The project has an explicit dependency on the json gem.

This is not necessary, since all the supported Ruby versions (including Ruby 2.7 and TruffleRuby) include it as system gem.

In addition to being redundant, depending on a system gem is problematic for applications using Bundler (essentially, all the applications 😄), for a few reasons:

• independently of the gem being included in the Gemfile, it will always be in the lockfile; if a Ruby upgrade includes an update to the gem, the application will still use the old version
• using in the application a version different from the one provided by the current Ruby, can cause activation errors, which can be very hairpulling
• even if one defines it in the Gemfile and takes care of upgrading it regularly, there can be troublesome mismatches in production, if the systems are setup to perform automatic Ruby patch updates

Removing the dependency solves the problems. Since the recaptcha gemfile specification (appropriately) doesn't specify a json gem version, by removing the gem one doesn't incur in version dependency problems.