Bump the ruby-deps group with 10 updates

[dependabot]

Bumps the ruby-deps group with 10 updates:

Package	From	To
aws-sdk-s3	1.220.0	1.224.0
aws-partitions	1.1243.0	1.1255.0
aws-sdk-core	3.246.0	3.250.0
aws-sdk-kms	1.124.0	1.129.0
console	1.34.3	1.35.1
google-protobuf	4.34.1	4.35.0
io-event	1.15.1	1.16.1
json	2.19.4	2.19.7
sass-embedded	1.99.0	1.100.0
zeitwerk	2.7.5	2.8.2

Updates aws-sdk-s3 from 1.220.0 to 1.224.0

Changelog

Sourced from aws-sdk-s3's changelog.

1.224.0 (2026-05-21)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.223.0 (2026-05-19)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.222.0 (2026-05-13)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.221.0 (2026-05-06)

• Feature - Validate outpost access point resource name

Commits

• See full diff in compare view

Updates aws-partitions from 1.1243.0 to 1.1255.0

Changelog

Sourced from aws-partitions's changelog.

1.1255.0 (2026-05-29)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1254.0 (2026-05-28)

• Feature - Added support for enumerating regions for Aws::Resiliencehubv2.

1.1253.0 (2026-05-22)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1252.0 (2026-05-20)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1251.0 (2026-05-19)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1250.0 (2026-05-18)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1249.0 (2026-05-15)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1248.0 (2026-05-14)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1247.0 (2026-05-13)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

1.1246.0 (2026-05-07)

• Feature - Updated the partitions source data that determines the AWS service regions and endpoints.

... (truncated)

Commits

• See full diff in compare view

Updates aws-sdk-core from 3.246.0 to 3.250.0

Changelog

Sourced from aws-sdk-core's changelog.

3.250.0 (2026-05-28)

• Feature - Adding new BDD representation of endpoint ruleset

• Issue - Prevent unbounded recursion in CBOR decoder that could cause process termination on malformed responses.

3.249.0 (2026-05-22)

• Feature - Adding new BDD representation of endpoint ruleset

3.248.0 (2026-05-21)

• Feature - Updated Aws::STS::Client with the latest API changes.

• Feature - Updated Aws::SSOOIDC::Client with the latest API changes.

• Feature - Updated Aws::SSO::Client with the latest API changes.

• Feature - Updated Aws::Signin::Client with the latest API changes.

• Feature - Add AWS_NEW_RETRIES_2026 environment variable to opt-in to updated standard retry mode with reduced backoff intervals.

3.247.0 (2026-05-13)

• Feature - Add YJIT & ZJIT tracking to user agent.

• Issue - Fix error messaging in SSO OIDC.

Commits

• See full diff in compare view

Updates aws-sdk-kms from 1.124.0 to 1.129.0

Changelog

Sourced from aws-sdk-kms's changelog.

1.129.0 (2026-06-01)

• Feature - Adding new BDD representation of endpoint ruleset

1.128.0 (2026-05-21)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.127.0 (2026-05-20)

• Feature - AWS KMS now supports creating grants for AWS service principals using new GranteeServicePrincipal and RetiringServicePrincipal parameters. This release adds SourceArn grant constraint and three condition keys for controlling CreateGrant access. For more information, see Grants in AWS KMS.

1.126.0 (2026-05-19)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

1.125.0 (2026-05-13)

• Feature - Code Generated Changes, see ./build_tools or aws-sdk-core's CHANGELOG.md for details.

Commits

• See full diff in compare view

Updates console from 1.34.3 to 1.35.1

Release notes

Sourced from console's releases.

v1.35.1

No release notes provided.

v1.35.0

• Fix handling of Errno::ENODEV errors when calculating the width of a terminal that was been re-opened to File::NULL.

Changelog

Sourced from console's changelog.

Releases

v1.35.0

• Fix handling of Errno::ENODEV errors when calculating the width of a terminal that was been re-opened to File::NULL.

v1.34.1

• Add process_id to serialized output records for clarity (pid is still included for backwards compatibility).
  • Add object_id to serialized output records only when the subject is not a string or class/module.

v1.34.0

• Allow Console::Compatible::Logger#add to accept **options.

v1.32.0

• Add fiber_id to serialized output records to help identify which fiber logged the message.
• Ractor support appears broken in older Ruby versions, so we now require Ruby 3.4 or later for Ractor compatibility, if you need Ractor support.

v1.31.0

Ractor compatibility.

The console library now works correctly with Ruby's Ractor concurrency model. Previously, attempting to use console logging within Ractors would fail with errors about non-shareable objects. This has been fixed by ensuring the default configuration is properly frozen.

# This now works without errors:
ractor = Ractor.new do
	require "console"
	Console.info("Hello from Ractor!")
	"Ractor completed successfully"
end
result = ractor.take
puts result # => 'Ractor completed successfully'

The fix is minimal and maintains full backward compatibility while enabling safe parallel logging across multiple Ractors.

Symbol log level compatibility.

Previously, returning symbols from custom log_level methods in configuration files would cause runtime errors like "comparison of Integer with :debug failed". This has been fixed to properly convert symbols to their corresponding integer values.

# config/console.rb - This now works correctly:
def log_level(env = ENV)
	:debug  # Automatically converted to Console::Logger::LEVELS[:debug]
end

... (truncated)

Commits

• 2459ec1 Bump patch version.
• e24f192 Fix gem metadata.
• 745ce3b Add missing context files to gemspec.
• 415385d Bump minor version.
• ff01939 Fix handling of Errno::ENODEV when getting terminal size. (#85)
• 757d109 Modernize code.
• 14cf37d Align decimals in elapsed time display. (#84)
• See full diff in compare view

Updates google-protobuf from 4.34.1 to 4.35.0

Commits

• See full diff in compare view

Updates io-event from 1.15.1 to 1.16.1

Release notes

Sourced from io-event's releases.

v1.16.1

• Ensure the pure Ruby Select selector returns false, not nil, when io_wait resumes without any ready events.

v1.16.0

• Use eventfd for URing cross-thread wakeup, and enable IORING_SETUP_SINGLE_ISSUER, IORING_SETUP_DEFER_TASKRUN, and IORING_SETUP_TASKRUN_FLAG. The waking thread now signals via eventfd rather than submitting a NOP SQE, which unlocks the single-issuer optimisation, defers task work to the application thread, and lets select() skip the io_uring_get_events() syscall when no task work is pending.
• Add support for the io_close fiber-scheduler hook (Ruby 4.0+). The URing selector performs the close asynchronously via the ring; the Debug::Selector and TestScheduler wrappers forward to the underlying selector when supported.
• Improve WorkerPool GC compaction support and add proper write barriers, fixing potential use-after-free under compacting GC.
• Keep blocked scheduler fibers alive during GC by registering them as roots in TestScheduler#block, preventing premature collection and the resulting use-after-free crash on resume.
• Use Ruby's xmalloc / xcalloc / xrealloc2 / xfree for all internal selector allocations (the per-fiber ready-queue entries in IO_Event_Selector_ready_push, and both the backing array and per-element allocations in IO_Event_Array). Previously a raw malloc paired with a debug-build-only assert(...) would silently dereference NULL and crash in release builds under memory pressure; the Ruby allocators trigger a GC sweep on pressure and raise NoMemoryError / RangeError on real failure, so the -1 return-code paths through IO_Event_Array_initialize / _resize / _lookup and their callers in epoll.c / kqueue.c / uring.c are removed in favour of straight exception propagation.
• Correctly handle short io_uring_submit() results in the URing selector. io_uring_submit() returns the number of SQEs actually accepted by the kernel and can be short (SQE prep errors, ENOMEM, transient EAGAIN); the old accounting reset pending = 0 on any success and silently lost track of unsubmitted SQEs.
• Enable IORING_SETUP_SUBMIT_ALL (kernel 5.18+) on the URing selector so the kernel keeps processing the rest of an SQE batch past individual errors, reducing the frequency of short submits in practice.

Changelog

Sourced from io-event's changelog.

v1.16.1

• Ensure the pure Ruby Select selector returns false, not nil, when io_wait resumes without any ready events.

v1.16.0

• Use eventfd for URing cross-thread wakeup, and enable IORING_SETUP_SINGLE_ISSUER, IORING_SETUP_DEFER_TASKRUN, and IORING_SETUP_TASKRUN_FLAG. The waking thread now signals via eventfd rather than submitting a NOP SQE, which unlocks the single-issuer optimisation, defers task work to the application thread, and lets select() skip the io_uring_get_events() syscall when no task work is pending.
• Add support for the io_close fiber-scheduler hook (Ruby 4.0+). The URing selector performs the close asynchronously via the ring; the Debug::Selector and TestScheduler wrappers forward to the underlying selector when supported.
• Improve WorkerPool GC compaction support and add proper write barriers, fixing potential use-after-free under compacting GC.
• Keep blocked scheduler fibers alive during GC by registering them as roots in TestScheduler#block, preventing premature collection and the resulting use-after-free crash on resume.
• Use Ruby's xmalloc / xcalloc / xrealloc2 / xfree for all internal selector allocations (the per-fiber ready-queue entries in IO_Event_Selector_ready_push, and both the backing array and per-element allocations in IO_Event_Array). Previously a raw malloc paired with a debug-build-only assert(...) would silently dereference NULL and crash in release builds under memory pressure; the Ruby allocators trigger a GC sweep on pressure and raise NoMemoryError / RangeError on real failure, so the -1 return-code paths through IO_Event_Array_initialize / _resize / _lookup and their callers in epoll.c / kqueue.c / uring.c are removed in favour of straight exception propagation.
• Correctly handle short io_uring_submit() results in the URing selector. io_uring_submit() returns the number of SQEs actually accepted by the kernel and can be short (SQE prep errors, ENOMEM, transient EAGAIN); the old accounting reset pending = 0 on any success and silently lost track of unsubmitted SQEs.
• Enable IORING_SETUP_SUBMIT_ALL (kernel 5.18+) on the URing selector so the kernel keeps processing the rest of an SQE batch past individual errors, reducing the frequency of short submits in practice.

Commits

• 4c84e3a Bump patch version.
• a9ad1ce Clean up selector test sockets.
• 60629c0 Fix pure Ruby selector io_wait nil return.
• 725193e Use io_uring_sq_ready to count pending SQEs
• d59a55a Bump minor version.
• 309643d Modernize code.
• 3b6c2a8 Use Ruby's x* allocators uniformly for internal selector allocations.
• a0c57a1 Try setting up io_uring with IORING_SETUP_SUBMIT_ALL
• 955ceca Handle short io_uring submissions
• e1303a4 Backfill release notes for v1.15.1 and add Unreleased section.
• Additional commits viewable in compare view

Updates json from 2.19.4 to 2.19.7

Release notes

Sourced from json's releases.

v2.19.7

What's Changed

• Fix some more edge cases with out of range floats.
• Ensure the string provided to JSON.parse can't be mutated during parsing.
• Add missing write barriers in State#dup.
• Further validate generator depth config.

Full Changelog: ruby/json@v2.19.6...v2.19.7

v2.19.6

What's Changed

• Cleanly handle overly large depth generator argument.
• Add missing write barrier in ParserConfig.

Full Changelog: ruby/json@v2.19.5...v2.19.6

v2.19.5

What's Changed

• Cap the parser to emit a maximum of 5 deprecation warnings per document. Emitting more is not helpful.

Full Changelog: ruby/json@v2.19.4...v2.19.5

Changelog

Sourced from json's changelog.

2026-05-28 (2.19.7)

• Fix some more edge cases with out of range floats.
• Ensure the string provided to JSON.parse can't be mutated during parsing.
• Add missing write barriers in State#dup.
• Further validate generator depth config.

2026-05-28 (2.19.6)

• Cleanly handle overly large depth generator argument.
• Add missing write barrier in ParserConfig.

2026-05-04 (2.19.5)

• Cap the parser to emit a maximum of 5 deprecation warnings per document. Emitting more is not helpful.

Commits

• ab6c8f2 Release 2.19.7
• f033b9d Fix some more edge cases with out of range floats
• 5ca8a67 parser.c: Ensure the user provided string can't be mutated
• dba1d88 generator.c: trigger write barriers in cState_init_copy
• e8800cb Further validate generator depth config
• 1e276eb Release 2.19.6
• 9696622 Add ruby-asan to CI
• d644602 generator.c: Handle stupidly large depth
• ab6972d Add missing write barrier in ParserConfig
• 4a1a4a4 Release 2.19.5
• Additional commits viewable in compare view

Updates sass-embedded from 1.99.0 to 1.100.0

Commits

• d058434 v1.100.0
• f024b68 Bump sass from 1.99.0 to 1.100.0 in /ext/sass (#380)
• f150393 Bump rubygems/configure-rubygems-credentials from 1.0.0 to 2.0.0 (#379)
• 81b513c Update build.yml
• 8733909 Test install from git (#378)
• 9f5a4ff Fix LOAD_PATH when installing from git source
• 7366154 Fix rake dependency
• 05f5f6e Add Rakefile task aliases
• cc6362d Refactor Rakefile (#377)
• See full diff in compare view

Updates zeitwerk from 2.7.5 to 2.8.2

Changelog

Sourced from zeitwerk's changelog.

2.8.2 (23 May 2026)

• on_load and on_unload accept constant paths with leading colons. For example:

  loader.on_load('::User') { ... }

• on_load and on_unload validate that their input is a constant path. For example:

  loader.on_load(':User') { ... }

  raises NameError.

2.8.1 (19 May 2026)

• Replace anonymous block parameters with regular named ones.

  Ruby 3.3.0 has a bug: it does not parse anonymous block parameters, which were introduced in Ruby 3.1.

  While this is a Ruby bug and people could upgrade to 3.3.1, I prefer users just do not hit this. At the end of the day, it is cosmetic.

2.8.0 (18 May 2026)

• Adds support for namespace files, nsfiles for short.

  If a loader has an nsfile configured (nil by default):

  loader.nsfile = 'ns.rb' # must be set before setup

  explicit namespaces can be defined by such special file inside their directories:

  my_component/ns.rb     # MyComponent
  my_component/widget.rb # MyComponent::Widget
  

  This may be handy for self-contained units for which a my_component.rb file in the parent directory would feel unnatural.

  If an nsfile is set, you can still define explicit namespaces as always. Both styles can coexist in the project. However, it is an error condition to try to define the same namespace using both conventions.

... (truncated)

Commits

• 76f0790 Ready for 2.8.2
• 14cff5e Refactor cpath validation for TruffleRuby
• 8c26393 on_load and on_unload validate their input is a constant path
• ea55f02 Add a constant path validator
• 80e925b Let on_load/on_unload use a sentinel for 0 args
• 2a25bce Add RuboCop to CI
• 198fe83 Linting
• 27b9a58 Merge pull request #335 from Shopify/on_load_qualifier
• 14e4143 Ready for 2.8.1
• 94d607d Remove anonymous blocks
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions