Bump the ruby-dependencies group across 1 directory with 5 updates

[dependabot]

Bumps the ruby-dependencies group with 5 updates in the / directory:

Package	From	To
toml-rb	4.0.0	4.1.0
rspec-core	3.13.5	3.13.6
excon	1.2.8	1.3.0
rake	13.3.0	13.3.1
json	2.13.2	2.15.2

Updates toml-rb from 4.0.0 to 4.1.0

Release notes

Sourced from toml-rb's releases.

v4.1.0

What's Changed

• #155 First working solution to verify we are not overriding dotted keys by @​emancu in emancu/toml-rb#157
• #149 Undetected key conflict error by @​emancu in emancu/toml-rb#158
• #150 Fix encoding error by @​emancu in emancu/toml-rb#159

Full Changelog: emancu/toml-rb@v4.0.0...v4.1.0

Commits

• 3906963 Bump to v4.1.0
• 61581fa Fix encoding exception
• 9e0539b Update ruby.yml
• d1551a7 Merge pull request #158 from emancu/149/undetected_key_conflict_error
• 7183f0f Refactor keyvalue to make it more readable
• 9179f25 Fix emancu/toml-rb#149 which should be rejected.
• 19fb9ea Merge pull request #157 from emancu/155/merge_dotted_keys
• 75b7c10 First working solution to verify we are not overriding dotted keys
• See full diff in compare view

Updates rspec-core from 3.13.5 to 3.13.6

Changelog

Sourced from rspec-core's changelog.

3.13.6 / 2025-10-19

Full Changelog

Bug Fixes:

• Add explicit block parameter to RSpec::World::Null.traverse_example_group_trees_until to prevent warning. (@​viralpraxis, rspec/rspec#240)

Commits

• 4d8e9c3 rspec-core-v3.13.6
• f55a7d3 Merge pull request #240 from viralpraxis/fix-unused-block-warning
• 72949df Continue removing :if / :unless and fix broken skip
• 3fbe74e Adjust specs to be deprecation warning-free
• f5cb8cf Use :skip instead of :if/:else in specs
• See full diff in compare view

Updates excon from 1.2.8 to 1.3.0

Changelog

Sourced from excon's changelog.

1.3.0 2025-08-18

• proxy connect should always include port, regardless of default

1.2.9 2025-08-15

• bump actions/checkout
• update bundled certs

Commits

• c0a65a0 v1.3.0
• b3b25e3 proxy connect should always include port, regardless of default (#890)
• 2560a53 v1.2.9
• 3e45715 update bundled certs
• aa29a8d Bump actions/checkout from 4 to 5 (#889)
• See full diff in compare view

Updates rake from 13.3.0 to 13.3.1

Commits

• f0001c3 v13.3.1
• a644c80 Merge pull request #483 from luke-gru/fix_test_warnings
• 2465ea5 silence warnings during execution of rake tasks in Rakefile (ex: rake test)
• df25fb1 Merge pull request #610 from pvdb/fix_testhelper_require
• ec12ac9 Merge pull request #635 from nevans/deconstruct_keys-for-nil-keys
• 4664a69 Merge pull request #666 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 7a0bf15 Bump ruby/setup-ruby from 1.265.0 to 1.266.0
• b3ed789 Merge pull request #665 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 1e7ef52 Bump ruby/setup-ruby from 1.263.0 to 1.265.0
• 77225e1 Merge pull request #664 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• Additional commits viewable in compare view

Updates json from 2.13.2 to 2.15.2

Release notes

Sourced from json's releases.

v2.15.2

What's Changed

• Fix JSON::Coder to have one dedicated depth counter per invocation. After encountering a circular reference in JSON::Coder#dump, any further #dump call would raise JSON::NestingError.

Full Changelog: ruby/json@v2.15.1...v2.15.2

v2.15.1

What's Changed

• Fix incorrect escaping in the JRuby extension when encoding shared strings.

Full Changelog: ruby/json@v2.15.0...v2.15.1

v2.15.0

What's Changed

• JSON::Coder callback now receive a second argument to convey whether the object is a hash key.
• Tuned the floating point number generator to not use scientific notation as aggressively.

Full Changelog: ruby/json@v2.14.1...v2.15.0

v2.14.1

What's Changed

• Fix IndexOutOfBoundsException in the JRuby extension when encoding shared strings.

Full Changelog: ruby/json@v2.14.0...v2.14.1

v2.14.0

What's Changed

• Add new allow_duplicate_key generator options. By default a warning is now emitted when a duplicated key is encountered. In json 3.0 an error will be raised.

  >> Warning[:deprecated] = true
  >> puts JSON.generate({ foo: 1, "foo" => 2 })
  (irb):2: warning: detected duplicate key "foo" in {foo: 1, "foo" => 2}.
  This will raise an error in json 3.0 unless enabled via `allow_duplicate_key: true`
  {"foo":1,"foo":2}
  >> JSON.generate({ foo: 1, "foo" => 2 }, allow_duplicate_key: false)
  detected duplicate key "foo" in {foo: 1, "foo" => 2} (JSON::GeneratorError)

• Fix JSON.generate strict: true mode to also restrict hash keys.
• Fix JSON::Coder to also invoke block for hash keys that aren't strings nor symbols.
• Fix JSON.unsafe_load usage with proc
• Fix the parser to more consistently reject invalid UTF-16 surogate pairs.

... (truncated)

Changelog

Sourced from json's changelog.

2025-10-25 (2.15.2)

• Fix JSON::Coder to have one dedicated depth counter per invocation. After encountering a circular reference in JSON::Coder#dump, any further #dump call would raise JSON::NestingError.

2025-10-07 (2.15.1)

• Fix incorrect escaping in the JRuby extension when encoding shared strings.

2025-09-22 (2.15.0)

• JSON::Coder callback now receive a second argument to convey whether the object is a hash key.
• Tuned the floating point number generator to not use scientific notation as aggressively.

2025-09-18 (2.14.1)

• Fix IndexOutOfBoundsException in the JRuby extension when encoding shared strings.

2025-09-18 (2.14.0)

• Add new allow_duplicate_key generator options. By default a warning is now emitted when a duplicated key is encountered. In json 3.0 an error will be raised.

  >> Warning[:deprecated] = true
  >> puts JSON.generate({ foo: 1, "foo" => 2 })
  (irb):2: warning: detected duplicate key "foo" in {foo: 1, "foo" => 2}.
  This will raise an error in json 3.0 unless enabled via `allow_duplicate_key: true`
  {"foo":1,"foo":2}
  >> JSON.generate({ foo: 1, "foo" => 2 }, allow_duplicate_key: false)
  detected duplicate key "foo" in {foo: 1, "foo" => 2} (JSON::GeneratorError)

• Fix JSON.generate strict: true mode to also restrict hash keys.
• Fix JSON::Coder to also invoke block for hash keys that aren't strings nor symbols.
• Fix JSON.unsafe_load usage with proc
• Fix the parser to more consistently reject invalid UTF-16 surogate pairs.
• Stop defining String.json_create, String#to_json_raw, String#to_json_raw_object when json/add isn't loaded.

Commits

• 5e61cd7 Release 2.15.2
• 30969be Merge pull request #874 from byroot/coder-reset-nesting
• aefa671 Fix concurrent usage of JSON::Coder#dump
• 9e6067b Release 2.15.1
• 1e19097 Add a workflow to sync commits to ruby/ruby (#872)
• 1b1647f Update changelog
• eec466d Merge pull request #871 from tompng/fix_sliced_string_escape
• d7baf01 Fix sliced string escaping
• d867e39 Run jruby-head on Windows
• ec85851 Fix a typo in the changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, ruby, skip changelog. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.