René's URL Explorer Experiment


Title: Bump nokogiri from 1.18.9 to 1.19.3 by dependabot[bot] · Pull Request #62 · jruby/jruby.github.io · GitHub

Open Graph Title: Bump nokogiri from 1.18.9 to 1.19.3 by dependabot[bot] · Pull Request #62 · jruby/jruby.github.io

X Title: Bump nokogiri from 1.18.9 to 1.19.3 by dependabot[bot] · Pull Request #62 · jruby/jruby.github.io

Description: Bumps nokogiri from 1.18.9 to 1.19.3. Release notes Sourced from nokogiri's releases. v1.19.3 / 2026-04-27 Fixed / Security Address exponential regex backtracking in CSS selector tokenizer. See GHSA-c4rq-3m3g-8wgx for more information. [CRuby] Address memory leak in XSLT::Stylesheet#transform. See GHSA-v2fc-qm4h-8hqv for more information. 46b89e5d7b9e844c2ee360794240c6ea2a4e6fa0c5892a4ed487db621224b639 nokogiri-1.19.3-aarch64-linux-gnu.gem 8392dfdcd21be7a94dbbe9ccc138dea01b97b24cb2dc02a114ca98bfb1d9a0b7 nokogiri-1.19.3-aarch64-linux-musl.gem 3919d5ffc334ad778a4a9eb88fda7dcb8b1fb58c8a52ac640c6dcd2f038e774f nokogiri-1.19.3-arm-linux-gnu.gem 9ce1cb6346bb9c67b1550eb537aa183ead91e4b6eadb2f36ade02d8dd2a79fb6 nokogiri-1.19.3-arm-linux-musl.gem 71b9bd424b1b7abc18b05052a1a3cfd3627abdca62be280854cc411791357e42 nokogiri-1.19.3-arm64-darwin.gem 40ea6ebf5cf2005dae1dee26dd557d3afb41fb6de6c9764aca8cf06fdb841db1 nokogiri-1.19.3-java.gem 8bb7132cad356c879a1286eaabcb5e68326cb2490317984280fbc62f456d506a nokogiri-1.19.3-x64-mingw-ucrt.gem 77f3fba57d46c53ab31e62fc6c28f705109d1bf6264356c76f132b2be5728d4d nokogiri-1.19.3-x86_64-darwin.gem 2f5078620fe12e83669b5b17311b32532a8153d02eee7ad06948b926d6080976 nokogiri-1.19.3-x86_64-linux-gnu.gem 248c906d2166eca5efb56d52fdee5f9a1f51d69a72e2b64fdac647b4ce39ea3f nokogiri-1.19.3-x86_64-linux-musl.gem 78312cbac32a40c812780d9678221b79d51288eec00054c1a8d15f7ce05960e8 nokogiri-1.19.3.gem v1.19.2 / 2026-03-19 Dependencies [JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. #3611 @​flavorjones SHA256 Checksums c34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19 nokogiri-1.19.2-aarch64-linux-gnu.gem 7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515 nokogiri-1.19.2-aarch64-linux-musl.gem b7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081 nokogiri-1.19.2-arm-linux-gnu.gem 61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c nokogiri-1.19.2-arm-linux-musl.gem 58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205 nokogiri-1.19.2-arm64-darwin.gem e9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717 nokogiri-1.19.2-java.gem 8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a nokogiri-1.19.2-x64-mingw-ucrt.gem 7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4 nokogiri-1.19.2-x86_64-darwin.gem fa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f nokogiri-1.19.2-x86_64-linux-gnu.gem 93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8 nokogiri-1.19.2-x86_64-linux-musl.gem 38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756 nokogiri-1.19.2.gem Full Changelog: sparklemotion/nokogiri@v1.19.1...v1.19.2 v1.19.1 / 2026-02-16 ... (truncated) Changelog Sourced from nokogiri's changelog. v1.19.3 / 2026-04-27 Fixed / Security Address exponential regex backtracking in CSS selector tokenizer. See GHSA-c4rq-3m3g-8wgx for more information. [CRuby] Address memory leak in XSLT::Stylesheet#transform. See GHSA-v2fc-qm4h-8hqv for more information. v1.19.2 / 2026-03-19 Dependencies [JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. #3611 @​flavorjones v1.19.1 / 2026-02-16 Security [CRuby] Address unchecked return value from xmlC14NExecute which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See GHSA-wx95-c6cv-8532 for more information. v1.19.0 / 2025-12-28 Ruby This release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10. Introduce native gem support for Ruby 4.0. #3590 End support for Ruby 3.1, for which upstream support ended 2025-03-26. End support for JRuby 9.4 (which targets Ruby 3.1 compatibility). v1.18.10 / 2025-09-15 Dependencies [CRuby] Vendored libxml2 is updated to v2.13.9. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9. [CRuby] [Windows and MacOS] Vendored libiconv is updated to v1.18 Commits c139a3d version bump to v1.19.3 7501a63 fix: backtracking in CSS tokenizer rules (v1.19.x backport) (#3627) 03e7968 test: skip CSS tokenizer benchmarks on JRuby b984b7e fix: ReDoS in CSS tokenizer ident rule 0092623 fix: ReDoS in CSS tokenizer STRING rule ee17d33 fix: memory leak in XSLT transform (backport to v1.19.x) (#3624) ce188a3 doc: update CHANGELOG caeaac4 fix: memory leak in XSLT transform 25220bf dep(test): test against libxml-ruby v6 (#3618) 0caeb21 doc: add security warnings for untrusted XSLT stylesheets Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot show ignore conditions will show all of the ignore conditions of the specified dependency @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.

Open Graph Description: Bumps nokogiri from 1.18.9 to 1.19.3. Release notes Sourced from nokogiri's releases. v1.19.3 / 2026-04-27 Fixed / Security Address exponential regex backtracking in CSS selector tokenizer. ...

X Description: Bumps nokogiri from 1.18.9 to 1.19.3. Release notes Sourced from nokogiri's releases. v1.19.3 / 2026-04-27 Fixed / Security Address exponential regex backtracking in CSS selector tokeniz...

Opengraph URL: https://github.com/jruby/jruby.github.io/pull/62

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:40b40964-fd46-be25-e4df-ac304e022389
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idEE36:10F9C5:1A5B48:22A068:6A5176D4
html-safe-nonce9eee55aead75a58273bfa34a311fc2e2eaa85a3b8887663bd038ee70690d2f3e
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJFRTM2OjEwRjlDNToxQTVCNDg6MjJBMDY4OjZBNTE3NkQ0IiwidmlzaXRvcl9pZCI6IjI1MTEwNzc1MTUzMDQyODExNiIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9
visitor-hmac46f2323acad5b1d1335714aaed0f16885f29f671fd7cba043fc13a8c743c6622
hovercard-subject-tagpull_request:3651340978
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/jruby/jruby.github.io/pull/62/files
twitter:imagehttps://avatars.githubusercontent.com/in/29110?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/in/29110?s=400&v=4
og:image:altBumps nokogiri from 1.18.9 to 1.19.3. Release notes Sourced from nokogiri's releases. v1.19.3 / 2026-04-27 Fixed / Security Address exponential regex backtracking in CSS selector tokenizer. ...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
Noneb9a586c06a05a7a86fc7e3f4dbd03e42f6869085879aa184aa6369456dbd50fb
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/jruby/jruby.github.io git https://github.com/jruby/jruby.github.io.git
octolytics-dimension-user_id55687
octolytics-dimension-user_loginjruby
octolytics-dimension-repository_id29551865
octolytics-dimension-repository_nwojruby/jruby.github.io
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id29551865
octolytics-dimension-repository_network_root_nwojruby/jruby.github.io
turbo-body-classeslogged-out env-production page-responsive
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
releasee2c3fb1e56564ee0a4805542460de1eb8bd6bd77
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/jruby/jruby.github.io/pull/62/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fjruby%2Fjruby.github.io%2Fpull%2F62%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fjruby%2Fjruby.github.io%2Fpull%2F62%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=jruby%2Fjruby.github.io
Reloadhttps://github.com/jruby/jruby.github.io/pull/62/files
Reloadhttps://github.com/jruby/jruby.github.io/pull/62/files
Reloadhttps://github.com/jruby/jruby.github.io/pull/62/files
Please reload this pagehttps://github.com/jruby/jruby.github.io/pull/62/files
jruby https://github.com/jruby
jruby.github.iohttps://github.com/jruby/jruby.github.io
Notifications https://github.com/login?return_to=%2Fjruby%2Fjruby.github.io
Fork 16 https://github.com/login?return_to=%2Fjruby%2Fjruby.github.io
Star 0 https://github.com/login?return_to=%2Fjruby%2Fjruby.github.io
Code https://github.com/jruby/jruby.github.io
Issues 2 https://github.com/jruby/jruby.github.io/issues
Pull requests 5 https://github.com/jruby/jruby.github.io/pulls
Actions https://github.com/jruby/jruby.github.io/actions
Projects https://github.com/jruby/jruby.github.io/projects
Wiki https://github.com/jruby/jruby.github.io/wiki
Security and quality 0 https://github.com/jruby/jruby.github.io/security
Insights https://github.com/jruby/jruby.github.io/pulse
Code https://github.com/jruby/jruby.github.io
Issues https://github.com/jruby/jruby.github.io/issues
Pull requests https://github.com/jruby/jruby.github.io/pulls
Actions https://github.com/jruby/jruby.github.io/actions
Projects https://github.com/jruby/jruby.github.io/projects
Wiki https://github.com/jruby/jruby.github.io/wiki
Security and quality https://github.com/jruby/jruby.github.io/security
Insights https://github.com/jruby/jruby.github.io/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fjruby%2Fjruby.github.io%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fjruby%2Fjruby.github.io%2Fissues%2Fnew%2Fchoose
dependabothttps://github.com/apps/dependabot
masterhttps://github.com/jruby/jruby.github.io/tree/master
dependabot/bundler/nokogiri-1.19.3https://github.com/jruby/jruby.github.io/tree/dependabot/bundler/nokogiri-1.19.3
Conversation 0 https://github.com/jruby/jruby.github.io/pull/62
Commits 1 https://github.com/jruby/jruby.github.io/pull/62/commits
Checks 0 https://github.com/jruby/jruby.github.io/pull/62/checks
Files changed https://github.com/jruby/jruby.github.io/pull/62/files
Please reload this pagehttps://github.com/jruby/jruby.github.io/pull/62/files
Bump nokogiri from 1.18.9 to 1.19.3 https://github.com/jruby/jruby.github.io/pull/62/files#top
Show all changes 1 commit https://github.com/jruby/jruby.github.io/pull/62/files
e2fef08 Bump nokogiri from 1.18.9 to 1.19.3 dependabot[bot] May 8, 2026 https://github.com/jruby/jruby.github.io/pull/62/commits/e2fef08f89b5f6aa1fc891f5dd523cd28e2d1373
Clear filters https://github.com/jruby/jruby.github.io/pull/62/files
Please reload this pagehttps://github.com/jruby/jruby.github.io/pull/62/files
Please reload this pagehttps://github.com/jruby/jruby.github.io/pull/62/files
Gemfile.lockhttps://github.com/jruby/jruby.github.io/pull/62/files#diff-89cade48462044ee1b672dc5f4c3ec250fbd29effcd8932096a23c1283c6731f
View file https://github.com/jruby/jruby.github.io/blob/e2fef08f89b5f6aa1fc891f5dd523cd28e2d1373/Gemfile.lock
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/jruby/jruby.github.io/pull/62/{{ revealButtonHref }}
https://github.com/jruby/jruby.github.io/pull/62/files#diff-89cade48462044ee1b672dc5f4c3ec250fbd29effcd8932096a23c1283c6731f
https://github.com/jruby/jruby.github.io/pull/62/files#diff-89cade48462044ee1b672dc5f4c3ec250fbd29effcd8932096a23c1283c6731f
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.