From d01da98ecc10ab2f51f41f1d5dc47a0f0eca830e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 30 Dec 2024 08:16:54 -0500
Subject: [PATCH] Bump nokogiri from 1.18.0 to 1.18.1 (#4193)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.18.0
to 1.18.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's
releases</a>.</em></p>
<blockquote>
<h2>v1.18.1 / 2024-12-29</h2>
<h3>Fixed</h3>
<ul>
<li>[CRuby] XML::SAX::ParserContext keeps a reference to the input to
avoid a potential use-after-free issue that's existed since v1.4.0
(2009). (<a
href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a>)
<a
href="https://github.com/flavorjones"><code>@​flavorjones</code></a></li>
</ul>
<!-- raw HTML omitted -->

<pre><code>35837013800e34342fcbaca305f8c49231f6bd4f779bfa23fe7b4686ae82d5b8
nokogiri-1.18.1-aarch64-linux-gnu.gem
1b303402cd045f9075a6ee291767c1ffe654b426ed30911e5b47819c21855b22
nokogiri-1.18.1-aarch64-linux-musl.gem
d75193f284c899d225943a8944479faedd995a7573ddd5c8308ffbdf2ec55204
nokogiri-1.18.1-arm64-darwin.gem
3b873fd6b0cd1ad7c77e87af701075bdfd14c9a6b2f2965c5e00ed29a5627a37
nokogiri-1.18.1-arm-linux-gnu.gem
d6fe26f6d1425f403077fbf829fc0ef8e521545c924a13777d6fdf1a0c07c1f3
nokogiri-1.18.1-arm-linux-musl.gem
df18be7e96c34736b6abfdeda80c6e845134fb9afe2fe5d4fbc1cf1f89c68475
nokogiri-1.18.1.gem
e0e19b340f92d09b2b731e22d68895b2062d6555188aff370b05617516d3a781
nokogiri-1.18.1-java.gem
50d81e905a60dff706b99c980abefedaf1c3d2c434a3b49afaf1b69b80f7f5b4
nokogiri-1.18.1-x64-mingw-ucrt.gem
d94e3aa6483577495fc8969d6b4b5c075840ce6b1ab09636a6d4177ad171051d
nokogiri-1.18.1-x86_64-darwin.gem
e516cf16ccde67ed4cc595a2621ca5ddd42562ecb24928914b0045a20a41620e
nokogiri-1.18.1-x86_64-linux-gnu.gem
f2c389bc100541247edaeaabc6d875b31d72e897471b66a67987b2e4df0192d6
nokogiri-1.18.1-x86_64-linux-musl.gem
</code></pre>
<!-- raw HTML omitted -->
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's
changelog</a>.</em></p>
<blockquote>
<h2>v1.18.1 / 2024-12-29</h2>
<h3>Fixed</h3>
<ul>
<li>[CRuby] XML::SAX::ParserContext keeps a reference to the input to
avoid a potential use-after-free issue that's existed since v1.4.0
(2009). (<a
href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a>)
<a
href="https://github.com/flavorjones"><code>@​flavorjones</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/3b28b4983cec770f463e17ab2caf46ec823cd7e2"><code>3b28b49</code></a>
version bump to v1.18.1</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/63441473d91a44c7ab638e9418d0f27003621f1f"><code>6344147</code></a>
fix: SAX::ParserContext keeps a reference to the input (backport of <a
href="https://redirect.github.com/sparklemotion/nokogiri/issues/3395">#3395</a>
to ...</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/1c9b8f1273841f56aec0395bf0517c93fd6e1f7f"><code>1c9b8f1</code></a>
doc: update CHANGELOG.md</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/682a293d7daccb274e2e52e0bbc530c57c2d2946"><code>682a293</code></a>
fix: SAX::ParserContext keeps a reference to the input</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/fdfb6dfc3eb05afd00594fe966f57e1e895284f0"><code>fdfb6df</code></a>
ci: bump everything to use 3.4 final (<a
href="https://redirect.github.com/sparklemotion/nokogiri/issues/3394">#3394</a>)</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/beec7729b179bac5b57297eb2d825e559d9a2de7"><code>beec772</code></a>
ci: windows 3.4 is still not available, use head</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/3ca18efa089533f7ba19d38a8f6887540026103e"><code>3ca18ef</code></a>
ci: bump everything to use 3.4 final</li>
<li>See full diff in <a
href="https://github.com/sparklemotion/nokogiri/compare/v1.18.0...v1.18.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&previous-version=1.18.0&new-version=1.18.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 Gemfile.lock | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Gemfile.lock b/Gemfile.lock
index 7d84c4cd5..3d04a213e 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -271,9 +271,9 @@ GEM
     net-smtp (0.5.0)
       net-protocol
     nio4r (2.7.4)
-    nokogiri (1.18.0-arm64-darwin)
+    nokogiri (1.18.1-arm64-darwin)
       racc (~> 1.4)
-    nokogiri (1.18.0-x86_64-linux-gnu)
+    nokogiri (1.18.1-x86_64-linux-gnu)
       racc (~> 1.4)
     notiffany (0.1.3)
       nenv (~> 0.1)