chore(deps): bump the ruby-deps group across 1 directory with 7 updates

[dependabot]

Bumps the ruby-deps group with 7 updates in the / directory:

Package	From	To
pundit	2.5.1	2.5.2
icalendar	2.11.2	2.12.0
commonmarker	2.3.2	2.4.0
faraday	2.13.4	2.14.0
turbo-rails	2.0.16	2.0.17
rubocop	1.80.2	1.81.1
rubocop-rails	2.33.3	2.33.4

Updates pundit from 2.5.1 to 2.5.2

Changelog

Sourced from pundit's changelog.

2.5.2 (2025-09-24)

Fixed

• Added config/rubocop-rspec.yml back from accidentally being excluded #866

Commits

• 2d665d6 Merge pull request #867 from varvet/kbs/release-v2.5.2
• 7ff48a8 Bump to v2.5.2
• 674abac Merge pull request #866 from varvet/kbs/add-rubocop-back
• 923eebf Point changelog to PR
• 4766850 Add rubocop config file back to gem release files
• See full diff in compare view

Updates icalendar from 2.11.2 to 2.12.0

Changelog

Sourced from icalendar's changelog.

2.12.0 - 2025-09-26

• Support timezone lookup by Windows names - Ronak Gothi

Commits

• 57eda75 Bump version to 2.12.0
• a73e0bf Merge pull request #314 from ronakjain90/support-windows-tzid
• 4513646 make WindowsToIana be of higher precedence.
• b5ba2e2 Support tzid in Windows format.
• See full diff in compare view

Updates commonmarker from 2.3.2 to 2.4.0

Release notes

Sourced from commonmarker's releases.

v2.4.0

What's Changed

• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in gjtorikian/commonmarker#387
• Bump magnus from 0.7.1 to 0.8.0 by @​dependabot[bot] in gjtorikian/commonmarker#388
• Bump magnus from 0.8.0 to 0.8.1 by @​dependabot[bot] in gjtorikian/commonmarker#389
• Bump comrak from 0.41.0 to 0.41.1 by @​dependabot[bot] in gjtorikian/commonmarker#391
• Update dependencies + release new minor by @​gjtorikian in gjtorikian/commonmarker#392
• [skip test] Release v2.4.0 by @​github-actions[bot] in gjtorikian/commonmarker#393

Full Changelog: gjtorikian/commonmarker@v2.3.2...v2.4.0

Changelog

Sourced from commonmarker's changelog.

[v2.4.0] - 15-09-2025

What's Changed

• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in gjtorikian/commonmarker#387
• Bump magnus from 0.7.1 to 0.8.0 by @​dependabot[bot] in gjtorikian/commonmarker#388
• Bump magnus from 0.8.0 to 0.8.1 by @​dependabot[bot] in gjtorikian/commonmarker#389
• Bump comrak from 0.41.0 to 0.41.1 by @​dependabot[bot] in gjtorikian/commonmarker#391
• Update dependencies + release new minor by @​gjtorikian in gjtorikian/commonmarker#392

Full Changelog: gjtorikian/commonmarker@v2.3.2...v2.4.0

Commits

• 537eea7 Merge pull request #393 from gjtorikian/release/v2.4.0
• 464a593 [skip test] update changelog
• 4c3f2e3 Merge pull request #392 from gjtorikian/bumpalump
• efea216 💎 2.4.0
• 2dce12a fix deprecated call sites
• 81ed793 update dependencies
• a6cac9d Merge pull request #391 from gjtorikian/dependabot/cargo/comrak-0.41.1
• c75e42c Bump comrak from 0.41.0 to 0.41.1
• 93de864 Merge pull request #389 from gjtorikian/dependabot/cargo/magnus-0.8.1
• 3cc0295 Bump magnus from 0.8.0 to 0.8.1
• Additional commits viewable in compare view

Updates faraday from 2.13.4 to 2.14.0

Release notes

Sourced from faraday's releases.

v2.14.0

What's Changed

New features ✨

• Use newer UnprocessableContent naming for 422 by @​tylerhunt in lostisland/faraday#1638

Fixes 🐞

• Convert strings to UTF-8 by @​c960657 in lostisland/faraday#1624
• Fix Response#to_hash when response not finished yet by @​yykamei in lostisland/faraday#1639

Misc/Docs 📄

• Lint: use filter_map by @​olleolleolle in lostisland/faraday#1637
• Bump actions/checkout from v4 to v5 by @​dependabot[bot] in lostisland/faraday#1636
• Fixes documentation by @​dharamgollapudi in lostisland/faraday#1635

New Contributors

• @​c960657 made their first contribution in lostisland/faraday#1624
• @​dharamgollapudi made their first contribution in lostisland/faraday#1635
• @​tylerhunt made their first contribution in lostisland/faraday#1638

Full Changelog: lostisland/faraday@v2.13.4...v2.14.0

Commits

• 3201a42 Version bump to 2.14.0
• edd8cc5 Fix Faraday::Response#to_hash when request is not finished yet (#1639)
• 0e008c5 Use newer Unprocessable Content naming for 422 (#1638)
• c399e43 Fixes typo (#1635)
• fd81a73 Convert strings to UTF-8 (#1624)
• bc27144 Bump actions/checkout from 4 to 5 (#1636)
• f0aab63 Lint: use filter_map (#1637)
• See full diff in compare view

Updates turbo-rails from 2.0.16 to 2.0.17

Release notes

Sourced from turbo-rails's releases.

v2.0.17

What's Changed

• Fix typo in README.md by @​brunocalmels in hotwired/turbo-rails#746
• Remove compact call on locals in broadcast_rendering_with_defaults by @​mathias234 in hotwired/turbo-rails#720

See https://github.com/hotwired/turbo/releases/tag/v8.0.18

New Contributors

• @​brunocalmels made their first contribution in hotwired/turbo-rails#746
• @​mathias234 made their first contribution in hotwired/turbo-rails#720

Commits

• aeea473 @​hotwired/turbo-rails v8.0.18
• 00e6cba Bump version
• 30cd8fc Merge pull request #720 from mathias234/remove-compact
• 4bf3c0b Merge pull request #746 from brunocalmels/patch-1
• fe2b862 Fix typo in README.md
• 65afc97 Remove compact on locals
• See full diff in compare view

Updates rubocop from 1.80.2 to 1.81.1

Release notes

Sourced from rubocop's releases.

RuboCop v1.81.1

Bug fixes

• #14563: Fix incorrect autocorrection for Lint/DeprecatedOpenSSLConstant when Cipher appears twice. (@​koic)

Changes

• #14565: Allow multiline method chain for Style/NumberedParameters and Style/ItBlockParameter with EnforcedStyle: allow_single_line when the block itself is on a single line. (@​earlopain)

RuboCop v1.81.0

New features

• #14512: Add Style/ArrayIntersectWithSingleElement cop. (@​r7kamura)
• #10971: Support EnforcedStyleForMultiline: diff_comma in Style/TrailingCommaInArguments. (@​akouryy)

Bug fixes

• #14560: Fix an error for Style/NilComparison cop when using the var.==(nil) and var.===(nil) syntax. (@​viralpraxis)
• #14535: Fix autocorrect for Style/ExplicitBlockArgument when there are two methods that share the same implementation. (@​earlopain)
• #14527: Fix false negatives for Style/NumberedParameters and Style/ItBlockParameter when using multiline method chain with EnforcedStyle: allow_single_line. (@​koic)
• #14522: Fix false negatives for Layout/MultilineOperationIndentation when using indented code on LHS of equality operator in modifier method definition. (@​koic)
• #14496: Fix false negatives for Layout/EmptyLineBetweenDefs for AllowAdjacentOneLineDefs: false and DefLikeMacros that take no block. (@​earlopain)
• #14553: Fix false positives when EnforcedStyle: allowed_in_returns and !! appears across multiple lines in return position. (@​koic)
• #14557: Fix false positives for Style/RedundantParentheses when parentheses are used around a one-line rescue expression as a condition. (@​koic)
• #14525: Fix false positives for Style/RedundantRegexpEscape when an escaped variable sigil follows # (e.g., /#\@foo/, /#\@@bar/, /#\$baz/). (@​koic)
• #14529: Fix false negative in Layout/RescueEnsureAlignment with a block whose send node is split over multiple lines. (@​dvandersluis)
• #14528: Fix Style/RedundantFormat when the format string has a variable width that isn't given as a literal value. (@​dvandersluis)
• #14541: Fix gemspec parsing error when ParserEngine: parser_prism is configured in a base config file. ([@​sudoremo][])
• #14544: Fix an incorrect autocorrect for Lint/Void when using a return value in assignment method definition. (@​koic)
• #14543: Fix an incorrect autocorrect for Style/RedundantRegexpArgument when using escaped single quote character. (@​koic)
• #14540: Fix an incorrect autocorrect for Style/UnlessElse when using unless with then. (@​koic)
• #14507: Fix the built-in Ruby LSP add-on not restarting when config files (.rubocop.yml, .rubocop_todo.yml) change. (@​earlopain)
• #14514: Fix the built-in Ruby LSP add-on not respecting .rubocop config file. (@​earlopain)
• #14508: Fix the built-in Ruby LSP add-on getting in an irrecoverable state when the config is invalid on startup. (@​earlopain)
• #14534: Prevent Layout/LineLength autocorrection from splitting a block if its receiver contains a heredoc. (@​dvandersluis)
• #14497: Fix a false positive for Lint/ShadowedArgument when assigning inside a rescue block. (@​earlopain)

Changes

• #14492: Add support for LSP positionEncoding utf-8 and utf-32. ([@​tmtm][])

... (truncated)

Changelog

Sourced from rubocop's changelog.

1.81.1 (2025-09-26)

Bug fixes

• #14563: Fix incorrect autocorrection for Lint/DeprecatedOpenSSLConstant when Cipher appears twice. ([@​koic][])

Changes

• #14565: Allow multiline method chain for Style/NumberedParameters and Style/ItBlockParameter with EnforcedStyle: allow_single_line when the block itself is on a single line. ([@​earlopain][])

1.81.0 (2025-09-25)

New features

• #14512: Add Style/ArrayIntersectWithSingleElement cop. ([@​r7kamura][])
• #10971: Support EnforcedStyleForMultiline: diff_comma in Style/TrailingCommaInArguments. ([@​akouryy][])

Bug fixes

• #14560: Fix an error for Style/NilComparison cop when using the var.==(nil) and var.===(nil) syntax. ([@​viralpraxis][])
• #14535: Fix autocorrect for Style/ExplicitBlockArgument when there are two methods that share the same implementation. ([@​earlopain][])
• #14527: Fix false negatives for Style/NumberedParameters and Style/ItBlockParameter when using multiline method chain with EnforcedStyle: allow_single_line. ([@​koic][])
• #14522: Fix false negatives for Layout/MultilineOperationIndentation when using indented code on LHS of equality operator in modifier method definition. ([@​koic][])
• #14496: Fix false negatives for Layout/EmptyLineBetweenDefs for AllowAdjacentOneLineDefs: false and DefLikeMacros that take no block. ([@​earlopain][])
• #14553: Fix false positives when EnforcedStyle: allowed_in_returns and !! appears across multiple lines in return position. ([@​koic][])
• #14557: Fix false positives for Style/RedundantParentheses when parentheses are used around a one-line rescue expression as a condition. ([@​koic][])
• #14525: Fix false positives for Style/RedundantRegexpEscape when an escaped variable sigil follows # (e.g., /#\@foo/, /#\@@bar/, /#\$baz/). ([@​koic][])
• #14529: Fix false negative in Layout/RescueEnsureAlignment with a block whose send node is split over multiple lines. ([@​dvandersluis][])
• #14528: Fix Style/RedundantFormat when the format string has a variable width that isn't given as a literal value. ([@​dvandersluis][])
• #14541: Fix gemspec parsing error when ParserEngine: parser_prism is configured in a base config file. ([@​sudoremo][])
• #14544: Fix an incorrect autocorrect for Lint/Void when using a return value in assignment method definition. ([@​koic][])
• #14543: Fix an incorrect autocorrect for Style/RedundantRegexpArgument when using escaped single quote character. ([@​koic][])
• #14540: Fix an incorrect autocorrect for Style/UnlessElse when using unless with then. ([@​koic][])
• #14507: Fix the built-in Ruby LSP add-on not restarting when config files (.rubocop.yml, .rubocop_todo.yml) change. ([@​earlopain][])
• #14514: Fix the built-in Ruby LSP add-on not respecting .rubocop config file. ([@​earlopain][])
• #14508: Fix the built-in Ruby LSP add-on getting in an irrecoverable state when the config is invalid on startup. ([@​earlopain][])
• #14534: Prevent Layout/LineLength autocorrection from splitting a block if its receiver contains a heredoc. ([@​dvandersluis][])
• #14497: Fix a false positive for Lint/ShadowedArgument when assigning inside a rescue block. ([@​earlopain][])

Changes

• #14492: Add support for LSP positionEncoding utf-8 and utf-32. ([@​tmtm][])

Commits

• db58831 Cut 1.81.1
• 2797207 Update Changelog
• 6b2f047 [Fix #14563] Fix an incorrect autocorrect for Lint/DeprecatedOpenSSLConstant
• 8260fc1 Allow implicit block args when the block itself is on one line only
• c1400e7 [Docs] Document --editor-mode in a comment`
• d3ef76a Reset the docs version
• 386bf10 Cut 1.81
• 148250d Update Changelog
• face244 Fix an error for Style/NilComparison cop
• d8c1d4c Fix an error for InternalAffairsOnSendWithoutOnCSend with alias_method an...
• Additional commits viewable in compare view

Updates rubocop-rails from 2.33.3 to 2.33.4

Release notes

Sourced from rubocop-rails's releases.

RuboCop Rails v2.33.4

Bug fixes

• #1530: Fix an incorrect autocorrect for Rails/FindByOrAssignmentMemoization when using endless method definition. (@​koic)
• #1522: Fix an error for Rails/FindBy when where takes a block. (@​earlopain)
• #1182: Fix a false positive for Rails/ActionControllerFlashBeforeRender when flash is called in a block. (@​5hun-s)

Changelog

Sourced from rubocop-rails's changelog.

2.33.4 (2025-09-27)

Bug fixes

• #1530: Fix an incorrect autocorrect for Rails/FindByOrAssignmentMemoization when using endless method definition. ([@​koic][])
• #1522: Fix an error for Rails/FindBy when where takes a block. ([@​earlopain][])
• #1182: Fix a false positive for Rails/ActionControllerFlashBeforeRender when flash is called in a block. ([@​5hun-s][])

Commits

• b2ccb82 Cut 2.33.4
• 0fb1259 Update Changelog
• 24faad2 Merge pull request #1533 from viralpraxis/load-simplecov-before-lib-for-bette...
• 28caddb Load simplecov before loading lib for better coverage results
• 60dd19b Merge pull request #1528 from 5hun-s/fix_false_positive_for_rails_action_cont...
• 87e5bbf [Fix rubocop#1182] Fix a false positive for Rails/ActionControllerFlashBefore...
• ec292a2 Fix a build error when using Ruby 2.7
• 17371a8 Merge pull request #1531 from koic/fix_an_incorrect_autocorrect_for_rails_fin...
• 2b091eb Fix an incorrect autocorrect for Rails/FindByOrAssignmentMemoization
• dd73491 Merge pull request #1522 from Earlopain/find-by-where-block
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.