chore(deps): bump the bundler-version-updates group across 1 directory with 9 updates

[dependabot]

Updates the requirements on oauth2, typhoeus, warning, rubocop, rubocop-minitest, dotenv, minitest-hooks, rake and simplecov-cobertura to permit the latest version.
Updates oauth2 from 2.0.12 to 2.0.23

Release notes

Sourced from oauth2's releases.

v2.0.23

2.0.23 - 2026-06-13

• TAG: v2.0.23
• COVERAGE: 100.00% -- 562/562 lines in 15 files
• BRANCH COVERAGE: 97.89% -- 186/190 branches in 15 files
• 88.35% documented

Changed

• Upgraded to snaky_hash v2.0.6 by @​pboling
• Refreshed generated GHA workflow action SHA pins by @​pboling

Fixed

• Addressed Reek code-quality checks with targeted cleanup and documented compatibility exclusions by @​pboling
• Fixed deprecation warning from MultiXML by @​robzolkos

• Fixed head appraisal dependency conflicts and Ruby 2.4 protocol-relative redirect handling by @​pboling

Official Discord 👉️ [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

[][🖇paypal]

... (truncated)

Changelog

Sourced from oauth2's changelog.

[2.0.23] - 2026-06-13

• TAG: [v2.0.23][2.0.23t]
• COVERAGE: 100.00% -- 562/562 lines in 15 files
• BRANCH COVERAGE: 97.89% -- 186/190 branches in 15 files
• 88.35% documented

Changed

• Upgraded to snaky_hash v2.0.6 by @​pboling
• Refreshed generated GHA workflow action SHA pins by @​pboling

Fixed

• Addressed Reek code-quality checks with targeted cleanup and documented compatibility exclusions by @​pboling
• Fixed deprecation warning from MultiXML by @​robzolkos

• Fixed head appraisal dependency conflicts and Ruby 2.4 protocol-relative redirect handling by @​pboling

[2.0.22] - 2026-06-07

• TAG: [v2.0.22][2.0.22t]
• COVERAGE: 100.00% -- 542/542 lines in 15 files
• BRANCH COVERAGE: 100.00% -- 180/180 branches in 15 files
• 88.35% documented

Changed

• Raised generated development tooling floors to kettle-dev >= 2.1.1 and version_gem >= 1.1.11.
• Raised the runtime dependency floor for snaky_hash to >= 2.0.5.

Security

• GHSA-pp92-crg2-gfv9 Prevent protocol-relative redirect Location values from changing request authority, and strip Authorization headers from cross-origin redirects by @​tonghuaroot and @​pboling

[2.0.21] - 2026-06-06

• TAG: [v2.0.21][2.0.21t]
• COVERAGE: 100.00% -- 525/525 lines in 15 files
• BRANCH COVERAGE: 100.00% -- 174/174 branches in 15 files
• 88.35% documented

Added

• [gh!730][gh!730] - Alternatives section to README by @​jonathangrinstead

... (truncated)

Commits

• af44293 👷 Normalize appraisal gemfile style
• 876c95a 🔖 Prepare release v2.0.23
• 016ff6a Merge pull request #734 from ruby-oauth/feat/repease-prep-v2.0.23
• c3547db 👷 Avoid JRuby turbo test hangs
• 85ef281 🐛 Tolerate nil redirect counts
• b9e850f 🔥 Remove style deps from appraisal root
• 0460e3e 🐛 Address remaining PR review comments
• 3423986 🐛 Stabilize Truffle CI expectations
• 174809b 🐛 Run legacy Truffle appraisals directly
• 1b95345 🐛 Fix legacy TruffleRuby CI
• Additional commits viewable in compare view

Updates typhoeus from 1.4.1 to 1.6.0

Changelog

Sourced from typhoeus's changelog.

1.6.0

Full Changelog

• Add Ruby 4.0 to CI matrix and update checkout action to v6. (Geremia Taglialatela, #744)
• Require Ethon >= 0.18.0, removing the upper bound constraint. (Geremia Taglialatela, #742)
• Update RubyDoc link in gemspec metadata. (Felipe Mesquita, #737)
• Update gem version badge and remove Code Climate badge. (Felipe Mesquita, #736)

1.5.0

Full Changelog

• Update gemspec with metadata and remove extra files from the bundled gem. (Felipe Mesquita, #734)
• Require Ruby 2.6+ and simplify Gemfile. (Felipe Mesquita, #733)
• Add support for URI objects in Typhoeus.stub(). (Katelyn Schiesser, #732)
• Add explicit require for logger and ostruct gems for Ruby 3.5+ compatibility. (Felipe Mesquita, #729)
• Add Ruby 3.4 to CI matrix. (y-yagi, #728)
• Support curl 8.9 error message changes in tests. (Mamoru TASAKA, #724)
• Add Ruby 3.2 and 3.3 to CI, drop Ruby 2.5, lock ethon < 0.16.0. (y-yagi, #716)
• Fix typo in comment: "reponse" → "response". (George Brocklehurst, #700)

Commits

• d7aba1b Update changelog to include tagliala's ci update
• 31798ca Merge pull request #744 from tagliala/chore/ci-ruby4
• 10c3530 Prepare for 1.6.0 release
• 7d2e7ee Merge pull request #742 from tagliala/feature/739-ethon-0180
• 0e05c4a Test against Ruby 4.0
• fd55b54 Require Ethon >= 0.18.0
• 2c83401 Merge pull request #737 from typhoeus/Update-RubyDoc-link
• 65b7fdd Update RubyDoc link
• 02d8589 Merge pull request #736 from typhoeus/Update-gem-version-badge
• 863a6d2 Update badge and remove code climate
• Additional commits viewable in compare view

Updates warning from 1.5.0 to 1.6.0

Changelog

Sourced from warning's changelog.

=== 1.6.0 (2026-05-11)

• Skip warning's own frame when raising exceptions (byroot) (#27)

• Add Warning.error_class accessor to override class to use when raising warnings as errors (byroot) (#26)

Commits

• 42094ca Bump version to 1.6.0
• f704c0b Mention Warning.error_class= in README
• 0f11aa1 Update CHANGELOG and documentation
• 808bcaf Skip warning's own frame when raising exceptions
• 3b25dc0 Allow to customize the raised error
• 1c8f52f Bump copyright year
• 9fd6fd4 Update to actions/checkout@v6
• 4de5514 Add Ruby 4.0 to CI
• 8086bcd Use SimpleCov.add_filter block instead of string
• b574f24 Switch rdoc task to normal rake task, avoid rdoc/task require
• Additional commits viewable in compare view

Updates rubocop from 1.78.0 to 1.88.0

Release notes

Sourced from rubocop's releases.

RuboCop v1.88.0

New features

• #15166: Add a new Recursive option to Style/MutableConstant. When enabled, the cop checks and freezes mutable literals nested inside arrays and hashes. The option is disabled by default to preserve existing behavior. ([@​paracycle][])

Bug fixes

• #15220: Fix a bad autocorrect for Lint/RedundantSplatExpansion when splatting an empty literal (e.g. when *[] or rescue *[]), which expanded to invalid or semantically different code. ([@​bbatsov][])
• #15221: Fix a bad autocorrect for Lint/RegexpAsCondition when the regexp literal is negated (e.g. if !/foo/), which inverted the condition. ([@​bbatsov][])
• #15242: Fix a bad autocorrect for Lint/SymbolConversion when the receiver is an interpolated string containing an embedded double quote (e.g. "foo#{bar}\"qux".to_sym), which produced a syntax error. ([@​bbatsov][])
• #15270: Fix a crash for Style/CombinableLoops when a for loop has an empty body, and stop autocorrecting consecutive for loops whose iteration variables differ (which produced code referencing an undefined variable). ([@​bbatsov][])
• #15272: Fix a crash for Style/ConstantVisibility when a visibility declaration has a numeric literal argument (e.g. private_constant 42). ([@​bbatsov][])
• #15215: Fix a false negative for Lint/OrderedMagicComments when an encoding magic comment is preceded by a magic comment other than frozen_string_literal (e.g. shareable_constant_value). ([@​bbatsov][])
• #15228: Fix a false negative for Lint/RedundantWithIndex when the block takes no arguments (e.g. ary.each_with_index { do_something }). ([@​bbatsov][])
• #15230: Fix a false negative for Lint/RequireRelativeSelfPath when requiring the current file by name with its extension (e.g. require_relative 'foo.rb') and the file path is absolute. ([@​bbatsov][])
• #15229: Fix a false negative for Lint/SafeNavigationChain when an ordinary method is chained after a parenthesized safe navigation call (e.g. (x&.foo).bar). ([@​bbatsov][])
• #15225: Fix a false negative for Lint/SafeNavigationWithEmpty when the receiver of &.empty? is a local variable, instance variable, constant, or other non-method-call expression. ([@​bbatsov][])
• #15231: Fix a false negative for Lint/SendWithMixinArgument when send/public_send/__send__ is called with no explicit receiver or with a self receiver (e.g. send(:include, Bar)). ([@​bbatsov][])
• #15248: Fix a false negative for Lint/ToEnumArguments when more positional arguments are passed than the method accepts (e.g. def m(x); to_enum(:m, x, extra); end), which raises ArgumentError when the enumerator is used. ([@​bbatsov][])
• #15249: Fix a false negative for Lint/UnescapedBracketInRegexp when an unescaped ] is preceded by an escaped backslash (e.g. /abc\\]123/). ([@​bbatsov][])
• #15267: Fix a false positive for Style/ArrayIntersectWithSingleElement with a splat argument (e.g. array.intersect?([*foo])), which is not a single element and was incorrectly rewritten to array.include?(*foo). ([@​bbatsov][])
• #15272: Fix a false positive for Style/ColonMethodCall with chained JRuby interop calls (e.g. Java::com::something_method). ([@​bbatsov][])
• #15271: Fix a false positive for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition when assigning an unless without an else branch (e.g. x = unless cond; 1; end), which was rewritten to move the assignment inside the unless and changed behavior when the condition was true. ([@​bbatsov][])
• #14401: Fix a false positive for Layout/BlockAlignment with EnforcedStyleAlignWith: start_of_line when a block is passed as a method argument. ([@​augustocbx][])
• #15216: Fix a false positive for Lint/RaiseException when raise Exception is used inside a module nested within an allowed implicit namespace (e.g. Gem). ([@​bbatsov][])
• #15219: Fix a false positive for Lint/RedundantDirGlobSort when sort is given a comparator block or a block-pass argument, which is not redundant with the default sorting. ([@​bbatsov][])
• #15224: Fix a false positive for Lint/ShadowingOuterLocalVariable when a block argument has the same name as a pattern variable from a different in branch of the same case. ([@​bbatsov][])
• #15239: Fix a false positive for Lint/SuppressedExceptionInNumberConversion when the numeric constructor already passes exception: false (e.g. Integer(arg, exception: false) rescue nil), which also produced an autocorrect with a duplicate exception: false keyword. ([@​bbatsov][])
• #15243: Fix a false positive for Lint/TopLevelReturnWithArgument when a return with an argument is inside a numbered-parameter block or an it block. ([@​bbatsov][])
• #15245: Fix a false positive for Lint/UselessRuby2Keywords when ruby2_keywords in a nested class or module refers to a method of the same name defined in an outer scope. ([@​bbatsov][])
• #15246: Fix a false positive for Lint/UselessSetterCall when a multiple assignment uses nested destructuring (e.g. (a, b), c = arg, other_arg), which misaligned variables with the right-hand side values. ([@​bbatsov][])
• #15125: Fix a false positive for Style/ZeroLengthPredicate when File::Stat.new(...).size.zero? is used. ([@​augustocbx][])
• #15196: Fix --start-server to wait until the server is running before returning, which fixes a flaky --restart-server spec and a race for commands run right after starting the server. ([@​koic][])
• #15272: Fix Style/Alias not detecting block scope for numbered-parameter and it blocks, which caused a false positive for alias_method and a false negative for alias inside such blocks. ([@​bbatsov][])
• #15281: Fix an incorrect autocorrect when Style/IfUnlessModifier and Style/Next correct the same conditional. ([@​fynsta][])
• #15260: Fix an error for Style/FileWrite when a literal or variable is passed to write in the block form. ([@​koic][])
• #15276: Fix an error for Style/RedundantFormat when the format string is a heredoc with format arguments. ([@​fynsta][])
• #15270: Fix an incorrect autocorrect for Style/AndOr when an operand is next, break, or yield with an argument (e.g. foo and next 1), which produced invalid Ruby like foo && next 1. ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ArrayFirstLast when arr[0]/arr[-1] is the target of a compound assignment (e.g. arr[0] += 1), which produced arr.first += 1 and raised NoMethodError. ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ArrayIntersect where a negated predicate on a safe-navigation chain (e.g. a&.intersection(b)&.none?) was rewritten to !a&.intersect?(b), flipping the result when the receiver is nil. ([@​bbatsov][])
• #15273: Fix an incorrect autocorrect for Style/BlockDelimiters that converted a single-line do...end block containing a block-level rescue or ensure to {...}, producing invalid Ruby. ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/CaseEquality when the argument is an operator or unary expression (e.g. Array === a + b), which produced mis-parsed code like a + b.is_a?(Array). ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison inside a namespace when the class name string is already fully qualified (e.g. bar.class.name == '::Bar'), which produced instance_of?(::::Bar) and was a syntax error. ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison when comparing Class itself to a string literal (e.g. var.class == 'Date'), which produced var.instance_of?('Date') and raised TypeError; such comparisons are no longer autocorrected. ([@​bbatsov][])
• #15274: Fix an incorrect autocorrect for Style/ClassMethodsDefinitions that corrupted a preceding comment containing def <name> and left the method undefined as a class method. ([@​bbatsov][])
• #15270: Fix an incorrect autocorrect for Style/ComparableClamp when the clamped value is an operator expression (e.g. a + b), which produced mis-parsed code like a + b.clamp(low, high). ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ConcatArrayLiterals with an empty array literal argument (e.g. arr.concat([], [b])), which produced invalid Ruby like arr.push(, b). ([@​bbatsov][])
• #15274: Fix an incorrect autocorrect for Style/DigChain that duplicated a trailing comment and dropped indentation when the chain was inside a method or block. ([@​bbatsov][])
• #15288: Fix an incorrect autocorrect for Lint/UselessTimes when a 1.times block takes a single destructured (|(a, b)|) or splat (|*a|) argument, which produced a body referencing an undefined variable. ([@​bbatsov][])
• #15280: Fix an incorrect autocorrect for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition and a single-line case. ([@​fynsta][])

... (truncated)

Changelog

Sourced from rubocop's changelog.

1.88.0 (2026-06-16)

New features

• #15166: Add a new Recursive option to Style/MutableConstant. When enabled, the cop checks and freezes mutable literals nested inside arrays and hashes. The option is disabled by default to preserve existing behavior. ([@​paracycle][])

Bug fixes

• #15220: Fix a bad autocorrect for Lint/RedundantSplatExpansion when splatting an empty literal (e.g. when *[] or rescue *[]), which expanded to invalid or semantically different code. ([@​bbatsov][])
• #15221: Fix a bad autocorrect for Lint/RegexpAsCondition when the regexp literal is negated (e.g. if !/foo/), which inverted the condition. ([@​bbatsov][])
• #15242: Fix a bad autocorrect for Lint/SymbolConversion when the receiver is an interpolated string containing an embedded double quote (e.g. "foo#{bar}\"qux".to_sym), which produced a syntax error. ([@​bbatsov][])
• #15270: Fix a crash for Style/CombinableLoops when a for loop has an empty body, and stop autocorrecting consecutive for loops whose iteration variables differ (which produced code referencing an undefined variable). ([@​bbatsov][])
• #15272: Fix a crash for Style/ConstantVisibility when a visibility declaration has a numeric literal argument (e.g. private_constant 42). ([@​bbatsov][])
• #15215: Fix a false negative for Lint/OrderedMagicComments when an encoding magic comment is preceded by a magic comment other than frozen_string_literal (e.g. shareable_constant_value). ([@​bbatsov][])
• #15228: Fix a false negative for Lint/RedundantWithIndex when the block takes no arguments (e.g. ary.each_with_index { do_something }). ([@​bbatsov][])
• #15230: Fix a false negative for Lint/RequireRelativeSelfPath when requiring the current file by name with its extension (e.g. require_relative 'foo.rb') and the file path is absolute. ([@​bbatsov][])
• #15229: Fix a false negative for Lint/SafeNavigationChain when an ordinary method is chained after a parenthesized safe navigation call (e.g. (x&.foo).bar). ([@​bbatsov][])
• #15225: Fix a false negative for Lint/SafeNavigationWithEmpty when the receiver of &.empty? is a local variable, instance variable, constant, or other non-method-call expression. ([@​bbatsov][])
• #15231: Fix a false negative for Lint/SendWithMixinArgument when send/public_send/__send__ is called with no explicit receiver or with a self receiver (e.g. send(:include, Bar)). ([@​bbatsov][])
• #15248: Fix a false negative for Lint/ToEnumArguments when more positional arguments are passed than the method accepts (e.g. def m(x); to_enum(:m, x, extra); end), which raises ArgumentError when the enumerator is used. ([@​bbatsov][])
• #15249: Fix a false negative for Lint/UnescapedBracketInRegexp when an unescaped ] is preceded by an escaped backslash (e.g. /abc\\]123/). ([@​bbatsov][])
• #15267: Fix a false positive for Style/ArrayIntersectWithSingleElement with a splat argument (e.g. array.intersect?([*foo])), which is not a single element and was incorrectly rewritten to array.include?(*foo). ([@​bbatsov][])
• #15272: Fix a false positive for Style/ColonMethodCall with chained JRuby interop calls (e.g. Java::com::something_method). ([@​bbatsov][])
• #15271: Fix a false positive for Style/ConditionalAssignment with EnforcedStyle: assign_inside_condition when assigning an unless without an else branch (e.g. x = unless cond; 1; end), which was rewritten to move the assignment inside the unless and changed behavior when the condition was true. ([@​bbatsov][])
• #14401: Fix a false positive for Layout/BlockAlignment with EnforcedStyleAlignWith: start_of_line when a block is passed as a method argument. ([@​augustocbx][])
• #15216: Fix a false positive for Lint/RaiseException when raise Exception is used inside a module nested within an allowed implicit namespace (e.g. Gem). ([@​bbatsov][])
• #15219: Fix a false positive for Lint/RedundantDirGlobSort when sort is given a comparator block or a block-pass argument, which is not redundant with the default sorting. ([@​bbatsov][])
• #15224: Fix a false positive for Lint/ShadowingOuterLocalVariable when a block argument has the same name as a pattern variable from a different in branch of the same case. ([@​bbatsov][])
• #15239: Fix a false positive for Lint/SuppressedExceptionInNumberConversion when the numeric constructor already passes exception: false (e.g. Integer(arg, exception: false) rescue nil), which also produced an autocorrect with a duplicate exception: false keyword. ([@​bbatsov][])
• #15243: Fix a false positive for Lint/TopLevelReturnWithArgument when a return with an argument is inside a numbered-parameter block or an it block. ([@​bbatsov][])
• #15245: Fix a false positive for Lint/UselessRuby2Keywords when ruby2_keywords in a nested class or module refers to a method of the same name defined in an outer scope. ([@​bbatsov][])
• #15246: Fix a false positive for Lint/UselessSetterCall when a multiple assignment uses nested destructuring (e.g. (a, b), c = arg, other_arg), which misaligned variables with the right-hand side values. ([@​bbatsov][])
• #15125: Fix a false positive for Style/ZeroLengthPredicate when File::Stat.new(...).size.zero? is used. ([@​augustocbx][])
• #15196: Fix --start-server to wait until the server is running before returning, which fixes a flaky --restart-server spec and a race for commands run right after starting the server. ([@​koic][])
• #15272: Fix Style/Alias not detecting block scope for numbered-parameter and it blocks, which caused a false positive for alias_method and a false negative for alias inside such blocks. ([@​bbatsov][])
• #15281: Fix an incorrect autocorrect when Style/IfUnlessModifier and Style/Next correct the same conditional. ([@​fynsta][])
• #15260: Fix an error for Style/FileWrite when a literal or variable is passed to write in the block form. ([@​koic][])
• #15276: Fix an error for Style/RedundantFormat when the format string is a heredoc with format arguments. ([@​fynsta][])
• #15270: Fix an incorrect autocorrect for Style/AndOr when an operand is next, break, or yield with an argument (e.g. foo and next 1), which produced invalid Ruby like foo && next 1. ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ArrayFirstLast when arr[0]/arr[-1] is the target of a compound assignment (e.g. arr[0] += 1), which produced arr.first += 1 and raised NoMethodError. ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ArrayIntersect where a negated predicate on a safe-navigation chain (e.g. a&.intersection(b)&.none?) was rewritten to !a&.intersect?(b), flipping the result when the receiver is nil. ([@​bbatsov][])
• #15273: Fix an incorrect autocorrect for Style/BlockDelimiters that converted a single-line do...end block containing a block-level rescue or ensure to {...}, producing invalid Ruby. ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/CaseEquality when the argument is an operator or unary expression (e.g. Array === a + b), which produced mis-parsed code like a + b.is_a?(Array). ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison inside a namespace when the class name string is already fully qualified (e.g. bar.class.name == '::Bar'), which produced instance_of?(::::Bar) and was a syntax error. ([@​bbatsov][])
• #15268: Fix an incorrect autocorrect for Style/ClassEqualityComparison when comparing Class itself to a string literal (e.g. var.class == 'Date'), which produced var.instance_of?('Date') and raised TypeError; such comparisons are no longer autocorrected. ([@​bbatsov][])
• #15274: Fix an incorrect autocorrect for Style/ClassMethodsDefinitions that corrupted a preceding comment containing def <name> and left the method undefined as a class method. ([@​bbatsov][])
• #15270: Fix an incorrect autocorrect for Style/ComparableClamp when the clamped value is an operator expression (e.g. a + b), which produced mis-parsed code like a + b.clamp(low, high). ([@​bbatsov][])
• #15267: Fix an incorrect autocorrect for Style/ConcatArrayLiterals with an empty array literal argument (e.g. arr.concat([], [b])), which produced invalid Ruby like arr.push(, b). ([@​bbatsov][])
• #15274: Fix an incorrect autocorrect for Style/DigChain that duplicated a trailing comment and dropped indentation when the chain was inside a method or block. ([@​bbatsov][])
• #15288: Fix an incorrect autocorrect for Lint/UselessTimes when a 1.times block takes a single destructured (|(a, b)|) or splat (|*a|) argument, which produced a body referencing an undefined variable. ([@​bbatsov][])

... (truncated)

Commits

• 37bf5ad Cut 1.88
• cd0c2e3 Update Changelog
• b7af64a [Fix #12276] Record pending cops options in the auto-gen-config command
• bbd7ff2 Add hk integration docs
• 117e40a Merge pull request #15293 from RedZapdos123/fix-literal-interp-hash-symbol
• 4d95141 [Fix #15291] Fix hash symbol interpolation
• 0347d27 Add Recursive option to Style/MutableConstant
• f0d92b4 Fix incorrect autocorrects for Style/FileWrite with heredocs
• 32df346 Fix an incorrect autocorrect for Style/Semicolon with heredocs
• 4c221fb [Fix #15269] Fix a false positive where cop Include patterns matched parent...
• Additional commits viewable in compare view

Updates rubocop-minitest from 0.38.1 to 0.39.1

Release notes

Sourced from rubocop-minitest's releases.

RuboCop Minitest v0.39.1

Bug fixes

• #347: Fix false positives in Minitest/AssertIncludes and Minitest/RefuteIncludes cops. (@​koic)

RuboCop Minitest v0.39.0

Changes

• #344: Disable Minitest/AssertEmptyLiteral by default. (@​koic)
• #315: Make Minitest/AssertIncludes and Minitest/RefuteIncludes aware of key?, has_key?, and member? alias methods. (@​koic)

RuboCop Minitest v0.38.2

Bug fixes

• #321: Fix false positives for Minitest/MultipleAssertions when the assertion has a receiver. (@​earlopain)

Changelog

Sourced from rubocop-minitest's changelog.

0.39.1 (2026-02-24)

Bug fixes

• #347: Fix false positives in Minitest/AssertIncludes and Minitest/RefuteIncludes cops for key? and has_key? used with assert or refute. ([@​koic][])

0.39.0 (2026-02-24)

Changes

• #344: Disable Minitest/AssertEmptyLiteral by default. ([@​koic][])
• #315: Make Minitest/AssertIncludes and Minitest/RefuteIncludes aware of key?, has_key?, and member? alias methods. ([@​koic][])

0.38.2 (2025-08-30)

Bug fixes

• #321: Fix false positives for Minitest/MultipleAssertions when the assertion has a receiver. ([@​earlopain][])

Commits

• 17b5474 Cut 0.39.1
• d7a0f1e Update Changelog
• 93a5474 Merge pull request #347 from koic/fix_false_positive_for_assert_includes_and_...
• b8d8789 Fix false positives in Minitest/AssertIncludes and `Minitest/RefuteIncludes...
• 9b577b6 Switch back docs version to master
• 0f1a4f6 Cut 0.39.0
• 1c01cf9 Update Changelog
• bf38672 Merge pull request #346 from koic/disable_minitest_assert_empty_literal_by_de...
• 7793f07 [Fix #344] Disable Minitest/AssertEmptyLiteral by default
• c8f3fc5 Suppress RuboCop offenses
• Additional commits viewable in compare view

Updates dotenv from 3.1.8 to 3.2.0

Release notes

Sourced from dotenv's releases.

v3.2.0

What's Changed

• Boost app startup time by removing to_sentence usage by @​ThomasCrambert in bkeepers/dotenv#534
• Handle parentheses in variables in commands by @​i7an in bkeepers/dotenv#540
• allow warning when a env var was not overwritten by @​grosser in bkeepers/dotenv#531
• fix a few small issues by @​grosser in bkeepers/dotenv#532

New Contributors

• @​ThomasCrambert made their first contribution in bkeepers/dotenv#534
• @​i7an made their first contribution in bkeepers/dotenv#540

Full Changelog: bkeepers/dotenv@v3.1.8...v3.2.0

Commits

• 34156bf Prepare for 3.2.0 release
• ab47820 Merge pull request #531 from grosser/grosser/warn
• fae6120 Merge branch 'main' into grosser/warn
• 4f510f4 Merge pull request #532 from grosser/grosser/fixes
• 959e1da Merge pull request #539 from bkeepers/dependabot/github_actions/actions/check...
• 041451e Update spec message
• b300f26 Bump actions/checkout from 4 to 6
• 5f4ca01 Merge branch 'main' into grosser/warn
• 209dca4 Merge pull request #540 from i7an/handle-parentheses
• 48c4956 Merge branch 'main' into handle-parentheses
• Additional commits viewable in compare view

Updates minitest-hooks from 1.5.2 to 1.5.4

Changelog

Sourced from minitest-hooks's changelog.

=== 1.5.4 (2026-05-04)

• Fix reported assertion counts on minitest 6+ (jeremyevans)

=== 1.5.3 (2025-12-18)

• Work correctly on minitest 6+ (jeremyevans)

Commits

• f3ef8c7 Bump version to 1.5.4
• aa7f157 Spec tweak to pass on Ruby 1.8
• 375a4bf Fix reported assertion counts on minitest 6+
• 84937b2 Bump copyright year
• 7e4db42 Update to actions/checkout@v6
• 129288d Add Ruby 4.0 to CI
• e690c2e Bump version to 1.5.3
• fc549a2 Add nocov around minitest 6 conditional
• 88126f2 Add metadata and required ruby version to gemspec
• 672d4af Work correctly on minitest 6+
• Additional commits viewable in compare view

Updates rake from 13.3.0 to 13.4.2

Commits

• 503b8ec v13.4.2
• 46038e7 Merge pull request #723 from ruby/fix/testopts-preserve-existing-value
• 604a3d9 Isolate TESTOPTS env in TestRakeTestTask setup/teardown
• 5886caa Preserve ENV["TESTOPTS"] when verbose is enabled
• 92193ac v13.4.1
• b74be0b Merge pull request #721 from ruby/fix/add-options-to-gemspec
• 829f66d Add lib/rake/options.rb to gemspec
• 2d55bc4 v13.4.0
• 1415070 Exclude dependabot updates from release note
• b3dc948 Merge pull request #713 from pvdb/simplify_standard_system_dir
• Additional commits viewable in compare view

Updates simplecov-cobertura from 3.1.0 to 3.2.0

Release notes

Sourced from simplecov-cobertura's releases.

v3.2.0

What's Changed

• Changed calculation and added integration testing by @​jessebs in jessebs/simplecov-cobertura#58
• Revamp Calculations by @​jessebs in jessebs/simplecov-cobertura#59
• 3.2.0 version for release by @​jessebs in jessebs/simplecov-cobertura#60

Full Changelog: jessebs/simplecov-cobertura@v3.1.2...v3.2.0Description has been truncated

[github-actions]

Qodana for PHP

It seems all right 👌

No new problems were found according to the checks applied

💡 Qodana analysis was run in the pull request mode: only the changed files were checked
☁️ View the detailed Qodana report

Contact Qodana team

Contact us at qodana-support@jetbrains.com

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.