From 158eb4b04c392dd2c2e8584365db7465c7592638 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 28 Jul 2020 11:16:13 -0700
Subject: [PATCH] Bump json from 2.2.0 to 2.3.1 (#1448)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Summary:
Bumps [json](https://github.com/flori/json) from 2.2.0 to 2.3.1.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/flori/json/blob/master/CHANGES.md">json's changelog</a>.</em></p>
<blockquote>
<h2>2020-06-30 (2.3.1)</h2>
<ul>
<li>Spelling and grammar fixes for comments. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/191">https://github.com/Instagram/IGListKit/issues/191</a> by Josh
Kline.</li>
<li>Enhance generic JSON and #generate docs. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/347">https://github.com/Instagram/IGListKit/issues/347</a> by Victor
Shepelev.</li>
<li>Add :nodoc: for GeneratorMethods. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/349">https://github.com/Instagram/IGListKit/issues/349</a> by Victor Shepelev.</li>
<li>Baseline changes to help (JRuby) development. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/371">https://github.com/Instagram/IGListKit/issues/371</a> by Karol
Bucek.</li>
<li>Add metadata for rubygems.org. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/379">https://github.com/Instagram/IGListKit/issues/379</a> by Alexandre ZANNI.</li>
<li>Remove invalid JSON.generate description from JSON module rdoc. Pull
request <a href="https://github-redirect.dependabot.com/flori/json/issues/384">https://github.com/Instagram/IGListKit/issues/384</a> by Jeremy Evans.</li>
<li>Test with TruffleRuby in CI. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/402">https://github.com/Instagram/IGListKit/issues/402</a> by Benoit Daloze.</li>
<li>Rdoc enhancements. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/413">https://github.com/Instagram/IGListKit/issues/413</a> by Burdette Lamar.</li>
<li>Fixtures/ are not being tested... Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/416">https://github.com/Instagram/IGListKit/issues/416</a> by Marc-André
Lafortune.</li>
<li>Use frozen string for hash key. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/420">https://github.com/Instagram/IGListKit/issues/420</a> by Marc-André
Lafortune.</li>
<li>Added :call-seq: to RDoc for some methods. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/422">https://github.com/Instagram/IGListKit/issues/422</a> by Burdette
Lamar.</li>
<li>Small typo fix. Pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/423">https://github.com/Instagram/IGListKit/issues/423</a> by Marc-André Lafortune.</li>
</ul>
<h2>2019-12-11 (2.3.0)</h2>
<ul>
<li>Fix default of <code>create_additions</code> to always be <code>false</code> for <code>JSON(user_input)</code>
and <code>JSON.parse(user_input, nil)</code>.
Note that <code>JSON.load</code> remains with default <code>true</code> and is meant for internal
serialization of trusted data. [CVE-2020-10663]</li>
<li>Fix passing args all #to_json in json/add/*.</li>
<li>Fix encoding issues</li>
<li>Fix issues of keyword vs positional parameter</li>
<li>Fix JSON::Parser against bigdecimal updates</li>
<li>Bug fixes to JRuby port</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/flori/json/commit/0951d7719c3ee7e35b4e1ae80613ce02fb6f20da"><code>0951d77</code></a> Bump version to 2.3.1</li>
<li><a href="https://github.com/flori/json/commit/ddc29e20c1c05bc96ede665ad066cbf0617a6c93"><code>ddc29e2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/429">https://github.com/Instagram/IGListKit/issues/429</a> from flori/remove-generate-task-for-gemspec</li>
<li><a href="https://github.com/flori/json/commit/cee8020dc8a3c33936149667ada3f017d396ade7"><code>cee8020</code></a> Removed gemspec task from default task on Rakefile</li>
<li><a href="https://github.com/flori/json/commit/9fd637107f1267726acee108e88e21dc773f137e"><code>9fd6371</code></a> Use VERSION file instead of hard-coded value</li>
<li><a href="https://github.com/flori/json/commit/dc90bcf240fe8059157e6e37cd52944e64523266"><code>dc90bcf</code></a> Removed explicitly date field in gemspec, it will assign by rubygems.org</li>
<li><a href="https://github.com/flori/json/commit/4c11a40c1f0de83b5c39877f40143fe8a5e512cd"><code>4c11a40</code></a> Removed task for json_pure.gemspec</li>
<li><a href="https://github.com/flori/json/commit/e794ec959121e868808e333fdeddd8261f1d5844"><code>e794ec9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/426">https://github.com/Instagram/IGListKit/issues/426</a> from marcandre/indent</li>
<li><a href="https://github.com/flori/json/commit/7cc9301acae27438b32b0cb21d7ff8c3cb07792c"><code>7cc9301</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/428">https://github.com/Instagram/IGListKit/issues/428</a> from marcandre/change_fix</li>
<li><a href="https://github.com/flori/json/commit/9e2a1fb7d8193dfae67ed70a6f531dd4e4b5f0d5"><code>9e2a1fb</code></a> Make changes more precise <a href="https://github-redirect.dependabot.com/flori/json/issues/424">https://github.com/Instagram/IGListKit/issues/424</a></li>
<li><a href="https://github.com/flori/json/commit/f8fa987de568b11cfea27d44486b0377d83d0e4b"><code>f8fa987</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/flori/json/issues/424">https://github.com/Instagram/IGListKit/issues/424</a> from marcandre/update_changes</li>
<li>Additional commits viewable in <a href="https://github.com/flori/json/compare/v2.2.0...v2.3.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=json&package-manager=bundler&previous-version=2.2.0&new-version=2.3.1)](https://help.github.com/articles/configuring-automated-security-fixes)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

 ---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/Instagram/IGListKit/network/alerts).

</details>

Pull Request resolved: https://github.com/Instagram/IGListKit/pull/1448

Reviewed By: bdotdub

Differential Revision: D22786910

Pulled By: lorixx

fbshipit-source-id: ddab3099562da768afde67fd62e4a176d2de6191
---
 Gemfile.lock | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index cfdf4352..c4ac8e02 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -86,7 +86,7 @@ GEM
     httpclient (2.8.3)
     i18n (0.9.5)
       concurrent-ruby (~> 1.0)
-    json (2.2.0)
+    json (2.3.1)
     kramdown (1.17.0)
     mini_portile2 (2.4.0)
     minitest (5.13.0)