Bump the ruby-deps group with 20 updates

[dependabot]

Bumps the ruby-deps group with 20 updates:

Package	From	To
sassc-embedded	1.80.5	1.80.6
aws-sdk-s3	1.202.0	1.205.0
html-proofer	5.0.10	5.1.1
addressable	2.8.7	2.8.8
async	2.34.0	2.35.0
aws-partitions	1.1179.0	1.1189.0
aws-sdk-core	3.236.0	3.239.2
aws-sdk-kms	1.116.0	1.118.0
connection_pool	2.5.4	2.5.5
ethon	0.17.0	0.18.0
google-protobuf	4.33.0	4.33.1
haml	7.0.1	7.0.2
io-event	1.14.0	1.14.2
json	2.15.2	2.16.0
minitest	5.26.0	5.26.2
public_suffix	6.0.2	7.0.0
rack	3.1.18	3.1.19
sass-embedded	1.93.2	1.94.2
uri	1.1.0	1.1.1
webrick	1.9.1	1.9.2

Updates sassc-embedded from 1.80.5 to 1.80.6

Commits

• 2c0b3a4 v1.80.6
• 1cc34db Bump vendor/github.com/sass/sassc-rails from 8d0462d to 205932e (#144)
• 1d14c4f Bump vendor/github.com/rails/sprockets from 4dff018 to 05f6b02 (#143)
• 97b46b4 Update minitest requirement from ~> 5.25.0 to ~> 5.26.0 (#142)
• 5d7cd23 Remove unnecessary freeze
• d2e51c5 Update rubocop requirement from ~> 1.80.0 to ~> 1.81.0 (#141)
• 594632b Update rubocop-performance requirement from ~> 1.25.0 to ~> 1.26.0 (#140)
• 88b62ee Bump actions/attest-build-provenance from 2 to 3 (#139)
• e917d1e Update rubocop requirement from ~> 1.79.0 to ~> 1.80.0 (#138)
• 3adcbc6 Bump actions/checkout from 4 to 5 (#137)
• Additional commits viewable in compare view

Updates aws-sdk-s3 from 1.202.0 to 1.205.0

Changelog

Sourced from aws-sdk-s3's changelog.

1.205.0 (2025-11-20)

• Feature - Enable / Disable ABAC on a general purpose bucket.

1.204.0 (2025-11-19)

• Feature - Adds support for blocking SSE-C writes to general purpose buckets.

1.203.1 (2025-11-10)

• Issue - Deprecated :checksum_mode parameter in FileDownloader#download. When set to "DISABLED", a deprecation warning is issued and the parameter is ignored. Use :response_checksum_validation on the S3 client instead to control checksum validation behavior.

1.203.0 (2025-11-05)

• Feature - Launch IPv6 dual-stack support for S3 Express

Commits

• See full diff in compare view

Updates html-proofer from 5.0.10 to 5.1.1

Release notes

Sourced from html-proofer's releases.

v5.1.1

Full Changelog: gjtorikian/html-proofer@v5.1.0...v5.1.1

v5.1.0

What's Changed

• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in gjtorikian/html-proofer#857
• Add benchmark to Gemfile by @​denisdefreyne in gjtorikian/html-proofer#858
• Remove outdated real-world examples by @​denisdefreyne in gjtorikian/html-proofer#859
• Allow support for multiple directory index files by @​denisdefreyne in gjtorikian/html-proofer#860
• [skip test] Release v5.1.0 by @​github-actions[bot] in gjtorikian/html-proofer#861

New Contributors

• @​denisdefreyne made their first contribution in gjtorikian/html-proofer#858

Full Changelog: gjtorikian/html-proofer@v5.0.10...v5.1.0

Changelog

Sourced from html-proofer's changelog.

[v5.1.1] - 17-11-2025

Full Changelog: gjtorikian/html-proofer@v5.1.0...v5.1.1

[v5.1.0] - 03-11-2025

What's Changed

• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in gjtorikian/html-proofer#857
• Add to Gemfile by @​denisdefreyne in gjtorikian/html-proofer#858
• Remove outdated real-world examples by @​denisdefreyne in gjtorikian/html-proofer#859
• Allow support for multiple directory index files by @​denisdefreyne in gjtorikian/html-proofer#860

New Contributors

• @​denisdefreyne made their first contribution in gjtorikian/html-proofer#858

Full Changelog: gjtorikian/html-proofer@v5.0.10...v5.1.0

Commits

• 6e9c895 Prepare for the next Ruby version
• 9922c83 Merge pull request #861 from gjtorikian/release/v5.1.0
• 619b5b1 [skip test] update changelog
• 8276b1e Merge pull request #860 from denisdefreyne/denis/multiple-index-files
• b6072c4 💎 bump to 5.1.0
• da410a9 lint
• 41b05fd Merge pull request #859 from denisdefreyne/denis/rm-outdated-real-world-examples
• 0a551ea Merge pull request #858 from denisdefreyne/denis/benchmark-gem
• 1be9659 relax
• fda0305 Add support for multiple directory index files
• Additional commits viewable in compare view

Updates addressable from 2.8.7 to 2.8.8

Changelog

Sourced from addressable's changelog.

Addressable 2.8.8

• Replace the unicode.data blob by a ruby constant (#561)
• Allow public_suffix 7 (#558)

#561: sporkmonger/addressable#561 #558: sporkmonger/addressable#558

Commits

• 111af8e Update version, gemspec, and CHANGELOG for 2.8.8
• d923a5e Fix heading levels in README and Changelog
• 88f1472 Bump actions/checkout from 5 to 6 (#560)
• 2252813 Replace the unicode.data blob by a ruby constant (#561)
• af2d3f6 Allow public_suffix v7 (#558)
• aaa53fe CI: restore older rubies for public_suffix jobs
• 49fc474 CI: fix profile:template_match_memory task for Ruby >2.7
• c0f98d5 CI: use latest stable ruby outside the version matrix
• 7cb10aa CI: test with modern JVM Rubies
• dd1adcf CI: less ubuntu-22.04, more ubuntu-24.04
• Additional commits viewable in compare view

Updates async from 2.34.0 to 2.35.0

Changelog

Sourced from async's changelog.

v2.35.0

• Process.fork is now properly handled by the Async fiber scheduler, ensuring that the scheduler state is correctly reset in the child process after a fork. This prevents issues where the child process inherits the scheduler state from the parent, which could lead to unexpected behavior.

Commits

• dc0d27c Bump minor version.
• 10f3695 Modernize code.
• b3764e6 Add support for Process.fork within an active scheduler. (#437)
• ea8b072 fix queues example block end
• 9cbf6ad Remove tea.
• 645ed4c Explicit OpenSSL dependency version.
• 2cb1f53 Fix tests.
• 6d1905b Add link to toolbox.
• a093f3a Fix typo.
• 1688204 Update best practices usage for Barrier.
• See full diff in compare view

Updates aws-partitions from 1.1179.0 to 1.1189.0

Changelog

Sourced from aws-partitions's changelog.

1.1189.0 (2025-12-01)

• Feature - Added support for enumerating regions for Aws::Route53GlobalResolver.

• Feature - Added support for enumerating regions for Aws::PartnerCentralBenefits.

• Feature - Added support for enumerating regions for Aws::PartnerCentralAccount.

1.1188.0 (2025-11-25)

• Feature - Updated the partitions source data the determines the AWS service regions and endpoints.

1.1187.0 (2025-11-21)

• Feature - Added support for enumerating regions for Aws::SageMakerRuntimeHTTP2.

• Feature - Added support for enumerating regions for Aws::ComputeOptimizerAutomation.

1.1186.0 (2025-11-20)

• Feature - Updated the partitions source data the determines the AWS service regions and endpoints.

1.1185.0 (2025-11-19)

• Feature - Added support for enumerating regions for Aws::Signin.

• Feature - Added support for enumerating regions for Aws::PartnerCentralChannel.

1.1184.0 (2025-11-18)

• Feature - Updated the partitions source data the determines the AWS service regions and endpoints.

1.1183.0 (2025-11-17)

• Feature - Added support for enumerating regions for Aws::MWAAServerless.

1.1182.0 (2025-11-14)

• Feature - Updated the partitions source data the determines the AWS service regions and endpoints.

1.1181.0 (2025-11-06)

... (truncated)

Commits

• See full diff in compare view

Updates aws-sdk-core from 3.236.0 to 3.239.2

Changelog

Sourced from aws-sdk-core's changelog.

3.239.2 (2025-11-25)

• Issue - Fix login_credentials in credentials chain when config is enabled.

3.239.1 (2025-11-21)

• Issue - Fixed HTTP/2 connection issues when using custom ports.

3.239.0 (2025-11-20)

• Feature - Updated Aws::Signin::Client with the latest API changes.

• Issue - Fix region configuration for LoginCredential's Signin client.

3.238.0 (2025-11-19)

• Feature - Updated Aws::Signin::Client with the latest API changes.

• Feature - Updated Aws::STS::Client with the latest API changes.

• Feature - IAM now supports outbound identity federation via the STS GetWebIdentityToken API, enabling AWS workloads to securely authenticate with external services using short-lived JSON Web Tokens.

• Feature - Add LoginCredentials which retrieves credentials from AWS Sign-In. Support aws-sdk-signin alias gem.

3.237.0 (2025-11-10)

• Feature - Updated Aws::STS::Client with the latest API changes.

• Feature - Added GetDelegatedAccessToken API, which is not available for general use at this time.

Commits

• See full diff in compare view

Updates aws-sdk-kms from 1.116.0 to 1.118.0

Changelog

Sourced from aws-sdk-kms's changelog.

1.118.0 (2025-11-21)

• Feature - Support for on-demand rotation of AWS KMS Multi-Region keys with imported key material

1.117.0 (2025-11-07)

• Feature - Added support for new ECC_NIST_EDWARDS25519 AWS KMS key spec

Commits

• See full diff in compare view

Updates connection_pool from 2.5.4 to 2.5.5

Changelog

Sourced from connection_pool's changelog.

2.5.5

• Support ConnectionPool::TimedStack#pop(exception: false) #207 to avoid using exceptions as control flow.

Commits

• 35ea6ce prep for release
• e733afb Bump actions/checkout from 5 to 6 (#208)
• 8e77b7a Support pop(exception: false) to avoid exceptions as control flow, fixes #207
• 475f7d4 Adjust ractor testing to avoid needless stdout warnings
• 78def7b doc: explain weird code
• See full diff in compare view

Updates ethon from 0.17.0 to 0.18.0

Changelog

Sourced from ethon's changelog.

0.18.0

Full Changelog

• Fixed verbose mode attempting to print binary SSL data by replacing it with a summary. (Felipe Mesquita, #265)
• Fixed on_headers callbacks being called once per header line instead of once for all headers. (Felipe Mesquita, #264)
• Stabilized test server boot on macOS by fixing IPv6/IPv4 localhost resolution and preventing orphaned processes. (Geremia Taglialatela, #261)
• Added logger to runtime dependencies for Ruby 3.5+ compatibility. (Geremia Taglialatela, #259)
• Opted-in for MFA requirement explicitly by adding rubygems_mfa_required metadata. (Geremia Taglialatela, #257)
• Removed redundant encoding and require_relative checks. (Geremia Taglialatela, #258)

Commits

• d48d24a release v0.18.0
• f3def84 Merge pull request #265 from felipedmesquita/fix-verbose-mode-attempting-to-p...
• 1765b24 replace broken ssl data with a summary inspired by curl cli
• 4a1700c Merge pull request #264 from felipedmesquita/fix-on_headers
• 715d395 keep support for :abort from on_headers by aborting on_body
• 4be2cef can't run user callbacks here, libcurl calls this once per header line
• a7af5c2 mutable reference prevented this test from breaking when it should have
• b5f755d Merge pull request #261 from tagliala/chore/260-allow-specs-to-run-on-mac
• 3d7a9ca Stabilize test server boot on macOS
• 0e80211 Merge pull request #259 from tagliala/feature/242-add-logger
• Additional commits viewable in compare view

Updates google-protobuf from 4.33.0 to 4.33.1

Commits

• See full diff in compare view

Updates haml from 7.0.1 to 7.0.2

Release notes

Sourced from haml's releases.

v7.0.2

What's Changed

• Remove references to Hamlit by @​tagliala in haml/haml#1195
• Replace usages of =~ with .match? where possible by @​tagliala in haml/haml#1196
• Add source code URI to gemspec metadata by @​ybiquitous in haml/haml#1197

New Contributors

• @​ybiquitous made their first contribution in haml/haml#1197

Full Changelog: haml/haml@v7.0.1...v7.0.2

Changelog

Sourced from haml's changelog.

7.0.2

• Replace usages of =~ with .match? where possible haml/haml#1196
• Add source code URI to gemspec metadata haml/haml#1197

Commits

• 9c3e6af Version 7.0.2
• f230d01 Add source code URI to gemspec metadata (#1197)
• c251880 Replace usages of =~ with .match? where possible (#1196)
• 9e429d6 Remove references to Hamlit (#1195)
• See full diff in compare view

Updates io-event from 1.14.0 to 1.14.2

Changelog

Sourced from io-event's changelog.

Releases

Commits

• a3d25c1 Bump patch version.
• 1295e76 Prefer self over poolval.
• 511268f Revert "Update ext/io/event/worker_pool.c"
• 83996c2 Bump patch version.
• 903522e Mark the thread from the worker pool. (#152)
• 44666dc Minor syntax tidy up.
• See full diff in compare view

Updates json from 2.15.2 to 2.16.0

Release notes

Sourced from json's releases.

v2.16.0

What's Changed

• Deprecate JSON::State#[] and JSON::State#[]=. Consider using JSON::Coder instead.
• JSON::Coder now also yields to the block when encountering strings with invalid encoding.
• Fix GeneratorError messages to be UTF-8 encoded.
• Fix memory leak when Exception is raised, or throw is used during JSON generation.
• Optimized floating point number parsing by integrating the ryu algorithm (thanks to Josef Šimánek).
• Optimized numbers parsing using SWAR (thanks to Scott Myron).
• Optimized parsing of pretty printed documents using SWAR (thanks to Scott Myron).

Full Changelog: ruby/json@v2.15.2...v2.16.0

Changelog

Sourced from json's changelog.

2025-11-07 (2.16.0)

• Deprecate JSON::State#[] and JSON::State#[]=. Consider using JSON::Coder instead.
• JSON::Coder now also yields to the block when encountering strings with invalid encoding.
• Fix GeneratorError messages to be UTF-8 encoded.
• Fix memory leak when Exception is raised, or throw is used during JSON generation.
• Optimized floating point number parsing by integrating the ryu algorithm (thanks to Josef Šimánek).
• Optimized numbers parsing using SWAR (thanks to Scott Myron).
• Optimized parsing of pretty printed documents using SWAR (thanks to Scott Myron).

Commits

• 5a12067 Release 2.16.0
• e9fbc89 Deprecate JSON::State#[] and JSON::State#[]=
• 826cb2a Get rid of JSON.deep_const_get (private API)
• fce1c7e Tentative fix for RHEL8 compiler
• a67d1a1 Micro-optimize rstring_cache_fetch
• ddad00b Extract JSON_CPU_LITTLE_ENDIAN_64BITS definition
• 3bc1787 ext/json/ext/json.h: Add missing newline at end of file
• 5915103 Fix duplicate 'inline' declaration specifier
• 043880f parser.c: Always inline json_eat_whitespace
• 21284ea parser.c: use rb_str_to_interned_str over rb_funcall
• Additional commits viewable in compare view

Updates minitest from 5.26.0 to 5.26.2

Changelog

Sourced from minitest's changelog.

=== 5.26.2 / 2025-11-17

• 5 bug fixes:

  • Bumped minimum ruby to 3.1.
  • Alias Spec#name to #inspect for cleaner output in repls.
  • Fix pathing for Hoe::Minitest initialization to be more generic.
  • Fixed refute_in_epsilon to use min of abs values. (wtn)
  • Improved options processing and usage output to be more clear.

=== 5.26.1 / 2025-11-08

The Ocean Shores, Slightly Less Tipsy Edition!

• 3 bug fixes:

  • Add links to API doco in README.
  • Add missing require thread.
  • Bumped ruby version to include 4.0 (trunk). (hsbt) (see also 5.14.2)

Commits

• 25f78c0 prepped for release
• 1284a3f Dropped extra 2.7 compatibility code.
• adfb01d Dropped extra 2.7 compatibility code.
• aa1c3fa - Fix pathing for Hoe::Minitest initialization to be more generic.
• cb3a345 - Bumped minimum ruby to 3.1.
• 1f47bc6 - Fixed refute_in_epsilon to use min of abs values. (wtn)
• a52e727 Fuuuuck I am SO tired of ruby 2.7!
• 33259e4 - Alias Spec#name to #inspect for cleaner output in repls.
• e2bc84c - Improved options processing and usage output to be more clear.
• 15265da prepped for release
• Additional commits viewable in compare view

Updates public_suffix from 6.0.2 to 7.0.0

Changelog

Sourced from public_suffix's changelog.

7.0.0

Changed

• Updated definitions.
• Minimum Ruby version is 3.2

Commits

• af45298 Release 7.0.0
• 93b0101 Create RELEASING.md
• 0b56a7c Cleanup README
• 12fc739 Reorganize README
• 193be1d Minimum Ruby version is 3.2
• 8e8bf6b build(deps): update mocha requirement from ~> 2.7.0 to ~> 2.8.2 (#476)
• f0553bf Updated list from source (#475)
• 34ea4ed Updated list from source (#474)
• 0f5aace Updated list from source (#473)
• a6c373a Updated list from source (#472)
• Additional commits viewable in compare view

Updates rack from 3.1.18 to 3.1.19

Changelog

Sourced from rack's changelog.

[3.1.19] - 2025-11-03

Fixed

• Multipart parser: limit MIME header size check to the unread buffer region to avoid false multipart mime part header too large errors when previously read data accumulates in the scan buffer. (#2392, @​alpaca-tc, @​willnet, @​krororo)

Commits

• b29df31 Bump patch version.
• 72719a8 Allow Multipart head to span read boundary. (#2392)
• See full diff in compare view

Updates sass-embedded from 1.93.2 to 1.94.2

Commits

• 9111d3d v1.94.2
• ac87462 Bump sass from 1.94.1 to 1.94.2 in /ext/sass (#348)
• 809fcae v1.94.1
• 4206381 Bump sass from 1.94.0 to 1.94.1 in /ext/sass (#347)
• e872845 Update rubocop-rspec requirement from ~> 3.7.0 to ~> 3.8.0 (#346)
• a9c0c4e v1.94.0
• 90c3bfb Bump sass from 1.93.3 to 1.94.0 in /ext/sass
• ff934d8 Do not rescue cp
• 28ad9e1 Fix platform ruby installation with rubygems
• 7dddaa0 v1.93.3
• Additional commits viewable in compare view

Updates uri from 1.1.0 to 1.1.1

Release notes

Sourced from uri's releases.

v1.1.1

What's Changed

• Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP by @​osyoyu in ruby/uri#189

New Contributors

• @​osyoyu made their first contribution in ruby/uri#189

Full Changelog: ruby/uri@v1.1.0...v1.1.1

Commits

• f1b05c8 v1.1.1
• 8557e8d Merge pull request #189 from osyoyu/restore-whatwg-email-regexp
• c551d70 Re-allow consecutive, leading and trailing dots in EMAIL_REGEXP
• See full diff in compare view

Updates webrick from 1.9.1 to 1.9.2

Release notes

Sourced from webrick's releases.

v1.9.2

What's Changed

• Remove usage of IO#nread by @​osyoyu in ruby/webrick#181
• Remove assert matching stderr output in test_sni. by @​jackorp in ruby/webrick#158

New Contributors

• @​osyoyu made their first contribution in ruby/webrick#181
• @​jackorp made their first contribution in ruby/webrick#158

Full Changelog: ruby/webrick@v1.9.1...v1.9.2

Commits

• b1684ce v1.9.2
• 8f979b8 Add GitHub release.yml to exclude dependencies label from changelog
• 72744d8 Bump ruby/setup-ruby action from v1.190.0 to v1.268.0
• b0398af Merge pull request #158 from jackorp/fix_test
• 6456725 Merge pull request #180 from ruby/dependabot/github_actions/actions/checkout-6
• b62f8d8 Bump actions/checkout from 5 to 6
• 9a59373 Merge pull request #181 from osyoyu/no-nread
• daf314a Remove usage of IO#nread
• 5584117 Merge pull request #178 from ruby/dependabot/github_actions/step-security/har...
• b761de1 Bump step-security/harden-runner from 2.13.1 to 2.13.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions