Bump the prod-dependencies group across 1 directory with 18 updates

[dependabot]

Bumps the prod-dependencies group with 16 updates in the /updater directory:

Package	From	To
http	5.1.1	5.2.0
opentelemetry-instrumentation-excon	0.22.0	0.22.4
opentelemetry-instrumentation-http	0.23.2	0.23.4
opentelemetry-instrumentation-net_http	0.22.4	0.22.7
opentelemetry-metrics-sdk	0.2.0	0.3.0
sentry-opentelemetry	5.16.1	5.21.0
aws-sdk-codecommit	1.63.0	1.79.0
aws-sdk-ecr	1.68.0	1.88.0
faraday	2.7.11	2.12.0
faraday-retry	2.2.0	2.2.1
gitlab	5.0.0	5.1.0
json	2.6.3	2.7.5
nokogiri	1.16.5	1.16.7
sorbet-runtime	0.5.11577	0.5.11631
stackprof	0.2.25	0.2.26
parseconfig	1.0.8	1.1.2

Updates http from 5.1.1 to 5.2.0

Changelog

Sourced from http's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

Unreleased

Removed

• BREAKING Drop Ruby 2.x support

Commits

• bb754c7 Release v5.2.0
• de1e319 ci: Cleanup and update workflow
• 02e66b0 ci: Add Ruby 3.3 to the test matrix
• 81d281e SECURITY.md: use private vulnerability reporting feature (#772)
• 03370c6 Fix changelog uri in gemspec
• f7e16c8 Add support for the PURGE HTTP method. (#757)
• 8b802bf Do more conservative URL normalization (#758)
• 65276d7 Prevent CRLF injection due to broken URL normalizer (#765)
• 3b7133c fix: close sockets on initialize timeout (#762)
• 4060ccd not_found requires two arguments (#761)
• Additional commits viewable in compare view

Updates opentelemetry-instrumentation-excon from 0.22.0 to 0.22.4

Release notes

Sourced from opentelemetry-instrumentation-excon's releases.

opentelemetry-instrumentation-excon 0.22.4

v0.22.4 / 2024-07-23

• DOCS: Add cspell to CI

opentelemetry-instrumentation-excon 0.22.3

v0.22.3 / 2024-06-18

• FIXED: Relax otel common gem constraints
• FIXED: Add http.url to Excon instrumentation

Changelog

Sourced from opentelemetry-instrumentation-excon's changelog.

v0.22.4 / 2024-07-23

• DOCS: Add cspell to CI

v0.22.3 / 2024-06-18

• FIXED: Relax otel common gem constraints
• FIXED: Add http.url to Excon instrumentation

v0.22.2 / 2024-05-09

• FIXED: Untrace entire request

v0.22.1 / 2024-04-30

• FIXED: Bundler conflict warnings

Commits

• 35ddf66 release: Release 30 gems (#1083)
• 246fc10 chore: Update Rubocop to 1.65.0 (#1070)
• 58fda55 docs: add cspell to CI (#1061)
• b27c742 release: Release 17 gems (#1025)
• 2fe3930 fix: Add http.url to Excon instrumentation (#1020)
• 99c3859 fix: Relax otel common gem constraints (#1007)
• 38c22c6 chore: Update Rubocop to 1.64.0 (#997)
• a466ae3 release: Release 13 gems (#970)
• 899970d fix: Untrace entire request (#968)
• 5776b35 release: Release 35 gems (#960)
• Additional commits viewable in compare view

Updates opentelemetry-instrumentation-http from 0.23.2 to 0.23.4

Release notes

Sourced from opentelemetry-instrumentation-http's releases.

opentelemetry-instrumentation-http 0.23.4

v0.23.4 / 2024-07-23

• DOCS: Add cspell to CI

Changelog

Sourced from opentelemetry-instrumentation-http's changelog.

v0.23.4 / 2024-07-23

• DOCS: Add cspell to CI

v0.23.3 / 2024-04-30

• FIXED: Bundler conflict warnings

Commits

• 35ddf66 release: Release 30 gems (#1083)
• 246fc10 chore: Update Rubocop to 1.65.0 (#1070)
• 58fda55 docs: add cspell to CI (#1061)
• 38c22c6 chore: Update Rubocop to 1.64.0 (#997)
• 5776b35 release: Release 35 gems (#960)
• d3e9e3a fix: Bundler conflict warnings (#951)
• e474c40 chore: Update rubocop to 1.62 (#910)
• e0b4dcf chore: Update rubocop to 1.60.1 (#823)
• 8916598 chore: Update rubocop version to 1.60.0 (#818)
• 7589a34 chore: Bump rubocop-performance 1.20.0 (#780)
• Additional commits viewable in compare view

Updates opentelemetry-instrumentation-net_http from 0.22.4 to 0.22.7

Release notes

Sourced from opentelemetry-instrumentation-net_http's releases.

opentelemetry-instrumentation-net_http 0.22.7

v0.22.7 / 2024-07-23

• DOCS: Add cspell to CI

opentelemetry-instrumentation-net_http 0.22.6

v0.22.6 / 2024-06-18

• FIXED: Relax otel common gem constraints

Changelog

Sourced from opentelemetry-instrumentation-net_http's changelog.

v0.22.7 / 2024-07-23

• DOCS: Add cspell to CI

v0.22.6 / 2024-06-18

• FIXED: Relax otel common gem constraints

v0.22.5 / 2024-05-09

• FIXED: Untrace entire request

Commits

• 35ddf66 release: Release 30 gems (#1083)
• 246fc10 chore: Update Rubocop to 1.65.0 (#1070)
• 58fda55 docs: add cspell to CI (#1061)
• b27c742 release: Release 17 gems (#1025)
• 99c3859 fix: Relax otel common gem constraints (#1007)
• 38c22c6 chore: Update Rubocop to 1.64.0 (#997)
• a466ae3 release: Release 13 gems (#970)
• 899970d fix: Untrace entire request (#968)
• e474c40 chore: Update rubocop to 1.62 (#910)
• e0b4dcf chore: Update rubocop to 1.60.1 (#823)
• Additional commits viewable in compare view

Updates opentelemetry-metrics-sdk from 0.2.0 to 0.3.0

Release notes

Sourced from opentelemetry-metrics-sdk's releases.

opentelemetry-metrics-sdk 0.3.0

v0.3.0 / 2024-10-22

• ADDED: Add basic metrics view
• FIXED: Coerce aggregation_temporality to symbol
• FIXED: Add warning if invalid meter name given

Changelog

Sourced from opentelemetry-metrics-sdk's changelog.

v0.3.0 / 2024-10-22

• ADDED: Add basic metrics view
• FIXED: Coerce aggregation_temporality to symbol
• FIXED: Add warning if invalid meter name given

Commits

• 555b062 release: Release 2 gems (#1754)
• 4c9f7e1 fix: add warning if invalid meter name given (#1734)
• cb05fa5 Update Instrument validation and move to SDK (#1735)
• 044336d fix: Coerce aggregation_temporality to symbol (#1741)
• 7aa9c11 feat: add basic metrics view (#1604)
• d9b2972 chore: add markdown link & lint ci (#1684)
• 75a4885 Rubocop on metrics (#1683)
• See full diff in compare view

Updates sentry-opentelemetry from 5.16.1 to 5.21.0

Release notes

Sourced from sentry-opentelemetry's releases.

5.21.0

Features

• Experimental support for multi-threaded profiling using Vernier (#2372)

  You can have much better profiles if you're using multi-threaded servers like Puma now by leveraging Vernier. To use it, first add vernier to your Gemfile and make sure it is loaded before sentry-ruby.

  # Gemfile
  gem 'vernier'
  gem 'sentry-ruby'

  Then, set a profiles_sample_rate and the new profiler_class configuration in your sentry initializer to use the new profiler.

  # config/initializers/sentry.rb
  Sentry.init do |config|
  ...
  config.profiles_sample_rate = 1.0
  config.profiler_class = Sentry::Vernier::Profiler
  end

Internal

• Profile items have bigger size limit now (#2421)
• Consistent string freezing (#2422)

5.20.1

Bug Fixes

• Skip rubocop.yml in spec.files (#2420)

5.20.0

• Add support for $SENTRY_DEBUG and $SENTRY_SPOTLIGHT (#2374)
• Support human readable intervals in sidekiq-cron (#2387)
• Set default app dirs pattern (#2390)
• Add new strip_backtrace_load_path boolean config (default true) to enable disabling load path stripping (#2409)

Bug Fixes

• Fix error events missing a DSC when there's an active span (#2408)
• Verifies presence of client before adding a breadcrumb (#2394)
• Fix Net:HTTP integration for non-ASCII URI's (#2417)
• Prevent Hub from having nil scope and client (#2402)

... (truncated)

Changelog

Sourced from sentry-opentelemetry's changelog.

5.21.0

Features

• Experimental support for multi-threaded profiling using Vernier (#2372)

  You can have much better profiles if you're using multi-threaded servers like Puma now by leveraging Vernier. To use it, first add vernier to your Gemfile and make sure it is loaded before sentry-ruby.

  # Gemfile
  gem 'vernier'
  gem 'sentry-ruby'

  Then, set a profiles_sample_rate and the new profiler_class configuration in your sentry initializer to use the new profiler.

  # config/initializers/sentry.rb
  Sentry.init do |config|
  ...
  config.profiles_sample_rate = 1.0
  config.profiler_class = Sentry::Vernier::Profiler
  end

Internal

• Profile items have bigger size limit now (#2421)
• Consistent string freezing (#2422)

5.20.1

Bug Fixes

• Skip rubocop.yml in spec.files (#2420)

5.20.0

• Add support for $SENTRY_DEBUG and $SENTRY_SPOTLIGHT (#2374)
• Support human readable intervals in sidekiq-cron (#2387)
• Set default app dirs pattern (#2390)
• Add new strip_backtrace_load_path boolean config (default true) to enable disabling load path stripping (#2409)

Bug Fixes

• Fix error events missing a DSC when there's an active span (#2408)
• Verifies presence of client before adding a breadcrumb (#2394)

... (truncated)

Commits

• d56c2bb release: 5.21.0
• 5b1b558 Consistent string freezing (#2422)
• 84bf2cf release: 5.20.1
• d96e8e1 Ignore rubocop file in spec files (#2420)
• 34ba320 release: 5.20.0
• 5c26b9e Fix rubocop setup (for some envs) (#2377)
• 43c5cc2 release: 5.19.0
• 278316c Fix skipping 'connect' spans (#2364)
• cdf8a4a release: 5.18.2
• 36866c5 Make links more specific in gemspecs (#2311)
• Additional commits viewable in compare view

Updates sentry-ruby from 5.16.1 to 5.21.0

Changelog

Sourced from sentry-ruby's changelog.

5.21.0

Features

• Experimental support for multi-threaded profiling using Vernier (#2372)

  You can have much better profiles if you're using multi-threaded servers like Puma now by leveraging Vernier. To use it, first add vernier to your Gemfile and make sure it is loaded before sentry-ruby.

  # Gemfile
  gem 'vernier'
  gem 'sentry-ruby'

  Then, set a profiles_sample_rate and the new profiler_class configuration in your sentry initializer to use the new profiler.

  # config/initializers/sentry.rb
  Sentry.init do |config|
  ...
  config.profiles_sample_rate = 1.0
  config.profiler_class = Sentry::Vernier::Profiler
  end

Internal

• Profile items have bigger size limit now (#2421)
• Consistent string freezing (#2422)

5.20.1

Bug Fixes

• Skip rubocop.yml in spec.files (#2420)

5.20.0

• Add support for $SENTRY_DEBUG and $SENTRY_SPOTLIGHT (#2374)
• Support human readable intervals in sidekiq-cron (#2387)
• Set default app dirs pattern (#2390)
• Add new strip_backtrace_load_path boolean config (default true) to enable disabling load path stripping (#2409)

Bug Fixes

• Fix error events missing a DSC when there's an active span (#2408)
• Verifies presence of client before adding a breadcrumb (#2394)

... (truncated)

Commits

• d56c2bb release: 5.21.0
• 5b1b558 Consistent string freezing (#2422)
• 8dc3d2d Experimental support for multi-threaded profiling using Vernier (#2372)
• a070e08 Generalize size limits based on envelope item type (#2421)
• 84bf2cf release: 5.20.1
• d96e8e1 Ignore rubocop file in spec files (#2420)
• 34ba320 release: 5.20.0
• af8fcdd Prevent Hub from having nil scope and client (#2402)
• 152eb5e fix: Unable to use sentry when URI contains non-ascii symbols on Net::HTTP tr...
• 0c875e4 Skip concurrent threaded test on jruby (#2415)
• Additional commits viewable in compare view

Updates aws-sdk-codecommit from 1.63.0 to 1.79.0

Changelog

Sourced from aws-sdk-codecommit's changelog.

1.79.0 (2024-10-18)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.78.0 (2024-09-24)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.77.0 (2024-09-23)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.76.0 (2024-09-20)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.75.0 (2024-09-11)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.74.0 (2024-09-10)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.73.0 (2024-09-03)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.72.0 (2024-07-25)

• Feature - CreateRepository API now throws OperationNotAllowedException when the account has been restricted from creating a repository.

1.71.0 (2024-07-02)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.70.0 (2024-06-28)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

... (truncated)

Commits

• See full diff in compare view

Updates aws-sdk-ecr from 1.68.0 to 1.88.0

Changelog

Sourced from aws-sdk-ecr's changelog.

1.88.0 (2024-10-18)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.87.0 (2024-09-24)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.86.0 (2024-09-23)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.85.0 (2024-09-20)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.84.0 (2024-09-17)

• Feature - The DescribeImageScanning API now includes fixAvailable, exploitAvailable, and fixedInVersion fields to provide more detailed information about the availability of fixes, exploits, and fixed versions for identified image vulnerabilities.

1.83.0 (2024-09-11)

• Feature - Added KMS_DSSE to EncryptionType

1.82.0 (2024-09-10)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.81.0 (2024-09-03)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.80.0 (2024-08-05)

• Feature - Released two new APIs along with documentation updates. The GetAccountSetting API is used to view the current basic scan type version setting for your registry, while the PutAccountSetting API is used to update the basic scan type version for your registry.

1.79.0 (2024-07-25)

• Feature - API and documentation updates for Amazon ECR, adding support for creating, updating, describing and deleting ECR Repository Creation Template.

... (truncated)

Commits

• See full diff in compare view

Updates faraday from 2.7.11 to 2.12.0

Release notes

Sourced from faraday's releases.

v2.12.0

What's Changed

New features ✨

• Make RaiseError middleware configurable to not raise error on certain status codes (e.g. 404) by @​clemens in lostisland/faraday#1590

Fixes 🐞

• Add json as an explicit dependency by @​deivid-rodriguez in lostisland/faraday#1589

Misc/Docs 📄

• docs: fix grammar by @​dijonkitchen in lostisland/faraday#1588

New Contributors

• @​dijonkitchen made their first contribution in lostisland/faraday#1588
• @​deivid-rodriguez made their first contribution in lostisland/faraday#1589
• @​clemens made their first contribution in lostisland/faraday#1590

Full Changelog: lostisland/faraday@v2.11.0...v2.12.0

v2.11.0

What's Changed

This release adds support for the ciphers SSL option (currently supported by the net_http adapter in v3.3+), as well as taking advantage of the support of chained certificates introduced in the net_http adapter in v3.2. Also, it adds a new ParallelManager#execute interface that improves on the existing one and makes it easier for adapters to support parallel requests. This is currently used by the async-http adapter.

New features ✨

• Add support for a new ParallelManager#execute method. by @​iMacTia in lostisland/faraday#1584
• Add ciphers attribute to SSLOptions by @​womblep in lostisland/faraday#1582

Misc/Docs 📄

• Opt-in for MFA requirement explicitly by @​tagliala in lostisland/faraday#1580
• Fix typos by @​tagliala in lostisland/faraday#1585

New Contributors

• @​tagliala made their first contribution in lostisland/faraday#1580
• @​womblep made their first contribution in lostisland/faraday#1582

Full Changelog: lostisland/faraday@v2.10.1...v2.11.0

v2.10.1

What's Changed

• Update JS deps by @​olleolleolle in lostisland/faraday#1574
• fix: Avoid lazy-initialized lock by @​olleolleolle in lostisland/faraday#1577

Full Changelog: lostisland/faraday@v2.10.0...v2.10.1

v2.10.0

What's Changed

This release introduces support for middleware-level default_options 🎉 You can read more about it in the docs.

... (truncated)

Commits

• 59c5003 Version bump to 2.12.0
• 98d5adf Make RaiseError middleware configurable to not raise error on certain status ...
• 9e5c8a1 Add json as an explicit dependency (#1589)
• 9fcff67 docs: fix grammar (#1588)
• 3170e7d Version bump to 2.11.0
• f208ffc Allow faraday-net_http 3.3.x
• 9056ecc Add ciphers attribute to SSLOptions (#1582)
• 99228e4 Fix typos (#1585)
• 9cdc025 Opt-in for MFA requirement explicitly (#1580)
• 3835b48 Add support for a new ParallelManager#execute method. (#1584)
• Additional commits viewable in compare view

Updates faraday-retry from 2.2.0 to 2.2.1

Release notes

Sourced from faraday-retry's releases.

v2.2.1

What's Changed

• Document "methods" option with its type as a list of Symbols by @​olleolleolle in lostisland/faraday-retry#30
• Update docs reference to RaiseError middleware by @​Drowze in lostisland/faraday-retry#32
• Add Ruby 3.3 to CI matrix by @​m-nakamura145 in lostisland/faraday-retry#33
• Improve README.md about exceptions config by @​mi-wada in lostisland/faraday-retry#35
• Check for Faraday::UploadIO while rewinding by @​iMacTia in lostisland/faraday-retry#37
• Bump actions/checkout from 3 to 4 by @​dependabot in lostisland/faraday-retry#38

New Contributors

• @​Drowze made their first contribution in lostisland/faraday-retry#32
• @​m-nakamura145 made their first contribution in lostisland/faraday-retry#33
• @​mi-wada made their first contribution in lostisland/faraday-retry#35
• @​dependabot made their first contribution in lostisland/faraday-retry#38

Full Changelog: lostisland/faraday-retry@v2.2.0...v2.2.1

Changelog

Sourced from faraday-retry's changelog.

v2.2.1 (2024-04-15)

• Avoid deprecation warning about ::UploadIO constant when used without faraday-multipart gem [PR #37](lostisland/faraday-retry#37) [@​iMacTia]
• Documentation update [PR #30](lostisland/faraday-retry#30) [@​olleolleolle]
• Documentation update [PR #32](lostisland/faraday-retry#32) Thanks, [@​Drowze]!

Commits

• 7506f91 v2.2.1
• 1a7ae96 CHANGELOG.md: Add unreleased code [ci skip]
• 8056d24 Bump actions/checkout from 3 to 4
• 2b3fba5 CI: Tell dependabot to update GH Actions
• ce15807 Check for Faraday::UploadIO while rewinding
• f1929d9 Add instructions on how to inherit the default exceptions to the README
• 0b769c4 Add missing default exceptions
• 1be9551 Add Ruby 3.3 to CI matrix
• 6b1419f Update docs reference to RaiseError middleware (#32)
• 41b7ea2 Document "methods" type as symbols [ci skip] (#30)
• See full diff in compare view

Updates gitlab from 5.0.0 to 5.1.0

Release notes

Sourced from gitlab's releases.

v5.1.0

General improvements

• Added base64 to dependencies #697

Bugfixes

• Fixed masking short and known private tokens #692
• Fixed pagination options for merge request discussions #694

New features

• Added support for programming languages used in a project #695
• Added support for merge request dependencies #698
• Added support for pipelines triggered by a pipeline schedule in a project #699
• Added support for using CI/CD job token for authentication #700
• Added support for project access tokens API #701

Commits

• bcfeb45 Release v5.1.0
• 6ca8f7a Merge pull request #701 from balasankarc/support-access-token-endpoint
• 64896ab Add Project Access Token related endpoints
• 26edb1b Merge pull request #700 from balasankarc/support-ci-job-token
• 0bfb77c Support using CI_JOB_TOKEN for authentication
• 579bcda Merge pull request #699 from caiconkhicon/dattang/add-pipeline_schedule_get_p...
• a9da2e9 Remove verb from method name
• 100e256 Add get_pipelines_by_pipeline_schedule method
• f3bd928 Merge pull request #698 from ddieulivol/ddieulivol-merge_request_dependencies
• 5e31a2d Merge branch 'master' into ddieulivol-merge_request_dependencies
• Additional commits viewable in compare view

Updates json from 2.6.3 to 2.7.5

Release notes

Sourced from json's releases.

v2.7.5

What's Changed

• Fix a memory leak when #to_json methods raise an exception.
• Gracefully handle formatting configs being set to nil instead of "".
• Workaround another issue caused by conflicting versions of both json_pure and json being loaded.

Full Changelog: ruby/json@v2.7.4...v2.7.5

v2.7.4

What's Changed

• Workaround a bug in 3.4.8 and older rubygems/rubygems#6490. This bug would cause some gems with native extension to fail during compilation.
• Workaround different versions of json and json_pure being loaded (not officially supported).
• Make json_pure Ractor compatible.

Full Changelog: ruby/json@v2.7.3...v2.7.4

v2.7.3

What's Changed

• Numerous performance optimizations in JSON.generate and JSON.dump (up to 2 times faster).
• Limit the size of ParserError exception messages, only include up to 32 bytes of the unparseable source.
• Fix json-pure's Object#to_json to accept non state arguments
• Fix multiline comment support in json-pure.
• Fix JSON.parse to no longer mutate the argument encoding when passed an ASCII-8BIT string.
• Fix String#to_json to raise on invalid encoding in json-pure.
• Delete code that was based on CVTUTF.
• Use the pure-Ruby generator on TruffleRuby.
• Fix strict mode in json-pure to not break on Integer.

JSON.dump Performance

JSON.dump is now much faster, and on par or faster than alternative implementations:

== Encoding citm_catalog.json (500298 bytes)
ruby 3.4.0preview2 (2024-10-07 master 32c733f57b) +YJIT +PRISM [arm64-darwin23]
Warming up --------------------------------------
        json (2.7.3)   123.000 i/100ms
                  oj   124.000 i/100ms
Calculating -------------------------------------
        json (2.7.3)      1.312k (± 1.8%) i/s  (761.91 μs/i) -      6.642k in   5.062192s
                  oj      1.278k (± 2.0%) i/s  (782.35 μs/i) -      6.448k in   5.046587s
Comparison:
json (2.7.2):      884.0 i/s
json (2.7.3):     1312.5 i/s - 1.48x  faster
oj:     1278.2 i/s - 1.45x  faster
</tr></table>

... (truncated)

Changelog

Sourced from json's changelog.

2024-10-25 (2.7.5)

• Fix a memory leak when #to_json methods raise an exception.
• Gracefully handle formatting configs being set to nil instead of "".
• Workaround another issue caused by conflicting versions of both json_pure and json being loaded.

2024-10-25 (2.7.4)

• Workaround a bug in 3.4.8 and older rubygems/rubygems#6490. This bug would cause some gems with native extension to fail during compilation.
• Workaround different versions of json and json_pure being loaded (not officially supported).
• Make json_pure Ractor compatible.

2024-10-24 (2.7.3)

• Numerous performance optimizations in JSON.generate and JSON.dump (up to 2 times faster).
• Limit the size of ParserError exception messages, only include up to 32 bytes of the unparseable source.
• Fix json-pure's Object#to_json to accept non state arguments
• Fix multiline comment support in json-pure.
• Fix JSON.parse to no longer mutate the argument encoding when passed an ASCII-8BIT string.
• Fix String#to_json to raise on invalid encoding in json-pure.
• Delete code that was based on CVTUTF.
• Use the pure-Ruby generator on TruffleRuby.
• Fix strict mode in json-pure to not break on Integer.

2024-04-04 (2.7.2)

• Use rb_sym2str instead of SYM2ID #561
• Fix memory leak when exception is raised during JSON generation #574
• Remove references to "19" methods in JRuby #576
• Make OpenStruct support as optional by @​hsbt in #565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 #577
• Warn to install ostruct if json couldn't load it by @​hsbt #578

2023-12-05 (2.7.1)

• JSON.dump: handle unenclosed hashes regression #554
• Overload kwargs in JSON.dump #556
• [DOC] RDoc for additions #557
• Fix JSON.dump overload combination #558

2023-12-01 (2.7.0)

• Add a strict option to Generator #519
• escape_slash option was renamed as script_safe and now also escape U+2028 and U+2029. escape_slash is now an alias of script_safe #525
• Remove unnecessary initialization of create_id in JSON.parse() #454
• Improvements to Hash#to_json in pure implementation generator #203
• Use ruby_xfree to free buffers #518
• Fix "unexpected token" offset for Infinity #507
• Avoid using deprecated BigDecimal.new on JRuby #546

... (truncated)

Commits

• 9d71186 Merge pull request #654 from casperisfine/v2.7.x-handle-nil-configs
• c318928 Handle all formatting configs potentially being nil.
• 04b43d2 Merge pull request #652 from byroot/v2.7.x-pure-compat
• 4af0ea5 Instantiate Parser with a kwsplat
• 31a9100 Release 2.7.4
• 9e9b749 Merge pull request #648 from casperisfine/v2.7-rubygems-workaround
• 10981db Update CHANGES
• e285489 json_pure: fix ractor compatibility
• 7fd3531 Workaround being loaded alongside a different json_pure version
• a0cd1de Workaround rubygems $LOAD_PATH bug
• Additional commits viewable in compare view

Updates nokogiri from 1.16.5 to 1.16.7

Release notes

Sourced from nokogiri's releases.

v1.16.7 / 2024-07-27

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.12.9, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.

---

sha256 checksums:

78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b  no...
Description has been truncated

[dependabot]

Superseded by #10892.