🚨 [security] Update rubocop 1.75.6 → 1.88.2 (minor)#367
Open
depfu[bot] wants to merge 1 commit into
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🚨 Your current dependencies have known security vulnerabilities 🚨
This dependency update fixes known security vulnerabilities. Please see the details below and assess their impact carefully. We recommend to merge and deploy this as soon as possible!
Here is everything you need to know about this update. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ rubocop (1.75.6 → 1.88.2) · Repo · Changelog
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
✳️ bundler-audit (0.9.2 → 0.9.3) · Repo · Changelog
Release Notes
0.9.3
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 16 commits:
Updated the ChangeLog for 0.9.3.Version bump to 0.9.3.Added Ruby 4.0 to the CI matrix.Added Ruby 3.5 to the CI matrix.Require rubygems-tasks ~> 0.3 for Ruby 3.5 and 4.0.Allow using bundler 4.xRemove syntax highlighting from example output.Be consistent and only use markdown code fences.Fixed typo in `@return` tag.Update RubyGems in GitHub Actions CI (#406)Added Ruby 3.4 to the GitHub CI matrix.Disable new rubocops.Default `check --database` to `Database::DEFAULT_PATH`.Switched to using `Database::DEFAULT_PATH` instead of `Database.path`.Disable the `Gemspec/RequireMFA` rule since it's not aware of `gemspec.yml`.Added gem metadata and corrected links in gemspec.ymlSecurity Advisories 🚨
🚨 Ruby JSON has a format string injection vulnerability
🚨 Ruby JSON has a format string injection vulnerability
🚨 Ruby JSON has a format string injection vulnerability
Release Notes
Too many releases to show here. View the full release notes.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
3.17.0.6 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 31 commits:
Setup trusted publishingRelease 3.17.0.6Merge pull request #141 from mtsmfm/mtsmfm/fix-generate-file-rbRegenerate protocol filesRemove Node generator stackFix Ruby protocol generatorMerge pull request #142 from mtsmfm/mtsmfm/downstream-testAdd dependent test workflowMerge pull request #137 from mtsmfm/mtsmfm/tweak-gemfileDo not specify activesupport versionMerge pull request #135 from mtsmfm/renovate/ruby-4.xUpdate dependency ruby to v4.0.5Merge pull request #134 from mtsmfm/mtsmfm/update-rubyUpdate Ruby for development toolsMerge pull request #132 from mtsmfm/renovate/actions-checkout-7.xUpdate actions/checkout action to v7Merge pull request #131 from mtsmfm/renovate/ruby-on-rails-packagesMerge pull request #125 from mtsmfm/mtsmfm/fix-steep-issueFix Steep type checkingUpdate dependency activesupport to "< 8.1.4"Merge pull request #130 from mtsmfm/mtsmfm/update-github-workflow-versionsUpdate GitHub workflow versionsMerge pull request #129 from mtsmfm/renovate/rubygems-concurrent-ruby-vulnerabilityMerge pull request #128 from mtsmfm/renovate/rubygems-activesupport-vulnerabilityUpdate dependency concurrent-ruby to v1.3.7 [SECURITY]Update dependency activesupport to v7.2.3.1 [SECURITY]Merge pull request #127 from mtsmfm/mtsmfm/simplify-generator-workflowSimplify generator workflowMerge pull request #126 from mtsmfm/mtsmfm/fix-activesupport-ciFix ActiveSupport setup in CIMerge pull request #99 from mtsmfm/renovate/ruby-3.xCommits
See the full diff on Github. The new version differs by 5 commits:
v1.28.0Merge pull request #360 from grosser/grosser/dumpdump undumpable exceptions without cause if that fixes the issueMerge pull request #358 from grosser/grosser/upbundle and cleanup test duplicationRelease Notes
3.3.11.1 (from changelog)
3.3.11.0 (from changelog)
3.3.10.2 (from changelog)
3.3.10.1 (from changelog)
3.3.10.0 (from changelog)
3.3.9.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 26 commits:
Update changelog.Bump version* Bump maintenance branches to 3.2.11 (#1089)Update changelog.Update changelog.Bump version* Bump maintenance branches to 3.3.11 (#1088)Update changelog.Update changelog.Bump version+ add `blocknilarg` for prism (#1087)Update changelog.Bump version* Bump maintenance branches to 3.2.10 (#1085)Relax Bundler version for development (#1086)Update changelog.Update changelog.Bump version* Bump maintenance branches to 3.3.10 (#1083)Use `Prism::Translation::ParserCurrent` in prism docs (#1073)Update changelog.Update changelog.Bump version* Bump maintenance branches to 3.3.9 (#1080)* Bump maintenance branches to 3.2.9 (#1079)Update changelog.Release Notes
1.9.0
1.8.1
1.8.0
1.7.0
1.6.0
1.5.2
1.5.1
1.5.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
2.12.0 (from changelog)
2.11.3 (from changelog)
2.11.2 (from changelog)
2.11.1 (from changelog)
2.11.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 35 commits:
Release v2.12.0Disable gouteur for mutantAdd ruby 4 unicode propertiesRelease v2.11.3Clean up ragel out put some moreDeduplicate transitionMerge pull request #106 from Earlopain/fix-utf8-escapes-in-setsMerge pull request #105 from Earlopain/ragel-rake-buildin-commandFix UTF8 escapes in character classesFix `bundle exec rake install` when `command` is buildinRelease v2.11.2Standardize changelogMerge pull request #103 from ammar/handle-custom-encoding-optsRespect encoding in custom options argumentsMerge pull request #101 from tagliala/chore/100-changelog-fslAdd changelog entry for Frozen String LiteralsMerge pull request #98 from tagliala/feature/frozen-string-literalsUse latest rubygems ...Merge branch 'master' into feature/frozen-string-literalsRelease v2.11.1Add ruby-head unicode propertiesRemove redundant selfFix an accessor for Ruby <= 2.5Fix compatibility with old RubiesRemove scheduled tests ...Simplify ragel taskEnable Frozen String LiteralsRelease v2.11.0Update years [ci skip]Merge pull request #97 from ammar/fix-multidigit-backrefsRemove broken README badge [ci skip]Fix scanning of multi-digit numerical backrefsMerge pull request #95 from ammar/add-utf8-hexAdd utf8_hex token and expression ...Run rubocop with correct TargetRubyVersion ...Release Notes
1.50.0 (from changelog)
1.49.1 (from changelog)
1.49.0
1.48.0
1.47.1 (from changelog)
1.47.0 (from changelog)
1.46.0
1.45.1
1.45.0
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by more commits than we can show here.
Release Notes
3.2.0 (from changelog)
3.1.5 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 6 commits:
Release v3.2.0Unicode 17Release v3.1.5Merge pull request #30 from Earlopain/memoize-recommendMemoize `EmojiSupport.recommended`Improve READMERelease Notes
4.2.0 (from changelog)
4.1.0 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 16 commits:
Release v4.2.0Update CLDR to v48Fix: Emoji file not actually cachedRemove Non-Emoji pictographs from spec, since they have been removed in Unicode 17Fix Rakefile: Run both spec filesAdd mutex_m and ostruct to Gemfile, since they are not a default gem anymoreMerge pull request #17 from taketo1113/relax-require-rubyRelax `required_ruby_version` to support Ruby 4.0Add Unicode version and fix location of emoji test data #16Add Ruby 3.4 to unix CI tooRelease v4.1.0Unicode 17Merge pull request #15 from digitalmoksha/bw-ruby-3-4-ciAdd Ruby 3.4 to CI matrixUpdate CLDR to v47Add link to supported Emoji versions per Ruby versionDepfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase.All Depfu comment commands