build(deps): bump the bundler group across 10 directories with 9 updates

Bumps the bundler group with 3 updates in the /pkgs/applications/version-management/bitbucket-server-cli directory: addressable, git and json. Bumps the bundler group with 4 updates in the /pkgs/applications/version-management/danger-gitlab directory: addressable, git, httparty and rexml. Bumps the bundler group with 2 updates in the /pkgs/applications/version-management/git-fame directory: rexml and activesupport. Bumps the bundler group with 1 update in the /pkgs/by-name/ce/cewl directory: nokogiri. Bumps the bundler group with 1 update in the /pkgs/by-name/fu/fusuma directory: rexml. Bumps the bundler group with 4 updates in the /pkgs/by-name/go/gollum directory: json, rexml, nokogiri and rack. Bumps the bundler group with 4 updates in the /pkgs/by-name/li/licensed directory: json, activesupport, nokogiri and rack. Bumps the bundler group with 1 update in the /pkgs/by-name/mp/mpdcron directory: nokogiri. Bumps the bundler group with 1 update in the /pkgs/by-name/ov/overcommit directory: rexml. Bumps the bundler group with 5 updates in the /pkgs/servers/web-apps/discourse/rubyEnv directory:

Package	From	To
json	2.9.1	2.11.3
rexml	3.4.0	3.4.1
nokogiri	1.18.2	1.18.8
rack	2.2.10	2.2.13
uri	1.0.2	1.0.3

Updates addressable from 2.5.0 to 2.8.0

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

• fixes ReDoS vulnerability in Addressable::Template#match
• no longer replaces + with spaces in queries for non-http(s) schemes
• fixed encoding ipv6 literals
• the :compacted flag for normalized_query now dedupes parameters
• fix broken escape_component alias
• dropping support for Ruby 2.0 and 2.1
• adding Ruby 3.0 compatibility for development tasks
• drop support for rack-mount and remove Addressable::Template#generate
• performance improvements
• switch CI/CD to GitHub Actions

Addressable 2.7.0

• added :compacted flag to normalized_query
• heuristic_parse handles mailto: more intuitively
• dropped explicit support for JRuby 9.0.5.0
• compatibility w/ public_suffix 4.x
• performance improvements

Addressable 2.6.0

• added tld= method to allow assignment to the public suffix
• most heuristic_parse patterns are now case-insensitive
• heuristic_parse handles more file:// URI variations
• fixes bug in heuristic_parse when uri starts with digit
• fixes bug in request_uri= with query strings
• fixes template issues with nil and ? operator
• frozen_string_literal pragmas added
• minor performance improvements in regexps
• fixes to eliminate warnings

Addressable 2.5.2

• better support for frozen string literals
• fixed bug w/ uppercase characters in scheme
• IDNA errors w/ emoji URLs
• compatibility w/ public_suffix 3.x

Addressable 2.5.1

• allow unicode normalization to be disabled for URI Template expansion
• removed duplicate test

Commits

• 6469a23 Updating gemspec again
• 2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
• e9c76b8 Merge pull request #378 from ashmaroli/flat-map
• 56c5cf7 Update the gemspec
• c1fed1c Require a non-vulnerable rake
• 0d8a312 Adding note about ReDoS vulnerability
• 89c7613 Merge branch 'template-regexp' into main
• cf8884f Note about alias fix
• bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
• 6d1d809 Adding note about :compacted normalization
• Additional commits viewable in compare view

Updates git from 1.3.0 to 1.13.0

Release notes

Sourced from git's releases.

v1.13.0

Full Changelog

• ca8ff35 Release v1.13.0 (#603)
• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)

Release v1.12.0

Full Changelog

• ea79dad Release v1.12.0
• e58cd29 Support the commit --no-gpg-sign flag (#589)
• 323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (#592)
• 609ab8b Allow the CI build to be run manually using the GitHub interface (#590)
• 4a96679 Fix windows build (#591)
• 6f2b3fd Support the --all option for git fetch (#583)
• 1b13ec1 Workaround to get JRuby build working (#582)
• 5f0adec Update README.md (#580)
• 45b467c Make the directory param to Git.clone optional (#578)
• b92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (#577)
• 13471d7 Add Git::URL #parse and #clone_to methods (#575)
• 0a43d8b Use the head version of yard (#573)

Release v1.11.0

Full Changelog

• 292087e Supress unneeded test output (#570)
• 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
• 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
• c04d16e remove from maintainer (#567)
• 291ca09 Address command line injection in Git::Lib#fetch
• 521b8e7 Release v1.10.2 (#561)

Release v1.10.2

Full Changelog

• 57f941c Release v1.10.2
• c987a74 Add create-release, setup, and console dev scripts (#560)
• 12e3d03 Store tempfile objects to prevent deletion during tests (#555)

Release v1.10.1

Full Changelog

• c7b12af Release v1.10.1
• ea28118 Properly escape double quotes in shell commands on Windows (#552)
• db060fc Properly unescape diff paths (#504)
• ea47044 Add Ruby 3.0 to CI build (#547)

... (truncated)

Changelog

Sourced from git's changelog.

v1.13.0 (2022-12-10)

Full Changelog

• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)

v1.12.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0

v1.11.0

• 292087e Supress unneeded test output (#570)
• 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
• 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
• c04d16e remove from maintainer (#567)
• 291ca09 Address command line injection in Git::Lib#fetch
• 521b8e7 Release v1.10.2 (#561)

See https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0

v1.10.2

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2

1.10.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1

1.10.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0

1.9.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1

1.9.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0

1.8.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1

1.8.0

... (truncated)

Commits

• ca8ff35 Release v1.13.0
• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)
• ea79dad Release v1.12.0
• e58cd29 Support the commit --no-gpg-sign flag (#589)
• 323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (#592)
• 609ab8b Allow the CI build to be run manually using the GitHub interface (#590)
• Additional commits viewable in compare view

Updates json from 2.0.2 to 2.3.0

Release notes

Sourced from json's releases.

v2.3.0

What's Changed

• README: Docs at rubydoc.info, not on rubyforge by @​olleolleolle in flori/json#376
• Remove RubyForge homepage reference by @​olleolleolle in flori/json#378
• Add ascii_only option to JSON::Ext::Generator::State.new. by @​sho-h in flori/json#367
• Gemspec: Drop EOL'd property rubyforge_project by @​olleolleolle in flori/json#381
• Backport ruby core changes by @​hsbt in flori/json#388
• Minor cleanup for ruby 2.7 warnings and failures. by @​zenspider in flori/json#389
• relax test-unit version for old ruby by @​hsbt in flori/json#390
• Bump versions for 2.3.0. by @​headius in flori/json#391

New Contributors

• @​zenspider made their first contribution in flori/json#389

Full Changelog: https://github.com/flori/json/compare/v2.2.0...v2.3.0

v2.2.0

What's Changed

• Fixed json_create example to use create_additions = true by @​perlun in flori/json#331
• README: Fixed code examples to start in the left-most column by @​perlun in flori/json#330
• Added missing bigdecimal for its test by @​hsbt in flori/json#335
• README: Added note about json/add/exception by @​perlun in flori/json#332
• fix link in travis widget by @​lostapathy in flori/json#340
• [CI] Test against Ruby 2.5 by @​nicolasleger in flori/json#352
• Removed control characters from gemspec. by @​hsbt in flori/json#360
• Fix typos in README.md by @​yui-knk in flori/json#363
• Backport from Ruby core repository by @​hsbt in flori/json#359
• Fix for bigdecimal updates by @​mrkn in flori/json#362
• Fix a typo. by @​sho-h in flori/json#369
• fix JSON::Generator::State#ascii_only? document same as lib/json/pure/generator.rb. by @​sho-h in flori/json#366

New Contributors

• @​lostapathy made their first contribution in flori/json#340
• @​nicolasleger made their first contribution in flori/json#352
• @​yui-knk made their first contribution in flori/json#363

Full Changelog: https://github.com/flori/json/compare/v2.1.0...v2.2.0

v2.1.0

What's Changed

• README.md typo fix by @​kaworu in flori/json#300
• Correct documentation of OpenStruct.json_create by @​kyanagi in flori/json#301
• No Bignum by @​nobu in flori/json#302
• CHANGES.md: Fixed typo by @​perlun in flori/json#306
• Actually test BigDecimal parsing. by @​xb in flori/json#321
• Back-out change of directory of json-java.gemspec. by @​xb in flori/json#323

New Contributors

• @​kaworu made their first contribution in flori/json#300
• @​kyanagi made their first contribution in flori/json#301

... (truncated)

Changelog

Sourced from json's changelog.

2019-12-11 (2.3.0)

• Fix default of create_additions to always be false for JSON(user_input) and JSON.parse(user_input, nil). Note that JSON.load remains with default true and is meant for internal serialization of trusted data. [CVE-2020-10663]
• Fix passing args all #to_json in json/add/*.
• Fix encoding issues
• Fix issues of keyword vs positional parameter
• Fix JSON::Parser against bigdecimal updates
• Bug fixes to JRuby port

2019-02-21 (2.2.0)

• Adds support for 2.6 BigDecimal and ruby standard library Set datetype.

2017-04-18 (2.1.0)

• Allow passing of decimal_class option to specify a class as which to parse JSON float numbers.

2017-03-23 (2.0.4)

• Raise exception for incomplete unicode surrogates/character escape sequences. This problem was reported by Daniel Gollahon (dgollahon).
• Fix arbitrary heap exposure problem. This problem was reported by Ahmad Sherif (ahmadsherif).

2017-01-12 (2.0.3)

• Set required_ruby_version to 1.9
• Some small fixes

Commits

• 92cf5c4 v2.3.0
• 579ae85 Add some more recent jruby
• acabfeb Make tests green on jruby
• c194360 Update travis config
• 49317c1 Ignore log files
• d84439f Merge pull request #391 from headius/prep_2.3.0
• 38f68d1 Bump versions for 2.3.0.
• 40524a9 Merge pull request #390 from flori/relax-test-unit
• 87379e6 relax test-unit version for old ruby
• 05de02f Merge branch 'zenspider-zenspider/ruby-2.7'
• Additional commits viewable in compare view

Updates addressable from 2.5.0 to 2.8.0

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

• fixes ReDoS vulnerability in Addressable::Template#match
• no longer replaces + with spaces in queries for non-http(s) schemes
• fixed encoding ipv6 literals
• the :compacted flag for normalized_query now dedupes parameters
• fix broken escape_component alias
• dropping support for Ruby 2.0 and 2.1
• adding Ruby 3.0 compatibility for development tasks
• drop support for rack-mount and remove Addressable::Template#generate
• performance improvements
• switch CI/CD to GitHub Actions

Addressable 2.7.0

• added :compacted flag to normalized_query
• heuristic_parse handles mailto: more intuitively
• dropped explicit support for JRuby 9.0.5.0
• compatibility w/ public_suffix 4.x
• performance improvements

Addressable 2.6.0

• added tld= method to allow assignment to the public suffix
• most heuristic_parse patterns are now case-insensitive
• heuristic_parse handles more file:// URI variations
• fixes bug in heuristic_parse when uri starts with digit
• fixes bug in request_uri= with query strings
• fixes template issues with nil and ? operator
• frozen_string_literal pragmas added
• minor performance improvements in regexps
• fixes to eliminate warnings

Addressable 2.5.2

• better support for frozen string literals
• fixed bug w/ uppercase characters in scheme
• IDNA errors w/ emoji URLs
• compatibility w/ public_suffix 3.x

Addressable 2.5.1

• allow unicode normalization to be disabled for URI Template expansion
• removed duplicate test

Commits

• 6469a23 Updating gemspec again
• 2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
• e9c76b8 Merge pull request #378 from ashmaroli/flat-map
• 56c5cf7 Update the gemspec
• c1fed1c Require a non-vulnerable rake
• 0d8a312 Adding note about ReDoS vulnerability
• 89c7613 Merge branch 'template-regexp' into main
• cf8884f Note about alias fix
• bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
• 6d1d809 Adding note about :compacted normalization
• Additional commits viewable in compare view

Updates git from 1.3.0 to 1.13.0

Release notes

Sourced from git's releases.

v1.13.0

Full Changelog

• ca8ff35 Release v1.13.0 (#603)
• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)

Release v1.12.0

Full Changelog

• ea79dad Release v1.12.0
• e58cd29 Support the commit --no-gpg-sign flag (#589)
• 323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (#592)
• 609ab8b Allow the CI build to be run manually using the GitHub interface (#590)
• 4a96679 Fix windows build (#591)
• 6f2b3fd Support the --all option for git fetch (#583)
• 1b13ec1 Workaround to get JRuby build working (#582)
• 5f0adec Update README.md (#580)
• 45b467c Make the directory param to Git.clone optional (#578)
• b92130c Make Git::URL.clone_to handle cloning to bare and mirror repos (#577)
• 13471d7 Add Git::URL #parse and #clone_to methods (#575)
• 0a43d8b Use the head version of yard (#573)

Release v1.11.0

Full Changelog

• 292087e Supress unneeded test output (#570)
• 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
• 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
• c04d16e remove from maintainer (#567)
• 291ca09 Address command line injection in Git::Lib#fetch
• 521b8e7 Release v1.10.2 (#561)

Release v1.10.2

Full Changelog

• 57f941c Release v1.10.2
• c987a74 Add create-release, setup, and console dev scripts (#560)
• 12e3d03 Store tempfile objects to prevent deletion during tests (#555)

Release v1.10.1

Full Changelog

• c7b12af Release v1.10.1
• ea28118 Properly escape double quotes in shell commands on Windows (#552)
• db060fc Properly unescape diff paths (#504)
• ea47044 Add Ruby 3.0 to CI build (#547)

... (truncated)

Changelog

Sourced from git's changelog.

v1.13.0 (2022-12-10)

Full Changelog

• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)

v1.12.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.12.0

v1.11.0

• 292087e Supress unneeded test output (#570)
• 19dfe5e Add support for fetch options "--force/-f" and "--prune-tags/-P". (#563)
• 018d919 Fix bug when grepping lines that contain numbers surrounded by colons (#566)
• c04d16e remove from maintainer (#567)
• 291ca09 Address command line injection in Git::Lib#fetch
• 521b8e7 Release v1.10.2 (#561)

See https://github.com/ruby-git/ruby-git/releases/tag/v1.11.0

v1.10.2

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.2

1.10.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.1

1.10.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.10.0

1.9.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.1

1.9.0

See https://github.com/ruby-git/ruby-git/releases/tag/v1.9.0

1.8.1

See https://github.com/ruby-git/ruby-git/releases/tag/v1.8.1

1.8.0

... (truncated)

Commits

• ca8ff35 Release v1.13.0
• 8349224 Update list of maintainers (#598)
• 4fe8738 In ls-files do not unescape file paths with eval (#602)
• 74b8e11 Add start_point option for checkout command (#597)
• ff6dcf4 Do not assume the default branch is 'master' in tests
• 8279298 Fix exception when Git is autoloaded (#594)
• ea79dad Release v1.12.0
• e58cd29 Support the commit --no-gpg-sign flag (#589)
• 323383b Use yard gem version 0.9.8 or later instead of HEAD from GitHub (#592)
• 609ab8b Allow the CI build to be run manually using the GitHub interface (#590)
• Additional commits viewable in compare view

Updates json from 2.0.2 to 2.3.0

Release notes

Sourced from json's releases.

v2.3.0

What's Changed

• README: Docs at rubydoc.info, not on rubyforge by @​olleolleolle in flori/json#376
• Remove RubyForge homepage reference by @​olleolleolle in flori/json#378
• Add ascii_only option to JSON::Ext::Generator::State.new. by @​sho-h in flori/json#367
• Gemspec: Drop EOL'd property rubyforge_project by @​olleolleolle in flori/json#381
• Backport ruby core changes by @​hsbt in flori/json#388
• Minor cleanup for ruby 2.7 warnings and failures. by @​zenspider in flori/json#389
• relax test-unit version for old ruby by @​hsbt in flori/json#390
• Bump versions for 2.3.0. by @​headius in flori/json#391

New Contributors

• @​zenspider made their first contribution in flori/json#389

Full Changelog: https://github.com/flori/json/compare/v2.2.0...v2.3.0

v2.2.0

What's Changed

• Fixed json_create example to use create_additions = true by @​perlun in flori/json#331
• README: Fixed code examples to start in the left-most column by @​perlun in flori/json#330
• Added missing bigdecimal for its test by @​hsbt in flori/json#335
• README: Added note about json/add/exception by @​perlun in flori/json#332
• fix link in travis widget by @​lostapathy in flori/json#340
• [CI] Test against Ruby 2.5 by @​nicolasleger in flori/json#352
• Removed control characters from gemspec. by @​hsbt in flori/json#360
• Fix typos in README.md by @​yui-knk in flori/json#363
• Backport from Ruby core repository by @​hsbt in flori/json#359
• Fix for bigdecimal updates by @​mrkn in flori/json#362
• Fix a typo. by @​sho-h in flori/json#369
• fix JSON::Generator::State#ascii_only? document same as lib/json/pure/generator.rb. by @​sho-h in flori/json#366

New Contributors

• @​lostapathy made their first contribution in flori/json#340
• @​nicolasleger made their first contribution in flori/json#352
• @​yui-knk made their first contribution in flori/json#363

Full Changelog: https://github.com/flori/json/compare/v2.1.0...v2.2.0

v2.1.0

What's Changed

• README.md typo fix by @​kaworu in flori/json#300
• Correct documentation of OpenStruct.json_create by @​kyanagi in flori/json#301
• No Bignum by @​nobu in flori/json#302
• CHANGES.md: Fixed typo by @​perlun in flori/json#306
• Actually test BigDecimal parsing. by @​xb in flori/json#321
• Back-out change of directory of json-java.gemspec. by @​xb in flori/json#323

New Contributors

• @​kaworu made their first contribution in flori/json#300
• @​kyanagi made their first contribution in flori/json#301

... (truncated)

Changelog

Sourced from json's changelog.

2019-12-11 (2.3.0)

• Fix default of create_additions to always be false for JSON(user_input) and JSON.parse(user_input, nil). Note that JSON.load remains with default true and is meant for internal serialization of trusted data. [CVE-2020-10663]
• Fix passing args all #to_json in json/add/*.
• Fix encoding issues
• Fix issues of keyword vs positional parameter
• Fix JSON::Parser against bigdecimal updates
• Bug fixes to JRuby port

2019-02-21 (2.2.0)

• Adds support for 2.6 BigDecimal and ruby standard library Set datetype.

2017-04-18 (2.1.0)

• Allow passing of decimal_class option to specify a class as which to parse JSON float numbers.

2017-03-23 (2.0.4)

• Raise exception for incomplete unicode surrogates/character escape sequences. This problem was reported by Daniel Gollahon (dgollahon).
• Fix arbitrary heap exposure problem. This problem was reported by Ahmad Sherif (ahmadsherif).

2017-01-12 (2.0.3)

• Set required_ruby_version to 1.9
• Some small fixes

Commits

• 92cf5c4 v2.3.0
• 579ae85 Add some more recent jruby
• acabfeb Make tests green on jruby
• c194360 Update travis config
• 49317c1 Ignore log files
• d84439f Merge pull request #391 from headius/prep_2.3.0
• 38f68d1 Bump versions for 2.3.0.
• 40524a9 Merge pull request #390 from flori/relax-test-unit
• 87379e6 relax test-unit version for old ruby
• 05de02f Merge branch 'zenspider-zenspider/ruby-2.7'
• Additional commits viewable in compare view

Updates addressable from 2.5.0 to 2.8.0

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

• fixes ReDoS vulnerability in Addressable::Template#match
• no longer replaces + with spaces in queries for non-http(s) schemes
• fixed encoding ipv6 literals
• the :compacted flag for normalized_query now dedupes parameters
• fix broken escape_component alias
• dropping support for Ruby 2.0 and 2.1
• adding Ruby 3.0 compatibility for development tasks
• drop support for rack-mount and remove Addressable::Template#generate
• performance improvements
• switch CI/CD to GitHub Actions

Addressable 2.7.0

• added :compacted flag to normalized_query
• heuristic_parse handles mailto: more intuitively
• dropped explicit support for JRuby 9.0.5.0
• compatibility w/ public_suffix 4.x
• performance improvements

Addressable 2.6.0

• added tld= method to allow assignment to the public suffix
• most heuristic_parse patterns are now case-insensitive
• heuristic_parse handles more file:// URI variations
• fixes bug in heuristic_parse when uri starts with digit
• fixes bug in request_uri= with query strings
• fixes template issues with nil and ? operator
• frozen_string_literal pragmas added
• minor performance improvements in regexps
• fixes to eliminate warnings

Addressable 2.5.2

• better support for frozen string literals
• fixed bug w/ uppercase characters in scheme
• IDNA errors w/ emoji URLs
• compatibility w/ public_suffix 3.x

Addressable 2.5.1

• allow unicode normalization to be disabled for URI Template expansion
• removed duplicate test

Commits

• 6469a23 Updating gemspec again
• 2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main
• e9c76b8 Merge pull request #378 from ashmaroli/flat-map
• 56c5cf7 Update the gemspec
• c1fed1c Require a non-vulnerable rake
• 0d8a312 Adding note about ReDoS vulnerability
• 89c7613 Merge branch 'template-regexp' into main
• cf8884f Note about alias fix
• bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry
• 6d1d809 Adding note about :compacted normalization
• Additional commits viewable in compare view

Updates json from 2.0.2 to 2.3.0

Release notes

Sourced from json's releases.

v2.3.0

What's Changed

• README: Docs at rubydoc.info, not on rubyforge by @​olleolleolle in flori/json#376
• Remove RubyForge homepage reference by @​olleolleolle in flori/json#378
• Add ascii_only option to JSON::Ext::Generator::State.new. by @​sho-h in flori/json#367
• Gemspec: Drop EOL'd property rubyforge_project by @​olleolleolle in flori/json#381
• Backport ruby core changes by @​hsbt in flori/json#388
• Minor cleanup for ruby 2.7 warnings and failures. by @​zenspider in flori/json#389
• relax test-unit version for old ruby by @​hsbt in flori/json#390
• Bump versions for 2.3.0. by @​headius in flori/json#391

New Contributors

• @​zenspider made their first contribution in flori/json#389

Full Changelog: https://github.com/flori/json/compare/v2.2.0...v2.3.0

v2.2.0

What's Changed

• Fixed json_create example to use create_additions = true by @​perlun in flori/json#331
• README: Fixed code examples to start in the left-most column by @​perlun in flori/json#330
• Added missing bigdecimal for its test by @​hsbt in flori/json#335
• README: Added note about json/add/exception by @​perlun in flori/json#332
• fix link in travis widget by @​lostapathy in flori/json#340
• [CI] Test against Ruby 2.5 by @​nicolasleger in flori/json#352
• Removed control characters from gemspec. by @​hsbt in flori/json#360
• Fix typos in README.md by @​yui-knk in flori/json#363
• Backport from Ruby core repository by @​hsbt in flori/json#359
• Fix for bigdecimal updates by @​mrkn in flori/json#362
• Fix a typo. by @​sho-h in flori/json#369
• fix JSON::Generator::State#ascii_only? document same as lib/json/pure/generator.rb. by @​sho-h in flori/json#366

New Contributors

• @​lostapathy made their first contribution in flori/json#340
• @​nicolasleger made their first contribution in flori/json#352
• @​yui-knk made their first contribution in flori/json#363

Full Changelog: https://github.com/flori/json/compare/v2.1.0...v2.2.0

v2.1.0

What's Changed

• README.md typo fix by @​kaworu in flori/json#300
• Correct documentation of OpenStruct.json_create by @​kyanagi in flori/json#301
• No Bignum by @​nobu in flori/json#302
• CHANGES.md: Fixed typo by @​perlun in flori/json#306
• Actually test BigDecimal parsing. by @​xb in flori/json#321
• Back-out change of directory of json-java.gemspec. by @​xb in flori/json#323

New Contributors

• @​kaworu made their first contribution in flori/json#300
• @​kyanagi made their first contribution in flori/json#301

... (truncated)

Changelog

Sourced from json's changelog.

2019-12-11 (2.3.0)

• Fix default of create_additions to always be false for JSON(user_input) and JSON.parse(user_input, nil). Note that JSON.load remains with default true and is meant for internal serialization of trusted data. [CVE-2020-10663]
• Fix passing args all #to_json in json/add/*.
• Fix encoding issues
• Fix issues of keyword vs positional parameter
• Fix JSON::Parser against bigdecimal updates
• Bug fixes to JRuby port

2019-02-21 (2.2.0)

• Adds support for 2.6 BigDecimal and ruby standard library Set datetype.

2017-04-18 (2.1.0)

• Allow passing of decimal_class option to specify a class as which to parse JSON float numbers.

2017-03-23 (2.0.4)

• Raise exception for incomplete unicode surrogates/character escape sequences. This problem was reported by Daniel Gollahon (dgollahon).
• Fix arbitrary heap exposure problem. This problem was reported by Ahmad Sherif (ahmadsherif).

2017-01-12 (2.0.3)

• Set required_ruby_version to 1.9
• Some small fixes

Commits

• 92cf5c4 v2.3.0
• 579ae85 Add some more ...

  Description has been truncated

  Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.