Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the ruby group with 6 updates #816

Merged
merged 1 commit into from
Jul 29, 2024
Merged

chore(deps): bump the ruby group with 6 updates #816

merged 1 commit into from
Jul 29, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 29, 2024

Bumps the ruby group with 6 updates:

Package From To
html2rss aa99bd6 2c458a7
html2rss-configs 2dc20ca f5da387
faraday-net_http 3.1.0 3.1.1
nokogiri 1.16.6 1.16.7
public_suffix 6.0.0 6.0.1
sanitize 6.1.1 6.1.2

Updates html2rss from aa99bd6 to 2c458a7

Commits

Updates html2rss-configs from 2dc20ca to f5da387

Commits

Updates faraday-net_http from 3.1.0 to 3.1.1

Release notes

Sourced from faraday-net_http's releases.

v3.1.1

What's Changed

Full Changelog: lostisland/faraday-net_http@v3.1.0...v3.1.1

Commits

Updates nokogiri from 1.16.6 to 1.16.7

Release notes

Sourced from nokogiri's releases.

v1.16.7 / 2024-07-27

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.9, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.

sha256 checksums:

78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b  nokogiri-1.16.7-aarch64-linux.gem
c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3  nokogiri-1.16.7-arm-linux.gem
276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad  nokogiri-1.16.7-arm64-darwin.gem
044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42  nokogiri-1.16.7-java.gem
01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56  nokogiri-1.16.7-x64-mingw-ucrt.gem
d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec  nokogiri-1.16.7-x64-mingw32.gem
dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664  nokogiri-1.16.7-x86-linux.gem
b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c  nokogiri-1.16.7-x86-mingw32.gem
630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa  nokogiri-1.16.7-x86_64-darwin.gem
9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6  nokogiri-1.16.7-x86_64-linux.gem
f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95  nokogiri-1.16.7.gem
Changelog

Sourced from nokogiri's changelog.

v1.16.7 / 2024-07-27

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.9, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.
Commits

Updates public_suffix from 6.0.0 to 6.0.1

Changelog

Sourced from public_suffix's changelog.

6.0.1

Changed

  • Updated definitions.
Commits

Updates sanitize from 6.1.1 to 6.1.2

Release notes

Sourced from sanitize's releases.

v6.1.2

Bug Fixes

Changelog

Sourced from sanitize's changelog.

6.1.2 (2024-07-27)

Bug Fixes

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the ruby group with 6 updates
95ff09c 
Bumps the ruby group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [html2rss](https://github.com/html2rss/html2rss) | ``aa99bd6`` | ``2c458a7`` |
| [html2rss-configs](https://github.com/html2rss/html2rss-configs) | ``2dc20ca`` | ``f5da387`` |
| [faraday-net_http](https://github.com/lostisland/faraday-net_http) | `3.1.0` | `3.1.1` |
| [nokogiri](https://github.com/sparklemotion/nokogiri) | `1.16.6` | `1.16.7` |
| [public_suffix](https://github.com/weppos/publicsuffix-ruby) | `6.0.0` | `6.0.1` |
| [sanitize](https://github.com/rgrove/sanitize) | `6.1.1` | `6.1.2` |


Updates `html2rss` from `aa99bd6` to `2c458a7`
- [Commits](html2rss/html2rss@aa99bd6...2c458a7)

Updates `html2rss-configs` from `2dc20ca` to `f5da387`
- [Commits](html2rss/html2rss-configs@2dc20ca...f5da387)

Updates `faraday-net_http` from 3.1.0 to 3.1.1
- [Release notes](https://github.com/lostisland/faraday-net_http/releases)
- [Commits](lostisland/faraday-net_http@v3.1.0...v3.1.1)

Updates `nokogiri` from 1.16.6 to 1.16.7
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.16.6...v1.16.7)

Updates `public_suffix` from 6.0.0 to 6.0.1
- [Changelog](https://github.com/weppos/publicsuffix-ruby/blob/main/CHANGELOG.md)
- [Commits](weppos/publicsuffix-ruby@v6.0.0...v6.0.1)

Updates `sanitize` from 6.1.1 to 6.1.2
- [Release notes](https://github.com/rgrove/sanitize/releases)
- [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md)
- [Commits](rgrove/sanitize@v6.1.1...v6.1.2)

---
updated-dependencies:
- dependency-name: html2rss
  dependency-type: direct:production
  dependency-group: ruby
- dependency-name: html2rss-configs
  dependency-type: direct:production
  dependency-group: ruby
- dependency-name: faraday-net_http
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby
- dependency-name: nokogiri
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby
- dependency-name: public_suffix
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby
- dependency-name: sanitize
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jul 29, 2024
@mergify mergify bot merged commit e5aa8d3 into main Jul 29, 2024
5 checks passed
@mergify mergify bot deleted the dependabot/bundler/ruby-3b8181c725 branch July 29, 2024 08:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants