void-linux/void-linux.github.ioPublic

NotificationsYou must be signed in to change notification settings
Fork46
Star72

Bump nokogiri from 1.15.5 to 1.16.3#228

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Jump to bottom

Closed

dependabot wants to merge1 commit intomasterfromdependabot/bundler/nokogiri-1.16.3

Closed

Bump nokogiri from 1.15.5 to 1.16.3#228

dependabot wants to merge1 commit intomasterfromdependabot/bundler/nokogiri-1.16.3

Conversation

Copy link

Contributor

dependabotbot commented on behalf ofgithubMar 19, 2024

Bumpsnokogiri from 1.15.5 to 1.16.3.

Release notes

Sourced fromnokogiri's releases.

v1.16.3 / 2024-03-15
Dependencies
[CRuby] Vendored libxml2 is updated tov2.12.6 from v2.12.5. (@flavorjones)
Changed
[CRuby]XML::Reader sets the@encoding instance variable during reading if it is not passed into the initializer. Previously, it would remainnil. The behavior ofReader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.
sha256 checksums:
3d806263a0548e5163ff256655d78a87998fa83a5ae256b83c14a1a97731e824  nokogiri-1.16.3-aarch64-linux.gemcfb923c02bde065005e2521f0a6883c63cf305cb899a9dd4c74897731bb2af1d  nokogiri-1.16.3-arm-linux.gem5d3268558c002fa493e33076798cfda1df8effbd5363060dc41595cfebb1cf90  nokogiri-1.16.3-arm64-darwin.gem6bf0918233959c7d5e703061ada0f436544612397475a866aa314071f02bfabb  nokogiri-1.16.3-java.gem656f163dd287671c3a28157a2e853ee1a36afeb3f4185a78af863f3980efc58d  nokogiri-1.16.3-x64-mingw-ucrt.gem7330f65cf2f8fa442327112b6515b4988f396d23010d33571714fd2ac0648fb9  nokogiri-1.16.3-x64-mingw32.gem08d8a369940fa2309379cd8af1e7b3cc702b0115d3ddd197cfa7b33daedfd541  nokogiri-1.16.3-x86-linux.gemcd26e99fa6388cd73c8892bb99ac98af162fe83c8f71c6473dfeba7aac76bcb9  nokogiri-1.16.3-x86-mingw32.gembc22786f4db4c32a5587e3b77a106408148d3bb1602dd0b52c0f5c968c42d17d  nokogiri-1.16.3-x86_64-darwin.gem47a3330e41b49a100225b6fab490b2dc43410931e01e791886e0c2998412e8cb  nokogiri-1.16.3-x86_64-linux.gem498aa253ccd5b89a0fa5c4c82b346d22176fc865f4a12ef8da642064d1d3e248  nokogiri-1.16.3.gem
v1.16.2 / 2024-02-04
Security
[CRuby] Vendored libxml2 is updated to addressCVE-2024-25062. SeeGHSA-xc9x-jj77-9p9j for more information.
Dependencies
[CRuby] Vendored libxml2 is updated tov2.12.5 from v2.12.4. (@flavorjones)
sha256 checksums:
69ba15d2a2498324489ed63850997f0b8f684260114ea81116d3082f16551d2d  nokogiri-1.16.2-aarch64-linux.gem6a05ce42e3587a40cf8936ece0beaa5d32922254215d2e8cf9ad40588bb42e57  nokogiri-1.16.2-arm-linux.gemc957226c8e36b31be6a3afb8602e2128282bf8b40ea51016c4cd21aa2608d3f8  nokogiri-1.16.2-arm64-darwin.gem122652bfc338cd8a54a692ac035e245e41fd3b8283299202ca26e7a7d50db310  nokogiri-1.16.2-java.gem</tr></table>

... (truncated)

Changelog

Sourced fromnokogiri's changelog.

v1.16.3 / 2024-03-15
Dependencies
[CRuby] Vendored libxml2 is updated tov2.12.6 from v2.12.5. (@flavorjones)
Changed
[CRuby]XML::Reader sets the@encoding instance variable during reading if it is not passed into the initializer. Previously, it would remainnil. The behavior ofReader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.
v1.16.2 / 2024-02-04
Security
[CRuby] Vendored libxml2 is updated to addressCVE-2024-25062. SeeGHSA-xc9x-jj77-9p9j for more information.
Dependencies
[CRuby] Vendored libxml2 is updated tov2.12.5 from v2.12.4. (@flavorjones)
v1.16.1 / 2024-02-03
Dependencies
[CRuby] Vendored libxml2 is updated tov2.12.4 from v2.12.3. (@flavorjones)
Fixed
[CRuby]XML::Reader defaults the encoding to UTF-8 if it's not specified in either the document or as a method parameter. Previously non-ASCII characters were serialized as NCRs in this case.#2891 (@flavorjones)
[CRuby] Restored support for compilation by GCC versions earlier than 4.6, which was broken in v1.15.0 (540e9aee).#3090 (@adfoster-r7)
[CRuby] Patched upstream libxml2 to allow parsing HTML5 in the context of a namespaced node (e.g., foreign content like MathML). [#3112,#3116] (@flavorjones)
[CRuby] Fixed a small memory leak in libgumbo (HTML5 parser) when the maximum tree depth limit is hit. [#3098,#3100] (@stevecheckoway)
v1.16.0 / 2023-12-27
Notable Changes
Ruby
This release introduces native gem support for Ruby 3.3.
This release ends support for Ruby 2.7, for whichupstream support ended 2023-03-31.

... (truncated)

Commits

80fb608 version bump to v1.16.3
710bd96 dep: update libxml 2.12.6 (branch v1.16.x) (#3151)
461a96e fix: Reader#read sets@encoding if it is unset
801f978 dep: update libxml2 to v2.12.6
673756f version bump to v1.16.2
74ffd67 dep: update libxml to 2.12.5 (branch v1.16.x) (#3122)
0d4018d dep: update libxml2 to v2.12.5
f33a25f dep: remove patch from#3112 which has been released upstream
e994168 version bump to v1.16.1
77ea2f2 dev: add files to manifest ignore list
Additional commits viewable incompare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting@dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from theSecurity Alerts page.

Bump nokogiri from 1.15.5 to 1.16.3

7214ff5

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.15.5 to 1.16.3.- [Release notes](https://github.com/sparklemotion/nokogiri/releases)- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)- [Commits](sparklemotion/nokogiri@v1.15.5...v1.16.3)---updated-dependencies:- dependency-name: nokogiri  dependency-type: indirect...Signed-off-by: dependabot[bot] <support@github.com>

dependabotbot added the dependenciesPull requests that update a dependency file label

Mar 19, 2024

Copy link

ContributorAuthor

dependabotbot commented on behalf ofgithubMay 13, 2024

Superseded by#229.

dependabotbot closed this

May 13, 2024

dependabotbot deleted the dependabot/bundler/nokogiri-1.16.3 branch

May 13, 2024 23:31

Labels

dependencies

Pull requests that update a dependency file

Movatterモバイル変換

Bump nokogiri from 1.15.5 to 1.16.3#228

Bump nokogiri from 1.15.5 to 1.16.3#228

Uh oh!

Conversation

dependabotbot commented on behalf ofgithubMar 19, 2024

v1.16.3 / 2024-03-15

Dependencies

Changed

v1.16.2 / 2024-02-04

Security

Dependencies

v1.16.3 / 2024-03-15

Dependencies

Changed

v1.16.2 / 2024-02-04

Security

Dependencies

v1.16.1 / 2024-02-03

Dependencies

Fixed

v1.16.0 / 2023-12-27

Notable Changes

Ruby

Uh oh!

dependabotbot commented on behalf ofgithubMay 13, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant