Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the bundler group across 2 directories with 3 updates #1

Closed
wants to merge 1 commit into from
Closed

Bump the bundler group across 2 directories with 3 updates #1

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Jun 20, 2024
edited
Loading

Bumps the bundler group with 2 updates in the / directory: nokogiri and rexml.
Bumps the bundler group with 2 updates in the /example directory: nokogiri and rack.

Updates nokogiri from 1.15.4 to 1.16.6

Release notes

Sourced from nokogiri's releases.

v1.16.6 / 2024-06-13

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.8, which the release notes state is a bugfix release.

sha256 checksums:

7f4c37ee2dd9c97fdfb6278cf3d9dd2078651f241eed320e26902135dbf78183  nokogiri-1.16.6-aarch64-linux.gem
73d7a7ca569308f181a234269e6607c9acb26ecc93ccbb05998d24a9546c0a94  nokogiri-1.16.6-arm-linux.gem
43e8a783697c65413408a4923b5c2ed6bea6632cfdab4da220446b601733fa4b  nokogiri-1.16.6-arm64-darwin.gem
993ec13a1f0fb2261913e62e1f7a662c77108b1a59c903033eac432f74437275  nokogiri-1.16.6-java.gem
285687f16c330a9b61793d9d45913becf7a9aa82b0ce15c48fc1e0d6c6c9972f  nokogiri-1.16.6-x64-mingw-ucrt.gem
dbbefbfabe363daaa90e7c0b15854769e17ee5b8ae243014e0e55c01047eb5cd  nokogiri-1.16.6-x64-mingw32.gem
dedac3ee38b4deed1141747f04dd5ac512ef9165259cec66ec934edaa8a2a848  nokogiri-1.16.6-x86-linux.gem
5080e9512e3ba320aef074c16a23aef737301ac0e3b7a173a299dcaaa40b6a20  nokogiri-1.16.6-x86-mingw32.gem
92fa413d866baf9b609f17558ecfbcf950d5373213babcf4ce11d7eaed4b21cf  nokogiri-1.16.6-x86_64-darwin.gem
769bd2c14ad76dd5a7e14c867741cf2e3b8c25626a34f40aee7b0b998b8de820  nokogiri-1.16.6-x86_64-linux.gem
935fe4dd67d4377f4a05002acb1ffbadbcae265ea8e7869fc40e3a8121f3e1ef  nokogiri-1.16.6.gem

v1.16.5 / 2024-05-13

Security

Dependencies

sha256 checksums:

af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874  nokogiri-1.16.5-aarch64-linux.gem
23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec  nokogiri-1.16.5-arm-linux.gem
950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214  nokogiri-1.16.5-arm64-darwin.gem
b7aefc94370c62476b8528e8d8abb6160203abd84a1f4eceda8f1aa8974d9989  nokogiri-1.16.5-java.gem
ec2167160df8fec3137bf95d574ed80ebc1d002bb3b281546b60b4aa9002466e  nokogiri-1.16.5-x64-mingw-ucrt.gem
6984200491fac69974005ecfa2de129d61843d345eafa5d6f58e8b908d1cf107  nokogiri-1.16.5-x64-mingw32.gem
abdc389ab1ec6604492da16bd9d06ad746fdb6bd6a1bd274c400d61ffcadb3c4  nokogiri-1.16.5-x86-linux.gem
63d24981345856f2baf7f4089870a62d3042fb8d3021b280fb04fc052532e3c4  nokogiri-1.16.5-x86-mingw32.gem
71b5f54e378c433d13df67c3b71acc4716129da62402d8181f310c4216a63279  nokogiri-1.16.5-x86_64-darwin.gem
0ca238da870066bed2f7837af6f35791bb9b76c4c5638999c46aac44818a6a97  nokogiri-1.16.5-x86_64-linux.gem
</tr></table>

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.16.6 / 2024-06-13

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.8, which the release notes state is a bugfix release.

v1.16.5 / 2024-05-13

Security

Dependencies

v1.16.4 / 2024-04-10

Dependencies

  • [CRuby] Vendored zlib in the precompiled native gems is updated to v1.3.1 from v1.3. Nokogiri is not affected by the minizip CVE patched in this version, but this update may satisfy some security scanners. Related, see this discussion about removing the compression libraries altogether in a future version of Nokogiri.

v1.16.3 / 2024-03-15

Dependencies

Changed

  • [CRuby] XML::Reader sets the @encoding instance variable during reading if it is not passed into the initializer. Previously, it would remain nil. The behavior of Reader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.

v1.16.2 / 2024-02-04

Security

Dependencies

... (truncated)

Commits

Updates rexml from 3.2.6 to 3.3.0

Release notes

Sourced from rexml's releases.

REXML 3.3.0 - 2024-06-11

Improvements

  • Added support for strscan 0.7.0 installed with Ruby 2.6.
    • GH-142
    • Reported by Fernando Trigoso.

Thanks

  • Fernando Trigoso

REXML 3.2.9 - 2024-06-09

Improvements

  • Added support for old strscan.

  • Improved attribute value parse performance.

  • Improved REXML::Node#each_recursive performance.

  • Improved text parse performance.

    • Reported by mprogrammer.

Thanks

  • Adam
  • NAITOH Jun
  • Hiroya Fujinami
  • mprogrammer

REXML 3.2.8 - 2024-05-16

Fixes

  • Suppressed a warning

REXML 3.2.7 - 2024-05-16

Improvements

  • Improve parse performance by using StringScanner.

... (truncated)

Changelog

Sourced from rexml's changelog.

3.3.0 - 2024-06-11 {#version-3-3-0}

Improvements

  • Added support for strscan 0.7.0 installed with Ruby 2.6.
    • GH-142
    • Reported by Fernando Trigoso.

Thanks

  • Fernando Trigoso

3.2.9 - 2024-06-09 {#version-3-2-9}

Improvements

  • Added support for old strscan.

  • Improved attribute value parse performance.

  • Improved REXML::Node#each_recursive performance.

  • Improved text parse performance.

    • Reported by mprogrammer.

Thanks

  • Adam
  • NAITOH Jun
  • Hiroya Fujinami
  • mprogrammer

3.2.8 - 2024-05-16 {#version-3-2-8}

Fixes

  • Suppressed a warning

3.2.7 - 2024-05-16 {#version-3-2-7}

Improvements

  • Improve parse performance by using StringScanner.

... (truncated)

Commits
  • 8247bdc Add 3.3.0 entry
  • 0d9b98c ci: don't use Ruby 2.5 for gem test
  • 31738cc Add support for strscan 0.7.0 installed with Ruby 2.6
  • a7d66f2 ci document: use the latest Ruby
  • 5078c86 news: fix a typo
  • 7ca7ccd Bump version
  • 964c9dc Add 3.2.9 entry
  • e06b3fb Improve text parse performance
  • dab8065 Improve Node#each_recursive performance (#139)
  • da67561 test: reduce the number of rehearsal executions
  • Additional commits viewable in compare view

Updates nokogiri from 1.16.2 to 1.16.6

Release notes

Sourced from nokogiri's releases.

v1.16.6 / 2024-06-13

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.8, which the release notes state is a bugfix release.

sha256 checksums:

7f4c37ee2dd9c97fdfb6278cf3d9dd2078651f241eed320e26902135dbf78183  nokogiri-1.16.6-aarch64-linux.gem
73d7a7ca569308f181a234269e6607c9acb26ecc93ccbb05998d24a9546c0a94  nokogiri-1.16.6-arm-linux.gem
43e8a783697c65413408a4923b5c2ed6bea6632cfdab4da220446b601733fa4b  nokogiri-1.16.6-arm64-darwin.gem
993ec13a1f0fb2261913e62e1f7a662c77108b1a59c903033eac432f74437275  nokogiri-1.16.6-java.gem
285687f16c330a9b61793d9d45913becf7a9aa82b0ce15c48fc1e0d6c6c9972f  nokogiri-1.16.6-x64-mingw-ucrt.gem
dbbefbfabe363daaa90e7c0b15854769e17ee5b8ae243014e0e55c01047eb5cd  nokogiri-1.16.6-x64-mingw32.gem
dedac3ee38b4deed1141747f04dd5ac512ef9165259cec66ec934edaa8a2a848  nokogiri-1.16.6-x86-linux.gem
5080e9512e3ba320aef074c16a23aef737301ac0e3b7a173a299dcaaa40b6a20  nokogiri-1.16.6-x86-mingw32.gem
92fa413d866baf9b609f17558ecfbcf950d5373213babcf4ce11d7eaed4b21cf  nokogiri-1.16.6-x86_64-darwin.gem
769bd2c14ad76dd5a7e14c867741cf2e3b8c25626a34f40aee7b0b998b8de820  nokogiri-1.16.6-x86_64-linux.gem
935fe4dd67d4377f4a05002acb1ffbadbcae265ea8e7869fc40e3a8121f3e1ef  nokogiri-1.16.6.gem

v1.16.5 / 2024-05-13

Security

Dependencies

sha256 checksums:

af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874  nokogiri-1.16.5-aarch64-linux.gem
23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec  nokogiri-1.16.5-arm-linux.gem
950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214  nokogiri-1.16.5-arm64-darwin.gem
b7aefc94370c62476b8528e8d8abb6160203abd84a1f4eceda8f1aa8974d9989  nokogiri-1.16.5-java.gem
ec2167160df8fec3137bf95d574ed80ebc1d002bb3b281546b60b4aa9002466e  nokogiri-1.16.5-x64-mingw-ucrt.gem
6984200491fac69974005ecfa2de129d61843d345eafa5d6f58e8b908d1cf107  nokogiri-1.16.5-x64-mingw32.gem
abdc389ab1ec6604492da16bd9d06ad746fdb6bd6a1bd274c400d61ffcadb3c4  nokogiri-1.16.5-x86-linux.gem
63d24981345856f2baf7f4089870a62d3042fb8d3021b280fb04fc052532e3c4  nokogiri-1.16.5-x86-mingw32.gem
71b5f54e378c433d13df67c3b71acc4716129da62402d8181f310c4216a63279  nokogiri-1.16.5-x86_64-darwin.gem
0ca238da870066bed2f7837af6f35791bb9b76c4c5638999c46aac44818a6a97  nokogiri-1.16.5-x86_64-linux.gem
</tr></table>

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.16.6 / 2024-06-13

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.8, which the release notes state is a bugfix release.

v1.16.5 / 2024-05-13

Security

Dependencies

v1.16.4 / 2024-04-10

Dependencies

  • [CRuby] Vendored zlib in the precompiled native gems is updated to v1.3.1 from v1.3. Nokogiri is not affected by the minizip CVE patched in this version, but this update may satisfy some security scanners. Related, see this discussion about removing the compression libraries altogether in a future version of Nokogiri.

v1.16.3 / 2024-03-15

Dependencies

Changed

  • [CRuby] XML::Reader sets the @encoding instance variable during reading if it is not passed into the initializer. Previously, it would remain nil. The behavior of Reader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.

v1.16.2 / 2024-02-04

Security

Dependencies

... (truncated)

Commits

Updates rack from 3.0.9 to 3.1.3

Release notes

Sourced from rack's releases.

v3.0.9.1

What's Changed

Full Changelog: rack/rack@v3.0.9...v3.0.9.1

Changelog

Sourced from rack's changelog.

[3.1.3] - 2024-06-12

Fixed

[3.1.2] - 2024-06-11

  • Rack::Response will take in to consideration chunked encoding responses (#2204, [@​tenderlove])

[3.1.1] - 2024-06-11

  • Oops! I shouldn't have shipped that

[3.1.0] - 2024-06-11

⚠️ This release includes several breaking changes. Refer to the Removed section below for the list of deprecated methods that have been removed in this release.

Rack v3.1 is primarily a maintenance release that removes features deprecated in Rack v3.0. Alongside these removals, there are several improvements to the Rack SPEC, mainly focused on enhancing input and output handling. These changes aim to make Rack more efficient and align better with the requirements of server implementations and relevant HTTP specifications.

SPEC Changes

Added

  • Introduce Rack::Multipart::MissingInputError for improved handling of missing input in #parse_multipart. (#2018, [@​ioquatix])
  • Introduce module Rack::BadRequest which is included in multipart and query parser errors. (#2019, [@​ioquatix])
  • Add .mjs MIME type (#2057, @​axilleas)
  • set_cookie_header utility now supports the partitioned cookie attribute. This is required by Chrome in some embedded contexts. (#2131, @​flavio-b)
  • Introduce rack.early_hints for sending 103 Early Hints informational responses. (#1831, @​casperisfine, [@​jeremyevans])

Changed

  • MIME type for JavaScript files (.js) changed from application/javascript to text/javascript (1bd0f15, [@​ioquatix])
  • Update MIME types associated to .ttf, .woff, .woff2 and .otf extensions to use mondern font/* types. (#2065, [@​davidstosik])
  • Rack::Utils.escape_html is now delegated to CGI.escapeHTML. ' is escaped to [#39](https://github.com/rack/rack/issues/39); instead of #x27;. (decimal vs hexadecimal) (#2099, @​JunichiIto)
  • Clarify use of @buffered and only update content-length when Rack::Response#finish is invoked. (#2149, [@​ioquatix])

Deprecated

  • Deprecate automatic cache invalidation in Request#{GET,POST} (#2073, [@​jeremyevans])
  • Only cookie keys that are not valid according to the HTTP specifications are escaped. We are planning to deprecate this behaviour, so now a deprecation message will be emitted in this case. In the future, invalid cookie keys may not be accepted. (#2191, [@​ioquatix])
  • Rack::Logger is deprecated. (#2197, [@​ioquatix])
  • Add fallback lookup and deprecation warning for obsolete status symbols. (#2137, @​wtn)
  • Deprecate Rack::Request#values_at, use request.params.values_at instead (#2183, [@​ioquatix])

... (truncated)

Commits
  • e2020c1 Bump patch version.
  • 5c34b37 Fix handling of empty cookies in Rack::MockResponse (#2203)
  • fd4fb36 Handle nil in Rack::Utils.escape_html
  • 4f81703 Don't emit warning message when mapped symbol exists. (#2209)
  • d43ab86 bump version
  • 00c9972 Failing test with Rack::MockResponse (#2204)
  • 606365b Bump minor version.
  • 4c9d3ac Add deprecation warning for lib/rack/logger.rb. (#2197)
  • e1f5683 Remove any dependeny on transfer-encoding / chunked. (#2195)
  • a057e9b Only update Rack::Response content-length header when finishing. (#2149)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the bundler group across 2 directories with 3 updates
a1dca1a 
Bumps the bundler group with 2 updates in the / directory: [nokogiri](https://github.com/sparklemotion/nokogiri) and [rexml](https://github.com/ruby/rexml).
Bumps the bundler group with 2 updates in the /example directory: [nokogiri](https://github.com/sparklemotion/nokogiri) and [rack](https://github.com/rack/rack).


Updates `nokogiri` from 1.15.4 to 1.16.6
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.16.6/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.15.4...v1.16.6)

Updates `rexml` from 3.2.6 to 3.3.0
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](ruby/rexml@v3.2.6...v3.3.0)

Updates `nokogiri` from 1.16.2 to 1.16.6
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/v1.16.6/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.15.4...v1.16.6)

Updates `rack` from 3.0.9 to 3.1.3
- [Release notes](https://github.com/rack/rack/releases)
- [Changelog](https://github.com/rack/rack/blob/main/CHANGELOG.md)
- [Commits](rack/rack@v3.0.9...v3.1.3)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: rexml
  dependency-type: indirect
  dependency-group: bundler
- dependency-name: nokogiri
  dependency-type: direct:production
  dependency-group: bundler
- dependency-name: rack
  dependency-type: indirect
  dependency-group: bundler
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 20, 2024
@dependabot Dependabot
Copy link
Author

dependabot bot commented on behalf of github Jun 20, 2024

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot bot closed this Jun 20, 2024
@dependabot dependabot bot deleted the dependabot/bundler/bundler-3731e3bfcf branch June 20, 2024 02:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants