René's URL Explorer Experiment

Title: Bump nokogiri from 1.10.8 to 1.13.2 by dependabot[bot] · Pull Request #7 · pangPython/pangpython.github.io · GitHub

Open Graph Title: Bump nokogiri from 1.10.8 to 1.13.2 by dependabot[bot] · Pull Request #7 · pangPython/pangpython.github.io

X Title: Bump nokogiri from 1.10.8 to 1.13.2 by dependabot[bot] · Pull Request #7 · pangPython/pangpython.github.io

Description: Bumps nokogiri from 1.10.8 to 1.13.2. Release notes Sourced from nokogiri's releases. 1.13.2 / 2022-02-21 Security [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308. [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560. Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs. Dependencies [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news SHA256 checksums: 63469a9bb56a21c62fbaea58d15f54f8f167ff6fde51c5c2262072f939926fdd nokogiri-1.13.2-aarch64-linux.gem 2986617f982f645c06f22515b721e6d2613dd69493e5c41ddd03c4830c3b3065 nokogiri-1.13.2-arm64-darwin.gem aca1d66206740b29d0d586b1d049116adcb31e6cdd7c4dd3a96eb77da215a0c4 nokogiri-1.13.2-java.gem b9e4eea1a200d9a927a5bc7d662c427e128779cba0098ea49ddbdb3ffc3ddaec nokogiri-1.13.2-x64-mingw-ucrt.gem 48d5493fec495867c5516a908a068c1387a1d17c5aeca6a1c98c089d9d9fdcf8 nokogiri-1.13.2-x64-mingw32.gem 62034d7aaaa83fbfcb8876273cc5551489396841a66230d3200b67919ef76cf9 nokogiri-1.13.2-x86-linux.gem e07237b82394017c2bfec73c637317ee7dbfb56e92546151666abec551e46d1d nokogiri-1.13.2-x86-mingw32.gem 01937a6551d997aca32468da08ced0878ba4e1dfd0b51d953617185eefc57ffa nokogiri-1.13.2-x86_64-darwin.gem 70112ae29939d4b5e1c8ba13e1f0d82ff43cd5564ce138f622fe6ebddc503654 nokogiri-1.13.2-x86_64-linux.gem def6b330c53dcabe8b7d545cf9db4dfb45e9d39040b531eb81aee0c840fd66c2 nokogiri-1.13.2.gem 1.13.1 / 2022-01-13 Fixed Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an exception when non-string stylesheet parameters were passed. Non-string parameters (e.g., integers and symbols) are now explicitly supported and both keys and values will be stringified with #to_s. [#2418] Fix HTML5 CSS selector query regression in v1.13.0 that raised an Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into the CSS query. Although this mash-up of XPath and CSS syntax previously worked unintentionally, it is now an officially supported feature and is documented as such. [#2419] SHA265 checksums 9206569b36f0066f943f174a832b50e69551c2a81333b7a62d4073e97ea4c3c6 nokogiri-1.13.1-aarch64-linux.gem 39d73197506acd3748c84600e000bb44ccd930695a9fc8b489b1b4df37dd14f0 nokogiri-1.13.1-arm64-darwin.gem 1aaa315876e2049b4418c60794f1f55bdb04cc9583b9b664dbb3c52696695207 nokogiri-1.13.1-java.gem 37d97e5fdaae4a14cc7122598616ac484d71c271004fb6cce6684c6734f41552 nokogiri-1.13.1-x64-mingw-ucrt.gem 683b030957c747d35499f8d766cad51a31ae9456098225af62fab7b27fe20129 nokogiri-1.13.1-x64-mingw32.gem 690958426e3151ba0c22e8d88637dba5e0c636107f3def2ffc10e334d451e61f nokogiri-1.13.1-x86-linux.gem ... (truncated) Changelog Sourced from nokogiri's changelog. 1.13.2 / 2022-02-21 Security [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308. [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560. Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs. Dependencies [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news 1.13.1 / 2022-01-13 Fixed Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an exception when non-string stylesheet parameters were passed. Non-string parameters (e.g., integers and symbols) are now explicitly supported and both keys and values will be stringified with #to_s. [#2418] Fix CSS selector query regression in v1.13.0 that raised an Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into the CSS query. Although this mash-up of XPath and CSS syntax previously worked unintentionally, it is now an officially supported feature and is documented as such. [#2419] 1.13.0 / 2022-01-06 Notes Ruby This release introduces native gem support for Ruby 3.1. Please note that Windows users should use the x64-mingw-ucrt platform gem for Ruby 3.1, and x64-mingw32 for Ruby 2.6–3.0 (see RubyInstaller 3.1.0 release notes). This release ends support for: Ruby 2.5, for which official support ended 2021-03-31. JRuby 9.2, which is a Ruby 2.5-compatible release. Faster, more reliable installation: Native Gem for ARM64 Linux This version of Nokogiri ships experimental native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used the aarch64-linux native gem? Publishing This version of Nokogiri opts-in to the "MFA required to publish" setting on Rubygems.org. This and all future Nokogiri gem files must be published to Rubygems by an account with multi-factor authentication enabled. This should provide some additional protection against supply-chain attacks. A related discussion about Trust exists at #2357 in which I invite you to participate if you have feelings or opinions on this topic. ... (truncated) Commits 49b8663 version bump to v1.13.2 4729133 Merge pull request #2457 from sparklemotion/flavorjones-libxml-2.9.13-v1.13.x 379f757 dev(package): work around gnome mirrors with expired certs 95cf66c dep: upgrade libxml2 2.9.12 → 2.9.13 d37dd02 dep: upgrade libxslt 1.1.34 → 1.1.35 59a9398 dep: upgrade mini_portile 2.7 to 2.8 e885463 dev(package): handle either .tar.gz or .tar.xz archive names 7957c7b style: rubocop 93d37f7 ci: Change Ruby setup to standard 15d32f6 ci: skip html5lib-tests on v1.13.x branch Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) @dependabot use these labels will set the current labels as the default for future PRs for this repo and language @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the Security Alerts page.

Open Graph Description: Bumps nokogiri from 1.10.8 to 1.13.2. Release notes Sourced from nokogiri's releases. 1.13.2 / 2022-02-21 Security [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addr...

X Description: Bumps nokogiri from 1.10.8 to 1.13.2. Release notes Sourced from nokogiri's releases. 1.13.2 / 2022-02-21 Security [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update ...

Opengraph URL: https://github.com/pangPython/pangpython.github.io/pull/7

X: @github

direct link

Domain: github.com

Links:

Viewport: width=device-width