Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Bump nokogiri from 1.18.0 to 1.18.1 (#4193)
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.18.0 to 1.18.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's releases</a>.</em></p> <blockquote> <h2>v1.18.1 / 2024-12-29</h2> <h3>Fixed</h3> <ul> <li>[CRuby] XML::SAX::ParserContext keeps a reference to the input to avoid a potential use-after-free issue that's existed since v1.4.0 (2009). (<a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a>) <a href="https://github.com/flavorjones"><code>@flavorjones</code></a></li> </ul> <!-- raw HTML omitted --> <pre><code>35837013800e34342fcbaca305f8c49231f6bd4f779bfa23fe7b4686ae82d5b8 nokogiri-1.18.1-aarch64-linux-gnu.gem 1b303402cd045f9075a6ee291767c1ffe654b426ed30911e5b47819c21855b22 nokogiri-1.18.1-aarch64-linux-musl.gem d75193f284c899d225943a8944479faedd995a7573ddd5c8308ffbdf2ec55204 nokogiri-1.18.1-arm64-darwin.gem 3b873fd6b0cd1ad7c77e87af701075bdfd14c9a6b2f2965c5e00ed29a5627a37 nokogiri-1.18.1-arm-linux-gnu.gem d6fe26f6d1425f403077fbf829fc0ef8e521545c924a13777d6fdf1a0c07c1f3 nokogiri-1.18.1-arm-linux-musl.gem df18be7e96c34736b6abfdeda80c6e845134fb9afe2fe5d4fbc1cf1f89c68475 nokogiri-1.18.1.gem e0e19b340f92d09b2b731e22d68895b2062d6555188aff370b05617516d3a781 nokogiri-1.18.1-java.gem 50d81e905a60dff706b99c980abefedaf1c3d2c434a3b49afaf1b69b80f7f5b4 nokogiri-1.18.1-x64-mingw-ucrt.gem d94e3aa6483577495fc8969d6b4b5c075840ce6b1ab09636a6d4177ad171051d nokogiri-1.18.1-x86_64-darwin.gem e516cf16ccde67ed4cc595a2621ca5ddd42562ecb24928914b0045a20a41620e nokogiri-1.18.1-x86_64-linux-gnu.gem f2c389bc100541247edaeaabc6d875b31d72e897471b66a67987b2e4df0192d6 nokogiri-1.18.1-x86_64-linux-musl.gem </code></pre> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's changelog</a>.</em></p> <blockquote> <h2>v1.18.1 / 2024-12-29</h2> <h3>Fixed</h3> <ul> <li>[CRuby] XML::SAX::ParserContext keeps a reference to the input to avoid a potential use-after-free issue that's existed since v1.4.0 (2009). (<a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a>) <a href="https://github.com/flavorjones"><code>@flavorjones</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparklemotion/nokogiri/commit/3b28b4983cec770f463e17ab2caf46ec823cd7e2"><code>3b28b49</code></a> version bump to v1.18.1</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/63441473d91a44c7ab638e9418d0f27003621f1f"><code>6344147</code></a> fix: SAX::ParserContext keeps a reference to the input (backport of <a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a> to ...</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/1c9b8f1273841f56aec0395bf0517c93fd6e1f7f"><code>1c9b8f1</code></a> doc: update CHANGELOG.md</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/682a293d7daccb274e2e52e0bbc530c57c2d2946"><code>682a293</code></a> fix: SAX::ParserContext keeps a reference to the input</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/fdfb6dfc3eb05afd00594fe966f57e1e895284f0"><code>fdfb6df</code></a> ci: bump everything to use 3.4 final (<a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3394">#3394</a>)</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/beec7729b179bac5b57297eb2d825e559d9a2de7"><code>beec772</code></a> ci: windows 3.4 is still not available, use head</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/3ca18efa089533f7ba19d38a8f6887540026103e"><code>3ca18ef</code></a> ci: bump everything to use 3.4 final</li> <li>See full diff in <a href="https://github.com/sparklemotion/nokogiri/compare/v1.18.0...v1.18.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
1 parent
d144746
commit d01da98