Bump the ruby-dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the ruby-dependencies group with 12 updates in the / directory:

Package	From	To
bcrypt	3.1.20	3.1.21
bootsnap	1.19.0	1.20.1
sqlite3	2.8.1	2.9.0
thruster	0.1.16	0.1.17
kamal	2.9.0	2.10.1
brakeman	7.1.1	7.1.2
debug	1.11.0	1.11.1
standard-rails	1.5.0	1.6.0
mocha	2.8.2	3.0.1
aws-sdk-s3	1.206.0	1.209.0
pagy	43.2.0	43.2.2
scout_apm	6.0.0	6.0.2

Updates bcrypt from 3.1.20 to 3.1.21

Release notes

Sourced from bcrypt's releases.

v3.1.21

What's Changed

• Provide a 'Changelog' link on rubygems.org/gems/bcrypt by @​mark-young-atg in bcrypt-ruby/bcrypt-ruby#274
• Support ruby 3.3 and 3.4.0-preview1 by @​m-nakamura145 in bcrypt-ruby/bcrypt-ruby#276
• Mark as ractor-safe by @​mohamedhafez in bcrypt-ruby/bcrypt-ruby#280
• Add == gotcha that can be unintuitive at first by @​federicoaldunate in bcrypt-ruby/bcrypt-ruby#279
• Constant compare by @​tenderlove in bcrypt-ruby/bcrypt-ruby#282
• try to modernize CI by @​tenderlove in bcrypt-ruby/bcrypt-ruby#287
• Try to deal with flaky tests by @​tenderlove in bcrypt-ruby/bcrypt-ruby#288
• Configure trusted publishing by @​tenderlove in bcrypt-ruby/bcrypt-ruby#289
• bump version by @​tenderlove in bcrypt-ruby/bcrypt-ruby#290

New Contributors

• @​mark-young-atg made their first contribution in bcrypt-ruby/bcrypt-ruby#274
• @​m-nakamura145 made their first contribution in bcrypt-ruby/bcrypt-ruby#276
• @​mohamedhafez made their first contribution in bcrypt-ruby/bcrypt-ruby#280
• @​federicoaldunate made their first contribution in bcrypt-ruby/bcrypt-ruby#279

Full Changelog: bcrypt-ruby/bcrypt-ruby@v3.1.20...v3.1.21

Changelog

Sourced from bcrypt's changelog.

3.1.21 Dec 31 2025

• Use constant time comparisons
• Mark as Ractor safe

Commits

• 82e6c4c Merge pull request #290 from tenderlove/bump
• 4b1fc73 add bundler tasks
• 64605fc bump version
• da89a83 Merge pull request #289 from tenderlove/trusted-publishers
• 344ca59 Configure trusted publishing
• ca9cea1 Merge pull request #288 from tenderlove/deal-with-flake
• d94041a Try to deal with flaky tests
• eba09de Merge pull request #287 from tenderlove/modernize-ci
• c156254 Modernize CI
• 27dbab3 Declare development dependencies
• Additional commits viewable in compare view

Updates bootsnap from 1.19.0 to 1.20.1

Release notes

Sourced from bootsnap's releases.

v1.20.1

What's Changed

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

Full Changelog: rails/bootsnap@v1.20.0...v1.20.1

v1.20.0

What's Changed

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

Full Changelog: rails/bootsnap@v1.19.0...v1.20.0

Changelog

Sourced from bootsnap's changelog.

1.20.1

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

1.20.0

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

Commits

• ba59bb8 Release 1.20.1
• 302b7db Merge pull request #514 from byroot/handle-broken-symlink
• fd1ddc3 Handle broken symlinks in load path
• fac34b8 Release 1.20.0
• 71311d4 Include Bootsnap::VERSION in LoadPathCache version
• f5c43ac Merge pull request #512 from byroot/prune-load-dir
• f94f668 Stop caching directories in LoadPathCache
• e3b5292 Merge pull request #511 from byroot/c-ext-load-path-scan
• e91dd21 Implement PathScanner in C to avoid N+1 stat(2) calls
• c77d5cc Cleanup the c extension
• Additional commits viewable in compare view

Updates sqlite3 from 2.8.1 to 2.9.0

Release notes

Sourced from sqlite3's releases.

2.9.0 / 2025-12-27

Ruby

• Introduce native gem packages for Ruby 4.0. @​flavorjones
• Drop support for Ruby 3.1. @​flavorjones

Added

• Introduce Statement#named_params to introspect on a parameterized SQL statement. #627 #642 @​captn3m0

Improved

• Small improvements to docstrings and comments. @​flavorjones @​houyuanjie

cfe1e0216f46d7483839719bf827129151e6c680317b99d7b8fc1597a3e13473  sqlite3-2.9.0-aarch64-linux-gnu.gem
56a35cb2d70779afc2ac191baf2c2148242285ecfed72f9b021218c5c4917913  sqlite3-2.9.0-aarch64-linux-musl.gem
a19a21504b0d7c8c825fbbf37b358ae316b6bd0d0134c619874060b2eef05435  sqlite3-2.9.0-arm-linux-gnu.gem
fca5b26197c70e3363115d3faaea34d7b2ad9c7f5fa8d8312e31b64e7556ee07  sqlite3-2.9.0-arm-linux-musl.gem
a917bd9b84285766ff3300b7d79cd583f5a067594c8c1263e6441618c04a6ed3  sqlite3-2.9.0-arm64-darwin.gem
677333ebf8f496f7ffe89bf1e5f8c5331ffe83249228cb262cd896ce8d383da6  sqlite3-2.9.0-x64-mingw-ucrt.gem
47317ba230f6c2c361981aa5fc1bf9de1b99727317171393ba90abab092c5b5f  sqlite3-2.9.0-x86-linux-gnu.gem
b627f3a2ca59aaaa5e10b8666cdbd7122469b49afa4bd895133cecb7b5c1368d  sqlite3-2.9.0-x86-linux-musl.gem
59fe51baa3cb33c36d27ce78b4ed9360cd33ccca09498c2ae63850c97c0a6026  sqlite3-2.9.0-x86_64-darwin.gem
72fff9bd750070ba3af695511ba5f0e0a2d8a9206f84869640b3e99dfaf3d5a5  sqlite3-2.9.0-x86_64-linux-gnu.gem
ef716ba7a66d7deb1ccc402ac3a6d7343da17fac862793b7f0be3d2917253c90  sqlite3-2.9.0-x86_64-linux-musl.gem
ece9c00b32ec5f550d3a4a35c41ea8d738563589f090b9dfd0d510b7ae5f296c  sqlite3-2.9.0.gem

New Contributors

• @​captn3m0 made their first contribution in sparklemotion/sqlite3-ruby#642
• @​houyuanjie made their first contribution in sparklemotion/sqlite3-ruby#671

Full Changelog: sparklemotion/sqlite3-ruby@v2.8.1...v2.9.0

Changelog

Sourced from sqlite3's changelog.

2.9.0 / 2025-12-27

Ruby

• Introduce native gem packages for Ruby 4.0. @​flavorjones
• Drop support for Ruby 3.1. @​flavorjones

Added

• Introduce Statement#named_params to introspect on a parameterized SQL statement. #627 #642 @​captn3m0

Improved

• Small improvements to docstrings and comments. @​flavorjones @​houyuanjie

Commits

• b9029a6 version bump to v2.9.0
• f26cb7a Merge pull request #673 from sparklemotion/flavorjones/ruby-4-native-support
• d479c81 ci: temporarily pin to setup-ruby with windows ruby 4
• 40cdd3c dep: add native gem support for Ruby 4.0, drop Ruby 3.1 support
• 9789b37 Merge pull request #674 from sparklemotion/flavorjones/ci-arm-runners
• e67a33f ci: macos-13 is no longer available
• 805f3e3 ci: use arm64 runners to speed things up
• 1d701bc Merge pull request #671 from houyuanjie/main
• 58d9a0f Fix the inconsistent names in SQLite3::Statement#memused RDoc call-seq
• 3264d47 dep: Update actions{upload,download}-artifact (#660)
• Additional commits viewable in compare view

Updates thruster from 0.1.16 to 0.1.17

Changelog

Sourced from thruster's changelog.

v0.1.17 / 2025-12-16

• Mitigate BREACH attacks with random jitter and optional compression guard (#102)

Commits

• 97dd28d Bump version
• 5a11890 Merge pull request #107 from basecamp/workflow-fix
• 0f43f3e Restrict workflow permission
• ef864ed Merge pull request #106 from basecamp/update-deps
• 3ea6321 Update Go version & deps
• 704a825 Merge pull request #105 from basecamp/handler-refactor
• 6b05f45 Move compression logic into its own middleware
• b77cccb Refactor middleware naming
• cccdad8 Merge pull request #102 from basecamp/breach
• b1e717d Mitigate BREACH attacks with random jitter and optional compression guard
• Additional commits viewable in compare view

Updates kamal from 2.9.0 to 2.10.1

Release notes

Sourced from kamal's releases.

v2.10.1

What's Changed

• Pass accessory volume through as is by @​djmb in basecamp/kamal#1738

Full Changelog: basecamp/kamal@v2.10.0...v2.10.1

v2.10.0

What's Changed

• Set proxy run configuration in deploy YAML by @​djmb in basecamp/kamal#1663
• Support mount options for files and directories by @​djmb in basecamp/kamal#1723
• Accessory file/directory owners + permissions by @​djmb in basecamp/kamal#1724
• Expand secret environment variables in accessory files by @​aliismayilov in basecamp/kamal#1601
• Add secret support for SSH key_data by @​jclusso in basecamp/kamal#1620
• Handle parentheses in secrets by @​djmb in basecamp/kamal#1726
• Don't shellescape secrets fetch on the command line by @​djmb in basecamp/kamal#1727
• Set KAMAL_DESTINATION only for destinations by @​djmb in basecamp/kamal#1729
• Check roles before removing images and directories by @​djmb in basecamp/kamal#1730
• Boot in parallel for roles on the same host by @​djmb in basecamp/kamal#1731

New Contributors

• @​jclusso made their first contribution in basecamp/kamal#1620

Full Changelog: basecamp/kamal@v2.9.0...v2.10.0

Commits

• 30f8aef Bump version for 2.10.1
• e744e40 Merge pull request #1738 from basecamp/revert-accessory-volume-change
• 849faf3 Pass accessory volume through as is
• f5ec8cb Bump version for 2.10.0
• 910729c Doc fixes for Kamal 2.10
• e40731a Merge pull request #1731 from basecamp/boot-parallel-roles
• 3682280 Boot in parallel for roles on the same host
• 4ca210c Merge pull request #1730 from basecamp/check-roles-before-removing
• f86156b Check roles before removing images and directories
• 40d4d8f Merge pull request #1729 from basecamp/only-set-destination-env-if-there-is-one
• Additional commits viewable in compare view

Updates brakeman from 7.1.1 to 7.1.2

Changelog

Sourced from brakeman's changelog.

7.1.2 - 2025-12-25

• Update ruby_parser to remove version restriction (Chedli Bourguiba)
• Raise minimum required Ruby to 3.2.0
• Use Minitest 6.0
• Reduce SQL injection false positives from count calls
• Ignore more Haml attribute builder methods

Commits

• f7cd522 Bump to 7.1.2
• aea2ec0 Update CHANGES
• 2aaa6e6 Merge pull request #1988 from presidentbeef/ignore_more_haml_builders
• 0924f7b Ignore more Haml builders
• 4411a1a Merge pull request #1987 from chaadow/patch-3
• 0271586 Merge pull request #1986 from willnet/use-3-2-in-readme
• 7065ebe Update ruby_parser to handle ruby 4.0.0+
• b3f67a4 Update required Ruby version in README
• 901a45d Merge pull request #1984 from sampart/patch-1
• 6ad33c4 Merge pull request #1985 from presidentbeef/upgrade_minitest_6_0
• Additional commits viewable in compare view

Updates debug from 1.11.0 to 1.11.1

Release notes

Sourced from debug's releases.

v1.11.1

What's Changed

• command
  • b path: path_pattern is accepted in ruby/debug@1139d78
• fix
  • catch any exception on singletonclass by @​ko1 in ruby/debug#1163
  • use Kernel.__callee__ by @​ko1 in ruby/debug#1164
  • FileUtils is needed by @​ko1 in ruby/debug#1168
• catch up Ruby 4.0
  • Update imemo_mask to match ruby's by @​byroot in ruby/debug#1151
  • backtrace changes ruby/debug@24f95d6
• remote
  • fix(DAP): Return unverified breakpoints instead of unsuccessful response by @​dmlambo in ruby/debug#1161
• misc
  • omit on older version by @​ko1 in ruby/debug#1167

New Contributors

• @​byroot made their first contribution in ruby/debug#1151
• @​dmlambo made their first contribution in ruby/debug#1161

Full Changelog: ruby/debug@v1.11.0...v1.11.1

Commits

• bad4d38 v1.11.1
• 88d762c FileUtils is needed
• 553373a omit on older version
• c1c1c8e use Kernel.__callee__
• 24f95d6 catch up 4.0.0 backtrace change
• bc97d33 add a test for b path: ...
• 1139d78 support b path: path_expr
• 06342cd catch any exception on singletonclass
• 2791573 fix(DAP): Return unverified breakpoints instead of unsuccessful response
• 14c8a54 Update imemo_mask to match ruby's
• See full diff in compare view

Updates standard-rails from 1.5.0 to 1.6.0

Changelog

Sourced from standard-rails's changelog.

[1.6.0]

• Update Rubocop Rails to v2.34

Commits

• 8ab43b5 🥐 v1.6.0
• 2ceb491 Merge pull request #119 from standardrb/dependabot/bundler/rubocop-rails-2.34.2
• 9408826 Configures three new cops
• f6b1854 Merge pull request #121 from standardrb/dependabot/github_actions/ruby/setup-...
• 096d2a7 Bump ruby/setup-ruby from 1.268.0 to 1.269.0
• 0d50d24 Merge pull request #120 from standardrb/dependabot/github_actions/actions/che...
• 836c9ce Bump actions/checkout from 6.0.0 to 6.0.1
• de23389 Merge pull request #122 from standardrb/dependabot/github_actions/step-securi...
• bc0bb45 Bump step-security/harden-runner from 2.13.2 to 2.13.3
• fd2cc95 Update rubocop-rails requirement from ~> 2.33.4 to >= 2.33.4, < 2.35.0
• Additional commits viewable in compare view

Updates mocha from 2.8.2 to 3.0.1

Changelog

Sourced from mocha's changelog.

3.0.1

External changes

• Fix Mocha/RSpec integration by reinstating argument default value for Hooks#mocha_setup (#768 & #769) - thanks to @​mackuba for reporting.

3.0.0

External changes

• Improvements to docs for cardinality-related methods (#700)
• Drop support for Ruby v2.1 (#628 & #695)
• Improve gemspec description (#692 & #696)
• Remove docs for use_test_unit_gem option (eaf03493)
• Correct docs for MOCHA_OPTIONS "debug" value (69ef41c0)
• Use built-in Ruby debug option vs custom module (#714 & #715)
• Enable strict keyword argument matching by default in Ruby >= v3 (#697 & #718)
• Use Ruby v1.9 Hash syntax in Hash#mocha_inspect used in failure messages (#651 & #719)
• Improve #mocha_inspect for empty keyword argument Hash (#588 & #720) - thanks to @​herwinw for reporting
• Improve error if Mockery.teardown called before Mockery.setup (#611, #646 & #721) - thanks to @​riniculous for reporting
• Freeze string literals (#722)
• Allow keyword arguments to match an expectation expecting only positional arguments (#593 & #732) - thanks to @​seandilda for reporting
• Fix compatibility with Ruby 3.5 (#755) - thanks to @​Earlopain
• Add missing quotes to docs for Mocha::ParameterMatchers::Methods#equivalent_uri (#757) - thanks to @​bensherman
• Increment assertion count on never expected invocation (#763 & #764)
• Remove deprecated ParameterMatchers::Base class; include ParameterMatchers::BaseMethods module instead (415ae768)
• Remove deprecated ParameterMatcher methods now available in ParameterMatcher::Methods (8de49979)
• Removed deprecated access to ParameterMatcher classes (6ea9e3f5)

Internal changes

• Add Expectation#thrice (#701) - thanks to @​andrewn617
• Add base64 to Gemfile for Ruby >= v3.3.0 to avoid warning (8c49314c & a76330d6)
• Include custom Gemfiles in Rubocop linting (04063f0d)
• Use ruby:3.4.0-rc1 vs ruby:3.4.0-preview2 in CI in preparation for the Ruby v3.4 release (b2127407)
• Add ostruct to Gemfile for Ruby >= v3.4.0 to avoid warning (2b05e09e)
• Add Ruby v3.4 to CI build matrix (#708)
• Fix Ruby v3.4 warnings in ObjectInspectTest (#709 & #710)
• Rubocop-related improvements (#702 & #705)
• Consistently use development group in Gemfiles (#706 & #716)
• Add missing requires for 'mocha/ruby_version' (7f99db69)
• Convert ParameterMatchers::Base class -> module (#712 & #723)
• Enable ExpectMatchingDefinition option on Naming/FileName cop (#726)
• Remove duplicate DefaultReceiverTest (39d99954)
• Improvements to keyword argument matching tests (#730)
• Improvements to keyword argument matcher unit test (#731)
• Remove support for running tests with Minitest < v5 (#727)
• Remove workaround for JRuby jar-dependencies issue (#737)
• Add benchmark to Gemfile to fix warning (#733 & #740) - thanks to @​nitishr

... (truncated)

Commits

• 99d8784 [skip ci] Update documentation for v3.0.1
• 156d57d Bump version to 3.0.1 & prepare for release
• 7ceec53 Reinstate arg default in Hooks#mocha_setup
• 25130b1 [skip ci] Fix docs for the release process
• cc089be [skip ci] Add release notes for v2.8.2
• 7cd8f85 Backport release notes for v2.8.2
• 16a380b [skip ci] Update documentation for v3.0.0
• b035b36 Bump version to 3.0.0 & prepare for release
• b4310b8 [skip ci] Update documentation for v3.0.0-rc.2
• 31e433a Bump version to 3.0.0-rc.2 & prepare for release
• Additional commits viewable in compare view

Updates aws-sdk-s3 from 1.206.0 to 1.209.0

Changelog

Sourced from aws-sdk-s3's changelog.

1.209.0 (2025-12-23)

• Feature - Add additional validation to Outpost bucket names.

1.208.0 (2025-12-16)

• Feature - Updates to the S3 Encryption Client. The V3 S3 Encryption Client now requires key committing algorithm suites by default.

1.207.0 (2025-12-15)

• Feature - This release adds support for the new optional field 'LifecycleExpirationDate' in S3 Inventory configurations.

Commits

• See full diff in compare view

Updates pagy from 43.2.0 to 43.2.2

Release notes

Sourced from pagy's releases.

Version 43.2.2

Changes in 43.2.2

• Refactor bin/pagy to use the Pagy::CLI class
• Replace optimist with the optparse standard lib
• Simplify apps by using SQLite :memory:

CHANGELOG

Version 43

We needed a leap version to unequivocally signaling that it's not just a major version: it's a complete redesign of the legacy code at all levels, usage and API included.

Why 43? Because it's exactly one step beyond "The answer to the ultimate question of life, the Universe, and everything." 😉

Improvements

This version introduces several enhancements, such as new :countish and :keynav_js paginators and improved automation and configuration processes, reducing setup requirements by 99%. The update also includes a simpler API and new interactive development tools, making it a comprehensive upgrade from previous versions.

• New :countish Paginator
  • Faster than OFFSET and supporting the full UI
• New Keynav Pagination
  • The pagy-exclusive technique using the fastest keysetpagination alongside all frontend helpers.
• New interactive dev-tools
  • New PagyWand to integrate the pagy CSS with your app themes.
  • New Pagy AI available right inside your own app.
• Intelligent automation
  • Configuration requirements reduced by 99%.
  • Simplified JavaScript setup.
  • Automatic I18n loading.
• Simpler API
  • You solely need the pagy method and the @​pagy instance to paginate any collection and use any navigation tag and helper.
  • Methods are autoloaded only if used, and consume no memory otherwise.
  • Methods have narrower scopes and can be overridden without deep knowledge.
• New documentation
  • Very concise, straightforward, and easy to navigate and understand.

Upgrade to 43

See the Upgrade Guide

... (truncated)

Changelog

Sourced from pagy's changelog.

Version 43.2.2

• Refactor bin/pagy to use the Pagy::CLI class
• Replace optimist with the optparse standard lib
• Simplify apps by using SQLite :memory:

Version 43.2.1

• Fix the shallow cloning of root_key params. Close #851.
• Implements support for easy overriding
• Add :current_url alias to :page_url
• Fix limit_tag_js not respecting the passed :client_max_limit option
• Fix data_hash returning keys with nil values, or URLs without page; add :current_url alias to :page_url
• Remove warning when fit_time
• Fix respond_to_missing definition arguments in Search::Arguments

Commits

• 75182a8 Merge branch 'dev'
• b4ae662 Version 43.2.2
• 46601cc Fix script/bump.rb missing to update pagy in Gemfile.lock
• b09c910 Cleanup test
• 95e56cf 💎 Refactor bin/pagy to use the Pagy::CLI class
• c461379 💎 Replace optimist with the optparse standard lib
• e0eec57 💎 Simplify apps by using SQLite :memory:
• 33e1d13 Improve URLs docs
• a6a1da1 Bump actions/cache from 4 to 5 (#852)
• 5492130 Improve docs
• Additional commits viewable in compare view

Updates scout_apm from 6.0.0 to 6.0.2

Changelog

Sourced from scout_apm's changelog.

6.0.2

• Fix endpoint_sample_rate and job_sample_rate to support float values

6.0.1

• Fix capturing of job params for non ActiveJob

Commits

• 5d1f511 bump version to 6.0.2 (#602)
• 45b37fd SampleRateCoercion preserves vil values or empty strings (#601)
• 8234fb5 Use SampleRateCoercion for job/endpoint_sample_rate config values add
• b6b1dcb Indicate breaking change for 1% sampling case (#599)
• 78d14f5 Bump version to 6.0.1 (#598)
• 9fe3360 Capture non active job sidekiq params (#597)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions