Skip to content
This repository has been archived by the owner on Jul 2, 2021. It is now read-only.

Bump nokogiri from 1.11.5 to 1.11.7 #454

Open
wants to merge 1 commit into
base: qa
Choose a base branch
from
Open

Bump nokogiri from 1.11.5 to 1.11.7 #454

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 3, 2021

Bumps nokogiri from 1.11.5 to 1.11.7.

Release notes

Sourced from nokogiri's releases.

1.11.7 / 2021-06-02

  • [CRuby] Backporting an upstream fix to XPath recursion depth limits which impacted some users of complex XPath queries. This issue is present in libxml 2.9.11 and 2.9.12. [#2257]

Checksums

SHA256:

4976a9c9e796527d51dc6c311b9bd93a0233f6a7962a0f569aa5c782461836ef  nokogiri-1.11.7.gem
9d69f57f6c024d86e358a8aef7a273f574721e48a6b2e1426cca007827325413  nokogiri-1.11.7-java.gem
6017dee25feb80292b04554cc1bf8a0a2ede3b6c3daeac811902157bbc6a3bdc  nokogiri-1.11.7-x64-mingw32.gem
38892350c1e695eab9bd77483300d681c32a22714d0e2d04d10a4c343b424bdd  nokogiri-1.11.7-x86-mingw32.gem
1d15603cd878fa2b710a3ba3028a99d9dd0c14b75711faebf9fb6ff40bac3880  nokogiri-1.11.7-x86-linux.gem
7ad9741e7a2fee1ffb4a4b2e20b00e87992c9efd969f557ca3b83fb2653b9bfc  nokogiri-1.11.7-x86_64-linux.gem
c93d66d9413ea7c37d30f95e2c54606fec638e556d454e08124d9a33b7fa82c8  nokogiri-1.11.7-arm64-darwin.gem
8761d9c7baacb26546869ed56dbc78d3eb3cabf49b85d91b1cd827cd6e94fb25  nokogiri-1.11.7-x86_64-darwin.gem

1.11.6 / 2021-05-26

Fixed

  • [CRuby] DocumentFragment#path now does proper error-checking to handle behavior introduced in libxml > 2.9.10. In v1.11.4 and v1.11.5, calling DocumentFragment#path could result in a segfault.
Changelog

Sourced from nokogiri's changelog.

1.11.7 / 2021-06-02

  • [CRuby] Backporting an upstream fix to XPath recursion depth limits which impacted some users of complex XPath queries. This issue is present in libxml 2.9.11 and 2.9.12. [#2257]

1.11.6 / 2021-05-26

Fixed

  • [CRuby] DocumentFragment#path now does proper error-checking to handle behavior introduced in libxml > 2.9.10. In v1.11.4 and v1.11.5, calling DocumentFragment#path could result in a segfault.
Commits
  • 0a6681e version bump to v1.11.7
  • de0844c test: add coverage for xpath recursion depth fix
  • ed38fea Merge pull request #2258 from sparklemotion/2257-libxml2-xpath-recursion-limi...
  • 1f6c661 fix: upstream libxml2 bug in calculating xpath query recursion depth
  • a48c305 version bump to v1.11.6
  • d7b58c3 Merge pull request #2252 from sparklemotion/2250-doc-frag-path-v1_11_x
  • a1b0e6b update CHANGELOG
  • d0f14d1 fix: DocumentFragment#path checks for error case in libxml 2.9.11+
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump nokogiri from 1.11.5 to 1.11.7
0be60fd 
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.11.5 to 1.11.7.
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.11.5...v1.11.7)

---
updated-dependencies:
- dependency-name: nokogiri
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jun 3, 2021
@dependabot dependabot bot mentioned this pull request Jun 3, 2021
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants