bundle(deps): bump the ruby-deps group across 1 directory with 6 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the ruby-deps group with 6 updates in the / directory:

Package	From	To
benchmark	0.4.0	0.4.1
bigdecimal	3.1.9	3.2.2
csv	3.3.4	3.3.5
drb	2.2.1	2.2.3
faraday-net_http	3.4.0	3.4.1
json	2.12.0	2.12.2

Updates benchmark from 0.4.0 to 0.4.1

Release notes

Sourced from benchmark's releases.

v0.4.1

What's Changed

• Document that default FORMAT includes total time by @​paarthmadan in ruby/benchmark#12

New Contributors

• @​paarthmadan made their first contribution in ruby/benchmark#12

Full Changelog: ruby/benchmark@v0.4.0...v0.4.1

Commits

• 6d878b4 v0.4.1
• b9db5dd Merge pull request #12 from paarthmadan/correct-format-documentation
• d387ff8 Merge pull request #33 from ruby/dependabot/github_actions/step-security/hard...
• 17a729e Bump step-security/harden-runner from 2.11.1 to 2.12.0
• a30b6d4 Merge pull request #32 from ruby/dependabot/github_actions/step-security/hard...
• ab59593 Bump step-security/harden-runner from 2.11.0 to 2.11.1
• f200b9e Merge pull request #31 from ruby/dependabot/github_actions/step-security/hard...
• 08282b7 Bump step-security/harden-runner from 2.10.4 to 2.11.0
• 1511574 Merge pull request #30 from ruby/dependabot/github_actions/step-security/hard...
• ec8b39d Bump step-security/harden-runner from 2.10.3 to 2.10.4
• Additional commits viewable in compare view

Updates bigdecimal from 3.1.9 to 3.2.2

Release notes

Sourced from bigdecimal's releases.

v3.2.2

What's Changed

• Make precision calculation in bigdecimal.div(value, 0) gc-compaction safe by @​tompng in ruby/bigdecimal#339

Full Changelog: ruby/bigdecimal@v3.2.1...v3.2.2

v3.2.1

What's Changed

• Enabled trusted publisher for rubygems.org by @​hsbt in ruby/bigdecimal#333
• Fix division precision limit by @​tompng in ruby/bigdecimal#335

Full Changelog: ruby/bigdecimal@v3.2.0...v3.2.1

v3.2.0

What's Changed

• Fix spec NoMethodError message for .allocator on truffle Ruby by @​mrzasa in ruby/bigdecimal#313
• Remove outdated BigMath.atan document that refers to convergence by @​tompng in ruby/bigdecimal#318
• Add a precision assertion to BigMath test by @​tompng in ruby/bigdecimal#316
• Use Ractor#value as Ractor#take is removed by @​ko1 in ruby/bigdecimal#327
• Indent multiline call-seq comment by @​tompng in ruby/bigdecimal#311
• Integrate BigDecimal_div and BigDecimal_div2 by @​tompng in ruby/bigdecimal#329
• Fix division rounding by @​tompng in ruby/bigdecimal#330

New Contributors

• @​tompng made their first contribution in ruby/bigdecimal#318
• @​ko1 made their first contribution in ruby/bigdecimal#327

Full Changelog: ruby/bigdecimal@v3.1.9...v3.2.0

Changelog

Sourced from bigdecimal's changelog.

3.2.2

• Make precision calculation in bigdecimal.div(value, 0) gc-compaction safe. GH-340

  @​tompng

3.2.1

• Fix division precision limit. GH-335

  @​tompng

3.2.0

• Fix division rounding. GH-330 GH-328

  @​tompng

• Fix exponential precision growth in division. GH-329 GH-220 GH-222 GH-272

  @​tompng

Commits

• 0838cb1 Bump version to 3.2.2
• 9d9c352 Update CHANGES for 3.2.2
• 199ebfd Make precision calculation in bigdecimal.div(value, 0) gc-compaction safe (#339)
• d6faddb Bump version to 3.2.1
• 1cce03c CHANGES: Add v3.2.1 entries
• 64933d4 Merge pull request #335 from tompng/div_with_preclimit_fix
• 5edc779 Apply preclimit in BigDecimal_div2 when specified prec is 0
• e0cb4a6 Enabled trusted publisher for rubygems.org (#333)
• b5611d7 Bump version to 3.2.0
• b295c49 Add dev:version:bump rake task
• Additional commits viewable in compare view

Updates csv from 3.3.4 to 3.3.5

Release notes

Sourced from csv's releases.

csv 3.3.5 - 2025-06-01

Improvements

• docs: Fixed StringScanner document URL.
  • GH-343
  • Patch by Petrik de Heus

Thanks

• Petrik de Heus

Changelog

Sourced from csv's changelog.

3.3.5 - 2025-06-01

Improvements

• docs: Fixed StringScanner document URL.
  • GH-343
  • Patch by Petrik de Heus

Thanks

• Petrik de Heus

Commits

• ecdc355 Add 3.3.5 entry
• 69d9886 Use Ractor#value as Ractor#take is removed (#344)
• be2189b Replace link to ruby-doc.org with docs.ruby-lang.org (#343)
• cfd5fe8 Bump version
• See full diff in compare view

Updates drb from 2.2.1 to 2.2.3

Release notes

Sourced from drb's releases.

dRuby 2.2.3 - 2025-05-21

Improvement

• Added support for "Changelog" link in RubyGems.org page.

  • GH-30
  • Patch by Mark Young

• Dropped ObjectSpace._id2ref dependency because ObjectSpace._id2ref is deprecated. Drb::WeakIdConv is meaningless by this. So it's deprecated. Use the default ID converter instead.

  • GH-35
  • https://bugs.ruby-lang.org/issues/15711

Fixes

• SSL: Fixed wrong certificate version.
  • GH-29

Thanks

• Mark Young

Changelog

Sourced from drb's changelog.

2.2.3 - 2025-05-21

Improvement

• Added support for "Changelog" link in RubyGems.org page.

  • GH-30
  • Patch by Mark Young

• Dropped ObjectSpace._id2ref dependency because ObjectSpace._id2ref is deprecated. Drb::WeakIdConv is meaningless by this. So it's deprecated. Use the default ID converter instead.

  • GH-35
  • https://bugs.ruby-lang.org/issues/15711

Fixes

• SSL: Fixed wrong certificate version.
  • GH-29

Thanks

• Mark Young

Commits

• a4f7444 Bump version
• 3f24a11 Fix building and publishing package
• 9ec64d4 Bump version
• 6f74128 Add 2.2.2 entry
• 6a94342 Use more specific changelog page
• ca80a6c Add support for Trusted Publishing
• 99a2835 Merge InvokeMethod18Mixin into InvokeMethod (#37)
• e827fe7 Add safety comment about x509 cert versioning rule (#34)
• b360d74 Avoid use of id2ref for weak mapping (#35)
• 69c2ef5 Merge pull request #29 from jeremyevans/fix-openssl-cert-version
• Additional commits viewable in compare view

Updates faraday-net_http from 3.4.0 to 3.4.1

Release notes

Sourced from faraday-net_http's releases.

v3.4.1

What's Changed

• Prepare Trusted Publisher by @​djsmentya in lostisland/faraday-net_http#50

New Contributors

• @​djsmentya made their first contribution in lostisland/faraday-net_http#50

Full Changelog: lostisland/faraday-net_http@v3.4.0...v3.4.1

Commits

• d9edcef CI: Fix grammar error in Publish workflow
• 1cae49e CI: Ensure Rake is available in publish action
• d311191 v3.4.1
• 015b2c8 CI: Add Ruby 3.4 to build matrix
• f209945 Use Ruby 3.4.4
• 58ee818 Prepare Trusted Publisher (#50)
• See full diff in compare view

Updates json from 2.12.0 to 2.12.2

Release notes

Sourced from json's releases.

v2.12.2

• Fix compiler optimization level.

Full Changelog: ruby/json@v2.12.1...v2.12.2

v2.12.1

What's Changed

• Fix a potential crash in large negative floating point number generation.
• Fix for JSON.pretty_generate to use passed state object's generate instead of state class as the required parameters aren't available.

Full Changelog: ruby/json@v2.12.0...v2.12.1

Changelog

Sourced from json's changelog.

2025-05-23 (2.12.2)

• Fix compiler optimization level.

2025-05-23 (2.12.1)

• Fix a potential crash in large negative floating point number generation.
• Fix for JSON.pretty_generate to use passed state object's generate instead of state class as the required parameters aren't available.

Commits

• a29cb77 Release 2.12.2
• 8603a57 Release 2.12.1
• 30eacc2 Merge pull request #810 from byroot/fbuffer-bound-checks
• 8109421 fbuffer.c: add debug mode with bound checks.
• d695177 Merge pull request #808 from byroot/reported-segv
• d73ae93 Fix: generate_json_float to reserve enough memory for large negative floats.
• 60e80e1 Merge pull request #806 from GrantBirki/minor-fixes
• 7c03ffc Remove some unnecessary top level constant lookups
• c060943 remove redundant self.
• f5c1b8c use . over :: for consistency
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml