Update activesupport requirement from < 8 to < 9

[dependabot]

Updates the requirements on activesupport to permit the latest version.

Release notes

Sourced from activesupport's releases.

8.0.2.1

Active Support

• No changes.

Active Model

• No changes.

Active Record

• Call inspect on ids in RecordNotFound error

  [CVE-2025-55193]

  Gannon McGibbon, John Hawthorn

Action View

• No changes.

Action Pack

• No changes.

Active Job

• No changes.

Action Mailer

• No changes.

Action Cable

• No changes.

Active Storage

Remove dangerous transformations
[CVE-2025-24293]

... (truncated)

Changelog

Sourced from activesupport's changelog.

Rails 8.0.2.1 (August 13, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• No changes.

Rails 8.0.2 (March 12, 2025)

• Fix setting to_time_preserves_timezone from new_framework_defaults_8_0.rb.

  fatkodima

• Fix Active Support Cache fetch_multi when local store is active.

  fetch_multi now properly yield to the provided block for missing entries that have been recorded as such in the local store.

  Jean Boussier

• Fix execution wrapping to report all exceptions, including Exception.

  If a more serious error like SystemStackError or NoMemoryError happens, the error reporter should be able to report these kinds of exceptions.

  Gannon McGibbon

• Fix RedisCacheStore and MemCacheStore to also handle connection pool related errors.

  These errors are rescued and reported to Rails.error.

  Jean Boussier

• Fix ActiveSupport::Cache#read_multi to respect version expiry when using local cache.

  zzak

• Fix ActiveSupport::MessageVerifier and ActiveSupport::MessageEncryptor configuration of on_rotation callback.

  verifier.rotate(old_secret).on_rotation { ... }

  Now both work as documented.

  Jean Boussier

... (truncated)

Commits

• b0c813b Preparing for 8.0.2.1 release
• 3235827 Preparing for 8.0.2 release
• e2b9a41 Sync CHANGELOG
• c34be20 Merge pull request #54646 from Edouard-chin/ec-current-attribute-fix
• c3ad0af Merge pull request #54641 from etiennebarrie/json-doc
• 6644442 Merge pull request #54617 from byroot/move-strict-warnings
• dae2bea Merge pull request #54586 from byroot/local-store-fetch-multi-recorded-miss
• e11c613 Use ::new instead of #initialize for ghost methods [ci-skip]
• d1ad075 Add MessageVerifiers#rotate block form signature [ci-skip]
• 69867ec Use delete_prefix in add_filter example [ci-skip]
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #179.