⬆️ Bump psych from 4.0.4 to 5.0.1

[dependabot[bot]]

Bumps psych from 4.0.4 to 5.0.1.

Release notes

Sourced from psych's releases.

v5.0.1

What's Changed

• Link to docs by @​abitrolly in ruby/psych#590
• Rebuild JRuby artifact ruby/psych#598

New Contributors

• @​abitrolly made their first contribution in ruby/psych#590

Full Changelog: https://github.com/ruby/psych/compare/v5.0.0...v5.0.1

v5.0.0

What's Changed

• Don't require strscan unnecessarily by @​deivid-rodriguez in ruby/psych#534
• Remove alias of load to unsafe_load by @​miry in ruby/psych#539
• Add strict_integer option to parse numbers with commas as strings by @​sethboyles in ruby/psych#537
• Remove bundled libyaml by @​hsbt in ruby/psych#541
• Added dependabot.yml for actions by @​hsbt in ruby/psych#546
• Bump actions/checkout from 2 to 3 by @​dependabot in ruby/psych#547
• Update actions by @​hsbt in ruby/psych#545
• Added condition for macOS homebrew by @​hsbt in ruby/psych#548
• Add --with-libyaml-source-dir option by @​nobu in ruby/psych#544
• Try bundled libyaml source if pre-installed is unavailable by @​nobu in ruby/psych#550
• Propagate the host configuration to libyaml by @​nobu in ruby/psych#551
• Remove unknown vendor for cross-compiling tool prefix by @​nobu in ruby/psych#553
• Make a static library from PIC object files by @​nobu in ruby/psych#554
• Propagate CC to libyaml by @​nobu in ruby/psych#556
• Improve libyaml source downloading error messages by @​XrXr in ruby/psych#557
• Update autoconf files bundled with yaml-2.5 by @​nobu in ruby/psych#559
• Update Psych::VERSION to 4.0.4.dev, Add Ruby 3.1 & windows-2022 to CI by @​MSP-Greg in ruby/psych#536
• scalar_scanner.rb - delete is typically 4 to 5 times faster than gsub by @​MSP-Greg in ruby/psych#530
• MSP-Greg actions is now ruby organization by @​hsbt in ruby/psych#560
• Fix libyaml download failure rescue under miniruby by @​XrXr in ruby/psych#562
• Fix infinite loop bug after YAML_MEMORY_ERROR (psych issue #440) by @​khanderson in ruby/psych#526
• Clarify tests about parsing aliases by @​amomchilov in ruby/psych#568
• Raise specific error when aliases are not enabled by @​amomchilov in ruby/psych#567
• Raise specific error when an anchor isn't defined by @​amomchilov in ruby/psych#569
• Dump Date/DateTime as proleptic Gregorian date as well as Time by @​nobu in ruby/psych#573
• Bump snakeyaml from 1.28 to 1.31 to resolve CVE-2022-25857 by @​chadlwilson in ruby/psych#574
• Convert some of Parser#parse to Ruby by @​tenderlove in ruby/psych#580
• Bump snakeyaml from 1.31 to 1.33 to resolve CVE-2022-38752 on JRuby by @​chadlwilson in ruby/psych#585
• Removed the related files for downloading with extlibs by @​hsbt in ruby/psych#588
• Cleanup bundled libyaml feature by @​hsbt in ruby/psych#589
• Only skip specific failures on JRuby instead of ignoring the whole CI feedback by @​deivid-rodriguez in ruby/psych#524
• Abandon when libyaml is not found by @​nobu in ruby/psych#592

New Contributors

• @​miry made their first contribution in ruby/psych#539
• @​sethboyles made their first contribution in ruby/psych#537
• @​dependabot made their first contribution in ruby/psych#547
• @​XrXr made their first contribution in ruby/psych#557

... (truncated)

Commits

• bdf20e6 Bump version to 5.0.1
• b0fb8a2 Merge pull request #590 from abitrolly/patch-1
• 8c87589 fix style
• 31a72d2 Added --with-libyaml-source-dir option to README.md
• e5e29e8 Removed to mention rubinius
• 4fed094 Bump version to 5.0.0
• 11e67ce Link to official docs
• 348c74a Merge pull request #592 from nobu/yaml-notfound
• de2b98c Fix missing abort call
• 0b89eda Abandon when libyaml is not found
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #234.