panolint 0.1.2 → 0.1.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d91cca0d11b65106166fdc20c47fd0427f3f62fa9240ad8bee27cb61e7211f1f
-  data.tar.gz: 7edf9f2cf80c4fac4e236f4e7dc72692ef46f4ce9608b6f72d0c482d90e78d40
+  metadata.gz: c79b43e9d0b3c82a967915f4aa10a0c080fa9787f499d6eee34e74441ad172fa
+  data.tar.gz: 004b7d765ebaf18ae0835da06c5361d86c5a505f5d2dd1a370ae03eb51553235
 SHA512:
-  metadata.gz: 548905cd943d90008fc922a138d482f5314f7389f0224e5903ae705571c149dc148d52ecc92011e236d745b258fa06c3a3d86919dffedc1699ffbafc0ade2a87
-  data.tar.gz: 246f67a54a7fd838b6c3e48ddc760664a5286cc2471154cc6c3faff323a40b6971b2547f133f0c9c8a193678b17a6fd158a9724c1da3261507fd676cc2944a5e
+  metadata.gz: 053dfc4b264e78e26e2a7654658d1cb2fcb5251fa80d1fff4fc28e321047391727b3502161deea2c58c21d9c7ff53bea6602f552304a2411e5bc454cd5eb5628
+  data.tar.gz: 616a43c8fa81855c8bf3c60baa613b1945e8ac467157b0e306c45ab3cba1e5348b7c11b5e0f7bb2a4b4d3568f6073411cf580c57df8500bccfad344eb37735aa

data/.dependabot/config.yml

@@ -6,6 +6,41 @@
 # Reference: https://dependabot.com/docs/config-file/
 version: 1
 update_configs:
+  # This configures dependency updates for one package manager. In some
+  # projects, such as warehouse, where we have Ruby and Python, there can be
+  # separate package_manager entries.
   - package_manager: "ruby:bundler"
     directory: "/"
     update_schedule: "weekly"
+
+    default_labels:
+      - "dependencies"
+      - "Needs QA"
+
+    # Dependabot will use a repository's default branch. This will override
+    # that.
+    # target_branch: "master"
+
+    allowed_updates:
+      - match:
+          dependency_type: "direct"
+
+    automerged_updates:
+      # This allows all dependencies that are used for development, e.g., rspec,
+      # rspec-mock, vcr, etc, to be automatically updated. This is generally
+      # okay because the dependencies are not used in production.
+      - match:
+          dependency_type: "all"
+          update_type: "all"
+
+    #   # This is an example entry to enable automerging of a specific dependency
+    #   # when the update is only for minor or patch semantic versions.
+    #   #
+    #   # The dependency_name can also be a wildcard.
+    #   #
+    #   # This is left commented, but whitelisting a dependency for automatic
+    #   # merging is as simple as creating a new entry that looks like the below.
+    #   - match:
+    #       dependency_type: "all"
+    #       dependency_name: "aws-sdk-s3"
+    #       update_type: "semver:minor"

data/.github/workflows/auto-approve-dependabot.yml

@@ -0,0 +1,26 @@
+# This workflow auto-approves pull-requests when the github actor is a
+# dependabot user and it is opening a new pull request.
+#
+# The problem that this workflow solves is that we have branch protection on
+# our repositories that prevent PRs from merging unless there is an
+# approval present. The problem is that this will block PRs that dependabot
+# may want to merge automatically. Auto-approving dependabot PRs will allow
+# the automatic merge to complete. We control what gets automerged through
+# the dependabot configuration.
+#
+# This is a known issue: https://github.com/dependabot/feedback/issues/852
+name: Auto-approve dependabot pull requests
+on:
+  pull_request:
+    types: [opened]
+
+jobs:
+  dependabot-triage:
+    runs-on: ubuntu-latest
+    if: (github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]')
+
+    steps:
+      - name: Auto-approve for dependabot
+        uses: hmarr/auto-approve-action@v2.0.0
+        with:
+          github-token: "${{ secrets.GITHUB_TOKEN }}"

data/.github/workflows/remove-needs-qa.yml

@@ -0,0 +1,35 @@
+# This workflow removes a "Needs QA" label from a PR when the actor is the
+# dependabot user merging a PR.
+#
+# We need this mechanism to allow for automerging whitelisted dependencies while
+# also allowing for blocking a merge to master for deployment (in the way that
+# our other PRs work). When the automerge script runs in henchman, it looks
+# for `Needs QA` on github pull requests, and if the label is present,
+# blocks the commit from merging.
+name: Remove 'Needs QA' label for auto-merged PRs.
+on:
+  pull_request:
+    types: [closed]
+
+jobs:
+  remove-label:
+    runs-on: ubuntu-latest
+    if: >
+      (github.actor == 'dependabot[bot]' || github.actor == 'dependabot-preview[bot]')
+      && github.event.pull_request.merged
+
+    steps:
+      # Our triage workflow adds 'Needs QA' to the PR in order to block it from
+      # merging to production. This removes that label when dependabot is doing
+      # the merging.
+      - name: Remove QA Label
+        uses: actions/github-script@0.4.0
+        with:
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+          script: |
+            github.issues.removeLabel({
+              issue_number: context.issue.number,
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              name: 'Needs QA'
+            })

data/CHANGELOG.md

@@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a
 
 ## [Unreleased]
 
+## [0.1.3] - 2021-04-22
+
 ## [0.1.2] - 2020-04-10
 
 ### Changed
@@ -26,7 +28,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) a
 
 - Initial release. 🎉
 
-[unreleased]: https://github.com/panorama-ed/panolint/compare/v0.1.2...HEAD
+[unreleased]: https://github.com/panorama-ed/panolint/compare/v0.1.3...HEAD
+[0.1.3]: https://github.com/panorama-ed/panolint/compare/v0.1.2...v0.1.3
 [0.1.2]: https://github.com/panorama-ed/panolint/compare/v0.1.1...v0.1.2
 [0.1.1]: https://github.com/panorama-ed/panolint/compare/v0.1.0...v0.1.1
 [0.1.0]: https://github.com/panorama-ed/panolint/compare/45c38b...v0.1.0

data/Gemfile.lock

@@ -2,71 +2,78 @@ PATH
   remote: .
   specs:
     panolint (0.1.2)
-      brakeman (~> 4.8)
-      rubocop (~> 0.81)
+      brakeman (>= 4.8, < 6.0)
+      rubocop (>= 0.83, < 2.0)
       rubocop-performance (~> 1.5)
       rubocop-rails (~> 2.5)
-      rubocop-rspec (~> 1.38)
+      rubocop-rake (~> 0.5)
+      rubocop-rspec (~> 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
-    activesupport (6.0.2.2)
+    activesupport (6.1.1)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
-      minitest (~> 5.1)
-      tzinfo (~> 1.1)
-      zeitwerk (~> 2.2)
-    ast (2.4.0)
-    brakeman (4.8.1)
-    concurrent-ruby (1.1.6)
-    diff-lcs (1.3)
-    i18n (1.8.2)
+      i18n (>= 1.6, < 2)
+      minitest (>= 5.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
+    ast (2.4.2)
+    brakeman (5.0.0)
+    concurrent-ruby (1.1.8)
+    diff-lcs (1.4.4)
+    i18n (1.8.7)
       concurrent-ruby (~> 1.0)
-    jaro_winkler (1.5.4)
-    minitest (5.14.0)
-    parallel (1.19.1)
-    parser (2.7.1.0)
-      ast (~> 2.4.0)
-    rack (2.2.2)
+    minitest (5.14.3)
+    parallel (1.20.1)
+    parser (3.0.0.0)
+      ast (~> 2.4.1)
+    rack (2.2.3)
     rainbow (3.0.0)
-    rake (13.0.1)
+    rake (13.0.3)
+    regexp_parser (2.1.1)
     rexml (3.2.4)
-    rspec (3.9.0)
-      rspec-core (~> 3.9.0)
-      rspec-expectations (~> 3.9.0)
-      rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.1)
-      rspec-support (~> 3.9.1)
-    rspec-expectations (3.9.1)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.0)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.1)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.0)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.9.0)
-    rspec-support (3.9.2)
-    rubocop (0.81.0)
-      jaro_winkler (~> 1.5.1)
+      rspec-support (~> 3.10.0)
+    rspec-support (3.10.0)
+    rubocop (1.12.1)
       parallel (~> 1.10)
-      parser (>= 2.7.0.1)
+      parser (>= 3.0.0.0)
       rainbow (>= 2.2.2, < 4.0)
+      regexp_parser (>= 1.8, < 3.0)
       rexml
+      rubocop-ast (>= 1.2.0, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 1.4.0, < 2.0)
-    rubocop-performance (1.5.2)
-      rubocop (>= 0.71.0)
-    rubocop-rails (2.5.2)
-      activesupport
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.4.1)
+      parser (>= 2.7.1.5)
+    rubocop-performance (1.10.2)
+      rubocop (>= 0.90.0, < 2.0)
+      rubocop-ast (>= 0.4.0)
+    rubocop-rails (2.9.1)
+      activesupport (>= 4.2.0)
       rack (>= 1.1)
-      rubocop (>= 0.72.0)
-    rubocop-rspec (1.38.1)
-      rubocop (>= 0.68.1)
-    ruby-progressbar (1.10.1)
-    thread_safe (0.3.6)
-    tzinfo (1.2.7)
-      thread_safe (~> 0.1)
-    unicode-display_width (1.7.0)
-    zeitwerk (2.3.0)
+      rubocop (>= 0.90.0, < 2.0)
+    rubocop-rake (0.5.1)
+      rubocop
+    rubocop-rspec (2.2.0)
+      rubocop (~> 1.0)
+      rubocop-ast (>= 1.1.0)
+    ruby-progressbar (1.11.0)
+    tzinfo (2.0.4)
+      concurrent-ruby (~> 1.0)
+    unicode-display_width (2.0.0)
+    zeitwerk (2.4.2)
 
 PLATFORMS
   ruby

data/lib/panolint/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Panolint
-  VERSION = "0.1.2"
+  VERSION = "0.1.3"
 end

data/panolint.gemspec

@@ -24,11 +24,12 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_dependency "brakeman", "~> 4.8"
-  spec.add_dependency "rubocop", "~> 0.81"
+  spec.add_dependency "brakeman", ">= 4.8", "< 6.0"
+  spec.add_dependency "rubocop", ">= 0.83", "< 2.0"
   spec.add_dependency "rubocop-performance", "~> 1.5"
   spec.add_dependency "rubocop-rails", "~> 2.5"
-  spec.add_dependency "rubocop-rspec", "~> 1.38"
+  spec.add_dependency "rubocop-rake", "~> 0.5"
+  spec.add_dependency "rubocop-rspec", "~> 2.0"
 
   spec.add_development_dependency "bundler", "~> 2.1"
   spec.add_development_dependency "rake", "~> 13.0"

data/rubocop.yml

@@ -3,7 +3,7 @@
 # You can use this in your project's .rubocop.yml with the following at the top:
 #
 #     inherit_gem:
-#       panolint: .rubocop.yml
+#       panolint: rubocop.yml
 #
 # This allows you to selectively override settings in projects, for example, if
 # you're working on a Sinatra project, disabling the Rails cops is probably
@@ -18,6 +18,10 @@ AllCops:
     - !ruby/regexp /vendor\/(?!panoramaed).*$/
     - "db/schema.rb"
     - "db/migrate/**/*"
+  NewCops: enable
+
+Gemspec/RequiredRubyVersion:
+  Enabled: false
 
 Layout/DotPosition:
   EnforcedStyle: trailing
@@ -33,6 +37,12 @@ Lint/AmbiguousBlockAssociation:
 Lint/Debugger:
   Severity: error
 
+Lint/DuplicateElsifCondition:
+  Enabled: true
+
+Lint/MixedRegexpCaptureTypes:
+  Enabled: true
+
 Lint/SuppressedException:
   Enabled: false
 
@@ -81,6 +91,9 @@ RSpec/LetSetup:
 RSpec/MessageSpies:
   EnforcedStyle: receive
 
+RSpec/MultipleMemoizedHelpers:
+  Enabled: false
+
 RSpec/NamedSubject:
   Enabled: false
 
@@ -91,6 +104,12 @@ Style/Alias:
   Enabled: true
   EnforcedStyle: prefer_alias_method
 
+Style/ArrayCoercion:
+  Enabled: true
+
+Style/CaseLikeIf:
+  Enabled: true
+
 Style/Documentation:
   Enabled: false
 
@@ -106,6 +125,9 @@ Style/FormatString:
 Style/GuardClause:
   Enabled: false
 
+Style/HashAsLastArrayItem:
+  Enabled: true
+
 Style/MixinUsage:
   Exclude:
     - bin/**/*
@@ -113,6 +135,15 @@ Style/MixinUsage:
 Style/MultilineBlockChain:
   Enabled: false
 
+Style/RedundantFileExtensionInRequire:
+  Enabled: true
+
+Style/RedundantRegexpCharacterClass:
+  Enabled: true
+
+Style/RedundantRegexpEscape:
+  Enabled: true
+
 Style/RedundantReturn:
   AllowMultipleReturnValues: true
 
@@ -152,12 +183,24 @@ RSpec/MultipleExpectations:
 # following rules all mirror the default rubocop configuration, but they're here
 # just to silence the warnings. They can be removed when 1.0 comes out.
 
+Lint/DeprecatedOpenSSLConstant:
+  Enabled: true
+
+Layout/EmptyLinesAroundAttributeAccessor:
+  Enabled: true
+
+Layout/SpaceAroundMethodCallOperator:
+  Enabled: true
+
 Lint/RaiseException:
   Enabled: true
 
 Lint/StructNewOverride:
   Enabled: true
 
+Style/ExponentialNotation:
+  Enabled: true
+
 Style/HashEachMethods:
   Enabled: true
 
@@ -166,3 +209,6 @@ Style/HashTransformKeys:
 
 Style/HashTransformValues:
   Enabled: true
+
+Style/SlicingWithRange:
+  Enabled: true

metadata

@@ -1,43 +1,55 @@
 --- !ruby/object:Gem::Specification
 name: panolint
 version: !ruby/object:Gem::Version
-  version: 0.1.2
+  version: 0.1.3
 platform: ruby
 authors:
 - Kevin Deisz
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2020-04-10 00:00:00.000000000 Z
+date: 2021-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: brakeman
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.8'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '4.8'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '6.0'
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '0.81'
+        version: '0.83'
+    - - "<"
+      - !ruby/object:Gem::Version
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0.83'
+    - - "<"
       - !ruby/object:Gem::Version
-        version: '0.81'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
@@ -66,20 +78,34 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '2.5'
+- !ruby/object:Gem::Dependency
+  name: rubocop-rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.5'
 - !ruby/object:Gem::Dependency
   name: rubocop-rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.38'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.38'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -130,7 +156,9 @@ extensions: []
 extra_rdoc_files: []
 files:
 - ".dependabot/config.yml"
-- ".github/workflows/main.yml"
+- ".github/workflows/auto-approve-dependabot.yml"
+- ".github/workflows/remove-needs-qa.yml"
+- ".github/workflows/tests.yml"
 - ".gitignore"
 - ".rspec"
 - CHANGELOG.md
@@ -166,7 +194,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: Rules for linting code at Panorama Education