Bump the "all" group with 1 updates across multiple ecosystems

[dependabot]

Bumps the all group with 13 updates:

Package	From	To
bootsnap	1.19.0	1.20.1
sorbet-runtime	0.6.12872	0.6.12873
rubocop	1.82.0	1.82.1
rubocop-rails	2.34.2	2.34.3
sorbet	0.6.12872	0.6.12873
sorbet-static-and-runtime	0.6.12872	0.6.12873
action_text-trix	2.1.15	2.1.16
bigdecimal	3.3.1	4.0.1
hashie	5.0.0	5.1.0
minitest	5.27.0	6.0.1
multi_xml	0.7.2	0.8.0
public_suffix	7.0.0	7.0.2
sorbet-static	0.6.12872	0.6.12873

Updates bootsnap from 1.19.0 to 1.20.1

Release notes

Sourced from bootsnap's releases.

v1.20.1

What's Changed

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

Full Changelog: rails/bootsnap@v1.20.0...v1.20.1

v1.20.0

What's Changed

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

Full Changelog: rails/bootsnap@v1.19.0...v1.20.0

Changelog

Sourced from bootsnap's changelog.

1.20.1

• Handle broken symlinks in load path scanning code. Should fix Errno::ENOENT fstatat issues some users have encountered after upgrading to 1.20.0.

1.20.0

• Optimized load path scanning with a C extension. Should be about 2x faster on supported platforms.

Commits

• ba59bb8 Release 1.20.1
• 302b7db Merge pull request #514 from byroot/handle-broken-symlink
• fd1ddc3 Handle broken symlinks in load path
• fac34b8 Release 1.20.0
• 71311d4 Include Bootsnap::VERSION in LoadPathCache version
• f5c43ac Merge pull request #512 from byroot/prune-load-dir
• f94f668 Stop caching directories in LoadPathCache
• e3b5292 Merge pull request #511 from byroot/c-ext-load-path-scan
• e91dd21 Implement PathScanner in C to avoid N+1 stat(2) calls
• c77d5cc Cleanup the c extension
• Additional commits viewable in compare view

Updates sorbet-runtime from 0.6.12872 to 0.6.12873

Release notes

Sourced from sorbet-runtime's releases.

sorbet 0.6.12872.20251223140528-7e7b6af9b

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12872', :group => :development
gem 'sorbet-runtime', '0.6.12872'

Commits

• See full diff in compare view

Updates rubocop from 1.82.0 to 1.82.1

Release notes

Sourced from rubocop's releases.

RuboCop v1.82.1

Bug fixes

• #14736: Fix an error for Style/TrailingCommaInArguments when EnforcedStyleForMultiline is consistent_comma and keyword arguments use a trailing comma. (@​koic)
• #14737: Fix crash in Layout/RedundantLineBreak when Layout/LineLength is disabled. (@​ydakuka)
• #14719: Fix crash on long lines when Layout/LineLength is disabled. (@​floriandejonckheere)
• #14743: Fix false positives for Layout/MultilineMethodCallIndentation when multiline method chain with block has expected indent width and the method is preceded by splat or double splat. (@​koic)
• #12297: Fix false negative in Layout/IndentationWidth for multiline method chain blocks. (@​rscq)
• #14730: Fix the cache implementation to use consistent cache keys across workers. (@​byroot)
• #14559: Fix false positives for Lint/UselessAssignment when a variable is assigned in loop body and used in loop condition. (@​ydakuka)

Changelog

Sourced from rubocop's changelog.

1.82.1 (2025-12-24)

Bug fixes

• #14736: Fix an error for Style/TrailingCommaInArguments when EnforcedStyleForMultiline is consistent_comma and keyword arguments use a trailing comma. ([@​koic][])
• #14737: Fix crash in Layout/RedundantLineBreak when Layout/LineLength is disabled. ([@​ydakuka][])
• #14719: Fix crash on long lines when Layout/LineLength is disabled. ([@​floriandejonckheere][])
• #14743: Fix false positives for Layout/MultilineMethodCallIndentation when multiline method chain with block has expected indent width and the method is preceded by splat or double splat. ([@​koic][])
• #12297: Fix false negative in Layout/IndentationWidth for multiline method chain blocks. ([@​rscq][])
• #14730: Fix the cache implementation to use consistent cache keys across workers. ([@​byroot][])
• #14559: Fix false positives for Lint/UselessAssignment when a variable is assigned in loop body and used in loop condition. ([@​ydakuka][])

Commits

• 5711dcb Cut 1.82.1
• 4918002 Update Changelog
• 0479119 [Fix rubocop#14559] Fix false positives for Lint/UselessAssignment when a v...
• 990121b Optimize cache cleanup routine
• e06d0c1 [Fix #14743] Fix false positives for Layout/MultilineMethodCallIndentation
• a6e4adf Merge pull request #14742 from ydakuka/14737/fix_crash_in_layout_redundant_li...
• 1873836 [Fix rubocop#14737] Fix crash in Layout/RedundantLineBreak when `Layout/Lin...
• bb2fb48 Merge pull request #14738 from koic/fix_an_error_for_style_trailing_comma_in_...
• d08ff2e [Fix #14736] Fix an error for Style/TrailingCommaInArguments
• edca36e Merge pull request #14725 from viralpraxis/fix-layout-line-length-cop-error-i...
• Additional commits viewable in compare view

Updates rubocop-rails from 2.34.2 to 2.34.3

Release notes

Sourced from rubocop-rails's releases.

RuboCop Rails v2.34.3

Bug fixes

• #1473: Fix an error for Rails/SelectMap when select(:column_name).map(&:column_name) with parentheses. (@​koic)
• #1569: Fix an error in Rails/SelectMap when multiple select calls are present before map. (@​koic)

Changelog

Sourced from rubocop-rails's changelog.

2.34.3 (2026-01-03)

Bug fixes

• #1473: Fix an error for Rails/SelectMap when select(:column_name).map(&:column_name) with parentheses. ([@​koic][])
• #1569: Fix an error in Rails/SelectMap when multiple select calls are present before map. ([@​koic][])

Commits

• 31e5404 Cut 2.34.3
• ef1a374 Update Changelog
• ab178ab Bump license years to 2026
• 6415859 Merge pull request #1575 from ydakuka/fix-typos-and-improve-naming-inclusive-...
• 54fcb88 Fix typos and improve Naming/InclusiveLanguage configuration
• 2923a13 CI against Ruby 4.0
• 9447337 Use RuboCop RSpec 3.8.0 for development
• 3e89a64 Reset the docs version
• 4df528f Merge pull request #1573 from koic/fix_an_error_for_rails_select_map
• 15c4c74 Fix an error for Rails/SelectMap
• Additional commits viewable in compare view

Updates sorbet from 0.6.12872 to 0.6.12873

Release notes

Sourced from sorbet's releases.

sorbet 0.6.12872.20251223140528-7e7b6af9b

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12872', :group => :development
gem 'sorbet-runtime', '0.6.12872'

Commits

• See full diff in compare view

Updates sorbet-static-and-runtime from 0.6.12872 to 0.6.12873

Release notes

Sourced from sorbet-static-and-runtime's releases.

sorbet 0.6.12872.20251223140528-7e7b6af9b

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12872', :group => :development
gem 'sorbet-runtime', '0.6.12872'

Commits

• See full diff in compare view

Updates action_text-trix from 2.1.15 to 2.1.16

Release notes

Sourced from action_text-trix's releases.

v2.1.16

Security

• Attachment href attributes are now validated using DOMPurify.isValidAttribute() before rendering as anchor tags. @​flavorjones

Added

• New .editorElements and .editorElement properties have been added to <trix-toolbar> elements for accessing associated <trix-editor> elements. @​seanpdoyle #1127
• <trix-editor> elements can now function without an associated <input type="hidden"> element when using ElementInternals. This is configured by setting willCreateInput = false in the before-trix-initialize event and using the [name] attribute for form submissions. @​seanpdoyle #1128
• Alt text can now be set on attachment preview images via attachment.setAttributes({ alt: "..." }) in trix-attachment-add event handlers. @​seanpdoyle #1198
• Attachment preview URLs can be customized using the new setPreviewURL() and getPreviewURL() methods on ManagedAttachment, accessible from event handlers. @​seanpdoyle #1210
• A new trix-before-render event is dispatched before rendering, with a customizable render property for advanced use cases like morph-style rendering integration. @​seanpdoyle #1252
• When no associated <input> element is present, HTML content within <trix-editor> tags is now safely sanitized and loaded as the initial editor value. @​seanpdoyle #1253

New Contributors

• @​flavorjones made their first contribution in basecamp/trix#1234
• @​MatheusRich made their first contribution in basecamp/trix#1162

Full Changelog: basecamp/trix@v2.1.15...v2.1.16

Commits

• 5c8b688 v2.1.16
• 73c20cf Fix XSS vulnerability in attachment href rendering
• 07a5e47 Make "yarn version" commit changes to the ruby gem, too
• 1771514 Merge pull request #1271 from basecamp/flavorjones/ci-sauce-labs
• 04f803e ci: stabilize Sauce Labs with SC5 tunnel
• 93f5270 Merge pull request #1270 from basecamp/flavorjones/fix-minitest-errors
• 31045c9 action_text-trix: pin minitest to < 6
• 13eebda yarn build
• 696643d Merge pull request #1269 from basecamp/flavorjones/revert-mousedown-click-change
• 42f69dd Revert "Toolbar Button: Handle click instead of mousedown"
• Additional commits viewable in compare view

Updates bigdecimal from 3.3.1 to 4.0.1

Release notes

Sourced from bigdecimal's releases.

v4.0.1

What's Changed

• Exclude dependabot updates from release note by @​hsbt in ruby/bigdecimal#474
• Remove unused variable (and add test for it) by @​tompng in ruby/bigdecimal#475
• Remove "Which version should you select" section by @​tompng in ruby/bigdecimal#476
• Bump version to v4.0.1 by @​tompng in ruby/bigdecimal#477

Full Changelog: ruby/bigdecimal@v4.0.0...v4.0.1

v4.0.0

What's Changed

• Fix x**y, x.power(y, 0) and x.sqrt(0) calculates huge digits if precision limit is huge by @​tompng in ruby/bigdecimal#445
• Implement major math functions by @​tompng in ruby/bigdecimal#336
• Fix fast-path of frac and _decimal_shift affected by BigDecimal.limit by @​tompng in ruby/bigdecimal#447
• Update the latest versions of actions by @​hsbt in ruby/bigdecimal#449
• Add missing bigmath precision test, add missing indent by @​tompng in ruby/bigdecimal#450
• Make BigMath.exp and log also a module_method by @​tompng in ruby/bigdecimal#452
• Fix incorrect exception when exponent is fractional for Infinity base by @​troy-dunamu in ruby/bigdecimal#453
• Bump step-security/harden-runner from 2.13.1 to 2.13.2 by @​dependabot[bot] in ruby/bigdecimal#454
• Don't use assert_separatly if not needed by @​tompng in ruby/bigdecimal#455
• Bump actions/checkout from 5.0.0 to 6.0.0 by @​dependabot[bot] in ruby/bigdecimal#456
• Bump actions/checkout from 5.0.1 to 6.0.0 by @​dependabot[bot] in ruby/bigdecimal#457
• Add missing BigMath test for jruby by @​tompng in ruby/bigdecimal#459
• Change remainder/modulo/divmod test of +0/-0 type tolerant by @​tompng in ruby/bigdecimal#460
• Cast divmod quotient to int by @​mrzasa in ruby/bigdecimal#312
• Bump actions/checkout from 6.0.0 to 6.0.1 by @​dependabot[bot] in ruby/bigdecimal#462
• Bump step-security/harden-runner from 2.13.2 to 2.13.3 by @​dependabot[bot] in ruby/bigdecimal#461
• Implement BigMath.erf(x, prec) and BigMath.erfc(x, prec) by @​tompng in ruby/bigdecimal#357
• Implement BigMath.gamma and BigMath.lgamma by @​tompng in ruby/bigdecimal#451
• Fix typos + improve copy/paste in readme by @​tas50 in ruby/bigdecimal#463
• Fix inaccurate calculation (last digit) and add a workaround for add/sub hang bug by @​tompng in ruby/bigdecimal#465
• Fix lgamma precision around 1 and 2 by @​tompng in ruby/bigdecimal#466
• Fix lgamma precision when gamma(negative_x).abs nearly equals 1 by @​tompng in ruby/bigdecimal#467
• Implement BigMath.frexp and ldexp with exponent of 10 by @​tompng in ruby/bigdecimal#448
• Bump step-security/harden-runner from 2.13.3 to 2.14.0 by @​dependabot[bot] in ruby/bigdecimal#468
• Better rounding of BigMath.atan(nearly_one, prec) by @​tompng in ruby/bigdecimal#469
• Remove deprecated method BigDecimal#precs by @​tompng in ruby/bigdecimal#470
• Deprecate ludcmp, jacobian and newton by @​tompng in ruby/bigdecimal#471
• Bump version to v4.0.0 by @​tompng in ruby/bigdecimal#472

New Contributors

• @​troy-dunamu made their first contribution in ruby/bigdecimal#453
• @​tas50 made their first contribution in ruby/bigdecimal#463

Full Changelog: ruby/bigdecimal@v3.3.1...v4.0.0

Changelog

Sourced from bigdecimal's changelog.

4.0.1

• Fix warning GH-475

  @​tompng

4.0.0

• BigDecimal#divmod return value changed to [Integer, BigDecimal] GH-312

  @​mrzasa

• Remove BigDecimal#precs GH-470

  @​tompng

• BigMath now supports all functions defined in Math module GH-336 GH-357 GH-451 GH-448

  @​tompng

• Fix incorrect exception when exponent is fractional for Infinity base GH-453

  @​troy-dunamu

• Deprecate bigdecimal/jacobian, bigdecimal/ludcmp and bigdecimal/newton GH-471

  @​tompng

Commits

• 6d01c36 Bump version to v4.0.1 (#477)
• 4914cc3 Remove "Which version should you select" section (#476)
• 4120325 Remove unused variable (and add test for it) (#475)
• f0bf63f Merge pull request #474 from ruby/exclude-dependabot-update
• d93ef2b Exclude dependabot updates from release note
• d9914c9 Bump version to v4.0.0 (#472)
• 45d203a Deprecate ludcmp, jacobian and newton (#471)
• 8146336 Remove deprecated method BigDecimal#precs (#470)
• b7e93bf Better rounding of BigMath.atan(nearly_one, prec) (#469)
• cef76eb Merge pull request #468 from ruby/dependabot/github_actions/step-security/har...
• Additional commits viewable in compare view

Updates hashie from 5.0.0 to 5.1.0

Release notes

Sourced from hashie's releases.

v5.1.0

What's Changed

• Include example of Dash's lazy evaluation feature by @​njakobsen in hashie/hashie#557
• Add Ruby 3.1 to CI by @​petergoldstein in hashie/hashie#558
• Run CI on all branches. by @​dblock in hashie/hashie#561
• Add dependabot for GitHub Actions by @​petergoldstein in hashie/hashie#564
• Bump actions/checkout from 2 to 3 by @​dependabot[bot] in hashie/hashie#565
• Fix: Make Danger happy with the CHANGELOG. by @​dblock in hashie/hashie#570
• new integration spec for rails 7 exhibiting failure when executing de… by @​aflansburg in hashie/hashie#569
• Add Ruby 3.2 to the CI matrix by @​petergoldstein in hashie/hashie#571
• Bump actions/checkout from 3 to 4 by @​dependabot[bot] in hashie/hashie#577
• Fix: integration tests in CI. by @​dblock in hashie/hashie#581
• Fix typos by @​kianmeng in hashie/hashie#580
• Add Ruby 3.3 & 3.4 to the CI matrix by @​btalayeminaei in hashie/hashie#582
• Add logger as a runtime dependency by @​Earlopain in hashie/hashie#583
• Requires Ruby 2.7+ and upgraded Rubocop to 1.82.0 by @​sue445 in hashie/hashie#589
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in hashie/hashie#588

New Contributors

• @​njakobsen made their first contribution in hashie/hashie#557
• @​dependabot[bot] made their first contribution in hashie/hashie#565
• @​aflansburg made their first contribution in hashie/hashie#569
• @​kianmeng made their first contribution in hashie/hashie#580
• @​btalayeminaei made their first contribution in hashie/hashie#582
• @​Earlopain made their first contribution in hashie/hashie#583
• @​sue445 made their first contribution in hashie/hashie#589

Full Changelog: hashie/hashie@v5.0.0...v5.1.0

Changelog

Sourced from hashie's changelog.

5.1.0 - 2025-12-24

Added

• #569: Added support for Rails 7 - @​aflansburg.

Changed

• #571: Test with Ruby 3.2 - @​petergoldstein.
• #558: Test with Ruby 3.1 - @​petergoldstein.
• #582: Test with Ruby 3.3 and 3.4 - @​btalayeminaei.
• #589: Requires Ruby 2.7+ and upgraded Rubocop to 1.82.0 - @​sue445.

Fixed

• #583: Fix a warning about the logger gem on Ruby 3.4 - @​earlopain.

Commits

• ce22262 Preparing for release, 5.1.0.
• db14062 Fixup RELEASING.md.
• b0dd1b8 Merge pull request #588 from hashie/dependabot/github_actions/actions/checkout-6
• cb62aa8 Bump actions/checkout from 4 to 6
• 777c7e9 Requires Ruby 2.7+ and upgraded Rubocop to 1.82.0 (#589)
• 6d9ad8c Add logger as a runtime dependency (#583)
• 7351055 Merge pull request #582 from btalayeminaei/test-with-ruby-3.3
• cd3db28 Test with Ruby 3.4
• cd2f2e0 Test with Ruby 3.3
• d07b2a3 Merge pull request #580 from kianmeng/fix-typos
• Additional commits viewable in compare view

Updates minitest from 5.27.0 to 6.0.1

Changelog

Sourced from minitest's changelog.

=== 6.0.1 / 2025-12-26

• 1 minor enhancement:

  • Added new rake task test:fu to Minitest::TestTask, to only run tests with FU (focused units?) in their name. This should mostly obviate the need for the minitest-focus plugin.

• 5 bug fixes:

  • Fixed --help and --version exiting 1. (grosser)
  • Fixed method signature of Minitest::Benchmark.run. (flavorjones)
  • Flush stdout/stderr before exit./bin/minitest -Ilib ./bug1046.rb:1 < /dev/null (grosser)
  • Improved usage banner output by reordering and reformatting.
  • Normalize paths while processing file.rb:line args.

=== 6.0.0 / 2025-12-17

This is a major release. Read this.

Please give feedback here: minitest/minitest#1040

Oh god... here we go... (again)

• 8 deaths in the family(!!):

  • Deleted MiniTest and MiniTest::Unit::TestCase compatibility namespaces.
  • Deleted all use of Marshal for serialization.
  • Deleted maglev? and rubinius? guard methods. LOL.
  • Deleted all minitest/spec expectations from Object. Use _/value/expect.
  • Dropped minitest/mock.rb. This has been extracted to the minitest-mock gem.
  • assert_equal(nil, value) no longer allowed. Use assert_nil to be explicit.
  • Removed assert_send. Use assert_predicate or assert_operator.
  • Removed Minitest::Test#class_name.

• 7 major (oft incompatible) changes:

  • Big: Major refactored MT6's run path!
    • Minitest.__run -> Minitest.run_all_suites
    • Runnable.run -> Runnable.run_suite & Runnable.filter_runnable_methods
    • Runnable.run_one_method -> Runnable.run
    • Removed Minitest.run_one_method (might bring it back to raise?)
  • Removed deprecated ENV["N"] to specify number of parallel tests. Use MT_CPU.
  • Renamed +options[:filter]+ to +options[:include]+, added --include cmdline option.
    • --name is still handled, but that will be removed in the future.
  • Renamed Minitest::Runnable#test_order to #run_order.
  • If #message is passed a proc then that proc overrides all other output.
    • They are no longer chained!
    • And it does less for formatting of your output.
  • Removed reporter arg from with_info_handler as it has never(?) been used. (HACK?)

... (truncated)

Commits

• edd37ce prepped for release
• 248c9e2 - Fixed method signature of Minitest::Benchmark.run. (flavorjones)
• 18bbdb1 - Flush stdout/stderr before exit./bin/minitest -Ilib ./bug1046.rb:1 < /dev/n...
• 50a1b1f - Normalize paths while processing file.rb:line args.
• 372b997 - Fixed --help and --version exiting 1. (grosser)
• c05a898 - Improved usage banner output by reordering and reformatting.
• 692c2e7 + Added new rake task test:fu to Minitest::TestTask, to only run tests with...
• 5bbab5c Fix format of History.rdoc. (y-yagi)
• 2f3d88e prepped for release
• 756f965 Add Hoe's :cov plugin and start to look at gaps
• Additional commits viewable in compare view

Updates multi_xml from 0.7.2 to 0.8.0

Changelog

Sourced from multi_xml's changelog.

0.8.0

• Add per-parse :parser option to MultiXml.parse
• Add SAX parsers for Nokogiri and LibXML
• Fix inconsistent whitespace handling across parsers
• Make parsing errors inspectable with cause and xml accessors
• Drop support for JRuby

Commits

• f1d0703 Bump version to 0.8.0
• e19f336 Add push workflow and update release rake task
• 901bd2e Document Ruby 4 support
• e5d1d8c Refactor
• d6f7415 Remove test skips
• ce8c07c Increase branch coverage to 100%
• ba709fd Fix tests on Windows
• 67fc3a0 Drop support for JRuby
• afa7099 Add type checking with RBS and Steep
• b12a339 More refactoring
• Additional commits viewable in compare view

Updates public_suffix from 7.0.0 to 7.0.2

Changelog

Sourced from public_suffix's changelog.

7.0.2 - 2026-01-04

Changed

• Excluded symlinks and unnecessary files from gem packaging. On Windows symlinks cannot be created without Administrator privileges or with developer mode enabled #496.

7.0.1 - 2026-01-03

Changed

• Updated definitions.

Commits

• 1e010a4 chore: Release 7.0.2
• cdddbbc fix(build): Exclude symlink and unnecessary files
• 698b015 ci: Update rubocop config
• ec471ed Release 7.0.1
• 532084d docs: FIx commit examples
• 6e494dd test: Fix test position
• 4642c1e Update .gitignore
• 24c422c Update .gitignore
• a4971b9 refactor: Split tests with excessive assertions
• 9e86627 docs: reference Common Changelog in RELEASING
• Additional commits viewable in compare view

Updates sorbet-static from 0.6.12872 to 0.6.12873

Release notes

Sourced from sorbet-static's releases.

sorbet 0.6.12872.20251223140528-7e7b6af9b

To use Sorbet add this line to your Gemfile:

gem 'sorbet', '0.6.12872', :group => :development
gem 'sorbet-runtime', '0.6.12872'

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions