Rack::Utils: add_cookie_to_header, make_delete_cookie_header, add_remove_cookie_to_header. (#1966, @ioquatix)
• Remove deprecated Rack::Utils::HeaderHash. (#1966, @ioquatix)
• Remove deprecated Rack::VERSION, Rack::VERSION_STRING, Rack.version, use Rack.release instead. (#1966, @ioquatix)
• Remove non-standard status codes 306, 509, & 510 and update descriptions for 413, 422, & 451. (#2137, @wtn)
• Remove any dependency on transfer-encoding: chunked. (#2195, @ioquatix)

Fixed

• In Rack::Files, ignore the Range header if served file is 0 bytes. (#2159, [@zarqman])

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 2 commits:

• Bump patch version.
• Don't allow authority to match path. (#2220)

↗️ rexml (indirect, 3.2.8 → 3.3.1) · Repo · Changelog

Release Notes

3.3.1

Improvements

• Added support for detecting malformed top-level comments.

  • GH-145
  • Patch by Hiroya Fujinami.

• Improved REXML::Element#attribute performance.

  • GH-146
  • Patch by Hiroya Fujinami.

• Added support for detecting malformed <!--> comments.

  • GH-147
  • Patch by Hiroya Fujinami.

• Added support for detecting unclosed DOCTYPE.

  • GH-152
  • Patch by Hiroya Fujinami.

• Added changlog_uri metadata to gemspec.

  • GH-156
  • Patch by fynsta.

• Improved parse performance.

  • GH-157
  • GH-158
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that large XML can't be parsed.

  • GH-154
  • Patch by NAITOH Jun.

• Fixed a bug that private constants are visible.

  • GH-155
  • Patch by NAITOH Jun.

Thanks

• Hiroya Fujinami

• NAITOH Jun

• fynsta

3.3.0

Improvements

• Added support for strscan 0.7.0 installed with Ruby 2.6.
  • GH-142
  • Reported by Fernando Trigoso.

Thanks

• Fernando Trigoso

3.2.9

Improvements

• Added support for old strscan.

  • GH-132
  • Reported by Adam

• Improved attribute value parse performance.

  • GH-135
  • Patch by NAITOH Jun.

• Improved REXML::Node#each_recursive performance.

  • GH-134
  • GH-139
  • Patch by Hiroya Fujinami.

• Improved text parse performance.

  • Reported by mprogrammer.

Thanks

• Adam
• NAITOH Jun
• Hiroya Fujinami
• mprogrammer

Does any of this look wrong? Please let us know.

Commits

See the full diff on Github. The new version differs by 32 commits:

• Add 3.3.1 entry
• Optimize BaseParser#unnormalize method (#158)
• Reuse of Set.new at prefixes variables (#157)
• Add changelog_uri to gemspec (#156)
• Don't include private_constant-ed module (#155)
• Fix a bug that a large XML can't be parsed (#154)
• Reject unclosed DOCTYPE on parsing (#153)
• Add a "Malformed comment" check for invalid comments such as `<!-->` (#147)
• Fix small typos (#148)
• Improve `Element#attribute` implementation as 6500x faster (#146)
• Add a "malformed comment" check for top-level comments (#145)
• Remove an unused class var `@@namespaces` (#144)
• Bump version
• Add 3.3.0 entry
• ci: don't use Ruby 2.5 for gem test
• Add support for strscan 0.7.0 installed with Ruby 2.6
• ci document: use the latest Ruby
• news: fix a typo
• Bump version
• Add 3.2.9 entry
• Improve text parse performance
• Improve `Node#each_recursive` performance (#139)
• test: reduce the number of rehearsal executions
• test: improve name
• benchmark: Remove non-parsing operations from the DOM case (#136)
• Optimize Source#read_until method (#135)
• Source#read_until: Add missing position move on all read
• Add missing encode for custom term
• Fix the NEWS.md and change PR reference that fixes CVE-2024-35176 (#133)
• Use /#{Regexp.escape}/ instead of Regexp.union
• Add support for old strscan
• Bump version

---

Depfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with @depfu rebase.

All Depfu comment commands

@​depfu rebase

Rebases against your default branch and redoes this update

@​depfu recreate

Recreates this PR, overwriting any edits that you've made to it

@​depfu merge

Merges this PR once your tests are passing and conflicts are resolved

@​depfu cancel merge

Cancels automatic merging of this PR

@​depfu close

Closes this PR and deletes the branch

@​depfu reopen

Restores the branch and reopens this PR (if it's closed)

@​depfu pause

Ignores all future updates for this dependency and closes this PR

@​depfu pause [minor|major]

Ignores all future minor/major updates for this dependency and closes this PR

@​depfu resume

Future versions of this dependency will create PRs again (leaves this PR as is)

[depfu]

Closed in favor of #385.