[Dependency] Bump json from 2.18.0 to 2.18.1 (#728)

dependabot[bot] · web-flow · commit c9f329fdfad0 · 2026-02-25T18:21:15.000-05:00
Bumps [json](https://github.com/ruby/json) from 2.18.0 to 2.18.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ruby/json/releases">json's releases</a>.</em></p> <blockquote> <h2>v2.18.1</h2> <h2>What's Changed</h2> <ul> <li>Fix a potential crash in very specific circumstance if GC triggers during a call to <code>to_json</code> without first invoking a user defined <code>#to_json</code> method.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/ruby/json/compare/v2.18.0...v2.18.1">https://github.com/ruby/json/compare/v2.18.0...v2.18.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ruby/json/blob/master/CHANGES.md">json's changelog</a>.</em></p> <blockquote> <h3>2026-02-03 (2.18.1)</h3> <ul> <li>Fix a potential crash in very specific circumstance if GC triggers during a call to <code>to_json</code> without first invoking a user defined <code>#to_json</code> method.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ruby/json/commit/6ec6e7baff137e67831a23090061e84bf028dbfc"><code>6ec6e7b</code></a> Release 2.18.1</li> <li><a href="https://github.com/ruby/json/commit/fff25c9f4b9c590a59ed4a2ec3c545121db844d3"><code>fff25c9</code></a> fbuffer_append_str: assume string</li> <li><a href="https://github.com/ruby/json/commit/79b6e168ba02f6ac7a0dac378968b1c918af91db"><code>79b6e16</code></a> Ensure <code>Generator::State</code> is kept on the stack</li> <li><a href="https://github.com/ruby/json/commit/062fcdd22818d226f0e4b49647eb2aabbfaf002b"><code>062fcdd</code></a> Improve class JSON intro</li> <li><a href="https://github.com/ruby/json/commit/1b276c8623da0ff9bec62396d9a7172365bc1784"><code>1b276c8</code></a> Extract json_fast_memcpy16 for readability</li> <li><a href="https://github.com/ruby/json/commit/643ee11fed6898b7e6f75f266daa6e4b2a07bb07"><code>643ee11</code></a> Use __builtin_memcpy, if available, to copy overlapping byte ranges in copy_r...</li> <li><a href="https://github.com/ruby/json/commit/15eb40dbdfb299813bbbb72f70e12d1614b26200"><code>15eb40d</code></a> Remove trailing spaces [ci skip]</li> <li><a href="https://github.com/ruby/json/commit/73818b80c8fe4394153002a60ecd285e8688b4cd"><code>73818b8</code></a> initialize search.chunk_end to silence a warning about it being potentially u...</li> <li><a href="https://github.com/ruby/json/commit/86a5cce405102eca15d639e2dae2f539fb3e7c26"><code>86a5cce</code></a> use a conditional to select SIMD implementation rather than pointer</li> <li><a href="https://github.com/ruby/json/commit/a51317c94900ec5ea44ef0fd9327cca4d601bb5c"><code>a51317c</code></a> Directly write to the output buffer when converting UTF32 to UTF8.</li> <li>Additional commits viewable in <a href="https://github.com/ruby/json/compare/v2.18.0...v2.18.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json&package-manager=bundler&previous-version=2.18.0&new-version=2.18.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -220,7 +220,7 @@ GEM
       gemoji (>= 3, < 5)
       html-pipeline (~> 2.2)
       jekyll (>= 3.0, < 5.0)
-    json (2.18.0)
+    json (2.18.1)
     kramdown (2.4.0)
       rexml
     kramdown-parser-gfm (1.1.0)
