Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump nokogiri from 1.10.9 to 1.15.4 #21

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Aug 26, 2023

Bumps nokogiri from 1.10.9 to 1.15.4.

Release notes

Sourced from nokogiri's releases.

1.15.4 / 2023-08-11

Dependencies

Fixed

  • Fixed a typo in a HTML5 parser error message. [#2927] (Thanks, @​anishathalye!)
  • [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [#2923, #2924]

sha256 checksums:

14091a07e07045a440213f7d5ced732fa7654ae8b6c7d180137f4124c5284ab8  nokogiri-1.15.4-aarch64-linux.gem
572ddc19934d010e98821a946d89462ae66b310fecc3fe12c48b0025c2f76855  nokogiri-1.15.4-arm-linux.gem
707288e293f4fc82a008f90b7ba0180d9f803f6a239a13e424378fedf8cf93e9  nokogiri-1.15.4-arm64-darwin.gem
04745925f63af61144eccef38a703928629cf97c34dbb1c42e3def17ac77ec92  nokogiri-1.15.4-java.gem
a0bfb65461a0453afed1a41b235fe84d5b9c7f4d70afd45f0dc2fdec8909faf1  nokogiri-1.15.4-x64-mingw-ucrt.gem
b9d01b9202e33cc23d19b2c1fc18ff4029cdda9b4f937a4baaefd4124a2158ba  nokogiri-1.15.4-x64-mingw32.gem
f6ae258d7ed5f81715118282aa45486e68fd44b9747d0244a236e9ed5b94c45d  nokogiri-1.15.4-x86-linux.gem
3f65b2426ece8da908bd5df5b6262ce525393f5245f8258a245bb4c3f5759b98  nokogiri-1.15.4-x86-mingw32.gem
d756605c540034debd7f486ae27802e6b1b129013fd6b1bb823783ef6f2bc5d7  nokogiri-1.15.4-x86_64-darwin.gem
872ced3d72d797ed9b5a76c67141c6cee7589711358e11c73e9c53724ffd1842  nokogiri-1.15.4-x86_64-linux.gem
e4a801e5ef643cc0036f0a7e93433d18818b31d48c9c287596b68e92c0173c4d  nokogiri-1.15.4.gem

1.15.3 / 2023-07-05

Fixed

  • Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. [#2920]
  • [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). [#2916]
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895] (Thanks, @​cbasguti!)

sha256 checksums:

70dadf636ae026f475f07c16b12c685544d4f8a764777df629abf1f7af0f2fb5  nokogiri-1.15.3-aarch64-linux.gem
83871fa3f544dc601e27abbdef87315a77fe1270fe4904986bd3a7df9ca3d56f  nokogiri-1.15.3-arm-linux.gem
fa4a027478df9004a2ce91389af7b7b5a4fc790c23492dca43b210a0f8770596  nokogiri-1.15.3-arm64-darwin.gem
</tr></table> 

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.15.4 / 2023-08-11

Dependencies

Fixed

  • Fixed a typo in a HTML5 parser error message. [#2927] (Thanks, @​anishathalye!)
  • [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [#2923, #2924]

1.15.3 / 2023-07-05

Fixed

  • Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. [#2920]
  • [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). [#2916]
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895] (Thanks, @​cbasguti!)

1.15.2 / 2023-05-24

Dependencies

  • [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.

Fixed

  • [JRuby] Java 8 support is restored, fixing a regression present in v1.14.0..v1.14.4 and v1.15.0..v1.15.1. [#2887]

1.15.1 / 2023-05-19

Dependencies

Fixed

  • [CRuby] The libxml2 update fixes an encoding regression when push-parsing UTF-8 sequences. [#2882, upstream issue and commit]

1.15.0 / 2023-05-15

... (truncated)

Commits
  • 1aee13d version bump to v1.15.4
  • 769faec backport updates and fixes to v1.15.x (#2953)
  • 8460bfe dep: update libxml2 to v2.11.5
  • 14d1f5a test: add coverage for the memsize_of bug
  • c39ec30 fix memsize_node when called on xmlAttrs
  • 1617d54 Fix typo
  • a6fc29b ci: ruby-saml's downstream test suite needs minitest compat
  • 8d8c728 style: prefer Minitest to MiniTest
  • d1c62de ci: update suppression stack signature
  • 0d545ac version bump to v1.15.3
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.10.9 to 1.15.4.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.10.9...v1.15.4)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants