1.2.x: Bump the ruby-deps group across 4 directories with 15 updates

[dependabot]

Bumps the ruby-deps group with 1 update in the / directory: rack.
Bumps the ruby-deps group with 4 updates in the /examples/camping directory: rack, rackup, rexml and rubyzip.
Bumps the ruby-deps group with 10 updates in the /examples/rails7 directory:

Package	From	To
rack	2.2.18	2.2.19
bigdecimal	3.2.3	3.3.0
erb	4.0.4	5.0.3
globalid	1.2.1	1.3.0
marcel	1.0.4	1.1.0
net-imap	0.5.10	0.5.12
nokogiri	1.18.9	1.18.10
pp	0.6.2	0.6.3
rdoc	6.14.2	6.15.0
zeitwerk	2.6.18	2.7.3

Bumps the ruby-deps group with 2 updates in the /examples/sinatra directory: rack and sinatra.

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rackup from 1.0.1 to 2.2.1

Changelog

Sourced from rackup's changelog.

v2.2.1

• Try to require webrick and rackup/handler/webrick by default, for compatibility with code that expects them to be available.

v2.2.0

• Remove old rack shims.
• Remove webrick dependency.

v2.1.0

• Correctly support streaming responses with webrick.

v2.0.0

• Initial release and migration of code from rack.

Commits

• e9814d3 Bump patch version.
• aa0acac Require the webrick handler when webrick is available (#27)
• ee4fe54 Update RubyGems to fix Ruby 2.5 psych compatibility issue. (#28)
• 8d32c96 Backfill releases.md.
• 3301bdc Add Ruby version guard to bake-releases gem.
• 7f6d2aa Bump minor version.
• 76a7320 Move development dependencies to gems.rb.
• 1f3ece0 Update copyrights.
• 20d41c6 Automate release notes.
• 4e72d9d Remove unused rack classes (#10)
• Additional commits viewable in compare view

Updates rack from 2.2.19 to 3.2.2

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates rexml from 3.4.3 to 3.4.4

Release notes

Sourced from rexml's releases.

REXML 3.4.4 - 2025-09-10

Improvement

• Accept REXML::Document.new("") for backward compatibility
  • GH-296
  • GH-295
  • Patch by NAITOH Jun
  • Reported by Joe Rafaniello

Thanks

• NAITOH Jun

• Joe Rafaniello

Changelog

Sourced from rexml's changelog.

3.4.4 - 2025-09-10 {#version-3-4-4}

Improvement

• Accept REXML::Document.new("") for backward compatibility
  • GH-296
  • GH-295
  • Patch by NAITOH Jun
  • Reported by Joe Rafaniello

Thanks

• NAITOH Jun

• Joe Rafaniello

Commits

• 4f32ea3 Add 3.4.4 entry (#297)
• 37cde3f Accept REXML::Document.new("") for backward compatibility (#295)
• 4ffe211 Bump version
• See full diff in compare view

Updates rubyzip from 3.1.0 to 3.1.1

Release notes

Sourced from rubyzip's releases.

v3.1.1

Version 3.1.1

The 3.1.x line adds AES decryption.

⚠️ There are breaking changes in the 3.x series ⚠️

Please see the README and Updating to version 3.x in the wiki for help upgrading from version 2.4.x to version 3.x.

Changelog

Sourced from rubyzip's changelog.

3.1.1 (2025-09-26)

• Improve the IO pipeline when decompressing. #649 (which also fixes #647)

Tooling/internal:

• Improve the DecryptedIo class with various updates and optimizations.
• Remove the NullDecrypter class.
• Properly convert the test suite to use minitest.
• Move all test helper code into separate files.
• Updates to the Actions CI, including new OS versions.
• Update rubocop versions and fix resultant cop failures. #646

Commits

• f87340d Update version number and Changelog for release.
• 813d96d Add a Rubocop badge to the README.
• 61c25b0 Reduce the number of YJIT test runs in CI.
• 69dcb8e Allow Windows CI builds to fail.
• da44b2c Update OS versions in the Actions CI.
• fd78455 Use require_relative when pulling in test_helper.
• 78848c5 Only require test helpers where they are needed.
• e55f7c9 Move all test helper code into separate files.
• 5f1fcb2 Remove unnecessary perms from gentestfiles.rb.
• ceabd03 Remove unnecessary requires from test_helper.rb.
• Additional commits viewable in compare view

Updates rack from 2.2.18 to 2.2.19

Changelog

Sourced from rack's changelog.

[2.2.19] - 2025-10-07

Security

• CVE-2025-61772 Multipart parser buffers unbounded per-part headers, enabling DoS (memory exhaustion)
• CVE-2025-61771 Multipart parser buffers large non‑file fields entirely in memory, enabling DoS (memory exhaustion)
• CVE-2025-61770 Unbounded multipart preamble buffering enables DoS (memory exhaustion)

Commits

• 4c4ea29 Bump patch version.
• c370dcd Limit amount of retained data when parsing multipart requests
• d869fed Fix denial of service vulnerbilties in multipart parsing
• See full diff in compare view

Updates bigdecimal from 3.2.3 to 3.3.0

Release notes

Sourced from bigdecimal's releases.

v3.3.0

What's Changed

• Allow calling Rational#to_d without arguments by @​fsateler in ruby/bigdecimal#421
• Fix test_no_memory_leak failure by @​tompng in ruby/bigdecimal#424
• Change BigMath.sin and cos to always calculate in relative precision. by @​tompng in ruby/bigdecimal#422
• Faster exp calculation by @​tompng in ruby/bigdecimal#399
• Rename assert_relative_precision to assert_converge_in_precision by @​tompng in ruby/bigdecimal#425
• Add support for tangent function by @​rhannequin in ruby/bigdecimal#231
• Make bigdecimal.rb work in JRuby by @​tompng in ruby/bigdecimal#420
• BigMath methods common interface: coerce x, validate prec, check nan error by @​tompng in ruby/bigdecimal#415
• Round result of sqrt and BigMath methods by @​tompng in ruby/bigdecimal#427
• Update example calculation result in BigMath document by @​tompng in ruby/bigdecimal#428
• BigMath.log(0,n)==-Infinity just like Math.log(0) by @​tompng in ruby/bigdecimal#430
• Fix divmod and modulo by infinity to match Float#divmod and Float#modulo by @​tompng in ruby/bigdecimal#429
• Bump step-security/harden-runner from 2.13.0 to 2.13.1 by @​dependabot[bot] in ruby/bigdecimal#431
• Make internal BigMath method a private method by @​tompng in ruby/bigdecimal#432
• Improve performance of x**y when y is a huge value by @​tompng in ruby/bigdecimal#438
• Fix precision of x.power(y, prec) when the result is nearly infinity by @​tompng in ruby/bigdecimal#439
• Bump version to 3.3.0 by @​tompng in ruby/bigdecimal#437

New Contributors

• @​fsateler made their first contribution in ruby/bigdecimal#421

Full Changelog: ruby/bigdecimal@v3.2.3...v3.3.0

Changelog

Sourced from bigdecimal's changelog.

3.3.0

• Allow calling to_d without arguments GH-421

  @​fsateler

• Calculate BigMath.sin and cos in relative precision GH-422

  @​tompng

• Add support for tangent function GH-231

  @​rhannequin

• BigMath methods accepts numeric as an argument GH-415

  @​tompng

• Round result of sqrt and BigMath methods GH-427

  @​tompng

Commits

• 0aa97bb Bump version to 3.3.0 (#437)
• f718178 Fix precision of x.power(y, prec) when the result is nearly infinity (#439)
• a267ca7 Improve performance of x**y when y is a huge value (#438)
• cb2458b Add newline at EOF [ci skip]
• d93b542 Make internal BigMath method a private method (#432)
• f107735 Merge pull request #431 from ruby/dependabot/github_actions/step-security/har...
• 6682fd8 Bump step-security/harden-runner from 2.13.0 to 2.13.1
• 8ca3249 Fix divmod and modulo by infinity to match Float#divmod and Float#modulo (#429)
• 34e60a7 BigMath.log(0,n)==-Infinity just like Math.log(0) (#430)
• 07696bc Update example calculation result in BigMath document (#428)
• Additional commits viewable in compare view

Updates erb from 4.0.4 to 5.0.3

Changelog

Sourced from erb's changelog.

5.0.3

• Update help of erb(1) #85

5.0.2

• Declare escape functions as Ractor-safe #63

5.0.1

• Rescue LoadError when failing to load erb/escape

5.0.0

• Bump required_ruby_version to Ruby 3.2+ #60
• Drop cgi from runtime dependencies #59
• Make ERB::VERSION public

Commits

• ddfc1ba Version 5.0.3
• 1d2a22a sync-ruby.yml: Simplify the workflow name
• 8eb0e30 sync-ruby.yml: Specify the repository for app token
• d8df2e9 sync-ruby.yml: Fix indentation
• b52727f Add a workflow to sync commits to ruby/ruby (#86)
• 51c0922 Remove a trailing space
• 692597b Enhancements (mostly documentation) (#85)
• 1512314 [DOC] Correct two errors
• a082298 [DOC] Doc for #def_method and #def_module
• 4ca7784 [DOC] Doc for ERB#def_class
• Additional commits viewable in compare view

Updates globalid from 1.2.1 to 1.3.0

Release notes

Sourced from globalid's releases.

v1.3.0

What's Changed

• Set required ruby version to 2.7.0 and up by @​risen in rails/globalid#169
• Keep using URI RFC2396 parser by @​voxik in rails/globalid#192
• Make DEFAULT_LOCATOR Configurable by @​heka1024 in rails/globalid#179

New Contributors

• @​risen made their first contribution in rails/globalid#169
• @​biow0lf made their first contribution in rails/globalid#167
• @​duffuniverse made their first contribution in rails/globalid#180
• @​berkos made their first contribution in rails/globalid#170
• @​elia made their first contribution in rails/globalid#195
• @​Earlopain made their first contribution in rails/globalid#188
• @​stevenharman made their first contribution in rails/globalid#173
• @​voxik made their first contribution in rails/globalid#192
• @​m-nakamura145 made their first contribution in rails/globalid#175
• @​heka1024 made their first contribution in rails/globalid#179
• @​tylerwillingham made their first contribution in rails/globalid#200

Full Changelog: rails/globalid@v1.2.1...v1.3.0

Commits

• a101021 Prepare for 1.3.0
• 40b6cd5 Remove deprecation message
• 26cdc63 Fix test
• 446a491 Upgrade development dependencies
• db9b467 Add release workflow
• 497bf21 Merge pull request #200 from tylerwillingham/twilling/locate-arity-warning-fix
• b4b3f49 Resolve deprecation warning around #locate arity for custom locator test
• 8666784 Merge pull request #179 from heka1024/configurable-base-locator
• 460279d Merge pull request #198 from Earlopain/uri-parser-memo
• 42ead60 Move uri parser to constant
• Additional commits viewable in compare view

Updates marcel from 1.0.4 to 1.1.0

Release notes

Sourced from marcel's releases.

v1.1.0

What's Changed

• Identify Sony and Canon raw images as subtypes of image/tiff by @​afcapel in rails/marcel#89
• Fix frozen string literal warning in magic detection by @​FrancescoK in rails/marcel#123
• Update tika definitions to latest version by @​MarcelEeken in rails/marcel#114
• Fix detection of AV1 in WebM as video/webm by @​alexandergitter in rails/marcel#104

New Contributors

• @​afcapel made their first contribution in rails/marcel#89
• @​FrancescoK made their first contribution in rails/marcel#123
• @​MarcelEeken made their first contribution in rails/marcel#114
• @​Mth0158 made their first contribution in rails/marcel#108
• @​mark-young-atg made their first contribution in rails/marcel#105
• @​alexandergitter made their first contribution in rails/marcel#104
• @​rafaelfranca made their first contribution in rails/marcel#126

Full Changelog: rails/marcel@v1.0.4...v1.1.0

Commits

• 3d3c5dc Prepare for version 1.1.0
• 8730c0a Add release workflow
• bf9056b Merge pull request #127 from rails/update-tika
• db67956 Merge pull request #126 from rails/ci
• 85a6e2e Update tika tables
• 4ea7fcd Test with Ruby 3.3 and 3.4
• 7e9dea7 Add devcontainer configuration
• b7cda87 Merge pull request #104 from alexandergitter/fix-av1-webm
• a056565 Merge pull request #105 from mark-young-atg/provide_changelog_link_on_rubygems
• 2b1cc0f Merge pull request #108 from Mth0158/remove-duplicate-method
• Additional commits viewable in compare view

Updates net-imap from 0.5.10 to 0.5.12

Release notes

Sourced from net-imap's releases.

v0.5.12

What's Changed

TruffleRuby is not (yet) "officially supported" but it seems to work (with a few small caveats). Several tests are still marked as pending, but the rest all pass. #528 protects us from merging PRs that break TruffleRuby and (in some cases) JRuby.

Fixed

• 🐛 Fix loading of net/imap for JRuby/TruffleRuby by @​nevans in ruby/net-imap#530

Miscellaneous

• ✅ Test overriding inherited ::Data methods by @​nevans in ruby/net-imap#531
• ✅ Add TruffleRuby to CI by @​nevans in ruby/net-imap#528

Full Changelog: ruby/net-imap@v0.5.11...v0.5.12

v0.5.11

What's Changed

Added

• ✨ Add ESearchResult#to_sequence_set by @​nevans in ruby/net-imap#511
• ✨ Add ESearchResult#each by @​nevans in ruby/net-imap#513
• ✨ Add VanishedData#each, delegated to #uids.each_number by @​nevans in ruby/net-imap#522
• support new Ractor.shareable_proc by @​ko1 in ruby/net-imap#525

Fixed

• 🐛 Fix SearchResult#== for LHS with no modseq by @​nevans in ruby/net-imap#514

Other Changes

• ✨ Allow obj.to_sequence_set => nil in try_convert by @​nevans in ruby/net-imap#512
• ♻️ Allow VanishedData#uids to be SequenceSet.empty by @​nevans in ruby/net-imap#517
• 🥅 Raise ArgumentError for #fetch with partial by @​nevans in ruby/net-imap#521

Documentation

• 📚 Fix rdoc call-seq for uid_expunge by @​nevans in ruby/net-imap#516
• 📚 Add QRESYNC to #enable (docs only) by @​nevans in ruby/net-imap#518

Miscellaneous

• ✅ Organize test files by @​nevans in ruby/net-imap#515
• ✅ Fix flaky tests with FakeServer#Connection#close mutex by @​nevans in ruby/net-imap#520
• Bump step-security/harden-runner from 2.13.0 to 2.13.1 by @​dependabot[bot] in ruby/net-imap#524

New Contributors

• @​ko1 made their first contribution in ruby/net-imap#525

Full Changelog: ruby/net-imap@v0.5.10...v0.5.11

Commits

• bab9dfb 🔖 Bump version to 0.5.12
• 4ec0f83 🔀 Merge pull request #528 from ruby/add-truffleruby-to-ci
• ad5eb96 ✅🚧 Run CI with TruffleRuby (experimental for now)
• 50f83b8 ✅🚧 Mark 2 ConnectionState tests as pending for TruffleRuby
• 6d42c16 ✅🚧 Mark 1 ::Data test as pending for TruffleRuby
• 9b9a89c ✅ Add TruffleRuby/JRuby pend/omit test helpers
• c7a6b43 ✅ Skip simplecov for non-CRuby engines
• cb4a646 ✅ Test overriding inherited ::Data methods
• 8c282c0 🐛 Fix loading of Net::IMAP::Config for JRuby
• b97b414 🔖 Bump version to 0.5.11
• Additional commits viewable in compare view

Updates nokogiri from 1.18.9 to 1.18.10

Release notes

Sourced from nokogiri's releases.

v1.18.10 / 2025-09-15

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.13.9. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.
• [CRuby] [Windows and MacOS] Vendored libiconv is updated to v1.18

7fb87235d729c74a2be635376d82b1d459230cc17c50300f8e4fcaabc6195344  nokogiri-1.18.10-aarch64-linux-gnu.gem
7e74e58314297cc8a8f1b533f7212d1999dbe2639a9ee6d97b483ea2acc18944  nokogiri-1.18.10-aarch64-linux-musl.gem
51f4f25ab5d5ba1012d6b16aad96b840a10b067b93f35af6a55a2c104a7ee322  nokogiri-1.18.10-arm-linux-gnu.gem
1c6ea754e51cecc85c30ee8ab1e6aa4ce6b6e134d01717e9290e79374a9e00aa  nokogiri-1.18.10-arm-linux-musl.gem
c2b0de30770f50b92c9323fa34a4e1cf5a0af322afcacd239cd66ee1c1b22c85  nokogiri-1.18.10-arm64-darwin.gem
cd431a09c45d84a2f870ba0b7e8f571199b3727d530f2b4888a73639f76510b5  nokogiri-1.18.10-java.gem
64f40d4a41af9f7f83a4e236ad0cf8cca621b97e31f727b1bebdae565a653104  nokogiri-1.18.10-x64-mingw-ucrt.gem
536e74bed6db2b5076769cab5e5f5af0cd1dccbbd75f1b3e1fa69d1f5c2d79e2  nokogiri-1.18.10-x86_64-darwin.gem
ff5ba26ba2dbce5c04b9ea200777fd225061d7a3930548806f31db907e500f72  nokogiri-1.18.10-x86_64-linux-gnu.gem
0651fccf8c2ebbc2475c8b1dfd7ccac3a0a6d09f8a41b72db8c21808cb483385  nokogiri-1.18.10-x86_64-linux-musl.gem
d5cc0731008aa3b3a87b361203ea3d19b2069628cb55e46ac7d84a0445e69cc1  nokogiri-1.18.10.gem

Changelog

Sourced from nokogiri's changelog.

v1.18.10 / 2025-09-15

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.13.9. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.
• [CRuby] [Windows and MacOS] Vendored libiconv is updated to v1.18

Commits

• 6803740 version bump to v1.18.10
• 93337de dep: bump vendored libxml2 to v2.13.9 (#3555)
• 15dde17 ci: work around repeated bundler deadlocks
• 9906071 dep: bump vendored libxml2 to v2.13.9
• adf72e3 [v1.18.x] backport libiconv upgrade to v1.18 (#3550)
• 92cab09 dep: update vendored libiconv to 1.18
• f1c5ea8 Use mirror site to download libiconv
• dcd2721 ci: stop testing Ruby 3.1 windows source builds
• cf856e6 ci: fix the aarch64 segfault by using a more modern qemu
• 6d77443 Fix errors building Ruby 3.1 on windows
• Additional commits viewable in compare view

Updates pp from 0.6.2 to 0.6.3

Release notes

Sourced from pp's releases.

v0.6.3

What's Changed

• Bump rubygems/release-gem from 1.1.0 to 1.1.1 by @​dependabot[bot] in ruby/pp#34
• Bump step-security/harden-runner from 2.10.2 to 2.10.3 by @​dependabot[bot] in ruby/pp#35
• Bump step-security/harden-runner from 2.10.3 to 2.10.4 by @​dependabot[bot] in ruby/pp#36
• Bump step-security/harden-runner from 2.10.4 to 2.11.0 by @​dependabot[bot] in ruby/pp#37
• Ensure the thread local state is always set up. by @​ioquatix in ruby/pp#38
• Avoid an array allocation per element in list passed to seplist by @​jeremyevans in ruby/pp#41
• Fix CI with recent Ruby releases by @​hsbt in ruby/pp#45
• Bump step-security/harden-runner from 2.11.0 to 2.12.1 by @​dependabot[bot] in ruby/pp#44
• Bump step-security/harden-runner from 2.12.1 to 2.12.2 by @​dependabot[bot] in ruby/pp#46
• Bump step-security/harden-runner from 2.12.2 to 2.13.0 by @​dependabot[bot] in ruby/pp#47
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in ruby/pp#48
• Bump step-security/harden-runner from 2.13.0 to 2.13.1 by @​dependabot[bot] in ruby/pp#50
• Support new instance_variables_to_inspect method from Ruby core by @​Fryguy in ruby/pp#49
• Add version.rake by @​nobu in ruby/pp#52
• Fix ::Data warning on Ruby 2.7 by @​eregon in ruby/pp#53
• Do not override the methods in set.rb by @​nobu in ruby/pp#55
• Refine Set#pretty_print check by @​nobu in ruby/pp#56
• Update pp for Set to use new inspect format by @​jeremyevans in ruby/pp#43
• Trivial improvements by @​nobu in ruby/pp#59

New Contributors

• @​ioquatix made their first contribution in ruby/pp#38
• @​jeremyevans made their first contribution in ruby/pp#41
• @​Fryguy made their first contribution in ruby/pp#49

Full Changelog: ruby/pp@v0.6.2...v0.6.3

Commits

• c1992ce Bump up to 0.6.3
• fee2d39 Reduce substring creations
• feb417e Suppress warnings in test on Ruby 2.7
• 0e89466 Simplify recursive state handling
• 40b713d Exclude out-of-scope test instead of omitting
• 507eebf Update pp for Set to use new inspect format (#43)
• 24a0d3f Merge pull request #56 from nobu/set-pp
• 6615b62 Refine Set#pretty_print check
• 99064d2 Merge pull request #55 from nobu/set-pp
• 352081d Do not override the methods in set.rb
• Additional commits viewable in compare view

Updates rdoc from 6.14.2 to 6.15.0

Release notes

Sourced from rdoc's releases.

v6.15.0

What's Changed

✨ Enhancements

• Allow rdoc-ref to link to non-text files by @​jeremyevans in ruby/rdoc#1376
• Search automatically on ?q= URL query parameter by @​jhawthorn in ruby/rdoc#1396

🐛 Bug Fixes

• searcher.js: Escape characters when building regexps by @​byroot in ruby/rdoc#1397
• Fix backslash handling in table cell code spans by @​st0012 in ruby/rdoc#1400
• Fix incorrect method linking in tt tags by @​st0012 in ruby/rdoc#1427
• Preserve inline styling inside tidy link labels by @​st0012 in ruby/rdoc#1428

📚 Documentation

• [DOC] Fix link by @​BurdetteLamar in ruby/rdoc#1393
• [DOC] Fix warn_missing_rdoc_ref default value in doc by @​st0012 in ruby/rdoc#1408
• [DOC] Correct levels of headings by @​BurdetteLamar in ruby/rdoc#1412
• [DOC] Tweaks for markup reference intro by @​BurdetteLamar in ruby/rdoc#1411
• [DOC] Re-format section Directives by @​BurdetteLamar in ruby/rdoc#1418
• Migrate README to markdown by @​st0012 in ruby/rdoc#1422

🛠 Other Changes

• Remove "poeple" typo and reword for clarity by @​p8 in ruby/rdoc#1388
• Bump step-security/harden-runner from 2.12.2 to 2.13.0 by @​dependabot[bot] in ruby/rdoc#1392
• Escape unescaped backslash at the end of code by @​nobu in ruby/rdoc#1404
• Bump actions/download-artifact from 4 to 5 by @​dependabot[bot] in ruby/rdoc#1406
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in ruby/rdoc#1407
• Revert "Shorten the description text to get rid of JRuby exception" by @​nobu in ruby/rdoc#1401
• Trim even spaces only in code by @​nobu in ruby/rdoc#1405
• Commit generated files by @​st0012 in ruby/rdoc#1410
• Bump actions/upload-pages-artifact from 3 to 4 by @​dependabot[bot] in ruby/rdoc#1415
• Bump actions/github-script from 7 to 8 by @​dependabot[bot] in ruby/rdoc#1423
• Change error message assertion to make it pass in JRuby by @​tompng in ruby/rdoc#1425
• Bump step-security/harden-runner from 2.13.0 to 2.13.1 by @​dependabot[bot] in ruby/rdoc#1426
• Fix warnings by @​nobu in ruby/rdoc#1409
• Bump version to 6.15.0 by @​st0012 in ruby/rdoc#1429

New Contributors

• @​byroot made their first contribution in ruby/rdoc#1397
• @​jhawthorn made their first contribution in ruby/rdoc#1396

Full Changelog: ruby/rdoc@v6.14.2...v6.15.0

Commits

• c33d173 Bump version to 6.15.0 (#1429)
• 6b6033b Preserve inline styling inside tidy link labels (#1428)
• e0051be Fix incorrect method linking in tt tags (#1427)
• 88db613 Fix warnings (#1409)
• b726485 Bump step-security/harden-runner from 2.13.0 to 2.13.1 (#1426)
• 71d4090 Change error message assertion to make it pass in JRuby (#1425)
• 2308312 Migrate README to markdown (#1422)
• 1e4573b Bump actions/github-script from 7 to 8 (#1423)
• e2dec09 [DOC] Re-format section Directives (#1418)
• f2fefe0 [DOC] Tweaks for markup reference intro (#1411)
• Additional commits viewable in compare view

Updates zeitwerk from 2.6.18 to 2.7.3

Changelog

Sourced from zeitwerk's changelog.

2.7.3 (20 May 2025)

• The helper Zeitwerk::Loader#cpath_expected_at did not work correctly if the inflector had logic that relied on the absolute path of the given file or directory. This has been fixed.

  This bug was found by Codex.

• Perpetual internal work.

2.7.2 (18 February 2025)

• Internal improvements and micro-optimizations.

• Add stable TruffleRuby to CI.

2.7.1 (19 October 2024)

• Micro-optimization in a hot path.

• Raises Zeitwerk::Error if an autoloaded constant expected to represent a namespace does not store a class or module object.

• Adds truffleruby-head to CI, except for autoloading thread-safety (see why in oracle/truffleruby#2431).

2.7.0 (11 October 2024)

• Explicit namespaces can now also be defined using constant assignments.

  While constant assignments like

  # coordinates.rb
  Coordinates = Data.define(:x, :y)

  worked for most objects, they did not for classes and modules that were also namespaces (i.e., those defined by a file and matching subdirectories). In such cases, their child constants could not be autoloaded.

  This limitation has been removed.

• TracePoint is no longer used.

• Requires Ruby 3.2 or later.

  Gems tha...

  Description has been truncated

[chadlwilson]

@dependabot recreate

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.