Bump the rubocop group with 2 updates

Gemfile

@@ -50,7 +50,7 @@ group :development do
   gem 'rubocop', '~> 1.86', require: false
   gem 'rubocop-factory_bot', '~> 2.28', require: false
   gem 'rubocop-minitest', '~> 0.39.1', require: false
-  gem 'rubocop-rails', '~> 2.34', require: false
+  gem 'rubocop-rails', '~> 2.35', require: false
   gem 'ruby-lsp', '~> 0.26.9', require: false
 
   gem 'brakeman', require: false

Gemfile.lock

@@ -135,7 +135,7 @@ GEM
       prism (>= 1.3.0)
       rdoc (>= 4.0.0)
       reline (>= 0.4.2)
-    json (2.19.4)
+    json (2.19.5)
     language_server-protocol (3.17.0.5)
     lint_roller (1.1.0)
     logger (1.7.0)
@@ -154,7 +154,7 @@ GEM
       logger
     mini_mime (1.1.5)
     mini_portile2 (2.8.9)
-    minitest (6.0.5)
+    minitest (6.0.6)
       drb (~> 2.0)
       prism (~> 1.5)
     mocha (3.1.0)
@@ -173,7 +173,7 @@ GEM
     nokogiri (1.19.3)
       mini_portile2 (~> 2.8.2)
       racc (~> 1.4)
-    parallel (2.0.1)
+    parallel (2.1.0)
     parser (3.3.11.1)
       ast (~> 2.4.1)
       racc
@@ -246,7 +246,7 @@ GEM
     reline (0.6.3)
       io-console (~> 0.5)
     rexml (3.4.2)
-    rubocop (1.86.1)
+    rubocop (1.86.2)
       json (~> 2.3)
       language_server-protocol (~> 3.17.0.2)
       lint_roller (~> 1.1.0)
@@ -267,7 +267,7 @@ GEM
       lint_roller (~> 1.1)
       rubocop (>= 1.75.0, < 2.0)
       rubocop-ast (>= 1.38.0, < 2.0)
-    rubocop-rails (2.34.3)
+    rubocop-rails (2.35.0)
       activesupport (>= 4.2.0)
       lint_roller (~> 1.1)
       rack (>= 1.1)
@@ -334,7 +334,7 @@ DEPENDENCIES
   rubocop (~> 1.86)
   rubocop-factory_bot (~> 2.28)
   rubocop-minitest (~> 0.39.1)
-  rubocop-rails (~> 2.34)
+  rubocop-rails (~> 2.35)
   ruby-lsp (~> 0.26.9)
   simplecov (~> 0.22)
   simplecov-cobertura (~> 3.1.0)
@@ -364,6 +364,7 @@ CHECKSUMS
   bootsnap (1.24.3) sha256=f7fa3d20597e2f0aa52b0a1aba83fb54d4f79e9c2e210ec4fa1e8895514dcad8
   brakeman (8.0.4) sha256=7bf921fa9638544835df9aa7b3e720a9a72c0267f34f92135955edd80d4dcf6f
   builder (3.3.0) sha256=497918d2f9dca528fdca4b88d84e4ef4387256d984b8154e9d5d3fe5a9c8835f
+  bundler (4.0.11) sha256=5bcec0fb78302e48d02ee46f10ee6e6942be647ba5b44a6d1ddfda9a240ce785
   concurrent-ruby (1.3.6) sha256=6b56837e1e7e5292f9864f34b69c5a2cbc75c0cf5338f1ce9903d10fa762d5ab
   connection_pool (3.0.2) sha256=33fff5ba71a12d2aa26cb72b1db8bba2a1a01823559fb01d29eb74c286e62e0a
   crass (1.0.6) sha256=dc516022a56e7b3b156099abc81b6d2b08ea1ed12676ac7a5657617f012bd45d
@@ -386,7 +387,7 @@ CHECKSUMS
   image_processing (1.14.0) sha256=754cc169c9c262980889bec6bfd325ed1dafad34f85242b5a07b60af004742fb
   io-console (0.8.2) sha256=d6e3ae7a7cc7574f4b8893b4fca2162e57a825b223a177b7afa236c5ef9814cc
   irb (1.18.0) sha256=de9454a0703a54704b9811a5ef31a60c86949fbf4013fcf244fabc7c775248e3
-  json (2.19.4) sha256=670a7d333fb3b18ca5b29cb255eb7bef099e40d88c02c80bd42a3f30fe5239ac
+  json (2.19.5) sha256=218a18553e4801d579ca7e0f5bc72bafd776d7397238a1fb4e74db5b0a812c59
   language_server-protocol (3.17.0.5) sha256=fd1e39a51a28bf3eec959379985a72e296e9f9acfce46f6a79d31ca8760803cc
   lint_roller (1.1.0) sha256=2c0c845b632a7d172cb849cc90c1bce937a28c5c8ccccb50dfd46a485003cc87
   logger (1.7.0) sha256=196edec7cc44b66cfb40f9755ce11b392f21f7967696af15d274dde7edff0203
@@ -396,7 +397,7 @@ CHECKSUMS
   mini_magick (5.1.2) sha256=2c57112a2c55d9f86b1ed7ab568b3c389a3265788ac5c1ad3e632a201b629a7e
   mini_mime (1.1.5) sha256=8681b7e2e4215f2a159f9400b5816d85e9d8c6c6b491e96a12797e798f8bccef
   mini_portile2 (2.8.9) sha256=0cd7c7f824e010c072e33f68bc02d85a00aeb6fce05bb4819c03dfd3c140c289
-  minitest (6.0.5) sha256=f007d7246bf4feea549502842cd7c6aba8851cdc9c90ba06de9c476c0d01155c
+  minitest (6.0.6) sha256=153ea36d1d987a62942382b61075745042a2b3123b1cd48f4c3675af9cc7d6f1
   mocha (3.1.0) sha256=75f42d69ebfb1f10b32489dff8f8431d37a418120ecdfc07afe3bc183d4e1d56
   msgpack (1.8.0) sha256=e64ce0212000d016809f5048b48eb3a65ffb169db22238fb4b72472fecb2d732
   net-imap (0.6.4) sha256=9a5598c67a3022c284d98430ef1d4948e7dbdb62596f61081ea8ca933270a02b
@@ -405,7 +406,7 @@ CHECKSUMS
   net-smtp (0.5.1) sha256=ed96a0af63c524fceb4b29b0d352195c30d82dd916a42f03c62a3a70e5b70736
   nio4r (2.7.5) sha256=6c90168e48fb5f8e768419c93abb94ba2b892a1d0602cb06eef16d8b7df1dca1
   nokogiri (1.19.3) sha256=78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8
-  parallel (2.0.1) sha256=337782d3e39f4121e67563bf91dd8ece67f48923d90698614773a0ec9a5b2c7d
+  parallel (2.1.0) sha256=b35258865c2e31134c5ecb708beaaf6772adf9d5efae28e93e99260877b09356
   parser (3.3.11.1) sha256=d17ace7aabe3e72c3cc94043714be27cc6f852f104d81aa284c2281aecc65d54
   pg (1.6.3) sha256=1388d0563e13d2758c1089e35e973a3249e955c659592d10e5b77c468f628a99
   pp (0.6.3) sha256=2951d514450b93ccfeb1df7d021cae0da16e0a7f95ee1e2273719669d0ab9df6
@@ -432,11 +433,11 @@ CHECKSUMS
   regexp_parser (2.12.0) sha256=35a916a1d63190ab5c9009457136ae5f3c0c7512d60291d0d1378ba18ce08ebb
   reline (0.6.3) sha256=1198b04973565b36ec0f11542ab3f5cfeeec34823f4e54cebde90968092b1835
   rexml (3.4.2) sha256=1384268554a37af5da5279431ca3f2f37d46f09ffdd6c95e17cc84c83ea7c417
-  rubocop (1.86.1) sha256=44415f3f01d01a21e01132248d2fd0867572475b566ca188a0a42133a08d4531
+  rubocop (1.86.2) sha256=bb2e97f635eda42c448f2588f4a6ff78f221b8bdfdf65b1e9b07fbd57521b45d
   rubocop-ast (1.49.1) sha256=4412f3ee70f6fe4546cc489548e0f6fcf76cafcfa80fa03af67098ffed755035
   rubocop-factory_bot (2.28.0) sha256=4b17fc02124444173317e131759d195b0d762844a71a29fe8139c1105d92f0cb
   rubocop-minitest (0.39.1) sha256=998398d6da4026d297f0f9bf709a1eac5f2b6947c24431f94af08138510cf7ed
-  rubocop-rails (2.34.3) sha256=10d37989024865ecda8199f311f3faca990143fbac967de943f88aca11eb9ad2
+  rubocop-rails (2.35.0) sha256=a5d9f0f6c6d9b73d9ddd181c4c0b6d2e00dd17107480828d31c7b369ebfcd49c
   ruby-lsp (0.26.9) sha256=33a01c001c00a76b4e821efc04ed7572983430f31ca5d6f3e343d0b6ccab4129
   ruby-progressbar (1.13.0) sha256=80fc9c47a9b640d6834e0dc7b3c94c9df37f08cb072b7761e4a71e22cff29b33
   ruby-vips (2.2.3) sha256=41d12b1a805cd6ead4a7965201a8f7c5fe459bb58d3a7d967c9eb0719a6edc92

app/controllers/albums_controller.rb

@@ -51,13 +51,13 @@ def destroy_empty
   end
 
   def merge
-    render json: @album.errors, status: :unprocessable_content unless @album.merge(Album.find(params[:source_id]))
+    render json: @album.errors, status: :unprocessable_content unless @album.merge(Album.find(params.expect(:source_id)))
   end
 
   private
 
   def set_album
-    @album = Album.find(params[:id])
+    @album = Album.find(params.expect(:id))
     authorize @album
   end
 

app/controllers/artists_controller.rb

@@ -51,13 +51,13 @@ def destroy_empty
   end
 
   def merge
-    render json: @artist.errors, status: :unprocessable_content unless @artist.merge(Artist.find(params[:source_id]))
+    render json: @artist.errors, status: :unprocessable_content unless @artist.merge(Artist.find(params.expect(:source_id)))
   end
 
   private
 
   def set_artist
-    @artist = Artist.find(params[:id])
+    @artist = Artist.find(params.expect(:id))
     authorize @artist
   end
 

app/controllers/auth_tokens_controller.rb

@@ -44,7 +44,7 @@ def destroy
   private
 
   def set_auth_token
-    @auth_token = AuthToken.find(params[:id])
+    @auth_token = AuthToken.find(params.expect(:id))
     authorize @auth_token
   end
 

app/controllers/codec_conversions_controller.rb

@@ -42,7 +42,7 @@ def destroy
   private
 
   def set_codec_conversion
-    @codec_conversion = CodecConversion.find(params[:id])
+    @codec_conversion = CodecConversion.find(params.expect(:id))
     authorize @codec_conversion
   end
 

app/controllers/codecs_controller.rb

@@ -40,7 +40,7 @@ def destroy
   private
 
   def set_codec
-    @codec = Codec.find(params[:id])
+    @codec = Codec.find(params.expect(:id))
     authorize @codec
   end
 

app/controllers/cover_filenames_controller.rb

@@ -32,7 +32,7 @@ def destroy
   private
 
   def set_cover_filename
-    @cover_filename = CoverFilename.find(params[:id])
+    @cover_filename = CoverFilename.find(params.expect(:id))
     authorize @cover_filename
   end
 

app/controllers/genres_controller.rb

@@ -43,15 +43,15 @@ def destroy_empty
   end
 
   def merge
-    @genre.merge(Genre.find(params[:source_id]))
+    @genre.merge(Genre.find(params.expect(:source_id)))
     # We don't do error handling here. The merge action isn't supposed to fail.
     render json: transform_genre_for_json(@genre), status: :ok
   end
 
   private
 
   def set_genre
-    @genre = Genre.find(params[:id])
+    @genre = Genre.find(params.expect(:id))
     authorize @genre
   end
 

app/controllers/image_types_controller.rb

@@ -40,7 +40,7 @@ def destroy
   private
 
   def set_image_type
-    @image_type = ImageType.find(params[:id])
+    @image_type = ImageType.find(params.expect(:id))
     authorize @image_type
   end
 

app/controllers/labels_controller.rb

@@ -43,15 +43,15 @@ def destroy_empty
   end
 
   def merge
-    @label.merge(Label.find(params[:source_id]))
+    @label.merge(Label.find(params.expect(:source_id)))
     # We don't do error handling here. The merge action isn't supposed to fail.
     render json: transform_label_for_json(@label), status: :ok
   end
 
   private
 
   def set_label
-    @label = Label.find(params[:id])
+    @label = Label.find(params.expect(:id))
     authorize @label
   end
 

app/controllers/locations_controller.rb

@@ -32,7 +32,7 @@ def destroy
   private
 
   def set_location
-    @location = Location.find(params[:id])
+    @location = Location.find(params.expect(:id))
     authorize @location
   end
 

app/controllers/playlists_controller.rb

@@ -46,7 +46,7 @@ def add_item
   private
 
   def set_playlist
-    @playlist = Playlist.find(params[:id])
+    @playlist = Playlist.find(params.expect(:id))
     authorize @playlist
   end
 

app/controllers/rescans_controller.rb

@@ -27,7 +27,7 @@ def start_all
   private
 
   def set_rescan
-    @rescan = RescanRunner.find(params[:id])
+    @rescan = RescanRunner.find(params.expect(:id))
     authorize @rescan
   end
 

app/controllers/tracks_controller.rb

@@ -76,7 +76,7 @@ def download
   end
 
   def merge
-    @track.merge(Track.find(params[:source_id]))
+    @track.merge(Track.find(params.expect(:source_id)))
     # We don't do error handling here. The merge action isn't supposed to fail.
     render json: transform_track_for_json(@track), status: :ok
   end
@@ -96,7 +96,7 @@ def send_file_with_range(path, mimetype)
   end
 
   def set_track
-    @track = Track.find(params[:id])
+    @track = Track.find(params.expect(:id))
     authorize @track
   end
 

app/controllers/users_controller.rb

@@ -48,7 +48,7 @@ def destroy
   private
 
   def set_user
-    @user = User.find(params[:id])
+    @user = User.find(params.expect(:id))
     authorize @user
   end
 

config/brakeman.ignore

@@ -7,7 +7,7 @@
       "check_name": "FileAccess",
       "message": "Model attribute used in file name",
       "file": "app/models/codec_conversion.rb",
-      "line": 35,
+      "line": 46,
       "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
       "code": "FileUtils.rm_rf(TranscodedItem.codec_conversion_base_path(self))",
       "render_path": null,
@@ -23,29 +23,6 @@
       ],
       "note": "Attribute is never set by user"
     },
-    {
-      "warning_type": "File Access",
-      "warning_code": 16,
-      "fingerprint": "4cca0972cd94dfed36bd9c5de56d9194b5f9fa2df9cea101e054130f95d5556f",
-      "check_name": "SendFile",
-      "message": "Model attribute used in file name",
-      "file": "app/controllers/tracks_controller.rb",
-      "line": 78,
-      "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
-      "code": "send_file(Track.find(params[:id]).audio_file.full_path)",
-      "render_path": null,
-      "location": {
-        "type": "method",
-        "class": "TracksController",
-        "method": "download"
-      },
-      "user_input": "Track.find(params[:id]).audio_file.full_path",
-      "confidence": "Medium",
-      "cwe_id": [
-        22
-      ],
-      "note": "The attribute is not configurable by users, but rather set by the scan job"
-    },
     {
       "warning_type": "File Access",
       "warning_code": 16,
@@ -91,8 +68,30 @@
         22
       ],
       "note": "This is never set by a user"
+    },
+    {
+      "warning_type": "File Access",
+      "warning_code": 16,
+      "fingerprint": "f903737fb470236fa01012f7c9278cf768fa5d69c2f4d0e6c8aa340181bd87c3",
+      "check_name": "SendFile",
+      "message": "Model attribute used in file name",
+      "file": "app/controllers/tracks_controller.rb",
+      "line": 75,
+      "link": "https://brakemanscanner.org/docs/warning_types/file_access/",
+      "code": "send_file(Track.find(params.expect(:id)).audio_file.full_path)",
+      "render_path": null,
+      "location": {
+        "type": "method",
+        "class": "TracksController",
+        "method": "download"
+      },
+      "user_input": "Track.find(params.expect(:id)).audio_file.full_path",
+      "confidence": "Medium",
+      "cwe_id": [
+        22
+      ],
+      "note": "The attribute is not configurable by users, but rather set by the scan job"
     }
   ],
-  "updated": "2024-10-06 17:38:18 +0200",
-  "brakeman_version": "6.2.1"
+  "brakeman_version": "8.0.4"
 }