chore(deps): bump the bundler-version-updates group with 7 updates

[dependabot]

Bumps the bundler-version-updates group with 7 updates:

Package	From	To
oauth2	2.0.12	2.0.18
typhoeus	1.4.1	1.5.0
rubocop	1.78.0	1.85.1
rubocop-minitest	0.38.1	0.39.1
dotenv	3.1.8	3.2.0
minitest-hooks	1.5.2	1.5.3
rake	13.3.0	13.3.1

Updates oauth2 from 2.0.12 to 2.0.18

Release notes

Sourced from oauth2's releases.

v2.0.18

2.0.18 - 2025-11-08

• TAG: v2.0.18
• COVERAGE: 100.00% -- 526/526 lines in 14 files
• BRANCH COVERAGE: 100.00% -- 178/178 branches in 14 files
• 90.48% documented

Added

• gh!683, gh!684 - Improve documentation by @​pboling
• gh!686- Add Incident Response Plan by @​pboling
• gh!687- Add Threat Model by @​pboling

Changed

• gh!685 - upgrade kettle-dev v1.1.24 by @​pboling
• upgrade kettle-dev v1.1.52 by @​pboling
  • Add open collective donors to README

Fixed

• gh!690, gh!691, gh!692 - Add yard-fence
  • handle braces within code fences in markdown properly by @​pboling

Security

Official Discord 👉️ [![Live Chat on Discord][✉️discord-invite-img]][✉️discord-invite]

Many paths lead to being a sponsor or a backer of this project. Are you on such a path?

![OpenCollective Backers][🖇osc-backers-i] [![OpenCollective Sponsors][🖇osc-sponsors-i]][🖇osc-sponsors] [![Sponsor Me on Github][🖇sponsor-img]][🖇sponsor] [![Donate on PayPal][🖇paypal-img]][🖇paypal]

[![Buy me a coffee][🖇buyme-small-img]][🖇buyme] [![Donate on Polar][🖇polar-img]][🖇polar] [![Donate to my FLOSS efforts at ko-fi.com][🖇kofi-img]][🖇kofi] [![Donate to my FLOSS efforts using Patreon][🖇patreon-img]][🖇patreon]

... (truncated)

Changelog

Sourced from oauth2's changelog.

[2.0.18] - 2025-11-08

• TAG: [v2.0.18][2.0.18t]
• COVERAGE: 100.00% -- 526/526 lines in 14 files
• BRANCH COVERAGE: 100.00% -- 178/178 branches in 14 files
• 90.48% documented

Added

• gh!683, gh!684 - Improve documentation by @​pboling
• gh!686- Add Incident Response Plan by @​pboling
• gh!687- Add Threat Model by @​pboling

Changed

• gh!685 - upgrade kettle-dev v1.1.24 by @​pboling
• upgrade kettle-dev v1.1.52 by @​pboling
  • Add open collective donors to README

Fixed

• gh!690, gh!691, gh!692 - Add yard-fence
  • handle braces within code fences in markdown properly by @​pboling

Security

[2.0.17] - 2025-09-15

• TAG: [v2.0.17][2.0.17t]
• COVERAGE: 100.00% -- 526/526 lines in 14 files
• BRANCH COVERAGE: 100.00% -- 178/178 branches in 14 files
• 90.48% documented

Added

• gh!682 - AccessToken: support Hash-based verb-dependent token transmission mode (e.g., {get: :query, post: :header})

[2.0.16] - 2025-09-14

... (truncated)

Commits

• b575311 🔖 Prepare release v2.0.18
• b5af77b Merge pull request #693 from ruby-oauth/feat/docs
• cf2853d 📝 Update docs
• 1843415 ⬆️ kettle-dev v1.1.52, yard-fence v0.8.0
• f592dd8 Merge pull request #692 from ruby-oauth/feat/docs
• 2095732 ⬆️ yard-fence v0.7.0
• 50f3fd0 Merge pull request #691 from ruby-oauth/feat/docs
• bcb0e40 ✏️ Fix typos in docs
• f24f1a8 Create CNAME
• bff58e1 Merge pull request #690 from ruby-oauth/feat/yard-fence
• Additional commits viewable in compare view

Updates typhoeus from 1.4.1 to 1.5.0

Changelog

Sourced from typhoeus's changelog.

1.5.0

Full Changelog

• Update gemspec with metadata and remove extra files from the bundled gem. (Felipe Mesquita, #734)
• Require Ruby 2.6+ and simplify Gemfile. (Felipe Mesquita, #733)
• Add support for URI objects in Typhoeus.stub(). (Katelyn Schiesser, #732)
• Add explicit require for logger and ostruct gems for Ruby 3.5+ compatibility. (Felipe Mesquita, #729)
• Add Ruby 3.4 to CI matrix. (y-yagi, #728)
• Support curl 8.9 error message changes in tests. (Mamoru TASAKA, #724)
• Add Ruby 3.2 and 3.3 to CI, drop Ruby 2.5, lock ethon < 0.16.0. (y-yagi, #716)
• Fix typo in comment: "reponse" → "response". (George Brocklehurst, #700)

Commits

• a529f7e Merge pull request #735 from typhoeus/prepare-for-v1.5.0-release
• 1e2dd54 update changelog
• db9cddb bump version
• 4d18f16 Merge pull request #734 from felipedmesquita/update-gemspec
• 51bbd3d add gem metadata
• 225da04 remove extra files from the bundled gem
• aa76dc5 Merge pull request #733 from felipedmesquita/require-ruby-26
• 3891e62 simplify gemfile for ruby 2.6+ requirement
• a4a9058 require ruby 2.6
• 05ab789 Merge pull request #732 from slowbro/issue-662
• Additional commits viewable in compare view

Updates rubocop from 1.78.0 to 1.85.1

Release notes

Sourced from rubocop's releases.

RuboCop v1.85.1

Bug fixes

• #14958: Fix false positives in Style/FileOpen when File.open is passed as an argument or returned from a method. (@​sferik)
• #14973: Fix Style/ReduceToHash false positive when accumulator is read in key/value. (@​sferik)
• #14964: Fix false positives in Style/RedundantParentheses when parenthesizing a range in a block body. (@​koic)

Changes

• #14969: Autoload formatters; they're required only when actually used. (@​lovro-bikic)

RuboCop v1.85.0

New features

• #14921: Add mise.toml as source for TargetRubyVersion. ([@​kitsane][])
• #14925: Add new Lint/UnreachablePatternBranch cop. (@​sferik)
• #14942: Add new Style/FileOpen cop. (@​sferik)
• #14939: Add new Style/MapJoin cop. (@​sferik)
• #14924: Add new Style/OneClassPerFile cop. (@​sferik)
• #14923: Add new Style/PartitionInsteadOfDoubleSelect cop. (@​sferik)
• #14811: Add new Style/PredicateWithKind cop. (@​sferik)
• #14938: Add new Style/ReduceToHash cop. (@​sferik)
• #14812: Add new Style/RedundantMinMaxBy cop. (@​sferik)
• #13501: Add new Style/RedundantStructKeywordInit cop. (@​koic)
• #14808: Add new Style/SelectByKind cop. (@​sferik)
• #14810: Add new Style/SelectByRange cop. (@​sferik)
• #14922: Add new Style/TallyMethod cop. (@​sferik)
• #14773: Add new Lint/DataDefineOverride cop. ([@​bbatsov][])
• #14781: Add new InternalAffairs/ItblockHandler cop. ([@​bbatsov][])
• #14911: Support built-in MCP server (experimental). (@​koic)

Bug fixes

• #14829: Allow classes without a superclass in Style/EmptyClassDefinition. (@​koic)
• #14873: Fix an error in Style/NegatedWhile when the last expression of an until condition is negated. (@​koic)
• #14827: Improve Style/EmptyClassDefinition message wording. ([@​bbatsov][])
• #14800: Fix false obsolete configuration error for extracted cops when loaded as plugins. ([@​bbatsov][])
• #14928: Fix a false positive for Lint/Void when nil is used in case branch. ([@​5hun-s][])
• #14857: Fix false positives in Style/IfUnlessModifier when modifier forms are used inside string interpolations. (@​koic)
• #8773: Fix false positives in Style/HashTransformKeys and Style/HashTransformValues. (@​sferik)
• #6963: Fix false positives in Lint/Void for each blocks where the return value may be meaningful (e.g., Enumerator#each). (@​sferik)
• #14931: Ignore directive comments inside comments. (@​koic)
• #14834: Fix Layout/IndentationWidth false positive for chained method blocks when EnforcedStyleAlignWith is start_of_line. ([@​krororo][])
• #14756: Fix Lint/Void to detect void expressions in case/when branches. ([@​bbatsov][])
• #14874: Fix a Parser::ClobberingError in Lint/UselessAssignment when autocorrecting a useless assignment that wraps a block containing another useless assignment. (@​koic)
• #14880: Fix a false negative in Layout/MultilineAssignmentLayout when using numblock or itblock with SupportedTypes: ['block']. ([@​bbatsov][])

... (truncated)

Changelog

Sourced from rubocop's changelog.

1.85.1 (2026-03-03)

Bug fixes

• #14958: Fix false positives in Style/FileOpen when File.open is passed as an argument or returned from a method. ([@​sferik][])
• #14973: Fix Style/ReduceToHash false positive when accumulator is read in key/value. ([@​sferik][])
• #14964: Fix false positives in Style/RedundantParentheses when parenthesizing a range in a block body. ([@​koic][])

Changes

• #14969: Autoload formatters; they're required only when actually used. ([@​lovro-bikic][])

1.85.0 (2026-02-26)

New features

• #14921: Add mise.toml as source for TargetRubyVersion. ([@​kitsane][])
• #14925: Add new Lint/UnreachablePatternBranch cop. ([@​sferik][])
• #14942: Add new Style/FileOpen cop. ([@​sferik][])
• #14939: Add new Style/MapJoin cop. ([@​sferik][])
• #14924: Add new Style/OneClassPerFile cop. ([@​sferik][])
• #14923: Add new Style/PartitionInsteadOfDoubleSelect cop. ([@​sferik][])
• #14811: Add new Style/PredicateWithKind cop. ([@​sferik][])
• #14938: Add new Style/ReduceToHash cop. ([@​sferik][])
• #14812: Add new Style/RedundantMinMaxBy cop. ([@​sferik][])
• #13501: Add new Style/RedundantStructKeywordInit cop. ([@​koic][])
• #14808: Add new Style/SelectByKind cop. ([@​sferik][])
• #14810: Add new Style/SelectByRange cop. ([@​sferik][])
• #14922: Add new Style/TallyMethod cop. ([@​sferik][])
• #14773: Add new Lint/DataDefineOverride cop. ([@​bbatsov][])
• #14781: Add new InternalAffairs/ItblockHandler cop. ([@​bbatsov][])
• #14911: Support built-in MCP server (experimental). ([@​koic][])

Bug fixes

• #14829: Allow classes without a superclass in Style/EmptyClassDefinition. ([@​koic][])
• #14873: Fix an error in Style/NegatedWhile when the last expression of an until condition is negated. ([@​koic][])
• #14827: Improve Style/EmptyClassDefinition message wording. ([@​bbatsov][])
• #14800: Fix false obsolete configuration error for extracted cops when loaded as plugins. ([@​bbatsov][])
• #14928: Fix a false positive for Lint/Void when nil is used in case branch. ([@​5hun-s][])
• #14857: Fix false positives in Style/IfUnlessModifier when modifier forms are used inside string interpolations. ([@​koic][])
• #8773: Fix false positives in Style/HashTransformKeys and Style/HashTransformValues. ([@​sferik][])
• #6963: Fix false positives in Lint/Void for each blocks where the return value may be meaningful (e.g., Enumerator#each). ([@​sferik][])
• #14931: Ignore directive comments inside comments. ([@​koic][])
• #14834: Fix Layout/IndentationWidth false positive for chained method blocks when EnforcedStyleAlignWith is start_of_line. ([@​krororo][])
• #14756: Fix Lint/Void to detect void expressions in case/when branches. ([@​bbatsov][])
• #14874: Fix a Parser::ClobberingError in Lint/UselessAssignment when autocorrecting a useless assignment that wraps a block containing another useless assignment. ([@​koic][])
• #14880: Fix a false negative in Layout/MultilineAssignmentLayout when using numblock or itblock with SupportedTypes: ['block']. ([@​bbatsov][])
• #11462: Fix over-indentation when autocorrecting nested hashes with Layout/FirstHashElementIndentation. ([@​ydakuka][])
• #14880: Recognize block on different line from left side of multi-line assignment in Layout/MultilineAssignmentLayout. ([@​sanfrecce-osaka][])

... (truncated)

Commits

• fd07672 Cut 1.85.1
• 5c41f90 Update Changelog
• 5e8e492 Merge pull request #14975 from sferik/fix_14973
• 90f3780 Fix Style/ReduceToHash false positive when accumulator is read in key/value
• 90c7959 Merge pull request #14972 from lovro-bikic/relevant-options-digest-cache
• 3c20e8d Cache relevant options digest
• e305f79 Merge pull request #14969 from lovro-bikic/autoload-formatter-constants
• 3f0a304 Autoload formatters; they're required only when actually used
• eb973f4 Merge pull request #14966 from koic/fix_false_positives_in_style_redundant_pa...
• 3338a40 [Fix #14964] Fix false positives in Style/RedundantParentheses
• Additional commits viewable in compare view

Updates rubocop-minitest from 0.38.1 to 0.39.1

Release notes

Sourced from rubocop-minitest's releases.

RuboCop Minitest v0.39.1

Bug fixes

• #347: Fix false positives in Minitest/AssertIncludes and Minitest/RefuteIncludes cops. (@​koic)

RuboCop Minitest v0.39.0

Changes

• #344: Disable Minitest/AssertEmptyLiteral by default. (@​koic)
• #315: Make Minitest/AssertIncludes and Minitest/RefuteIncludes aware of key?, has_key?, and member? alias methods. (@​koic)

RuboCop Minitest v0.38.2

Bug fixes

• #321: Fix false positives for Minitest/MultipleAssertions when the assertion has a receiver. (@​earlopain)

Changelog

Sourced from rubocop-minitest's changelog.

0.39.1 (2026-02-24)

Bug fixes

• #347: Fix false positives in Minitest/AssertIncludes and Minitest/RefuteIncludes cops for key? and has_key? used with assert or refute. ([@​koic][])

0.39.0 (2026-02-24)

Changes

• #344: Disable Minitest/AssertEmptyLiteral by default. ([@​koic][])
• #315: Make Minitest/AssertIncludes and Minitest/RefuteIncludes aware of key?, has_key?, and member? alias methods. ([@​koic][])

0.38.2 (2025-08-30)

Bug fixes

• #321: Fix false positives for Minitest/MultipleAssertions when the assertion has a receiver. ([@​earlopain][])

Commits

• 17b5474 Cut 0.39.1
• d7a0f1e Update Changelog
• 93a5474 Merge pull request #347 from koic/fix_false_positive_for_assert_includes_and_...
• b8d8789 Fix false positives in Minitest/AssertIncludes and `Minitest/RefuteIncludes...
• 9b577b6 Switch back docs version to master
• 0f1a4f6 Cut 0.39.0
• 1c01cf9 Update Changelog
• bf38672 Merge pull request #346 from koic/disable_minitest_assert_empty_literal_by_de...
• 7793f07 [Fix #344] Disable Minitest/AssertEmptyLiteral by default
• c8f3fc5 Suppress RuboCop offenses
• Additional commits viewable in compare view

Updates dotenv from 3.1.8 to 3.2.0

Release notes

Sourced from dotenv's releases.

v3.2.0

What's Changed

• Boost app startup time by removing to_sentence usage by @​ThomasCrambert in bkeepers/dotenv#534
• Handle parentheses in variables in commands by @​i7an in bkeepers/dotenv#540
• allow warning when a env var was not overwritten by @​grosser in bkeepers/dotenv#531
• fix a few small issues by @​grosser in bkeepers/dotenv#532

New Contributors

• @​ThomasCrambert made their first contribution in bkeepers/dotenv#534
• @​i7an made their first contribution in bkeepers/dotenv#540

Full Changelog: bkeepers/dotenv@v3.1.8...v3.2.0

Commits

• 34156bf Prepare for 3.2.0 release
• ab47820 Merge pull request #531 from grosser/grosser/warn
• fae6120 Merge branch 'main' into grosser/warn
• 4f510f4 Merge pull request #532 from grosser/grosser/fixes
• 959e1da Merge pull request #539 from bkeepers/dependabot/github_actions/actions/check...
• 041451e Update spec message
• b300f26 Bump actions/checkout from 4 to 6
• 5f4ca01 Merge branch 'main' into grosser/warn
• 209dca4 Merge pull request #540 from i7an/handle-parentheses
• 48c4956 Merge branch 'main' into handle-parentheses
• Additional commits viewable in compare view

Updates minitest-hooks from 1.5.2 to 1.5.3

Changelog

Sourced from minitest-hooks's changelog.

=== 1.5.3 (2025-12-18)

• Work correctly on minitest 6+ (jeremyevans)

Commits

• e690c2e Bump version to 1.5.3
• fc549a2 Add nocov around minitest 6 conditional
• 88126f2 Add metadata and required ruby version to gemspec
• 672d4af Work correctly on minitest 6+
• 922f3fb Use SimpleCov.add_filter block instead of string
• ab7d5c1 Add JRuby 10.0 to CI
• f498593 Switch rdoc task to normal rake task, avoid rdoc/task require
• e99a6b0 Adjust specs to pass on Ruby 3.5
• 332e0bc Install libsqlite3-dev in CI, hopefully fixes Ruby 2.0-2.4
• 83e96c9 Work with ubuntu-latest using 24.04 by default in CI
• Additional commits viewable in compare view

Updates rake from 13.3.0 to 13.3.1

Commits

• f0001c3 v13.3.1
• a644c80 Merge pull request #483 from luke-gru/fix_test_warnings
• 2465ea5 silence warnings during execution of rake tasks in Rakefile (ex: rake test)
• df25fb1 Merge pull request #610 from pvdb/fix_testhelper_require
• ec12ac9 Merge pull request #635 from nevans/deconstruct_keys-for-nil-keys
• 4664a69 Merge pull request #666 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 7a0bf15 Bump ruby/setup-ruby from 1.265.0 to 1.266.0
• b3ed789 Merge pull request #665 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• 1e7ef52 Bump ruby/setup-ruby from 1.263.0 to 1.265.0
• 77225e1 Merge pull request #664 from ruby/dependabot/github_actions/ruby/setup-ruby-1...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions