stur86
Bump nokogiri from 1.11.7 to 1.13.0 in /docs
Bumps nokogiri from 1.11.7 to 1.13.0.
Release notes
Sourced from nokogiri's releases.
1.13.0 / 2022-01-06
Notes
Ruby
This release introduces native gem support for Ruby 3.1. Please note that Windows users should use the
x64-mingw-ucrtplatform gem for Ruby 3.1, andx64-mingw32for Ruby 2.6–3.0 (see RubyInstaller 3.1.0 release notes).This release ends support for:
- Ruby 2.5, for which official support ended 2021-03-31.
- JRuby 9.2, which is a Ruby 2.5-compatible release.
Faster, more reliable installation: Native Gem for ARM64 Linux
This version of Nokogiri ships experimental native gem support for the
aarch64-linuxplatform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used theaarch64-linuxnative gem?Publishing
This version of Nokogiri opts-in to the "MFA required to publish" setting on Rubygems.org. This and all future Nokogiri gem files must be published to Rubygems by an account with multi-factor authentication enabled. This should provide some additional protection against supply-chain attacks.
A related discussion about Trust exists at #2357 in which I invite you to participate if you have feelings or opinions on this topic.
Dependencies
- [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (https://github.com/sparklemotion/nokogiri/blob/HEAD/Note that libiconv is only redistributed in the native windows and native darwin gems, see
LICENSE-DEPENDENCIES.mdfor more information.) [#2206]- [CRuby] Upgrade mini_portile2 dependency from
~> 2.6.1to~> 2.7.0. ("ruby" platform gem only.)Improved
{XML,HTML4}::DocumentFragmentconstructors all now take an optional parse options parameter or block (similar to Document constructors). [#1692] (Thanks,@JackMc!)Nokogiri::CSS.xpath_forallows anXPathVisitorto be injected, for finer-grained control over how CSS queries are translated into XPath.- [CRuby]
XML::Reader#encodingwill return the encoding detected by the parser when it's not passed to the constructor. [#980]- [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG. (Thanks to tehryanx for reporting!)
- [CRuby]
Node#lineis no longer capped at 65535. libxml v2.9.0 and later support a new parse option, exposed asNokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default inParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA}(Note that JRuby already supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533]- [CRuby] If a cycle is introduced when reparenting a node (i.e., the node becomes its own ancestor), a
RuntimeErroris raised. libxml2 does no checking for this, which means cycles would otherwise result in infinite loops on subsequent operations. (Note that JRuby already did this.) [#1912]- [CRuby] Source builds will download zlib and libiconv via HTTPS. ("ruby" platform gem only.) [#2391] (Thanks,
@jmartin-r7!)- [JRuby]
Node#linebehavior has been modified to return the line number of the node in the final DOM structure. This behavior is different from CRuby, which returns the node's position in the input string. Ideally the two implementations would be the same, but at least is now officially documented and tested. The real-world impact of this change is that the value returned in JRuby is greater by 1 to account for the XML prolog in the output. [#2380] (Thanks,@dabdine!)Fixed
- CSS queries on HTML5 documents now correctly match foreign elements (SVG, MathML) when namespaces are not specified in the query. [#2376]
XML::Builderblocks restore context properly when exceptions are raised. [#2372] (Thanks,@ric2band@rinthedev!)- The
Nokogiri::CSS::Parsercache now uses theXPathVisitorconfiguration as part of the cache key, preventing incorrect cache results from being returned when multipleXPathVisitoroptions are being used.- Error recovery from in-context parsing (e.g.,
Node#parse) now always uses the correctDocumentFragmentclass. PreviouslyNokogiri::HTML4::DocumentFragmentwas always used, even for XML documents. [#1158]
... (truncated)
Changelog
Sourced from nokogiri's changelog.
1.13.0 / 2022-01-06
Notes
Ruby
This release introduces native gem support for Ruby 3.1. Please note that Windows users should use the
x64-mingw-ucrtplatform gem for Ruby 3.1, andx64-mingw32for Ruby 2.6–3.0 (see RubyInstaller 3.1.0 release notes).This release ends support for:
- Ruby 2.5, for which official support ended 2021-03-31.
- JRuby 9.2, which is a Ruby 2.5-compatible release.
Faster, more reliable installation: Native Gem for ARM64 Linux
This version of Nokogiri ships experimental native gem support for the
aarch64-linuxplatform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used theaarch64-linuxnative gem?Publishing
This version of Nokogiri opts-in to the "MFA required to publish" setting on Rubygems.org. This and all future Nokogiri gem files must be published to Rubygems by an account with multi-factor authentication enabled. This should provide some additional protection against supply-chain attacks.
A related discussion about Trust exists at #2357 in which I invite you to participate if you have feelings or opinions on this topic.
Dependencies
- [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (https://github.com/sparklemotion/nokogiri/blob/main/Note that libiconv is only redistributed in the native windows and native darwin gems, see
LICENSE-DEPENDENCIES.mdfor more information.) [#2206]- [CRuby] Upgrade mini_portile2 dependency from
~> 2.6.1to~> 2.7.0. ("ruby" platform gem only.)Improved
{XML,HTML4}::DocumentFragmentconstructors all now take an optional parse options parameter or block (similar to Document constructors). [#1692] (Thanks,@JackMc!)Nokogiri::CSS.xpath_forallows anXPathVisitorto be injected, for finer-grained control over how CSS queries are translated into XPath.- [CRuby]
XML::Reader#encodingwill return the encoding detected by the parser when it's not passed to the constructor. [#980]- [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG. (Thanks to tehryanx for reporting!)
- [CRuby]
Node#lineis no longer capped at 65535. libxml v2.9.0 and later support a new parse option, exposed asNokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default inParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA}(Note that JRuby already supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533]- [CRuby] If a cycle is introduced when reparenting a node (i.e., the node becomes its own ancestor), a
RuntimeErroris raised. libxml2 does no checking for this, which means cycles would otherwise result in infinite loops on subsequent operations. (Note that JRuby already did this.) [#1912]- [CRuby] Source builds will download zlib and libiconv via HTTPS. ("ruby" platform gem only.) [#2391] (Thanks,
@jmartin-r7!)- [JRuby]
Node#linebehavior has been modified to return the line number of the node in the final DOM structure. This behavior is different from CRuby, which returns the node's position in the input string. Ideally the two implementations would be the same, but at least is now officially documented and tested. The real-world impact of this change is that the value returned in JRuby is greater by 1 to account for the XML prolog in the output. [#2380] (Thanks,@dabdine!)Fixed
- CSS queries on HTML5 documents now correctly match foreign elements (SVG, MathML) when namespaces are not specified in the query. [#2376]
XML::Builderblocks restore context properly when exceptions are raised. [#2372] (Thanks,@ric2band@rinthedev!)- The
Nokogiri::CSS::Parsercache now uses theXPathVisitorconfiguration as part of the cache key, preventing incorrect cache results from being returned when multipleXPathVisitoroptions are being used.- Error recovery from in-context parsing (e.g.,
Node#parse) now always uses the correctDocumentFragmentclass. PreviouslyNokogiri::HTML4::DocumentFragmentwas always used, even for XML documents. [#1158]
... (truncated)
Commits
be17829version bump to v1.13.098b07c7dev: make manual gem packaging more reliabled92feafMerge pull request #2411 from sparklemotion/dependabot/bundler/rake-compiler-...43dd7cbbuild(deps-dev): update rake-compiler requirement from = 1.1.6 to = 1.1.7dc5276fMerge pull request #2409 from larskanis/cross-ruby-3.156b89d9package: native win gem correctly specifies required ruby versiona76963cupdate CHANGELOG with ruby 3.1 native gem supportc6f195astyle: sort .cross_rubiesd5584a7package: move host hack into the libiconv recipebc3e640ci: remove workaround for RCD runas- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)@dependabot use these labelswill set the current labels as the default for future PRs for this repo and language@dependabot use these reviewerswill set the current reviewers as the default for future PRs for this repo and language@dependabot use these assigneeswill set the current assignees as the default for future PRs for this repo and language@dependabot use this milestonewill set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the Security Alerts page.
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.
Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.