Bump the ruby-minor-patch group across 1 directory with 9 updates

[dependabot]

Bumps the ruby-minor-patch group with 8 updates in the / directory:

Package	From	To
nokogiri	1.16.7	1.17.2
rexml	3.3.9	3.4.0
net-imap	0.5.1	0.5.2
sentry-ruby	5.21.0	5.22.1
twilio-ruby	7.3.6	7.4.0
rails-html-sanitizer	1.6.0	1.6.2
rubocop	1.68.0	1.69.2
dotenv-rails	3.1.4	3.1.6

Updates nokogiri from 1.16.7 to 1.17.2

Release notes

Sourced from nokogiri's releases.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

585c8cac6380848b7973bacfd0584628d116810e5f209db25e22d0c32313e681  nokogiri-1.17.2-aarch64-linux.gem
0c5eb06ba1c112d33c2bb29973b07e2f21c4ddb66c67c9386fd97ff1c5d84686  nokogiri-1.17.2-arm64-darwin.gem
3d033ad9b09d5b8a203f0f2156053e93a9327a9c7887c0ceb9fa78c71d27280d  nokogiri-1.17.2-arm-linux.gem
75825401f59b1a8746ee8ce5d066c8f11e745642e36a4452e206730b03d1fd8c  nokogiri-1.17.2.gem
ffe1fc1353f831793260b3023f575b4ed2e6144404947c57ad37ad932f9adb94  nokogiri-1.17.2-java.gem
da29e3d6add44bfc0bec8b9d4c7c660b38c7fc16ef505313839e07c3358d1059  nokogiri-1.17.2-x64-mingw32.gem
2bb710109d52f1209ea013c1f9603cd24271a9f22d387c0c45fced62945b4a30  nokogiri-1.17.2-x64-mingw-ucrt.gem
dc5977eb3416e1d501b22b0ed4737bf7604121491405865b887975eacfb3e896  nokogiri-1.17.2-x86_64-darwin.gem
e8614ae8d776bd9adb535ca814375e7ae05d7cfa6aa01909e561484f6d70be0b  nokogiri-1.17.2-x86_64-linux.gem
8c4dd75e35810bdeb7c74943f383ca665baf6aed8fc2b78c1d305094a72794aa  nokogiri-1.17.2-x86-linux.gem
9038e8b59e2eb48feb18f0efb093bd21a19d0eb17eed822a155b2a6860381702  nokogiri-1.17.2-x86-mingw32.gem

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

b3fce09bddfab61ae587f83af97bf0d0834352bcd23ad99831f2993d978627bd  nokogiri-1.17.1-aarch64-linux.gem
0e79badf832783e81439c3211562ed904a5c8eaaa0038c8fdfdb3778e873f3d0  nokogiri-1.17.1-arm64-darwin.gem
b8e9909ff893b257a58066e6bfc39456be18b87f4af1e22ca18d7c0dbc9925e5  nokogiri-1.17.1-arm-linux.gem
910fe0f194db99677f7ddb21b19a1d071ceffc4a0e39d44c08736d9b1e558cfc  nokogiri-1.17.1.gem
baf2cf6785f83c8cb3cdc427d0eb8b7f91d76748bfeb6c2612ce639e82c1ecee  nokogiri-1.17.1-java.gem
601a8bca523bf2b1a576c728ad4901c57263d0c29e4f9e6d2abe654c6a929841  nokogiri-1.17.1-x64-mingw32.gem
299ab9cd2c4ce882112e79fc31f82915920cb3e54ba526287e86d9a5fbfafebe  nokogiri-1.17.1-x64-mingw-ucrt.gem
94bcacacd123379229a8ece0d31c38af36d0ef6f86f399d5813be5ca0f566c88  nokogiri-1.17.1-x86_64-darwin.gem
2234250605b03433747e8d21de947b38b79f33a4280930e58bec179fd95d415d  nokogiri-1.17.1-x86_64-linux.gem
d09565316ffc8f8bb522bd6d1b460dec2a57d23d6e479c2d0d49d9ccbb11076c  nokogiri-1.17.1-x86-linux.gem
8f720dd62bf5d3791aa67f933085be5d2a2ab06afc120d4f210f40a5d184fafb  nokogiri-1.17.1-x86-mingw32.gem

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

v1.17.0 / 2024-12-08

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.13.5. @​flavorjones
• [CRuby] Vendored libxslt is updated to v1.1.42. @​flavorjones
• [CRuby] Minimum supported version of libxml2 raised to v2.9.2 (released 2014-10-16) from v2.6.21. [Bump the ruby-minor-patch group with 3 updates #3232, #3287] @​flavorjones
• [JRuby] Minimum supported version of Java raised to 8 (released 2014-03-18) from 7. #3134 @​flavorjones
• [CRuby] Update to rake-compiler-dock v1.5.1 for building precompiled native gems. #3216 @​flavorjones

Notable changes

SAX Parsers

The XML and HTML4 SAX parsers have received a lot of attention in this release, and we've fixed multiple long-standing bugs with encoding and entity handling. In addition, libxml2 v2.13 has also made some underlying fixes and improvements to encoding and entity handling.

We're shipping these fixes in a minor release because we firmly believe the resulting behavior is correct and standards-compliant, however applications that have been depending on the buggy behavior may be impacted.

If your application relies on the SAX parsers, and in particular if you're SAX-parsing documents with parsed entities or incorrect encoding declarations, please read the changelog below carefully.

Fragment parsing

Document fragment parsing has been improved, particularly with respect to handling malformed fragments or fragments with implicit namespace prefixes. Namespace reconciliation still isn't where we want it to be, but it's an improvement.

HTML5 fragment parsing now allows the context node to be specified as a context: keyword argument to the HTML5::DocumentFragment.parse and .new methods, which should allow for more flexible sanitization and future support for the draft HTML Sanitizer API in downstream libraries.

Error handling

In scenarios where multiple errors could be reported by the underlying parser, the errors will be aggregated into a single Nokogiri::XML::SyntaxError that is raised. Previously only the final error reported by libxml2 was raised (which was often misleading if it was only a warning and not the fatal error).

Schema validation

... (truncated)

Commits

• 35ec8c5 version bump to v1.17.2
• ffaa44c fix(jruby): XML::DocumentFragment.dup to another document (v1.17.x) (#3373)
• 8bd6c6d fix(jruby): XML::DocumentFragment.dup to another document
• e4bae8a version bump to v1.17.1
• 12244fe fix: Node#dup adds the new node to the document's node cache (backport to v1....
• 7bf2fc1 fix: Node#dup adds the new node to the document's node cache
• 765754c doc: update CHANGELOG bullet lists to render with mkdocs
• 076d647 doc: extract older changelog entries into misc/CHANGELOG-archive.md
• c7b75ef version bump to v1.17.0
• e8e8ffe Nokogiri::XSLT() uses parameter forwarding (#3356)
• Additional commits viewable in compare view

Updates rexml from 3.3.9 to 3.4.0

Release notes

Sourced from rexml's releases.

REXML 3.4.0 - 2024-12-15

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

• Dmitry Pogrebnoy

Changelog

Sourced from rexml's changelog.

3.4.0 - 2024-12-15 {#version-3-4-0}

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

• Dmitry Pogrebnoy

Commits

• 19d8ebf Add 3.4.0 entry
• dfc7753 release: use Trusted Publishing
• 91305c1 Remove old code for Ruby 1.8 (#223)
• 46dd810 test: Fix NameError: uninitialized constant REXML::Parsers::PullParser (#222)
• 963ccdf Fix error handling when parsing XML via IO.pipe (#221)
• 20562ec parser pull: Add support for reusing parser (#220)
• ed9168e Stop requiring stringio dynamically (#219)
• 519ae6c Clarify variable name (#218)
• 8ef7502 Add IOSource#match? method (#216)
• 6a8c041 test jruby: omit fragile test
• Additional commits viewable in compare view

Updates net-imap from 0.5.1 to 0.5.2

Release notes

Sourced from net-imap's releases.

v0.5.2

What's Changed

Added

• 🥅 Raise ArgumentError on multiple search charset args by @​nevans in ruby/net-imap#363
• ✨ Add keyword argument for search charset by @​nevans in ruby/net-imap#364
• ✨ Add basic ESEARCH support (RFC4466, RFC4731) by @​nevans in ruby/net-imap#333

Fixed

• 🐛 Return empty SearchResult for no search result by @​nevans in ruby/net-imap#362

Documentation

• 📚 Fix README example by @​nevans in ruby/net-imap#354
• 📦📚 Add release.yml for better release note generation by @​nevans in ruby/net-imap#355
• 📚💄 Fix rdoc 6.8 CSS styles by @​nevans in ruby/net-imap#356
• 📚 Update IMAP#search docs (again) by @​nevans in ruby/net-imap#360
• 📚 Consistent heading levels inside method rdoc by @​nevans in ruby/net-imap#361

Other Changes

• ✨ Add Data polyfill for ruby 3.1 by @​nevans in ruby/net-imap#352
• ♻️ Refactor internal command data classes by @​nevans in ruby/net-imap#358

Miscellaneous

• 🔥 Drop YAML.unsafe_load_file refinement (tests only) by @​nevans in ruby/net-imap#353
• ⬆️ Bump step-security/harden-runner from 2.10.1 to 2.10.2 by @​dependabot in ruby/net-imap#357
• Enabled windows-latest on GHA by @​hsbt in ruby/net-imap#359

Full Changelog: ruby/net-imap@v0.5.1...v0.5.2

Commits

• 13feeaf 🔖 Bump version to 0.5.2
• e570d48 🔀 Merge pull request #333 from nevans/basic-esearch-support
• e088eb1 🥅 Workaround https://bugs.ruby-lang.org/issues/20956
• 7e7f9bb ✨ Convert symbols & ranges in search return opts
• d8a2e6c ✨ Add keyword param for search return options
• 331db7f ✨ Gather ESEARCH response to #search/#uid_search
• 5cbf05f ✨ Parsing ESEARCH, with examples from RFC9051
• 832812a ✅ Copy assert_pattern from minitest
• 8655aeb ✨ Add keyword argument for search charset
• 2399044 🔀 Merge pull request #363 from ruby/search-charset-conflict-raise-argument_error
• Additional commits viewable in compare view

Updates sentry-ruby from 5.21.0 to 5.22.1

Changelog

Sourced from sentry-ruby's changelog.

5.22.1

Bug Fixes

• Safe-navigate to session flusher #2396
• Fix latency related nil error for Sidekiq Queues Module span data #2486
  • Fixes #2485

5.22.0

Features

• Add include_sentry_event matcher for RSpec #2424

• Add support for Sentry Cache instrumentation, when using Rails.cache #2380

• Add support for Queue Instrumentation for Sidekiq. #2403

• Add support for string errors in error reporter (#2464)

• Reset trace_id and add root transaction for sidekiq-cron #2446

• Add support for Excon HTTP client instrumentation (#2383)

  Note: MemoryStore and FileStore require Rails 8.0+

Bug Fixes

• Fix Vernier profiler not stopping when already stopped #2429
• Fix send_default_pii handling in rails controller spans #2443
  • Fixes #2438
• Fix RescuedExceptionInterceptor to handle an empty configuration #2428
• Add mutex sync to SessionFlusher aggregates #2469
  • Fixes #2468
• Fix sentry-rails' backtrace cleaner issues (#2475)
  • Fixes #2472

Commits

• 3cf4616 release: 5.22.1
• 9d37d28 Fix latency related nil error for Sidekiq Queues module span data (#2486)
• 3d2e5e6 fix: Safe-navigate to session flusher (#2396)
• 2932e83 release: 5.22.0
• f225138 Add mutex sync to SessionFlusher aggregates (#2469)
• a9b3687 Add Excon instrumentation (#2383)
• 5de4ebc Fix the build (#2463)
• 957c8d6 Make Sentry.{close,get_main_hub} thread-safe (#2436)
• f3ed31e Fix issues with stopping Vernier (#2429)
• 499cbac RSpec matchers (#2424)
• See full diff in compare view

Updates sentry-rails from 5.21.0 to 5.22.1

Changelog

Sourced from sentry-rails's changelog.

5.22.1

Bug Fixes

• Safe-navigate to session flusher #2396
• Fix latency related nil error for Sidekiq Queues Module span data #2486
  • Fixes #2485

5.22.0

Features

• Add include_sentry_event matcher for RSpec #2424

• Add support for Sentry Cache instrumentation, when using Rails.cache #2380

• Add support for Queue Instrumentation for Sidekiq. #2403

• Add support for string errors in error reporter (#2464)

• Reset trace_id and add root transaction for sidekiq-cron #2446

• Add support for Excon HTTP client instrumentation (#2383)

  Note: MemoryStore and FileStore require Rails 8.0+

Bug Fixes

• Fix Vernier profiler not stopping when already stopped #2429
• Fix send_default_pii handling in rails controller spans #2443
  • Fixes #2438
• Fix RescuedExceptionInterceptor to handle an empty configuration #2428
• Add mutex sync to SessionFlusher aggregates #2469
  • Fixes #2468
• Fix sentry-rails' backtrace cleaner issues (#2475)
  • Fixes #2472

Commits

• 3cf4616 release: 5.22.1
• 2932e83 release: 5.22.0
• 0f89aa8 Test against official Rails 8.0 release (#2479)
• 0f0666c Fix sentry-rails' backtrace cleaner issues (#2475)
• b31f0f3 [rails] support string errors in error reporter (#2464)
• 27d7384 RescuedExceptionInterceptor: Handle empty configuration (#2428)
• e384446 Test sentry-rails against Rails 8.0.0 (#2444)
• 9bba2ef Fix send_default_pii handling in rails controller spans (#2443)
• ee37a4a Add ActiveSupport for cache module (#2380)
• 03293ef [rails] disable eager loading in make_basic_app (#2434)
• See full diff in compare view

Updates twilio-ruby from 7.3.6 to 7.4.0

Release notes

Sourced from twilio-ruby's releases.

7.4.0

Release Notes

Library - Feature

• [PR #735](twilio/twilio-ruby#735): public oauth. Thanks to @​manisha1997!

Docs

7.3.7

Release Notes

Api

• Add optional parameter intelligence_service to transcription
• Updated phone_number_sid to be populated for sip trunking terminating calls.

Numbers

• Add Update Hosted Number Order V2 API endpoint
• Update Port in docs

Twiml

• Add optional parameter intelligence_service to <Transcription>
• Add support for new <ConversationRelay> and <Assistant> noun
• Add events attribute to <Dial> verb

Docs

Changelog

Sourced from twilio-ruby's changelog.

[2024-12-12] Version 7.4.0

Library - Feature

• [PR #735](twilio/twilio-ruby#735): public oauth. Thanks to @​manisha1997!

[2024-12-05] Version 7.3.7

Api

• Add optional parameter intelligence_service to transcription
• Updated phone_number_sid to be populated for sip trunking terminating calls.

Numbers

• Add Update Hosted Number Order V2 API endpoint
• Update Port in docs

Twiml

• Add optional parameter intelligence_service to <Transcription>
• Add support for new <ConversationRelay> and <Assistant> noun
• Add events attribute to <Dial> verb

Commits

• a3018ec Release 7.4.0
• 4998854 [Librarian] Regenerated @ ca4a5892d2b6a6161860845fe1152af07920bc07 4030731184...
• 57032c3 feat: public oauth (#735)
• 9877912 Release 7.3.7
• 59cb525 [Librarian] Regenerated @ 45fa5159053e1c1f62f6d613f3b67a9239b43a5f 2551818144...
• See full diff in compare view

Updates rails-html-sanitizer from 1.6.0 to 1.6.2

Release notes

Sourced from rails-html-sanitizer's releases.

v1.6.2 / 2024-12-12

• PermitScrubber fully supports frozen "allowed tags".

  v1.6.1 introduced safety checks that may remove unsafe tags from the allowed list, which introduced a regression for applications passing a frozen array of allowed tags. Tags and attributes are now properly copied when they are passed to the scrubber.

  Fixes #195.

  Mike Dalessio

1.6.1 / 2024-12-02

This is a performance and security release which addresses several possible XSS vulnerabilities.

• The dependency on Nokogiri is updated to v1.15.7 or >=1.16.8.

  This change addresses CVE-2024-53985 (GHSA-w8gc-x259-rc7x).

  Mike Dalessio

• Disallowed tags will be pruned when they appear in foreign content (i.e. SVG or MathML content), regardless of the prune: option value. Previously, disallowed tags were "stripped" unless the gem was configured with the prune: true option.

  The CVEs addressed by this change are:

  • CVE-2024-53986 (GHSA-638j-pmjw-jq48)
  • CVE-2024-53987 (GHSA-2x5m-9ch4-qgrr)

  Mike Dalessio

• The tags "noscript", "mglyph", and "malignmark" will not be allowed, even if explicitly added to the allowlist. If applications try to allow any of these tags, a warning is emitted and the tags are removed from the allow-list.

  The CVEs addressed by this change are:

  • CVE-2024-53988 (GHSA-cfjx-w229-hgx5)
  • CVE-2024-53989 (GHSA-rxv5-gxqc-xx8g)

  Please note that we may restore support for allowing "noscript" in a future release. We do not expect to ever allow "mglyph" or "malignmark", though, especially since browser support is minimal for these tags.

  Mike Dalessio

... (truncated)

Changelog

Sourced from rails-html-sanitizer's changelog.

v1.6.2 / 2024-12-12

• PermitScrubber fully supports frozen "allowed tags".

  v1.6.1 introduced safety checks that may remove unsafe tags from the allowed list, which introduced a regression for applications passing a frozen array of allowed tags. Tags and attributes are now properly copied when they are passed to the scrubber.

  Fixes #195.

  Mike Dalessio

1.6.1 / 2024-12-02

This is a performance and security release which addresses several possible XSS vulnerabilities.

• The dependency on Nokogiri is updated to v1.15.7 or >=1.16.8.

  This change addresses CVE-2024-53985 (GHSA-w8gc-x259-rc7x).

  Mike Dalessio

• Disallowed tags will be pruned when they appear in foreign content (i.e. SVG or MathML content), regardless of the prune: option value. Previously, disallowed tags were "stripped" unless the gem was configured with the prune: true option.

  The CVEs addressed by this change are:

  • CVE-2024-53986 (GHSA-638j-pmjw-jq48)
  • CVE-2024-53987 (GHSA-2x5m-9ch4-qgrr)

  Mike Dalessio

• The tags "noscript", "mglyph", and "malignmark" will not be allowed, even if explicitly added to the allowlist. If applications try to allow any of these tags, a warning is emitted and the tags are removed from the allow-list.

  The CVEs addressed by this change are:

  • CVE-2024-53988 (GHSA-cfjx-w229-hgx5)
  • CVE-2024-53989 (GHSA-rxv5-gxqc-xx8g)

  Please note that we may restore support for allowing "noscript" in a future release. We do not expect to ever allow "mglyph" or "malignmark", though, especially since browser support is minimal for these tags.

  Mike Dalessio

• Improve performance by eliminating needless operations on attributes that are being removed. #188

... (truncated)

Commits

• 9160d49 version bump to v1.6.2
• 5843d4d fix: PermitScrubber accepts frozen tags
• 5e96b19 version bump to v1.6.1
• 383cc7c doc: update CHANGELOG with assigned CVEs
• a7b0cfe Combine the noscript/mglyph prevention blocks
• 5658335 Merge branch 'h1-2509647-noscript' into flavorjones-2024-security-fixes
• 65fb72f Merge branch 'h1-2519936-mglyph-foster-parenting' into flavorjones-2024-secur...
• 3fe22a8 Merge branch 'h1-2519936-foreign-ns-confusion' into flavorjones-2024-security...
• d7a94c1 Merge branch 'h1-2503220-nokogiri-serialization' into flavorjones-2024-securi...
• 3fd6e65 doc: update CHANGELOG
• Additional commits viewable in compare view

Updates rubocop from 1.68.0 to 1.69.2

Release notes

Sourced from rubocop's releases.

RuboCop 1.69.2

Bug fixes

• #13553: Fix an incorrect autocorrect for Style/MultipleComparison when a variable is compared multiple times after a method call. (@​koic)
• #13562: Fix Bundler/DuplicatedGem cop error in case of empty branch. (@​viralpraxis)
• #13573: Fix Lint/UnescapedBracketInRegexp cop failure with invalid multibyte escape. (@​earlopain)
• #13556: Fix false positives for Style/FileNull when using 'nul' string. (@​koic)
• #12995: Fix --disable-uncorrectable to not insert directives inside a string. (@​dvandersluis)
• #13320: Fix incorrect autocorrect when Layout/LineContinuationLeadingSpace and Style/StringLiterals autocorrects in the same pass. (@​dvandersluis)
• #13299: Fix Style/BlockDelimiters to always accept braces when an operator method argument is chained. (@​dvandersluis)
• #13565: Fix Style/RedundantLineContinuation false negatives when a redundant continuation follows a required continuation. (@​dvandersluis)
• #13551: Fix an incorrect autocorrect for Style/IfWithSemicolon when using multi value assignment in if with a semicolon is used. (@​koic)
• #13534: Fix Layout/LineLength cop failure in case of YARD-comment-like string. (@​viralpraxis)
• #13558: Fix Lint/NonAtomicFileOperation cop error in case of implicit receiver. (@​viralpraxis)
• #13564: Fix Metrics/ClassLength cop error in case of chained assignments. (@​viralpraxis)
• #13570: Fix Naming/RescuedExceptionsVariableName cop error when exception is assigned with writer method. (@​viralpraxis)
• #13559: Fix a false positive for Style/RedundantLineContinuation when a method definition is used as an argument for a method call. (@​davidrunger)
• #13574: Fix Style/ExactRegexpMatch cop error on invalid regular expression literal. (@​viralpraxis)
• #13554: Fix Style/FrozenStringLiteralComment false positive in case of non-downcased value literal. (@​viralpraxis)
• #13569: Fix Style/MethodCallWithoutArgsParentheses cop error in case of mass hash assignment. (@​viralpraxis)
• #13542: Fix Style/RedundantCondition cop failure in case of empty arguments. (@​viralpraxis)
• #13509: Update Layout/ExtraSpacing and Layout/SpaceAroundOperators to handle preceding operators inside strings. (@​dvandersluis)

RuboCop 1.69.1

Bug fixes

• #13502: Fix an incorrect autocorrect for Style/DigChain when using safe navigation method chain with dig method. (@​koic)
• #13505: Fix an error for Style/ParallelAssignment when using the anonymous splat operator. (@​earlopain)
• #13184: Fix some false positives in Lint/UnreachableCode. (@​isuckatcs)
• #13494: Fix false positives for Style/HashExcept cop when using reject/!include?, reject/!in? or select/!exclude? combinations. (@​lovro-bikic)
• #13522: Fix Lint/UnescapedBracketInRegexp cop failure with invalid regular expression. (@​viralpraxis)
• #13523: Fix Style::AccessModifierDeclarations cop failure in case of if node without else. (@​viralpraxis)
• #13524: Fix Style/RedundantArgument cop failure while inspecting string literal with invalid encoding. (@​viralpraxis)
• #13528: Fix Style/RedundantParentheses cop failure in case of splatted case node without condition. (@​viralpraxis)
• #13521: Fix Style/RedundantSelf cop failure with kwnilarg argument node. (@​viralpraxis)
• #13526: Fix Style/StringConcatenation cop failure when there are mixed implicit and explicit concatenations. (@​viralpraxis)
• #13511: Fix false positive in Lint/UnescapedBracketInRegexp when using regexp_parser 2.9.2 and earlier. (@​dvandersluis)
• #13096: Update Style/BlockDelimiters to not change braces when they are required for syntax. (@​dvandersluis)
• #13512: Update Style/LambdaCall to be aware of safe navigation. (@​dvandersluis)

... (truncated)

Changelog

Sourced from rubocop's changelog.

1.69.2 (2024-12-12)

Bug fixes

• #13553: Fix an incorrect autocorrect for Style/MultipleComparison when a variable is compared multiple times after a method call. ([@​koic][])
• #13562: Fix Bundler/DuplicatedGem cop error in case of empty branch. ([@​viralpraxis][])
• #13573: Fix Lint/UnescapedBracketInRegexp cop failure with invalid multibyte escape. ([@​earlopain][])
• #13556: Fix false positives for Style/FileNull when using 'nul' string. ([@​koic][])
• #12995: Fix --disable-uncorrectable to not insert directives inside a string. ([@​dvandersluis][])
• #13320: Fix incorrect autocorrect when Layout/LineContinuationLeadingSpace and Style/StringLiterals autocorrects in the same pass. ([@​dvandersluis][])
• #13299: Fix Style/BlockDelimiters to always accept braces when an operator method argument is chained. ([@​dvandersluis][])
• #13565: Fix Style/RedundantLineContinuation false negatives when a redundant continuation follows a required continuation. ([@​dvandersluis][])
• #13551: Fix an incorrect autocorrect for Style/IfWithSemicolon when using multi value assignment in if with a semicolon is used. ([@​koic][])
• #13534: Fix Layout/LineLength cop failure in case of YARD-comment-like string. ([@​viralpraxis][])
• #13558: Fix Lint/NonAtomicFileOperation cop error in case of implicit receiver. ([@​viralpraxis][])
• #13564: Fix Metrics/ClassLength cop error in case of chained assignments. ([@​viralpraxis][])
• #13570: Fix Naming/RescuedExceptionsVariableName cop error when exception is assigned with writer method. ([@​viralpraxis][])
• #13559: Fix a false positive for Style/RedundantLineContinuation when a method definition is used as an argument for a method call. ([@​davidrunger][])
• #13574: Fix Style/ExactRegexpMatch cop error on invalid regular expression literal. ([@​viralpraxis][])
• #13554: Fix Style/FrozenStringLiteralComment false positive in case of non-downcased value literal. ([@​viralpraxis][])
• #13569: Fix Style/MethodCallWithoutArgsParentheses cop error in case of mass hash assignment. ([@​viralpraxis][])
• #13542: Fix Style/RedundantCondition cop failure in case of empty arguments. ([@​viralpraxis][])
• #13509: Update Layout/ExtraSpacing and Layout/SpaceAroundOperators to handle preceding operators inside strings. ([@​dvandersluis][])

1.69.1 (2024-12-03)

Bug fixes

• #13502: Fix an incorrect autocorrect for Style/DigChain when using safe navigation method chain with dig method. ([@​koic][])
• #13505: Fix an error for Style/ParallelAssignment when using the anonymous splat operator. ([@​earlopain][])
• #13184: Fix some false positives in Lint/UnreachableCode. ([@​isuckatcs][])
• #13494: Fix false positives for Style/HashExcept cop when using reject/!include?, reject/!in? or select/!exclude? combinations. ([@​lovro-bikic][])
• #13522: Fix Lint/UnescapedBracketInRegexp cop failure with invalid regular expression. ([@​viralpraxis][])
• #13523: Fix Style::AccessModifierDeclarations cop failure in case of if node without else. ([@​viralpraxis][])
• #13524: Fix Style/RedundantArgument cop failure while inspecting string literal with invalid encoding. ([@​viralpraxis][])
• #13528: Fix Style/RedundantParentheses cop failure in case of splatted case node without condition. ([@​viralpraxis][])
• #13521: Fix Style/RedundantSelf cop failure with kwnilarg argument node. ([@​viralpraxis][])
• #13526: Fix Style/StringConcatenation cop failure when there are mixed implicit and explicit concatenations. ([@​viralpraxis][])
• #13511: Fix false positive in Lint/UnescapedBracketInRegexp when using regexp_parser 2.9.2 and earlier. ([@​dvandersluis][])
• #13096: Update Style/BlockDelimiters to not change braces when they are required for syntax. ([@​dvandersluis][])
• #13512: Update Style/LambdaCall to be aware of safe navigation. ([@​dvandersluis][])

1.69.0 (2024-11-26)

New features

• #13439: Add new Lint/HashNewWithKeywordArgumentsAsDefault cop. ([@​koic][])
• #11191: Add new Lint/NumericOperationWithConstantResult cop. ([@​zopolis4][])
• #13486: Add new Style/DigChain cop. ([@​dvandersluis][])
• #13490: Add new Style/FileNull cop. ([@​dvandersluis][])

... (truncated)

Commits

• 3ba4aef Cut 1.69.2
• e74cea2 Update Changelog
• 19ee909 [Fix #13556] Fix false positives for Style/FileNull
• fd13dab [Fix #13299] Fix Style/BlockDelimiters to always accept braces when an oper...
• 522950a Fix Style/ExactRegexpMatch cop error on invalid regular expression literal
• e0777ff Merge pull request #13539 from dvandersluis/issue/13320
• 7fbd78a Net::HTTPSession is deprecated now
• bd31b8a Update RSpec 4 CI to the monorepo
• 4618790 Fix Lint/UnescapedBracketInRegexp cop failure with invalid multibyte escape
• b00b5f1 Merge pull request #13570 from viralpraxis/fix-naming-rescue-exceptions-varia...
• Additional commits viewable in compare view

Updates dotenv-rails from 3.1.4 to 3.1.6

Release notes

Sourced from dotenv-rails's releases.

3.1.6

What's Changed

• Fix: Restore previous parser behavior of returning existing variables by @​bkeepers in bkeepers/dotenv#519

Full Changelog: https://github.com/bkeepers/dotenv/compare/...

Description has been truncated

[colinxfleming]

@dependabot rebase

[dependabot]

Superseded by #3328.