chore(deps): bump the ruby group with 4 updates

[dependabot]

Bumps the ruby group with 4 updates: google-protobuf, json, rexml and sass-embedded.

Updates google-protobuf from 4.28.2 to 4.28.3

Commits

• See full diff in compare view

Updates json from 2.7.2 to 2.7.4

Release notes

Sourced from json's releases.

v2.7.4

What's Changed

• Workaround a bug in 3.4.8 and older rubygems/rubygems#6490. This bug would cause some gems with native extension to fail during compilation.
• Workaround different versions of json and json_pure being loaded (not officially supported).
• Make json_pure Ractor compatible.

Full Changelog: ruby/json@v2.7.3...v2.7.4

v2.7.3

What's Changed

• Numerous performance optimizations in JSON.generate and JSON.dump (up to 2 times faster).
• Limit the size of ParserError exception messages, only include up to 32 bytes of the unparseable source.
• Fix json-pure's Object#to_json to accept non state arguments
• Fix multiline comment support in json-pure.
• Fix JSON.parse to no longer mutate the argument encoding when passed an ASCII-8BIT string.
• Fix String#to_json to raise on invalid encoding in json-pure.
• Delete code that was based on CVTUTF.
• Use the pure-Ruby generator on TruffleRuby.
• Fix strict mode in json-pure to not break on Integer.

JSON.dump Performance

JSON.dump is now much faster, and on par or faster than alternative implementations:

== Encoding citm_catalog.json (500298 bytes)
ruby 3.4.0preview2 (2024-10-07 master 32c733f57b) +YJIT +PRISM [arm64-darwin23]
Warming up --------------------------------------
        json (2.7.3)   123.000 i/100ms
                  oj   124.000 i/100ms
Calculating -------------------------------------
        json (2.7.3)      1.312k (± 1.8%) i/s  (761.91 μs/i) -      6.642k in   5.062192s
                  oj      1.278k (± 2.0%) i/s  (782.35 μs/i) -      6.448k in   5.046587s
Comparison:
json (2.7.2):      884.0 i/s
json (2.7.3):     1312.5 i/s - 1.48x  faster
oj:     1278.2 i/s - 1.45x  faster

== Encoding twitter.json (466906 bytes)
ruby 3.4.0preview2 (2024-10-07 master 32c733f57b) +YJIT +PRISM [arm64-darwin23]
Warming up --------------------------------------
        json (2.7.3)   213.000 i/100ms
                  oj   222.000 i/100ms
Calculating -------------------------------------
</tr></table> 

... (truncated)

Changelog

Sourced from json's changelog.

2024-10-25 (2.7.4)

• Workaround a bug in 3.4.8 and older rubygems/rubygems#6490. This bug would cause some gems with native extension to fail during compilation.
• Workaround different versions of json and json_pure being loaded (not officially supported).
• Make json_pure Ractor compatible.

2024-10-24 (2.7.3)

• Numerous performance optimizations in JSON.generate and JSON.dump (up to 2 times faster).
• Limit the size of ParserError exception messages, only include up to 32 bytes of the unparseable source.
• Fix json-pure's Object#to_json to accept non state arguments
• Fix multiline comment support in json-pure.
• Fix JSON.parse to no longer mutate the argument encoding when passed an ASCII-8BIT string.
• Fix String#to_json to raise on invalid encoding in json-pure.
• Delete code that was based on CVTUTF.
• Use the pure-Ruby generator on TruffleRuby.
• Fix strict mode in json-pure to not break on Integer.

Commits

• 9e9b749 Merge pull request #648 from casperisfine/v2.7-rubygems-workaround
• 10981db Update CHANGES
• e285489 json_pure: fix ractor compatibility
• 7fd3531 Workaround being loaded alongside a different json_pure version
• a0cd1de Workaround rubygems $LOAD_PATH bug
• c2cd953 Cleanup test_helper.rb
• 7a3b482 Release 2.7.3
• 2c27755 Merge pull request #637 from nobu/brevity
• 7efa2c3 Use String#+
• c40a330 Use String#b
• Additional commits viewable in compare view

Updates rexml from 3.3.8 to 3.3.9

Release notes

Sourced from rexml's releases.

REXML 3.3.9 - 2024-10-24

Improvements

• Improved performance.
  • GH-210
  • Patch by NAITOH Jun.

Fixes

• Fixed a parse bug for text only invalid XML.

  • GH-215
  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

• NAITOH Jun

Changelog

Sourced from rexml's changelog.

3.3.9 - 2024-10-24 {#version-3-3-9}

Improvements

• Improved performance.
  • GH-210
  • Patch by NAITOH Jun.

Fixes

• Fixed a parse bug for text only invalid XML.

  • GH-215
  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

• NAITOH Jun

Commits

• 38eaa86 Add 3.3.9 entry
• ce59f2e parser: fix a bug that &#0x...; is accepted as a character reference
• a09646d test: fix indent
• cf0fb9c Fix IOSource#readline for @pending_buffer (#215)
• 1d0c362 Optimize IOSource#read_until method (#210)
• 622011f Bump version
• See full diff in compare view

Updates sass-embedded from 1.80.3 to 1.80.4

Commits

• a01fca4 v1.80.4
• d0f666a Bump sass from 1.80.3 to 1.80.4 in /ext/sass (#255)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions