Bump json from 2.16.0 to 2.17.1

[dependabot]

Bumps json from 2.16.0 to 2.17.1.

Release notes

Sourced from json's releases.

v2.17.0

What's Changed

• Improve JSON.load and JSON.unsafe_load to allow passing options as second argument.
• Fix the parser to no longer ignore invalid escapes in strings. Only \", \\, \b, \f, \n, \r, \t and \u are valid JSON escapes.
• Fixed JSON::Coder to use the depth it was initialized with.
• On TruffleRuby, fix the generator to not call to_json on the return value of as_json for Float::NAN.
• Fixed handling of state.depth: when to_json changes state.depth but does not restore it, it is reset automatically to its initial value. In particular, when a NestingError is raised, depth is no longer equal to max_nesting after the call to generate, and is reset to its initial value. Similarly when to_json raises an exception.

Full Changelog: ruby/json@v2.16.0...v2.17.0

Changelog

Sourced from json's changelog.

2025-12-04 (2.17.1)

• Fix a regression in parsing of unicode surogate pairs (\uXX\uXX) that could cause an invalid string to be returned.

2025-12-03 (2.17.0)

• Improve JSON.load and JSON.unsafe_load to allow passing options as second argument.
• Fix the parser to no longer ignore invalid escapes in strings. Only \", \\, \b, \f, \n, \r, \t and \u are valid JSON escapes.
• Fixed JSON::Coder to use the depth it was initialized with.
• On TruffleRuby, fix the generator to not call to_json on the return value of as_json for Float::NAN.
• Fixed handling of state.depth: when to_json changes state.depth but does not restore it, it is reset automatically to its initial value. In particular, when a NestingError is raised, depth is no longer equal to max_nesting after the call to generate, and is reset to its initial value. Similarly when to_json raises an exception.

Commits

• e5e4fd5 Release 2.17.1
• 0fce370 Fix a regression in parsing of unicode surogate pairs
• 4bdb2d1 Release 2.17.0
• ccca602 Fix handling of depth
• 7b62fac Fix duplicated test_unsafe_load_with_options test case
• e0257b9 Reproduce C ext behavior of ignoring mutated depth in arrays
• 386b36f Test and restore behavior around to_json changing depth
• c54de70 Improve JSON.load and JSON.unsafe_load to allow passing options as second...
• 65d62dc Merge pull request #909 from nobu/macro_args
• 8fb7279 Fix macro arguments
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)