chore(deps-dev): bump the dev-dependencies group across 1 directory with 4 updates

[dependabot]

Bumps the dev-dependencies group with 4 updates in the / directory: spring, yard, bullet and rubocop-rails.

Updates spring from 4.5.0 to 4.6.0

Release notes

Sourced from spring's releases.

4.6.0

What's Changed

• Add Spring.allow_reloading_disabled opt-in by @​Korri in rails/spring#755

Full Changelog: rails/spring@v4.5.0...v4.6.0

Changelog

Sourced from spring's changelog.

4.6.0

• Add Spring.dangerously_allow_disabling_reloading opt-in to skip the :ensure_reloading_is_enabled initializer check, so projects that want to run with config.cache_classes = true / config.enable_reloading = false can. The default behavior (refuse to boot) is unchanged, as using this option requires a Rails application that uses lazy-loader for everything (most importantly, routes & i18n translations).

Commits

• b7f7970 Prepare for 4.6.0
• 2ce1228 Merge pull request #755 from Korri/Korri/allow-disabled-reloading
• 84d5c98 Add Spring.allow_reloading_disabled opt-in
• b2fad71 Update development version to 4.0.3
• See full diff in compare view

Updates yard from 0.9.43 to 0.9.44

Updates bullet from 8.1.1 to 8.1.2

Changelog

Sourced from bullet's changelog.

8.1.2 (05/25/2026)

• Skip N+1 detection for optional polymorphic belongs_to whose *_type column is nil. ActiveRecord short-circuits the reader to nil without issuing SQL, so the access cannot represent an N+1 query and preloading would be a no-op.
• Fix Set#<< corruption in UnusedEagerLoading#add_eager_loadings split branch

Commits

• 02b71fd Bumping version to 8.1.2
• b92d8d4 Merge pull request #773 from sloane/sloane/bullet-nil-polymorphic-false-positive
• 5f416e7 Skip N+1 detection for polymorphic belongs_to with nil _type
• 225aacb 📝 docs: clarify test wrapping requirements for Bullet
• 8667044 Merge pull request #771 from martingjaldbaek/fix-add-eager-loadings-set-merge
• 38cea31 Fix Set#<< corruption in UnusedEagerLoading#add_eager_loadings split branch
• 8ae6eff Add failing regression test for add_eager_loadings split branch
• See full diff in compare view

Updates rubocop-rails from 2.35.2 to 2.35.3

Release notes

Sourced from rubocop-rails's releases.

RuboCop Rails v2.35.3

Bug fixes

• #1630: Fix a false positive in Rails/StrongParametersExpect when negating params[:key] with !, such as !params[:key]. (@​koic)
• #1629: Fix false positives in Rails/StrongParametersExpect when using the safe navigation operator (&.) on params[:key]. Autocorrecting params[:key]&.downcase to params.expect(:key).downcase silently changes behavior — a missing param goes from returning nil to raising ActionController::ParameterMissing. (@​lucasmazza)

Changelog

Sourced from rubocop-rails's changelog.

2.35.3 (2026-05-27)

Bug fixes

• #1630: Fix a false positive in Rails/StrongParametersExpect when negating params[:key] with !, such as !params[:key]. ([@​koic][])
• #1629: Fix false positives in Rails/StrongParametersExpect when using the safe navigation operator (&.) on params[:key]. Autocorrecting params[:key]&.downcase to params.expect(:key).downcase silently changes behavior — a missing param goes from returning nil to raising ActionController::ParameterMissing. ([@​lucasmazza][])

Commits

• 944f6f5 Cut 2.35.3
• 7f93b76 Update Changelog
• 3e9d4a5 Merge pull request #1631 from koic/fix_false_positive_for_rails_strong_parame...
• 3529b8d [Fix #1630] Fix a false positive in Rails/StrongParametersExpect
• dbb2e27 Merge pull request #1629 from lucasmazza/fix/strong-parameters-expect-safe-na...
• 0ea9fbc Fix Rails/StrongParametersExpect to allow safe navigation operator on optiona...
• 5d4154d Reset the docs version
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions