From c488821871c2168bd898686061e0ff8689141a16 Mon Sep 17 00:00:00 2001 From: Stephen Crosby Date: Sat, 20 Feb 2016 18:24:18 -0800 Subject: [PATCH 01/93] add CI through travis --- .travis.yml | 9 +++++++++ Gemfile | 2 +- errbit_github_plugin.gemspec | 1 + 3 files changed, 11 insertions(+), 1 deletion(-) create mode 100644 .travis.yml diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 0000000..720b659 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,9 @@ +language: ruby +rvm: + - 2.1 + - 2.2 + - 2.3 +sudo: false +cache: bundler +script: + - bundle exec rspec diff --git a/Gemfile b/Gemfile index cbd451e..5ee986f 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ source 'https://rubygems.org' # Specify your gem's dependencies in errbit_github_plugin.gemspec gemspec -gem 'errbit_plugin', :git => 'https://github.com/errbit/errbit_plugin.git' +gem 'errbit_plugin' gem 'rspec' gem 'guard' gem 'guard-rspec' diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 6170215..53d31f5 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -24,4 +24,5 @@ Gem::Specification.new do |spec| spec.add_development_dependency "bundler", "~> 1.3" spec.add_development_dependency "rake" + spec.add_development_dependency "activesupport" end From 5631dc959de5f600014610bdb131aa422fcbd8f8 Mon Sep 17 00:00:00 2001 From: Marvin Frederickson Date: Sat, 20 Feb 2016 22:13:16 -0900 Subject: [PATCH 02/93] add feature to close an issue --- lib/errbit_github_plugin/issue_tracker.rb | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/lib/errbit_github_plugin/issue_tracker.rb b/lib/errbit_github_plugin/issue_tracker.rb index 1329cab..3587972 100644 --- a/lib/errbit_github_plugin/issue_tracker.rb +++ b/lib/errbit_github_plugin/issue_tracker.rb @@ -82,5 +82,23 @@ def create_issue(title, body, user: {}) rescue Octokit::Unauthorized raise ErrbitGithubPlugin::AuthenticationError, "Could not authenticate with GitHub. Please check your username and password." end + + def close_issue(url, user: {}) + if user['github_login'] && user['github_oauth_token'] + github_client = Octokit::Client.new( + login: user['github_login'], access_token: user['github_oauth_token']) + else + github_client = Octokit::Client.new( + login: options['username'], password: options['password']) + end + # It would be better to get the number from issue.number when we create the issue, + # however, since we only have the url, get the number from it. + # ex: "https://github.com/octocat/Hello-World/issues/1347" + issue_number = url.split("/").last + issue = github_client.close_issue(repo, issue_number) + issue.html_url + rescue Octokit::Unauthorized + raise ErrbitGithubPlugin::AuthenticationError, "Could not authenticate with GitHub. Please check your username and password." + end end end From 87468e3502954b11a48d8792cbb4c5451594791a Mon Sep 17 00:00:00 2001 From: Marvin Frederickson Date: Thu, 10 Mar 2016 09:05:33 -0900 Subject: [PATCH 03/93] update from 2.3 to 2.3.0 --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 720b659..bfe7a09 100644 --- a/.travis.yml +++ b/.travis.yml @@ -2,7 +2,7 @@ language: ruby rvm: - 2.1 - 2.2 - - 2.3 + - 2.3.0 sudo: false cache: bundler script: From 3ef86ca24636ce48d5b97df71b9beaf2fea08aa0 Mon Sep 17 00:00:00 2001 From: Stephen Crosby Date: Fri, 11 Mar 2016 09:24:22 -0800 Subject: [PATCH 04/93] Move dependencies into gemspec and prepare v0.3.0 --- Gemfile | 8 -------- errbit_github_plugin.gemspec | 26 +++++++++++++++----------- lib/errbit_github_plugin/version.rb | 2 +- 3 files changed, 16 insertions(+), 20 deletions(-) diff --git a/Gemfile b/Gemfile index 5ee986f..851fabc 100644 --- a/Gemfile +++ b/Gemfile @@ -1,10 +1,2 @@ source 'https://rubygems.org' - -# Specify your gem's dependencies in errbit_github_plugin.gemspec gemspec - -gem 'errbit_plugin' -gem 'rspec' -gem 'guard' -gem 'guard-rspec' -gem 'coveralls', :require => false diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 53d31f5..90d75c9 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -4,25 +4,29 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'errbit_github_plugin/version' Gem::Specification.new do |spec| - spec.name = "errbit_github_plugin" + spec.name = 'errbit_github_plugin' spec.version = ErrbitGithubPlugin::VERSION - spec.authors = ["Stephen Crosby", "Cyril Mougel"] - spec.email = ["stevecrozz@gmail.com", "cyril.mougel@gmail.com"] + spec.authors = ['Stephen Crosby'] + spec.email = ['stevecrozz@gmail.com'] spec.description = %q{GitHub integration for Errbit} spec.summary = %q{GitHub integration for Errbit} - spec.homepage = "https://github.com/errbit/errbit_github_plugin" - spec.license = "MIT" + spec.homepage = 'https://github.com/errbit/errbit_github_plugin' + spec.license = 'MIT' spec.files = `git ls-files`.split($/) spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } spec.test_files = spec.files.grep(%r{^(test|spec|features)/}) - spec.require_paths = ["lib"] + spec.require_paths = ['lib'] - spec.add_dependency "errbit_plugin" - spec.add_dependency "octokit" + spec.add_dependency 'errbit_plugin' + spec.add_dependency 'octokit' - spec.add_development_dependency "bundler", "~> 1.3" - spec.add_development_dependency "rake" - spec.add_development_dependency "activesupport" + spec.add_development_dependency 'rspec' + spec.add_development_dependency 'guard' + spec.add_development_dependency 'guard-rspec' + spec.add_development_dependency 'coveralls' + spec.add_development_dependency 'bundler' + spec.add_development_dependency 'rake' + spec.add_development_dependency 'activesupport' end diff --git a/lib/errbit_github_plugin/version.rb b/lib/errbit_github_plugin/version.rb index 95c2335..05c5a27 100644 --- a/lib/errbit_github_plugin/version.rb +++ b/lib/errbit_github_plugin/version.rb @@ -1,3 +1,3 @@ module ErrbitGithubPlugin - VERSION = "0.2.0" + VERSION = '0.3.0' end From 0e06c949dbabf4c5b85ffa15ad7e8fd1bd8bcc13 Mon Sep 17 00:00:00 2001 From: Stephen Crosby Date: Fri, 11 Mar 2016 09:33:11 -0800 Subject: [PATCH 05/93] replace the boilerplate readme --- README.md | 32 +++++--------------------------- 1 file changed, 5 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index f62cdde..1cb7efe 100644 --- a/README.md +++ b/README.md @@ -1,29 +1,7 @@ -# ErrbitGithubPlugin +# Errbit Github Plugin [![TravisCI][travis-img-url]][travis-ci-url] -TODO: Write a gem description +[travis-img-url]: https://travis-ci.org/errbit/errbit_github_plugin.svg?branch=master +[travis-ci-url]: http://travis-ci.org/errbit/errbit_github_plugin -## Installation - -Add this line to your application's Gemfile: - - gem 'errbit_github_plugin' - -And then execute: - - $ bundle - -Or install it yourself as: - - $ gem install errbit_github_plugin - -## Usage - -TODO: Write usage instructions here - -## Contributing - -1. Fork it -2. Create your feature branch (`git checkout -b my-new-feature`) -3. Commit your changes (`git commit -am 'Add some feature'`) -4. Push to the branch (`git push origin my-new-feature`) -5. Create new Pull Request +This plugin provides GitHub issue tracker integration for Errbit and it is the +only plugin included by default in Errbit. From df5959320a90a9aa45039a13ac2e5d930b3c2e10 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Thu, 10 Apr 2025 22:06:56 +0200 Subject: [PATCH 06/93] Cleanup (#14) * Remove .travis.yml * Remove dead Travis CI badge * Remove '# coding: utf-8' * Bump version to 0.4.0 * Add .ruby-version * Add Gemfile.lock * Remove coveralls * Add simplecov gem * Configure simplecov * Remove development dependency: bundler * Remove guard-rspec * Remove guard --- .gitignore | 1 - .ruby-version | 1 + .travis.yml | 9 --- Gemfile | 3 + Gemfile.lock | 100 ++++++++++++++++++++++++++++ README.md | 5 +- errbit_github_plugin.gemspec | 5 -- lib/errbit_github_plugin/version.rb | 2 +- spec/spec_helper.rb | 14 +--- 9 files changed, 108 insertions(+), 32 deletions(-) create mode 100644 .ruby-version delete mode 100644 .travis.yml create mode 100644 Gemfile.lock diff --git a/.gitignore b/.gitignore index f294155..2e679cf 100644 --- a/.gitignore +++ b/.gitignore @@ -3,7 +3,6 @@ .bundle .config .yardoc -Gemfile.lock InstalledFiles _yardoc coverage diff --git a/.ruby-version b/.ruby-version new file mode 100644 index 0000000..23887f6 --- /dev/null +++ b/.ruby-version @@ -0,0 +1 @@ +3.1.7 diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index bfe7a09..0000000 --- a/.travis.yml +++ /dev/null @@ -1,9 +0,0 @@ -language: ruby -rvm: - - 2.1 - - 2.2 - - 2.3.0 -sudo: false -cache: bundler -script: - - bundle exec rspec diff --git a/Gemfile b/Gemfile index 851fabc..fffa200 100644 --- a/Gemfile +++ b/Gemfile @@ -1,2 +1,5 @@ source 'https://rubygems.org' + gemspec + +gem "simplecov", require: false diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 0000000..c61dba7 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,100 @@ +PATH + remote: . + specs: + errbit_github_plugin (0.4.0) + errbit_plugin + octokit + +GEM + remote: https://rubygems.org/ + specs: + activesupport (7.2.2.1) + base64 + benchmark (>= 0.3) + bigdecimal + concurrent-ruby (~> 1.0, >= 1.3.1) + connection_pool (>= 2.2.5) + drb + i18n (>= 1.6, < 2) + logger (>= 1.4.2) + minitest (>= 5.1) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) + addressable (2.8.7) + public_suffix (>= 2.0.2, < 7.0) + base64 (0.2.0) + benchmark (0.4.0) + bigdecimal (3.1.9) + concurrent-ruby (1.3.5) + connection_pool (2.5.0) + diff-lcs (1.6.1) + docile (1.4.1) + drb (2.2.1) + errbit_plugin (0.6.0) + faraday (2.13.0) + faraday-net_http (>= 2.0, < 3.5) + json + logger + faraday-net_http (3.4.0) + net-http (>= 0.5.0) + i18n (1.14.7) + concurrent-ruby (~> 1.0) + json (2.10.2) + logger (1.7.0) + minitest (5.25.5) + net-http (0.6.0) + uri + octokit (9.2.0) + faraday (>= 1, < 3) + sawyer (~> 0.9) + public_suffix (6.0.1) + rake (13.2.1) + rspec (3.13.0) + rspec-core (~> 3.13.0) + rspec-expectations (~> 3.13.0) + rspec-mocks (~> 3.13.0) + rspec-core (3.13.3) + rspec-support (~> 3.13.0) + rspec-expectations (3.13.3) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.13.0) + rspec-mocks (3.13.2) + diff-lcs (>= 1.2.0, < 2.0) + rspec-support (~> 3.13.0) + rspec-support (3.13.2) + sawyer (0.9.2) + addressable (>= 2.3.5) + faraday (>= 0.17.3, < 3) + securerandom (0.4.1) + simplecov (0.22.0) + docile (~> 1.1) + simplecov-html (~> 0.11) + simplecov_json_formatter (~> 0.1) + simplecov-html (0.13.1) + simplecov_json_formatter (0.1.4) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + uri (1.0.3) + +PLATFORMS + aarch64-linux-gnu + aarch64-linux-musl + arm-linux-gnu + arm-linux-musl + arm64-darwin + ruby + x86-linux-gnu + x86-linux-musl + x86_64-darwin + x86_64-linux-gnu + x86_64-linux-musl + +DEPENDENCIES + activesupport + errbit_github_plugin! + rake + rspec + simplecov + +BUNDLED WITH + 2.6.7 diff --git a/README.md b/README.md index 1cb7efe..d402b23 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,4 @@ -# Errbit Github Plugin [![TravisCI][travis-img-url]][travis-ci-url] - -[travis-img-url]: https://travis-ci.org/errbit/errbit_github_plugin.svg?branch=master -[travis-ci-url]: http://travis-ci.org/errbit/errbit_github_plugin +# Errbit Github Plugin This plugin provides GitHub issue tracker integration for Errbit and it is the only plugin included by default in Errbit. diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 90d75c9..ff4d35b 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -1,4 +1,3 @@ -# coding: utf-8 lib = File.expand_path('../lib', __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'errbit_github_plugin/version' @@ -23,10 +22,6 @@ Gem::Specification.new do |spec| spec.add_dependency 'octokit' spec.add_development_dependency 'rspec' - spec.add_development_dependency 'guard' - spec.add_development_dependency 'guard-rspec' - spec.add_development_dependency 'coveralls' - spec.add_development_dependency 'bundler' spec.add_development_dependency 'rake' spec.add_development_dependency 'activesupport' end diff --git a/lib/errbit_github_plugin/version.rb b/lib/errbit_github_plugin/version.rb index 05c5a27..5784dc0 100644 --- a/lib/errbit_github_plugin/version.rb +++ b/lib/errbit_github_plugin/version.rb @@ -1,3 +1,3 @@ module ErrbitGithubPlugin - VERSION = '0.3.0' + VERSION = '0.4.0' end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index badea54..03f785b 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,16 +1,6 @@ -if ENV['COVERAGE'] - require 'simplecov' - if ENV['CI'] - require 'coveralls' - Coveralls.wear! - SimpleCov.formatter = SimpleCov::Formatter::MultiFormatter[ - SimpleCov::Formatter::HTMLFormatter, - Coveralls::SimpleCov::Formatter - ] - end +require 'simplecov' - SimpleCov.start -end +SimpleCov.start require 'errbit_plugin' require 'errbit_github_plugin' From f7ea77bbc13738259d9e9d6005d6aeb2e6896f20 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Thu, 10 Apr 2025 22:14:58 +0200 Subject: [PATCH 07/93] GitHub Actions for RSpec and RSpec on JRuby (#15) --- .envrc | 1 + .github/workflows/jruby.yml | 37 +++++++++++++++++++++++++++++++++++++ .github/workflows/rspec.yml | 35 +++++++++++++++++++++++++++++++++++ 3 files changed, 73 insertions(+) create mode 100644 .envrc create mode 100644 .github/workflows/jruby.yml create mode 100644 .github/workflows/rspec.yml diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..9e13309 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +export JRUBY_OPTS="--debug" diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml new file mode 100644 index 0000000..0fd08f3 --- /dev/null +++ b/.github/workflows/jruby.yml @@ -0,0 +1,37 @@ +name: RSpec on JRuby + +on: + push: + branches: + - master + pull_request: + branches: + - master + schedule: + - cron: "0 21 * * 6" + +env: + JRUBY_OPTS: "--debug" + +jobs: + rspec: + runs-on: ubuntu-24.04 + timeout-minutes: 10 + strategy: + fail-fast: false + matrix: + ruby: ["jruby-9.4", "jruby-head"] + + steps: + - uses: actions/checkout@v4 + - run: rm -f Gemfile.lock + - run: rm -f .ruby-version + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby }} + rubygems: latest + bundler: latest + bundler-cache: true + + - run: bundle exec rspec diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml new file mode 100644 index 0000000..2ec973b --- /dev/null +++ b/.github/workflows/rspec.yml @@ -0,0 +1,35 @@ + +name: RSpec + +on: + push: + branches: + - master + pull_request: + branches: + - master + schedule: + - cron: "0 21 * * 6" + +jobs: + rspec: + runs-on: ubuntu-24.04 + timeout-minutes: 10 + strategy: + fail-fast: false + matrix: + ruby: ["3.1", "3.2", "3.3", "3.4"] + + steps: + - uses: actions/checkout@v4 + - run: rm -f Gemfile.lock + - run: rm -f .ruby-version + - name: Set up Ruby + uses: ruby/setup-ruby@v1 + with: + ruby-version: ${{ matrix.ruby }} + rubygems: latest + bundler: latest + bundler-cache: true + + - run: bundle exec rspec From 8813387939e10281814d805d63a4a82f891279a4 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Thu, 10 Apr 2025 22:51:00 +0200 Subject: [PATCH 08/93] Frozen string literal (#16) * frozen_string_literal -> true * Fix FrozenError * Add badges --- Gemfile | 2 ++ README.md | 4 ++++ Rakefile | 2 ++ errbit_github_plugin.gemspec | 2 ++ lib/errbit_github_plugin.rb | 2 ++ lib/errbit_github_plugin/error.rb | 2 ++ lib/errbit_github_plugin/issue_tracker.rb | 10 ++++++---- lib/errbit_github_plugin/version.rb | 2 ++ spec/issue_tracker_spec.rb | 2 ++ spec/spec_helper.rb | 2 ++ 10 files changed, 26 insertions(+), 4 deletions(-) diff --git a/Gemfile b/Gemfile index fffa200..1841665 100644 --- a/Gemfile +++ b/Gemfile @@ -1,3 +1,5 @@ +# frozen_string_literal: true + source 'https://rubygems.org' gemspec diff --git a/README.md b/README.md index d402b23..750e4d0 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,8 @@ # Errbit Github Plugin +[![RSpec](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml) +[![RSpec on JRuby](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml) +[![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/standardrb/standard) + This plugin provides GitHub issue tracker integration for Errbit and it is the only plugin included by default in Errbit. diff --git a/Rakefile b/Rakefile index 2995527..5263b58 100644 --- a/Rakefile +++ b/Rakefile @@ -1 +1,3 @@ +# frozen_string_literal: true + require "bundler/gem_tasks" diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index ff4d35b..413739f 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -1,3 +1,5 @@ +# frozen_string_literal: true + lib = File.expand_path('../lib', __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) require 'errbit_github_plugin/version' diff --git a/lib/errbit_github_plugin.rb b/lib/errbit_github_plugin.rb index fcddc1e..0ae96cb 100644 --- a/lib/errbit_github_plugin.rb +++ b/lib/errbit_github_plugin.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require "errbit_github_plugin/version" require 'errbit_github_plugin/error' require 'errbit_github_plugin/issue_tracker' diff --git a/lib/errbit_github_plugin/error.rb b/lib/errbit_github_plugin/error.rb index dc8859f..655dbf6 100644 --- a/lib/errbit_github_plugin/error.rb +++ b/lib/errbit_github_plugin/error.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + module ErrbitGithubPlugin class AuthenticationError < Exception; end end diff --git a/lib/errbit_github_plugin/issue_tracker.rb b/lib/errbit_github_plugin/issue_tracker.rb index 3587972..c514e84 100644 --- a/lib/errbit_github_plugin/issue_tracker.rb +++ b/lib/errbit_github_plugin/issue_tracker.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'octokit' module ErrbitGithubPlugin @@ -5,10 +7,10 @@ class IssueTracker < ErrbitPlugin::IssueTracker LABEL = 'github' - NOTE = 'Please configure your github repository in the GITHUB ' << - 'REPO field above.
Instead of providing your ' << - 'username & password, you can link your Github account to your ' << - 'user profile, and allow Errbit to create issues using your ' << + NOTE = 'Please configure your github repository in the GITHUB ' \ + 'REPO field above.
Instead of providing your ' \ + 'username & password, you can link your Github account to your ' \ + 'user profile, and allow Errbit to create issues using your ' \ 'OAuth token.' FIELDS = { diff --git a/lib/errbit_github_plugin/version.rb b/lib/errbit_github_plugin/version.rb index 5784dc0..6045bea 100644 --- a/lib/errbit_github_plugin/version.rb +++ b/lib/errbit_github_plugin/version.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + module ErrbitGithubPlugin VERSION = '0.4.0' end diff --git a/spec/issue_tracker_spec.rb b/spec/issue_tracker_spec.rb index 22dd275..61fa658 100644 --- a/spec/issue_tracker_spec.rb +++ b/spec/issue_tracker_spec.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + describe ErrbitGithubPlugin::IssueTracker do describe '.label' do it 'return LABEL' do diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 03f785b..5daef9a 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,3 +1,5 @@ +# frozen_string_literal: true + require 'simplecov' SimpleCov.start From 9158c2d6d200b95978f22f0729ec00552f396c9c Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Thu, 10 Apr 2025 23:00:14 +0200 Subject: [PATCH 09/93] Standard (#17) * Add standard gem * Standard * Standard * Standard * Standard --- Gemfile | 3 +- Gemfile.lock | 46 ++++++++ errbit_github_plugin.gemspec | 37 ++++--- lib/errbit_github_plugin.rb | 8 +- lib/errbit_github_plugin/issue_tracker.rb | 51 ++++----- lib/errbit_github_plugin/version.rb | 2 +- spec/issue_tracker_spec.rb | 121 +++++++++++----------- spec/spec_helper.rb | 10 +- 8 files changed, 163 insertions(+), 115 deletions(-) diff --git a/Gemfile b/Gemfile index 1841665..d910056 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,8 @@ # frozen_string_literal: true -source 'https://rubygems.org' +source "https://rubygems.org" gemspec gem "simplecov", require: false +gem "standard" diff --git a/Gemfile.lock b/Gemfile.lock index c61dba7..65fdbf6 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -22,6 +22,7 @@ GEM tzinfo (~> 2.0, >= 2.0.5) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) + ast (2.4.3) base64 (0.2.0) benchmark (0.4.0) bigdecimal (3.1.9) @@ -40,6 +41,8 @@ GEM i18n (1.14.7) concurrent-ruby (~> 1.0) json (2.10.2) + language_server-protocol (3.17.0.4) + lint_roller (1.1.0) logger (1.7.0) minitest (5.25.5) net-http (0.6.0) @@ -47,8 +50,16 @@ GEM octokit (9.2.0) faraday (>= 1, < 3) sawyer (~> 0.9) + parallel (1.26.3) + parser (3.3.7.4) + ast (~> 2.4.1) + racc + prism (1.4.0) public_suffix (6.0.1) + racc (1.8.1) + rainbow (3.1.1) rake (13.2.1) + regexp_parser (2.10.0) rspec (3.13.0) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) @@ -62,6 +73,25 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) rspec-support (3.13.2) + rubocop (1.75.2) + json (~> 2.3) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.1.0) + parallel (~> 1.10) + parser (>= 3.3.0.2) + rainbow (>= 2.2.2, < 4.0) + regexp_parser (>= 2.9.3, < 3.0) + rubocop-ast (>= 1.44.0, < 2.0) + ruby-progressbar (~> 1.7) + unicode-display_width (>= 2.4.0, < 4.0) + rubocop-ast (1.44.0) + parser (>= 3.3.7.2) + prism (~> 1.4) + rubocop-performance (1.25.0) + lint_roller (~> 1.1) + rubocop (>= 1.75.0, < 2.0) + rubocop-ast (>= 1.38.0, < 2.0) + ruby-progressbar (1.13.0) sawyer (0.9.2) addressable (>= 2.3.5) faraday (>= 0.17.3, < 3) @@ -72,8 +102,23 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.13.1) simplecov_json_formatter (0.1.4) + standard (1.49.0) + language_server-protocol (~> 3.17.0.2) + lint_roller (~> 1.0) + rubocop (~> 1.75.2) + standard-custom (~> 1.0.0) + standard-performance (~> 1.8) + standard-custom (1.0.2) + lint_roller (~> 1.0) + rubocop (~> 1.50) + standard-performance (1.8.0) + lint_roller (~> 1.1) + rubocop-performance (~> 1.25.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) + unicode-display_width (3.1.4) + unicode-emoji (~> 4.0, >= 4.0.4) + unicode-emoji (4.0.4) uri (1.0.3) PLATFORMS @@ -95,6 +140,7 @@ DEPENDENCIES rake rspec simplecov + standard BUNDLED WITH 2.6.7 diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 413739f..4c39511 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -1,29 +1,28 @@ # frozen_string_literal: true -lib = File.expand_path('../lib', __FILE__) +lib = File.expand_path("../lib", __FILE__) $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) -require 'errbit_github_plugin/version' +require "errbit_github_plugin/version" Gem::Specification.new do |spec| - spec.name = 'errbit_github_plugin' - spec.version = ErrbitGithubPlugin::VERSION - spec.authors = ['Stephen Crosby'] - spec.email = ['stevecrozz@gmail.com'] + spec.name = "errbit_github_plugin" + spec.version = ErrbitGithubPlugin::VERSION + spec.authors = ["Stephen Crosby"] + spec.email = ["stevecrozz@gmail.com"] - spec.description = %q{GitHub integration for Errbit} - spec.summary = %q{GitHub integration for Errbit} - spec.homepage = 'https://github.com/errbit/errbit_github_plugin' - spec.license = 'MIT' + spec.description = "GitHub integration for Errbit" + spec.summary = "GitHub integration for Errbit" + spec.homepage = "https://github.com/errbit/errbit_github_plugin" + spec.license = "MIT" - spec.files = `git ls-files`.split($/) - spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } - spec.test_files = spec.files.grep(%r{^(test|spec|features)/}) - spec.require_paths = ['lib'] + spec.files = `git ls-files`.split($/) + spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } + spec.require_paths = ["lib"] - spec.add_dependency 'errbit_plugin' - spec.add_dependency 'octokit' + spec.add_dependency "errbit_plugin" + spec.add_dependency "octokit" - spec.add_development_dependency 'rspec' - spec.add_development_dependency 'rake' - spec.add_development_dependency 'activesupport' + spec.add_development_dependency "rspec" + spec.add_development_dependency "rake" + spec.add_development_dependency "activesupport" end diff --git a/lib/errbit_github_plugin.rb b/lib/errbit_github_plugin.rb index 0ae96cb..0a17647 100644 --- a/lib/errbit_github_plugin.rb +++ b/lib/errbit_github_plugin.rb @@ -1,16 +1,16 @@ # frozen_string_literal: true require "errbit_github_plugin/version" -require 'errbit_github_plugin/error' -require 'errbit_github_plugin/issue_tracker' +require "errbit_github_plugin/error" +require "errbit_github_plugin/issue_tracker" module ErrbitGithubPlugin def self.root - File.expand_path '../..', __FILE__ + File.expand_path "../..", __FILE__ end def self.read_static_file(file) - File.read(File.join(self.root, 'static', file)) + File.read(File.join(root, "static", file)) end end diff --git a/lib/errbit_github_plugin/issue_tracker.rb b/lib/errbit_github_plugin/issue_tracker.rb index c514e84..e4c31c1 100644 --- a/lib/errbit_github_plugin/issue_tracker.rb +++ b/lib/errbit_github_plugin/issue_tracker.rb @@ -1,17 +1,16 @@ # frozen_string_literal: true -require 'octokit' +require "octokit" module ErrbitGithubPlugin class IssueTracker < ErrbitPlugin::IssueTracker + LABEL = "github" - LABEL = 'github' - - NOTE = 'Please configure your github repository in the GITHUB ' \ - 'REPO field above.
Instead of providing your ' \ - 'username & password, you can link your Github account to your ' \ - 'user profile, and allow Errbit to create issues using your ' \ - 'OAuth token.' + NOTE = "Please configure your github repository in the GITHUB " \ + "REPO field above.
Instead of providing your " \ + "username & password, you can link your Github account to your " \ + "user profile, and allow Errbit to create issues using your " \ + "OAuth token." FIELDS = { username: { @@ -37,13 +36,13 @@ def self.fields def self.icons @icons ||= { create: [ - 'image/png', ErrbitGithubPlugin.read_static_file('github_create.png') + "image/png", ErrbitGithubPlugin.read_static_file("github_create.png") ], goto: [ - 'image/png', ErrbitGithubPlugin.read_static_file('github_goto.png'), + "image/png", ErrbitGithubPlugin.read_static_file("github_goto.png") ], inactive: [ - 'image/png', ErrbitGithubPlugin.read_static_file('github_inactive.png'), + "image/png", ErrbitGithubPlugin.read_static_file("github_inactive.png") ] } end @@ -58,11 +57,11 @@ def url def errors errors = [] - if self.class.fields.detect {|f| options[f[0]].blank? } - errors << [:base, 'You must specify your GitHub username and password'] + if self.class.fields.detect { |f| options[f[0]].blank? } + errors << [:base, "You must specify your GitHub username and password"] end if repo.blank? - errors << [:base, 'You must specify your GitHub repository url.'] + errors << [:base, "You must specify your GitHub repository url."] end errors end @@ -72,12 +71,14 @@ def repo end def create_issue(title, body, user: {}) - if user['github_login'] && user['github_oauth_token'] - github_client = Octokit::Client.new( - login: user['github_login'], access_token: user['github_oauth_token']) + github_client = if user["github_login"] && user["github_oauth_token"] + Octokit::Client.new( + login: user["github_login"], access_token: user["github_oauth_token"] + ) else - github_client = Octokit::Client.new( - login: options['username'], password: options['password']) + Octokit::Client.new( + login: options["username"], password: options["password"] + ) end issue = github_client.create_issue(repo, title, body) issue.html_url @@ -86,12 +87,14 @@ def create_issue(title, body, user: {}) end def close_issue(url, user: {}) - if user['github_login'] && user['github_oauth_token'] - github_client = Octokit::Client.new( - login: user['github_login'], access_token: user['github_oauth_token']) + github_client = if user["github_login"] && user["github_oauth_token"] + Octokit::Client.new( + login: user["github_login"], access_token: user["github_oauth_token"] + ) else - github_client = Octokit::Client.new( - login: options['username'], password: options['password']) + Octokit::Client.new( + login: options["username"], password: options["password"] + ) end # It would be better to get the number from issue.number when we create the issue, # however, since we only have the url, get the number from it. diff --git a/lib/errbit_github_plugin/version.rb b/lib/errbit_github_plugin/version.rb index 6045bea..839f65d 100644 --- a/lib/errbit_github_plugin/version.rb +++ b/lib/errbit_github_plugin/version.rb @@ -1,5 +1,5 @@ # frozen_string_literal: true module ErrbitGithubPlugin - VERSION = '0.4.0' + VERSION = "0.4.0" end diff --git a/spec/issue_tracker_spec.rb b/spec/issue_tracker_spec.rb index 61fa658..deca783 100644 --- a/spec/issue_tracker_spec.rb +++ b/spec/issue_tracker_spec.rb @@ -1,155 +1,154 @@ # frozen_string_literal: true describe ErrbitGithubPlugin::IssueTracker do - describe '.label' do - it 'return LABEL' do + describe ".label" do + it "return LABEL" do expect(described_class.label).to eq described_class::LABEL end end - describe '.note' do - it 'return NOTE' do + describe ".note" do + it "return NOTE" do expect(described_class.note).to eq described_class::NOTE end end - describe '.fields' do - it 'return FIELDS' do + describe ".fields" do + it "return FIELDS" do expect(described_class.fields).to eq described_class::FIELDS end end - describe '.icons' do - - it 'puts create icon onto the icons' do - expect(described_class.icons[:create][0]).to eq 'image/png' + describe ".icons" do + it "puts create icon onto the icons" do + expect(described_class.icons[:create][0]).to eq "image/png" expect( described_class.icons[:create][1] - ).to eq ErrbitGithubPlugin.read_static_file('github_create.png') + ).to eq ErrbitGithubPlugin.read_static_file("github_create.png") end - it 'puts goto icon onto the icons' do - expect(described_class.icons[:goto][0]).to eq 'image/png' + it "puts goto icon onto the icons" do + expect(described_class.icons[:goto][0]).to eq "image/png" expect( described_class.icons[:goto][1] - ).to eq ErrbitGithubPlugin.read_static_file('github_goto.png') + ).to eq ErrbitGithubPlugin.read_static_file("github_goto.png") end - it 'puts inactive icon onto the icons' do - expect(described_class.icons[:inactive][0]).to eq 'image/png' + it "puts inactive icon onto the icons" do + expect(described_class.icons[:inactive][0]).to eq "image/png" expect( described_class.icons[:inactive][1] - ).to eq ErrbitGithubPlugin.read_static_file('github_inactive.png') + ).to eq ErrbitGithubPlugin.read_static_file("github_inactive.png") end end let(:tracker) { described_class.new(options) } - describe '#configured?' do - context 'with errors' do - let(:options) { { invalid_key: '' } } - it 'return false' do + describe "#configured?" do + context "with errors" do + let(:options) { {invalid_key: ""} } + it "return false" do expect(tracker.configured?).to eq false end end - context 'without errors' do + context "without errors" do let(:options) do - { username: 'foo', password: 'bar', github_repo: 'user/repos' } + {username: "foo", password: "bar", github_repo: "user/repos"} end - it 'return true' do + it "return true" do expect(tracker.configured?).to eq true end end end - describe '#url' do - let(:options) { { github_repo: 'repo' } } - it 'returns issues url' do - expect(tracker.url).to eq 'https://github.com/repo/issues' + describe "#url" do + let(:options) { {github_repo: "repo"} } + it "returns issues url" do + expect(tracker.url).to eq "https://github.com/repo/issues" end end - describe '#errors' do + describe "#errors" do subject { tracker.errors } - context 'without username' do - let(:options) { { username: '', password: 'bar', github_repo: 'repo' } } + context "without username" do + let(:options) { {username: "", password: "bar", github_repo: "repo"} } it { is_expected.not_to be_empty } end - context 'without password' do + context "without password" do let(:options) do - { username: '', password: 'bar', github_repo: 'repo' } + {username: "", password: "bar", github_repo: "repo"} end it { is_expected.not_to be_empty } end - context 'without github_repo' do + context "without github_repo" do let(:options) do - { username: 'foo', password: 'bar', github_repo: '' } + {username: "foo", password: "bar", github_repo: ""} end it { is_expected.not_to be_empty } end - context 'with completed options' do + context "with completed options" do let(:options) do - { username: 'foo', password: 'bar', github_repo: 'repo' } + {username: "foo", password: "bar", github_repo: "repo"} end it { is_expected.to be_empty } end end - describe '#repo' do - let(:options) { { github_repo: 'baz' } } - it 'returns github repo' do - expect(tracker.repo).to eq 'baz' + describe "#repo" do + let(:options) { {github_repo: "baz"} } + it "returns github repo" do + expect(tracker.repo).to eq "baz" end end - describe '#create_issue' do - subject { tracker.create_issue('title', 'body', user: user) } + describe "#create_issue" do + subject { tracker.create_issue("title", "body", user: user) } let(:options) do - { username: 'foo', password: 'bar', github_repo: 'user/repos' } + {username: "foo", password: "bar", github_repo: "user/repos"} end let(:fake_github_client) do - double('Fake GitHub Client').tap do |github_client| + double("Fake GitHub Client").tap do |github_client| github_client.stub(:create_issue).and_return(fake_issue) end end let(:fake_issue) do - double('Fake Issue').tap do |issue| - issue.stub(:html_url).and_return('http://github.com/user/repos/issues/878') + double("Fake Issue").tap do |issue| + issue.stub(:html_url).and_return("http://github.com/user/repos/issues/878") end end - context 'signed in with token' do + context "signed in with token" do let(:user) do { - 'github_login' => 'bob', - 'github_oauth_token' => 'valid_token' + "github_login" => "bob", + "github_oauth_token" => "valid_token" } end - it 'return issue url' do + it "return issue url" do Octokit::Client.stub(:new).with( - login: user['github_login'], access_token: user['github_oauth_token'] + login: user["github_login"], access_token: user["github_oauth_token"] ).and_return(fake_github_client) expect(subject).to eq fake_issue.html_url end end - context 'signed in with password' do + context "signed in with password" do let(:user) { {} } - it 'return issue url' do - (Octokit::Client).stub(:new).with( - login: options['username'], password: options['password'] + it "return issue url" do + Octokit::Client.stub(:new).with( + login: options["username"], password: options["password"] ).and_return(fake_github_client) expect(subject).to eq fake_issue.html_url end end - context 'when unauthentication error' do + context "when unauthentication error" do let(:user) do - { 'github_login' => 'alice', 'github_oauth_token' => 'invalid_token' } + {"github_login" => "alice", "github_oauth_token" => "invalid_token"} end - it 'raise AuthenticationError' do - (Octokit::Client).stub(:new).with( - login: user['github_login'], access_token: user['github_oauth_token'] + it "raise AuthenticationError" do + Octokit::Client.stub(:new).with( + login: user["github_login"], access_token: user["github_oauth_token"] ).and_raise(Octokit::Unauthorized) expect { subject }.to raise_error end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 5daef9a..8bd2cca 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -1,12 +1,12 @@ # frozen_string_literal: true -require 'simplecov' +require "simplecov" SimpleCov.start -require 'errbit_plugin' -require 'errbit_github_plugin' -require 'active_support/all' +require "errbit_plugin" +require "errbit_github_plugin" +require "active_support/all" RSpec.configure do |config| config.run_all_when_everything_filtered = true @@ -16,5 +16,5 @@ # order dependency and want to debug it, you can fix the order by providing # the seed, which is printed after each run. # --seed 1234 - config.order = 'random' + config.order = "random" end From 033b0e760f3db5355805fb9b13decebca5c993f2 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 11 Apr 2025 00:00:13 +0200 Subject: [PATCH 10/93] Updates (#18) * Add java platform * Configure standard * Configure simplecov * In HTML5 we don't need to close tags * GitHub * Configure RSpec * Move spec to right place * Update tests * Fix tests * Fix rspec warning * Update .gitignore --- .gitignore | 2 ++ .rspec | 3 ++- .standard.yml | 1 + Gemfile.lock | 4 ++++ README.md | 4 ++-- lib/errbit_github_plugin/issue_tracker.rb | 6 +++--- .../issue_tracker_spec.rb | 16 +++++++------- spec/spec_helper.rb | 21 ++++++++++++------- 8 files changed, 36 insertions(+), 21 deletions(-) create mode 100644 .standard.yml rename spec/{ => errbit_github_plugin}/issue_tracker_spec.rb (89%) diff --git a/.gitignore b/.gitignore index 2e679cf..56dd36c 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,5 @@ tmp *.swp .rspec vendor/bundle +.rspec_status +.idea diff --git a/.rspec b/.rspec index b83d9b7..6c6110e 100644 --- a/.rspec +++ b/.rspec @@ -1,3 +1,4 @@ ---color --format documentation +--color --require spec_helper +--order random diff --git a/.standard.yml b/.standard.yml new file mode 100644 index 0000000..72b2693 --- /dev/null +++ b/.standard.yml @@ -0,0 +1 @@ +ruby_version: 3.1 diff --git a/Gemfile.lock b/Gemfile.lock index 65fdbf6..687435e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -26,6 +26,7 @@ GEM base64 (0.2.0) benchmark (0.4.0) bigdecimal (3.1.9) + bigdecimal (3.1.9-java) concurrent-ruby (1.3.5) connection_pool (2.5.0) diff-lcs (1.6.1) @@ -41,6 +42,7 @@ GEM i18n (1.14.7) concurrent-ruby (~> 1.0) json (2.10.2) + json (2.10.2-java) language_server-protocol (3.17.0.4) lint_roller (1.1.0) logger (1.7.0) @@ -57,6 +59,7 @@ GEM prism (1.4.0) public_suffix (6.0.1) racc (1.8.1) + racc (1.8.1-java) rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) @@ -127,6 +130,7 @@ PLATFORMS arm-linux-gnu arm-linux-musl arm64-darwin + java ruby x86-linux-gnu x86-linux-musl diff --git a/README.md b/README.md index 750e4d0..3b9463c 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ -# Errbit Github Plugin +# Errbit GitHub Plugin [![RSpec](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml) [![RSpec on JRuby](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml) [![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/standardrb/standard) -This plugin provides GitHub issue tracker integration for Errbit and it is the +This plugin provides GitHub issue tracker integration for Errbit, and it is the only plugin included by default in Errbit. diff --git a/lib/errbit_github_plugin/issue_tracker.rb b/lib/errbit_github_plugin/issue_tracker.rb index e4c31c1..fbfe57c 100644 --- a/lib/errbit_github_plugin/issue_tracker.rb +++ b/lib/errbit_github_plugin/issue_tracker.rb @@ -6,9 +6,9 @@ module ErrbitGithubPlugin class IssueTracker < ErrbitPlugin::IssueTracker LABEL = "github" - NOTE = "Please configure your github repository in the GITHUB " \ - "REPO field above.
Instead of providing your " \ - "username & password, you can link your Github account to your " \ + NOTE = "Please configure your GitHub repository in the GITHUB " \ + "REPO field above.
Instead of providing your " \ + "username & password, you can link your GitHub account to your " \ "user profile, and allow Errbit to create issues using your " \ "OAuth token." diff --git a/spec/issue_tracker_spec.rb b/spec/errbit_github_plugin/issue_tracker_spec.rb similarity index 89% rename from spec/issue_tracker_spec.rb rename to spec/errbit_github_plugin/issue_tracker_spec.rb index deca783..921fb7d 100644 --- a/spec/issue_tracker_spec.rb +++ b/spec/errbit_github_plugin/issue_tracker_spec.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true -describe ErrbitGithubPlugin::IssueTracker do +require "spec_helper" + +RSpec.describe ErrbitGithubPlugin::IssueTracker do describe ".label" do it "return LABEL" do expect(described_class.label).to eq described_class::LABEL @@ -108,12 +110,12 @@ end let(:fake_github_client) do double("Fake GitHub Client").tap do |github_client| - github_client.stub(:create_issue).and_return(fake_issue) + expect(github_client).to receive(:create_issue).and_return(fake_issue) end end let(:fake_issue) do double("Fake Issue").tap do |issue| - issue.stub(:html_url).and_return("http://github.com/user/repos/issues/878") + expect(issue).to receive(:html_url).and_return("http://github.com/user/repos/issues/878").twice end end @@ -125,7 +127,7 @@ } end it "return issue url" do - Octokit::Client.stub(:new).with( + expect(Octokit::Client).to receive(:new).with( login: user["github_login"], access_token: user["github_oauth_token"] ).and_return(fake_github_client) expect(subject).to eq fake_issue.html_url @@ -135,7 +137,7 @@ context "signed in with password" do let(:user) { {} } it "return issue url" do - Octokit::Client.stub(:new).with( + expect(Octokit::Client).to receive(:new).with( login: options["username"], password: options["password"] ).and_return(fake_github_client) expect(subject).to eq fake_issue.html_url @@ -147,10 +149,10 @@ {"github_login" => "alice", "github_oauth_token" => "invalid_token"} end it "raise AuthenticationError" do - Octokit::Client.stub(:new).with( + expect(Octokit::Client).to receive(:new).with( login: user["github_login"], access_token: user["github_oauth_token"] ).and_raise(Octokit::Unauthorized) - expect { subject }.to raise_error + expect { subject }.to raise_error(ErrbitGithubPlugin::AuthenticationError) end end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 8bd2cca..05f63c8 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -2,19 +2,24 @@ require "simplecov" -SimpleCov.start +SimpleCov.start do + enable_coverage :branch + + primary_coverage :branch +end require "errbit_plugin" require "errbit_github_plugin" require "active_support/all" RSpec.configure do |config| - config.run_all_when_everything_filtered = true - config.filter_run :focus + # Enable flags like --only-failures and --next-failure + config.example_status_persistence_file_path = ".rspec_status" + + # Disable RSpec exposing methods globally on `Module` and `main` + config.disable_monkey_patching! - # Run specs in random order to surface order dependencies. If you find an - # order dependency and want to debug it, you can fix the order by providing - # the seed, which is printed after each run. - # --seed 1234 - config.order = "random" + config.expect_with :rspec do |c| + c.syntax = :expect + end end From 4039a70ec79238acc88a0a87f2325d3a18d504ba Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 11 Apr 2025 15:25:19 +0200 Subject: [PATCH 11/93] Tests (#19) * Add faraday-retry as dependency * Configure simplecov * Load only blank from active support * Cleanup * Fix dependencies * Cleanup * Configure rubocop * Update rubocop config * Add rubocop * Configure rubocop * Update rubocop config * Add rubocop-disable_syntax gem * Update rubocop config * Add rubocop-performance gem * Rename * Cleanup * Update rubocop config * Cleanup tests * Cleanup * Cleanup * Cleanup * Cleanup * Tests * Params --- .rubocop.yml | 367 ++++++++++++++++++ Gemfile | 9 +- Gemfile.lock | 18 +- errbit_github_plugin.gemspec | 27 +- lib/errbit_github_plugin.rb | 2 +- .../{error.rb => authentication_error.rb} | 0 lib/errbit_github_plugin/issue_tracker.rb | 7 + .../issue_tracker_spec.rb | 146 +++++-- spec/spec_helper.rb | 3 +- 9 files changed, 537 insertions(+), 42 deletions(-) create mode 100644 .rubocop.yml rename lib/errbit_github_plugin/{error.rb => authentication_error.rb} (100%) diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000..18c633d --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,367 @@ +require: + - rubocop-disable_syntax + +plugins: + - rubocop-performance + - rubocop-rake + - rubocop-rspec + +AllCops: + TargetRubyVersion: 3.1 + NewCops: enable + +# We use standard as a linter and formatter instead Rubocop. +# Also, we are explicitly disable all rubocop rules what +# already enabled in standard. And standard-performance. + +# Standard rules. Style: + +# Enforced by standard. Disable. +Style/StringLiterals: + Enabled: false + +# Enforced by standard. Disable. +Style/HashSyntax: + Enabled: false + +# Enforced by standard. Disable. +Style/NestedParenthesizedCalls: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantRegexpArgument: + Enabled: false + +# Enforced by standard. Disable. +Style/PercentLiteralDelimiters: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantBegin: + Enabled: false + +# Enforced by standard. Disable. +Style/SuperWithArgsParentheses: + Enabled: false + +# Enforced by standard. Disable. +Style/Encoding: + Enabled: false + +# Enforced by standard. Disable. +Style/NumericLiteralPrefix: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantParentheses: + Enabled: false + +# Enforced by standard. Disable. +Style/EmptyMethod: + Enabled: false + +# Enforced by standard. Disable. +Style/SingleLineMethods: + Enabled: false + +# Enforced by standard. Disable. +Style/SafeNavigation: + Enabled: false + +# Enforced by standard. Disable. +Style/RescueStandardError: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantSelf: + Enabled: false + +# Enforced by standard. Disable. +Style/TernaryParentheses: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantLineContinuation: + Enabled: false + +# Enforced by standard. Disable. +Style/SlicingWithRange: + Enabled: false + +# Enforced by standard. Disable. +Style/MultilineIfModifier: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantCondition: + Enabled: false + +# Enforced by standard. Disable. +Style/RedundantInterpolation: + Enabled: false + +# Enforced by standard. Disable. +Style/OrAssignment: + Enabled: false + +# Enforced by standard. Disable. +Style/ConditionalAssignment: + Enabled: false + +# Enforced by standard. Disable. +Style/ItAssignment: + Enabled: false + +# Enforced by standard. Disable. +Style/EachWithObject: + Enabled: false + +# Enforced by standard. Disable. +Style/GlobalStdStream: + Enabled: false + +# Enforced by standard. Disable. +Style/StringLiteralsInInterpolation: + Enabled: false + +# Disabled as in standard. +Style/HashAsLastArrayItem: + Enabled: false + +# Enforced by standard. Disable. +Style/Alias: + Enabled: false + +# Standard rules. Layout: + +# Enforced by standard. Disable. +Layout/HashAlignment: + Enabled: false + +# Enforced by standard. Disable. +Layout/FirstArrayElementIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/SpaceInsideHashLiteralBraces: + Enabled: false + +# Enforced by standard. Disable. +Layout/SpaceInsideStringInterpolation: + Enabled: false + +# Enforced by standard. Disable. +Layout/DotPosition: + Enabled: false + +# Enforced by standard. Disable. +Layout/ExtraSpacing: + Enabled: false + +# Enforced by standard. Disable. +Layout/ArgumentAlignment: + Enabled: false + +# Enforced by standard. Disable. +Layout/MultilineMethodCallBraceLayout: + Enabled: false + +# Enforced by standard. Disable. +Layout/AccessModifierIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/FirstHashElementIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/IndentationWidth: + Enabled: false + +# Enforced by standard. Disable. +Layout/ElseAlignment: + Enabled: false + +# Enforced by standard. Disable. +Layout/EndAlignment: + Enabled: false + +# Enforced by standard. Disable. +Layout/MultilineHashBraceLayout: + Enabled: false + +# Enforced by standard. Disable. +Layout/EmptyLineBetweenDefs: + Enabled: false + +# Enforced by standard. Disable. +Layout/MultilineArrayBraceLayout: + Enabled: false + +# Enforced by standard. Disable. +Layout/EmptyLineAfterMagicComment: + Enabled: false + +# Enforced by standard. Disable. +Layout/SpaceAroundOperators: + Enabled: false + +# Enforced by standard. Disable. +Layout/ArrayAlignment: + Enabled: false + +# Enforced by standard. Disable. +Layout/AssignmentIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/ClosingParenthesisIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/LineLength: + Enabled: false + +# Enforced by standard. Disable. +Layout/MultilineMethodCallIndentation: + Enabled: false + +# Enforced by standard. Disable. +Layout/CaseIndentation: + Enabled: false + +# Standard rules. Lint: + +# Enforced by standard. Disable. +Lint/ImplicitStringConcatenation: + Enabled: false + +# Enforced by standard. Disable. +Lint/TripleQuotes: + Enabled: false + +# Enforced by standard. Disable. +Lint/IneffectiveAccessModifier: + Enabled: false + +# Enforced by standard. Disable. +Lint/SymbolConversion: + Enabled: false + +# Enforced by rubocop and standard +Lint/CopDirectiveSyntax: + Enabled: true + +# Enforced by standard. Disable. +Lint/DuplicateMethods: + Enabled: false + +# Enforced by standard. Disable. +Lint/ConstantDefinitionInBlock: + Enabled: false + +# Enforced by standard. Disable. +Lint/UselessTimes: + Enabled: false + +# Standard-performance rules. + +# Enforced by standard-performance. Disable. +Performance/Detect: + Enabled: false + +# Enforced by standard-performance. Disable. +Performance/StringIdentifierArgument: + Enabled: false + +# Enforced by standard-performance. Disable. +Performance/RegexpMatch: + Enabled: false + +# Always enable rubocop Security: + +# Enforced by rubocop and standard +Security/JSONLoad: + Enabled: true + +# Our rubocop rules + +# Bundler rules. + +Bundler/OrderedGems: + Enabled: false + +# Gemspec rules + +Gemspec/OrderedDependencies: + Enabled: false + +# Style rules + +# Don't allow %i[foo bar baz] +Style/SymbolArray: + Enabled: true + EnforcedStyle: brackets + +# Don't allow %w[foo bar baz] +Style/WordArray: + Enabled: true + EnforcedStyle: brackets + +# Disable warnings like "Missing top-level documentation comment for" +Style/Documentation: + Enabled: false + +# Disable as in standard. +Style/ArgumentsForwarding: + Enabled: false + +# RSpec rules + +# Prefer eq over be. +RSpec/BeEq: + Enabled: false + +# Prefer eq over eql. +RSpec/BeEql: + Enabled: false + +# We prefer to use `expect` over `allow`. +RSpec/StubbedMock: + Enabled: false + +# We prefer multiple before blocks in tests. +RSpec/ScatteredSetup: + Enabled: false + +# We use `expect` in before hooks. +RSpec/ExpectInHook: + Enabled: false + +# We use item_1, item_2, etc. Disable. +RSpec/IndexedLet: + Enabled: false + +# We don't use named subject's +RSpec/NamedSubject: + Enabled: false + +# Naming rules: + +# Disable anonymous block forwarding. +Naming/BlockForwarding: + Enabled: true + EnforcedStyle: explicit + +# Enable and exclude specific files. +Naming/FileName: + Enabled: true + +# Disabled syntax: + +# Disable shorthand hash syntax like: ({ x:, y: }) +# Disable % style literals +Style/DisableSyntax: + DisableSyntax: + - shorthand_hash_syntax + - percent_literals diff --git a/Gemfile b/Gemfile index d910056..e96b574 100644 --- a/Gemfile +++ b/Gemfile @@ -4,5 +4,12 @@ source "https://rubygems.org" gemspec +gem "rake" +gem "rspec" gem "simplecov", require: false -gem "standard" +gem "standard", require: false +gem "rubocop", require: false +gem "rubocop-disable_syntax", require: false +gem "rubocop-performance", require: false +gem "rubocop-rake", require: false +gem "rubocop-rspec", require: false diff --git a/Gemfile.lock b/Gemfile.lock index 687435e..3a4247c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -2,7 +2,9 @@ PATH remote: . specs: errbit_github_plugin (0.4.0) + activesupport errbit_plugin + faraday-retry octokit GEM @@ -39,6 +41,8 @@ GEM logger faraday-net_http (3.4.0) net-http (>= 0.5.0) + faraday-retry (2.3.1) + faraday (~> 2.0) i18n (1.14.7) concurrent-ruby (~> 1.0) json (2.10.2) @@ -90,10 +94,18 @@ GEM rubocop-ast (1.44.0) parser (>= 3.3.7.2) prism (~> 1.4) + rubocop-disable_syntax (0.1.1) + rubocop (>= 1.50) rubocop-performance (1.25.0) lint_roller (~> 1.1) rubocop (>= 1.75.0, < 2.0) rubocop-ast (>= 1.38.0, < 2.0) + rubocop-rake (0.7.1) + lint_roller (~> 1.1) + rubocop (>= 1.72.1) + rubocop-rspec (3.5.0) + lint_roller (~> 1.1) + rubocop (~> 1.72, >= 1.72.1) ruby-progressbar (1.13.0) sawyer (0.9.2) addressable (>= 2.3.5) @@ -139,10 +151,14 @@ PLATFORMS x86_64-linux-musl DEPENDENCIES - activesupport errbit_github_plugin! rake rspec + rubocop + rubocop-disable_syntax + rubocop-performance + rubocop-rake + rubocop-rspec simplecov standard diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 4c39511..9b74f2d 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -1,8 +1,6 @@ # frozen_string_literal: true -lib = File.expand_path("../lib", __FILE__) -$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib) -require "errbit_github_plugin/version" +require_relative "lib/errbit_github_plugin/version" Gem::Specification.new do |spec| spec.name = "errbit_github_plugin" @@ -10,19 +8,28 @@ Gem::Specification.new do |spec| spec.authors = ["Stephen Crosby"] spec.email = ["stevecrozz@gmail.com"] - spec.description = "GitHub integration for Errbit" spec.summary = "GitHub integration for Errbit" + spec.description = "GitHub integration for Errbit" spec.homepage = "https://github.com/errbit/errbit_github_plugin" spec.license = "MIT" + spec.required_ruby_version = ">= 3.1.0" - spec.files = `git ls-files`.split($/) - spec.executables = spec.files.grep(%r{^bin/}) { |f| File.basename(f) } + spec.metadata["homepage_uri"] = spec.homepage + spec.metadata["source_code_uri"] = spec.homepage + + # Specify which files should be added to the gem when it is released. + # The `git ls-files -z` loads the files in the RubyGem that have been added into git. + gemspec = File.basename(__FILE__) + spec.files = IO.popen(["git", "ls-files", "-z"], chdir: __dir__, err: IO::NULL) do |ls| + ls.readlines("\x0", chomp: true).reject do |f| + (f == gemspec) || + f.start_with?("bin/", "test/", "spec/", "features/", ".git", ".github", "appveyor", "Gemfile") + end + end spec.require_paths = ["lib"] spec.add_dependency "errbit_plugin" + spec.add_dependency "faraday-retry" spec.add_dependency "octokit" - - spec.add_development_dependency "rspec" - spec.add_development_dependency "rake" - spec.add_development_dependency "activesupport" + spec.add_dependency "activesupport" end diff --git a/lib/errbit_github_plugin.rb b/lib/errbit_github_plugin.rb index 0a17647..57afb5a 100644 --- a/lib/errbit_github_plugin.rb +++ b/lib/errbit_github_plugin.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true require "errbit_github_plugin/version" -require "errbit_github_plugin/error" +require "errbit_github_plugin/authentication_error" require "errbit_github_plugin/issue_tracker" module ErrbitGithubPlugin diff --git a/lib/errbit_github_plugin/error.rb b/lib/errbit_github_plugin/authentication_error.rb similarity index 100% rename from lib/errbit_github_plugin/error.rb rename to lib/errbit_github_plugin/authentication_error.rb diff --git a/lib/errbit_github_plugin/issue_tracker.rb b/lib/errbit_github_plugin/issue_tracker.rb index fbfe57c..106e1ad 100644 --- a/lib/errbit_github_plugin/issue_tracker.rb +++ b/lib/errbit_github_plugin/issue_tracker.rb @@ -1,5 +1,6 @@ # frozen_string_literal: true +require "active_support/core_ext/object/blank" require "octokit" module ErrbitGithubPlugin @@ -57,12 +58,15 @@ def url def errors errors = [] + if self.class.fields.detect { |f| options[f[0]].blank? } errors << [:base, "You must specify your GitHub username and password"] end + if repo.blank? errors << [:base, "You must specify your GitHub repository url."] end + errors end @@ -86,6 +90,9 @@ def create_issue(title, body, user: {}) raise ErrbitGithubPlugin::AuthenticationError, "Could not authenticate with GitHub. Please check your username and password." end + # @param url [String] + # @param user [Hash] + # @return [String] The URL of the closed issue def close_issue(url, user: {}) github_client = if user["github_login"] && user["github_oauth_token"] Octokit::Client.new( diff --git a/spec/errbit_github_plugin/issue_tracker_spec.rb b/spec/errbit_github_plugin/issue_tracker_spec.rb index 921fb7d..a6a9a88 100644 --- a/spec/errbit_github_plugin/issue_tracker_spec.rb +++ b/spec/errbit_github_plugin/issue_tracker_spec.rb @@ -4,43 +4,48 @@ RSpec.describe ErrbitGithubPlugin::IssueTracker do describe ".label" do - it "return LABEL" do - expect(described_class.label).to eq described_class::LABEL - end + it { expect(described_class.label).to eq("github") } end describe ".note" do - it "return NOTE" do - expect(described_class.note).to eq described_class::NOTE - end + it { expect(described_class.note).to start_with("Please configure your GitHub") } end describe ".fields" do - it "return FIELDS" do - expect(described_class.fields).to eq described_class::FIELDS + it do + expect(described_class.fields).to eq( + { + username: { + placeholder: "Your username on GitHub" + }, + password: { + placeholder: "Password for your account" + } + } + ) end end describe ".icons" do it "puts create icon onto the icons" do - expect(described_class.icons[:create][0]).to eq "image/png" - expect( - described_class.icons[:create][1] - ).to eq ErrbitGithubPlugin.read_static_file("github_create.png") + expect(described_class.icons[:create][0]).to eq("image/png") + + expect(described_class.icons[:create][1]) + .to eq(ErrbitGithubPlugin.read_static_file("github_create.png")) end it "puts goto icon onto the icons" do - expect(described_class.icons[:goto][0]).to eq "image/png" - expect( - described_class.icons[:goto][1] - ).to eq ErrbitGithubPlugin.read_static_file("github_goto.png") + expect(described_class.icons[:goto][0]).to eq("image/png") + + expect(described_class.icons[:goto][1]) + .to eq(ErrbitGithubPlugin.read_static_file("github_goto.png")) end it "puts inactive icon onto the icons" do - expect(described_class.icons[:inactive][0]).to eq "image/png" - expect( - described_class.icons[:inactive][1] - ).to eq ErrbitGithubPlugin.read_static_file("github_inactive.png") + expect(described_class.icons[:inactive][0]).to eq("image/png") + + expect(described_class.icons[:inactive][1]) + .to eq(ErrbitGithubPlugin.read_static_file("github_inactive.png")) end end @@ -49,70 +54,86 @@ describe "#configured?" do context "with errors" do let(:options) { {invalid_key: ""} } + it "return false" do - expect(tracker.configured?).to eq false + expect(tracker.configured?).to eq(false) end end + context "without errors" do let(:options) do - {username: "foo", password: "bar", github_repo: "user/repos"} + {username: "foo", password: "bar", github_repo: "user/repository"} end + it "return true" do - expect(tracker.configured?).to eq true + expect(tracker.configured?).to eq(true) end end end describe "#url" do - let(:options) { {github_repo: "repo"} } + let(:options) { {github_repo: "user/repo"} } + it "returns issues url" do - expect(tracker.url).to eq "https://github.com/repo/issues" + expect(tracker.url).to eq("https://github.com/user/repo/issues") end end describe "#errors" do subject { tracker.errors } + context "without username" do let(:options) { {username: "", password: "bar", github_repo: "repo"} } + it { is_expected.not_to be_empty } end + context "without password" do let(:options) do {username: "", password: "bar", github_repo: "repo"} end + it { is_expected.not_to be_empty } end + context "without github_repo" do let(:options) do {username: "foo", password: "bar", github_repo: ""} end + it { is_expected.not_to be_empty } end + context "with completed options" do let(:options) do {username: "foo", password: "bar", github_repo: "repo"} end + it { is_expected.to be_empty } end end describe "#repo" do let(:options) { {github_repo: "baz"} } + it "returns github repo" do - expect(tracker.repo).to eq "baz" + expect(tracker.repo).to eq("baz") end end describe "#create_issue" do subject { tracker.create_issue("title", "body", user: user) } + let(:options) do {username: "foo", password: "bar", github_repo: "user/repos"} end + let(:fake_github_client) do double("Fake GitHub Client").tap do |github_client| expect(github_client).to receive(:create_issue).and_return(fake_issue) end end + let(:fake_issue) do double("Fake Issue").tap do |issue| expect(issue).to receive(:html_url).and_return("http://github.com/user/repos/issues/878").twice @@ -126,21 +147,25 @@ "github_oauth_token" => "valid_token" } end + it "return issue url" do expect(Octokit::Client).to receive(:new).with( login: user["github_login"], access_token: user["github_oauth_token"] ).and_return(fake_github_client) - expect(subject).to eq fake_issue.html_url + + expect(subject).to eq(fake_issue.html_url) end end context "signed in with password" do let(:user) { {} } + it "return issue url" do expect(Octokit::Client).to receive(:new).with( login: options["username"], password: options["password"] ).and_return(fake_github_client) - expect(subject).to eq fake_issue.html_url + + expect(subject).to eq(fake_issue.html_url) end end @@ -148,10 +173,75 @@ let(:user) do {"github_login" => "alice", "github_oauth_token" => "invalid_token"} end + it "raise AuthenticationError" do expect(Octokit::Client).to receive(:new).with( login: user["github_login"], access_token: user["github_oauth_token"] ).and_raise(Octokit::Unauthorized) + + expect { subject }.to raise_error(ErrbitGithubPlugin::AuthenticationError) + end + end + end + + describe "#close_issue" do + subject { tracker.close_issue("url", user: user) } + + let(:options) do + {username: "foo", password: "bar", github_repo: "user/repository"} + end + + let(:fake_github_client) do + double("Fake GitHub Client").tap do |github_client| + expect(github_client).to receive(:close_issue).and_return(fake_issue) + end + end + + let(:fake_issue) do + double("Fake Issue").tap do |issue| + expect(issue).to receive(:html_url).and_return("http://github.com/user/repos/issues/878").twice + end + end + + context "signed in with token" do + let(:user) do + { + "github_login" => "bob", + "github_oauth_token" => "valid_token" + } + end + + it "return issue url" do + expect(Octokit::Client).to receive(:new).with( + login: user["github_login"], access_token: user["github_oauth_token"] + ).and_return(fake_github_client) + + expect(subject).to eq(fake_issue.html_url) + end + end + + context "signed in with password" do + let(:user) { {} } + + it "return issue url" do + expect(Octokit::Client).to receive(:new).with( + login: options["username"], password: options["password"] + ).and_return(fake_github_client) + + expect(subject).to eq(fake_issue.html_url) + end + end + + context "when unauthentication error" do + let(:user) do + {"github_login" => "alice", "github_oauth_token" => "invalid_token"} + end + # + it "raise AuthenticationError" do + expect(Octokit::Client).to receive(:new).with( + login: user["github_login"], access_token: user["github_oauth_token"] + ).and_raise(Octokit::Unauthorized) + expect { subject }.to raise_error(ErrbitGithubPlugin::AuthenticationError) end end diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb index 05f63c8..e5b39a9 100644 --- a/spec/spec_helper.rb +++ b/spec/spec_helper.rb @@ -6,11 +6,12 @@ enable_coverage :branch primary_coverage :branch + + add_filter "spec/" end require "errbit_plugin" require "errbit_github_plugin" -require "active_support/all" RSpec.configure do |config| # Enable flags like --only-failures and --next-failure From 35d27bf95848af7ce05d53ed36b5c0f665c9f97b Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Sun, 13 Apr 2025 17:00:36 +0200 Subject: [PATCH 12/93] Updates (#20) * Remove duplicates * Updates --- errbit_github_plugin.gemspec | 2 ++ vendor/assets/images/github_create.png | Bin 2187 -> 0 bytes vendor/assets/images/github_inactive.png | Bin 1080 -> 0 bytes 3 files changed, 2 insertions(+) delete mode 100644 vendor/assets/images/github_create.png delete mode 100644 vendor/assets/images/github_inactive.png diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 9b74f2d..0805349 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -16,6 +16,8 @@ Gem::Specification.new do |spec| spec.metadata["homepage_uri"] = spec.homepage spec.metadata["source_code_uri"] = spec.homepage + spec.metadata["bug_tracker_uri"] = "#{spec.homepage}/issues" + spec.metadata["rubygems_mfa_required"] = "true" # Specify which files should be added to the gem when it is released. # The `git ls-files -z` loads the files in the RubyGem that have been added into git. diff --git a/vendor/assets/images/github_create.png b/vendor/assets/images/github_create.png deleted file mode 100644 index 8bc8e9dccb29e6e6d04cc558988acc5b2c5a53cd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2187 zcmV;62z2*}P)evpZ ziPpwuAP=h%6W+*c_ujpG_XWGaF7jF)3k%2s%TrcaYiXA6^!zp>>X>FG{FOU%=I-PE ze&0FY_nq^*-}_Epm6erq?)<(l?Tx6sygW@|VPR}hQBizxadCW6adB*6L80cYLvKgj z`K-ZUm@_L-o6S12Fz3Q&+LB8pNwO?w+U<75>2&&PYHETa91e%iZnG;!*_c^cTAK8E zUat1mI*Y|JJMb-=x6CamDM>b|s_d+Bh8r6jsiUKVy1Ton_sSLO?dhSe&Q5A=ZKccg z^;GR}gvGOEWo5|+5A2^iE70@j&g%?%LzctooN8@rBY&Tt1_t`c@9*RAN20HSiJLcXPLGa`pufK# zgM$GK1_J2w`=>cDHaR4FfcHHU@(X)T&>UN!@%Gm0-S(BGT`G+J_c6{Uso3d{Z5C2BuP>)T)3e7 zTFv!(edLGjuWp+wC=!+W`~5UHI2fM1ejT+nwe-w0iL_+N5;}C~5Kf*v3BFT$S~?v& zc8rc3IZ97G{WO*>TZU67PYL?LNreSC8<51FyLRo0XwC+`*Kj2zmy(?h=Tr~t#+5N` zy%4}|my6b|T}SuLyAL{@4smgDh>eYEbAcKWj7^EMB}ACr+G*uoM^yfIR@= zf!f;IsY{nGCI25?FKShGq{q`DC}wSY#X=ez8z=5ltX{pE9$2sd+6Nb5!9uOLQ}m)m zSg4H_-zl1ZkB*MU-o1NiczBquUAxBn_%Sjv5;2|CYL)+W_N?|EV9qFsX$kw-ootYZ zPNTf2o6WUz=S~uvFI*Un#c?_$#6OG&7sYTQT8e)tjviT>KykVl%)5U+9$&tkic5-V zGBinnz#!O|=;v;zbGgD|7Tg7zk&zK)G#WD-*ic`!NB49W1B+^#nwzlU`RDP2`SX$b z!n4SE_b|SAKLhWlZKdOTev40!rbEg32hJSdk2NcPito?6pAH;6h{;e$I6YECm#<6E zO_D*%eDB12wQ4h#l3mR%i-nrBG;rw~DbN3$HxN$?!3~nvB-EOL?sv?ugr06U3nmbHY63c)1 z+S=Phi|};vg0+U|VYj;;iHYm*QsQ!ihMO^=$QaE(3mSD1U2DPg%>b@S;f>gs9{VyF;%$j1(ky{&IaNj(1+u?G#ARex(tD`?1 zJWOj>K1z=K4?tJD8MFg5(Lxk(6Mg9?ni?be&p3*+GO<4KDf-~UY%;4V@$42=qS`S7 z9OS-^p8@6v;<@4=_niPGPm2eFV%CL$Yk3CO;GK7l(qGbdp`rXNMp{%{Z?{pXNyb=x zIsC3NvgDq@z8xtz{?|;Zt#gshW+V0uS*%u3fN-@)BFKGw8@Rl@JhsYi_c0i?w0Nko zsR=F3&FEph&CVJ+_eCx`I++P?7d|?38tL0pu=ll%l>XXA?D)+uuzO1~y}5rMKD(HU z#-?UIFfNM&BSJHK2Mo>(n8gV7NwRdC>iqoth`Bo2JH)i&{u@BQzaQ7R7l$UUQTD|g z`tZ|i@^T{OdI?Xgei9nZ1Eh<4DAH1|q@){5V!zm6A^e~qN1BqS{P2_AcVIez)8 z7qIw84`b8IFN38*GqZFH%wmoJf_0safGP^f+_FZ!KI)zU!bS>n--#nn%v!X1TB(_7 z7ojgJL-y%YNZYd;Pp({v^=lJp*S4)#wsa{rzL*5HycA6}PFT$}KQ!~Y*lSf<~1J}UiWRvje zRN8fgvWNbS)K7}A>XohddFl?@@OCDxNJ^$Pzk8kjD7*2|SO^7;9yXB?CdmMHFjp%J zcTaKLdq}Y0k)!JGr%%u2&sjpJ8m`>MuRE7*R+Kh&QpOa~&S}D{&H=ns;6;kmM%!K8 zw7Ikun@WAOtz!g#Ai`TAP@$t9){4@wB1^2TQ6!S3D5l7<$O+tiEOMohA4<#0bc)fa zM!=b3m(2pbs~LYA4k05~cB-9(4}OL%jN@NWME%4`l;^cAGY zk!n>Ao!Fc8{^pmzit_RVu|Twe-Dag~i-lB2Es8u|{Ihise|BBPVRsN24HMX3HGv}y zW619EPv_TrU@%$8#5xO#W!{77PWV>uT|88DyeLaCsZ(P7RVgyrc{8)3l94x;j2yB` z1`csoB$+Ig6=dd0g{HD%%HkH{N@sBu=I05`lX)ZAXi~$h6RE75MP}zp6@0%HmBeNe zfMH27$!yxq+M936i76ZC~eSb12fv`ym{~4dt6N0goLj2oYlQK-~GHYrJOxu9z{qE%=5xVc|k=*FZQJ_M3`ygR9%6crl(& z7f#jSnt9c3%lv^qGM<|ZheH$Knz@2A@`f7Mq$U6?2YT?h*3MuMY7 zlteSl^KUIb6MS)h&s1TkNJyx@wj@CitRkTzk+f(M&8?q(^T8&<1GsKrrmttJG}J?0 zn|hNuNyuWQjVFd*+p{#h^I(W$)I^*@194#HuC3 zIzP!H1fLvWB_kya5qG(d;Ndh&I9wP2@Zn<<4hBYWiU=*O5p$Fyc&w0W56|<68~nk2 zJ&G@prZ^J}es<+u>%+lvrr$?V5kRr*;ca%XMj4-wHD0EdPiP`IT_+~R^zSY6*aI)? zRSe*WX^~I>vfzPaq+3vwHmf)}C@s0mUJhYs3vyVB z+@ZuC`BPRTMiA(h4EStZiDL0l;JAiz2cKQ|SY5@+BkpmG1H^3;3fR2>Nss!ml^9l)Y%fDh;F*nHDw zj7UO)LwSiB52+JMSpyQ*32>WFR1_@puW!oJF09W!=5JXeB9cgU%SjI6Xk(=8)6GCf+`0ADq*Tuo;ZRMc5K za%9-eE1Y1E5j{o^dCK@WCjv4f)ecGkelV}uOMSt)V93X*M}aO`*9M`4G&CbS6`C|i z#Dh7`j4pp~M(k5Iba{U;WrjQe%>WUKN1KqG#uAA`U{24DJ$R-8UhXre&4dJ?09#7x zn4p))4ChCdx3%7{{rtF0$}mQ^3KYP~tWHxM-QIeyno$eYUT;7K>DP*M19g^Uk$GJh ytwCqjZJ0Mdl*`7HB})c0)<_zi-Ol0vQ~V2VPte?eu*?|%0000 Date: Sun, 13 Apr 2025 20:24:12 +0200 Subject: [PATCH 13/93] Updates (#21) * Bundler: 2.6.8 * bundle lock --add-checksums --- Gemfile.lock | 63 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 62 insertions(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 3a4247c..437510d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -162,5 +162,66 @@ DEPENDENCIES simplecov standard +CHECKSUMS + activesupport (7.2.2.1) sha256=842bcbf8a92977f80fb4750661a237cf5dd4fdd442066b3c35e88afb488647f5 + addressable (2.8.7) sha256=462986537cf3735ab5f3c0f557f14155d778f4b43ea4f485a9deb9c8f7c58232 + ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 + base64 (0.2.0) sha256=0f25e9b21a02a0cc0cea8ef92b2041035d39350946e8789c562b2d1a3da01507 + benchmark (0.4.0) sha256=0f12f8c495545e3710c3e4f0480f63f06b4c842cc94cec7f33a956f5180e874a + bigdecimal (3.1.9) sha256=2ffc742031521ad69c2dfc815a98e426a230a3d22aeac1995826a75dabfad8cc + bigdecimal (3.1.9-java) sha256=dd9b8f7c870664cd9538a1325ce385ba57a6627969177258c4f0e661a7be4456 + concurrent-ruby (1.3.5) sha256=813b3e37aca6df2a21a3b9f1d497f8cbab24a2b94cab325bffe65ee0f6cbebc6 + connection_pool (2.5.0) sha256=233b92f8d38e038c1349ccea65dd3772727d669d6d2e71f9897c8bf5cd53ebfc + diff-lcs (1.6.1) sha256=12a5a83f3e37a8e2f4427268e305914d5f1879f22b4e73bb1a09f76a3dd86cd4 + docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e + drb (2.2.1) sha256=e9d472bf785f558b96b25358bae115646da0dbfd45107ad858b0bc0d935cb340 + errbit_github_plugin (0.4.0) + errbit_plugin (0.6.0) sha256=ec4a7567333e3771802805e6c8e901fdfdbb9d576bbcc2af91573694cea89b15 + faraday (2.13.0) sha256=f2697cd61a434dc446ee035f0370de654c2ad64707c4fc2541eb2338702e9614 + faraday-net_http (3.4.0) sha256=a1f1e4cd6a2cf21599c8221595e27582d9936819977bbd4089a601f24c64e54a + faraday-retry (2.3.1) sha256=4004faa21f41fc5360d359bc79889fc58fb7fae0ce93bfb737a784ac76805c03 + i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f + json (2.10.2) sha256=34e0eada93022b2a0a3345bb0b5efddb6e9ff5be7c48e409cfb54ff8a36a8b06 + json (2.10.2-java) sha256=fe31faac61ea21ea1448c35450183f84e85c2b94cc6522c241959ba9d1362006 + language_server-protocol (3.17.0.4) sha256=c484626478664fd13482d8180947c50a8590484b1258b99b7aedb3b69df89669 + lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 + logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 + minitest (5.25.5) sha256=391b6c6cb43a4802bfb7c93af1ebe2ac66a210293f4a3fb7db36f2fc7dc2c756 + net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb + octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 + parallel (1.26.3) sha256=d86babb7a2b814be9f4b81587bf0b6ce2da7d45969fab24d8ae4bf2bb4d4c7ef + parser (3.3.7.4) sha256=2b26282274280e13f891080dc4ef3f65ce658d62e13255b246b28ec6754e98ab + prism (1.4.0) sha256=dc0e3e00e93160213dc2a65519d9002a4a1e7b962db57d444cf1a71565bb703e + public_suffix (6.0.1) sha256=61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f + racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f + racc (1.8.1-java) sha256=54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98 + rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a + rake (13.2.1) sha256=46cb38dae65d7d74b6020a4ac9d48afed8eb8149c040eccf0523bec91907059d + regexp_parser (2.10.0) sha256=cb6f0ddde88772cd64bff1dbbf68df66d376043fe2e66a9ef77fcb1b0c548c61 + rspec (3.13.0) sha256=d490914ac1d5a5a64a0e1400c1d54ddd2a501324d703b8cfe83f458337bab993 + rspec-core (3.13.3) sha256=25136507f4f9cf2e8977a2851e64e438b4331646054e345998714108745cdfe4 + rspec-expectations (3.13.3) sha256=0e6b5af59b900147698ea0ff80456c4f2e69cac4394fbd392fbd1ca561f66c58 + rspec-mocks (3.13.2) sha256=2327335def0e1665325a9b617e3af9ae20272741d80ac550336309a7c59abdef + rspec-support (3.13.2) sha256=cea3a2463fd9b84b9dcc9685efd80ea701aa8f7b3decb3b3ce795ed67737dbec + rubocop (1.75.2) sha256=8efde647e278417e8074421b007e0d7d7c591482ef99d980528b18fea015a7c8 + rubocop-ast (1.44.0) sha256=77fdaf4aacf0c7d1ef887b075686124fb4ae5743d42ff7e73bb1c0d6b61b5d0a + rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb + rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 + rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d + rubocop-rspec (3.5.0) sha256=710c942fe1af884ba8eea75cbb8bdbb051929a2208880a6fc2e2dce1eed5304c + ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33 + sawyer (0.9.2) sha256=fa3a72d62a4525517b18857ddb78926aab3424de0129be6772a8e2ba240e7aca + securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1 + simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 + simplecov-html (0.13.1) sha256=5dab0b7ee612e60e9887ad57693832fdf4695b4c0c859eaea5f95c18791ef10b + simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 + standard (1.49.0) sha256=590cd11a2021350812483cb53fc185bd8a92ca215839145d71fdd693750bb470 + standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b + standard-performance (1.8.0) sha256=ed17b7d0e061b2a19a91dd434bef629439e2f32310f22f26acb451addc92b788 + tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b + unicode-display_width (3.1.4) sha256=8caf2af1c0f2f07ec89ef9e18c7d88c2790e217c482bfc78aaa65eadd5415ac1 + unicode-emoji (4.0.4) sha256=2c2c4ef7f353e5809497126285a50b23056cc6e61b64433764a35eff6c36532a + uri (1.0.3) sha256=e9f2244608eea2f7bc357d954c65c910ce0399ca5e18a7a29207ac22d8767011 + BUNDLED WITH - 2.6.7 + 2.6.8 From 53dccafcecfa771f75621ec78a1dbbe02cad82be Mon Sep 17 00:00:00 2001 From: StepSecurity Bot Date: Mon, 14 Apr 2025 00:50:26 -0700 Subject: [PATCH 14/93] [StepSecurity] Apply security best practices (#22) Signed-off-by: StepSecurity Bot --- .github/dependabot.yml | 11 ++++ .github/workflows/codeql.yml | 78 ++++++++++++++++++++++++ .github/workflows/dependency-review.yml | 27 +++++++++ .github/workflows/jruby.yml | 12 +++- .github/workflows/rspec.yml | 12 +++- .github/workflows/scorecards.yml | 81 +++++++++++++++++++++++++ 6 files changed, 217 insertions(+), 4 deletions(-) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/dependency-review.yml create mode 100644 .github/workflows/scorecards.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..a6db470 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +version: 2 +updates: + - package-ecosystem: github-actions + directory: / + schedule: + interval: daily + + - package-ecosystem: bundler + directory: / + schedule: + interval: daily diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..ff76dce --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,78 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: ["master"] + pull_request: + # The branches below must be a subset of the branches above + branches: ["master"] + schedule: + - cron: "0 0 * * 1" + +permissions: + contents: read + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ["ruby"] + # CodeQL supports [ $supported-codeql-languages ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Harden the runner (Audit all outbound calls) + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + with: + egress-policy: audit + + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 0000000..ffa9d8f --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,27 @@ +# Dependency Review Action +# +# This Action will scan dependency manifest files that change as part of a Pull Request, +# surfacing known-vulnerable versions of the packages declared or updated in the PR. +# Once installed, if the workflow run is marked as required, +# PRs introducing known-vulnerable packages will be blocked from merging. +# +# Source repository: https://github.com/actions/dependency-review-action +name: 'Dependency Review' +on: [pull_request] + +permissions: + contents: read + +jobs: + dependency-review: + runs-on: ubuntu-latest + steps: + - name: Harden the runner (Audit all outbound calls) + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + with: + egress-policy: audit + + - name: 'Checkout Repository' + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - name: 'Dependency Review' + uses: actions/dependency-review-action@67d4f4bd7a9b17a0db54d2a7519187c65e339de8 # v4 diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 0fd08f3..ae49db4 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -13,6 +13,9 @@ on: env: JRUBY_OPTS: "--debug" +permissions: + contents: read + jobs: rspec: runs-on: ubuntu-24.04 @@ -23,11 +26,16 @@ jobs: ruby: ["jruby-9.4", "jruby-head"] steps: - - uses: actions/checkout@v4 + - name: Harden the runner (Audit all outbound calls) + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + with: + egress-policy: audit + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@e5ac7b085f6e63d49c8973eb0c6e04d876b881f1 # v1.230.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 2ec973b..80b51c2 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -11,6 +11,9 @@ on: schedule: - cron: "0 21 * * 6" +permissions: + contents: read + jobs: rspec: runs-on: ubuntu-24.04 @@ -21,11 +24,16 @@ jobs: ruby: ["3.1", "3.2", "3.3", "3.4"] steps: - - uses: actions/checkout@v4 + - name: Harden the runner (Audit all outbound calls) + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + with: + egress-policy: audit + + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@e5ac7b085f6e63d49c8973eb0c6e04d876b881f1 # v1.230.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml new file mode 100644 index 0000000..ed77d2a --- /dev/null +++ b/.github/workflows/scorecards.yml @@ -0,0 +1,81 @@ +# This workflow uses actions that are not certified by GitHub. They are provided +# by a third-party and are governed by separate terms of service, privacy +# policy, and support documentation. + +name: Scorecard supply-chain security +on: + # For Branch-Protection check. Only the default branch is supported. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection + branch_protection_rule: + # To guarantee Maintained check is occasionally updated. See + # https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained + schedule: + - cron: '20 7 * * 2' + push: + branches: ["master"] + +# Declare default permissions as read only. +permissions: read-all + +jobs: + analysis: + name: Scorecard analysis + runs-on: ubuntu-latest + permissions: + # Needed to upload the results to code-scanning dashboard. + security-events: write + # Needed to publish results and get a badge (see publish_results below). + id-token: write + contents: read + actions: read + # To allow GraphQL ListCommits to work + issues: read + pull-requests: read + # To detect SAST tools + checks: read + + steps: + - name: Harden the runner (Audit all outbound calls) + uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + with: + egress-policy: audit + + - name: "Checkout code" + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + persist-credentials: false + + - name: "Run analysis" + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + with: + results_file: results.sarif + results_format: sarif + # (Optional) "write" PAT token. Uncomment the `repo_token` line below if: + # - you want to enable the Branch-Protection check on a *public* repository, or + # - you are installing Scorecards on a *private* repository + # To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat. + # repo_token: ${{ secrets.SCORECARD_TOKEN }} + + # Public repositories: + # - Publish results to OpenSSF REST API for easy access by consumers + # - Allows the repository to include the Scorecard badge. + # - See https://github.com/ossf/scorecard-action#publishing-results. + # For private repositories: + # - `publish_results` will always be set to `false`, regardless + # of the value entered here. + publish_results: true + + # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF + # format to the repository Actions tab. + - name: "Upload artifact" + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + with: + name: SARIF file + path: results.sarif + retention-days: 5 + + # Upload the results to GitHub's code scanning dashboard. + - name: "Upload to code-scanning" + uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + with: + sarif_file: results.sarif From d6aeb222a06c03cdebd2e425939f51b60fc97d13 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Apr 2025 11:34:11 +0200 Subject: [PATCH 15/93] Bump errbit_plugin from 0.6.0 to 0.7.0 (#24) Bumps [errbit_plugin](https://github.com/errbit/errbit_plugin) from 0.6.0 to 0.7.0. - [Commits](https://github.com/errbit/errbit_plugin/commits/v0.7.0) --- updated-dependencies: - dependency-name: errbit_plugin dependency-version: 0.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 437510d..93b34be 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -34,7 +34,7 @@ GEM diff-lcs (1.6.1) docile (1.4.1) drb (2.2.1) - errbit_plugin (0.6.0) + errbit_plugin (0.7.0) faraday (2.13.0) faraday-net_http (>= 2.0, < 3.5) json @@ -176,7 +176,7 @@ CHECKSUMS docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e drb (2.2.1) sha256=e9d472bf785f558b96b25358bae115646da0dbfd45107ad858b0bc0d935cb340 errbit_github_plugin (0.4.0) - errbit_plugin (0.6.0) sha256=ec4a7567333e3771802805e6c8e901fdfdbb9d576bbcc2af91573694cea89b15 + errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d faraday (2.13.0) sha256=f2697cd61a434dc446ee035f0370de654c2ad64707c4fc2541eb2338702e9614 faraday-net_http (3.4.0) sha256=a1f1e4cd6a2cf21599c8221595e27582d9936819977bbd4089a601f24c64e54a faraday-retry (2.3.1) sha256=4004faa21f41fc5360d359bc79889fc58fb7fae0ce93bfb737a784ac76805c03 From 3100d4624fd0f2bcf98c05d2bf3e92839fc10916 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Apr 2025 11:34:21 +0200 Subject: [PATCH 16/93] Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#23) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/62b2cac7ed8198b15735ed49ab1e5cf35480ba46...f49aabe0b5af0936a0987cfb85d86b75731b0186) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index ed77d2a..4788f2a 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -46,7 +46,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 with: results_file: results.sarif results_format: sarif From 8c09a091c379704f7cea0d860b00356ae19fbff3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Apr 2025 11:34:31 +0200 Subject: [PATCH 17/93] Bump ruby/setup-ruby from 1.230.0 to 1.231.0 (#25) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.230.0 to 1.231.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/e5ac7b085f6e63d49c8973eb0c6e04d876b881f1...d8d83c3960843afb664e821fed6be52f37da5267) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.231.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index ae49db4..a33e010 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@e5ac7b085f6e63d49c8973eb0c6e04d876b881f1 # v1.230.0 + uses: ruby/setup-ruby@d8d83c3960843afb664e821fed6be52f37da5267 # v1.231.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 80b51c2..b2abcd2 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@e5ac7b085f6e63d49c8973eb0c6e04d876b881f1 # v1.230.0 + uses: ruby/setup-ruby@d8d83c3960843afb664e821fed6be52f37da5267 # v1.231.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 8b03512f932f4705f74847ae91803e06bd2c5c72 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:18:30 +0200 Subject: [PATCH 18/93] Bump ruby/setup-ruby from 1.231.0 to 1.258.0 (#96) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.231.0 to 1.258.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/d8d83c3960843afb664e821fed6be52f37da5267...3fee6763234110473bd57dd4595c5199fce2c510) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.258.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index a33e010..185743d 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@d8d83c3960843afb664e821fed6be52f37da5267 # v1.231.0 + uses: ruby/setup-ruby@3fee6763234110473bd57dd4595c5199fce2c510 # v1.258.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index b2abcd2..891d55a 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@d8d83c3960843afb664e821fed6be52f37da5267 # v1.231.0 + uses: ruby/setup-ruby@3fee6763234110473bd57dd4595c5199fce2c510 # v1.258.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 108171b8df54b9ee80652b9fce77f0d758f48f8d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:20:57 +0200 Subject: [PATCH 19/93] Bump actions/dependency-review-action (#85) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 67d4f4bd7a9b17a0db54d2a7519187c65e339de8 to 6fad41793215e16e31faa120c584d320a07b88de. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/67d4f4bd7a9b17a0db54d2a7519187c65e339de8...6fad41793215e16e31faa120c584d320a07b88de) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 6fad41793215e16e31faa120c584d320a07b88de dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index ffa9d8f..851983b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Dependency Review' - uses: actions/dependency-review-action@67d4f4bd7a9b17a0db54d2a7519187c65e339de8 # v4 + uses: actions/dependency-review-action@6fad41793215e16e31faa120c584d320a07b88de # v4 From 8698828838ba9fded1fafb21fd9065a907c646c5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:24:36 +0200 Subject: [PATCH 20/93] Bump actions/checkout from 4.2.2 to 5.0.0 (#97) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ff76dce..e9eef5a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 851983b..f6a2345 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' uses: actions/dependency-review-action@6fad41793215e16e31faa120c584d320a07b88de # v4 diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 185743d..7b2c252 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -31,7 +31,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 891d55a..b1a3cee 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -29,7 +29,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4788f2a..3688670 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false From c77bbf20c20c30b3cc8f2a7e46e811a6da18f741 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:24:55 +0200 Subject: [PATCH 21/93] Bump github/codeql-action from 3.28.15 to 3.30.3 (#94) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.15 to 3.30.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/45775bd8235c68ba998cffa5171334d58593da47...192325c86100d080feab897ff886c34abd4c83a3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.3 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e9eef5a..ab6b35a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/autobuild@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 3688670..eb78486 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15 + uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 with: sarif_file: results.sarif From 1c432cbb85a4626542f4fdf9157a2e979a9de54b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:25:14 +0200 Subject: [PATCH 22/93] Bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#54) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index eb78486..15ed286 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -46,7 +46,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 + uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 with: results_file: results.sarif results_format: sarif From c71761e2d206d72e4521883d7c913cc94717c85c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Sep 2025 22:25:33 +0200 Subject: [PATCH 23/93] Bump step-security/harden-runner from 2.11.1 to 2.13.1 (#91) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.1 to 2.13.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ab6b35a..ba133a5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index f6a2345..aaaf111 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 7b2c252..3526434 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index b1a3cee..fbf27f3 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 15ed286..d600085 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1 + uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 with: egress-policy: audit From 31a054bf07eaeeb44b433a84bdbf1fa15335b603 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Sep 2025 00:07:58 +0200 Subject: [PATCH 24/93] Bump rspec from 3.13.0 to 3.13.1 (#52) Bumps [rspec](https://github.com/rspec/rspec) from 3.13.0 to 3.13.1. - [Commits](https://github.com/rspec/rspec/compare/rspec-metagem-v3.13.0...rspec-v3.13.1) --- updated-dependencies: - dependency-name: rspec dependency-version: 3.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 93b34be..ecc8cdb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -31,7 +31,7 @@ GEM bigdecimal (3.1.9-java) concurrent-ruby (1.3.5) connection_pool (2.5.0) - diff-lcs (1.6.1) + diff-lcs (1.6.2) docile (1.4.1) drb (2.2.1) errbit_plugin (0.7.0) @@ -67,19 +67,19 @@ GEM rainbow (3.1.1) rake (13.2.1) regexp_parser (2.10.0) - rspec (3.13.0) + rspec (3.13.1) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) rspec-mocks (~> 3.13.0) - rspec-core (3.13.3) + rspec-core (3.13.4) rspec-support (~> 3.13.0) - rspec-expectations (3.13.3) + rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.2) + rspec-mocks (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-support (3.13.2) + rspec-support (3.13.4) rubocop (1.75.2) json (~> 2.3) language_server-protocol (~> 3.17.0.2) @@ -172,7 +172,7 @@ CHECKSUMS bigdecimal (3.1.9-java) sha256=dd9b8f7c870664cd9538a1325ce385ba57a6627969177258c4f0e661a7be4456 concurrent-ruby (1.3.5) sha256=813b3e37aca6df2a21a3b9f1d497f8cbab24a2b94cab325bffe65ee0f6cbebc6 connection_pool (2.5.0) sha256=233b92f8d38e038c1349ccea65dd3772727d669d6d2e71f9897c8bf5cd53ebfc - diff-lcs (1.6.1) sha256=12a5a83f3e37a8e2f4427268e305914d5f1879f22b4e73bb1a09f76a3dd86cd4 + diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e drb (2.2.1) sha256=e9d472bf785f558b96b25358bae115646da0dbfd45107ad858b0bc0d935cb340 errbit_github_plugin (0.4.0) @@ -198,11 +198,11 @@ CHECKSUMS rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a rake (13.2.1) sha256=46cb38dae65d7d74b6020a4ac9d48afed8eb8149c040eccf0523bec91907059d regexp_parser (2.10.0) sha256=cb6f0ddde88772cd64bff1dbbf68df66d376043fe2e66a9ef77fcb1b0c548c61 - rspec (3.13.0) sha256=d490914ac1d5a5a64a0e1400c1d54ddd2a501324d703b8cfe83f458337bab993 - rspec-core (3.13.3) sha256=25136507f4f9cf2e8977a2851e64e438b4331646054e345998714108745cdfe4 - rspec-expectations (3.13.3) sha256=0e6b5af59b900147698ea0ff80456c4f2e69cac4394fbd392fbd1ca561f66c58 - rspec-mocks (3.13.2) sha256=2327335def0e1665325a9b617e3af9ae20272741d80ac550336309a7c59abdef - rspec-support (3.13.2) sha256=cea3a2463fd9b84b9dcc9685efd80ea701aa8f7b3decb3b3ce795ed67737dbec + rspec (3.13.1) sha256=b9f9a58fa915b8d94a1d6b3195fe6dd28c4c34836a6097015142c4a9ace72140 + rspec-core (3.13.4) sha256=f9da156b7b775c82610a7b580624df51a55102f8c8e4a103b98f5d7a9fa23958 + rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 + rspec-mocks (3.13.5) sha256=e4338a6f285ada9fe56f5893f5457783af8194f5d08884d17a87321d5195ea81 + rspec-support (3.13.4) sha256=184b1814f6a968102b57df631892c7f1990a91c9a3b9e80ef892a0fc2a71a3f7 rubocop (1.75.2) sha256=8efde647e278417e8074421b007e0d7d7c591482ef99d980528b18fea015a7c8 rubocop-ast (1.44.0) sha256=77fdaf4aacf0c7d1ef887b075686124fb4ae5743d42ff7e73bb1c0d6b61b5d0a rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb From eb87ecea6cd1aa0d18d5ab4479b1f4b5b9d6c954 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Sep 2025 00:10:19 +0200 Subject: [PATCH 25/93] Bump standard from 1.49.0 to 1.51.1 (#95) Bumps [standard](https://github.com/standardrb/standard) from 1.49.0 to 1.51.1. - [Release notes](https://github.com/standardrb/standard/releases) - [Changelog](https://github.com/standardrb/standard/blob/main/CHANGELOG.md) - [Commits](https://github.com/standardrb/standard/compare/v1.49.0...v1.51.1) --- updated-dependencies: - dependency-name: standard dependency-version: 1.51.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 54 ++++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ecc8cdb..935122a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -45,9 +45,9 @@ GEM faraday (~> 2.0) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.10.2) - json (2.10.2-java) - language_server-protocol (3.17.0.4) + json (2.13.2) + json (2.13.2-java) + language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) minitest (5.25.5) @@ -56,17 +56,17 @@ GEM octokit (9.2.0) faraday (>= 1, < 3) sawyer (~> 0.9) - parallel (1.26.3) - parser (3.3.7.4) + parallel (1.27.0) + parser (3.3.9.0) ast (~> 2.4.1) racc - prism (1.4.0) + prism (1.5.1) public_suffix (6.0.1) racc (1.8.1) racc (1.8.1-java) rainbow (3.1.1) rake (13.2.1) - regexp_parser (2.10.0) + regexp_parser (2.11.3) rspec (3.13.1) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) @@ -80,7 +80,7 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) rspec-support (3.13.4) - rubocop (1.75.2) + rubocop (1.80.2) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -88,10 +88,10 @@ GEM parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 2.9.3, < 3.0) - rubocop-ast (>= 1.44.0, < 2.0) + rubocop-ast (>= 1.46.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) - rubocop-ast (1.44.0) + rubocop-ast (1.46.0) parser (>= 3.3.7.2) prism (~> 1.4) rubocop-disable_syntax (0.1.1) @@ -117,10 +117,10 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.13.1) simplecov_json_formatter (0.1.4) - standard (1.49.0) + standard (1.51.1) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) - rubocop (~> 1.75.2) + rubocop (~> 1.80.2) standard-custom (~> 1.0.0) standard-performance (~> 1.8) standard-custom (1.0.2) @@ -131,9 +131,9 @@ GEM rubocop-performance (~> 1.25.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - unicode-display_width (3.1.4) - unicode-emoji (~> 4.0, >= 4.0.4) - unicode-emoji (4.0.4) + unicode-display_width (3.2.0) + unicode-emoji (~> 4.1) + unicode-emoji (4.1.0) uri (1.0.3) PLATFORMS @@ -181,30 +181,30 @@ CHECKSUMS faraday-net_http (3.4.0) sha256=a1f1e4cd6a2cf21599c8221595e27582d9936819977bbd4089a601f24c64e54a faraday-retry (2.3.1) sha256=4004faa21f41fc5360d359bc79889fc58fb7fae0ce93bfb737a784ac76805c03 i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f - json (2.10.2) sha256=34e0eada93022b2a0a3345bb0b5efddb6e9ff5be7c48e409cfb54ff8a36a8b06 - json (2.10.2-java) sha256=fe31faac61ea21ea1448c35450183f84e85c2b94cc6522c241959ba9d1362006 - language_server-protocol (3.17.0.4) sha256=c484626478664fd13482d8180947c50a8590484b1258b99b7aedb3b69df89669 + json (2.13.2) sha256=02e1f118d434c6b230a64ffa5c8dee07e3ec96244335c392eaed39e1199dbb68 + json (2.13.2-java) sha256=2e1292c45598a3642216820a821cba89c623f99387b8cb90adb345878f4e5c7d + language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 minitest (5.25.5) sha256=391b6c6cb43a4802bfb7c93af1ebe2ac66a210293f4a3fb7db36f2fc7dc2c756 net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 - parallel (1.26.3) sha256=d86babb7a2b814be9f4b81587bf0b6ce2da7d45969fab24d8ae4bf2bb4d4c7ef - parser (3.3.7.4) sha256=2b26282274280e13f891080dc4ef3f65ce658d62e13255b246b28ec6754e98ab - prism (1.4.0) sha256=dc0e3e00e93160213dc2a65519d9002a4a1e7b962db57d444cf1a71565bb703e + parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 + parser (3.3.9.0) sha256=94d6929354b1a6e3e1f89d79d4d302cc8f5aa814431a6c9c7e0623335d7687f2 + prism (1.5.1) sha256=b40c1b76ccb9fcccc3d1553967cda6e79fa7274d8bfea0d98b15d27a6d187134 public_suffix (6.0.1) sha256=61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f racc (1.8.1-java) sha256=54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98 rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a rake (13.2.1) sha256=46cb38dae65d7d74b6020a4ac9d48afed8eb8149c040eccf0523bec91907059d - regexp_parser (2.10.0) sha256=cb6f0ddde88772cd64bff1dbbf68df66d376043fe2e66a9ef77fcb1b0c548c61 + regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 rspec (3.13.1) sha256=b9f9a58fa915b8d94a1d6b3195fe6dd28c4c34836a6097015142c4a9ace72140 rspec-core (3.13.4) sha256=f9da156b7b775c82610a7b580624df51a55102f8c8e4a103b98f5d7a9fa23958 rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 rspec-mocks (3.13.5) sha256=e4338a6f285ada9fe56f5893f5457783af8194f5d08884d17a87321d5195ea81 rspec-support (3.13.4) sha256=184b1814f6a968102b57df631892c7f1990a91c9a3b9e80ef892a0fc2a71a3f7 - rubocop (1.75.2) sha256=8efde647e278417e8074421b007e0d7d7c591482ef99d980528b18fea015a7c8 - rubocop-ast (1.44.0) sha256=77fdaf4aacf0c7d1ef887b075686124fb4ae5743d42ff7e73bb1c0d6b61b5d0a + rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 + rubocop-ast (1.46.0) sha256=0da7f6ad5b98614f89b74f11873c191059c823eae07d6ffd40a42a3338f2232b rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d @@ -215,12 +215,12 @@ CHECKSUMS simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 simplecov-html (0.13.1) sha256=5dab0b7ee612e60e9887ad57693832fdf4695b4c0c859eaea5f95c18791ef10b simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 - standard (1.49.0) sha256=590cd11a2021350812483cb53fc185bd8a92ca215839145d71fdd693750bb470 + standard (1.51.1) sha256=6d0d98a1fac26d660393f37b3d9c864632bb934b17abfa23811996b20f87faf2 standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b standard-performance (1.8.0) sha256=ed17b7d0e061b2a19a91dd434bef629439e2f32310f22f26acb451addc92b788 tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b - unicode-display_width (3.1.4) sha256=8caf2af1c0f2f07ec89ef9e18c7d88c2790e217c482bfc78aaa65eadd5415ac1 - unicode-emoji (4.0.4) sha256=2c2c4ef7f353e5809497126285a50b23056cc6e61b64433764a35eff6c36532a + unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42 + unicode-emoji (4.1.0) sha256=4997d2d5df1ed4252f4830a9b6e86f932e2013fbff2182a9ce9ccabda4f325a5 uri (1.0.3) sha256=e9f2244608eea2f7bc357d954c65c910ce0399ca5e18a7a29207ac22d8767011 BUNDLED WITH From 4d18e619a7482b8d46612e22e1efbe9e3f594fa3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Sep 2025 00:16:52 +0200 Subject: [PATCH 26/93] Bump rubocop-rspec from 3.5.0 to 3.7.0 (#86) Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 3.5.0 to 3.7.0. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v3.5.0...v3.7.0) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 935122a..2da58f2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -103,7 +103,7 @@ GEM rubocop-rake (0.7.1) lint_roller (~> 1.1) rubocop (>= 1.72.1) - rubocop-rspec (3.5.0) + rubocop-rspec (3.7.0) lint_roller (~> 1.1) rubocop (~> 1.72, >= 1.72.1) ruby-progressbar (1.13.0) @@ -208,7 +208,7 @@ CHECKSUMS rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d - rubocop-rspec (3.5.0) sha256=710c942fe1af884ba8eea75cbb8bdbb051929a2208880a6fc2e2dce1eed5304c + rubocop-rspec (3.7.0) sha256=b7b214da112034db9c6d00f2d811a354847e870f7b6ed2482b29649c3d42058f ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33 sawyer (0.9.2) sha256=fa3a72d62a4525517b18857ddb78926aab3424de0129be6772a8e2ba240e7aca securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1 From 620203a52615b5a41320ae659d0be9f7db843bfb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Sep 2025 12:46:44 +0200 Subject: [PATCH 27/93] Bump ruby/setup-ruby from 1.258.0 to 1.259.0 (#101) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.258.0 to 1.259.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/3fee6763234110473bd57dd4595c5199fce2c510...866b91cc020931c510d42e43e498a7f07d335f60) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.259.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 3526434..701d98b 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@3fee6763234110473bd57dd4595c5199fce2c510 # v1.258.0 + uses: ruby/setup-ruby@866b91cc020931c510d42e43e498a7f07d335f60 # v1.259.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index fbf27f3..deba0fb 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@3fee6763234110473bd57dd4595c5199fce2c510 # v1.258.0 + uses: ruby/setup-ruby@866b91cc020931c510d42e43e498a7f07d335f60 # v1.259.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 03c421116e5e6af0134932c0b64d03153f1cc870 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Sep 2025 12:46:58 +0200 Subject: [PATCH 28/93] Bump activesupport from 7.2.2.1 to 7.2.2.2 (#99) Bumps [activesupport](https://github.com/rails/rails) from 7.2.2.1 to 7.2.2.2. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.0.2.1/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.2.2.1...v7.2.2.2) --- updated-dependencies: - dependency-name: activesupport dependency-version: 7.2.2.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 2da58f2..d74a339 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -10,7 +10,7 @@ PATH GEM remote: https://rubygems.org/ specs: - activesupport (7.2.2.1) + activesupport (7.2.2.2) base64 benchmark (>= 0.3) bigdecimal @@ -25,15 +25,15 @@ GEM addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) ast (2.4.3) - base64 (0.2.0) - benchmark (0.4.0) - bigdecimal (3.1.9) - bigdecimal (3.1.9-java) + base64 (0.3.0) + benchmark (0.4.1) + bigdecimal (3.2.3) + bigdecimal (3.2.3-java) concurrent-ruby (1.3.5) - connection_pool (2.5.0) + connection_pool (2.5.4) diff-lcs (1.6.2) docile (1.4.1) - drb (2.2.1) + drb (2.2.3) errbit_plugin (0.7.0) faraday (2.13.0) faraday-net_http (>= 2.0, < 3.5) @@ -163,18 +163,18 @@ DEPENDENCIES standard CHECKSUMS - activesupport (7.2.2.1) sha256=842bcbf8a92977f80fb4750661a237cf5dd4fdd442066b3c35e88afb488647f5 + activesupport (7.2.2.2) sha256=c54e84bb3d9027f1f372fb8f68203538fcfe0d5ff42801774c03974daa15bef0 addressable (2.8.7) sha256=462986537cf3735ab5f3c0f557f14155d778f4b43ea4f485a9deb9c8f7c58232 ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 - base64 (0.2.0) sha256=0f25e9b21a02a0cc0cea8ef92b2041035d39350946e8789c562b2d1a3da01507 - benchmark (0.4.0) sha256=0f12f8c495545e3710c3e4f0480f63f06b4c842cc94cec7f33a956f5180e874a - bigdecimal (3.1.9) sha256=2ffc742031521ad69c2dfc815a98e426a230a3d22aeac1995826a75dabfad8cc - bigdecimal (3.1.9-java) sha256=dd9b8f7c870664cd9538a1325ce385ba57a6627969177258c4f0e661a7be4456 + base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b + benchmark (0.4.1) sha256=d4ef40037bba27f03b28013e219b950b82bace296549ec15a78016552f8d2cce + bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b + bigdecimal (3.2.3-java) sha256=7293e87efd050feac875bff1c62335dd5e8ce65d86ad22d7a4a3b5ed4f0ab48d concurrent-ruby (1.3.5) sha256=813b3e37aca6df2a21a3b9f1d497f8cbab24a2b94cab325bffe65ee0f6cbebc6 - connection_pool (2.5.0) sha256=233b92f8d38e038c1349ccea65dd3772727d669d6d2e71f9897c8bf5cd53ebfc + connection_pool (2.5.4) sha256=e9e1922327416091f3f6542f5f4446c2a20745276b9aa796dd0bb2fd0ea1e70a diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e - drb (2.2.1) sha256=e9d472bf785f558b96b25358bae115646da0dbfd45107ad858b0bc0d935cb340 + drb (2.2.3) sha256=0b00d6fdb50995fe4a45dea13663493c841112e4068656854646f418fda13373 errbit_github_plugin (0.4.0) errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d faraday (2.13.0) sha256=f2697cd61a434dc446ee035f0370de654c2ad64707c4fc2541eb2338702e9614 From e49914fb140787202e504c1848ccdebcd2bc759a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Sep 2025 12:49:49 +0200 Subject: [PATCH 29/93] Bump ruby/setup-ruby from 1.259.0 to 1.261.0 (#102) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.259.0 to 1.261.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/866b91cc020931c510d42e43e498a7f07d335f60...1c58d16f1a2d74dc895c05f92d1e31ffe691110e) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.261.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 701d98b..4913230 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@866b91cc020931c510d42e43e498a7f07d335f60 # v1.259.0 + uses: ruby/setup-ruby@1c58d16f1a2d74dc895c05f92d1e31ffe691110e # v1.261.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index deba0fb..04260d6 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@866b91cc020931c510d42e43e498a7f07d335f60 # v1.259.0 + uses: ruby/setup-ruby@1c58d16f1a2d74dc895c05f92d1e31ffe691110e # v1.261.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 8a331ffc95980f21689b908ad38708195e132a9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Sep 2025 12:50:02 +0200 Subject: [PATCH 30/93] Bump rake from 13.2.1 to 13.3.0 (#98) Bumps [rake](https://github.com/ruby/rake) from 13.2.1 to 13.3.0. - [Release notes](https://github.com/ruby/rake/releases) - [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc) - [Commits](https://github.com/ruby/rake/compare/v13.2.1...v13.3.0) --- updated-dependencies: - dependency-name: rake dependency-version: 13.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d74a339..b7b8d06 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -65,7 +65,7 @@ GEM racc (1.8.1) racc (1.8.1-java) rainbow (3.1.1) - rake (13.2.1) + rake (13.3.0) regexp_parser (2.11.3) rspec (3.13.1) rspec-core (~> 3.13.0) @@ -196,7 +196,7 @@ CHECKSUMS racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f racc (1.8.1-java) sha256=54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98 rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a - rake (13.2.1) sha256=46cb38dae65d7d74b6020a4ac9d48afed8eb8149c040eccf0523bec91907059d + rake (13.3.0) sha256=96f5092d786ff412c62fde76f793cc0541bd84d2eb579caa529aa8a059934493 regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 rspec (3.13.1) sha256=b9f9a58fa915b8d94a1d6b3195fe6dd28c4c34836a6097015142c4a9ace72140 rspec-core (3.13.4) sha256=f9da156b7b775c82610a7b580624df51a55102f8c8e4a103b98f5d7a9fa23958 From b375272e05a1d51cadd3fbd3b1ec92c3428278e9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Sep 2025 12:50:19 +0200 Subject: [PATCH 31/93] Bump faraday-retry from 2.3.1 to 2.3.2 (#100) Bumps [faraday-retry](https://github.com/lostisland/faraday-retry) from 2.3.1 to 2.3.2. - [Release notes](https://github.com/lostisland/faraday-retry/releases) - [Changelog](https://github.com/lostisland/faraday-retry/blob/main/CHANGELOG.md) - [Commits](https://github.com/lostisland/faraday-retry/compare/v2.3.1...v2.3.2) --- updated-dependencies: - dependency-name: faraday-retry dependency-version: 2.3.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index b7b8d06..8c9cad5 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -35,18 +35,18 @@ GEM docile (1.4.1) drb (2.2.3) errbit_plugin (0.7.0) - faraday (2.13.0) + faraday (2.13.4) faraday-net_http (>= 2.0, < 3.5) json logger - faraday-net_http (3.4.0) + faraday-net_http (3.4.1) net-http (>= 0.5.0) - faraday-retry (2.3.1) + faraday-retry (2.3.2) faraday (~> 2.0) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.13.2) - json (2.13.2-java) + json (2.14.0) + json (2.14.0-java) language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) @@ -177,12 +177,12 @@ CHECKSUMS drb (2.2.3) sha256=0b00d6fdb50995fe4a45dea13663493c841112e4068656854646f418fda13373 errbit_github_plugin (0.4.0) errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d - faraday (2.13.0) sha256=f2697cd61a434dc446ee035f0370de654c2ad64707c4fc2541eb2338702e9614 - faraday-net_http (3.4.0) sha256=a1f1e4cd6a2cf21599c8221595e27582d9936819977bbd4089a601f24c64e54a - faraday-retry (2.3.1) sha256=4004faa21f41fc5360d359bc79889fc58fb7fae0ce93bfb737a784ac76805c03 + faraday (2.13.4) sha256=c719ff52cfd0dbaeca79dd83ed3aeea3f621032abf8bc959d1c05666157cac26 + faraday-net_http (3.4.1) sha256=095757fae7872b94eac839c08a1a4b8d84fd91d6886cfbe75caa2143de64ab3b + faraday-retry (2.3.2) sha256=2402d2029032ebd238a2046221e67f6ef0da78c5a8ce8cd4f8b9c62e4d6451d1 i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f - json (2.13.2) sha256=02e1f118d434c6b230a64ffa5c8dee07e3ec96244335c392eaed39e1199dbb68 - json (2.13.2-java) sha256=2e1292c45598a3642216820a821cba89c623f99387b8cb90adb345878f4e5c7d + json (2.14.0) sha256=f2fe1759fa907b68744a5215ae81e0e9e85d257a85d3e55af58486b9411fff09 + json (2.14.0-java) sha256=cb5e3544edfc6f8de9ec2fb23dbc617d0438d0c1efb91aaee1010283cdf09c20 language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 From 964d933cb5d40c472ceca24c768aa038f387ef18 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:38:05 +0100 Subject: [PATCH 32/93] Bump github/codeql-action from 3.30.3 to 4.31.2 (#126) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.3 to 4.31.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/192325c86100d080feab897ff886c34abd4c83a3...0499de31b99561a6d14a36a5f662c2a54f91beee) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ba133a5..f4ad864 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index d600085..7466f2f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 with: sarif_file: results.sarif From 8a675e7d3dae8b7be66f14c248ed327299dcd31d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:38:21 +0100 Subject: [PATCH 33/93] Bump rspec from 3.13.1 to 3.13.2 (#118) Bumps [rspec](https://github.com/rspec/rspec) from 3.13.1 to 3.13.2. - [Commits](https://github.com/rspec/rspec/compare/rspec-v3.13.1...rspec-v3.13.2) --- updated-dependencies: - dependency-name: rspec dependency-version: 3.13.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 8c9cad5..c7f9e2f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -67,19 +67,19 @@ GEM rainbow (3.1.1) rake (13.3.0) regexp_parser (2.11.3) - rspec (3.13.1) + rspec (3.13.2) rspec-core (~> 3.13.0) rspec-expectations (~> 3.13.0) rspec-mocks (~> 3.13.0) - rspec-core (3.13.4) + rspec-core (3.13.6) rspec-support (~> 3.13.0) rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.5) + rspec-mocks (3.13.6) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-support (3.13.4) + rspec-support (3.13.6) rubocop (1.80.2) json (~> 2.3) language_server-protocol (~> 3.17.0.2) @@ -198,11 +198,11 @@ CHECKSUMS rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a rake (13.3.0) sha256=96f5092d786ff412c62fde76f793cc0541bd84d2eb579caa529aa8a059934493 regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 - rspec (3.13.1) sha256=b9f9a58fa915b8d94a1d6b3195fe6dd28c4c34836a6097015142c4a9ace72140 - rspec-core (3.13.4) sha256=f9da156b7b775c82610a7b580624df51a55102f8c8e4a103b98f5d7a9fa23958 + rspec (3.13.2) sha256=206284a08ad798e61f86d7ca3e376718d52c0bc944626b2349266f239f820587 + rspec-core (3.13.6) sha256=a8823c6411667b60a8bca135364351dda34cd55e44ff94c4be4633b37d828b2d rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 - rspec-mocks (3.13.5) sha256=e4338a6f285ada9fe56f5893f5457783af8194f5d08884d17a87321d5195ea81 - rspec-support (3.13.4) sha256=184b1814f6a968102b57df631892c7f1990a91c9a3b9e80ef892a0fc2a71a3f7 + rspec-mocks (3.13.6) sha256=78b137ae5e91c5072bf81d40d78189aa911e965a81adc245e2d8d9ba624d9b4e + rspec-support (3.13.6) sha256=2e8de3702427eab064c9352fe74488cc12a1bfae887ad8b91cba480ec9f8afb2 rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 rubocop-ast (1.46.0) sha256=0da7f6ad5b98614f89b74f11873c191059c823eae07d6ffd40a42a3338f2232b rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb From 1a33734147390206d3f0b8cd2467d3363d012e25 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:54:36 +0100 Subject: [PATCH 34/93] Bump ruby/setup-ruby from 1.261.0 to 1.276.0 (#130) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.261.0 to 1.276.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/1c58d16f1a2d74dc895c05f92d1e31ffe691110e...ae195bbe749a7cef685ac729197124a48305c1cb) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.276.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 4913230..a0ce938 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@1c58d16f1a2d74dc895c05f92d1e31ffe691110e # v1.261.0 + uses: ruby/setup-ruby@ae195bbe749a7cef685ac729197124a48305c1cb # v1.276.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 04260d6..bebb4c1 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@1c58d16f1a2d74dc895c05f92d1e31ffe691110e # v1.261.0 + uses: ruby/setup-ruby@ae195bbe749a7cef685ac729197124a48305c1cb # v1.276.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 4fdec22ce41008f3f0caf599e9c6777b62759202 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:54:54 +0100 Subject: [PATCH 35/93] Bump actions/upload-artifact from 4.6.2 to 6.0.0 (#131) Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 6.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/ea165f8d65b6e75b540449e92b4886f43607fa02...b7c566a772e6b6bfb58ed0dc250532a479d7789f) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 7466f2f..77aae52 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -68,7 +68,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: SARIF file path: results.sarif From 79abc939d669f2a3126305e3752f091b05dbee3d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:55:10 +0100 Subject: [PATCH 36/93] Bump actions/dependency-review-action (#129) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 6fad41793215e16e31faa120c584d320a07b88de to 774d14bf50b7a2e2460f9f49e25c52503ecab125. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/6fad41793215e16e31faa120c584d320a07b88de...774d14bf50b7a2e2460f9f49e25c52503ecab125) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 774d14bf50b7a2e2460f9f49e25c52503ecab125 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index aaaf111..cfa07d4 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@6fad41793215e16e31faa120c584d320a07b88de # v4 + uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4 From 297fb7afdd071d919fe6e2c9a3fc6ebdd8a4371d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:55:24 +0100 Subject: [PATCH 37/93] Bump rake from 13.3.0 to 13.3.1 (#124) Bumps [rake](https://github.com/ruby/rake) from 13.3.0 to 13.3.1. - [Release notes](https://github.com/ruby/rake/releases) - [Changelog](https://github.com/ruby/rake/blob/master/History.rdoc) - [Commits](https://github.com/ruby/rake/compare/v13.3.0...v13.3.1) --- updated-dependencies: - dependency-name: rake dependency-version: 13.3.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index c7f9e2f..5f7fe0b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -65,7 +65,7 @@ GEM racc (1.8.1) racc (1.8.1-java) rainbow (3.1.1) - rake (13.3.0) + rake (13.3.1) regexp_parser (2.11.3) rspec (3.13.2) rspec-core (~> 3.13.0) @@ -196,7 +196,7 @@ CHECKSUMS racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f racc (1.8.1-java) sha256=54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98 rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a - rake (13.3.0) sha256=96f5092d786ff412c62fde76f793cc0541bd84d2eb579caa529aa8a059934493 + rake (13.3.1) sha256=8c9e89d09f66a26a01264e7e3480ec0607f0c497a861ef16063604b1b08eb19c regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 rspec (3.13.2) sha256=206284a08ad798e61f86d7ca3e376718d52c0bc944626b2349266f239f820587 rspec-core (3.13.6) sha256=a8823c6411667b60a8bca135364351dda34cd55e44ff94c4be4633b37d828b2d From df633cdf155fd711dc356a85394477ed7db4c0f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:55:37 +0100 Subject: [PATCH 38/93] Bump ossf/scorecard-action from 2.4.2 to 2.4.3 (#109) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.2 to 2.4.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/05b42c624433fc40578a4040d5cf5e36ddca8cde...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 77aae52..9003c5c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -46,7 +46,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif From d6f765133ab41163a4e5fa693de6b2f55da6ce9d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 15:56:25 +0100 Subject: [PATCH 39/93] Bump step-security/harden-runner from 2.13.1 to 2.14.0 (#128) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.1 to 2.14.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...20cf305ff2072d973412fa9b1e3a4f227bda3c76) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f4ad864..7aba866 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cfa07d4..1db821e 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index a0ce938..9586618 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index bebb4c1..a175029 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 9003c5c..f66f5a2 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1 + uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 with: egress-policy: audit From 5e0fbb6fd2f9c7c86c6d96ed59f2ecc0693998c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 16:00:53 +0100 Subject: [PATCH 40/93] Bump github/codeql-action from 4.31.2 to 4.31.9 (#135) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.2 to 4.31.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/0499de31b99561a6d14a36a5f662c2a54f91beee...5d4e8d1aca955e8d8589aabd499c5cae939e33c7) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7aba866..446403f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index f66f5a2..8234267 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 with: sarif_file: results.sarif From 33f4521fec15c45be82be2cc9fac4648e67dc484 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Dec 2025 16:01:10 +0100 Subject: [PATCH 41/93] Bump actions/checkout from 5.0.0 to 6.0.1 (#133) Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/08c6903cd8c0fde910a37f88322edcfb5dd907a8...8e8c483db84b4bee98b60c0593521ed34d9990e8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 446403f..c3072b0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1db821e..8fef6f7 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: 'Dependency Review' uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4 diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 9586618..f265589 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -31,7 +31,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index a175029..7dfd44f 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -29,7 +29,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 8234267..f74caac 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false From 713942a42b4baaa3e38daf2203e768a7809005ef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Dec 2025 15:19:05 +0100 Subject: [PATCH 42/93] Bump ruby/setup-ruby from 1.276.0 to 1.277.0 (#136) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.276.0 to 1.277.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/ae195bbe749a7cef685ac729197124a48305c1cb...8a836efbcebe5de0fe86b48a775b7a31b5c70c93) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.277.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index f265589..d1cf020 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@ae195bbe749a7cef685ac729197124a48305c1cb # v1.276.0 + uses: ruby/setup-ruby@8a836efbcebe5de0fe86b48a775b7a31b5c70c93 # v1.277.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 7dfd44f..993f0d1 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@ae195bbe749a7cef685ac729197124a48305c1cb # v1.276.0 + uses: ruby/setup-ruby@8a836efbcebe5de0fe86b48a775b7a31b5c70c93 # v1.277.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From dd20fa9710207b2b4d4b0aa4062616268deec61e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 13:43:49 +0100 Subject: [PATCH 43/93] Bump ruby/setup-ruby from 1.277.0 to 1.278.0 (#138) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.277.0 to 1.278.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/8a836efbcebe5de0fe86b48a775b7a31b5c70c93...4c24fa5ec04b2e79eb40571b1cee2a0d2b705771) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.278.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index d1cf020..2d379cd 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@8a836efbcebe5de0fe86b48a775b7a31b5c70c93 # v1.277.0 + uses: ruby/setup-ruby@4c24fa5ec04b2e79eb40571b1cee2a0d2b705771 # v1.278.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 993f0d1..6e852ba 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@8a836efbcebe5de0fe86b48a775b7a31b5c70c93 # v1.277.0 + uses: ruby/setup-ruby@4c24fa5ec04b2e79eb40571b1cee2a0d2b705771 # v1.278.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 2acd2c500f83739c9cc14c16c0478d522b15c519 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 13:44:04 +0100 Subject: [PATCH 44/93] Bump uri from 1.0.3 to 1.0.4 (#137) Bumps [uri](https://github.com/ruby/uri) from 1.0.3 to 1.0.4. - [Release notes](https://github.com/ruby/uri/releases) - [Commits](https://github.com/ruby/uri/compare/v1.0.3...v1.0.4) --- updated-dependencies: - dependency-name: uri dependency-version: 1.0.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5f7fe0b..b84b20d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -134,7 +134,7 @@ GEM unicode-display_width (3.2.0) unicode-emoji (~> 4.1) unicode-emoji (4.1.0) - uri (1.0.3) + uri (1.0.4) PLATFORMS aarch64-linux-gnu @@ -221,7 +221,7 @@ CHECKSUMS tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42 unicode-emoji (4.1.0) sha256=4997d2d5df1ed4252f4830a9b6e86f932e2013fbff2182a9ce9ccabda4f325a5 - uri (1.0.3) sha256=e9f2244608eea2f7bc357d954c65c910ce0399ca5e18a7a29207ac22d8767011 + uri (1.0.4) sha256=34485d137c079f8753a0ca1d883841a7ba2e5fae556e3c30c2aab0dde616344b BUNDLED WITH 2.6.8 From 9d231328150c8078fae6e23d6da720cbdbb5c3d4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 6 Jan 2026 15:23:24 +0100 Subject: [PATCH 45/93] Bump ruby/setup-ruby from 1.278.0 to 1.279.0 (#139) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.278.0 to 1.279.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/4c24fa5ec04b2e79eb40571b1cee2a0d2b705771...b90be12699fdfcbee4440c2bba85f6f460446bb0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.279.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 2d379cd..5762170 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@4c24fa5ec04b2e79eb40571b1cee2a0d2b705771 # v1.278.0 + uses: ruby/setup-ruby@b90be12699fdfcbee4440c2bba85f6f460446bb0 # v1.279.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 6e852ba..40258d8 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@4c24fa5ec04b2e79eb40571b1cee2a0d2b705771 # v1.278.0 + uses: ruby/setup-ruby@b90be12699fdfcbee4440c2bba85f6f460446bb0 # v1.279.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From a2e754c9da18810292fefa758f2a228adce6b334 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jan 2026 13:30:38 +0100 Subject: [PATCH 46/93] Bump ruby/setup-ruby from 1.279.0 to 1.281.0 (#143) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.279.0 to 1.281.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/b90be12699fdfcbee4440c2bba85f6f460446bb0...675dd7ba1b06c8786a1480d89c384f5620a42647) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.281.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 5762170..945c48b 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@b90be12699fdfcbee4440c2bba85f6f460446bb0 # v1.279.0 + uses: ruby/setup-ruby@675dd7ba1b06c8786a1480d89c384f5620a42647 # v1.281.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 40258d8..ba7d271 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@b90be12699fdfcbee4440c2bba85f6f460446bb0 # v1.279.0 + uses: ruby/setup-ruby@675dd7ba1b06c8786a1480d89c384f5620a42647 # v1.281.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 6ec1da548e42b1ee75705e23b9ce079138980091 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Jan 2026 13:30:52 +0100 Subject: [PATCH 47/93] Bump actions/dependency-review-action (#140) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 774d14bf50b7a2e2460f9f49e25c52503ecab125 to 98884d411b0f1c583e5ee579e7e897d4623019c2. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/774d14bf50b7a2e2460f9f49e25c52503ecab125...98884d411b0f1c583e5ee579e7e897d4623019c2) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 98884d411b0f1c583e5ee579e7e897d4623019c2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 8fef6f7..d8a74ce 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: 'Dependency Review' - uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4 + uses: actions/dependency-review-action@98884d411b0f1c583e5ee579e7e897d4623019c2 # v4 From 818dc4cabfc3c93d3722bf66314820cb0fe1bf20 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 15 Jan 2026 17:02:04 +0100 Subject: [PATCH 48/93] Bump ruby/setup-ruby from 1.281.0 to 1.283.0 (#147) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.281.0 to 1.283.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/675dd7ba1b06c8786a1480d89c384f5620a42647...708024e6c902387ab41de36e1669e43b5ee7085e) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.283.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/jruby.yml | 2 +- .github/workflows/rspec.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 945c48b..2e93af1 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -35,7 +35,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@675dd7ba1b06c8786a1480d89c384f5620a42647 # v1.281.0 + uses: ruby/setup-ruby@708024e6c902387ab41de36e1669e43b5ee7085e # v1.283.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index ba7d271..0f76c08 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@675dd7ba1b06c8786a1480d89c384f5620a42647 # v1.281.0 + uses: ruby/setup-ruby@708024e6c902387ab41de36e1669e43b5ee7085e # v1.283.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 316062df3142773bb857b0e0d483c31188533a67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 15 Jan 2026 17:02:15 +0100 Subject: [PATCH 49/93] Bump github/codeql-action from 4.31.9 to 4.31.10 (#144) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.9 to 4.31.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...cdefb33c0f6224e58673d9004f47f7cb3e328b89) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.10 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c3072b0..e3849c7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/autobuild@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index f74caac..ffa234a 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: sarif_file: results.sarif From 3ca5713c5fe1222b088de32853a566bcb34f3ce3 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 16 Jan 2026 17:16:21 +0100 Subject: [PATCH 50/93] Configure dependabot (#148) * Configure dependabot * master -> main --- .github/dependabot.yml | 21 +++++++++++++++------ .github/workflows/codeql.yml | 4 ++-- .github/workflows/jruby.yml | 4 ++-- .github/workflows/rspec.yml | 4 ++-- .github/workflows/scorecards.yml | 2 +- 5 files changed, 22 insertions(+), 13 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index a6db470..355726a 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,11 +1,20 @@ version: 2 updates: - - package-ecosystem: github-actions - directory: / + - package-ecosystem: "github-actions" + directory: "/" schedule: - interval: daily + interval: "daily" + open-pull-requests-limit: 99 + assignees: + - "biow0lf" - - package-ecosystem: bundler - directory: / + - package-ecosystem: "bundler" + directory: "/" schedule: - interval: daily + interval: "daily" + open-pull-requests-limit: 99 + allow: + - dependency-type: "direct" + - dependency-type: "indirect" + assignees: + - "biow0lf" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e3849c7..286150f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -13,10 +13,10 @@ name: "CodeQL" on: push: - branches: ["master"] + branches: ["main"] pull_request: # The branches below must be a subset of the branches above - branches: ["master"] + branches: ["main"] schedule: - cron: "0 0 * * 1" diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml index 2e93af1..bc2672c 100644 --- a/.github/workflows/jruby.yml +++ b/.github/workflows/jruby.yml @@ -3,10 +3,10 @@ name: RSpec on JRuby on: push: branches: - - master + - main pull_request: branches: - - master + - main schedule: - cron: "0 21 * * 6" diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 0f76c08..bd8573c 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -4,10 +4,10 @@ name: RSpec on: push: branches: - - master + - main pull_request: branches: - - master + - main schedule: - cron: "0 21 * * 6" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index ffa234a..1088afa 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -12,7 +12,7 @@ on: schedule: - cron: '20 7 * * 2' push: - branches: ["master"] + branches: ["main"] # Declare default permissions as read only. permissions: read-all From 755416a52ddfea09270b384f7ff89e115472b338 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 16 Jan 2026 17:23:16 +0100 Subject: [PATCH 51/93] Drop jruby (#149) * Drop jruby * Drop jruby * Add ruby 4.0 and head * Update gems * Ruby 4.0 * Drop jruby --- .github/workflows/jruby.yml | 45 ------------------------------------- .github/workflows/rspec.yml | 2 +- .ruby-version | 2 +- Gemfile.lock | 20 ++++++----------- README.md | 1 - 5 files changed, 9 insertions(+), 61 deletions(-) delete mode 100644 .github/workflows/jruby.yml diff --git a/.github/workflows/jruby.yml b/.github/workflows/jruby.yml deleted file mode 100644 index bc2672c..0000000 --- a/.github/workflows/jruby.yml +++ /dev/null @@ -1,45 +0,0 @@ -name: RSpec on JRuby - -on: - push: - branches: - - main - pull_request: - branches: - - main - schedule: - - cron: "0 21 * * 6" - -env: - JRUBY_OPTS: "--debug" - -permissions: - contents: read - -jobs: - rspec: - runs-on: ubuntu-24.04 - timeout-minutes: 10 - strategy: - fail-fast: false - matrix: - ruby: ["jruby-9.4", "jruby-head"] - - steps: - - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 - with: - egress-policy: audit - - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - run: rm -f Gemfile.lock - - run: rm -f .ruby-version - - name: Set up Ruby - uses: ruby/setup-ruby@708024e6c902387ab41de36e1669e43b5ee7085e # v1.283.0 - with: - ruby-version: ${{ matrix.ruby }} - rubygems: latest - bundler: latest - bundler-cache: true - - - run: bundle exec rspec diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index bd8573c..b622019 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -21,7 +21,7 @@ jobs: strategy: fail-fast: false matrix: - ruby: ["3.1", "3.2", "3.3", "3.4"] + ruby: ["3.1", "3.2", "3.3", "3.4", "4.0", "head"] steps: - name: Harden the runner (Audit all outbound calls) diff --git a/.ruby-version b/.ruby-version index 23887f6..fcdb2e1 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.1.7 +4.0.0 diff --git a/Gemfile.lock b/Gemfile.lock index b84b20d..377ec1b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -28,7 +28,6 @@ GEM base64 (0.3.0) benchmark (0.4.1) bigdecimal (3.2.3) - bigdecimal (3.2.3-java) concurrent-ruby (1.3.5) connection_pool (2.5.4) diff-lcs (1.6.2) @@ -41,16 +40,16 @@ GEM logger faraday-net_http (3.4.1) net-http (>= 0.5.0) - faraday-retry (2.3.2) + faraday-retry (2.4.0) faraday (~> 2.0) i18n (1.14.7) concurrent-ruby (~> 1.0) json (2.14.0) - json (2.14.0-java) language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) - minitest (5.25.5) + minitest (6.0.1) + prism (~> 1.5) net-http (0.6.0) uri octokit (9.2.0) @@ -63,7 +62,6 @@ GEM prism (1.5.1) public_suffix (6.0.1) racc (1.8.1) - racc (1.8.1-java) rainbow (3.1.1) rake (13.3.1) regexp_parser (2.11.3) @@ -133,7 +131,7 @@ GEM concurrent-ruby (~> 1.0) unicode-display_width (3.2.0) unicode-emoji (~> 4.1) - unicode-emoji (4.1.0) + unicode-emoji (4.2.0) uri (1.0.4) PLATFORMS @@ -142,7 +140,6 @@ PLATFORMS arm-linux-gnu arm-linux-musl arm64-darwin - java ruby x86-linux-gnu x86-linux-musl @@ -169,7 +166,6 @@ CHECKSUMS base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b benchmark (0.4.1) sha256=d4ef40037bba27f03b28013e219b950b82bace296549ec15a78016552f8d2cce bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b - bigdecimal (3.2.3-java) sha256=7293e87efd050feac875bff1c62335dd5e8ce65d86ad22d7a4a3b5ed4f0ab48d concurrent-ruby (1.3.5) sha256=813b3e37aca6df2a21a3b9f1d497f8cbab24a2b94cab325bffe65ee0f6cbebc6 connection_pool (2.5.4) sha256=e9e1922327416091f3f6542f5f4446c2a20745276b9aa796dd0bb2fd0ea1e70a diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 @@ -179,14 +175,13 @@ CHECKSUMS errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d faraday (2.13.4) sha256=c719ff52cfd0dbaeca79dd83ed3aeea3f621032abf8bc959d1c05666157cac26 faraday-net_http (3.4.1) sha256=095757fae7872b94eac839c08a1a4b8d84fd91d6886cfbe75caa2143de64ab3b - faraday-retry (2.3.2) sha256=2402d2029032ebd238a2046221e67f6ef0da78c5a8ce8cd4f8b9c62e4d6451d1 + faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f json (2.14.0) sha256=f2fe1759fa907b68744a5215ae81e0e9e85d257a85d3e55af58486b9411fff09 - json (2.14.0-java) sha256=cb5e3544edfc6f8de9ec2fb23dbc617d0438d0c1efb91aaee1010283cdf09c20 language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 - minitest (5.25.5) sha256=391b6c6cb43a4802bfb7c93af1ebe2ac66a210293f4a3fb7db36f2fc7dc2c756 + minitest (6.0.1) sha256=7854c74f48e2e975969062833adc4013f249a4b212f5e7b9d5c040bf838d54bb net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 @@ -194,7 +189,6 @@ CHECKSUMS prism (1.5.1) sha256=b40c1b76ccb9fcccc3d1553967cda6e79fa7274d8bfea0d98b15d27a6d187134 public_suffix (6.0.1) sha256=61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f - racc (1.8.1-java) sha256=54f2e6d1e1b91c154013277d986f52a90e5ececbe91465d29172e49342732b98 rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a rake (13.3.1) sha256=8c9e89d09f66a26a01264e7e3480ec0607f0c497a861ef16063604b1b08eb19c regexp_parser (2.11.3) sha256=ca13f381a173b7a93450e53459075c9b76a10433caadcb2f1180f2c741fc55a4 @@ -220,7 +214,7 @@ CHECKSUMS standard-performance (1.8.0) sha256=ed17b7d0e061b2a19a91dd434bef629439e2f32310f22f26acb451addc92b788 tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42 - unicode-emoji (4.1.0) sha256=4997d2d5df1ed4252f4830a9b6e86f932e2013fbff2182a9ce9ccabda4f325a5 + unicode-emoji (4.2.0) sha256=519e69150f75652e40bf736106cfbc8f0f73aa3fb6a65afe62fefa7f80b0f80f uri (1.0.4) sha256=34485d137c079f8753a0ca1d883841a7ba2e5fae556e3c30c2aab0dde616344b BUNDLED WITH diff --git a/README.md b/README.md index 3b9463c..66ec046 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,6 @@ # Errbit GitHub Plugin [![RSpec](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/rspec.yml) -[![RSpec on JRuby](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml/badge.svg)](https://github.com/errbit/errbit_github_plugin/actions/workflows/jruby.yml) [![Ruby Style Guide](https://img.shields.io/badge/code_style-standard-brightgreen.svg)](https://github.com/standardrb/standard) This plugin provides GitHub issue tracker integration for Errbit, and it is the From 6229b51c1d7cc2fb84b73ba6c8a61b936e070d1d Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 16 Jan 2026 17:27:46 +0100 Subject: [PATCH 52/93] Ruby updates (#150) * Ruby 4.0.1 * Drop old rubies * Bump minimal ruby version require to 3.4.0 --- .github/workflows/rspec.yml | 2 +- .rubocop.yml | 2 +- .ruby-version | 2 +- .standard.yml | 2 +- Gemfile.lock | 2 +- errbit_github_plugin.gemspec | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index b622019..c54f8be 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -21,7 +21,7 @@ jobs: strategy: fail-fast: false matrix: - ruby: ["3.1", "3.2", "3.3", "3.4", "4.0", "head"] + ruby: ["3.4", "4.0", "head"] steps: - name: Harden the runner (Audit all outbound calls) diff --git a/.rubocop.yml b/.rubocop.yml index 18c633d..4311fea 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -7,7 +7,7 @@ plugins: - rubocop-rspec AllCops: - TargetRubyVersion: 3.1 + TargetRubyVersion: 3.4 NewCops: enable # We use standard as a linter and formatter instead Rubocop. diff --git a/.ruby-version b/.ruby-version index fcdb2e1..1454f6e 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -4.0.0 +4.0.1 diff --git a/.standard.yml b/.standard.yml index 72b2693..65c3e05 100644 --- a/.standard.yml +++ b/.standard.yml @@ -1 +1 @@ -ruby_version: 3.1 +ruby_version: 3.4 diff --git a/Gemfile.lock b/Gemfile.lock index 377ec1b..3509224 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -218,4 +218,4 @@ CHECKSUMS uri (1.0.4) sha256=34485d137c079f8753a0ca1d883841a7ba2e5fae556e3c30c2aab0dde616344b BUNDLED WITH - 2.6.8 + 4.0.4 diff --git a/errbit_github_plugin.gemspec b/errbit_github_plugin.gemspec index 0805349..88083e6 100644 --- a/errbit_github_plugin.gemspec +++ b/errbit_github_plugin.gemspec @@ -12,7 +12,7 @@ Gem::Specification.new do |spec| spec.description = "GitHub integration for Errbit" spec.homepage = "https://github.com/errbit/errbit_github_plugin" spec.license = "MIT" - spec.required_ruby_version = ">= 3.1.0" + spec.required_ruby_version = ">= 3.4.0" spec.metadata["homepage_uri"] = spec.homepage spec.metadata["source_code_uri"] = spec.homepage From 0c425e23d41bbd129e0d192da96b872b1023af23 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 16 Jan 2026 17:51:46 +0100 Subject: [PATCH 53/93] Gem updates (#153) --- Gemfile.lock | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 3509224..eea3328 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -44,7 +44,7 @@ GEM faraday (~> 2.0) i18n (1.14.7) concurrent-ruby (~> 1.0) - json (2.14.0) + json (2.18.0) language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) @@ -56,10 +56,10 @@ GEM faraday (>= 1, < 3) sawyer (~> 0.9) parallel (1.27.0) - parser (3.3.9.0) + parser (3.3.10.1) ast (~> 2.4.1) racc - prism (1.5.1) + prism (1.8.0) public_suffix (6.0.1) racc (1.8.1) rainbow (3.1.1) @@ -74,7 +74,7 @@ GEM rspec-expectations (3.13.5) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-mocks (3.13.6) + rspec-mocks (3.13.7) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) rspec-support (3.13.6) @@ -89,9 +89,9 @@ GEM rubocop-ast (>= 1.46.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) - rubocop-ast (1.46.0) + rubocop-ast (1.49.0) parser (>= 3.3.7.2) - prism (~> 1.4) + prism (~> 1.7) rubocop-disable_syntax (0.1.1) rubocop (>= 1.50) rubocop-performance (1.25.0) @@ -113,7 +113,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov_json_formatter (~> 0.1) - simplecov-html (0.13.1) + simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) standard (1.51.1) language_server-protocol (~> 3.17.0.2) @@ -177,7 +177,7 @@ CHECKSUMS faraday-net_http (3.4.1) sha256=095757fae7872b94eac839c08a1a4b8d84fd91d6886cfbe75caa2143de64ab3b faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f - json (2.14.0) sha256=f2fe1759fa907b68744a5215ae81e0e9e85d257a85d3e55af58486b9411fff09 + json (2.18.0) sha256=b10506aee4183f5cf49e0efc48073d7b75843ce3782c68dbeb763351c08fd505 language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 @@ -185,8 +185,8 @@ CHECKSUMS net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 - parser (3.3.9.0) sha256=94d6929354b1a6e3e1f89d79d4d302cc8f5aa814431a6c9c7e0623335d7687f2 - prism (1.5.1) sha256=b40c1b76ccb9fcccc3d1553967cda6e79fa7274d8bfea0d98b15d27a6d187134 + parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 + prism (1.8.0) sha256=84453a16ef5530ea62c5f03ec16b52a459575ad4e7b9c2b360fd8ce2c39c1254 public_suffix (6.0.1) sha256=61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a @@ -195,10 +195,10 @@ CHECKSUMS rspec (3.13.2) sha256=206284a08ad798e61f86d7ca3e376718d52c0bc944626b2349266f239f820587 rspec-core (3.13.6) sha256=a8823c6411667b60a8bca135364351dda34cd55e44ff94c4be4633b37d828b2d rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 - rspec-mocks (3.13.6) sha256=78b137ae5e91c5072bf81d40d78189aa911e965a81adc245e2d8d9ba624d9b4e + rspec-mocks (3.13.7) sha256=0979034e64b1d7a838aaaddf12bf065ea4dc40ef3d4c39f01f93ae2c66c62b1c rspec-support (3.13.6) sha256=2e8de3702427eab064c9352fe74488cc12a1bfae887ad8b91cba480ec9f8afb2 rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 - rubocop-ast (1.46.0) sha256=0da7f6ad5b98614f89b74f11873c191059c823eae07d6ffd40a42a3338f2232b + rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d @@ -207,7 +207,7 @@ CHECKSUMS sawyer (0.9.2) sha256=fa3a72d62a4525517b18857ddb78926aab3424de0129be6772a8e2ba240e7aca securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1 simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 - simplecov-html (0.13.1) sha256=5dab0b7ee612e60e9887ad57693832fdf4695b4c0c859eaea5f95c18791ef10b + simplecov-html (0.13.2) sha256=bd0b8e54e7c2d7685927e8d6286466359b6f16b18cb0df47b508e8d73c777246 simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 standard (1.51.1) sha256=6d0d98a1fac26d660393f37b3d9c864632bb934b17abfa23811996b20f87faf2 standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b @@ -218,4 +218,4 @@ CHECKSUMS uri (1.0.4) sha256=34485d137c079f8753a0ca1d883841a7ba2e5fae556e3c30c2aab0dde616344b BUNDLED WITH - 4.0.4 + 4.0.4 From 7d845995ff4620515cd892274a0b29d5670f4d7a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:12:06 +0100 Subject: [PATCH 54/93] Bump concurrent-ruby from 1.3.5 to 1.3.6 (#166) Bumps [concurrent-ruby](https://github.com/ruby-concurrency/concurrent-ruby) from 1.3.5 to 1.3.6. - [Release notes](https://github.com/ruby-concurrency/concurrent-ruby/releases) - [Changelog](https://github.com/ruby-concurrency/concurrent-ruby/blob/master/CHANGELOG.md) - [Commits](https://github.com/ruby-concurrency/concurrent-ruby/compare/v1.3.5...v1.3.6) --- updated-dependencies: - dependency-name: concurrent-ruby dependency-version: 1.3.6 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index eea3328..060ca9a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -28,7 +28,7 @@ GEM base64 (0.3.0) benchmark (0.4.1) bigdecimal (3.2.3) - concurrent-ruby (1.3.5) + concurrent-ruby (1.3.6) connection_pool (2.5.4) diff-lcs (1.6.2) docile (1.4.1) @@ -166,7 +166,7 @@ CHECKSUMS base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b benchmark (0.4.1) sha256=d4ef40037bba27f03b28013e219b950b82bace296549ec15a78016552f8d2cce bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b - concurrent-ruby (1.3.5) sha256=813b3e37aca6df2a21a3b9f1d497f8cbab24a2b94cab325bffe65ee0f6cbebc6 + concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab connection_pool (2.5.4) sha256=e9e1922327416091f3f6542f5f4446c2a20745276b9aa796dd0bb2fd0ea1e70a diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e From 6246af04df6ef546f5769441b7d6fb6a17ba2eec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:12:53 +0100 Subject: [PATCH 55/93] Bump benchmark from 0.4.1 to 0.5.0 (#163) Bumps [benchmark](https://github.com/ruby/benchmark) from 0.4.1 to 0.5.0. - [Release notes](https://github.com/ruby/benchmark/releases) - [Commits](https://github.com/ruby/benchmark/compare/v0.4.1...v0.5.0) --- updated-dependencies: - dependency-name: benchmark dependency-version: 0.5.0 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 060ca9a..1aaa84a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -26,7 +26,7 @@ GEM public_suffix (>= 2.0.2, < 7.0) ast (2.4.3) base64 (0.3.0) - benchmark (0.4.1) + benchmark (0.5.0) bigdecimal (3.2.3) concurrent-ruby (1.3.6) connection_pool (2.5.4) @@ -164,7 +164,7 @@ CHECKSUMS addressable (2.8.7) sha256=462986537cf3735ab5f3c0f557f14155d778f4b43ea4f485a9deb9c8f7c58232 ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b - benchmark (0.4.1) sha256=d4ef40037bba27f03b28013e219b950b82bace296549ec15a78016552f8d2cce + benchmark (0.5.0) sha256=465df122341aedcb81a2a24b4d3bd19b6c67c1530713fd533f3ff034e419236c bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab connection_pool (2.5.4) sha256=e9e1922327416091f3f6542f5f4446c2a20745276b9aa796dd0bb2fd0ea1e70a From 8e893b2e672654271dcb9f6e594a0a3edc6aefc0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:13:38 +0100 Subject: [PATCH 56/93] Bump uri from 1.0.4 to 1.1.1 (#161) Bumps [uri](https://github.com/ruby/uri) from 1.0.4 to 1.1.1. - [Release notes](https://github.com/ruby/uri/releases) - [Commits](https://github.com/ruby/uri/compare/v1.0.4...v1.1.1) --- updated-dependencies: - dependency-name: uri dependency-version: 1.1.1 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 1aaa84a..62ffcbc 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -132,7 +132,7 @@ GEM unicode-display_width (3.2.0) unicode-emoji (~> 4.1) unicode-emoji (4.2.0) - uri (1.0.4) + uri (1.1.1) PLATFORMS aarch64-linux-gnu @@ -215,7 +215,7 @@ CHECKSUMS tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42 unicode-emoji (4.2.0) sha256=519e69150f75652e40bf736106cfbc8f0f73aa3fb6a65afe62fefa7f80b0f80f - uri (1.0.4) sha256=34485d137c079f8753a0ca1d883841a7ba2e5fae556e3c30c2aab0dde616344b + uri (1.1.1) sha256=379fa58d27ffb1387eaada68c749d1426738bd0f654d812fcc07e7568f5c57c6 BUNDLED WITH 4.0.4 From e52caff92f3287392795834013e7386aa886ccb4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:14:13 +0100 Subject: [PATCH 57/93] Bump rubocop-disable_syntax from 0.1.1 to 0.2.0 (#156) Bumps [rubocop-disable_syntax](https://github.com/fatkodima/rubocop-disable_syntax) from 0.1.1 to 0.2.0. - [Changelog](https://github.com/fatkodima/rubocop-disable_syntax/blob/master/CHANGELOG.md) - [Commits](https://github.com/fatkodima/rubocop-disable_syntax/compare/v0.1.1...v0.2.0) --- updated-dependencies: - dependency-name: rubocop-disable_syntax dependency-version: 0.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 62ffcbc..e336ca1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -92,8 +92,9 @@ GEM rubocop-ast (1.49.0) parser (>= 3.3.7.2) prism (~> 1.7) - rubocop-disable_syntax (0.1.1) - rubocop (>= 1.50) + rubocop-disable_syntax (0.2.0) + lint_roller + rubocop (>= 1.72.0) rubocop-performance (1.25.0) lint_roller (~> 1.1) rubocop (>= 1.75.0, < 2.0) @@ -199,7 +200,7 @@ CHECKSUMS rspec-support (3.13.6) sha256=2e8de3702427eab064c9352fe74488cc12a1bfae887ad8b91cba480ec9f8afb2 rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd - rubocop-disable_syntax (0.1.1) sha256=fba0b24edbd3de049ccaac8473c18fed308b5bd991e389a3368965f6cb88edbb + rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d rubocop-rspec (3.7.0) sha256=b7b214da112034db9c6d00f2d811a354847e870f7b6ed2482b29649c3d42058f From 166d32815e749b00e85eaaf80b74cd6e0ef3564a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:15:47 +0100 Subject: [PATCH 58/93] Bump connection_pool from 2.5.4 to 3.0.2 (#157) Bumps [connection_pool](https://github.com/mperham/connection_pool) from 2.5.4 to 3.0.2. - [Changelog](https://github.com/mperham/connection_pool/blob/main/Changes.md) - [Commits](https://github.com/mperham/connection_pool/compare/v2.5.4...v3.0.2) --- updated-dependencies: - dependency-name: connection_pool dependency-version: 3.0.2 dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index e336ca1..ba71503 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -29,7 +29,7 @@ GEM benchmark (0.5.0) bigdecimal (3.2.3) concurrent-ruby (1.3.6) - connection_pool (2.5.4) + connection_pool (3.0.2) diff-lcs (1.6.2) docile (1.4.1) drb (2.2.3) @@ -168,7 +168,7 @@ CHECKSUMS benchmark (0.5.0) sha256=465df122341aedcb81a2a24b4d3bd19b6c67c1530713fd533f3ff034e419236c bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab - connection_pool (2.5.4) sha256=e9e1922327416091f3f6542f5f4446c2a20745276b9aa796dd0bb2fd0ea1e70a + connection_pool (3.0.2) sha256=33fff5ba71a12d2aa26cb72b1db8bba2a1a01823559fb01d29eb74c286e62e0a diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 docile (1.4.1) sha256=96159be799bfa73cdb721b840e9802126e4e03dfc26863db73647204c727f21e drb (2.2.3) sha256=0b00d6fdb50995fe4a45dea13663493c841112e4068656854646f418fda13373 From 1a933c405c342239cbb3cff81aa841b61ab134f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:16:13 +0100 Subject: [PATCH 59/93] Bump i18n from 1.14.7 to 1.14.8 (#164) Bumps [i18n](https://github.com/ruby-i18n/i18n) from 1.14.7 to 1.14.8. - [Release notes](https://github.com/ruby-i18n/i18n/releases) - [Changelog](https://github.com/ruby-i18n/i18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/ruby-i18n/i18n/compare/v1.14.7...v1.14.8) --- updated-dependencies: - dependency-name: i18n dependency-version: 1.14.8 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ba71503..4facc82 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -42,7 +42,7 @@ GEM net-http (>= 0.5.0) faraday-retry (2.4.0) faraday (~> 2.0) - i18n (1.14.7) + i18n (1.14.8) concurrent-ruby (~> 1.0) json (2.18.0) language_server-protocol (3.17.0.5) @@ -177,7 +177,7 @@ CHECKSUMS faraday (2.13.4) sha256=c719ff52cfd0dbaeca79dd83ed3aeea3f621032abf8bc959d1c05666157cac26 faraday-net_http (3.4.1) sha256=095757fae7872b94eac839c08a1a4b8d84fd91d6886cfbe75caa2143de64ab3b faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe - i18n (1.14.7) sha256=ceba573f8138ff2c0915427f1fc5bdf4aa3ab8ae88c8ce255eb3ecf0a11a5d0f + i18n (1.14.8) sha256=285778639134865c5e0f6269e0b818256017e8cde89993fdfcbfb64d088824a5 json (2.18.0) sha256=b10506aee4183f5cf49e0efc48073d7b75843ce3782c68dbeb763351c08fd505 language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 From 63959397c4ba7e7d4bcd8c3d77180987084e95b8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:18:48 +0100 Subject: [PATCH 60/93] Bump bigdecimal from 3.2.3 to 4.0.1 (#154) Bumps [bigdecimal](https://github.com/ruby/bigdecimal) from 3.2.3 to 4.0.1. - [Release notes](https://github.com/ruby/bigdecimal/releases) - [Changelog](https://github.com/ruby/bigdecimal/blob/master/CHANGES.md) - [Commits](https://github.com/ruby/bigdecimal/compare/v3.2.3...v4.0.1) --- updated-dependencies: - dependency-name: bigdecimal dependency-version: 4.0.1 dependency-type: indirect update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 4facc82..f05e659 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -27,7 +27,7 @@ GEM ast (2.4.3) base64 (0.3.0) benchmark (0.5.0) - bigdecimal (3.2.3) + bigdecimal (4.0.1) concurrent-ruby (1.3.6) connection_pool (3.0.2) diff-lcs (1.6.2) @@ -166,7 +166,7 @@ CHECKSUMS ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b benchmark (0.5.0) sha256=465df122341aedcb81a2a24b4d3bd19b6c67c1530713fd533f3ff034e419236c - bigdecimal (3.2.3) sha256=ffd11d1ac67a0d3b2f44aec0a6487210b3f813f363dd11f1fcccf5ba00da4e1b + bigdecimal (4.0.1) sha256=8b07d3d065a9f921c80ceaea7c9d4ae596697295b584c296fe599dd0ad01c4a7 concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab connection_pool (3.0.2) sha256=33fff5ba71a12d2aa26cb72b1db8bba2a1a01823559fb01d29eb74c286e62e0a diff-lcs (1.6.2) sha256=9ae0d2cba7d4df3075fe8cd8602a8604993efc0dfa934cff568969efb1909962 From 545976a38277d06ec762dc55e35059011ba36873 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:20:14 +0100 Subject: [PATCH 61/93] Bump addressable from 2.8.7 to 2.8.8 (#159) Bumps [addressable](https://github.com/sporkmonger/addressable) from 2.8.7 to 2.8.8. - [Changelog](https://github.com/sporkmonger/addressable/blob/main/CHANGELOG.md) - [Commits](https://github.com/sporkmonger/addressable/compare/addressable-2.8.7...addressable-2.8.8) --- updated-dependencies: - dependency-name: addressable dependency-version: 2.8.8 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index f05e659..5eec5ec 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -22,8 +22,8 @@ GEM minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) - addressable (2.8.7) - public_suffix (>= 2.0.2, < 7.0) + addressable (2.8.8) + public_suffix (>= 2.0.2, < 8.0) ast (2.4.3) base64 (0.3.0) benchmark (0.5.0) @@ -60,7 +60,7 @@ GEM ast (~> 2.4.1) racc prism (1.8.0) - public_suffix (6.0.1) + public_suffix (7.0.2) racc (1.8.1) rainbow (3.1.1) rake (13.3.1) @@ -162,7 +162,7 @@ DEPENDENCIES CHECKSUMS activesupport (7.2.2.2) sha256=c54e84bb3d9027f1f372fb8f68203538fcfe0d5ff42801774c03974daa15bef0 - addressable (2.8.7) sha256=462986537cf3735ab5f3c0f557f14155d778f4b43ea4f485a9deb9c8f7c58232 + addressable (2.8.8) sha256=7c13b8f9536cf6364c03b9d417c19986019e28f7c00ac8132da4eb0fe393b057 ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b benchmark (0.5.0) sha256=465df122341aedcb81a2a24b4d3bd19b6c67c1530713fd533f3ff034e419236c @@ -188,7 +188,7 @@ CHECKSUMS parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 prism (1.8.0) sha256=84453a16ef5530ea62c5f03ec16b52a459575ad4e7b9c2b360fd8ce2c39c1254 - public_suffix (6.0.1) sha256=61d44e1cab5cbbbe5b31068481cf16976dd0dc1b6b07bd95617ef8c5e3e00c6f + public_suffix (7.0.2) sha256=9114090c8e4e7135c1fd0e7acfea33afaab38101884320c65aaa0ffb8e26a857 racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a rake (13.3.1) sha256=8c9e89d09f66a26a01264e7e3480ec0607f0c497a861ef16063604b1b08eb19c From e2bf9848b9a4217520f9b1501a24c8f61e44ee38 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:23:40 +0100 Subject: [PATCH 62/93] Bump net-http from 0.6.0 to 0.9.1 (#158) Bumps [net-http](https://github.com/ruby/net-http) from 0.6.0 to 0.9.1. - [Release notes](https://github.com/ruby/net-http/releases) - [Commits](https://github.com/ruby/net-http/compare/v0.6.0...v0.9.1) --- updated-dependencies: - dependency-name: net-http dependency-version: 0.9.1 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5eec5ec..9d27761 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -50,8 +50,8 @@ GEM logger (1.7.0) minitest (6.0.1) prism (~> 1.5) - net-http (0.6.0) - uri + net-http (0.9.1) + uri (>= 0.11.1) octokit (9.2.0) faraday (>= 1, < 3) sawyer (~> 0.9) @@ -183,7 +183,7 @@ CHECKSUMS lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 minitest (6.0.1) sha256=7854c74f48e2e975969062833adc4013f249a4b212f5e7b9d5c040bf838d54bb - net-http (0.6.0) sha256=9621b20c137898af9d890556848c93603716cab516dc2c89b01a38b894e259fb + net-http (0.9.1) sha256=25ba0b67c63e89df626ed8fac771d0ad24ad151a858af2cc8e6a716ca4336996 octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 From a579ce74259fdd5069129b21d444105be42c834b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:24:05 +0100 Subject: [PATCH 63/93] Bump activesupport from 7.2.2.2 to 8.1.2 (#151) Bumps [activesupport](https://github.com/rails/rails) from 7.2.2.2 to 8.1.2. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.1.2/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.2.2.2...v8.1.2) --- updated-dependencies: - dependency-name: activesupport dependency-version: 8.1.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9d27761..0e93fb2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -10,23 +10,23 @@ PATH GEM remote: https://rubygems.org/ specs: - activesupport (7.2.2.2) + activesupport (8.1.2) base64 - benchmark (>= 0.3) bigdecimal concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + json logger (>= 1.4.2) minitest (>= 5.1) securerandom (>= 0.3) tzinfo (~> 2.0, >= 2.0.5) + uri (>= 0.13.1) addressable (2.8.8) public_suffix (>= 2.0.2, < 8.0) ast (2.4.3) base64 (0.3.0) - benchmark (0.5.0) bigdecimal (4.0.1) concurrent-ruby (1.3.6) connection_pool (3.0.2) @@ -161,11 +161,10 @@ DEPENDENCIES standard CHECKSUMS - activesupport (7.2.2.2) sha256=c54e84bb3d9027f1f372fb8f68203538fcfe0d5ff42801774c03974daa15bef0 + activesupport (8.1.2) sha256=88842578ccd0d40f658289b0e8c842acfe9af751afee2e0744a7873f50b6fdae addressable (2.8.8) sha256=7c13b8f9536cf6364c03b9d417c19986019e28f7c00ac8132da4eb0fe393b057 ast (2.4.3) sha256=954615157c1d6a382bc27d690d973195e79db7f55e9765ac7c481c60bdb4d383 base64 (0.3.0) sha256=27337aeabad6ffae05c265c450490628ef3ebd4b67be58257393227588f5a97b - benchmark (0.5.0) sha256=465df122341aedcb81a2a24b4d3bd19b6c67c1530713fd533f3ff034e419236c bigdecimal (4.0.1) sha256=8b07d3d065a9f921c80ceaea7c9d4ae596697295b584c296fe599dd0ad01c4a7 concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab connection_pool (3.0.2) sha256=33fff5ba71a12d2aa26cb72b1db8bba2a1a01823559fb01d29eb74c286e62e0a From c10fb3e34382035465e01a182eca6d24f9ec271a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:32:37 +0100 Subject: [PATCH 64/93] Bump faraday-net_http from 3.4.1 to 3.4.2 (#160) Bumps [faraday-net_http](https://github.com/lostisland/faraday-net_http) from 3.4.1 to 3.4.2. - [Release notes](https://github.com/lostisland/faraday-net_http/releases) - [Commits](https://github.com/lostisland/faraday-net_http/compare/v3.4.1...v3.4.2) --- updated-dependencies: - dependency-name: faraday-net_http dependency-version: 3.4.2 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 0e93fb2..d3165df 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -38,8 +38,8 @@ GEM faraday-net_http (>= 2.0, < 3.5) json logger - faraday-net_http (3.4.1) - net-http (>= 0.5.0) + faraday-net_http (3.4.2) + net-http (~> 0.5) faraday-retry (2.4.0) faraday (~> 2.0) i18n (1.14.8) @@ -174,7 +174,7 @@ CHECKSUMS errbit_github_plugin (0.4.0) errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d faraday (2.13.4) sha256=c719ff52cfd0dbaeca79dd83ed3aeea3f621032abf8bc959d1c05666157cac26 - faraday-net_http (3.4.1) sha256=095757fae7872b94eac839c08a1a4b8d84fd91d6886cfbe75caa2143de64ab3b + faraday-net_http (3.4.2) sha256=f147758260d3526939bf57ecf911682f94926a3666502e24c69992765875906c faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.8) sha256=285778639134865c5e0f6269e0b818256017e8cde89993fdfcbfb64d088824a5 json (2.18.0) sha256=b10506aee4183f5cf49e0efc48073d7b75843ce3782c68dbeb763351c08fd505 From cf94b8403892fb933e29373d4c62d68f2eb120e2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:36:09 +0100 Subject: [PATCH 65/93] Bump faraday from 2.13.4 to 2.14.0 (#165) Bumps [faraday](https://github.com/lostisland/faraday) from 2.13.4 to 2.14.0. - [Release notes](https://github.com/lostisland/faraday/releases) - [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md) - [Commits](https://github.com/lostisland/faraday/compare/v2.13.4...v2.14.0) --- updated-dependencies: - dependency-name: faraday dependency-version: 2.14.0 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d3165df..afd9879 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -34,7 +34,7 @@ GEM docile (1.4.1) drb (2.2.3) errbit_plugin (0.7.0) - faraday (2.13.4) + faraday (2.14.0) faraday-net_http (>= 2.0, < 3.5) json logger @@ -173,7 +173,7 @@ CHECKSUMS drb (2.2.3) sha256=0b00d6fdb50995fe4a45dea13663493c841112e4068656854646f418fda13373 errbit_github_plugin (0.4.0) errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d - faraday (2.13.4) sha256=c719ff52cfd0dbaeca79dd83ed3aeea3f621032abf8bc959d1c05666157cac26 + faraday (2.14.0) sha256=8699cfe5d97e55268f2596f9a9d5a43736808a943714e3d9a53e6110593941cd faraday-net_http (3.4.2) sha256=f147758260d3526939bf57ecf911682f94926a3666502e24c69992765875906c faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.8) sha256=285778639134865c5e0f6269e0b818256017e8cde89993fdfcbfb64d088824a5 From d68c573a69ad0e5b65e896941b6699b4993118f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:38:32 +0100 Subject: [PATCH 66/93] Bump sawyer from 0.9.2 to 0.9.3 (#167) Bumps [sawyer](https://github.com/lostisland/sawyer) from 0.9.2 to 0.9.3. - [Release notes](https://github.com/lostisland/sawyer/releases) - [Commits](https://github.com/lostisland/sawyer/compare/v0.9.2...v0.9.3) --- updated-dependencies: - dependency-name: sawyer dependency-version: 0.9.3 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index afd9879..b9b79b8 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -106,7 +106,7 @@ GEM lint_roller (~> 1.1) rubocop (~> 1.72, >= 1.72.1) ruby-progressbar (1.13.0) - sawyer (0.9.2) + sawyer (0.9.3) addressable (>= 2.3.5) faraday (>= 0.17.3, < 3) securerandom (0.4.1) @@ -204,7 +204,7 @@ CHECKSUMS rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d rubocop-rspec (3.7.0) sha256=b7b214da112034db9c6d00f2d811a354847e870f7b6ed2482b29649c3d42058f ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33 - sawyer (0.9.2) sha256=fa3a72d62a4525517b18857ddb78926aab3424de0129be6772a8e2ba240e7aca + sawyer (0.9.3) sha256=0d0f19298408047037638639fe62f4794483fb04320269169bd41af2bdcf5e41 securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1 simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 simplecov-html (0.13.2) sha256=bd0b8e54e7c2d7685927e8d6286466359b6f16b18cb0df47b508e8d73c777246 From 341abc6ed8bebe467ea2fc3d9d89a09968489d61 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:40:56 +0100 Subject: [PATCH 67/93] Bump octokit from 9.2.0 to 10.0.0 (#32) Bumps [octokit](https://github.com/octokit/octokit.rb) from 9.2.0 to 10.0.0. - [Release notes](https://github.com/octokit/octokit.rb/releases) - [Changelog](https://github.com/octokit/octokit.rb/blob/main/RELEASE.md) - [Commits](https://github.com/octokit/octokit.rb/compare/v9.2.0...v10.0.0) --- updated-dependencies: - dependency-name: octokit dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index b9b79b8..ffd888b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -52,7 +52,7 @@ GEM prism (~> 1.5) net-http (0.9.1) uri (>= 0.11.1) - octokit (9.2.0) + octokit (10.0.0) faraday (>= 1, < 3) sawyer (~> 0.9) parallel (1.27.0) @@ -183,7 +183,7 @@ CHECKSUMS logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 minitest (6.0.1) sha256=7854c74f48e2e975969062833adc4013f249a4b212f5e7b9d5c040bf838d54bb net-http (0.9.1) sha256=25ba0b67c63e89df626ed8fac771d0ad24ad151a858af2cc8e6a716ca4336996 - octokit (9.2.0) sha256=4fa47ff35ce654127edf2c836ab9269bcc8829f5542dc1e86871f697ce7f4316 + octokit (10.0.0) sha256=82e99a539b7637b7e905e6d277bb0c1a4bed56735935cc33db6da7eae49a24e8 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 prism (1.8.0) sha256=84453a16ef5530ea62c5f03ec16b52a459575ad4e7b9c2b360fd8ce2c39c1254 From 89cbb63e27156b65b8690682c810055b1a8ab3b2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:41:58 +0100 Subject: [PATCH 68/93] Bump standard-performance from 1.8.0 to 1.9.0 (#162) Bumps [standard-performance](https://github.com/standardrb/standard-performance) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/standardrb/standard-performance/releases) - [Changelog](https://github.com/standardrb/standard-performance/blob/main/CHANGELOG.md) - [Commits](https://github.com/standardrb/standard-performance/compare/v1.8.0...v1.9.0) --- updated-dependencies: - dependency-name: standard-performance dependency-version: 1.9.0 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ffd888b..63ffc74 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -95,10 +95,10 @@ GEM rubocop-disable_syntax (0.2.0) lint_roller rubocop (>= 1.72.0) - rubocop-performance (1.25.0) + rubocop-performance (1.26.1) lint_roller (~> 1.1) rubocop (>= 1.75.0, < 2.0) - rubocop-ast (>= 1.38.0, < 2.0) + rubocop-ast (>= 1.47.1, < 2.0) rubocop-rake (0.7.1) lint_roller (~> 1.1) rubocop (>= 1.72.1) @@ -125,9 +125,9 @@ GEM standard-custom (1.0.2) lint_roller (~> 1.0) rubocop (~> 1.50) - standard-performance (1.8.0) + standard-performance (1.9.0) lint_roller (~> 1.1) - rubocop-performance (~> 1.25.0) + rubocop-performance (~> 1.26.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) unicode-display_width (3.2.0) @@ -200,7 +200,7 @@ CHECKSUMS rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e - rubocop-performance (1.25.0) sha256=6f7d03568a770054117a78d0a8e191cefeffb703b382871ca7743831b1a52ec1 + rubocop-performance (1.26.1) sha256=cd19b936ff196df85829d264b522fd4f98b6c89ad271fa52744a8c11b8f71834 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d rubocop-rspec (3.7.0) sha256=b7b214da112034db9c6d00f2d811a354847e870f7b6ed2482b29649c3d42058f ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33 @@ -211,7 +211,7 @@ CHECKSUMS simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 standard (1.51.1) sha256=6d0d98a1fac26d660393f37b3d9c864632bb934b17abfa23811996b20f87faf2 standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b - standard-performance (1.8.0) sha256=ed17b7d0e061b2a19a91dd434bef629439e2f32310f22f26acb451addc92b788 + standard-performance (1.9.0) sha256=49483d31be448292951d80e5e67cdcb576c2502103c7b40aec6f1b6e9c88e3f2 tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b unicode-display_width (3.2.0) sha256=0cdd96b5681a5949cdbc2c55e7b420facae74c4aaf9a9815eee1087cb1853c42 unicode-emoji (4.2.0) sha256=519e69150f75652e40bf736106cfbc8f0f73aa3fb6a65afe62fefa7f80b0f80f From b0beb3e20c8b7ad9344be4c7ef63f8a47e6c9f7c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:44:26 +0100 Subject: [PATCH 69/93] Bump standard from 1.51.1 to 1.53.0 (#152) Bumps [standard](https://github.com/standardrb/standard) from 1.51.1 to 1.53.0. - [Release notes](https://github.com/standardrb/standard/releases) - [Changelog](https://github.com/standardrb/standard/blob/main/CHANGELOG.md) - [Commits](https://github.com/standardrb/standard/compare/v1.51.1...v1.53.0) --- updated-dependencies: - dependency-name: standard dependency-version: 1.53.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 63ffc74..534a19b 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -78,7 +78,7 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) rspec-support (3.13.6) - rubocop (1.80.2) + rubocop (1.82.1) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -86,7 +86,7 @@ GEM parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 2.9.3, < 3.0) - rubocop-ast (>= 1.46.0, < 2.0) + rubocop-ast (>= 1.48.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) rubocop-ast (1.49.0) @@ -116,10 +116,10 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) - standard (1.51.1) + standard (1.53.0) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) - rubocop (~> 1.80.2) + rubocop (~> 1.82.0) standard-custom (~> 1.0.0) standard-performance (~> 1.8) standard-custom (1.0.2) @@ -197,7 +197,7 @@ CHECKSUMS rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 rspec-mocks (3.13.7) sha256=0979034e64b1d7a838aaaddf12bf065ea4dc40ef3d4c39f01f93ae2c66c62b1c rspec-support (3.13.6) sha256=2e8de3702427eab064c9352fe74488cc12a1bfae887ad8b91cba480ec9f8afb2 - rubocop (1.80.2) sha256=6485f30fefcf5c199db3b91e5e253b1ef43f7e564784e2315255809a3dd9abf4 + rubocop (1.82.1) sha256=09f1a6a654a960eda767aebea33e47603080f8e9c9a3f019bf9b94c9cab5e273 rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e rubocop-performance (1.26.1) sha256=cd19b936ff196df85829d264b522fd4f98b6c89ad271fa52744a8c11b8f71834 @@ -209,7 +209,7 @@ CHECKSUMS simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 simplecov-html (0.13.2) sha256=bd0b8e54e7c2d7685927e8d6286466359b6f16b18cb0df47b508e8d73c777246 simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 - standard (1.51.1) sha256=6d0d98a1fac26d660393f37b3d9c864632bb934b17abfa23811996b20f87faf2 + standard (1.53.0) sha256=f3c9493385db7079d0abce6f7582f553122156997b81258cd361d3480eeacf9c standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b standard-performance (1.9.0) sha256=49483d31be448292951d80e5e67cdcb576c2502103c7b40aec6f1b6e9c88e3f2 tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b From 932c787f0da61efd369f141c53adbdce5b3958b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 16 Jan 2026 19:49:06 +0100 Subject: [PATCH 70/93] Bump rubocop-rspec from 3.7.0 to 3.9.0 (#142) Bumps [rubocop-rspec](https://github.com/rubocop/rubocop-rspec) from 3.7.0 to 3.9.0. - [Release notes](https://github.com/rubocop/rubocop-rspec/releases) - [Changelog](https://github.com/rubocop/rubocop-rspec/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop/rubocop-rspec/compare/v3.7.0...v3.9.0) --- updated-dependencies: - dependency-name: rubocop-rspec dependency-version: 3.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 534a19b..cc41eea 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -102,9 +102,9 @@ GEM rubocop-rake (0.7.1) lint_roller (~> 1.1) rubocop (>= 1.72.1) - rubocop-rspec (3.7.0) + rubocop-rspec (3.9.0) lint_roller (~> 1.1) - rubocop (~> 1.72, >= 1.72.1) + rubocop (~> 1.81) ruby-progressbar (1.13.0) sawyer (0.9.3) addressable (>= 2.3.5) @@ -202,7 +202,7 @@ CHECKSUMS rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e rubocop-performance (1.26.1) sha256=cd19b936ff196df85829d264b522fd4f98b6c89ad271fa52744a8c11b8f71834 rubocop-rake (0.7.1) sha256=3797f2b6810c3e9df7376c26d5f44f3475eda59eb1adc38e6f62ecf027cbae4d - rubocop-rspec (3.7.0) sha256=b7b214da112034db9c6d00f2d811a354847e870f7b6ed2482b29649c3d42058f + rubocop-rspec (3.9.0) sha256=8fa70a3619408237d789aeecfb9beef40576acc855173e60939d63332fdb55e2 ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33 sawyer (0.9.3) sha256=0d0f19298408047037638639fe62f4794483fb04320269169bd41af2bdcf5e41 securerandom (0.4.1) sha256=cc5193d414a4341b6e225f0cb4446aceca8e50d5e1888743fac16987638ea0b1 From 81426086d95e8f4a1888dcf02fadb3542e10c740 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Fri, 16 Jan 2026 20:48:20 +0100 Subject: [PATCH 71/93] Update rubocop config (#169) --- .rubocop.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.rubocop.yml b/.rubocop.yml index 4311fea..3eb7161 100644 --- a/.rubocop.yml +++ b/.rubocop.yml @@ -1,10 +1,8 @@ -require: - - rubocop-disable_syntax - plugins: - rubocop-performance - rubocop-rake - rubocop-rspec + - rubocop-disable_syntax AllCops: TargetRubyVersion: 3.4 @@ -346,6 +344,10 @@ RSpec/IndexedLet: RSpec/NamedSubject: Enabled: false +# We prefer `receive` over `have_received` +RSpec/MessageSpies: + Enabled: false + # Naming rules: # Disable anonymous block forwarding. From 57c1fef1d87d3da5d885ef6f95e4d7c18b5a7688 Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Sun, 18 Jan 2026 17:40:20 +0100 Subject: [PATCH 72/93] Remove .envrc (#170) --- .envrc | 1 - 1 file changed, 1 deletion(-) delete mode 100644 .envrc diff --git a/.envrc b/.envrc deleted file mode 100644 index 9e13309..0000000 --- a/.envrc +++ /dev/null @@ -1 +0,0 @@ -export JRUBY_OPTS="--debug" From cfbc416e515528858fc1458b8247bc869324758c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Jan 2026 15:13:37 +0100 Subject: [PATCH 73/93] Bump ruby/setup-ruby from 1.283.0 to 1.284.0 (#171) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.283.0 to 1.284.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/708024e6c902387ab41de36e1669e43b5ee7085e...80740b3b13bf9857e28854481ca95a84e78a2bdf) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.284.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/rspec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index c54f8be..a5d2baa 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@708024e6c902387ab41de36e1669e43b5ee7085e # v1.283.0 + uses: ruby/setup-ruby@80740b3b13bf9857e28854481ca95a84e78a2bdf # v1.284.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 2f99538a61dd63fa6552218a8c86ecb1ad68df03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Jan 2026 11:12:07 +0100 Subject: [PATCH 74/93] Bump ruby/setup-ruby from 1.284.0 to 1.285.0 (#172) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.284.0 to 1.285.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/80740b3b13bf9857e28854481ca95a84e78a2bdf...e69dcf3ded5967f30d7ef595704928d91cdae930) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.285.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/rspec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index a5d2baa..47530f9 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@80740b3b13bf9857e28854481ca95a84e78a2bdf # v1.284.0 + uses: ruby/setup-ruby@e69dcf3ded5967f30d7ef595704928d91cdae930 # v1.285.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From fa536261c7272cab7ba402d7a7c3bd43703b54c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 11:25:59 +0100 Subject: [PATCH 75/93] Bump actions/checkout from 6.0.1 to 6.0.2 (#173) Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 286150f..7c246ea 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index d8a74ce..a0f09ed 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Dependency Review' uses: actions/dependency-review-action@98884d411b0f1c583e5ee579e7e897d4623019c2 # v4 diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 47530f9..1be7f70 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -29,7 +29,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 1088afa..4b3ca2d 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false From 09118034d395d768fe55c567fca858f2f25e2129 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 23 Jan 2026 11:26:12 +0100 Subject: [PATCH 76/93] Bump ruby/setup-ruby from 1.285.0 to 1.286.0 (#174) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.285.0 to 1.286.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/e69dcf3ded5967f30d7ef595704928d91cdae930...90be1154f987f4dc0fe0dd0feedac9e473aa4ba8) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.286.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/rspec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 1be7f70..a174b9e 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@e69dcf3ded5967f30d7ef595704928d91cdae930 # v1.285.0 + uses: ruby/setup-ruby@90be1154f987f4dc0fe0dd0feedac9e473aa4ba8 # v1.286.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 8fbc80202c6dfa3c5f243b934d9be5f53ee8276a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 25 Jan 2026 13:00:35 +0100 Subject: [PATCH 77/93] Bump github/codeql-action from 4.31.10 to 4.31.11 (#175) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.10 to 4.31.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/cdefb33c0f6224e58673d9004f47f7cb3e328b89...19b2f06db2b6f5108140aeb04014ef02b648f789) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.11 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7c246ea..4e85117 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 + uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 + uses: github/codeql-action/autobuild@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 + uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4b3ca2d..a8eb415 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 + uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 with: sarif_file: results.sarif From 46d14e1d3ced62398a6d57786a66aa30f1339aac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 12:37:17 +0100 Subject: [PATCH 78/93] Bump step-security/harden-runner from 2.14.0 to 2.14.1 (#176) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.0 to 2.14.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4e85117..2b9d9de 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index a0f09ed..4401828 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: egress-policy: audit diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index a174b9e..fa975b8 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index a8eb415..6edba09 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: egress-policy: audit From 75c869ef603172e3622f6bd32e6efdff11f8b859 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 27 Jan 2026 12:41:47 +0100 Subject: [PATCH 79/93] Bump github/codeql-action from 4.31.11 to 4.32.0 (#177) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.31.11 to 4.32.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/19b2f06db2b6f5108140aeb04014ef02b648f789...b20883b0cd1f46c72ae0ba6d1090936928f9fa30) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2b9d9de..d38367a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 6edba09..319af06 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 with: sarif_file: results.sarif From fc4e35115661951b53cb44b4a8eb1609f579f8c8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 28 Jan 2026 10:53:14 +0100 Subject: [PATCH 80/93] Bump prism from 1.8.0 to 1.9.0 (#179) Bumps [prism](https://github.com/ruby/prism) from 1.8.0 to 1.9.0. - [Release notes](https://github.com/ruby/prism/releases) - [Changelog](https://github.com/ruby/prism/blob/main/CHANGELOG.md) - [Commits](https://github.com/ruby/prism/compare/v1.8.0...v1.9.0) --- updated-dependencies: - dependency-name: prism dependency-version: 1.9.0 dependency-type: indirect update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index cc41eea..e0ff336 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -59,7 +59,7 @@ GEM parser (3.3.10.1) ast (~> 2.4.1) racc - prism (1.8.0) + prism (1.9.0) public_suffix (7.0.2) racc (1.8.1) rainbow (3.1.1) @@ -186,7 +186,7 @@ CHECKSUMS octokit (10.0.0) sha256=82e99a539b7637b7e905e6d277bb0c1a4bed56735935cc33db6da7eae49a24e8 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 - prism (1.8.0) sha256=84453a16ef5530ea62c5f03ec16b52a459575ad4e7b9c2b360fd8ce2c39c1254 + prism (1.9.0) sha256=7b530c6a9f92c24300014919c9dcbc055bf4cdf51ec30aed099b06cd6674ef85 public_suffix (7.0.2) sha256=9114090c8e4e7135c1fd0e7acfea33afaab38101884320c65aaa0ffb8e26a857 racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f rainbow (3.1.1) sha256=039491aa3a89f42efa1d6dec2fc4e62ede96eb6acd95e52f1ad581182b79bc6a From 274e8d24165c62ab5591e82b2d9adead63b4936b Mon Sep 17 00:00:00 2001 From: Igor Zubkov Date: Wed, 28 Jan 2026 13:40:40 +0100 Subject: [PATCH 81/93] Lock standard gem --- Gemfile | 2 +- Gemfile.lock | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index e96b574..37c28e6 100644 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gemspec gem "rake" gem "rspec" gem "simplecov", require: false -gem "standard", require: false +gem "standard", "1.53.0", require: false gem "rubocop", require: false gem "rubocop-disable_syntax", require: false gem "rubocop-performance", require: false diff --git a/Gemfile.lock b/Gemfile.lock index e0ff336..5b99e81 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -158,7 +158,7 @@ DEPENDENCIES rubocop-rake rubocop-rspec simplecov - standard + standard (= 1.53.0) CHECKSUMS activesupport (8.1.2) sha256=88842578ccd0d40f658289b0e8c842acfe9af751afee2e0744a7873f50b6fdae From 45894b566439fee085f48fe49d61a2e20ec11a00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jan 2026 12:18:06 +0100 Subject: [PATCH 82/93] Bump rspec-support from 3.13.6 to 3.13.7 (#180) Bumps [rspec-support](https://github.com/rspec/rspec) from 3.13.6 to 3.13.7. - [Changelog](https://github.com/rspec/rspec/blob/rspec-support-v3.13.7/rspec-support/Changelog.md) - [Commits](https://github.com/rspec/rspec/compare/rspec-support-v3.13.6...rspec-support-v3.13.7) --- updated-dependencies: - dependency-name: rspec-support dependency-version: 3.13.7 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5b99e81..d5b91f0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -77,7 +77,7 @@ GEM rspec-mocks (3.13.7) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-support (3.13.6) + rspec-support (3.13.7) rubocop (1.82.1) json (~> 2.3) language_server-protocol (~> 3.17.0.2) @@ -196,7 +196,7 @@ CHECKSUMS rspec-core (3.13.6) sha256=a8823c6411667b60a8bca135364351dda34cd55e44ff94c4be4633b37d828b2d rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 rspec-mocks (3.13.7) sha256=0979034e64b1d7a838aaaddf12bf065ea4dc40ef3d4c39f01f93ae2c66c62b1c - rspec-support (3.13.6) sha256=2e8de3702427eab064c9352fe74488cc12a1bfae887ad8b91cba480ec9f8afb2 + rspec-support (3.13.7) sha256=0640e5570872aafefd79867901deeeeb40b0c9875a36b983d85f54fb7381c47c rubocop (1.82.1) sha256=09f1a6a654a960eda767aebea33e47603080f8e9c9a3f019bf9b94c9cab5e273 rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e From 35b3a3b8b0bbf3649f4e0a8c9485871aef5d6ce3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Feb 2026 12:30:32 +0100 Subject: [PATCH 83/93] Bump ruby/setup-ruby from 1.286.0 to 1.287.0 (#181) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.286.0 to 1.287.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/90be1154f987f4dc0fe0dd0feedac9e473aa4ba8...8d27f39a5e7ad39aebbcbd1324f7af020229645c) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.287.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/rspec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index fa975b8..5e861b8 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@90be1154f987f4dc0fe0dd0feedac9e473aa4ba8 # v1.286.0 + uses: ruby/setup-ruby@8d27f39a5e7ad39aebbcbd1324f7af020229645c # v1.287.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 1326d024193fc8159efb21ab623a0c21ed7cc527 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Feb 2026 13:16:38 +0100 Subject: [PATCH 84/93] Bump json from 2.18.0 to 2.18.1 (#184) Bumps [json](https://github.com/ruby/json) from 2.18.0 to 2.18.1. - [Release notes](https://github.com/ruby/json/releases) - [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md) - [Commits](https://github.com/ruby/json/compare/v2.18.0...v2.18.1) --- updated-dependencies: - dependency-name: json dependency-version: 2.18.1 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d5b91f0..018e0bd 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -44,7 +44,7 @@ GEM faraday (~> 2.0) i18n (1.14.8) concurrent-ruby (~> 1.0) - json (2.18.0) + json (2.18.1) language_server-protocol (3.17.0.5) lint_roller (1.1.0) logger (1.7.0) @@ -177,7 +177,7 @@ CHECKSUMS faraday-net_http (3.4.2) sha256=f147758260d3526939bf57ecf911682f94926a3666502e24c69992765875906c faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.8) sha256=285778639134865c5e0f6269e0b818256017e8cde89993fdfcbfb64d088824a5 - json (2.18.0) sha256=b10506aee4183f5cf49e0efc48073d7b75843ce3782c68dbeb763351c08fd505 + json (2.18.1) sha256=fe112755501b8d0466b5ada6cf50c8c3f41e897fa128ac5d263ec09eedc9f986 language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87 logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203 From b00df01c8d88e75d277738db2dbcd564b7a78ca6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Feb 2026 13:31:08 +0100 Subject: [PATCH 85/93] Bump ruby/setup-ruby from 1.287.0 to 1.288.0 (#183) Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.287.0 to 1.288.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/8d27f39a5e7ad39aebbcbd1324f7af020229645c...09a7688d3b55cf0e976497ff046b70949eeaccfd) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.288.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/rspec.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 5e861b8..9923a08 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -33,7 +33,7 @@ jobs: - run: rm -f Gemfile.lock - run: rm -f .ruby-version - name: Set up Ruby - uses: ruby/setup-ruby@8d27f39a5e7ad39aebbcbd1324f7af020229645c # v1.287.0 + uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd # v1.288.0 with: ruby-version: ${{ matrix.ruby }} rubygems: latest From 487b73087dfb71a652a79a31626f2c2361ae3678 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 3 Feb 2026 13:31:18 +0100 Subject: [PATCH 86/93] Bump github/codeql-action from 4.32.0 to 4.32.1 (#182) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.0 to 4.32.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b20883b0cd1f46c72ae0ba6d1090936928f9fa30...6bc82e05fd0ea64601dd4b465378bbcf57de0314) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index d38367a..44d809f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 + uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 + uses: github/codeql-action/autobuild@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 + uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 319af06..490202f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 + uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 with: sarif_file: results.sarif From cc29772bdabeb5b97b4720f4e51c3168efc652e4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Feb 2026 15:36:27 +0100 Subject: [PATCH 87/93] Bump github/codeql-action from 4.32.1 to 4.32.2 (#185) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.1 to 4.32.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/6bc82e05fd0ea64601dd4b465378bbcf57de0314...45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 44d809f..4a3e874 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/autobuild@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 490202f..04220fc 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: sarif_file: results.sarif From fc68bcd05f89172a7712d3ed7c2bfa6734ad3303 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 11:51:37 +0100 Subject: [PATCH 88/93] Bump step-security/harden-runner from 2.14.1 to 2.14.2 (#186) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.14.1 to 2.14.2. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/rspec.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 4a3e874..cfd33d6 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 4401828..2cb1c94 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/rspec.yml b/.github/workflows/rspec.yml index 9923a08..481a993 100644 --- a/.github/workflows/rspec.yml +++ b/.github/workflows/rspec.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 04220fc..6a28cd8 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit From a1d4ab1f1249d05fcdc5b94fbb9823606ff67d5d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Feb 2026 12:26:04 +0100 Subject: [PATCH 89/93] Bump faraday from 2.14.0 to 2.14.1 (#187) Bumps [faraday](https://github.com/lostisland/faraday) from 2.14.0 to 2.14.1. - [Release notes](https://github.com/lostisland/faraday/releases) - [Changelog](https://github.com/lostisland/faraday/blob/main/CHANGELOG.md) - [Commits](https://github.com/lostisland/faraday/compare/v2.14.0...v2.14.1) --- updated-dependencies: - dependency-name: faraday dependency-version: 2.14.1 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 018e0bd..4bc6efe 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -34,7 +34,7 @@ GEM docile (1.4.1) drb (2.2.3) errbit_plugin (0.7.0) - faraday (2.14.0) + faraday (2.14.1) faraday-net_http (>= 2.0, < 3.5) json logger @@ -173,7 +173,7 @@ CHECKSUMS drb (2.2.3) sha256=0b00d6fdb50995fe4a45dea13663493c841112e4068656854646f418fda13373 errbit_github_plugin (0.4.0) errbit_plugin (0.7.0) sha256=2deec87f62dbc953ff86a69b46bb4d339678a9a9439342b85f3dfb909621d94d - faraday (2.14.0) sha256=8699cfe5d97e55268f2596f9a9d5a43736808a943714e3d9a53e6110593941cd + faraday (2.14.1) sha256=a43cceedc1e39d188f4d2cdd360a8aaa6a11da0c407052e426ba8d3fb42ef61c faraday-net_http (3.4.2) sha256=f147758260d3526939bf57ecf911682f94926a3666502e24c69992765875906c faraday-retry (2.4.0) sha256=7b79c48fb7e56526faf247b12d94a680071ff40c9fda7cf1ec1549439ad11ebe i18n (1.14.8) sha256=285778639134865c5e0f6269e0b818256017e8cde89993fdfcbfb64d088824a5 From ddd948a102e3ab539f846e18a13c6f0982a3bbc8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Feb 2026 13:06:21 +0100 Subject: [PATCH 90/93] Bump github/codeql-action from 4.32.2 to 4.32.3 (#188) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.32.2 to 4.32.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2...9e907b5e64f6b83e7804b09294d44122997950d6) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecards.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index cfd33d6..8873fd4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 + uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 + uses: github/codeql-action/autobuild@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 + uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 6a28cd8..0ebf4c5 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 + uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3 with: sarif_file: results.sarif From cc60717454a6b81286ed73dce35ccabfb20e6029 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 14 Feb 2026 13:07:06 +0100 Subject: [PATCH 91/93] Bump standard from 1.53.0 to 1.54.0 (#189) Bumps [standard](https://github.com/standardrb/standard) from 1.53.0 to 1.54.0. - [Release notes](https://github.com/standardrb/standard/releases) - [Changelog](https://github.com/standardrb/standard/blob/main/CHANGELOG.md) - [Commits](https://github.com/standardrb/standard/compare/v1.53.0...v1.54.0) --- updated-dependencies: - dependency-name: standard dependency-version: 1.54.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile | 2 +- Gemfile.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index 37c28e6..6ab950e 100644 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gemspec gem "rake" gem "rspec" gem "simplecov", require: false -gem "standard", "1.53.0", require: false +gem "standard", "1.54.0", require: false gem "rubocop", require: false gem "rubocop-disable_syntax", require: false gem "rubocop-performance", require: false diff --git a/Gemfile.lock b/Gemfile.lock index 4bc6efe..8ad6e6f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -78,7 +78,7 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) rspec-support (3.13.7) - rubocop (1.82.1) + rubocop (1.84.2) json (~> 2.3) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.1.0) @@ -86,7 +86,7 @@ GEM parser (>= 3.3.0.2) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 2.9.3, < 3.0) - rubocop-ast (>= 1.48.0, < 2.0) + rubocop-ast (>= 1.49.0, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 4.0) rubocop-ast (1.49.0) @@ -116,10 +116,10 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.13.2) simplecov_json_formatter (0.1.4) - standard (1.53.0) + standard (1.54.0) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) - rubocop (~> 1.82.0) + rubocop (~> 1.84.0) standard-custom (~> 1.0.0) standard-performance (~> 1.8) standard-custom (1.0.2) @@ -158,7 +158,7 @@ DEPENDENCIES rubocop-rake rubocop-rspec simplecov - standard (= 1.53.0) + standard (= 1.54.0) CHECKSUMS activesupport (8.1.2) sha256=88842578ccd0d40f658289b0e8c842acfe9af751afee2e0744a7873f50b6fdae @@ -197,7 +197,7 @@ CHECKSUMS rspec-expectations (3.13.5) sha256=33a4d3a1d95060aea4c94e9f237030a8f9eae5615e9bd85718fe3a09e4b58836 rspec-mocks (3.13.7) sha256=0979034e64b1d7a838aaaddf12bf065ea4dc40ef3d4c39f01f93ae2c66c62b1c rspec-support (3.13.7) sha256=0640e5570872aafefd79867901deeeeb40b0c9875a36b983d85f54fb7381c47c - rubocop (1.82.1) sha256=09f1a6a654a960eda767aebea33e47603080f8e9c9a3f019bf9b94c9cab5e273 + rubocop (1.84.2) sha256=5692cea54168f3dc8cb79a6fe95c5424b7ea893c707ad7a4307b0585e88dbf5f rubocop-ast (1.49.0) sha256=49c3676d3123a0923d333e20c6c2dbaaae2d2287b475273fddee0c61da9f71fd rubocop-disable_syntax (0.2.0) sha256=1e61645773b3fc2f74e995ec65f605f7db59437c274fdfd4f385f60bf86af73e rubocop-performance (1.26.1) sha256=cd19b936ff196df85829d264b522fd4f98b6c89ad271fa52744a8c11b8f71834 @@ -209,7 +209,7 @@ CHECKSUMS simplecov (0.22.0) sha256=fe2622c7834ff23b98066bb0a854284b2729a569ac659f82621fc22ef36213a5 simplecov-html (0.13.2) sha256=bd0b8e54e7c2d7685927e8d6286466359b6f16b18cb0df47b508e8d73c777246 simplecov_json_formatter (0.1.4) sha256=529418fbe8de1713ac2b2d612aa3daa56d316975d307244399fa4838c601b428 - standard (1.53.0) sha256=f3c9493385db7079d0abce6f7582f553122156997b81258cd361d3480eeacf9c + standard (1.54.0) sha256=7a4b08f83d9893083c8f03bc486f0feeb6a84d48233b40829c03ef4767ea0100 standard-custom (1.0.2) sha256=424adc84179a074f1a2a309bb9cf7cd6bfdb2b6541f20c6bf9436c0ba22a652b standard-performance (1.9.0) sha256=49483d31be448292951d80e5e67cdcb576c2502103c7b40aec6f1b6e9c88e3f2 tzinfo (2.0.6) sha256=8daf828cc77bcf7d63b0e3bdb6caa47e2272dcfaf4fbfe46f8c3a9df087a829b From ff0cadbbef21deddcd43c5f21e0b04430f385ffc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Feb 2026 15:01:43 +0100 Subject: [PATCH 92/93] Bump actions/dependency-review-action (#191) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 98884d411b0f1c583e5ee579e7e897d4623019c2 to 68e9887ce6c0bf076e739ad56332b1ee8bc7f88c. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/98884d411b0f1c583e5ee579e7e897d4623019c2...68e9887ce6c0bf076e739ad56332b1ee8bc7f88c) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-version: 68e9887ce6c0bf076e739ad56332b1ee8bc7f88c dependency-type: direct:production ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2cb1c94..a9dd01b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: 'Dependency Review' - uses: actions/dependency-review-action@98884d411b0f1c583e5ee579e7e897d4623019c2 # v4 + uses: actions/dependency-review-action@68e9887ce6c0bf076e739ad56332b1ee8bc7f88c # v4 From 141af37e06b55a42f60d6b477b111b745cf44497 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Feb 2026 15:06:00 +0100 Subject: [PATCH 93/93] Bump parser from 3.3.10.1 to 3.3.10.2 (#190) Bumps [parser](https://github.com/whitequark/parser) from 3.3.10.1 to 3.3.10.2. - [Changelog](https://github.com/whitequark/parser/blob/master/CHANGELOG.md) - [Commits](https://github.com/whitequark/parser/compare/v3.3.10.1...v3.3.10.2) --- updated-dependencies: - dependency-name: parser dependency-version: 3.3.10.2 dependency-type: indirect update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 8ad6e6f..cc9d4c7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -56,7 +56,7 @@ GEM faraday (>= 1, < 3) sawyer (~> 0.9) parallel (1.27.0) - parser (3.3.10.1) + parser (3.3.10.2) ast (~> 2.4.1) racc prism (1.9.0) @@ -185,7 +185,7 @@ CHECKSUMS net-http (0.9.1) sha256=25ba0b67c63e89df626ed8fac771d0ad24ad151a858af2cc8e6a716ca4336996 octokit (10.0.0) sha256=82e99a539b7637b7e905e6d277bb0c1a4bed56735935cc33db6da7eae49a24e8 parallel (1.27.0) sha256=4ac151e1806b755fb4e2dc2332cbf0e54f2e24ba821ff2d3dcf86bf6dc4ae130 - parser (3.3.10.1) sha256=06f6a725d2cd91e5e7f2b7c32ba143631e1f7c8ae2fb918fc4cebec187e6a688 + parser (3.3.10.2) sha256=6f60c84aa4bdcedb6d1a2434b738fe8a8136807b6adc8f7f53b97da9bc4e9357 prism (1.9.0) sha256=7b530c6a9f92c24300014919c9dcbc055bf4cdf51ec30aed099b06cd6674ef85 public_suffix (7.0.2) sha256=9114090c8e4e7135c1fd0e7acfea33afaab38101884320c65aaa0ffb8e26a857 racc (1.8.1) sha256=4a7f6929691dbec8b5209a0b373bc2614882b55fc5d2e447a21aaa691303d62f