Update ruby gems; update rexml gem to patch CVE

.github/workflows/ruby.yml

@@ -1,40 +1,60 @@
-# This workflow uses actions that are not certified by GitHub.
-# They are provided by a third-party and are governed by
-# separate terms of service, privacy policy, and support
-# documentation.
-# This workflow will download a prebuilt Ruby version, install dependencies and run tests with Rake
-# For more information see: https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby
-
 name: Ruby
 
 on:
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request:
-    branches: [ "main" ]
+    branches: ["main"]
 
 permissions:
   contents: read
 
 jobs:
   test:
-
-    runs-on: ubuntu-latest
+    runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        # Use `rbenv install -l` and only use the latest stable
-        # version of ruby.
-        ruby-version: ["3.0.1", "3.0.6", "3.1.4", "3.2.2"]
+        os:
+          [
+            ubuntu-latest,
+            ubuntu-20.04,
+            macos-latest,
+            macos-13,
+            macos-12,
+            windows-latest,
+            windows-2019,
+          ]
+        ruby: ["3.0", "3.1", "3.2", "3.3"]
 
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Ruby
-    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
-    # change this to (see https://github.com/ruby/setup-ruby#versioning):
-    # uses: ruby/setup-ruby@v1
-      uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0
-      with:
-        ruby-version: ${{ matrix.ruby-version }}
-        bundler-cache: true # runs 'bundle install' and caches installed gems automatically
-    - name: Run tests
-      run: bundle exec rake
+      - uses: actions/checkout@v3
+
+      - name: Set timezone on Linux
+        if: contains(matrix.os, 'ubuntu')
+        run: sudo timedatectl set-timezone 'America/New_York'
+
+      - name: Set timezone on macOS
+        if: contains(matrix.os, 'macos')
+        run: sudo systemsetup -settimezone America/New_York
+
+      - name: Set timezone on Windows
+        if: contains(matrix.os, 'windows')
+        run: tzutil /s "Eastern Standard Time"
+
+      - name: Set up Ruby
+        uses: ruby/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+          bundler-cache: true
+
+      - name: Update RubyGems
+        run: gem update --system
+
+      - name: Disable bundler frozen setting
+        run: bundle config set frozen false
+
+      - name: Install dependencies
+        run: bundle install
+
+      - name: Run tests
+        run: bundle exec rake

CHANGELOG.md

@@ -1,3 +1,10 @@
+## [1.3.8] - 2024-08-09
+
+Changes
+
+- Ruby gem updates.
+- Update rexml gem to patch CVE.
+
 ## [1.3.7] - 2024-02-21
 
 Changes

Gemfile

@@ -10,10 +10,10 @@ gem 'rake', '>= 13.0', '< 14.0'
 
 group :development do
   gem 'reek', '>= 6.1', '< 7.0'
-  gem 'rubocop', '>= 1.35', '< 2.0'
-  gem 'rubocop-performance', '>= 1.14', '< 2.0'
+  gem 'rubocop', '>= 1.65', '< 2.0'
+  gem 'rubocop-performance', '>= 1.21', '< 2.0'
   gem 'rubocop-rake', '>= 0.6', '< 1.0'
-  gem 'rubocop-rspec', '>= 2.12', '< 3.0'
+  gem 'rubocop-rspec', '>= 3.0.4', '< 4.0'
 end
 
 group :test do

Gemfile.lock

@@ -1,32 +1,32 @@
 PATH
   remote: .
   specs:
-    immutable_struct_ex_redactable (1.3.7)
-      immutable_struct_ex (~> 1.0, >= 1.0.5)
+    immutable_struct_ex_redactable (1.3.8)
+      immutable_struct_ex (>= 1.0.5, < 2.0)
 
 GEM
   remote: https://rubygems.org/
   specs:
     ast (2.4.2)
-    bigdecimal (3.1.6)
+    bigdecimal (3.1.8)
     byebug (11.1.3)
     coderay (1.1.3)
-    concurrent-ruby (1.2.3)
+    concurrent-ruby (1.3.3)
     diff-lcs (1.5.1)
-    docile (1.4.0)
-    dry-configurable (1.1.0)
+    docile (1.4.1)
+    dry-configurable (1.2.0)
       dry-core (~> 1.0, < 2)
       zeitwerk (~> 2.6)
     dry-core (1.0.1)
       concurrent-ruby (~> 1.0)
       zeitwerk (~> 2.6)
-    dry-inflector (1.0.0)
+    dry-inflector (1.1.0)
     dry-initializer (3.1.1)
     dry-logic (1.5.0)
       concurrent-ruby (~> 1.0)
       dry-core (~> 1.0, < 2)
       zeitwerk (~> 2.6)
-    dry-schema (1.13.3)
+    dry-schema (1.13.4)
       concurrent-ruby (~> 1.0)
       dry-configurable (~> 1.0, >= 1.0.1)
       dry-core (~> 1.0, < 2)
@@ -41,12 +41,12 @@ GEM
       dry-inflector (~> 1.0)
       dry-logic (~> 1.4)
       zeitwerk (~> 2.6)
-    immutable_struct_ex (1.0.10)
-    json (2.7.1)
+    immutable_struct_ex (1.0.11)
+    json (2.7.2)
     language_server-protocol (3.17.0.3)
-    method_source (1.0.0)
-    parallel (1.24.0)
-    parser (3.3.0.5)
+    method_source (1.1.0)
+    parallel (1.26.1)
+    parser (3.3.4.2)
       ast (~> 2.4.1)
       racc
     pry (0.14.2)
@@ -55,67 +55,68 @@ GEM
     pry-byebug (3.10.1)
       byebug (~> 11.0)
       pry (>= 0.13, < 0.15)
-    racc (1.7.3)
+    racc (1.8.1)
     rainbow (3.1.1)
-    rake (13.1.0)
+    rake (13.2.1)
     reek (6.3.0)
       dry-schema (~> 1.13.0)
       parser (~> 3.3.0)
       rainbow (>= 2.0, < 4.0)
       rexml (~> 3.1)
-    regexp_parser (2.9.0)
-    rexml (3.2.6)
+    regexp_parser (2.9.2)
+    rexml (3.3.4)
+      strscan
     rspec (3.13.0)
       rspec-core (~> 3.13.0)
       rspec-expectations (~> 3.13.0)
       rspec-mocks (~> 3.13.0)
     rspec-core (3.13.0)
       rspec-support (~> 3.13.0)
-    rspec-expectations (3.13.0)
+    rspec-expectations (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-mocks (3.13.0)
+    rspec-mocks (3.13.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.13.0)
-    rspec-support (3.13.0)
-    rubocop (1.60.2)
+    rspec-support (3.13.1)
+    rubocop (1.65.1)
       json (~> 2.3)
       language_server-protocol (>= 3.17.0)
       parallel (~> 1.10)
       parser (>= 3.3.0.2)
       rainbow (>= 2.2.2, < 4.0)
-      regexp_parser (>= 1.8, < 3.0)
+      regexp_parser (>= 2.4, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.30.0)
-      parser (>= 3.2.1.0)
-    rubocop-capybara (2.20.0)
-      rubocop (~> 1.41)
-    rubocop-factory_bot (2.25.1)
-      rubocop (~> 1.41)
-    rubocop-performance (1.20.2)
+    rubocop-ast (1.32.0)
+      parser (>= 3.3.1.0)
+    rubocop-performance (1.21.1)
       rubocop (>= 1.48.1, < 2.0)
-      rubocop-ast (>= 1.30.0, < 2.0)
+      rubocop-ast (>= 1.31.1, < 2.0)
     rubocop-rake (0.6.0)
       rubocop (~> 1.0)
-    rubocop-rspec (2.26.1)
-      rubocop (~> 1.40)
-      rubocop-capybara (~> 2.17)
-      rubocop-factory_bot (~> 2.22)
+    rubocop-rspec (3.0.4)
+      rubocop (~> 1.61)
     ruby-progressbar (1.13.0)
     simplecov (0.22.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
     simplecov_json_formatter (0.1.4)
+    strscan (3.1.0)
     unicode-display_width (2.5.0)
-    zeitwerk (2.6.13)
+    zeitwerk (2.6.17)
 
 PLATFORMS
+  arm64-darwin-22
+  arm64-darwin-23
+  x64-mingw-ucrt
+  x64-mingw32
   x86_64-darwin-19
+  x86_64-darwin-20
   x86_64-darwin-21
   x86_64-linux
 
@@ -126,10 +127,10 @@ DEPENDENCIES
   rake (>= 13.0, < 14.0)
   reek (>= 6.1, < 7.0)
   rspec (>= 3.12, < 4.0)
-  rubocop (>= 1.35, < 2.0)
-  rubocop-performance (>= 1.14, < 2.0)
+  rubocop (>= 1.65, < 2.0)
+  rubocop-performance (>= 1.21, < 2.0)
   rubocop-rake (>= 0.6, < 1.0)
-  rubocop-rspec (>= 2.12, < 3.0)
+  rubocop-rspec (>= 3.0.4, < 4.0)
   simplecov (>= 0.22.0, < 1.0)
 
 BUNDLED WITH

immutable_struct_ex_redactable.gemspec

@@ -32,7 +32,7 @@ Gem::Specification.new do |spec|
   spec.require_paths = ['lib']
 
   # Uncomment to register a new dependency of your gem
-  spec.add_dependency 'immutable_struct_ex', '~> 1.0', '>= 1.0.5'
+  spec.add_dependency 'immutable_struct_ex', '>= 1.0.5', '< 2.0'
   spec.metadata['rubygems_mfa_required'] = 'true'
 
   spec.post_install_message = <<~POST_INSTALL

lib/immutable_struct_ex_redactable/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module ImmutableStructExRedactable
-  VERSION = '1.3.7'
+  VERSION = '1.3.8'
 end