chore(deps): bump the ruby-dependencies group with 3 updates

[dependabot]

Updates the requirements on rbs, steep and bigdecimal to permit the latest version.
Updates rbs from 3.10.4 to 4.0.2

Release notes

Sourced from rbs's releases.

4.0.2

Release note

Library changes

rbs collection

• Fix: pathname not written to lockfile. (#2889)

Miscellaneous

• Fix test failure on Windows in ruby/ruby (#2900)
• Fix test for Ruby 4.1 (#2899)

4.0.0

Release note

RBS 4.0 ships with experimental RBS inline syntax support, allowing you to write type annotations directly in Ruby source files. See https://github.com/ruby/rbs/blob/HEAD/docs/inline.md for the syntax details.

class Calculator
  # @rbs (Integer, Integer) -> Integer
  def add(a, b) = a + b
end

Note: RBS inline is still experimental and may change in future releases.

This release also introduces two language changes: type argument support for singleton types (singleton(T)[S]) mainly for Sorbet integration, and generic type parameter lower bounds (T < S).

Signature updates

Updated classes/modules/methods: Addrinfo, Array, BasicObject, BigDecimal, Binding, CGI, Comparable, Complex, Digest::SHA2, Encoding::Converter, Enumerable, Enumerator, Enumerator::ArithmeticSequence, Enumerator::Lazy, Fiber, File, FileUtils, Float, Hash, IO, IO::TimeoutError, Integer, JSON, Kernel, Kconv, Math, Method, Minitest, Module, Numeric, ObjectSpace, Open3, OpenURI, OptionParser, PStore, Pathname, Proc, Process::Status, Psych, Ractor, Random, Random::Formatter, Range, Rational, RBS::Unnamed::TopLevelSelfClass, Ripper::Lexer::Elem, Ruby, RubyVM, SecureRandom, Set, Socket, String, StringScanner, TCPSocket, Thread, URI, URI::Generic, Zlib::GzipReader, Zlib::GzipWriter

• Remove deprecated types (#2880)
• Add type RBS::Unnamed::TopLevelSelfClass to core (#2362)
• Graduate bundled gems from Ruby v4.0 (#2852)
• stdlib: Add missing Psych methods and exception classes (#2850)
• Add variants with positional argument to Hash#transform_keys (#2848)
• add extra kwarg options for File#initialize and derivatives (#2798)
• pstore: fixes types, treat it as a collection (#2806)
• Add signatures for {Module,Proc}#ruby2_keywords (#2805)
• Make Zlib::GzipWriter.new level and strategy parameters optional (#2810)
• URI.(s) does string coercion (#2825)
• Fix String#append_as_bytes to accept Integer (#2817)
• [Comparable] Add in Comparable::_CompareToZero (#2697)
• [Kernel] Add Kernel.trace_var and Kernel.untrace_var (#2682)
• Add signature for Module#method_undefined (#2804)
• Fix Zlib::GzipWriter signatures (#2803)
• GzipWriter#initialize only takes 1 required positional arg (#2799)

... (truncated)

Changelog

Sourced from rbs's changelog.

4.0.2 (2026-03-25)

Library changes

rbs collection

• Fix: pathname not written to lockfile. (#2889)

Miscellaneous

• Fix test failure on Windows in ruby/ruby (#2900)
• Fix test for Ruby 4.1 (#2899)

4.0.1 (2026-03-23)

This is a minor release to fix Ruby CI failure, which was caused by symlinks included in the rust directory.

Library changes

• Fix () -> (void) being rejected as SyntaxError (#2884)

Miscellaneous

• Drop crates (#2887)
• Add newline at eof (#2885)

4.0.0 (2026-03-16)

RBS 4.0 ships with experimental RBS inline syntax support, allowing you to write type annotations directly in Ruby source files. See https://github.com/ruby/rbs/blob/master/docs/inline.md for the syntax details.

class Calculator
  # @rbs (Integer, Integer) -> Integer
  def add(a, b) = a + b
end

Note: RBS inline is still experimental and may change in future releases.

This release also introduces two language changes: type argument support for singleton types (singleton(T)[S]) mainly for Sorbet integration, and generic type parameter lower bounds (T < S).

Signature updates

Updated classes/modules/methods: Addrinfo, Array, BasicObject, BigDecimal, Binding, CGI, Comparable, Complex, Digest::SHA2, Encoding::Converter, Enumerable, Enumerator, Enumerator::ArithmeticSequence, Enumerator::Lazy, Fiber, File, FileUtils, Float, Hash, IO, IO::TimeoutError, Integer, JSON, Kernel, Kconv, Math, Method, Minitest, Module, Numeric, ObjectSpace, Open3, OpenURI, OptionParser, PStore, Pathname, Proc, Process::Status, Psych, Ractor, Random, Random::Formatter, Range, Rational, RBS::Unnamed::TopLevelSelfClass, Ripper::Lexer::Elem, Ruby, RubyVM, SecureRandom, Set, Socket, String, StringScanner, TCPSocket, Thread, URI, URI::Generic, Zlib::GzipReader, Zlib::GzipWriter

• Remove deprecated types (#2880)
• Add type RBS::Unnamed::TopLevelSelfClass to core (#2362)
• Graduate bundled gems from Ruby v4.0 (#2852)
• stdlib: Add missing Psych methods and exception classes (#2850)
• Add variants with positional argument to Hash#transform_keys (#2848)

... (truncated)

Commits

• ec51456 Merge pull request #2902 from ruby/version-4.0.2
• fa619f2 Version 4.0.2
• d74c74c Copy CHANGELOG for 3.10.4
• 5b0dcab Merge pull request #2900 from ruby/fix-windows-test
• 7504ccd unsetenv_others: false
• 2a2bb9e Use echo instead of env for Windows
• 63313dd Merge pull request #2889 from ksss/pathname-collection
• 1ef7f41 Merge branch 'master' into pathname-collection
• 9e81252 Merge pull request #2899 from ruby/fix-ruby-head-test
• a0581b9 Fix test for Ruby 4.1
• Additional commits viewable in compare view

Updates steep from 1.10.0 to 2.0.0

Changelog

Sourced from steep's changelog.

2.0.0 (2026-04-14)

Summary

Steep 2.0 introduces three major new features.

• Inline RBS Declaration (Experimental): Files configured with check(inline: true) can now have RBS type declarations written directly in Ruby code. Supports method types, attr_*, instance variables, constants, mixins, inheritance, and more, with editor integration for completion, hover, and go-to-definition.
• steep server command: A daemon server that persists the RBS environment. By connecting to the daemon during steep check, it skips RBS environment setup and speeds up type checking.
• steep query command: Query type information from the daemon server. steep query hover retrieves hover information and steep query definition retrieves definition locations, making type information accessible outside of editors.

In addition, this release includes many improvements such as type narrowing for block_given?, type checking arbitrary expressions with the steep check with -e option, and Prism parser introduction for Ruby 3.4+.

Type checker core

• Handle RBS library syntax error (#2211)
• Fix literal type hints to unwrap nil (#2205)
• Fix array literal type inference with union tuple hint (#2096)
• Fix union narrowing in the else branch (#2101)
• feat: type narrowing for block_given? (#2186)
• Support @​type var annotations in ensure blocks to suppress type errors (#2194)
• Fix ancestor error diagnostics reporting in library RBS files (#2198)
• Allow yield in methods with untyped parameters (#2193)
• Prepare for Ruby 3.4+ syntax support by introducing Prism parser (#1845)
• Trigger full type checking when type signature of inline RBS declaration is changed (#1829)
• Support inline class/module alias declaration (#1819)
• Fix Locator::Inline (#1815)
• Support inline constant declaration (#1814)
• Support instance variable declaration (#1812)
• Support inheritance (#1809)
• attr_*** Inline RBS type declaration (#1800)
• Implement inline mixin (#1788)
• Provide workspace symbols feature for inline declarations (#1741)
• Fix splat/kwsplat param typing without name (#1731)
• Fix empty comment error (#1730)
• Type check service supports inline type declarations (#1728)
• Fix redundant ignore comment (#1722)
• Add RedundantIgnoreComment diagnostic (#1670)
• Update project and Steepfile DSL to support inline RBS declaration (#1602)
• Setup inline rbs integration (#1585)

Commandline tool

• Add steep query definition NAME command (#2208)

• Add steep query hover command for querying type info from daemon (#2206)

• Handle special characters in path when globbing (#2203)

• Add daemon server for persistent RBS environment (#2080)

• Fix steep check with inline source paths (#2182)

• Don't use logger.fatal for non-fatal info (#2158)

... (truncated)

Commits

• 652568f Merge pull request #2212 from soutaro/version-2.0.0
• e7983a5 Version 2.0.0
• 3dd1353 Merge pull request #2211 from soutaro/fix-400
• eca65c8 Handle RBS library syntax error
• e3924cb Merge pull request #2210 from soutaro/bundle-update-20260414-58dcaf30
• ea953a4 bundle update
• c542adf Merge pull request #2208 from soutaro/claude/add-definition-query-j0Zx3
• 5023c55 Add steep query definition CLI subcommand
• ce05a81 Add $/steep/query/definition custom LSP method
• 91ed8e8 Add GotoService.parse_name and #query_definition
• Additional commits viewable in compare view

Updates steep from 1.10.0 to 2.0.0

Changelog

Sourced from steep's changelog.

2.0.0 (2026-04-14)

Summary

Steep 2.0 introduces three major new features.

• Inline RBS Declaration (Experimental): Files configured with check(inline: true) can now have RBS type declarations written directly in Ruby code. Supports method types, attr_*, instance variables, constants, mixins, inheritance, and more, with editor integration for completion, hover, and go-to-definition.
• steep server command: A daemon server that persists the RBS environment. By connecting to the daemon during steep check, it skips RBS environment setup and speeds up type checking.
• steep query command: Query type information from the daemon server. steep query hover retrieves hover information and steep query definition retrieves definition locations, making type information accessible outside of editors.

In addition, this release includes many improvements such as type narrowing for block_given?, type checking arbitrary expressions with the steep check with -e option, and Prism parser introduction for Ruby 3.4+.

Type checker core

• Handle RBS library syntax error (#2211)
• Fix literal type hints to unwrap nil (#2205)
• Fix array literal type inference with union tuple hint (#2096)
• Fix union narrowing in the else branch (#2101)
• feat: type narrowing for block_given? (#2186)
• Support @​type var annotations in ensure blocks to suppress type errors (#2194)
• Fix ancestor error diagnostics reporting in library RBS files (#2198)
• Allow yield in methods with untyped parameters (#2193)
• Prepare for Ruby 3.4+ syntax support by introducing Prism parser (#1845)
• Trigger full type checking when type signature of inline RBS declaration is changed (#1829)
• Support inline class/module alias declaration (#1819)
• Fix Locator::Inline (#1815)
• Support inline constant declaration (#1814)
• Support instance variable declaration (#1812)
• Support inheritance (#1809)
• attr_*** Inline RBS type declaration (#1800)
• Implement inline mixin (#1788)
• Provide workspace symbols feature for inline declarations (#1741)
• Fix splat/kwsplat param typing without name (#1731)
• Fix empty comment error (#1730)
• Type check service supports inline type declarations (#1728)
• Fix redundant ignore comment (#1722)
• Add RedundantIgnoreComment diagnostic (#1670)
• Update project and Steepfile DSL to support inline RBS declaration (#1602)
• Setup inline rbs integration (#1585)

Commandline tool

• Add steep query definition NAME command (#2208)

• Add steep query hover command for querying type info from daemon (#2206)

• Handle special characters in path when globbing (#2203)

• Add daemon server for persistent RBS environment (#2080)

• Fix steep check with inline source paths (#2182)

• Don't use logger.fatal for non-fatal info (#2158)

... (truncated)

Commits

• 652568f Merge pull request #2212 from soutaro/version-2.0.0
• e7983a5 Version 2.0.0
• 3dd1353 Merge pull request #2211 from soutaro/fix-400
• eca65c8 Handle RBS library syntax error
• e3924cb Merge pull request #2210 from soutaro/bundle-update-20260414-58dcaf30
• ea953a4 bundle update
• c542adf Merge pull request #2208 from soutaro/claude/add-definition-query-j0Zx3
• 5023c55 Add steep query definition CLI subcommand
• ce05a81 Add $/steep/query/definition custom LSP method
• 91ed8e8 Add GotoService.parse_name and #query_definition
• Additional commits viewable in compare view

Updates bigdecimal from 3.3.1 to 4.1.2

Release notes

Sourced from bigdecimal's releases.

v4.1.2

What's Changed

• Optimize BigDecimal#to_s by @​byroot in ruby/bigdecimal#519
• Fix calloc-transposed-args warning by @​nobu in ruby/bigdecimal#520
• Use '0'+n for converting single digit to char by @​tompng in ruby/bigdecimal#521
• Revert "Add a workaround for slow BigDecimal#to_f when it has large N_significant_digits" by @​tompng in ruby/bigdecimal#522
• BigMath.exp overflow/underflow check by @​tompng in ruby/bigdecimal#523
• Fix unary minus on unsigned type warning by @​tompng in ruby/bigdecimal#525
• Update dtoa to version from Ruby 4.0 by @​jhawthorn in ruby/bigdecimal#528
• Bump version to v4.1.2 by @​tompng in ruby/bigdecimal#529

New Contributors

• @​jhawthorn made their first contribution in ruby/bigdecimal#528

Full Changelog: ruby/bigdecimal@v4.1.1...v4.1.2

v4.1.1

What's Changed

• Define test as the default rake task by @​byroot in ruby/bigdecimal#509
• Add changelog for 4.1.0. by @​simi in ruby/bigdecimal#508
• Make BigDecimal object embedded by @​byroot in ruby/bigdecimal#507
• Remove unused minitest from Gemfile by @​byroot in ruby/bigdecimal#510
• Multiplication with 8-decdig batch by @​tompng in ruby/bigdecimal#501
• Increase VpMult batch size by @​tompng in ruby/bigdecimal#511
• Update to cover change in Bundler by @​brandonzylstra in ruby/bigdecimal#512
• tiny grammar fix in README.md by @​brandonzylstra in ruby/bigdecimal#513
• Add a workaround for slow BigDecimal#to_f when it has large N_significant_digits by @​tompng in ruby/bigdecimal#514
• Bump version to v4.1.1 by @​tompng in ruby/bigdecimal#516

New Contributors

• @​byroot made their first contribution in ruby/bigdecimal#509
• @​simi made their first contribution in ruby/bigdecimal#508
• @​brandonzylstra made their first contribution in ruby/bigdecimal#512

Full Changelog: ruby/bigdecimal@v4.1.0...v4.1.1

v4.1.0

What's Changed

• Remove ENABLE_NUMERIC_STRING flag by @​tompng in ruby/bigdecimal#479
• Sample code without deprecated modules by @​tompng in ruby/bigdecimal#480
• Improve performance of add/sub when exponent of two bigdecimals have huge difference by @​tompng in ruby/bigdecimal#478
• Change frozen_string_literal from false to true by @​tompng in ruby/bigdecimal#481
• NTT multiplication and Newton-Raphson division by @​tompng in ruby/bigdecimal#407
• Implement BigMath::PI with Gauss-Legendre algorithm by @​tompng in ruby/bigdecimal#434

... (truncated)

Changelog

Sourced from bigdecimal's changelog.

4.1.2

• Fix dtoa Ractor-safety bug. Update dtoa to version from Ruby 4.0 GH-528

  @​jhawthorn

• Optimize BigDecimal#to_s GH-519

  @​byroot

4.1.1

• Make BigDecimal object embedded GH-507

  @​byroot

• Multiplication with 16-decdig batch GH-501 GH-511

  @​tompng

4.1.0

• Drop Ruby 2.5 support GH-505

  @​tompng

• Performance improvements: NTT multiplication, Newton-Raphson division, bit-burst algorithm for exp/sin, Gauss-Legendre for PI, improved log, and faster add/sub for large exponent differences GH-407 GH-433 GH-434 GH-478 GH-484

  @​tompng

• Remove ENABLE_NUMERIC_STRING flag GH-479

  @​tompng

• Add RBS signature and testing GH-488 GH-492

  @​ksss

• Fix erfc(x,prec) precision when x is huge GH-502

  @​tompng

• Fix error compiling with ruby.wasm GH-504

  @​tompng

4.0.1

• Fix warning GH-475

... (truncated)

Commits

• 9160561 Bump version to v4.1.2 (#529)
• 8050ec7 Update dtoa to version from Ruby 4.0 (#528)
• f8a02b2 Merge pull request #526 from ruby/dependabot/github_actions/step-security/har...
• ac9a5cd Bump step-security/harden-runner from 2.16.1 to 2.17.0
• 6b51b99 Fix unary minus on unsigned type warning (#525)
• 50b80b1 BigMath.exp overflow/underflow check (#523)
• fc54487 Revert "Add a workaround for slow BigDecimal#to_f when it has large N_signifi...
• 72937b7 Use '0'+n for converting single digit to char (#521)
• 8ac1498 Merge pull request #517 from ruby/dependabot/github_actions/rubygems/release-...
• 3c89db5 Merge pull request #518 from ruby/dependabot/github_actions/step-security/har...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.