Update rubocop configuration to match

tinglesoftware · Sep 17, 2023 · 1b26421 · 1b26421
1 parent b6d85d1
commit 1b26421
Show file tree

Hide file tree

Showing 4 changed files with 41 additions and 31 deletions.
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -1,21 +1,25 @@
 ---
-require: rubocop-performance
+require:
+  - rubocop-performance
 
 AllCops:
   DisplayCopNames: true
   Exclude:
-    - "../*/bin/**/*" # TODO: remove this once files in bin have been distributed
-    - "updater/tmp/**/*"
-    - "updater/spec/fixtures/**/*"
-    - "updater/vendor/**/*"
+    - "*/vendor/**/*"
+    - "**/tmp/**/*"
+    - "*/spec/fixtures/**/*"
+    - "vendor/**/*"
+    - "dry-run/**/*"
   NewCops: enable
   SuggestExtensions: false
 Gemspec/DeprecatedAttributeAssignment:
   Enabled: true
+Gemspec/DevelopmentDependencies:
+  Enabled: false
 Gemspec/RequireMFA:
   Enabled: false
 Layout/DotPosition:
-  EnforcedStyle: trailing
+  EnforcedStyle: leading # See https://srb.help/2001
 Layout/EmptyLinesAroundAttributeAccessor:
   Enabled: false
 Layout/FirstArrayElementIndentation:
@@ -106,9 +110,9 @@ Metrics/AbcSize:
   Max: 35
 Metrics/BlockLength:
   Exclude:
-    - "../*/Rakefile"
-    - "../**/spec/**/*"
-    - "../*/dependabot-*.gemspec"
+    - "*/Rakefile"
+    - "**/spec/**/*"
+    - "*/dependabot-*.gemspec"
   Max: 35
 Metrics/ClassLength:
   Max: 350
@@ -278,7 +282,7 @@ Style/NilLambda:
   Enabled: true
 Style/NumericPredicate:
   Exclude:
-    - "../*/spec/**/*"
+    - "*/spec/**/*"
 Style/OptionalBooleanParameter:
   Enabled: false
 Style/PercentLiteralDelimiters:
@@ -333,5 +337,3 @@ Style/SelectByRegexp:
 # a follow-on PR.
 Naming/BlockForwarding:
   Enabled: false
-Style/MutableConstant:
-  Enabled: false
diff --git a/Rakefile b/Rakefile
@@ -7,9 +7,11 @@ require "uri"
 require "json"
 require "rubygems/package"
 require "bundler"
-# require "./common/lib/dependabot/version"
+# require "./common/lib/dependabot"
 require "yaml"
 
+# ./dependabot-core.gemspec is purposefully excluded from this list
+# because it's an empty gem as a placeholder to prevent namesquatting.
 # GEMSPECS = %w(
 #   common/dependabot-common.gemspec
 #   go_modules/dependabot-go_modules.gemspec
@@ -29,14 +31,15 @@ require "yaml"
 #   python/dependabot-python.gemspec
 #   pub/dependabot-pub.gemspec
 #   omnibus/dependabot-omnibus.gemspec
+#   swift/dependabot-swift.gemspec
 # ).freeze
-GEMSPECS = []
 
 def run_command(command)
   puts "> #{command}"
   exit 1 unless system(command)
 end
 
+# rubocop:disable Metrics/BlockLength
 namespace :gems do
   task build: :clean do
     root_path = Dir.getwd
@@ -120,9 +123,10 @@ end
 def rubygems_release_exists?(name, version)
   uri = URI.parse("https://rubygems.org/api/v1/versions/#{name}.json")
   response = Net::HTTP.get_response(uri)
-  abort "Gem #{name} doesn't exist on rubygems" if response.code != "200"
+  return false if response.code != "200"
 
   body = JSON.parse(response.body)
   existing_versions = body.map { |b| b["number"] }
   existing_versions.include?(version)
 end
+# rubocop:enable Metrics/BlockLength
diff --git a/copy-updater-files.ps1 b/copy-updater-files.ps1
@@ -1,11 +1,15 @@
 # Find the current version for dependabot-omnibus
-$gemfileContent = Get-Content -Path "updater\Gemfile" -Raw
+$gemfileContent = Get-Content -Path "updater/Gemfile" -Raw
 $versionLine = $gemfileContent | Select-String 'gem "dependabot-omnibus", "(.*)"' | Select-Object -ExpandProperty Line
 $version = [regex]::Match($versionLine, '"~>(\d+\.\d+\.\d+)"').Groups[1].Value
 Write-Output "Found dependabot-omnibus version: $version"
 
+# Prepare the list of files to be downloaded
 $files = @(
     ".ruby-version"
+    # ".rubocop.yml"
+    # "Rakefile"
+    "updater/.rubocop.yml"
 
     "updater/bin/fetch_files.rb"
     "updater/bin/update_files.rb"
@@ -107,8 +111,8 @@ $files = @(
     # "updater/spec/spec_helper.rb"
 )
 
+# Download each file listed
 $baseUrl = "https://raw.githubusercontent.com/dependabot/dependabot-core"
-
 foreach ($name in $files) {
     $sourceUrl = "$baseUrl/v$version/$($name)"
     $destinationPath = Join-Path -Path '.' -ChildPath "$name"

diff --git a/updater/bin/update_script.rb b/updater/bin/update_script.rb
@@ -281,11 +281,11 @@ def ignored_versions_for(dep)
         update_types: ic["update-types"]
       )
     end
-    Dependabot::Config::UpdateConfig.new(ignore_conditions: ignore_conditions).
-      ignored_versions_for(
-        dep,
-        security_updates_only: $options[:security_updates_only]
-      )
+    Dependabot::Config::UpdateConfig.new(ignore_conditions: ignore_conditions)
+                                    .ignored_versions_for(
+                                      dep,
+                                      security_updates_only: $options[:security_updates_only]
+                                    )
   else
     $update_config.ignored_versions_for(
       dep,
@@ -297,8 +297,8 @@ def ignored_versions_for(dep)
 # rubocop:disable Metrics/PerceivedComplexity
 def security_advisories_for(dep)
   relevant_advisories =
-    $options[:security_advisories].
-    select { |adv| adv.fetch("dependency-name").casecmp(dep.name).zero? }
+    $options[:security_advisories]
+    .select { |adv| adv.fetch("dependency-name").casecmp(dep.name).zero? }
 
   # add relevant advisories from the fetcher if present
   relevant_advisories += $vulnerabilities_fetcher&.fetch(dep.name) || []
@@ -363,17 +363,17 @@ def peer_dependency_should_update_instead?(dependency_name, updated_deps, files,
   # peer dependency getting updated
   return false if $options[:security_updates_only]
 
-  updated_deps.
-    reject { |dep| dep.name == dependency_name }.
-    any? do |dep|
+  updated_deps
+    .reject { |dep| dep.name == dependency_name }
+    .any? do |dep|
     original_peer_dep = ::Dependabot::Dependency.new(
       name: dep.name,
       version: dep.previous_version,
       requirements: dep.previous_requirements,
       package_manager: dep.package_manager
     )
-    update_checker_for(original_peer_dep, files, security_advisories).
-      can_update?(requirements_to_unlock: :own)
+    update_checker_for(original_peer_dep, files, security_advisories)
+      .can_update?(requirements_to_unlock: :own)
   end
 end
 
@@ -944,8 +944,8 @@ def show_diff(original_file, updated_file)
         version_class = Dependabot::Utils.version_class_for_package_manager(dep.package_manager) # necessary for npm
         next unless version_class.correct?(dep.version) # git_submodules don't work here
 
-        ignore_reqs = ignored_versions_for(dep).
-                      flat_map { |req| requirement_class.requirements_array(req) }
+        ignore_reqs = ignored_versions_for(dep)
+                      .flat_map { |req| requirement_class.requirements_array(req) }
         if ignore_reqs.any? { |req| req.satisfied_by?(version_class.new(dep.version)) }
           puts "Update for #{dep.name} #{dep.version} is no longer required."
           next