From 168191c99f78e1c0b1bd994d6d38d3522fdbba82 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 6 Feb 2025 20:08:30 -0500
Subject: [PATCH] [Dependency] Bump json from 2.7.2 to 2.9.1 (#652)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [json](https://github.com/ruby/json) from 2.7.2 to 2.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/json/releases">json's
releases</a>.</em></p>
<blockquote>
<h2>v2.9.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add support for Solaris 10 which lacks strnlen()</li>
</ul>
<h2>v2.9.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix C implementation of <code>script_safe</code> escaping to not
confuse some other 3 wide characters with <code>\u2028</code> and
<code>\u2029</code>.
e.g. <code>JSON.generate([&quot;倩&quot;, &quot;瀨&quot;], script_safe:
true)</code> would generate the wrong JSON.</li>
<li><code>JSON.dump(object, some_io)</code> now write into the IO in
chunks while previously it would buffer the entire JSON before
writing.</li>
<li><code>JSON::GeneratorError</code> now has a
<code>#invalid_object</code> attribute, making it easier to understand
why an object tree cannot be serialized.</li>
<li>Numerous improvements to the JRuby extension.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/json/compare/v2.8.2...v2.9.0">https://github.com/ruby/json/compare/v2.8.2...v2.9.0</a></p>
<h2>v2.8.2</h2>
<h2>What's Changed</h2>
<ul>
<li>JSON.load_file: explictly load the file as UTF-8</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/json/compare/v2.8.1...v2.8.2">https://github.com/ruby/json/compare/v2.8.1...v2.8.2</a></p>
<h2>v2.8.1</h2>
<ul>
<li>Fix the <code>java</code> version of the package to include the
extension implementation. Only concerns JRuby.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/ruby/json/compare/v2.8.0...v2.8.1">https://github.com/ruby/json/compare/v2.8.0...v2.8.1</a></p>
<h2>v2.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Emit a deprecation warning when <code>JSON.load</code> create custom
types without the <code>create_additions</code> option being explictly
enabled.
<ul>
<li>Prefer to use <code>JSON.unsafe_load(string)</code> or
<code>JSON.load(string, create_additions: true)</code>.</li>
</ul>
</li>
<li>Emit a deprecation warning when serializing valid UTF-8 strings
encoded in <code>ASCII_8BIT</code> aka <code>BINARY</code>.</li>
<li>Bump required Ruby version to 2.7.</li>
<li>Add support for optionally parsing trailing commas, via
<code>allow_trailing_comma: true</code>, which in cunjunction with the
pre-existing support for comments, make it suitable to parse
<code>jsonc</code> documents.</li>
<li>Many performance improvements to <code>JSON.parse</code> and
<code>JSON.load</code>, up to <code>1.7x</code> faster on real world
documents.</li>
<li>Some minor performance improvements to <code>JSON.dump</code> and
<code>JSON.generate</code>.</li>
<li><code>JSON.pretty_generate</code> no longer include newline inside
empty object and arrays.</li>
</ul>
<h2>Parsing performance</h2>
<p>Parsing performance is improved by 50-70% on realistic benchmarks,
and even more on micro-benchmarks: <a
href="https://gist.github.com/casperisfine/cf4b3a0594fae24b7d0eb93daaf3841a">https://gist.github.com/casperisfine/cf4b3a0594fae24b7d0eb93daaf3841a</a></p>
<pre><code>== Parsing activitypub.json (58160 bytes)
ruby 3.4.0dev (2024-11-06T07:59:09Z precompute-hash-wh.. 7943f98a8a)
+YJIT +PRISM [arm64-darwin24]
Warming up --------------------------------------
          json 2.7.2   638.000 i/100ms
&lt;/tr&gt;&lt;/table&gt;
</code></pre>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/json/blob/master/CHANGES.md">json's
changelog</a>.</em></p>
<blockquote>
<h3>2024-12-18 (2.9.1)</h3>
<ul>
<li>Fix support for Solaris 10.</li>
</ul>
<h3>2024-12-03 (2.9.0)</h3>
<ul>
<li>Fix C implementation of <code>script_safe</code> escaping to not
confuse some other 3 wide characters with <code>\u2028</code> and
<code>\u2029</code>.
e.g. <code>JSON.generate([&quot;倩&quot;, &quot;瀨&quot;], script_safe:
true)</code> would generate the wrong JSON.</li>
<li><code>JSON.dump(object, some_io)</code> now write into the IO in
chunks while previously it would buffer the entire JSON before
writing.</li>
<li><code>JSON::GeneratorError</code> now has a
<code>#invalid_object</code> attribute, making it easier to understand
why an object tree cannot be serialized.</li>
<li>Numerous improvements to the JRuby extension.</li>
</ul>
<h3>2024-11-14 (2.8.2)</h3>
<ul>
<li><code>JSON.load_file</code> explictly read the file as UTF-8.</li>
</ul>
<h3>2024-11-06 (2.8.1)</h3>
<ul>
<li>Fix the java packages to include the extension.</li>
</ul>
<h3>2024-11-06 (2.8.0)</h3>
<ul>
<li>Emit a deprecation warning when <code>JSON.load</code> create custom
types without the <code>create_additions</code> option being explictly
enabled.
<ul>
<li>Prefer to use <code>JSON.unsafe_load(string)</code> or
<code>JSON.load(string, create_additions: true)</code>.</li>
</ul>
</li>
<li>Emit a deprecation warning when serializing valid UTF-8 strings
encoded in <code>ASCII_8BIT</code> aka <code>BINARY</code>.</li>
<li>Bump required Ruby version to 2.7.</li>
<li>Add support for optionally parsing trailing commas, via
<code>allow_trailing_comma: true</code>, which in cunjunction with the
pre-existing support for comments, make it suitable to parse
<code>jsonc</code> documents.</li>
<li>Many performance improvements to <code>JSON.parse</code> and
<code>JSON.load</code>, up to <code>1.7x</code> faster on real world
documents.</li>
<li>Some minor performance improvements to <code>JSON.dump</code> and
<code>JSON.generate</code>.</li>
<li><code>JSON.pretty_generate</code> no longer include newline inside
empty object and arrays.</li>
</ul>
<h3>2024-11-04 (2.7.6)</h3>
<ul>
<li>Fix a regression in JSON.generate when dealing with Hash keys that
are string subclasses, call <code>to_json</code> on them.</li>
</ul>
<h3>2024-10-25 (2.7.5)</h3>
<ul>
<li>Fix a memory leak when <code>#to_json</code> methods raise an
exception.</li>
<li>Gracefully handle formatting configs being set to <code>nil</code>
instead of <code>&quot;&quot;</code>.</li>
<li>Workaround another issue caused by conflicting versions of both
<code>json_pure</code> and <code>json</code> being loaded.</li>
</ul>
<h3>2024-10-25 (2.7.4)</h3>
<ul>
<li>Workaround a bug in 3.4.8 and older <a
href="https://redirect.github.com/rubygems/rubygems/pull/6490">rubygems/rubygems#6490</a>.
This bug would cause some gems with native extension to fail during
compilation.</li>
<li>Workaround different versions of <code>json</code> and
<code>json_pure</code> being loaded (not officially supported).</li>
<li>Make <code>json_pure</code> Ractor compatible.</li>
</ul>
<h3>2024-10-24 (2.7.3)</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ruby/json/commit/f745ec145ef88f3dfe866001526a1270e49a2e89"><code>f745ec1</code></a>
Release 2.9.1</li>
<li><a
href="https://github.com/ruby/json/commit/72f43d452b05eee9b747261efc72e21ad72d31f4"><code>72f43d4</code></a>
Merge pull request <a
href="https://redirect.github.com/ruby/json/issues/719">#719</a> from
ngoto/support-solaris-10-missing-strnlen</li>
<li><a
href="https://github.com/ruby/json/commit/48d4bbc3a01d242e93242651b5a833a45c5b4033"><code>48d4bbc</code></a>
Add support for Solaris 10 which lacks strnlen()</li>
<li><a
href="https://github.com/ruby/json/commit/e1f6456499d497f33f69ae4c1afdaf9b2b9c50b3"><code>e1f6456</code></a>
Release 2.9.0</li>
<li><a
href="https://github.com/ruby/json/commit/20b501a31d824449148c97385eb064f6f62ba127"><code>20b501a</code></a>
Merge pull request <a
href="https://redirect.github.com/ruby/json/issues/716">#716</a> from
byroot/fix-script-safe-kanji</li>
<li><a
href="https://github.com/ruby/json/commit/93a7f8717d92013aca42a337e26ba9b85a7da317"><code>93a7f87</code></a>
Fix generate(script_safe: true) to not confuse unrelated characters</li>
<li><a
href="https://github.com/ruby/json/commit/d0c38f274e211c29cd94cc3ff5c894c38f48e7be"><code>d0c38f2</code></a>
Add missing entry in changelog</li>
<li><a
href="https://github.com/ruby/json/commit/686dcb1d56747130d3da6b025415b7c3d6cdc884"><code>686dcb1</code></a>
Merge pull request <a
href="https://redirect.github.com/ruby/json/issues/713">#713</a> from
mame/prevent-printf-format-warning</li>
<li><a
href="https://github.com/ruby/json/commit/b8c1490846280c796ac9d7acbe0791a133f1be80"><code>b8c1490</code></a>
Prevent a warning of &quot;a candidate for gnu_printf format
attribute&quot;</li>
<li><a
href="https://github.com/ruby/json/commit/dbd5042e7599e8764a2fdd87c4cb4418cbf0abca"><code>dbd5042</code></a>
Merge pull request <a
href="https://redirect.github.com/ruby/json/issues/712">#712</a> from
byroot/generation-error</li>
<li>Additional commits viewable in <a
href="https://github.com/ruby/json/compare/v2.7.2...v2.9.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json&package-manager=bundler&previous-version=2.7.2&new-version=2.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 9b80d350..df19b39e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -219,7 +219,7 @@ GEM
       gemoji (>= 3, < 5)
       html-pipeline (~> 2.2)
       jekyll (>= 3.0, < 5.0)
-    json (2.7.2)
+    json (2.9.1)
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)