Skip to content

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 3, 2024

Bumps json from 2.7.2 to 2.9.0.

Release notes

Sourced from json's releases.

v2.9.0

What's Changed

  • Fix C implementation of script_safe escaping to not confuse some other 3 wide characters with \u2028 and \u2029. e.g. JSON.generate(["倩", "瀨"], script_safe: true) would generate the wrong JSON.
  • JSON.dump(object, some_io) now write into the IO in chunks while previously it would buffer the entire JSON before writing.
  • JSON::GeneratorError now has a #invalid_object attribute, making it easier to understand why an object tree cannot be serialized.
  • Numerous improvements to the JRuby extension.

Full Changelog: ruby/json@v2.8.2...v2.9.0

v2.8.2

What's Changed

  • JSON.load_file: explictly load the file as UTF-8

Full Changelog: ruby/json@v2.8.1...v2.8.2

v2.8.1

  • Fix the java version of the package to include the extension implementation. Only concerns JRuby.

Full Changelog: ruby/json@v2.8.0...v2.8.1

v2.8.0

What's Changed

  • Emit a deprecation warning when JSON.load create custom types without the create_additions option being explictly enabled.
    • Prefer to use JSON.unsafe_load(string) or JSON.load(string, create_additions: true).
  • Emit a deprecation warning when serializing valid UTF-8 strings encoded in ASCII_8BIT aka BINARY.
  • Bump required Ruby version to 2.7.
  • Add support for optionally parsing trailing commas, via allow_trailing_comma: true, which in cunjunction with the pre-existing support for comments, make it suitable to parse jsonc documents.
  • Many performance improvements to JSON.parse and JSON.load, up to 1.7x faster on real world documents.
  • Some minor performance improvements to JSON.dump and JSON.generate.
  • JSON.pretty_generate no longer include newline inside empty object and arrays.

Parsing performance

Parsing performance is improved by 50-70% on realistic benchmarks, and even more on micro-benchmarks: https://gist.github.com/casperisfine/cf4b3a0594fae24b7d0eb93daaf3841a

== Parsing activitypub.json (58160 bytes)
ruby 3.4.0dev (2024-11-06T07:59:09Z precompute-hash-wh.. 7943f98a8a) +YJIT +PRISM [arm64-darwin24]
Warming up --------------------------------------
          json 2.7.2   638.000 i/100ms
                  oj   798.000 i/100ms
          Oj::Parser   948.000 i/100ms
           rapidjson   631.000 i/100ms
Calculating -------------------------------------
</tr></table> 

... (truncated)

Changelog

Sourced from json's changelog.

Changes

2024-11-14 (2.8.2)

  • JSON.load_file explictly read the file as UTF-8.

2024-11-06 (2.8.1)

  • Fix the java packages to include the extension.

2024-11-06 (2.8.0)

  • Emit a deprecation warning when JSON.load create custom types without the create_additions option being explictly enabled.
    • Prefer to use JSON.unsafe_load(string) or JSON.load(string, create_additions: true).
  • Emit a deprecation warning when serializing valid UTF-8 strings encoded in ASCII_8BIT aka BINARY.
  • Bump required Ruby version to 2.7.
  • Add support for optionally parsing trailing commas, via allow_trailing_comma: true, which in cunjunction with the pre-existing support for comments, make it suitable to parse jsonc documents.
  • Many performance improvements to JSON.parse and JSON.load, up to 1.7x faster on real world documents.
  • Some minor performance improvements to JSON.dump and JSON.generate.
  • JSON.pretty_generate no longer include newline inside empty object and arrays.

2024-11-04 (2.7.6)

  • Fix a regression in JSON.generate when dealing with Hash keys that are string subclasses, call to_json on them.

2024-10-25 (2.7.5)

  • Fix a memory leak when #to_json methods raise an exception.
  • Gracefully handle formatting configs being set to nil instead of "".
  • Workaround another issue caused by conflicting versions of both json_pure and json being loaded.

2024-10-25 (2.7.4)

  • Workaround a bug in 3.4.8 and older rubygems/rubygems#6490. This bug would cause some gems with native extension to fail during compilation.
  • Workaround different versions of json and json_pure being loaded (not officially supported).
  • Make json_pure Ractor compatible.

2024-10-24 (2.7.3)

  • Numerous performance optimizations in JSON.generate and JSON.dump (up to 2 times faster).
  • Limit the size of ParserError exception messages, only include up to 32 bytes of the unparseable source.
  • Fix json-pure's Object#to_json to accept non state arguments
  • Fix multiline comment support in json-pure.
  • Fix JSON.parse to no longer mutate the argument encoding when passed an ASCII-8BIT string.
  • Fix String#to_json to raise on invalid encoding in json-pure.
  • Delete code that was based on CVTUTF.
  • Use the pure-Ruby generator on TruffleRuby.
  • Fix strict mode in json-pure to not break on Integer.
Commits
  • 20b501a Merge pull request #716 from byroot/fix-script-safe-kanji
  • 93a7f87 Fix generate(script_safe: true) to not confuse unrelated characters
  • d0c38f2 Add missing entry in changelog
  • 686dcb1 Merge pull request #713 from mame/prevent-printf-format-warning
  • b8c1490 Prevent a warning of "a candidate for gnu_printf format attribute"
  • dbd5042 Merge pull request #712 from byroot/generation-error
  • 03d7414 JSON::GeneratorError expose invalid object
  • 55015fa Merge pull request #708 from headius/jruby_optz
  • ee6bd85 Merge pull request #709 from byroot/stop-mark-locations
  • e10d0bf Stop using rb_gc_mark_locations
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [json](https://github.com/ruby/json) from 2.7.2 to 2.9.0.
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v2.7.2...v2.9.0)

---
updated-dependencies:
- dependency-name: json
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Dec 3, 2024
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 19, 2024

Superseded by #652.

@dependabot dependabot bot closed this Dec 19, 2024
@dependabot dependabot bot deleted the dependabot/bundler/json-2.9.0 branch December 19, 2024 10:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
Archived in project
Development

Successfully merging this pull request may close these issues.

0 participants