Bump oj from 3.16.14 to 3.17.1

[dependabot]

Bumps oj from 3.16.14 to 3.17.1.

Release notes

Sourced from oj's releases.

v3.17.1

What's Changed

• Add max_integer_digits limit for legacy integer parsing by @​meinac in ohler55/oj#1009
• fix: remove unsafe exec() in fast.c by @​orbisai0security in ohler55/oj#1011
• Revert "fix: remove unsafe exec() in fast.c" by @​ohler55 in ohler55/oj#1012
• Fix reentrant parser by @​ohler55 in ohler55/oj#1013

New Contributors

• @​orbisai0security made their first contribution in ohler55/oj#1011

Full Changelog: ohler55/oj@v3.17.0...v3.17.1

v3.17.0

What's Changed

• Implement Oj::Parser.safe with configurable JSON safety limits by @​meinac in ohler55/oj#1007

Full Changelog: ohler55/oj@v3.16.17...v3.17.0

v3.16.17

What's Changed

• Use fast_memcpy16 to quickly copy up to 16 bytes for tail handling in ARM Neon code and small copies when generating JSON. by @​samyron in ohler55/oj#998
• Bump jidicula/clang-format-action from 4.15.0 to 4.17.0 by @​dependabot[bot] in ohler55/oj#999
• Array hash as json by @​ohler55 in ohler55/oj#1003
• Bump jidicula/clang-format-action from 4.17.0 to 4.18.0 by @​dependabot[bot] in ohler55/oj#1001
• Handle unterminated strings in usual parser by @​meinac in ohler55/oj#1002
• Fix read() not handling partial reads for large files by @​ursm in ohler55/oj#1004
• Raise error for incomplete primitive literals by @​meinac in ohler55/oj#1005

New Contributors

• @​ursm made their first contribution in ohler55/oj#1004

Full Changelog: ohler55/oj@v3.16.16...v3.16.17

Changelog

Sourced from oj's changelog.

3.17.1 - 2026-05-15

• Fixed "quoted string not terminated" error.

3.17.0 - 2026-04-19

• A "safe" parser has been added as a variation of the Oj:Parser thanks to @​meinac.

3.16.17 - 2026-04-12

• Rails optimize for Hash and Array now overrides as_json for those classes. Note that when either is optimized with Oj.optimize_rails the Array.as_json and Hash.as_json will not be called.

• Add support for the rails encoder :only and :except options.

• Handle unterminated strings in usual parser (#1002)

• Fix read() not handling partial reads for large files (#1004)

• Raise error for incomplete primitive literals (#1005)

3.16.16 - 2026-03-13

• Not closed arrays and objects are reported corrected in the usual parser.

3.16.15 - 2026-02-05

• Fixed by putting the ostruct dependency back until a better way is found to conditionally include it.

Commits

• 4587e87 Fix reentrant parser (#1013)
• ea0c3b8 Fix compile warnings
• 45d1309 Revert "fix: V-001 security vulnerability (#1011)" (#1012)
• 93ce414 fix: V-001 security vulnerability (#1011)
• d68a31a Add max_integer_digits limit for legacy integer parsing (#1009)
• babd7a1 Remove out of date performance comparisons
• 2248cc9 Prepare for a release
• 0bcac18 Implement Oj::Parser.safe with configurable JSON safety limits (#1007)
• ca20d5b Update changelog
• 41263e2 Update changelog
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)