[🐛 Bug]: Ruby - Undocumented restriction on `json` library to `<= 2.13.2` in gemspec

[tagliala]

Description

Hello,

The latest released version of selenium-webdriver for Ruby now restricts the json gem to <= 2.13.2. This causes an unintended downgrade of the json library by Dependabot. Since json is a production dependency, this behavior is problematic.

Notably, the 4.36.0 changelog does not mention this restriction. The change was introduced in commit 6d115cfd877e1ba381c647fd08ba6450ae256624, but as this is a merge commit, it’s unclear why the restriction was added. The commit message mentions:

Rolling back json upgrade

However, there’s no explanation for the rollback or whether there’s a specific issue with newer versions of json.

Could you clarify the reason for limiting json to <= 2.13.2? If there are known compatibility issues, could you please document them or reference the relevant issue?

Thank you!

Reproducible Code

1. Go to https://github.com/SeleniumHQ/selenium/blob/trunk/rb/CHANGES
2. Expect to see a mention to `json` being restricted in the changelog

[selenium-ci]

@tagliala, thank you for creating this issue. We will troubleshoot it as soon as we can.

Selenium Triage Team: remember to follow the Triage Guide

[etiennebarrie]

The issue in json (2.14.0-java) should be fixed in 2.15.0.

Since json is a production dependency, this behavior is problematic.

Agreed. For this specific situation I think a runtime check would have been preferable than a version requirement, since it only impacts JRuby, and other users of selenium-webdriver would be fine using json 2.14.0.

[tagliala]

Got it, thanks for the response and for the prompt fix