jwt · anakinj · Oct 14, 2023 · Oct 14, 2023 · Oct 14, 2023 · Oct 14, 2023
diff --git a/.codeclimate.yml b/.codeclimate.yml
@@ -5,4 +5,4 @@ plugins:
     enabled: true
   rubocop:
     enabled: true
-    channel: rubocop-1-31-0
+    channel: rubocop-1-56-3
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -40,7 +40,7 @@ jobs:
           - gemfiles/standalone.gemfile
           - gemfiles/openssl.gemfile
           - gemfiles/rbnacl.gemfile
-          - gemfiles/rbnacl-pre-6.gemfile
+          - gemfiles/rbnacl_pre_6.gemfile
         experimental: [false]
         include:
           - os: ubuntu-22.04

diff --git a/.rubocop.yml b/.rubocop.yml
@@ -63,3 +63,6 @@ Layout/MultilineOperationIndentation:
 
 Style/WordArray:
   Enabled: false
+
+Gemspec/DevelopmentDependencies:
+  EnforcedStyle: gemspec
diff --git a/.simplecov b/.simplecov
@@ -6,7 +6,7 @@ require 'simplecov_json_formatter'
 SimpleCov.start do
   command_name "Job #{File.basename(ENV['BUNDLE_GEMFILE'])}" if ENV['BUNDLE_GEMFILE']
   project_name 'Ruby JWT - Ruby JSON Web Token implementation'
-  coverage_dir "coverage-#{::OpenSSL::Digest::SHA256.hexdigest(ENV['GITHUB_STEP_SUMMARY'])}" if ENV['GITHUB_STEP_SUMMARY']
+  coverage_dir "coverage-#{OpenSSL::Digest::SHA256.hexdigest(ENV['GITHUB_STEP_SUMMARY'])}" if ENV['GITHUB_STEP_SUMMARY']
   add_filter 'spec'
 end
 

diff --git a/Appraisals b/Appraisals
@@ -1,17 +1,20 @@
 # frozen_string_literal: true
 
 appraise 'standalone' do
-  # No additions
+  remove_gem 'rubocop'
 end
 
 appraise 'openssl' do
   gem 'openssl', '~> 2.1'
+  remove_gem 'rubocop'
 end
 
 appraise 'rbnacl' do
   gem 'rbnacl', '>= 6'
+  remove_gem 'rubocop'
 end
 
-appraise 'rbnacl-pre-6' do
+appraise 'rbnacl_pre_6' do
   gem 'rbnacl', '< 6'
+  remove_gem 'rubocop'
 end
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,11 +6,12 @@
 
 **Features:**
 
+- Updated rubocop to 1.56 [#573](https://github.com/jwt/ruby-jwt/pull/573) - [@anakinj](https://github.com/anakinj).
 - Your contribution here
 
 **Fixes and enhancements:**
 
-- Fix signature has expired error if payload is a string [#555](https://github.com/jwt/ruby-jwt/pull/555) - [@GobinathAL](https://github.com/GobinathAL)
+- Fix signature has expired error if payload is a string [#555](https://github.com/jwt/ruby-jwt/pull/555) - [@GobinathAL](https://github.com/GobinathAL).
 - Your contribution here
 
 ## [v2.7.1](https://github.com/jwt/ruby-jwt/tree/v2.8.0) (2023-06-09)

diff --git a/Gemfile b/Gemfile
@@ -4,4 +4,4 @@ source 'https://rubygems.org'
 
 gemspec
 
-gem 'rubocop', '< 1.32' # Keep .codeclimate.yml channel in sync with this one
+gem 'rubocop', '~> 1.56.3' # Keep .codeclimate.yml channel in sync with this one
diff --git a/bin/smoke.rb b/bin/smoke.rb
@@ -3,7 +3,7 @@
 
 require 'jwt'
 
-puts "Running simple encode/decode test for #{::JWT.gem_version}"
+puts "Running simple encode/decode test for #{JWT.gem_version}"
 secret = 'secretkeyforsigning'
-token  = ::JWT.encode({ con: 'tent' }, secret, 'HS256')
-::JWT.decode(token, secret, true, algorithm: 'HS256')
+token  = JWT.encode({ con: 'tent' }, secret, 'HS256')
+JWT.decode(token, secret, true, algorithm: 'HS256')
diff --git a/gemfiles/openssl.gemfile b/gemfiles/openssl.gemfile
@@ -2,7 +2,6 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
 gem "openssl", "~> 2.1"
 
 gemspec path: "../"
diff --git a/gemfiles/rbnacl-pre-6.gemfile b/gemfiles/rbnacl-pre-6.gemfile
diff --git a/gemfiles/rbnacl.gemfile b/gemfiles/rbnacl.gemfile
@@ -2,7 +2,6 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
 gem "rbnacl", ">= 6"
 
 gemspec path: "../"
diff --git a/gemfiles/rbnacl_pre_6.gemfile b/gemfiles/rbnacl_pre_6.gemfile
@@ -2,7 +2,6 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
 gem "rbnacl", "< 6"
 
 gemspec path: "../"
diff --git a/gemfiles/standalone.gemfile b/gemfiles/standalone.gemfile
@@ -2,6 +2,4 @@
 
 source "https://rubygems.org"
 
-gem "rubocop", "< 1.32"
-
 gemspec path: "../"
diff --git a/lib/jwt/claims_validator.rb b/lib/jwt/claims_validator.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-require_relative './error'
+require_relative 'error'
 
 module JWT
   class ClaimsValidator

diff --git a/lib/jwt/jwk.rb b/lib/jwt/jwk.rb
@@ -52,4 +52,4 @@ def generate_mappings
 require_relative 'jwk/ec'
 require_relative 'jwk/rsa'
 require_relative 'jwk/hmac'
-require_relative 'jwk/okp_rbnacl' if ::JWT.rbnacl?
+require_relative 'jwk/okp_rbnacl' if JWT.rbnacl?
diff --git a/lib/jwt/version.rb b/lib/jwt/version.rb
@@ -23,7 +23,8 @@ module VERSION
 
   def self.openssl_3?
     return false if OpenSSL::OPENSSL_VERSION.include?('LibreSSL')
-    return true if OpenSSL::OPENSSL_VERSION_NUMBER >= 3 * 0x10000000
+
+    true if 3 * 0x10000000 <= OpenSSL::OPENSSL_VERSION_NUMBER
   end
 
   def self.rbnacl?

diff --git a/ruby-jwt.gemspec b/ruby-jwt.gemspec
@@ -35,5 +35,6 @@ Gem::Specification.new do |spec|
   spec.add_development_dependency 'bundler'
   spec.add_development_dependency 'rake'
   spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
   spec.add_development_dependency 'simplecov'
 end
diff --git a/spec/configuration/jwk_configuration_spec.rb b/spec/configuration/jwk_configuration_spec.rb
@@ -11,7 +11,7 @@
     context 'when valid value is passed' do
       it 'sets the generator matching the value' do
         subject.kid_generator_type = :rfc7638_thumbprint
-        expect(subject.kid_generator).to eq(::JWT::JWK::Thumbprint)
+        expect(subject.kid_generator).to eq(JWT::JWK::Thumbprint)
       end
     end
   end

diff --git a/spec/integration/readme_examples_spec.rb b/spec/integration/readme_examples_spec.rb
@@ -29,7 +29,7 @@
     end
 
     it 'decodes with HMAC algorithm without secret key' do
-      pending 'Different behaviour on OpenSSL 3.0 (https://github.com/openssl/openssl/issues/13089)' if ::JWT.openssl_3_hmac_empty_key_regression?
+      pending 'Different behaviour on OpenSSL 3.0 (https://github.com/openssl/openssl/issues/13089)' if JWT.openssl_3_hmac_empty_key_regression?
       token = JWT.encode payload, nil, 'HS256'
       decoded_token = JWT.decode token, nil, false
 
@@ -80,7 +80,7 @@
       end
     end
 
-    if ::Gem::Version.new(OpenSSL::VERSION) >= ::Gem::Version.new('2.1')
+    if Gem::Version.new(OpenSSL::VERSION) >= Gem::Version.new('2.1')
       it 'RSASSA-PSS' do
         rsa_private = OpenSSL::PKey::RSA.generate 2048
         rsa_public = rsa_private.public_key
@@ -414,7 +414,7 @@
     end
 
     it 'JWK with thumbprint as kid via type' do
-      JWT.configuration.jwk.kid_generator = ::JWT::JWK::Thumbprint
+      JWT.configuration.jwk.kid_generator = JWT::JWK::Thumbprint
 
       jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048))
 
@@ -424,15 +424,15 @@
     end
 
     it 'JWK with thumbprint given in the initializer (legacy)' do
-      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), kid_generator: ::JWT::JWK::Thumbprint)
+      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), kid_generator: JWT::JWK::Thumbprint)
 
       jwk_hash = jwk.export
 
       expect(jwk_hash[:kid].size).to eq(43)
     end
 
     it 'JWK with thumbprint given in the initializer' do
-      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), nil, kid_generator: ::JWT::JWK::Thumbprint)
+      jwk = JWT::JWK.new(OpenSSL::PKey::RSA.new(2048), nil, kid_generator: JWT::JWK::Thumbprint)
 
       jwk_hash = jwk.export
 
@@ -460,8 +460,8 @@ def self.verify(data:, signature:, verification_key:)
         end
       end
 
-      token = ::JWT.encode({ 'pay' => 'load' }, 'secret', custom_hs512_alg)
-      _payload, _header = ::JWT.decode(token, 'secret', true, algorithm: custom_hs512_alg)
+      token = JWT.encode({ 'pay' => 'load' }, 'secret', custom_hs512_alg)
+      _payload, _header = JWT.decode(token, 'secret', true, algorithm: custom_hs512_alg)
     end
   end
 end
diff --git a/spec/jwk/decode_with_jwk_spec.rb b/spec/jwk/decode_with_jwk_spec.rb
@@ -166,7 +166,7 @@
       if defined?(RbNaCl)
         context 'when OKP keys are used' do
           before do
-            skip('Requires the rbnacl gem') unless ::JWT.rbnacl?
+            skip('Requires the rbnacl gem') unless JWT.rbnacl?
           end
 
           let(:keypair) { RbNaCl::Signatures::Ed25519::SigningKey.new(SecureRandom.hex) }

diff --git a/spec/jwk/okp_rbnacl_spec.rb b/spec/jwk/okp_rbnacl_spec.rb
@@ -11,7 +11,7 @@
   subject(:instance) { described_class.new(key) }
 
   before do
-    skip('Requires the rbnacl gem') unless ::JWT.rbnacl?
+    skip('Requires the rbnacl gem') unless JWT.rbnacl?
   end
 
   describe '.new' do

diff --git a/spec/jwk/rsa_spec.rb b/spec/jwk/rsa_spec.rb
@@ -152,7 +152,7 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:e, :n) }
 
       it 'creates a valid RSA object representing a public key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(false)
       end
     end
@@ -169,7 +169,7 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:n, :e, :d, :p, :q, :dp, :dq, :qi) }
 
       it 'creates a valid RSA object representing a public key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(true)
       end
     end
@@ -180,11 +180,11 @@
       let(:jwk_parameters) { all_jwk_parameters.slice(:e, :n, :d) }
 
       before do
-        skip 'OpenSSL prior to 2.2 does not seem to support partial parameters' if ::JWT.openssl_version < ::Gem::Version.new('2.2')
+        skip 'OpenSSL prior to 2.2 does not seem to support partial parameters' if JWT.openssl_version < Gem::Version.new('2.2')
       end
 
       it 'creates a valid RSA object representing a private key' do
-        expect(subject).to be_a(::OpenSSL::PKey::RSA)
+        expect(subject).to be_a(OpenSSL::PKey::RSA)
         expect(subject.private?).to eq(true)
       end
 
@@ -217,7 +217,7 @@
   describe '.create_rsa_key_using_sets' do
     before do
       skip 'OpenSSL without the RSA#set_key method not supported' unless OpenSSL::PKey::RSA.new.respond_to?(:set_key)
-      skip 'OpenSSL 3.0 does not allow mutating objects anymore' if ::JWT.openssl_3?
+      skip 'OpenSSL 3.0 does not allow mutating objects anymore' if JWT.openssl_3?
     end
 
     subject(:rsa) { described_class.create_rsa_key_using_sets(rsa_parameters) }

diff --git a/spec/jwk_spec.rb b/spec/jwk_spec.rb
@@ -12,14 +12,14 @@
     subject { described_class.import(params) }
 
     it 'creates a ::JWT::JWK::RSA instance' do
-      expect(subject).to be_a ::JWT::JWK::RSA
+      expect(subject).to be_a JWT::JWK::RSA
       expect(subject.export).to eq(exported_key)
     end
 
     context 'parsed from JSON' do
       let(:params)  { exported_key }
       it 'creates a ::JWT::JWK::RSA instance from JSON parsed JWK' do
-        expect(subject).to be_a ::JWT::JWK::RSA
+        expect(subject).to be_a JWT::JWK::RSA
         expect(subject.export).to eq(exported_key)
       end
     end
@@ -53,17 +53,17 @@
 
     context 'when RSA key is given' do
       let(:keypair) { rsa_key }
-      it { is_expected.to be_a ::JWT::JWK::RSA }
+      it { is_expected.to be_a JWT::JWK::RSA }
     end
 
     context 'when secret key is given' do
       let(:keypair) { 'secret-key' }
-      it { is_expected.to be_a ::JWT::JWK::HMAC }
+      it { is_expected.to be_a JWT::JWK::HMAC }
     end
 
     context 'when EC key is given' do
       let(:keypair) { ec_key }
-      it { is_expected.to be_a ::JWT::JWK::EC }
+      it { is_expected.to be_a JWT::JWK::EC }
     end
 
     context 'when kid is given' do

diff --git a/spec/jwt/algos/ecdsa_spec.rb b/spec/jwt/algos/ecdsa_spec.rb
@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-RSpec.describe ::JWT::Algos::Ecdsa do
+RSpec.describe JWT::Algos::Ecdsa do
   describe '.curve_by_name' do
     subject { described_class.curve_by_name(curve_name) }
 

diff --git a/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb b/spec/jwt/algos/hmac_rbnacl_fixed_spec.rb
@@ -5,14 +5,14 @@
     skip('Requires rbnacl gem < 6.0') ::JWT.rbnacl?
   end
 
-  let(:described_class) { ::JWT::Algos::HmacRbNaClFixed }
+  let(:described_class) { JWT::Algos::HmacRbNaClFixed }
 
   let(:data) { 'this_is_the_string_to_be_signed' }
   let(:key) { 'the secret key' }
 
   describe '.verify' do
     context 'when signature is generated with OpenSSL' do
-      let!(:signature) { ::JWT::Algos::Hmac.sign('HS256', data, key) }
+      let!(:signature) { JWT::Algos::Hmac.sign('HS256', data, key) }
       it 'verifies the signature' do
         allow(OpenSSL::HMAC).to receive(:digest).and_call_original
         expect(described_class.verify('HS256', key, data, signature)).to eq(true)
@@ -22,7 +22,7 @@
 
     context 'when signature is generated with OpenSSL and key is very long' do
       let(:key) { 'a' * 100 }
-      let!(:signature) { ::JWT::Algos::Hmac.sign('HS256', data, key) }
+      let!(:signature) { JWT::Algos::Hmac.sign('HS256', data, key) }
 
       it 'verifies the signature using OpenSSL features' do
         allow(OpenSSL::HMAC).to receive(:digest).and_call_original
@@ -47,7 +47,7 @@
     context 'when signature is generated by RbNaCl' do
       let!(:signature) { described_class.sign('HS256', data, key) }
       it 'can verify the signature with OpenSSL' do
-        expect(::JWT::Algos::Hmac.verify('HS256', key, data, signature)).to eq(true)
+        expect(JWT::Algos::Hmac.verify('HS256', key, data, signature)).to eq(true)
       end
     end
   end

diff --git a/spec/jwt/algos/hmac_rbnacl_spec.rb b/spec/jwt/algos/hmac_rbnacl_spec.rb
@@ -2,17 +2,17 @@
 
 RSpec.describe '::JWT::Algos::HmacRbNaCl' do
   before do
-    skip('Requires the rbnacl gem greater than 6.0') unless ::JWT.rbnacl_6_or_greater?
+    skip('Requires the rbnacl gem greater than 6.0') unless JWT.rbnacl_6_or_greater?
   end
 
-  let(:described_class) { ::JWT::Algos::HmacRbNaCl }
+  let(:described_class) { JWT::Algos::HmacRbNaCl }
 
   let(:data) { 'this_is_the_string_to_be_signed' }
   let(:key) { 'the secret key' }
 
   describe '.verify' do
     context 'when signature is generated with OpenSSL' do
-      let!(:signature) { ::JWT::Algos::Hmac.sign('HS256', data, key) }
+      let!(:signature) { JWT::Algos::Hmac.sign('HS256', data, key) }
       it 'verifies the signature' do
         allow(OpenSSL::HMAC).to receive(:digest).and_call_original
         expect(described_class.verify('HS256', key, data, signature)).to eq(true)
@@ -22,7 +22,7 @@
 
     context 'when signature is generated with OpenSSL and key is very long' do
       let(:key) { 'a' * 100 }
-      let!(:signature) { ::JWT::Algos::Hmac.sign('HS256', data, key) }
+      let!(:signature) { JWT::Algos::Hmac.sign('HS256', data, key) }
 
       it 'verifies the signature using OpenSSL features' do
         allow(OpenSSL::HMAC).to receive(:digest).and_call_original
@@ -47,7 +47,7 @@
     context 'when signature is generated by RbNaCl' do
       let!(:signature) { described_class.sign('HS256', data, key) }
       it 'can verify the signature with OpenSSL' do
-        expect(::JWT::Algos::Hmac.verify('HS256', key, data, signature)).to eq(true)
+        expect(JWT::Algos::Hmac.verify('HS256', key, data, signature)).to eq(true)
       end
     end
   end
Original file line number	Diff line number	Diff line change
Expand Up		@@ -4,4 +4,4 @@ source 'https://rubygems.org'

		gemspec

		gem 'rubocop', '< 1.32' # Keep .codeclimate.yml channel in sync with this one
		gem 'rubocop', '~> 1.56.3' # Keep .codeclimate.yml channel in sync with this one
Original file line number	Diff line number	Diff line change
Expand Up		@@ -2,6 +2,4 @@

		source "https://rubygems.org"

		gem "rubocop", "< 1.32"

		gemspec path: "../"