Bump the ruby-dependencies group with 4 updates

[dependabot]

Bumps the ruby-dependencies group with 4 updates: importmap-rails, puma, bootsnap and listen.

Updates importmap-rails from 2.2.2 to 2.2.3

Release notes

Sourced from importmap-rails's releases.

v2.2.3

What's Changed

• Fix pin_all_from incorrectly removing "js" substring from filenames by @​rafaelfranca in rails/importmap-rails#313
• Handle package names with nested paths in import maps by @​rafaelfranca in rails/importmap-rails#322

Full Changelog: rails/importmap-rails@v2.2.2...v2.2.3

Commits

• 6fb2bd5 Prepare for 2.2.3
• 682e058 Merge pull request #322 from rails/rmf-fix-321
• a04dd30 Handle package names with nested paths in import maps
• 9b0a9e0 Merge pull request #323 from rails/rmf-test-ruby-4
• e37bea6 Test with Ruby 4.0 and Rails 8.1
• 51c1a53 Merge pull request #313 from rails/rm-fix-282
• 3e94dfa Add some copilot prompts for this project
• 7ffedcb Fix pin_all_from incorrectly removing "js" substring from filenames
• See full diff in compare view

Updates puma from 7.1.0 to 7.2.0

Release notes

Sourced from puma's releases.

v7.2.0

7.2.0 On The Corner

• Features

  • Add workers :auto (#3827)
  • Make it possible to restrict control server commands to stats (#3787)

• Bugfixes

  • Don't break if WEB_CONCURRENCY is set to a blank string (#3837)
  • Don't share server between worker 0 and descendants on refork (#3602)
  • Fix phase check race condition in Puma::Cluster#check_workers (#3690)
  • Fix advertising of CLI config before config files are loaded (#3823)

• Performance

  • 17% faster HTTP parsing through pre-interning env keys (#3825)
  • Implement dsize and dcompact functions for Puma::HttpParser, which makes Puma's C-extension GC-compactible (#3828)

• Refactor

  • Remove NoMethodError rescue in Reactor#select_loop (#3831)
  • Various cleanups in the C extension (#3814)
  • Monomorphize handle_request return (#3802)

• Docs

  • Change link to docs/deployment.md in README.md (#3848)
  • Fix formatting for each signal description in signals.md (#3813)
  • Update deployment and Kubernetes docs with Puma configuration tips (#3807)
  • Rename master to main (#3809, #3808, #3800)
  • Fix some minor typos in the docs (#3804)
  • Add GOVERNANCE.md, MAINTAINERS (#3826)
  • Remove Code Climate badge (#3820)
  • Add @​joshuay03 to the maintainer list

• CI

  • Use Minitest 6 where applicable (#3859)
  • Many test suite improvements and flake fixes (#3861, #3863, #3860, #3852, #3857, #3856, #3845, #3843, #3842, #3841, #3822, #3817, #3764)

New Contributors

• @​moozzi made their first contribution in puma/puma#3848
• @​ybiquitous made their first contribution in puma/puma#3813
• @​jrafanie made their first contribution in puma/puma#3804

Full Changelog: puma/puma@v7.1.0...v7.2.0

Changelog

Sourced from puma's changelog.

7.2.0 / 2026-01-20

• Features

  • Add workers :auto (#3827)
  • Make it possible to restrict control server commands to stats (#3787)

• Bugfixes

  • Don't break if WEB_CONCURRENCY is set to a blank string (#3837)
  • Don't share server between worker 0 and descendants on refork (#3602)
  • Fix phase check race condition in Puma::Cluster#check_workers (#3690)
  • Fix advertising of CLI config before config files are loaded (#3823)

• Performance

  • 17% faster HTTP parsing through pre-interning env keys (#3825)
  • Implement dsize and dcompact functions for Puma::HttpParser, which makes Puma's C-extension GC-compactible (#3828)

• Refactor

  • Remove NoMethodError rescue in Reactor#select_loop (#3831)
  • Various cleanups in the C extension (#3814)
  • Monomorphize handle_request return (#3802)

• Docs

  • Change link to docs/deployment.md in README.md (#3848)
  • Fix formatting for each signal description in signals.md (#3813)
  • Update deployment and Kubernetes docs with Puma configuration tips (#3807)
  • Rename master to main (#3809, #3808, #3800)
  • Fix some minor typos in the docs (#3804)
  • Add GOVERNANCE.md, MAINTAINERS (#3826)
  • Remove Code Climate badge (#3820)
  • Add @​joshuay03 to the maintainer list

• CI

  • Use Minitest 6 where applicable (#3859)
  • Many test suite improvements and flake fixes (#3861, #3863, #3860, #3852, #3857, #3856, #3845, #3843, #3842, #3841, #3822, #3817, #3764)

Commits

• 96b5aa6 v7.2.0 (#3864)
• 5d7d1dd Add workers :auto (#3827)
• b8c4783 ci: fix ci - remove append_as_bytes logic, misc changes (#3861)
• 44a3ac4 Fix PR label manager when maintainer comments [ci skip] (#3863)
• 43f5d89 Add GOVERNANCE.md, MAINTAINERS (#3826)
• 21afa66 Use Minitest 6 where applicable (#3859)
• ec7dd61 ci: Update test_http11.rb for TruffleRuby - string size (#3860)
• fa89dbe ci: add ruby 4.0 and rails 8.1 (#3852)
• 98ff11d Fix flaky test test_horrible_queries (#3857)
• da162d7 ci: fix tests.yml (#3856)
• Additional commits viewable in compare view

Updates bootsnap from 1.20.1 to 1.21.1

Changelog

Sourced from bootsnap's changelog.

1.21.1

• Prevent a Ruby crash while scanning load path if opendir fails without setting errno. According to the C spec this should not happen, but according to user reports, it did.

1.21.0

• Fix the require decorator to handle Bootsnap.unload_cache! being called.
• Minor optimization: Eagerly clear cache buffers to appease the GC.

Commits

• 182a809 Release 1.21.1
• 1e59365 Merge pull request #522 from byroot/improve-scandir
• a2ff4b8 Fallback to pure the pure ruby path scanner on unexpected error
• 6003c14 Avoid crashing when opendir fails without setting errno
• 92edbf7 Release 1.21.0
• f490894 Merge pull request #520 from byroot/handle-unload
• 4a559a0 Fix the require decorator to handle Bootsnap.unload_cache! being called
• 417dd84 Merge pull request #518 from byroot/clear-buffers
• 7d57a70 Eagerly clear cache buffers
• 018fcb8 Add Ruby 4.0 to the CI matrix
• See full diff in compare view

Updates listen from 3.9.0 to 3.10.0

Release notes

Sourced from listen's releases.

v3.10.0

What's Changed

• Rubocop workflow with GitHub actions by @​AlexB52 in guard/listen#573
• Fix the Rubocop offence by @​y-yagi in guard/listen#588
• Add logger gem as a runtime dependency by @​y-yagi in guard/listen#587
• Remove conditions from gem declarations in Gemfile by @​larskanis in guard/listen#584
• CI against Ruby 3.4 by @​y-yagi in guard/listen#590
• Remove link to Travis CI by @​y-yagi in guard/listen#593
• Use Naming/PredicatePrefix instead of deprecated Naming/PredicateName cop by @​y-yagi in guard/listen#592
• Remove unused require by @​y-yagi in guard/listen#594
• Mention the relation with fs.inotify.max_user_watches and the memory allocation by @​y-yagi in guard/listen#595
• CI against Ruby 4.0 by @​y-yagi in guard/listen#596

New Contributors

• @​AlexB52 made their first contribution in guard/listen#573
• @​larskanis made their first contribution in guard/listen#584

Full Changelog: guard/listen@v3.9.0...v3.10.0

Commits

• 2fa1a74 Bump VERSION to 3.10.0
• 7c6d39e Merge pull request #596 from y-yagi/ci_against_ruby40
• 62255c0 CI against Ruby 4.0
• 43cb09c Merge pull request #595 from y-yagi/mention_memory_allocation_about_max_user_...
• 030aff8 Merge pull request #594 from y-yagi/remove_unused_require
• 4317b21 Mention the relation with fs.inotify.max_user_watches and the memory alloc...
• 5883c5e Remove unused require
• cde3720 Merge pull request #592 from y-yagi/fix_rubocop
• 8e93885 Merge pull request #593 from y-yagi/remove_link_to_travis
• 2f07a81 Remove link to Travis CI
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions