Bump rubocop from 1.50.2 to 1.56.0 in /updater

.rubocop.yml

@@ -13,6 +13,8 @@ AllCops:
   SuggestExtensions: false
 Gemspec/DeprecatedAttributeAssignment:
   Enabled: true
+Gemspec/DevelopmentDependencies:
+  Enabled: false
 Gemspec/RequireMFA:
   Enabled: false
 Layout/DotPosition:

bundler/helpers/v1/lib/functions.rb

@@ -127,7 +127,7 @@ def self.conflicting_dependencies(**args)
   end
 
   def self.set_bundler_flags_and_credentials(dir:, credentials:)
-    dir = dir ? Pathname.new(dir) : dir
+    dir = Pathname.new(dir) if dir
     Bundler.instance_variable_set(:@root, dir)
 
     # Remove installed gems from the default Rubygems index

bundler/helpers/v1/monkey_patches/resolver_spec_group_sane_eql.rb

@@ -8,7 +8,7 @@
 
 module BundlerResolverSpecGroupSaneEql
   def eql?(other)
-    return unless other.is_a?(self.class)
+    return false unless other.is_a?(self.class)
 
     super(other)
   end

bundler/helpers/v2/lib/functions.rb

@@ -129,7 +129,7 @@ def self.conflicting_dependencies(**args)
   end
 
   def self.set_bundler_flags_and_credentials(dir:, credentials:)
-    dir = dir ? Pathname.new(dir) : dir
+    dir = Pathname.new(dir) if dir
     Bundler.instance_variable_set(:@root, dir)
 
     # Remove installed gems from the default Rubygems index

cargo/lib/dependabot/cargo/file_parser.rb

@@ -161,7 +161,8 @@ def source_from_declaration(declaration)
         raise "Unexpected dependency declaration: #{declaration}" unless declaration.is_a?(Hash)
 
         return git_source_details(declaration) if declaration["git"]
-        return { type: "path" } if declaration["path"]
+
+        { type: "path" } if declaration["path"]
       end
 
       def version_from_lockfile(name, declaration)

cargo/lib/dependabot/cargo/update_checker/version_resolver.rb

@@ -319,7 +319,7 @@ def original_requirements_resolvable?
         end
 
         def workspace_native_library_update_error?(message)
-          return unless message.include?("native library")
+          return false unless message.include?("native library")
 
           library_count = prepared_manifest_files.count do |file|
             package_name = TomlRB.parse(file.content).dig("package", "name")

cargo/spec/dependabot/cargo/file_fetcher_spec.rb

@@ -125,7 +125,7 @@
         with(headers: { "Authorization" => "token token" }).
         to_return(
           status: 200,
-          body: fixture("github", "contents_cargo_with_toolchain.json").gsub(/rust-toolchain/, "rust-toolchain.toml"),
+          body: fixture("github", "contents_cargo_with_toolchain.json").gsub("rust-toolchain", "rust-toolchain.toml"),
           headers: json_header
         )
 

cargo/spec/dependabot/cargo/file_updater/lockfile_updater_spec.rb

@@ -326,7 +326,7 @@
             expect(updated_lockfile_content).to_not include("git+https://")
 
             content = updated_lockfile_content
-            expect(content.scan(/name = "utf8-ranges"/).count).to eq(1)
+            expect(content.scan('name = "utf8-ranges"').count).to eq(1)
           end
         end
 

common/dependabot-common.gemspec

@@ -47,7 +47,7 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency "rake", "~> 13"
   spec.add_development_dependency "rspec", "~> 3.12"
   spec.add_development_dependency "rspec-its", "~> 1.3"
-  spec.add_development_dependency "rubocop", "~> 1.50.0"
+  spec.add_development_dependency "rubocop", "~> 1.56.0"
   spec.add_development_dependency "rubocop-performance", "~> 1.19.0"
   spec.add_development_dependency "stackprof", "~> 0.2.16"
   spec.add_development_dependency "vcr", "~> 6.1"

common/lib/dependabot/clients/azure.rb

@@ -373,7 +373,7 @@ def auth_header_for(token)
       end
 
       def tags_creation_forbidden?(response)
-        return if response.body.empty?
+        return false if response.body.empty?
 
         message = JSON.parse(response.body).fetch("message", nil)
         message&.include?("TF401289")

common/lib/dependabot/dependency.rb

@@ -157,14 +157,14 @@ def previous_ref
       previous_refs = previous_requirements.filter_map do |r|
         r.dig(:source, "ref") || r.dig(:source, :ref)
       end.uniq
-      return previous_refs.first if previous_refs.count == 1
+      previous_refs.first if previous_refs.count == 1
     end
 
     def new_ref
       new_refs = requirements.filter_map do |r|
         r.dig(:source, "ref") || r.dig(:source, :ref)
       end.uniq
-      return new_refs.first if new_refs.count == 1
+      new_refs.first if new_refs.count == 1
     end
 
     def ref_changed?

common/lib/dependabot/metadata_finders/base/changelog_finder.rb

@@ -333,14 +333,14 @@ def previous_ref
           previous_refs = dependency.previous_requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return previous_refs.first if previous_refs.count == 1
+          previous_refs.first if previous_refs.count == 1
         end
 
         def new_ref
           new_refs = dependency.requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return new_refs.first if new_refs.count == 1
+          new_refs.first if new_refs.count == 1
         end
 
         def ref_changed?

common/lib/dependabot/metadata_finders/base/changelog_pruner.rb

@@ -140,14 +140,14 @@ def previous_ref
           previous_refs = dependency.previous_requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return previous_refs.first if previous_refs.count == 1
+          previous_refs.first if previous_refs.count == 1
         end
 
         def new_ref
           new_refs = dependency.requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return new_refs.first if new_refs.count == 1
+          new_refs.first if new_refs.count == 1
         end
 
         # TODO: Refactor me so that Composer doesn't need to be special cased

common/lib/dependabot/metadata_finders/base/commits_finder.rb

@@ -139,7 +139,7 @@ def previous_ref
           previous_refs = dependency.previous_requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return previous_refs.first if previous_refs.count == 1
+          previous_refs.first if previous_refs.count == 1
         end
 
         def new_ref
@@ -148,7 +148,7 @@ def new_ref
           new_refs = dependency.requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return new_refs.first if new_refs.count == 1
+          new_refs.first if new_refs.count == 1
         end
 
         def tag_matches_version?(tag, version)

common/lib/dependabot/metadata_finders/base/release_finder.rb

@@ -189,7 +189,7 @@ def release_body_includes_title?(release)
         end
 
         def version_regex(version)
-          /(?:[^0-9\.]|\A)#{Regexp.escape(version || "unknown")}\z/
+          /(?:[^0-9\.]|\A)#{Regexp.escape(version || 'unknown')}\z/
         end
 
         def version_class
@@ -285,14 +285,14 @@ def previous_ref
           previous_refs = dependency.previous_requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return previous_refs.first if previous_refs.count == 1
+          previous_refs.first if previous_refs.count == 1
         end
 
         def new_ref
           new_refs = dependency.requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return new_refs.first if new_refs.count == 1
+          new_refs.first if new_refs.count == 1
         end
 
         def ref_changed?

common/lib/dependabot/pull_request_creator/branch_namer/solo_strategy.rb

@@ -131,14 +131,14 @@ def previous_ref(dependency)
           previous_refs = dependency.previous_requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return previous_refs.first if previous_refs.count == 1
+          previous_refs.first if previous_refs.count == 1
         end
 
         def new_ref(dependency)
           new_refs = dependency.requirements.filter_map do |r|
             r.dig(:source, "ref") || r.dig(:source, :ref)
           end.uniq
-          return new_refs.first if new_refs.count == 1
+          new_refs.first if new_refs.count == 1
         end
 
         def ref_changed?(dependency)

common/lib/dependabot/pull_request_creator/message_builder.rb

@@ -622,7 +622,8 @@ def old_library_requirement(dependency)
 
         req = old_reqs.first.fetch(:requirement)
         return req if req
-        return dependency.previous_ref if dependency.ref_changed?
+
+        dependency.previous_ref if dependency.ref_changed?
       end
 
       def new_library_requirement(dependency)
@@ -649,7 +650,7 @@ def library?
         # Reject any nested child gemspecs/vendored git dependencies
         root_files = files.map(&:name).
                      select { |p| Pathname.new(p).dirname.to_s == "." }
-        return true if root_files.select { |nm| nm.end_with?(".gemspec") }.any?
+        return true if root_files.any? { |nm| nm.end_with?(".gemspec") }
 
         dependencies.any? { |d| d.humanized_previous_version.nil? }
       end

docker/lib/dependabot/docker/tag.rb

@@ -100,7 +100,7 @@ def format
         # candidate for "21-ea-32", since it's the only one that respects that
         # format.
         if version.match?(WORDS_WITH_BUILD)
-          return :"<version>#{version.match(WORDS_WITH_BUILD).to_s.gsub(/-[0-9]+/, "-<build_num>")}"
+          return :"<version>#{version.match(WORDS_WITH_BUILD).to_s.gsub(/-[0-9]+/, '-<build_num>')}"
         end
 
         :normal

docker/lib/dependabot/docker/update_checker.rb

@@ -76,7 +76,7 @@ def version_up_to_date?
 
       def version_tag_up_to_date?
         version = dependency.version
-        return unless version
+        return false unless version
 
         return true unless version_tag.comparable?
 

gradle/lib/dependabot/gradle/metadata_finder.rb

@@ -28,7 +28,8 @@ def look_up_source
 
         artifact = dependency.name.split(":").last
         return tmp_source if tmp_source.repo.end_with?(artifact)
-        return tmp_source if repo_has_subdir_for_dep?(tmp_source)
+
+        tmp_source if repo_has_subdir_for_dep?(tmp_source)
       end
 
       def repo_has_subdir_for_dep?(tmp_source)

hex/lib/dependabot/hex/file_fetcher.rb

@@ -86,7 +86,7 @@ def support_files
         mixfiles.flat_map do |mixfile|
           mixfile_dir = mixfile.path.to_s.delete_prefix("/").delete_suffix("/mix.exs")
 
-          mixfile.content.gsub(/__DIR__/, "\"#{mixfile_dir}\"").scan(SUPPORT_FILE).map do |support_file_args|
+          mixfile.content.gsub("__DIR__", "\"#{mixfile_dir}\"").scan(SUPPORT_FILE).map do |support_file_args|
             path = Pathname.new(File.join(*support_file_args.compact.reverse)).
                    cleanpath.to_path
             fetch_file_from_host(path).tap { |f| f.support_file = true }

hex/lib/dependabot/hex/file_updater/lockfile_updater.rb

@@ -52,7 +52,7 @@ def post_process_lockfile(content)
           return content if content.start_with?("%{\"")
 
           # Substitute back old file beginning and ending
-          content.sub(/\A%\{\n  "/, "%{\"").sub(/\},\n\}/, "}}")
+          content.sub(/\A%\{\n  "/, "%{\"").sub("},\n}", "}}")
         end
 
         def write_temporary_dependency_files

maven/lib/dependabot/maven/file_parser.rb

@@ -90,7 +90,7 @@ def dependency_from_dependency_node(pom, dependency_node)
         return if internal_dependency_names.include?(name)
 
         classifier = dependency_classifier(dependency_node, pom)
-        name = classifier ? "#{name}:#{classifier}" : name
+        name = "#{name}:#{classifier}" if classifier
 
         build_dependency(pom, dependency_node, name)
       end

maven/lib/dependabot/maven/file_parser/property_value_finder.rb

@@ -42,7 +42,6 @@ def property_details(property_name:, callsite_pom:)
               break unless nm.match?(DOT_SEPARATOR_REGEX)
 
               nm = nm.sub(DOT_SEPARATOR_REGEX, "/")
-
             rescue Nokogiri::XML::XPath::SyntaxError => e
               raise DependencyFileNotEvaluatable, e.message
             end

maven/lib/dependabot/maven/metadata_finder.rb

@@ -26,7 +26,8 @@ def look_up_source
         return unless tmp_source
 
         return tmp_source if tmp_source.repo.end_with?(dependency_artifact_id)
-        return tmp_source if repo_has_subdir_for_dep?(tmp_source)
+
+        tmp_source if repo_has_subdir_for_dep?(tmp_source)
       end
 
       def repo_has_subdir_for_dep?(tmp_source)

npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater.rb

@@ -111,7 +111,7 @@ def pnp_updater
 
       def filtered_dependency_files
         @filtered_dependency_files ||=
-          if dependencies.select(&:top_level?).any?
+          if dependencies.any?(&:top_level?)
             DependencyFilesFilterer.new(
               dependency_files: dependency_files,
               updated_dependencies: dependencies

npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/npm_lockfile_updater.rb

@@ -552,7 +552,7 @@ def detect_indentation(json)
           return "" if indentation.nil? # let npm set the default if we can't detect any indentation
 
           indentation_size = indentation.length
-          indentation_type = indentation.scan(/\t/).any? ? "\t" : " "
+          indentation_type = indentation.scan("\t").any? ? "\t" : " "
 
           indentation_type * indentation_size
         end

npm_and_yarn/lib/dependabot/npm_and_yarn/file_updater/package_json_updater.rb

@@ -214,7 +214,7 @@ def update_package_json_sections(sections, content, old_line,
           #
           # TODO: Move this logic to the UpdateChecker (and parse peer deps)
           sections += ["peerDependencies"]
-          sections_regex = /#{sections.join("|")}/
+          sections_regex = /#{sections.join('|')}/
 
           declaration_blocks = []
 

nuget/lib/dependabot/nuget/metadata_finder.rb

@@ -121,7 +121,7 @@ def dependency_nuspec_url
         source = dependency.requirements.
                  find { |r| r&.fetch(:source) }&.fetch(:source)
 
-        return source.fetch(:nuspec_url) if source&.key?(:nuspec_url)
+        source.fetch(:nuspec_url) if source&.key?(:nuspec_url)
       end
 
       def dependency_source_url

python/lib/dependabot/python/file_parser/pyproject_files_parser.rb

@@ -228,7 +228,7 @@ def write_temporary_pyproject
         end
 
         def parsed_lockfile
-          return parsed_poetry_lock if poetry_lock
+          parsed_poetry_lock if poetry_lock
         end
 
         def poetry_lock

python/lib/dependabot/python/update_checker.rb

@@ -257,7 +257,7 @@ def poetry_based?
       end
 
       def library?
-        return unless updating_pyproject?
+        return false unless updating_pyproject?
 
         # Hit PyPi and check whether there are details for a library with a
         # matching name and description

python/lib/dependabot/python/update_checker/pipenv_version_resolver.rb

@@ -39,7 +39,7 @@ class PipenvVersionResolver
 
         UNSUPPORTED_DEPS = %w(pyobjc).freeze
         UNSUPPORTED_DEP_REGEX =
-          /Could not find a version that satisfies the requirement.*(?:#{UNSUPPORTED_DEPS.join("|")})/
+          /Could not find a version that satisfies the requirement.*(?:#{UNSUPPORTED_DEPS.join('|')})/
         PIPENV_RANGE_WARNING = /Warning:\sPython\s[<>].* was not found/
         # rubocop:enable Layout/LineLength
 

python/spec/dependabot/python/update_checker/poetry_version_resolver_spec.rb

@@ -71,23 +71,23 @@
 
     context "with a dependency defined under dev-dependencies" do
       let(:pyproject_content) do
-        super().gsub(/\[tool\.poetry\.dependencies\]/, "[tool.poetry.dev-dependencies]")
+        super().gsub("[tool.poetry.dependencies]", "[tool.poetry.dev-dependencies]")
       end
 
       it { is_expected.to eq(Gem::Version.new("2.18.4")) }
     end
 
     context "with a dependency defined under a group" do
       let(:pyproject_content) do
-        super().gsub(/\[tool\.poetry\.dependencies\]/, "[tool.poetry.group.dev.dependencies]")
+        super().gsub("[tool.poetry.dependencies]", "[tool.poetry.group.dev.dependencies]")
       end
 
       it { is_expected.to eq(Gem::Version.new("2.18.4")) }
     end
 
     context "with a dependency defined under a non-dev group" do
       let(:pyproject_content) do
-        super().gsub(/\[tool\.poetry\.dependencies\]/, "[tool.poetry.group.docs.dependencies]")
+        super().gsub("[tool.poetry.dependencies]", "[tool.poetry.group.docs.dependencies]")
       end
 
       it { is_expected.to eq(Gem::Version.new("2.18.4")) }

terraform/lib/dependabot/terraform/update_checker.rb

@@ -16,7 +16,8 @@ class UpdateChecker < Dependabot::UpdateCheckers::Base
       def latest_version
         return latest_version_for_git_dependency if git_dependency?
         return latest_version_for_registry_dependency if registry_dependency?
-        return latest_version_for_provider_dependency if provider_dependency?
+
+        latest_version_for_provider_dependency if provider_dependency?
         # Other sources (mercurial, path dependencies) just return `nil`
       end