Bump the bundler-dependencies group across 1 directory with 8 updates

[dependabot]

Bumps the bundler-dependencies group with 8 updates in the / directory:

Package	From	To
ffi	1.17.2	1.17.3
google-protobuf	4.33.2	4.33.5
json	2.18.0	2.18.1
kramdown	2.5.1	2.5.2
listen	3.9.0	3.10.0
public_suffix	7.0.0	7.0.2
rouge	4.6.1	4.7.0
sass-embedded	1.97.1	1.97.3

Updates ffi from 1.17.2 to 1.17.3

Changelog

Sourced from ffi's changelog.

1.17.3 / 2025-12-29

Fixed:

• Opt-in for MFA requirement explicitly. #1159
• Fix type signature for FFI::AutoPointer#initialize, FFI::StructByReference#native_type and FFI::Struct#auto_ptr . #1158
• Fix function signature of function_call in FFI trampoline. #1154 It failed on aarch64-mingw-ucrt.
• Add workaround for segmentation faults on aarch64-mingw-ucrt. #1154
• Call super in Library#freeze . #1154
• Deny duplication of AutoPointer per #dup and #clone . #1173 They led to double free before.

Added:

• Add binary gems for Ruby-4.0, now providing binary gems for Ruby-3.0 to 4.0.
• Add msys2_mingw_dependencies for Windows Mingw for automatic installation of libffi. #1143
• Mark callback dispatcher thread as fork safe for Puma. #1156
• Add missing FFI::Platform module and LastError signatures. #1169

Removed:

• Drop fat binary gems for Ruby < 3.0
• Remove FFI::TypesGenerator from distributed gems. #1164
• Remove libffi build dir after install, safing some install space. #1157

Commits

• 68f4d3b Bump VERSION to ffi-1.17.3 and add release notes
• 38d298e Update libffi to latest master branch
• 77f9033 Merge pull request #1108 from lloeki/add-steep
• 9cce647 Add ffi.gemspec to Gemfile
• 42b2382 Fix newly introduced rbs signatures for FFI::Platform
• 6e76f7f Add CI check for RBS files
• b1fdbe1 Add Steep to check RBS files
• 6076fab Merge pull request #1173 from ffi/fix-1155
• 195f9e9 Merge pull request #1143 from johnnyshields/patch-2
• 0ff4cb3 Binary gems don't need libffi header+lib files
• Additional commits viewable in compare view

Updates google-protobuf from 4.33.2 to 4.33.5

Commits

• See full diff in compare view

Updates json from 2.18.0 to 2.18.1

Release notes

Sourced from json's releases.

v2.18.1

What's Changed

• Fix a potential crash in very specific circumstance if GC triggers during a call to to_json without first invoking a user defined #to_json method.

Full Changelog: ruby/json@v2.18.0...v2.18.1

Changelog

Sourced from json's changelog.

2026-02-03 (2.18.1)

• Fix a potential crash in very specific circumstance if GC triggers during a call to to_json without first invoking a user defined #to_json method.

Commits

• 6ec6e7b Release 2.18.1
• fff25c9 fbuffer_append_str: assume string
• 79b6e16 Ensure Generator::State is kept on the stack
• 062fcdd Improve class JSON intro
• 1b276c8 Extract json_fast_memcpy16 for readability
• 643ee11 Use __builtin_memcpy, if available, to copy overlapping byte ranges in copy_r...
• 15eb40d Remove trailing spaces [ci skip]
• 73818b8 initialize search.chunk_end to silence a warning about it being potentially u...
• 86a5cce use a conditional to select SIMD implementation rather than pointer
• a51317c Directly write to the output buffer when converting UTF32 to UTF8.
• Additional commits viewable in compare view

Updates kramdown from 2.5.1 to 2.5.2

Commits

• See full diff in compare view

Updates listen from 3.9.0 to 3.10.0

Release notes

Sourced from listen's releases.

v3.10.0

What's Changed

• Rubocop workflow with GitHub actions by @​AlexB52 in guard/listen#573
• Fix the Rubocop offence by @​y-yagi in guard/listen#588
• Add logger gem as a runtime dependency by @​y-yagi in guard/listen#587
• Remove conditions from gem declarations in Gemfile by @​larskanis in guard/listen#584
• CI against Ruby 3.4 by @​y-yagi in guard/listen#590
• Remove link to Travis CI by @​y-yagi in guard/listen#593
• Use Naming/PredicatePrefix instead of deprecated Naming/PredicateName cop by @​y-yagi in guard/listen#592
• Remove unused require by @​y-yagi in guard/listen#594
• Mention the relation with fs.inotify.max_user_watches and the memory allocation by @​y-yagi in guard/listen#595
• CI against Ruby 4.0 by @​y-yagi in guard/listen#596

New Contributors

• @​AlexB52 made their first contribution in guard/listen#573
• @​larskanis made their first contribution in guard/listen#584

Full Changelog: guard/listen@v3.9.0...v3.10.0

Commits

• 2fa1a74 Bump VERSION to 3.10.0
• 7c6d39e Merge pull request #596 from y-yagi/ci_against_ruby40
• 62255c0 CI against Ruby 4.0
• 43cb09c Merge pull request #595 from y-yagi/mention_memory_allocation_about_max_user_...
• 030aff8 Merge pull request #594 from y-yagi/remove_unused_require
• 4317b21 Mention the relation with fs.inotify.max_user_watches and the memory alloc...
• 5883c5e Remove unused require
• cde3720 Merge pull request #592 from y-yagi/fix_rubocop
• 8e93885 Merge pull request #593 from y-yagi/remove_link_to_travis
• 2f07a81 Remove link to Travis CI
• Additional commits viewable in compare view

Updates public_suffix from 7.0.0 to 7.0.2

Changelog

Sourced from public_suffix's changelog.

7.0.2 - 2026-01-04

Changed

• Excluded symlinks and unnecessary files from gem packaging. On Windows symlinks cannot be created without Administrator privileges or with developer mode enabled #496.

7.0.1 - 2026-01-03

Changed

• Updated definitions.

Commits

• 1e010a4 chore: Release 7.0.2
• cdddbbc fix(build): Exclude symlink and unnecessary files
• 698b015 ci: Update rubocop config
• ec471ed Release 7.0.1
• 532084d docs: FIx commit examples
• 6e494dd test: Fix test position
• 4642c1e Update .gitignore
• 24c422c Update .gitignore
• a4971b9 refactor: Split tests with excessive assertions
• 9e86627 docs: reference Common Changelog in RELEASING
• Additional commits viewable in compare view

Updates rouge from 4.6.1 to 4.7.0

Release notes

Sourced from rouge's releases.

v4.7.0

🎉 Happy New Year 2026! 🎉

This release brings significant enhancements to PHP language support with modern syntax features including enums, typed class constants, and asymmetric visibility. We've introduced new lexers for GJS and GTS files used by Ember projects. Language support has been improved with Python 3.14+ template strings, Go underscore support in numbers, and enhanced file detection for COBOL and Terraform files. Thanks to all our contributors for their valuable work on making Rouge more comprehensive!

Changelog

Sourced from rouge's changelog.

version 4.7.0: 2025-12-31

Comparison with the previous version

• General
  • Bump actions/checkout to v5 (#2166 by Tan Le)
• COBOL Lexer
  • feat: add support for highlight .cpy and .cpb files as COBOL (#2186 by simon)
• Gjs and Gts Lexer (NEW)
  • Created lexers for gjs and gts (used by Ember projects) (#2165 by Isaac Lee)
• Go Lexer
  • support underscore in numbers in go (#2167 by Joris Clement)
• PHP Lexer
  • php: Support enum definition (#2171 by nsfisis)
  • php: Support typed class constants (#2174 by nsfisis)
  • php: Support asymmetric visibility (#2173 by nsfisis)
  • php: Support alternative notation of octal number literal (0o prefix) (#2170 by nsfisis)
  • php: Update built-in functions (rake builtins:php) (#2175 by nsfisis)
• Python Lexer
  • Add Python 3.14+ template strings (#2162 by Bart Broere)
• Terraform Lexer
  • Support .tofu for Terraform lexing (#2180 by Asherah Connor)

Commits

• 4e3f698 Release v4.7.0 (#2188)
• 7274caf php: Support enum definition (#2171)
• ae55a7f php: Support typed class constants (#2174)
• c54df8d php: Support asymmetric visibility (#2173)
• 287002c feat: add support for highlight .cpy and .cpb files as COBOL (#2186)
• 3332a9c Support .tofu for Terraform lexing (#2180)
• 6c22459 php: Support alternative notation of octal number literal (0o prefix) (#2170)
• b823ce6 php: Update built-in functions (rake builtins:php) (#2175)
• debef62 Created lexers for gjs and gts (used by Ember projects) (#2165)
• d205f2e support underscore in numbers in go (#2167)
• Additional commits viewable in compare view

Updates sass-embedded from 1.97.1 to 1.97.3

Commits

• 28f7a79 v1.97.3
• 88136c8 Bump sass from 1.97.2 to 1.97.3 in /ext/sass (#367)
• 26f472c Avoid an extra mutex on platforms without fork support
• 3e6a3dd Remove freebsd linuxulator compatibility
• cf7e1e0 Update rubocop-rspec requirement from ~> 3.8.0 to ~> 3.9.0 (#365)
• 08067f3 v1.97.2
• 17b1a66 Bump sass from 1.97.1 to 1.97.2 in /ext/sass (#364)
• 75e77eb Set NoHostAuthenticationForLocalhost=yes for localhost vm
• f47a03e Use azure ubuntu mirror to speed up debootstrap on FreeBSD
• 6030a54 Test ruby 4.0 (#363)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions