Bump json from 1.7.4 to 1.7.7

[dependabot]

Bumps json from 1.7.4 to 1.7.7.

Changelog

Sourced from json's changelog.

2013-02-04 (1.7.7)

• Security fix for JSON create_additions default value and
  JSON::GenericObject. It should not be possible to create additions unless
  explicitely requested by setting the create_additions argument to true or
  using the JSON.load/dump interface. If JSON::GenericObject is supposed to
  be automatically deserialised, this has to be explicitely enabled by
  setting
  JSON::GenericObject.json_creatable = true
  as well.
• Remove useless assert in fbuffer implementation.
• Apply patch attached to https://github.com/flori/json/issues#issue/155
  provided by John Shahid [email protected], Thx!
• Add license information to rubygems spec data, reported by Jordi Massaguer Pla [email protected].
• Improve documentation, thx to Zachary Scott [email protected].

2012-11-29 (1.7.6)

• Add GeneratorState#merge alias for JRuby, fix state accessor methods. Thx to
  jvshahid@github.
• Increase hash likeness of state objects.

2012-08-17 (1.7.5)

• Fix compilation of extension on older rubies.

Commits

• d0a62f3 Security fix create_additons/JSON::GenericObject
• 771e08b Merge remote-tracking branch 'github/master'
• 9f1c4ca Document changes
• 241622f fix a bug in the JRuby implementation. getInstanceVariable() can return a nul...
• 99bdbf7 Document changes
• 12ce6b7 Add license information to gemspec task
• d7b18ba Document changes
• ec2dced Add license information to gemspec task
• 112b956 * lib/json.rb: Move module overview definition for rdoc
• 856edb8 add license information to gemspecs
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

[dependabot]

Superseded by #9.