Bump the bundler group across 1 directory with 4 updates

[dependabot]

Bumps the bundler group with 4 updates in the / directory: ffi, kramdown, redcarpet and yajl-ruby.

Updates ffi from 1.9.9 to 1.16.3

Changelog

Sourced from ffi's changelog.

1.16.3 / 2023-10-04

Fixed:

• Fix gcc error when building on CentOS 7. #1052
• Avoid trying to store new DataConverter type in frozen TypeDefs hash. #1057

1.16.2 / 2023-09-25

Fixed:

• Handle null pointer crash after fork. #1051

1.16.1 / 2023-09-24

Fixed:

• Fix compiling the builtin libffi. #1049

1.16.0 / 2023-09-23

Fixed:

• Fix an issue with signed bitmasks when using flags on the most significant bit. #949
• Fix FFI::Pointer#initialize using NUM2LL instead of NUM2ULL.
• Fix FFI::Type#inspect to properly display the constant name. #1002
• Use libffi closure allocations on hppa-Linux. #1017 Previously they would segfault.
• Fix class name of Symbol#inspect.
• Fix MSVC support of libtest. #1028
• Fix attach_function of functions ending in ? or ! #971

Added:

• Convert all C-based classes to TypedData and use write barriers. #994, #995, #996, #997, #998, #999, #1000, #1001, #1003, #1004, #1005, #1006, #1007, #1008, #1009, #1010, #1011, #1012 This results in less pressure on the garbage collector, since the objects can be promoted to the old generation, which means they only get marked on major GC.
• Implement ObjectSpace.memsize_of() of all C-based classes.
• Make FFI Ractor compatible. #1023 Modules extended per extend FFI::Library need to be frozen in order to be used by non-main Ractors. This can be done by calling freeze below of all C interface definitions.
  • In a Ractor it's possible to:
    • load DLLs and call its functions, access its global variables
    • use builtin typedefs
    • use and modify ractor local typedefs
    • define callbacks
    • receive async callbacks from non-ruby threads
    • use frozen FFI::Library based modules with all attributes (enums, structs, typedefs, functions, callbacks)
    • invoke frozen functions and callbacks defined in the main Ractor

... (truncated)

Commits

• 6cef66d Bump VERSION to 1.16.3
• 87ca653 Update CHANGELOG for ffi-1.16.3
• a8f7d97 Update link in README.md [ci skip]
• 87ff960 Merge branch 'master' of github.com:ffi/ffi
• c97b825 Add examples from https://github.com/ffi/ffi/wiki/How-to-use-FFI-in-Ruby-Ractors
• c1ed9bc Add link to Ractor docs to README.md
• 13afd23 Merge pull request #1057 from mvz/avoid-frozen-typemap
• 6e29dc1 Avoid trying to store new DataConverter type in frozen TypeDefs hash
• bf21280 Prepare a CHANGELOG entry for ffi-1.16.3
• 683e18b Merge pull request #1053 from larskanis/fix-1052
• Additional commits viewable in compare view

Updates kramdown from 1.7.0 to 1.17.0

Commits

• See full diff in compare view

Updates redcarpet from 3.3.2 to 3.6.0

Release notes

Sourced from redcarpet's releases.

Redcarpet v3.6.0

This release is not particularly heavy but brings a few improvements and fixes.

Improvements

• Avoid warnings running on Ruby 3.2+ (See #721).
• Consider <center> as a block-level element (See #702).
• Properly provide a third argument to the table_cell callback indicating whether the current cell is part of the header or not. The previous implementation with two parameters is still supported (See #604 and #605).

Fixes

• Match fence char and length when matching closing fence in fenced code blocks (Fixes #208).
• Fix anchor generation on titles with ampersands (Fixes #696).

Redcarpet v3.5.1

Fix a security vulnerability using :quote in combination with the :escape_html option.

Reported by Johan Smits.

v3.5.0

This release mostly ships with bug fixes and tiny improvements.

Improvements

• Avoid mutating the options hash passed to a render object (See #663).

• Automatically enable the fenced_code_blocks option passing a HTML_TOC object to the Markdown object's constructor since some languages rely on the sharp to comment code (See #451).

• Remove the rel and rev attributes from the output generated for footnotes as they don't pass the HTML 5 validation (See #536).

• Allow passing Range objects to the nesting_level option to have a higher level of customization for table of contents (See #519):

  Redcarpet::Render::HTML_TOC.new(nesting_level: 2..5)

Bug fixes

• Fix a segfault rendering quotes using StripDown and the :quote option.

• Fix SmartyPants single quotes right after a link. For example:

  [John](http://john.doe)'s cat

  Will now properly converts ' to a right single quote (i.e. ’).

v3.4.0

Redcarpet v3.4.0

... (truncated)

Changelog

Sourced from redcarpet's changelog.

Version 3.6.0

• Avoid warnings running on Ruby 3.2+.

  Refs #721.

  Jean Boussier

• Match fence char and length when matching closing fence in fenced code blocks.

  Fixes #208.

  Martin Cizek, Orchitech

• Consider <center> as a block-level element.

  Refs #702.

  momijizukamori

• Properly provide a third argument to the table_cell callback indicating whether the current cell is part of the header or not.

  The previous implementation with two parameters is still supported.

  Fixes #604, Refs #605.

  Mark Lambley

• Fix anchor generation on titles with ampersands.

  Fixes #696.

Version 3.5.1 (Security)

• Fix a security vulnerability using :quote in combination with the :escape_html option.

  Reported by Johan Smits.

Version 3.5.0

• Avoid mutating the options hash passed to a render object.

  Refs #663.

  Max Schwenk

• Fix a segfault rendering quotes using StripDown and the :quote

... (truncated)

Commits

• 3e3f0b5 Redcarpet v3.6.0
• 6bfff6e Add a changelog entry for #721
• 50961ad Merge pull request #721 from casperisfine/ruby-3.2
• 2488699 Merge pull request #724 from amatsuda/test_files
• 021538f Missing files in the gem package
• cec4965 Don't include test files in the gem package
• 4028670 Merge pull request #723 from amatsuda/https
• 28e0a00 GitHub is HTTPS by default
• 8bc6922 Undefine uneeded T_DATA allocators
• 03b664d Merge pull request #681 from orchitech/match-closing-fence-type-and-length
• Additional commits viewable in compare view

Updates yajl-ruby from 1.2.1 to 1.2.3

Commits

• 8bf7aba bump version for 1.2.3 release
• 58bd1e3 Don't advance our end pointer until we've checked we have enough
• 4258d37 bump version for 1.2.2 release
• 46ae651 Merge pull request #173 from parkr/1.2.x-unify-fixnum-to-integer
• db21502 workaround for old travis boxes
• e24864f Support to Integer unification for Ruby 2.4. https://bugs.ruby-lang.org/issue...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.