chore: bump org.jsoup:jsoup from 1.18.3 to 1.19.1

[dependabot[bot]]

Bumps org.jsoup:jsoup from 1.18.3 to 1.19.1.

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup 1.19.1

Changes

• Added support for http/2 requests in Jsoup.connect(), when running on Java 11+, via the Java HttpClient implementation. #2257.
  • In this version of jsoup, the default is to make requests via the HttpUrlConnection implementation: use System.setProperty("jsoup.useHttpClient", "true"); to enable making requests via the HttpClient instead , which will enable http/2 support, if available. This will become the default in a later version of jsoup, so now is a good time to validate it.
  • If you are repackaging the jsoup jar in your deployment (i.e. creating a shaded- or a fat-jar), make sure to specify that as a Multi-Release JAR.
  • If the HttpClient impl is not available in your JRE, requests will continue to be made via HttpURLConnection (in http/1.1 mode).
• Updated the minimum Android API Level validation from 10 to 21. As with previous jsoup versions, Android developers need to enable core library desugaring. The minimum Java version remains Java 8. #2173
• Removed previously deprecated class: org.jsoup.UncheckedIOException (replace with java.io.UncheckedIOException); moved previously deprecated method Element Element#forEach(Consumer) to void Element#forEach(Consumer()). #2246
• Deprecated the methods Document#updateMetaCharsetElement(bool) and #Document#updateMetaCharsetElement(), as the setting had no effect. When Document#charset(Charset) is called, the document's meta charset or XML encoding instruction is always set. #2247

Improvements

• When cleaning HTML with a Safelist that preserves relative links, the isValid() method will now consider these links valid. Additionally, the enforced attribute rel=nofollow will only be added to external links when configured in the safelist. #2245
• Added Element#selectStream(String query) and Element#selectStream(Evaluator) methods, that return a Stream of matching elements. Elements are evaluated and returned as they are found, and the stream can be terminated early. #2092
• Element objects now implement Iterable, enabling them to be used in enhanced for loops.
• Added support for fragment parsing from a Reader via Parser#parseFragmentInput(Reader, Element, String). #1177
• Reintroduced CLI executable examples, in jsoup-examples.jar. #1702
• Optimized performance of selectors like #id .class (and other similar descendant queries) by around 4.6x, by better balancing the Ancestor evaluator's cost function in the query planner. #2254
• Removed the legacy parsing rules for <isindex> tags, which would autovivify a form element with labels. This is no longer in the spec.
• Added Elements.selectFirst(String cssQuery) and Elements.expectFirst(String cssQuery), to select the first matching element from an Elements list. #2263
• When parsing with the XML parser, XML Declarations and Processing Instructions are directly handled, vs bouncing through the HTML parser's bogus comment handler. Serialization for non-doctype declarations no longer end with a spurious !. #2275
• When converting parsed HTML to XML or the W3C DOM, element names containing < are normalized to _ to ensure valid XML. For example, <foo<bar> becomes <foo_bar>, as XML does not allow < in element names, but HTML5 does. #2276
• Reimplemented the HTML5 Adoption Agency Algorithm to the current spec. This handles mis-nested formating / structural elements. #2278

... (truncated)

Changelog

Sourced from org.jsoup:jsoup's changelog.

1.19.1 (2025-03-04)

Changes

• Added support for http/2 requests in Jsoup.connect(), when running on Java 11+, via the Java HttpClient implementation. #2257.
  • In this version of jsoup, the default is to make requests via the HttpUrlConnection implementation: use System.setProperty("jsoup.useHttpClient", "true"); to enable making requests via the HttpClient instead , which will enable http/2 support, if available. This will become the default in a later version of jsoup, so now is a good time to validate it.
  • If you are repackaging the jsoup jar in your deployment (i.e. creating a shaded- or a fat-jar), make sure to specify that as a Multi-Release JAR.
  • If the HttpClient impl is not available in your JRE, requests will continue to be made via HttpURLConnection (in http/1.1 mode).
• Updated the minimum Android API Level validation from 10 to 21. As with previous jsoup versions, Android developers need to enable core library desugaring. The minimum Java version remains Java 8. #2173
• Removed previously deprecated class: org.jsoup.UncheckedIOException (replace with java.io.UncheckedIOException); moved previously deprecated method Element Element#forEach(Consumer) to void Element#forEach(Consumer()). #2246
• Deprecated the methods Document#updateMetaCharsetElement(boolean) and Document#updateMetaCharsetElement(), as the setting had no effect. When Document#charset(Charset) is called, the document's meta charset or XML encoding instruction is always set. #2247

Improvements

• When cleaning HTML with a Safelist that preserves relative links, the isValid() method will now consider these links valid. Additionally, the enforced attribute rel=nofollow will only be added to external links when configured in the safelist. #2245
• Added Element#selectStream(String query) and Element#selectStream(Evaluator) methods, that return a Stream of matching elements. Elements are evaluated and returned as they are found, and the stream can be terminated early. #2092
• Element objects now implement Iterable, enabling them to be used in enhanced for loops.
• Added support for fragment parsing from a Reader via Parser#parseFragmentInput(Reader, Element, String). #1177
• Reintroduced CLI executable examples, in jsoup-examples.jar. #1702
• Optimized performance of selectors like #id .class (and other similar descendant queries) by around 4.6x, by better balancing the Ancestor evaluator's cost function in the query planner. #2254
• Removed the legacy parsing rules for <isindex> tags, which would autovivify a form element with labels. This is no longer in the spec.
• Added Elements.selectFirst(String cssQuery) and Elements.expectFirst(String cssQuery), to select the first matching element from an Elements list. #2263
• When parsing with the XML parser, XML Declarations and Processing Instructions are directly handled, vs bouncing through the HTML parser's bogus comment handler. Serialization for non-doctype declarations no longer end with a spurious !. #2275
• When converting parsed HTML to XML or the W3C DOM, element names containing < are normalized to _ to ensure valid XML. For example, <foo<bar> becomes <foo_bar>, as XML does not allow < in element names, but HTML5 does. #2276

... (truncated)

Commits

• 5c4c09a [maven-release-plugin] prepare release jsoup-1.19.1
• 7de25be Updated changelog in preparation of release
• 6d7a058 Use 'el' instead of 'node' in adoption agency
• 0679bef Perf: removed redundant lowercase normalization
• d80275e Performance tweak when appending tag names
• 4b733b1 Updated InScope search basetypes to be namespace aware
• d89d757 Changelog tidy
• 5fde3d9 Changelog for #2281
• d55469a Clone the Parser when cloning a Document
• 11a0334 Concurrency note
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)