Bump json to fix CVE-2020-10663.

[wagneramaral]

Considering there is no breaking change from json 2.1 to 2.3, I'm bumping the dependency to fix CVE-2020-10663

[rodrigoassis]

@incarnate, could you validate and merge this PR?

[phoozle]

I hope this is merged soon. It's a nightmare that every time I boot up my app:
json-2.1.0/lib/json/common.rb:156: warning: Using the last argument as keyword parameters is deprecated

[mrhillman]

This also appears to cause problems in upgrading to Rails 7, and is stopping an upgrade in our application. Not sure if others have experienced this? This change really needs to be looked at, a new version with this does no harm whatsoever
@incarnate Progress on getting this included?

[yuhonas]

Looks like i've stumbled upon this one too in Rails 7.0.8 / Ruby 3.2.2 with the following stack trace

Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/json-2.1.0/lib/json/common.rb:156:in `initialize': wrong number of arguments (given 2, expected 1) (ArgumentError)                                                                                                                                                                                                      
    Parser.new(source, opts).parse                                                                                                                                                                          ^^^^^^^^^^^^                                                                                                                                                                  
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/json-2.1.0/lib/json/common.rb:156:in `new'                                                                    
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/json-2.1.0/lib/json/common.rb:156:in `parse'                                                                  
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap/compile_cache/json.rb:63:in `supports_freeze?'                                   
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap/compile_cache/json.rb:54:in `init!'                                              
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap/compile_cache/json.rb:42:in `install!'                                           
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap/compile_cache.rb:35:in `setup'                                                   
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap.rb:57:in `setup'                                                                 
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap.rb:100:in `default_setup'                                                        
        from /Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/gems/3.2.0/gems/bootsnap-1.16.0/lib/bootsnap/setup.rb:5:in `<top (required)>'                                                 
        from <internal:/Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:37:in `require'                                                          
        from <internal:/Users/yuhonas/.asdf/installs/ruby/3.2.2/lib/ruby/3.2.0/rubygems/core_ext/kernel_require.rb>:37:in `require'                

Any progress on getting this in? as it's a complete deal breaker now in Rails 7 😢

[Antsiscool]

Is there any progress on merging this PR? The latest version of the JSON gem is now 2.7.1