rubocop-github 0.15.0 → 0.17.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 66b7cc8146735ce098192204581e2e6b436130fe3bacaa2a797dea4ce0a48f44
-  data.tar.gz: f00286af238080977106996b36240dd1d3ae03add29c238ebc210e45fa6b2ea5
+  metadata.gz: 0fd87ba9b81dbf0489ef9f8bdddfdc7ad832c7735e4376851165a03369a4493d
+  data.tar.gz: 294732c21b2ac89bde8bc654854d659293b7347ca478013e2eeeda8be3b92c4d
 SHA512:
-  metadata.gz: 23437aa5856816463e41fd8548dd57ded15d8118ba21b41abc456cb4bb53050d156e8b866119b290437baca59d8af1b31629b31d9d26183b6000673013224e0c
-  data.tar.gz: c32168d25f7617585609ed6e34bc819e036a8264eac168c631f998f9719217ae1d714b062829d88cd7df7f332120300f9675458f5631a4902c6ae0454dcdd0dc
+  metadata.gz: 75eca6f6d9a4c688a24f57f6b282d8a7515e7408db7c403ae0c3acdcd677d9cbb6acaa0713c55f8544baed002a077a1bcb3f2a4efd24d9118b720b7175d84a2c
+  data.tar.gz: 4770a141ce649d7bb034a9071db481a52858461672804e63ba62ea928072e0094177630d747a40b50ec017dafb323b5e6f4d4249d2e4ab543a20ebd5c53cfb14

data/README.md

@@ -1,4 +1,4 @@
-# RuboCop GitHub [![Build Status](https://travis-ci.org/github/rubocop-github.svg?branch=master)](https://travis-ci.org/github/rubocop-github)
+# RuboCop GitHub ![CI](https://github.com/github/rubocop-github/workflows/CI/badge.svg?event=push)
 
 This repository provides recommended RuboCop configuration and additional Cops for use on GitHub open source and internal Ruby projects.
 

data/STYLEGUIDE.md

@@ -2,7 +2,7 @@
 
 * Use soft-tabs with a two space indent.
 
-* Keep each line of code to a readable length. Unless you have a reason to, keep lines to fewer than 100 characters.
+* Keep each line of code to a readable length. Unless you have a reason to, keep lines to a maximum of 118 characters. Why 118? That's the width at which the pull request diff UI needs horizontal scrolling (making pull requests harder to review).
 
 * Never leave trailing whitespace.
 
@@ -31,9 +31,34 @@ some(arg).other
 !array.include?(element)
 ```
 
-* Indent `when` as deep as `case`.
+* Indent `when` with the start of the `case` expression.
 
 ``` ruby
+# bad
+message = case
+          when song.name == "Misty"
+            "Not again!"
+          when song.duration > 120
+            "Too long!"
+          when Time.now.hour > 21
+            "It's too late"
+          else
+            song.to_s
+          end
+
+# good
+message = case
+when song.name == "Misty"
+  "Not again!"
+when song.duration > 120
+  "Too long!"
+when Time.now.hour > 21
+  "It's too late"
+else
+  song.to_s
+end
+
+# good
 case
 when song.name == "Misty"
   puts "Not again!"
@@ -44,15 +69,6 @@ when Time.now.hour > 21
 else
   song.play
 end
-
-kind = case year
-       when 1850..1889 then "Blues"
-       when 1890..1909 then "Ragtime"
-       when 1910..1929 then "New Orleans Jazz"
-       when 1930..1939 then "Swing"
-       when 1940..1950 then "Bebop"
-       else "Jazz"
-       end
 ```
 
 * Use empty lines between `def`s and to break up a method into logical
@@ -292,44 +308,43 @@ end
 Use the Ruby 1.9 syntax for hash literals when all the keys are symbols:
 
 ``` ruby
-# good
-user = {
-  login: "defunkt",
-  name: "Chris Wanstrath"
-}
-
 # bad
 user = {
   :login => "defunkt",
   :name => "Chris Wanstrath"
 }
 
+# good
+user = {
+  login: "defunkt",
+  name: "Chris Wanstrath"
+}
 ```
 
 Use the 1.9 syntax when calling a method with Hash options arguments or named arguments:
 
 ``` ruby
-# good
-user = User.create(login: "jane")
-link_to("Account", controller: "users", action: "show", id: user)
-
 # bad
 user = User.create(:login => "jane")
 link_to("Account", :controller => "users", :action => "show", :id => user)
+
+# good
+user = User.create(login: "jane")
+link_to("Account", controller: "users", action: "show", id: user)
 ```
 
 If you have a hash with mixed key types, use the legacy hashrocket style to avoid mixing styles within the same hash:
 
 ``` ruby
-# good
+# bad
 hsh = {
-  :user_id => 55,
+  user_id: 55,
   "followers-count" => 1000
 }
 
-# bad
+# good
 hsh = {
-  user_id: 55,
+  :user_id => 55,
   "followers-count" => 1000
 }
 ```
@@ -355,7 +370,7 @@ def remove_member(user, skip_membership_check: false)
 end
 
 # Elsewhere, now with more clarity:
-remove_member user, skip_membership_check: true
+remove_member(user, skip_membership_check: true)
 ```
 
 ## Naming

data/config/_default_shared.yml

@@ -10,6 +10,9 @@ Bundler/DuplicatedGem:
 Bundler/OrderedGems:
   Enabled: true
 
+GitHub/InsecureHashAlgorithm:
+  Enabled: true
+
 Layout/BlockAlignment:
   Enabled: true
 
@@ -163,7 +166,7 @@ Lint/RedundantSplatExpansion:
 Lint/UnreachableCode:
   Enabled: true
 
-Lint/UselessComparison:
+Lint/BinaryOperatorWithIdenticalOperands:
   Enabled: true
 
 Lint/UselessSetterCall:

data/lib/rubocop/cop/github/insecure_hash_algorithm.rb

@@ -0,0 +1,139 @@
+# frozen_string_literal: true
+
+require "rubocop"
+
+module RuboCop
+  module Cop
+    module GitHub
+      class InsecureHashAlgorithm < Cop
+        MSG = "This hash function is not allowed"
+        UUID_V3_MSG = "uuid_v3 uses MD5, which is not allowed"
+        UUID_V5_MSG = "uuid_v5 uses SHA1, which is not allowed"
+
+        # Matches constants like these:
+        #   Digest::MD5
+        #   OpenSSL::Digest::MD5
+        def_node_matcher :insecure_const?, <<-PATTERN
+          (const (const _ :Digest) #insecure_algorithm?)
+        PATTERN
+
+        # Matches calls like these:
+        #   Digest.new('md5')
+        #   Digest.hexdigest('md5', 'str')
+        #   OpenSSL::Digest.new('md5')
+        #   OpenSSL::Digest.hexdigest('md5', 'str')
+        #   OpenSSL::Digest::Digest.new('md5')
+        #   OpenSSL::Digest::Digest.hexdigest('md5', 'str')
+        #   OpenSSL::Digest::Digest.new(:MD5)
+        #   OpenSSL::Digest::Digest.hexdigest(:MD5, 'str')
+        def_node_matcher :insecure_digest?, <<-PATTERN
+          (send
+            (const _ {:Digest :HMAC})
+            #not_just_encoding?
+            #insecure_algorithm?
+            ...)
+        PATTERN
+
+        # Matches calls like "Digest(:MD5)".
+        def_node_matcher :insecure_hash_lookup?, <<-PATTERN
+          (send _ :Digest #insecure_algorithm?)
+        PATTERN
+
+        # Matches calls like "OpenSSL::HMAC.new(secret, hash)"
+        def_node_matcher :openssl_hmac_new?, <<-PATTERN
+          (send (const (const _ :OpenSSL) :HMAC) :new ...)
+        PATTERN
+
+        # Matches calls like "OpenSSL::HMAC.new(secret, 'sha1')"
+        def_node_matcher :openssl_hmac_new_insecure?, <<-PATTERN
+          (send (const (const _ :OpenSSL) :HMAC) :new _ #insecure_algorithm?)
+        PATTERN
+
+        # Matches Rails's Digest::UUID.
+        def_node_matcher :digest_uuid?, <<-PATTERN
+          (const (const _ :Digest) :UUID)
+        PATTERN
+
+        def_node_matcher :uuid_v3?, <<-PATTERN
+          (send (const _ :UUID) :uuid_v3 ...)
+        PATTERN
+
+        def_node_matcher :uuid_v5?, <<-PATTERN
+          (send (const _ :UUID) :uuid_v5 ...)
+        PATTERN
+
+        def insecure_algorithm?(val)
+          return false if val == :Digest # Don't match "Digest::Digest".
+          case alg_name(val)
+          when *allowed_hash_functions
+            false
+          when Symbol
+            # can't figure this one out, it's nil or a var or const.
+            false
+          else
+            true
+          end
+        end
+
+        def not_just_encoding?(val)
+          !just_encoding?(val)
+        end
+
+        def just_encoding?(val)
+          val == :hexencode || val == :bubblebabble
+        end
+
+        # Built-in hash functions are listed in these docs:
+        #  https://ruby-doc.org/stdlib-2.7.0/libdoc/digest/rdoc/Digest.html
+        #  https://ruby-doc.org/stdlib-2.7.0/libdoc/openssl/rdoc/OpenSSL/Digest.html
+        DEFAULT_ALLOWED = %w[
+          SHA256
+          SHA384
+          SHA512
+        ].freeze
+
+        def allowed_hash_functions
+          @allowed_algorithms ||= cop_config.fetch("Allowed", DEFAULT_ALLOWED).map(&:downcase)
+        end
+
+        def alg_name(val)
+          return :nil if val.nil?
+          return val.to_s.downcase unless val.is_a?(RuboCop::AST::Node)
+          case val.type
+          when :sym, :str
+            val.children.first.to_s.downcase
+          else
+            val.type
+          end
+        end
+
+        def on_const(const_node)
+          if insecure_const?(const_node) && !digest_uuid?(const_node)
+            add_offense(const_node, message: MSG)
+          end
+        end
+
+        def on_send(send_node)
+          case
+          when uuid_v3?(send_node)
+            unless allowed_hash_functions.include?("md5")
+              add_offense(send_node, message: UUID_V3_MSG)
+            end
+          when uuid_v5?(send_node)
+            unless allowed_hash_functions.include?("sha1")
+              add_offense(send_node, message: UUID_V5_MSG)
+            end
+          when openssl_hmac_new?(send_node)
+            if openssl_hmac_new_insecure?(send_node)
+              add_offense(send_node, message: MSG)
+            end
+          when insecure_digest?(send_node)
+            add_offense(send_node, message: MSG)
+          when insecure_hash_lookup?(send_node)
+            add_offense(send_node, message: MSG)
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/github/rails_controller_render_action_symbol.rb

@@ -9,11 +9,11 @@ module RuboCop
         MSG = "Prefer `render` with string instead of symbol"
 
         def_node_matcher :render_sym?, <<-PATTERN
-          (send nil? :render $(sym _))
+          (send nil? {:render :render_to_string} $(sym _))
         PATTERN
 
         def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :action_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_controller_render_literal.rb

@@ -1,36 +1,15 @@
 # frozen_string_literal: true
 
 require "rubocop"
+require "rubocop/cop/github/render_literal_helpers"
 
 module RuboCop
   module Cop
     module GitHub
       class RailsControllerRenderLiteral < Cop
-        MSG = "render must be used with a string literal or an instance of a Class"
-
-        def_node_matcher :literal?, <<-PATTERN
-          ({str sym true false nil?} ...)
-        PATTERN
-
-        def_node_matcher :render?, <<-PATTERN
-          (send nil? :render ...)
-        PATTERN
-
-        def_node_matcher :render_literal?, <<-PATTERN
-          (send nil? :render ({str sym} $_) $...)
-        PATTERN
+        include RenderLiteralHelpers
 
-        def_node_matcher :render_const?, <<-PATTERN
-          (send nil? :render (const _ _) ...)
-        PATTERN
-
-        def_node_matcher :render_inst?, <<-PATTERN
-          (send nil? :render (send _ :new ...) ...)
-        PATTERN
-
-        def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...))
-        PATTERN
+        MSG = "render must be used with a string literal or an instance of a Class"
 
         def_node_matcher :ignore_key?, <<-PATTERN
           (pair (sym {
@@ -68,10 +47,16 @@ module RuboCop
           }) ...)
         PATTERN
 
+        def_node_matcher :render_const?, <<-PATTERN
+          (send nil? {:render :render_to_string} (const _ _) ...)
+        PATTERN
+
         def on_send(node)
           return unless render?(node)
 
-          if render_literal?(node) || render_inst?(node) || render_const?(node)
+          return if render_view_component?(node) || render_const?(node)
+
+          if render_literal?(node)
           elsif option_pairs = render_with_options?(node)
             option_pairs = option_pairs.reject { |pair| options_key?(pair) }
 
@@ -82,18 +67,40 @@ module RuboCop
             if template_node = option_pairs.map { |pair| template_key?(pair) }.compact.first
               if !literal?(template_node)
                 add_offense(node, location: :expression)
+                return
               end
             else
               add_offense(node, location: :expression)
+              return
             end
 
             if layout_node = option_pairs.map { |pair| layout_key?(pair) }.compact.first
               if !literal?(layout_node)
                 add_offense(node, location: :expression)
+                return
               end
             end
           else
             add_offense(node, location: :expression)
+            return
+          end
+
+          if render_literal?(node)
+            option_hash = node.arguments[1]
+            if option_hash && !option_hash.hash_type?
+              add_offense(node, location: :expression)
+              return
+            end
+            option_pairs = option_hash && option_hash.pairs
+          else
+            option_pairs = node.arguments[0].pairs
+          end
+
+          if option_pairs
+            locals = option_pairs.map { |pair| locals_key?(pair) }.compact.first
+            if locals && (!locals.hash_type? || !hash_with_literal_keys?(locals))
+              add_offense(node, location: :expression)
+            end
           end
         end
       end

data/lib/rubocop/cop/github/rails_controller_render_paths_exist.rb

@@ -7,15 +7,15 @@ module RuboCop
     module GitHub
       class RailsControllerRenderPathsExist < Cop
         def_node_matcher :render?, <<-PATTERN
-          (send nil? :render $...)
+          (send nil? {:render :render_to_string} $...)
         PATTERN
 
         def_node_matcher :render_str?, <<-PATTERN
-          (send nil? :render $({str sym} $_) ...)
+          (send nil? {:render :render_to_string} $({str sym} $_) ...)
         PATTERN
 
         def_node_matcher :render_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :render_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_controller_render_shorthand.rb

@@ -9,7 +9,7 @@ module RuboCop
         MSG = "Prefer `render` template shorthand"
 
         def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :action_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_render_inline.rb

@@ -9,7 +9,7 @@ module RuboCop
         MSG = "Avoid `render inline:`"
 
         def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :inline_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_render_object_collection.rb

@@ -9,7 +9,7 @@ module RuboCop
         MSG = "Avoid `render object:`"
 
         def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...) ...)
+          (send nil? {:render :render_to_string} (hash $...) ...)
         PATTERN
 
         def_node_matcher :partial_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_view_render_literal.rb

@@ -1,36 +1,15 @@
 # frozen_string_literal: true
 
 require "rubocop"
+require "rubocop/cop/github/render_literal_helpers"
 
 module RuboCop
   module Cop
     module GitHub
       class RailsViewRenderLiteral < Cop
-        MSG = "render must be used with a string literal or an instance of a Class"
+        include RenderLiteralHelpers
 
-        def_node_matcher :literal?, <<-PATTERN
-          ({str sym true false nil?} ...)
-        PATTERN
-
-        def_node_matcher :render?, <<-PATTERN
-          (send nil? :render $...)
-        PATTERN
-
-        def_node_matcher :render_literal?, <<-PATTERN
-          (send nil? :render ({str sym} $_) $...)
-        PATTERN
-
-        def_node_matcher :render_inst?, <<-PATTERN
-          (send nil? :render (send _ :new ...) ...)
-        PATTERN
-
-        def_node_matcher :render_const?, <<-PATTERN
-          (send nil? :render (const _ _) ...)
-        PATTERN
-
-        def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...) ...)
-        PATTERN
+        MSG = "render must be used with a literal template and use literals for locals keys"
 
         def_node_matcher :ignore_key?, <<-PATTERN
           (pair (sym {
@@ -50,7 +29,10 @@ module RuboCop
         def on_send(node)
           return unless render?(node)
 
-          if render_literal?(node) || render_inst?(node) || render_const?(node)
+          # Ignore "component"-style renders
+          return if render_view_component?(node)
+
+          if render_literal?(node)
           elsif option_pairs = render_with_options?(node)
             if option_pairs.any? { |pair| ignore_key?(pair) }
               return
@@ -59,12 +41,31 @@ module RuboCop
             if partial_node = option_pairs.map { |pair| partial_key?(pair) }.compact.first
               if !literal?(partial_node)
                 add_offense(node, location: :expression)
+                return
               end
             else
               add_offense(node, location: :expression)
+              return
             end
           else
             add_offense(node, location: :expression)
+            return
+          end
+
+          if render_literal?(node) && node.arguments.count > 1
+            locals = node.arguments[1]
+          elsif options_pairs = render_with_options?(node)
+            locals = option_pairs.map { |pair| locals_key?(pair) }.compact.first
+          end
+
+          if locals
+            if locals.hash_type?
+              if !hash_with_literal_keys?(locals)
+                add_offense(node, location: :expression)
+              end
+            else
+              add_offense(node, location: :expression)
+            end
           end
         end
       end

data/lib/rubocop/cop/github/rails_view_render_paths_exist.rb

@@ -7,15 +7,15 @@ module RuboCop
     module GitHub
       class RailsViewRenderPathsExist < Cop
         def_node_matcher :render?, <<-PATTERN
-          (send nil? :render $...)
+          (send nil? {:render :render_to_string} $...)
         PATTERN
 
         def_node_matcher :render_str?, <<-PATTERN
-          (send nil? :render $(str $_) ...)
+          (send nil? {:render :render_to_string} $(str $_) ...)
         PATTERN
 
         def_node_matcher :render_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :partial_key?, <<-PATTERN

data/lib/rubocop/cop/github/rails_view_render_shorthand.rb

@@ -9,7 +9,7 @@ module RuboCop
         MSG = "Prefer `render` partial shorthand"
 
         def_node_matcher :render_with_options?, <<-PATTERN
-          (send nil? :render (hash $...))
+          (send nil? {:render :render_to_string} (hash $...))
         PATTERN
 
         def_node_matcher :partial_key?, <<-PATTERN

data/lib/rubocop/cop/github/render_literal_helpers.rb

@@ -0,0 +1,55 @@
+# frozen_string_literal: true
+#
+require "rubocop"
+
+module RuboCop
+  module Cop
+    module GitHub
+      module RenderLiteralHelpers
+        extend NodePattern::Macros
+
+        def_node_matcher :literal?, <<-PATTERN
+          ({str sym true false nil?} ...)
+        PATTERN
+
+        def_node_matcher :render?, <<-PATTERN
+          (send nil? {:render :render_to_string} ...)
+        PATTERN
+
+        def_node_matcher :render_literal?, <<-PATTERN
+          (send nil? {:render :render_to_string} ({str sym} $_) $...)
+        PATTERN
+
+        def_node_matcher :render_with_options?, <<-PATTERN
+          (send nil? {:render :render_to_string} (hash $...) ...)
+        PATTERN
+
+        def_node_matcher :render_view_component_instance?, <<-PATTERN
+          (send nil? {:render :render_to_string} (send _ :new ...) ...)
+        PATTERN
+
+        def_node_matcher :render_view_component_instance_with_content?, <<-PATTERN
+          (send nil? {:render :render_to_string} (send (send _ :new ...) `:with_content ...))
+        PATTERN
+
+        def_node_matcher :render_view_component_collection?, <<-PATTERN
+          (send nil? {:render :render_to_string} (send _ :with_collection ...) ...)
+        PATTERN
+
+        def_node_matcher :locals_key?, <<-PATTERN
+          (pair (sym :locals) $_)
+        PATTERN
+
+        def hash_with_literal_keys?(hash)
+          hash.pairs.all? { |pair| literal?(pair.key) }
+        end
+
+        def render_view_component?(node)
+          render_view_component_instance_with_content?(node) ||
+            render_view_component_instance?(node) ||
+            render_view_component_collection?(node)
+        end
+      end
+    end
+  end
+end

data/lib/rubocop/cop/github.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "rubocop/cop/github/insecure_hash_algorithm"
 require "rubocop/cop/github/rails_application_record"
 require "rubocop/cop/github/rails_controller_render_action_symbol"
 require "rubocop/cop/github/rails_controller_render_literal"

metadata

@@ -1,99 +1,99 @@
 --- !ruby/object:Gem::Specification
 name: rubocop-github
 version: !ruby/object:Gem::Version
-  version: 0.15.0
+  version: 0.17.0
 platform: ruby
 authors:
 - GitHub
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-04-24 00:00:00.000000000 Z
+date: 2022-01-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "<="
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.82.0
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "<="
+    - - ">="
       - !ruby/object:Gem::Version
-        version: 0.82.0
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop-performance
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '1.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rubocop-rails
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: actionview
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.1'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '5.0'
+        version: '6.1'
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5.10'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '5.10'
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '0'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '12.0'
+        version: '0'
 description: 'Code style checking for GitHub Ruby repositories '
 email: engineering@github.com
 executables: []
@@ -115,6 +115,7 @@ files:
 - guides/rails-render-inline.md
 - guides/rails-render-literal.md
 - lib/rubocop/cop/github.rb
+- lib/rubocop/cop/github/insecure_hash_algorithm.rb
 - lib/rubocop/cop/github/rails_application_record.rb
 - lib/rubocop/cop/github/rails_controller_render_action_symbol.rb
 - lib/rubocop/cop/github/rails_controller_render_literal.rb
@@ -125,11 +126,12 @@ files:
 - lib/rubocop/cop/github/rails_view_render_literal.rb
 - lib/rubocop/cop/github/rails_view_render_paths_exist.rb
 - lib/rubocop/cop/github/rails_view_render_shorthand.rb
+- lib/rubocop/cop/github/render_literal_helpers.rb
 homepage: https://github.com/github/rubocop-github
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -137,15 +139,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: 2.1.0
+      version: 2.5.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
-signing_key: 
+rubygems_version: 3.1.6
+signing_key:
 specification_version: 4
 summary: RuboCop GitHub
 test_files: []