Merge pull request #4123 from envato/dependency-update

Bump Node.js (18.19.1 → 18.20.5), Ruby (3.2.5 → 3.3.6), Rubocop (1.42.0 → 1.70.0), sqlite3 (1.6.9 → 1.7.3), rails-html-sanitizer (1.6.0 → 1.6.2)

Author: grosser

.bundler-audit.yml

@@ -4,3 +4,4 @@
 # - leave file with `ignore: []` if ignore list is empty
 ignore:
   - CVE-2024-6484 # ignore until a patch is available https://github.com/advisories/GHSA-9mvj-f7w8-pvh2
+  - CVE-2024-54133 # ignore until Rails is upgraded to >= 7.0

.node-version

@@ -1 +1 @@
-18.19.1
+18.20.5

.ruby-version

@@ -1 +1 @@
-3.2.5
+3.3.6

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:3.2.5-slim
+FROM ruby:3.3.6-slim
 
 # Install dependencies
 RUN \

Gemfile.lock

@@ -395,7 +395,7 @@ GEM
       terminal-table (>= 1.4.0)
       thor (>= 0.16.0)
     jmespath (1.6.2)
-    json (2.7.1)
+    json (2.9.1)
     jsonpath (1.1.5)
       multi_json
     jwt (2.7.1)
@@ -404,6 +404,7 @@ GEM
       jsonpath (~> 1.0)
       recursive-open-struct (~> 1.1, >= 1.1.1)
       rest-client (~> 2.0)
+    language_server-protocol (3.17.0.3)
     large_object_store (1.7.0)
       zstd-ruby (~> 1.5.5)
     llhttp-ffi (0.5.0)
@@ -415,7 +416,7 @@ GEM
       railties (>= 4)
       request_store (~> 1.0)
     logstash-event (1.2.02)
-    loofah (2.22.0)
+    loofah (2.24.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.12.0)
     mail (2.7.1)
@@ -429,7 +430,7 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2024.0206)
     mini_mime (1.1.5)
-    mini_portile2 (2.8.7)
+    mini_portile2 (2.8.8)
     minitest (5.14.4)
     mixlib-shellout (3.2.7)
       chef-utils
@@ -457,16 +458,16 @@ GEM
     netrc (0.11.0)
     newrelic_rpm (9.7.1)
     nio4r (2.7.3)
-    nokogiri (1.16.5)
+    nokogiri (1.18.1)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    nokogiri (1.16.5-aarch64-linux)
+    nokogiri (1.18.1-aarch64-linux-gnu)
       racc (~> 1.4)
-    nokogiri (1.16.5-arm64-darwin)
+    nokogiri (1.18.1-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.5-x86_64-darwin)
+    nokogiri (1.18.1-x86_64-darwin)
       racc (~> 1.4)
-    nokogiri (1.16.5-x86_64-linux)
+    nokogiri (1.18.1-x86_64-linux-gnu)
       racc (~> 1.4)
     oauth2 (2.0.9)
       faraday (>= 0.17.3, < 3.0)
@@ -499,10 +500,10 @@ GEM
       actionpack (>= 4.2)
       omniauth (~> 2.0)
     pagy (4.11.0)
-    parallel (1.24.0)
+    parallel (1.26.3)
     parallel_tests (2.32.0)
       parallel
-    parser (3.3.0.5)
+    parser (3.3.6.0)
       ast (~> 2.4.1)
       racc
     path_expander (1.1.1)
@@ -525,7 +526,7 @@ GEM
     puma (5.6.9)
       nio4r (~> 2.0)
     pyu-ruby-sasl (0.0.3.3)
-    racc (1.8.0)
+    racc (1.8.1)
     rack (2.2.9)
     rack-mini-profiler (3.3.0)
       rack (>= 1.2.0)
@@ -542,9 +543,9 @@ GEM
       activesupport (>= 5.0.0)
       minitest
       nokogiri (>= 1.6)
-    rails-html-sanitizer (1.6.0)
+    rails-html-sanitizer (1.6.2)
       loofah (~> 2.21)
-      nokogiri (~> 1.14)
+      nokogiri (>= 1.15.7, != 1.16.7, != 1.16.6, != 1.16.5, != 1.16.4, != 1.16.3, != 1.16.2, != 1.16.1, != 1.16.0.rc1, != 1.16.0)
     railties (6.1.7.10)
       actionpack (= 6.1.7.10)
       activesupport (= 6.1.7.10)
@@ -555,7 +556,7 @@ GEM
     rake (13.2.1)
     rbtree3 (0.7.1)
     recursive-open-struct (1.1.3)
-    regexp_parser (2.9.0)
+    regexp_parser (2.10.0)
     request_store (1.5.1)
       rack (>= 1.4)
     rest-client (2.1.0)
@@ -567,23 +568,23 @@ GEM
     rollbar (2.27.1)
     rollbar-user_informer (0.1.0)
       rollbar (~> 2.15)
-    rubocop (1.42.0)
+    rubocop (1.70.0)
       json (~> 2.3)
+      language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
-      parser (>= 3.1.2.1)
+      parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
-      rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.24.1, < 2.0)
+      regexp_parser (>= 2.9.3, < 3.0)
+      rubocop-ast (>= 1.36.2, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 3.0)
-    rubocop-ast (1.30.0)
-      parser (>= 3.2.1.0)
-    rubocop-rails (2.23.1)
+      unicode-display_width (>= 2.4.0, < 4.0)
+    rubocop-ast (1.37.0)
+      parser (>= 3.3.1.0)
+    rubocop-rails (2.28.0)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 1.33.0, < 2.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      rubocop (>= 1.52.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
     ruby-progressbar (1.13.0)
     ruby2_keywords (0.0.5)
     ruby_parser (3.21.0)
@@ -627,23 +628,23 @@ GEM
       actionpack (>= 5.2)
       activesupport (>= 5.2)
       sprockets (>= 3.0.0)
-    sqlite3 (1.6.9)
+    sqlite3 (1.7.3)
       mini_portile2 (~> 2.8.0)
-    sqlite3 (1.6.9-aarch64-linux)
-    sqlite3 (1.6.9-arm64-darwin)
-    sqlite3 (1.6.9-x86_64-darwin)
-    sqlite3 (1.6.9-x86_64-linux)
+    sqlite3 (1.7.3-aarch64-linux)
+    sqlite3 (1.7.3-arm64-darwin)
+    sqlite3 (1.7.3-x86_64-darwin)
+    sqlite3 (1.7.3-x86_64-linux)
     stackprof (0.2.12)
-    terminal-table (1.8.0)
-      unicode-display_width (~> 1.1, >= 1.1.1)
+    terminal-table (3.0.2)
+      unicode-display_width (>= 1.1.1, < 3)
     thor (1.3.1)
     tilt (2.3.0)
     timeout (0.4.1)
     tzinfo (2.0.6)
       concurrent-ruby (~> 1.0)
     uglifier (3.2.0)
       execjs (>= 0.3.0, < 3)
-    unicode-display_width (1.8.0)
+    unicode-display_width (2.6.0)
     validates_lengths_from_database (0.8.0)
       activerecord (>= 4)
     version_gem (1.1.3)
@@ -794,7 +795,7 @@ DEPENDENCIES
   webmock
 
 RUBY VERSION
-   ruby 3.2.5p208
+   ruby 3.3.6p108
 
 BUNDLED WITH
-   2.5.17
+   2.6.2

app/controllers/builds_controller.rb

@@ -168,10 +168,9 @@ def enforce_disabled_docker_builds
 
   def registering_external_build?
     return @registering_external_build if defined?(@registering_external_build)
-    @registering_external_build = (
+    @registering_external_build =
       action_name == "create" &&
-      EXTERNAL_BUILD_ATTRIBUTES.any? { |e| params.dig(:build, e).present? }
-    )
+        EXTERNAL_BUILD_ATTRIBUTES.any? { |e| params.dig(:build, e).present? }
   end
 
   def scope

app/controllers/projects_controller.rb

@@ -80,7 +80,7 @@ def create_callback
   end
 
   def destroy_callback
-    if to = (ENV["PROJECT_DELETED_NOTIFY_ADDRESS"] || created_email)
+    if to = ENV["PROJECT_DELETED_NOTIFY_ADDRESS"] || created_email
       ProjectMailer.deleted_email(to, current_user, @project).deliver_now
     end
   end

app/helpers/user_project_roles_helper.rb

@@ -5,7 +5,7 @@ def user_project_role_radio(user, role_name, role_id, user_project_role_id)
     global_access = (user.role_id >= role_id.to_i)
     disabled = (user.role_id > role_id.to_i)
     project_access = (user_project_role_id.to_i >= role_id.to_i)
-    checked = (global_access || project_access)
+    checked = global_access || project_access
     title = "User is a global #{user.role.name.capitalize}" if global_access
 
     label_tag nil, class: ('disabled' if disabled), title: title do

app/models/changeset/pull_request.rb

@@ -7,7 +7,7 @@ class Changeset::PullRequest
   WEBHOOK_FILTER = /(^|\s)\[samson review\]($|\s)/i
 
   # Matches URLs to JIRA issues.
-  JIRA_ISSUE_URL = %r[https?://[\da-z.\-]+\.[a-z.]{2,6}/browse/#{CODE_ONLY}(?=#{PUNCT}|$)]
+  JIRA_ISSUE_URL = %r[https?://[\da-z.-]+\.[a-z.]{2,6}/browse/#{CODE_ONLY}(?=#{PUNCT}|$)]
 
   # Matches "VOICE-1234" or "[VOICE-1234]"
   JIRA_CODE_TITLE = /(\[)*(#{CODE_ONLY})(\])*/

app/models/concerns/attr_encrypted_support.rb

@@ -2,7 +2,7 @@
 require 'attr_encrypted'
 
 module AttrEncryptedSupport
-  encryption_key_raw = (ENV['ATTR_ENCRYPTED_KEY'] || Rails.application.secrets.secret_key_base)
+  encryption_key_raw = ENV['ATTR_ENCRYPTED_KEY'] || Rails.application.secrets.secret_key_base
   ENCRYPTION_KEY = encryption_key_raw[0...32]
   ENCRYPTION_KEY_SHA = Digest::SHA2.hexdigest(encryption_key_raw)