From 0bb432324cc3bda66e96ad866707fce8228c9f00 Mon Sep 17 00:00:00 2001 From: Jamis Buck Date: Mon, 8 Sep 2025 13:15:05 -0600 Subject: [PATCH 1/4] port the new release infrastructure to 7.5-stable --- .github/workflows/codeql.yml | 79 ++++++++++++++++++++ .github/workflows/release.yml | 88 +++++++++++++++++++++++ .github/workflows/rubocop.yml | 20 ++++++ .rubocop.yml | 104 +++++++++++++++++++++++++++ Rakefile | 131 ++++++++++++++++++++++------------ gem-public_cert.pem | 26 ------- gemfiles/standard.rb | 4 ++ lib/mongoid/version.rb | 6 +- product.yml | 8 +++ release.sh | 30 -------- release/mri/Dockerfile | 11 --- release/mri/build.sh | 7 -- release/verify-signature.sh | 41 ----------- spec/shared | 2 +- 14 files changed, 394 insertions(+), 163 deletions(-) create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/rubocop.yml create mode 100644 .rubocop.yml delete mode 100644 gem-public_cert.pem create mode 100644 product.yml delete mode 100755 release.sh delete mode 100644 release/mri/Dockerfile delete mode 100755 release/mri/build.sh delete mode 100755 release/verify-signature.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000000..7fc6b10daf --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,79 @@ +name: "CodeQL" + +on: + push: + pull_request: + schedule: + - cron: '20 0 * * 0' + +jobs: + analyze: + name: Analyze (${{ matrix.language }}) + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners (GitHub.com only) + # Consider using larger runners or machines with greater resources for possible analysis time improvements. + runs-on: 'ubuntu-latest' + timeout-minutes: 360 + permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + contents: read + + strategy: + fail-fast: false + matrix: + include: + - language: ruby + build-mode: none + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + config: | + paths-ignore: + - .evergreen + - spec + - perf + - examples + - test-apps + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs + # queries: security-extended,security-and-quality + + # If the analyze step fails for one of the languages you are analyzing with + # "We were unable to automatically build your code", modify the matrix above + # to set the build mode to "manual" for that language. Then modify this step + # to build your code. + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + - if: matrix.build-mode == 'manual' + run: | + echo 'If you are using a "manual" build mode for one or more of the' \ + 'languages you are analyzing, replace this with the commands to build' \ + 'your code, for example:' + echo ' make bootstrap' + echo ' make release' + exit 1 + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" + diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..ed77f56a5d --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,88 @@ +name: "Gem Release" +run-name: "Gem Release for ${{ github.ref }}" + +on: + # for auto-deploy when merging a release-candidate PR + push: + branches: + - 'master' + - '*-stable' + + # for manual release + workflow_dispatch: + inputs: + pr: + description: "The number of the merged release candidate PR" + required: true + +env: + SILK_ASSET_GROUP: mongoid + GEM_NAME: mongoid + PRODUCT_NAME: Mongoid + PRODUCT_ID: mongoid + +permissions: + # required for all workflows + security-events: write + + # required to fetch internal or private CodeQL packs + packages: read + + # only required for workflows in private repositories + actions: read + pull-requests: read + contents: write + + # required by the mongodb-labs/drivers-github-tools/setup@v2 step + # also required by `rubygems/release-gem` + id-token: write + +jobs: + check: + name: "Check Release" + runs-on: ubuntu-latest + outputs: + message: ${{ steps.check.outputs.message }} + ref: ${{ steps.check.outputs.ref }} + steps: + - name: "Run the check action" + id: check + uses: jamis/drivers-github-tools/ruby/pr-check@ruby-3643-update-release-process + + build: + name: "Build Gems" + needs: check + environment: release + runs-on: ubuntu-latest + steps: + - name: "Run the build action" + uses: jamis/drivers-github-tools/ruby/build@ruby-3643-update-release-process + with: + app_id: ${{ vars.APP_ID }} + app_private_key: ${{ secrets.APP_PRIVATE_KEY }} + artifact: 'ruby-3.2' + gem_name: ${{ env.GEM_NAME }} + ruby_version: 'ruby-3.2' + ref: ${{ needs.check.outputs.ref }} + + publish: + name: "Publish Gems" + needs: [ check, build ] + environment: release + runs-on: 'ubuntu-latest' + steps: + - name: "Run the publish action" + uses: jamis/drivers-github-tools/ruby/publish@ruby-3643-update-release-process + with: + app_id: ${{ vars.APP_ID }} + app_private_key: ${{ secrets.APP_PRIVATE_KEY }} + aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} + aws_region_name: ${{ vars.AWS_REGION_NAME }} + aws_secret_id: ${{ secrets.AWS_SECRET_ID }} + dry_run: false + gem_name: ${{ env.GEM_NAME }} + product_name: ${{ env.PRODUCT_NAME }} + product_id: ${{ env.PRODUCT_ID }} + release_message: ${{ needs.check.outputs.message }} + silk_asset_group: ${{ env.SILK_ASSET_GROUP }} + ref: ${{ needs.check.outputs.ref }} diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml new file mode 100644 index 0000000000..b5eb3da8ef --- /dev/null +++ b/.github/workflows/rubocop.yml @@ -0,0 +1,20 @@ +--- +name: Rubocop + +on: [push, pull_request] + +jobs: + build: + runs-on: ubuntu-latest + env: + CI: true + TESTOPTS: "-v" + steps: + - uses: actions/checkout@v3 + - name: Set up Ruby 3.0 + uses: ruby/setup-ruby@v1 + with: + ruby-version: 3.0 + bundler-cache: true + - name: Run RuboCop + run: bundle exec rubocop --parallel diff --git a/.rubocop.yml b/.rubocop.yml new file mode 100644 index 0000000000..a4343f419e --- /dev/null +++ b/.rubocop.yml @@ -0,0 +1,104 @@ +require: + - rubocop-performance + - rubocop-rake + - rubocop-rspec + +AllCops: + TargetRubyVersion: 2.7 + NewCops: enable + Exclude: + - 'spec/shared/**/*' + - 'vendor/**/*' + - 'tmp/**/*' + - 'test-apps/**/*' + +# ----------------------------------- +# TODO: Enable and fix the cops below +# ----------------------------------- + +Gemspec: + Enabled: true + +Layout: + Enabled: true + +Lint: + Enabled: true + +Metrics: + Enabled: true + +Naming: + Enabled: true + +Performance: + Enabled: true + +Rake: + Enabled: true + +RSpec: + Enabled: true + +Security: + Exclude: + - 'spec/**/*' + +Style: + Enabled: true + +# -------------------------------------- +# Cops below this line set intentionally +# -------------------------------------- + +Bundler/OrderedGems: + Enabled: false + +Gemspec/OrderedDependencies: + Enabled: false + +Layout/SpaceInsideArrayLiteralBrackets: + EnforcedStyle: space + +Layout/SpaceInsidePercentLiteralDelimiters: + Enabled: false + +Metrics/ClassLength: + Enabled: false + +Metrics/ModuleLength: + Enabled: false + +Metrics/MethodLength: + Max: 20 + +RSpec/BeforeAfterAll: + Enabled: false + +RSpec/DescribeClass: + Enabled: false + +RSpec/ExampleLength: + Max: 10 + +RSpec/ImplicitExpect: + EnforcedStyle: is_expected + +RSpec/MultipleExpectations: + Enabled: false + +RSpec/NestedGroups: + Enabled: false + +Style/Documentation: + Exclude: + - 'spec/**/*' + +Style/ModuleFunction: + EnforcedStyle: extend_self + +Style/ParallelAssignment: + Enabled: false + +Style/TernaryParentheses: + EnforcedStyle: require_parentheses_when_complex diff --git a/Rakefile b/Rakefile index c8ce790d29..b8ac9a5212 100644 --- a/Rakefile +++ b/Rakefile @@ -1,7 +1,7 @@ # frozen_string_literal: true +# rubocop:todo all require "bundler" -require "bundler/gem_tasks" Bundler.setup ROOT = File.expand_path(File.join(File.dirname(__FILE__))) @@ -10,34 +10,53 @@ $: << File.join(ROOT, 'spec/shared/lib') require "rake" require "rspec/core/rake_task" -require 'mrss/spec_organizer' -require 'rubygems/package' -require 'rubygems/security/policies' - -def signed_gem?(path_to_gem) - Gem::Package.new(path_to_gem, Gem::Security::HighSecurity).verify - true -rescue Gem::Security::Exception => e - false -end - -$LOAD_PATH.unshift File.expand_path("../lib", __FILE__) -require "mongoid/version" -tasks = Rake.application.instance_variable_get('@tasks') -tasks['release:do'] = tasks.delete('release') +if File.exist?('./spec/shared/lib/tasks/candidate.rake') + load 'spec/shared/lib/tasks/candidate.rake' +end -task :gem => :build +desc 'Build the gem' task :build do - system "gem build mongoid.gemspec" + command = %w[ gem build ] + command << "--output=#{ENV['GEM_FILE_NAME']}" if ENV['GEM_FILE_NAME'] + command << (ENV['GEMSPEC'] || 'mongoid.gemspec') + system(*command) end -task :install => :build do - system "sudo gem install mongoid-#{Mongoid::VERSION}.gem" +# `rake version` is used by the deployment system so get the release version +# of the product beng deployed. It must do nothing more than just print the +# product version number. +# +# See the mongodb-labs/driver-github-tools/ruby/publish Github action. +desc "Print the current value of Mongoid::VERSION" +task :version do + require 'mongoid/version' + + puts Mongoid::VERSION end +# overrides the default Bundler-provided `release` task, which also +# builds the gem. Our release process assumes the gem has already +# been built (and signed via GPG), so we just need `rake release` to +# push the gem to rubygems. task :release do - raise "Please use ./release.sh to release" + require 'mongoid/version' + + if ENV['GITHUB_ACTION'].nil? + abort <<~WARNING + `rake release` must be invoked from the `Mongoid Release` GitHub action, + and must not be invoked locally. This ensures the gem is properly signed + and distributed by the appropriate user. + + Note that it is the `rubygems/release-gem@v1` step in the `Mongoid Release` + action that invokes this task. Do not rename or remove this task, or the + release-gem step will fail. Reimplement this task with caution. + + mongoid-#{Mongoid::VERSION}.gem was NOT pushed to RubyGems. + WARNING + end + + system 'gem', 'push', "mongoid-#{Mongoid::VERSION}.gem" end RSpec::Core::RakeTask.new("spec") do |spec| @@ -49,6 +68,46 @@ RSpec::Core::RakeTask.new('spec:progress') do |spec| spec.pattern = "spec/**/*_spec.rb" end +desc 'Build and validate the evergreen config' +task eg: %w[ eg:build eg:validate ] + +# 'eg' == 'evergreen', but evergreen is too many letters for convenience +namespace :eg do + desc 'Builds the .evergreen/config.yml file from the templates' + task :build do + ruby '.evergreen/update-evergreen-configs' + end + + desc 'Validates the .evergreen/config.yml file' + task :validate do + system 'evergreen validate --project mongoid .evergreen/config.yml' + end + + desc 'Updates the evergreen executable to the latest available version' + task :update do + system 'evergreen get-update --install' + end + + desc 'Runs the current branch as an evergreen patch' + task :patch do + system 'evergreen patch --uncommitted --project mongoid --browse --auto-description --yes' + end +end + +namespace :generate do + desc 'Generates a mongoid.yml from the template' + task :config do + require 'mongoid' + require 'erb' + + template_path = 'lib/rails/generators/mongoid/config/templates/mongoid.yml' + database_name = ENV['DATABASE_NAME'] || 'my_db' + + config = ERB.new(File.read(template_path), trim_mode: '-').result(binding) + File.write('mongoid.yml', config) + end +end + CLASSIFIERS = [ [%r,^mongoid/attribute,, :attributes], [%r,^mongoid/association/[or],, :associations_referenced], @@ -64,6 +123,8 @@ RUN_PRIORITY = %i( ) def spec_organizer + require 'mrss/spec_organizer' + Mrss::SpecOrganizer.new( root: ROOT, classifiers: CLASSIFIERS, @@ -97,34 +158,12 @@ desc "Generate all documentation" task :docs => 'docs:yard' namespace :docs do - desc "Generate yard documention" + desc "Generate yard documentation" task :yard do + require "mongoid/version" + out = File.join('yard-docs', Mongoid::VERSION) FileUtils.rm_rf(out) system "yardoc -o #{out} --title mongoid-#{Mongoid::VERSION}" end end - -namespace :release do - task :check_private_key do - unless File.exist?('gem-private_key.pem') - raise "No private key present, cannot release" - end - end -end - -desc 'Verifies that all built gems in pkg/ are valid' -task :verify do - gems = Dir['pkg/*.gem'] - if gems.empty? - puts 'There are no gems in pkg/ to verify' - else - gems.each do |gem| - if signed_gem?(gem) - puts "#{gem} is signed" - else - abort "#{gem} is not signed" - end - end - end -end diff --git a/gem-public_cert.pem b/gem-public_cert.pem deleted file mode 100644 index ab7c15c7ce..0000000000 --- a/gem-public_cert.pem +++ /dev/null @@ -1,26 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEeDCCAuCgAwIBAgIBATANBgkqhkiG9w0BAQsFADBBMREwDwYDVQQDDAhkYngt -cnVieTEXMBUGCgmSJomT8ixkARkWB21vbmdvZGIxEzARBgoJkiaJk/IsZAEZFgNj -b20wHhcNMjMwMTMxMTE1NjM1WhcNMjQwMTMxMTE1NjM1WjBBMREwDwYDVQQDDAhk -YngtcnVieTEXMBUGCgmSJomT8ixkARkWB21vbmdvZGIxEzARBgoJkiaJk/IsZAEZ -FgNjb20wggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC0/Veq9l47cTfX -tQ+kHq2NOCwJuJGt1iXWQ/vH/yp7pZ/bLej7gPDl2CfIngAXRjM7r1FkR9ya7VAm -IneBFcVU3HhpIXWi4ByXGjBOXFD1Dfbz4C4zedIWRk/hNzXa+rQY4KPwpOwG/hZg -id+rSXWSbNlkyN97XfonweVh7JsIa9X/2JY9ADYjhCfEZF+b0+Wl7+jgwzLWb46I -0WH0bZBIZ0BbKAwUXIgvq5mQf9PzukmMVYCwnkJ/P4wrHO22HuwnbMyvJuGjVwqi -j1NRp/2vjmKBFWxIfhlSXEIiqAmeEVNXzhPvTVeyo+rma+7R3Bo+4WHkcnPpXJJZ -Jd63qXMvTB0GplEcMJPztWhrJOmcxIOVoQyigEPSQT8JpzFVXby4SGioizv2eT7l -VYSiCHuc3yEDyq5M+98WGX2etbj6esYtzI3rDevpIAHPB6HQmtoJIA4dSl3gjFb+ -D+YQSuB2qYu021FI9zeY9sbZyWysEXBxhwrmTk+XUV0qz+OQZkMCAwEAAaN7MHkw -CQYDVR0TBAIwADALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFH4nnr4tYlatU57RbExW -jG86YM5nMB8GA1UdEQQYMBaBFGRieC1ydWJ5QG1vbmdvZGIuY29tMB8GA1UdEgQY -MBaBFGRieC1ydWJ5QG1vbmdvZGIuY29tMA0GCSqGSIb3DQEBCwUAA4IBgQAVSlgM -nFDWCCNLOCqG5/Lj4U62XoALkdCI+OZ30+WrA8qiRLSL9ZEziVK9AV7ylez+sriQ -m8XKZKsCN5ON4+zXw1S+6Ftz/R4zDg7nTb9Wgw8ibzsoiP6e4pRW3Fls3ZdaG4pW -+qMTbae9OiSrgI2bxNTII+v+1FcbQjOlMu8HPZ3ZfXnurXPgN5GxSyyclZI1QONO -HbUoKHRirZu0F7JCvQQq4EkSuLWPplRJfYEeJIYm05zhhFeEyqea2B/TTlCtXa42 -84vxXsxGzumuO8F2Q9m6/p95sNhqCp0B/SkKXIrRGJ7FBzupoORNRXHviS2OC3ty -4lwUzOlLTF/yO0wwYYfmtQOALQwKnW838vbYthMXvTjxB0EgVZ5PKto99WbjsXzy -wkeAWhd5b+5JS0zgDL4SvGB8/W2IY+y0zELkojBMgJPyrpAWHL/WSsSBMuhyI2Pv -xxaBVLklnJJ/qCCOZ3lG2MyVc/Nb0Mmq8ygWNsfwHmKKYuuWcviit0D0Tek= ------END CERTIFICATE----- diff --git a/gemfiles/standard.rb b/gemfiles/standard.rb index 39c5e65d1d..91952c7cd9 100644 --- a/gemfiles/standard.rb +++ b/gemfiles/standard.rb @@ -15,6 +15,10 @@ def standard_dependencies group :development, :test do gem 'rspec-core', '~> 3.10' + gem 'rubocop', '~> 1.45.1' + gem 'rubocop-performance', '~> 1.16.0' + gem 'rubocop-rake', '~> 0.6.0' + gem 'rubocop-rspec', '~> 2.18.1' platform :mri do gem 'byebug' diff --git a/lib/mongoid/version.rb b/lib/mongoid/version.rb index 16c0f36347..64269ac108 100644 --- a/lib/mongoid/version.rb +++ b/lib/mongoid/version.rb @@ -1,5 +1,9 @@ # frozen_string_literal: true module Mongoid - VERSION = "7.5.4" + # The current version of Mongoid + # + # Note that this file is automatically updated via `rake candidate:create`. + # Manual changes to this file will be overwritten by that rake task. + VERSION = '7.5.4' end diff --git a/product.yml b/product.yml new file mode 100644 index 0000000000..84e9419709 --- /dev/null +++ b/product.yml @@ -0,0 +1,8 @@ +--- +name: Mongoid +description: an Ruby ODM for MongoDB +package: mongoid +jira: https://jira.mongodb.org/projects/MONGOID +version: + number: 7.5.4 + file: lib/mongoid/version.rb diff --git a/release.sh b/release.sh deleted file mode 100755 index 39554e854c..0000000000 --- a/release.sh +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/sh - -set -e - -NAME=mongoid -RELEASE_NAME=mongoid-release -VERSION_REQUIRE=mongoid/version -VERSION_CONSTANT_NAME=Mongoid::VERSION - -if ! test -f gem-private_key.pem; then - echo "gem-private_key.pem missing - cannot release" 1>&2 - exit 1 -fi - -VERSION=`ruby -Ilib -r$VERSION_REQUIRE -e "puts $VERSION_CONSTANT_NAME"` - -echo "Releasing $NAME $VERSION" -echo - -./release/mri/build.sh -cp pkg/$NAME-$VERSION.gem . - -echo -echo Built: $NAME-$VERSION.gem -echo - -git tag -a v$VERSION -m "Tagging release: $VERSION" -git push origin v$VERSION - -gem push $NAME-$VERSION.gem diff --git a/release/mri/Dockerfile b/release/mri/Dockerfile deleted file mode 100644 index 19e4dcd52e..0000000000 --- a/release/mri/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM debian:10 - -ENV DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && \ - apt-get -y install git ruby-bundler make gcc ruby-dev \ - libxml2-dev zlib1g-dev - -WORKDIR /app - -COPY . . diff --git a/release/mri/build.sh b/release/mri/build.sh deleted file mode 100755 index c751dc7875..0000000000 --- a/release/mri/build.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e - -rm -f *.lock -rm -f *.gem pkg/*.gem -rake build verify diff --git a/release/verify-signature.sh b/release/verify-signature.sh deleted file mode 100755 index dbac2100b9..0000000000 --- a/release/verify-signature.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash - -set -ex - -gem="$1" -if test -z "$gem"; then - echo "Usage: `basename $0` /path/to/built.gem" 1>&2 - exit 1 -fi - -gem cert --add gem-public_cert.pem -gem install -P HighSecurity $gem - -exit - -# The verification below does not work. -# https://github.com/rubygems/rubygems/issues/3680 - -# https://docs.ruby-lang.org/en/2.7.0/Gem/Security.html - -tar xf $gem - -# Grab the public key from the gemspec - -gem spec $gem cert_chain | \ - ruby -ryaml -e 'puts YAML.load(STDIN)' > actual_public_key.crt - -for file in data.tar.gz metadata.tar.gz; do - # Generate a SHA1 hash of the data.tar.gz - - openssl dgst -sha1 < $file > actual.hash - - # Verify the signature - - openssl rsautl -verify -inkey actual_public_key.crt -certin \ - -in $file.sig > signed.hash - - # Compare your hash to the verified hash - - diff -s actual.hash signed.hash -done diff --git a/spec/shared b/spec/shared index 30e2f1bcab..f1c563a36c 160000 --- a/spec/shared +++ b/spec/shared @@ -1 +1 @@ -Subproject commit 30e2f1bcabe957f76dc412dac3e91077b3cb3715 +Subproject commit f1c563a36ce64541331fdbc9afe3c27d2b9e2463 From fc3b1376a57065cb3627b57404c4fa32b63266cd Mon Sep 17 00:00:00 2001 From: Jamis Buck Date: Mon, 8 Sep 2025 13:17:28 -0600 Subject: [PATCH 2/4] Add the sbom --- sbom.json | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 sbom.json diff --git a/sbom.json b/sbom.json new file mode 100644 index 0000000000..bce98d911a --- /dev/null +++ b/sbom.json @@ -0,0 +1,51 @@ +{ + "metadata": { + "timestamp": "2024-06-12T07:02:03.298348+00:00", + "tools": [ + { + "externalReferences": [ + { + "type": "build-system", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/actions" + }, + { + "type": "distribution", + "url": "https://pypi.org/project/cyclonedx-python-lib/" + }, + { + "type": "documentation", + "url": "https://cyclonedx-python-library.readthedocs.io/" + }, + { + "type": "issue-tracker", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/issues" + }, + { + "type": "license", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/LICENSE" + }, + { + "type": "release-notes", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/blob/main/CHANGELOG.md" + }, + { + "type": "vcs", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib" + }, + { + "type": "website", + "url": "https://github.com/CycloneDX/cyclonedx-python-lib/#readme" + } + ], + "name": "cyclonedx-python-lib", + "vendor": "CycloneDX", + "version": "6.4.4" + } + ] + }, + "serialNumber": "urn:uuid:db499c84-957b-40c9-98d5-eca9b6f47c33", + "version": 1, + "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", + "bomFormat": "CycloneDX", + "specVersion": "1.5" +} From d8cd7d03ef22635db241b2ee1096b7dd2b2aee6a Mon Sep 17 00:00:00 2001 From: Jamis Buck Date: Mon, 8 Sep 2025 13:40:58 -0600 Subject: [PATCH 3/4] typo in product description --- product.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/product.yml b/product.yml index 84e9419709..c76dee22e0 100644 --- a/product.yml +++ b/product.yml @@ -1,6 +1,6 @@ --- name: Mongoid -description: an Ruby ODM for MongoDB +description: a Ruby ODM for MongoDB package: mongoid jira: https://jira.mongodb.org/projects/MONGOID version: From 400fd98b46650b99d246c035be521afbcdde9e11 Mon Sep 17 00:00:00 2001 From: Jamis Buck Date: Mon, 8 Sep 2025 15:01:58 -0600 Subject: [PATCH 4/4] remove rubocop and associated workflow --- .github/workflows/rubocop.yml | 20 ------- .rubocop.yml | 104 ---------------------------------- gemfiles/standard.rb | 4 -- 3 files changed, 128 deletions(-) delete mode 100644 .github/workflows/rubocop.yml delete mode 100644 .rubocop.yml diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml deleted file mode 100644 index b5eb3da8ef..0000000000 --- a/.github/workflows/rubocop.yml +++ /dev/null @@ -1,20 +0,0 @@ ---- -name: Rubocop - -on: [push, pull_request] - -jobs: - build: - runs-on: ubuntu-latest - env: - CI: true - TESTOPTS: "-v" - steps: - - uses: actions/checkout@v3 - - name: Set up Ruby 3.0 - uses: ruby/setup-ruby@v1 - with: - ruby-version: 3.0 - bundler-cache: true - - name: Run RuboCop - run: bundle exec rubocop --parallel diff --git a/.rubocop.yml b/.rubocop.yml deleted file mode 100644 index a4343f419e..0000000000 --- a/.rubocop.yml +++ /dev/null @@ -1,104 +0,0 @@ -require: - - rubocop-performance - - rubocop-rake - - rubocop-rspec - -AllCops: - TargetRubyVersion: 2.7 - NewCops: enable - Exclude: - - 'spec/shared/**/*' - - 'vendor/**/*' - - 'tmp/**/*' - - 'test-apps/**/*' - -# ----------------------------------- -# TODO: Enable and fix the cops below -# ----------------------------------- - -Gemspec: - Enabled: true - -Layout: - Enabled: true - -Lint: - Enabled: true - -Metrics: - Enabled: true - -Naming: - Enabled: true - -Performance: - Enabled: true - -Rake: - Enabled: true - -RSpec: - Enabled: true - -Security: - Exclude: - - 'spec/**/*' - -Style: - Enabled: true - -# -------------------------------------- -# Cops below this line set intentionally -# -------------------------------------- - -Bundler/OrderedGems: - Enabled: false - -Gemspec/OrderedDependencies: - Enabled: false - -Layout/SpaceInsideArrayLiteralBrackets: - EnforcedStyle: space - -Layout/SpaceInsidePercentLiteralDelimiters: - Enabled: false - -Metrics/ClassLength: - Enabled: false - -Metrics/ModuleLength: - Enabled: false - -Metrics/MethodLength: - Max: 20 - -RSpec/BeforeAfterAll: - Enabled: false - -RSpec/DescribeClass: - Enabled: false - -RSpec/ExampleLength: - Max: 10 - -RSpec/ImplicitExpect: - EnforcedStyle: is_expected - -RSpec/MultipleExpectations: - Enabled: false - -RSpec/NestedGroups: - Enabled: false - -Style/Documentation: - Exclude: - - 'spec/**/*' - -Style/ModuleFunction: - EnforcedStyle: extend_self - -Style/ParallelAssignment: - Enabled: false - -Style/TernaryParentheses: - EnforcedStyle: require_parentheses_when_complex diff --git a/gemfiles/standard.rb b/gemfiles/standard.rb index 91952c7cd9..39c5e65d1d 100644 --- a/gemfiles/standard.rb +++ b/gemfiles/standard.rb @@ -15,10 +15,6 @@ def standard_dependencies group :development, :test do gem 'rspec-core', '~> 3.10' - gem 'rubocop', '~> 1.45.1' - gem 'rubocop-performance', '~> 1.16.0' - gem 'rubocop-rake', '~> 0.6.0' - gem 'rubocop-rspec', '~> 2.18.1' platform :mri do gem 'byebug'