build(deps): bump the bundler group across 1 directory with 4 updates

[dependabot]

Bumps the bundler group with 4 updates in the / directory: activesupport, multi_xml, public_suffix and thor.

Updates activesupport from 8.1.1 to 8.1.2

Release notes

Sourced from activesupport's releases.

8.1.2

Active Support

• Make delegate and delegate_missing_to work in BasicObject subclasses.

  Rafael Mendonça França

• Fix Inflectors when using a locale that fallbacks to :en.

  Said Kaldybaev

• Fix ActiveSupport::TimeWithZone#as_json to consistently return UTF-8 strings.

  Previously the returned string would sometime be encoded in US-ASCII, which in some cases may be problematic.

  Now the method consistently always return UTF-8 strings.

  Jean Boussier

• Fix TimeWithZone#xmlschema when wrapping a DateTime instance in local time.

  Previously it would return an invalid time.

  Dmytro Rymar

• Implement LocalCache strategy on ActiveSupport::Cache::MemoryStore. The memory store needs to respond to the same interface as other cache stores (e.g. ActiveSupport::NullStore).

  Mikey Gough

• Fix ActiveSupport::Inflector.humanize with international characters.

  ActiveSupport::Inflector.humanize("áÉÍÓÚ")  # => "Áéíóú"
  ActiveSupport::Inflector.humanize("аБВГДЕ") # => "Абвгде"

  Jose Luis Duran

Active Model

• No changes.

Active Record

• Fix counting cached queries in ActiveRecord::RuntimeRegistry.

... (truncated)

Changelog

Sourced from activesupport's changelog.

Rails 8.1.2 (January 08, 2026)

• Make delegate and delegate_missing_to work in BasicObject subclasses.

  Rafael Mendonça França

• Fix Inflectors when using a locale that fallbacks to :en.

  Said Kaldybaev

• Fix ActiveSupport::TimeWithZone#as_json to consistently return UTF-8 strings.

  Previously the returned string would sometime be encoded in US-ASCII, which in some cases may be problematic.

  Now the method consistently always return UTF-8 strings.

  Jean Boussier

• Fix TimeWithZone#xmlschema when wrapping a DateTime instance in local time.

  Previously it would return an invalid time.

  Dmytro Rymar

• Implement LocalCache strategy on ActiveSupport::Cache::MemoryStore. The memory store needs to respond to the same interface as other cache stores (e.g. ActiveSupport::NullStore).

  Mikey Gough

• Fix ActiveSupport::Inflector.humanize with international characters.

  ActiveSupport::Inflector.humanize("áÉÍÓÚ")  # => "Áéíóú"
  ActiveSupport::Inflector.humanize("аБВГДЕ") # => "Абвгде"

  Jose Luis Duran

Commits

• d7c8ae6 Preparing for 8.1.2 release
• 3ea2701 CHANGELOG sync
• 0f8014a [8-1-stable] Minitest 6 support
• 991ccf3 Merge pull request #56393 from rails/add-exclude-keys-to-live-controller
• c86465f Merge pull request #56353 from rails/rmf-delegation-basic-object
• fce726b Merge pull request #56344 from Saidbek/fix-inflections-fallback-to-en-locale
• efd9bd9 Merge pull request #56324 from jeremyevans/activesupport-uri-require
• 81dca9c Merge pull request #56285 from markokajzer/main
• a5c1af3 Merge pull request #56294 from fatkodima/fix-mem_cache_store-newer-connection...
• 923f8e9 Merge pull request #56292 from fatkodima/fix-redis_cache_store-newer-connecti...
• Additional commits viewable in compare view

Updates multi_xml from 0.8.0 to 0.8.1

Changelog

Sourced from multi_xml's changelog.

0.8.1

• Fix array unwrapping when elements contain nil

Commits

• 3ad93f8 Bump version to 0.8.1
• 09a875d Fix array unwrapping when elements contain nil
• 446e946 Update to Minitest 6
• See full diff in compare view

Updates public_suffix from 7.0.0 to 7.0.2

Changelog

Sourced from public_suffix's changelog.

7.0.2 - 2026-01-04

Changed

• Excluded symlinks and unnecessary files from gem packaging. On Windows symlinks cannot be created without Administrator privileges or with developer mode enabled #496.

7.0.1 - 2026-01-03

Changed

• Updated definitions.

Commits

• 1e010a4 chore: Release 7.0.2
• cdddbbc fix(build): Exclude symlink and unnecessary files
• 698b015 ci: Update rubocop config
• ec471ed Release 7.0.1
• 532084d docs: FIx commit examples
• 6e494dd test: Fix test position
• 4642c1e Update .gitignore
• 24c422c Update .gitignore
• a4971b9 refactor: Split tests with excessive assertions
• 9e86627 docs: reference Common Changelog in RELEASING
• Additional commits viewable in compare view

Updates thor from 1.4.0 to 1.5.0

Release notes

Sourced from thor's releases.

1.5.0

What's Changed

• Add specs and linter documentation by @​hlascelles in rails/thor#907
• Add tree command by @​hlascelles in rails/thor#906
• feat: support insert_into_file erroring if the file is not changed, and add insert_into_file by @​G-Rath in rails/thor#908
• support THOR_MERGE values with arguments by @​rafaelfranca in rails/thor#910
• Hidden commands should not make an invocation ambiguous by @​deivid-rodriguez in rails/thor#911
• Set frozen_string_literal: true in colors.rb by @​tenderlove in rails/thor#913
• fix encoding error when running a merge tool by @​moritzschepp in rails/thor#916

New Contributors

• @​tenderlove made their first contribution in rails/thor#913
• @​dependabot[bot] made their first contribution in rails/thor#912
• @​moritzschepp made their first contribution in rails/thor#916

Full Changelog: rails/thor@v1.4.0...v1.5.0

Commits

• 6a680f2 Prepare for 1.5.0
• 615b0c2 Merge pull request #919 from rails/rmf-ci
• f16a2db Unlock bundler development dependency
• 7b99536 Test with Ruby 4.0
• 2a1eecb Merge pull request #918 from rails/dependabot/github_actions/actions/checkout-6
• ed9ffca Merge pull request #916 from moritzschepp/ec-encoding
• 5b85a33 Bump actions/checkout from 5 to 6
• 2e2b684 fix encoding error when running a merge tool
• b2d98fe Remove whatisthor.com references
• 17a3be9 Merge pull request #912 from rails/dependabot/github_actions/actions/checkout-5
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.