From b8409c10f5312c0772e8f087cd68889816ec4310 Mon Sep 17 00:00:00 2001 From: Koichi ITO Date: Sat, 29 Jun 2024 23:49:30 +0900 Subject: [PATCH] Cut 2.25.1 --- CHANGELOG.md | 2 ++ config/default.yml | 2 +- docs/antora.yml | 2 +- docs/modules/ROOT/pages/cops_rails.adoc | 23 +++++++++++++++++++---- lib/rubocop/rails/version.rb | 2 +- relnotes/v2.25.1.md | 20 ++++++++++++++++++++ 6 files changed, 44 insertions(+), 7 deletions(-) create mode 100644 relnotes/v2.25.1.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 188bc09100..902e57e4e7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ ## master (unreleased) +## 2.25.1 (2024-06-29) + ### Bug fixes * [#1280](https://github.com/rubocop/rubocop-rails/issues/1280): Look for change_column_null for `Rails/BulkChangeTable`. ([@ccutrer][]) diff --git a/config/default.yml b/config/default.yml index 4b389ce841..9e0c976ba6 100644 --- a/config/default.yml +++ b/config/default.yml @@ -1020,7 +1020,7 @@ Rails/SkipsModelValidations: Enabled: true Safe: false VersionAdded: '0.47' - VersionChanged: '<>' + VersionChanged: '2.25' ForbiddenMethods: - decrement! - decrement_counter diff --git a/docs/antora.yml b/docs/antora.yml index 9e0ff48acb..2af9fa857f 100644 --- a/docs/antora.yml +++ b/docs/antora.yml @@ -2,6 +2,6 @@ name: rubocop-rails title: RuboCop Rails # We always provide version without patch here (e.g. 1.1), # as patch versions should not appear in the docs. -version: ~ +version: '2.25' nav: - modules/ROOT/nav.adoc diff --git a/docs/modules/ROOT/pages/cops_rails.adoc b/docs/modules/ROOT/pages/cops_rails.adoc index 45748ae1d2..ecef5f8339 100644 --- a/docs/modules/ROOT/pages/cops_rails.adoc +++ b/docs/modules/ROOT/pages/cops_rails.adoc @@ -3447,7 +3447,7 @@ end | - |=== -Checks for calls to `link_to` that contain a +Checks for calls to `link_to`, `link_to_if`, and `link_to_unless` methods that contain a `target: '_blank'` but no `rel: 'noopener'`. This can be a security risk as the loaded page will have control over the previous page and could change its location for phishing purposes. @@ -5873,10 +5873,10 @@ l Time.now | Enabled by default | Safe | Supports autocorrection | Version Added | Version Changed | Enabled -| Yes +| No | No | 0.47 -| 2.7 +| 2.25 |=== Checks for the use of methods which skip @@ -5885,6 +5885,10 @@ https://guides.rubyonrails.org/active_record_validations.html#skipping-validatio Methods may be ignored from this rule by configuring a `AllowedMethods`. +=== Safety + +This cop is unsafe if the receiver object is not an Active Record object. + === Examples [source,ruby] @@ -6744,6 +6748,7 @@ Checks for the use of old-style attribute validation macros. ---- # bad validates_acceptance_of :foo +validates_comparison_of :foo validates_confirmation_of :foo validates_exclusion_of :foo validates_format_of :foo @@ -6758,6 +6763,7 @@ validates_uniqueness_of :foo # good validates :foo, acceptance: true validates :foo, confirmation: true +validates :foo, comparison: true validates :foo, exclusion: true validates :foo, format: true validates :foo, inclusion: true @@ -7030,7 +7036,7 @@ NOTE: Required Ruby version: 2.6 | Pending | Yes -| Always +| Always (Unsafe) | 2.25 | - |=== @@ -7038,6 +7044,15 @@ NOTE: Required Ruby version: 2.6 Identifies places where manually constructed SQL in `where` can be replaced with ranges. +=== Safety + +This cop's autocorrection is unsafe because it can change the query +by explicitly attaching the column to the wrong table. +For example, `Booking.joins(:events).where('end_at < ?', Time.current)` will correctly +implicitly attach the `end_at` column to the `events` table. But when autocorrected to +`Booking.joins(:events).where(end_at: ...Time.current)`, it will now be incorrectly +explicitly attached to the `bookings` table. + === Examples [source,ruby] diff --git a/lib/rubocop/rails/version.rb b/lib/rubocop/rails/version.rb index 77d9a63a6b..29db46e6d2 100644 --- a/lib/rubocop/rails/version.rb +++ b/lib/rubocop/rails/version.rb @@ -4,7 +4,7 @@ module RuboCop module Rails # This module holds the RuboCop Rails version information. module Version - STRING = '2.25.0' + STRING = '2.25.1' def self.document_version STRING.match('\d+\.\d+').to_s diff --git a/relnotes/v2.25.1.md b/relnotes/v2.25.1.md new file mode 100644 index 0000000000..ad02f08de4 --- /dev/null +++ b/relnotes/v2.25.1.md @@ -0,0 +1,20 @@ +### Bug fixes + +* [#1280](https://github.com/rubocop/rubocop-rails/issues/1280): Look for change_column_null for `Rails/BulkChangeTable`. ([@ccutrer][]) +* [#1299](https://github.com/rubocop/rubocop-rails/pull/1299): Fix an error for `Rails/NotNullColumn` when the block for `change_table` is empty. ([@earlopain][]) +* [#1281](https://github.com/rubocop/rubocop-rails/issues/1281): Fix `Rails/WhereRange` autocorrect for complex expressions. ([@fatkodima][]) +* [#1282](https://github.com/rubocop/rubocop-rails/issues/1282): Fix `Rails/WhereRange` to correctly handle template strings with extra spaces. ([@fatkodima][]) + +### Changes + +* [#1295](https://github.com/rubocop/rubocop-rails/issues/1295): Cover validates_comparison_of in `Rails/Validation`. ([@ChaelCodes][]) +* [#1288](https://github.com/rubocop/rubocop-rails/issues/1288): Let `Rails/LinkToBlank` look into `link_to_if` and `link_to_unless`, too. ([@fwolfst][]) +* [#1286](https://github.com/rubocop/rubocop-rails/issues/1286): Mark `Rails/SkipsModelValidations` as unsafe. ([@koic][]) +* [#1283](https://github.com/rubocop/rubocop-rails/issues/1283): Mark `Rails/WhereRange` as unsafe autocorrect. ([@fatkodima][]) + +[@ccutrer]: https://github.com/ccutrer +[@earlopain]: https://github.com/earlopain +[@fatkodima]: https://github.com/fatkodima +[@ChaelCodes]: https://github.com/ChaelCodes +[@fwolfst]: https://github.com/fwolfst +[@koic]: https://github.com/koic