Skip to content

Comments

Bump nokogiri, ecds_rails_auth_engine and roo#307

Open
dependabot[bot] wants to merge 1 commit intoreleasefrom
dependabot/bundler/nokogiri-and-ecds_rails_auth_engine-and-roo-1.15.4
Open

Bump nokogiri, ecds_rails_auth_engine and roo#307
dependabot[bot] wants to merge 1 commit intoreleasefrom
dependabot/bundler/nokogiri-and-ecds_rails_auth_engine-and-roo-1.15.4

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Aug 26, 2023

Bumps nokogiri, ecds_rails_auth_engine and roo. These dependencies needed to be updated together.
Updates nokogiri from 1.11.3 to 1.15.4

Release notes

Sourced from nokogiri's releases.

1.15.4 / 2023-08-11

Dependencies

Fixed

  • Fixed a typo in a HTML5 parser error message. [#2927] (Thanks, @​anishathalye!)
  • [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [#2923, #2924]

sha256 checksums:

14091a07e07045a440213f7d5ced732fa7654ae8b6c7d180137f4124c5284ab8  nokogiri-1.15.4-aarch64-linux.gem
572ddc19934d010e98821a946d89462ae66b310fecc3fe12c48b0025c2f76855  nokogiri-1.15.4-arm-linux.gem
707288e293f4fc82a008f90b7ba0180d9f803f6a239a13e424378fedf8cf93e9  nokogiri-1.15.4-arm64-darwin.gem
04745925f63af61144eccef38a703928629cf97c34dbb1c42e3def17ac77ec92  nokogiri-1.15.4-java.gem
a0bfb65461a0453afed1a41b235fe84d5b9c7f4d70afd45f0dc2fdec8909faf1  nokogiri-1.15.4-x64-mingw-ucrt.gem
b9d01b9202e33cc23d19b2c1fc18ff4029cdda9b4f937a4baaefd4124a2158ba  nokogiri-1.15.4-x64-mingw32.gem
f6ae258d7ed5f81715118282aa45486e68fd44b9747d0244a236e9ed5b94c45d  nokogiri-1.15.4-x86-linux.gem
3f65b2426ece8da908bd5df5b6262ce525393f5245f8258a245bb4c3f5759b98  nokogiri-1.15.4-x86-mingw32.gem
d756605c540034debd7f486ae27802e6b1b129013fd6b1bb823783ef6f2bc5d7  nokogiri-1.15.4-x86_64-darwin.gem
872ced3d72d797ed9b5a76c67141c6cee7589711358e11c73e9c53724ffd1842  nokogiri-1.15.4-x86_64-linux.gem
e4a801e5ef643cc0036f0a7e93433d18818b31d48c9c287596b68e92c0173c4d  nokogiri-1.15.4.gem

1.15.3 / 2023-07-05

Fixed

  • Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. [#2920]
  • [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). [#2916]
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895] (Thanks, @​cbasguti!)

sha256 checksums:

70dadf636ae026f475f07c16b12c685544d4f8a764777df629abf1f7af0f2fb5  nokogiri-1.15.3-aarch64-linux.gem
83871fa3f544dc601e27abbdef87315a77fe1270fe4904986bd3a7df9ca3d56f  nokogiri-1.15.3-arm-linux.gem
fa4a027478df9004a2ce91389af7b7b5a4fc790c23492dca43b210a0f8770596  nokogiri-1.15.3-arm64-darwin.gem
</tr></table>

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.15.4 / 2023-08-11

Dependencies

Fixed

  • Fixed a typo in a HTML5 parser error message. [#2927] (Thanks, @​anishathalye!)
  • [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [#2923, #2924]

1.15.3 / 2023-07-05

Fixed

  • Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. [#2920]
  • [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). [#2916]
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895] (Thanks, @​cbasguti!)

1.15.2 / 2023-05-24

Dependencies

  • [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.

Fixed

  • [JRuby] Java 8 support is restored, fixing a regression present in v1.14.0..v1.14.4 and v1.15.0..v1.15.1. [#2887]

1.15.1 / 2023-05-19

Dependencies

Fixed

  • [CRuby] The libxml2 update fixes an encoding regression when push-parsing UTF-8 sequences. [#2882, upstream issue and commit]

1.15.0 / 2023-05-15

... (truncated)

Commits
  • 1aee13d version bump to v1.15.4
  • 769faec backport updates and fixes to v1.15.x (#2953)
  • 8460bfe dep: update libxml2 to v2.11.5
  • 14d1f5a test: add coverage for the memsize_of bug
  • c39ec30 fix memsize_node when called on xmlAttrs
  • 1617d54 Fix typo
  • a6fc29b ci: ruby-saml's downstream test suite needs minitest compat
  • 8d8c728 style: prefer Minitest to MiniTest
  • d1c62de ci: update suppression stack signature
  • 0d545ac version bump to v1.15.3
  • Additional commits viewable in compare view

Updates ecds_rails_auth_engine from c5392ef to 0.1.6

Release notes

Sourced from ecds_rails_auth_engine's releases.

v0.1.6

Allow use with Rails 6

Commits

Updates roo from 709464c to 2.8.3

Commits
  • 4ec1104 Merge pull request #493 from MichaelLutaaya/patch-1
  • ee01af9 Update version specifier in README example
  • bcebb14 Version Bump
  • a470de8 Update changelog
  • b26d6c4 Merge pull request #488 from chopraanmol1/skip_extract_hyperlinks_if_not_requ...
  • 4b1e6f0 Skip extract_hyperlinks if not required
  • faf1b43 Merge pull request #492 from weilandia/491-fix-bad-link-bug
  • 0479c16 Closes #491 fixes issue with empty hyperlinks
  • 4acaef8 Merge pull request #490 from chopraanmol1/support_ranges_for_hyperlink_excelx
  • 127f56d Support range ref for Excelx's hyperlink
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump nokogiri, ecds_rails_auth_engine and roo
265e750 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri), [ecds_rails_auth_engine](https://github.com/ecds/ecds_rails_auth_engine) and [roo](https://github.com/roo-rb/roo). These dependencies needed to be updated together.

Updates `nokogiri` from 1.11.3 to 1.15.4
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.3...v1.15.4)

Updates `ecds_rails_auth_engine` from `c5392ef` to 0.1.6
- [Release notes](https://github.com/ecds/ecds_rails_auth_engine/releases)
- [Commits](ecds/ecds_rails_auth_engine@c5392ef...v0.1.6)

Updates `roo` from `709464c` to 2.8.3
- [Release notes](https://github.com/roo-rb/roo/releases)
- [Commits](roo-rb/roo@709464c...v2.8.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
- dependency-name: ecds_rails_auth_engine
  dependency-type: direct:production
- dependency-name: roo
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot mentioned this pull request Aug 26, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants