build(deps): bump the bundler group across 4 directories with 8 updates

[dependabot]

Bumps the bundler group with 3 updates in the /pkgs/tools/admin/fastlane directory: addressable, json and jmespath.
Bumps the bundler group with 3 updates in the /pkgs/tools/admin/oxidized directory: json, rack and git.
Bumps the bundler group with 1 update in the /pkgs/tools/audio/mpdcron directory: nokogiri.
Bumps the bundler group with 2 updates in the /pkgs/tools/misc/anystyle-cli directory: yard and tzinfo.

Updates addressable from 2.7.0 to 2.8.6

Changelog

Sourced from addressable's changelog.

Addressable 2.8.6

• Memoize regexps for common character classes (#524)

#524: sporkmonger/addressable#524

Addressable 2.8.5

• Fix thread safety issue with encoding tables (#515)
• Define URI::NONE as a module to avoid serialization issues (#509)
• Fix YAML serialization (#508)

#508: sporkmonger/addressable#508 #509: sporkmonger/addressable#509 #515: sporkmonger/addressable#515

Addressable 2.8.4

• Restore Addressable::IDNA.unicode_normalize_kc as a deprecated method (#504)

#504: sporkmonger/addressable#504

Addressable 2.8.3

• Fix template expand level 2 hash support for non-string objects (#499, #498)

#499: sporkmonger/addressable#499 #498: sporkmonger/addressable#498

Addressable 2.8.2

• Improve cache hits and JIT friendliness (#486)
• Improve code style and test coverage (#482)
• Ensure reset of deferred validation (#481)
• Resolve normalization differences between IDNA::Native and IDNA::Pure (#408, #492)
• Remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) (accidentally reverted by #449 merge but added back in #492)

#492: sporkmonger/addressable#492

Addressable 2.8.1

• refactor Addressable::URI.normalize_path to address linter offenses (#430)
• update gemspec to reflect supported Ruby versions (#466, #464, #463)
• compatibility w/ public_suffix 5.x (#466, #465, #460)
• fixes "invalid byte sequence in UTF-8" exception when unencoding URLs containing non UTF-8 characters (#459)
• Ractor compatibility (#449)
• use the whole string instead of a single line for template match (#431)
• force UTF-8 encoding only if needed (#341)

#449: sporkmonger/addressable#449 #460: sporkmonger/addressable#460 #463: sporkmonger/addressable#463 #464: sporkmonger/addressable#464 #465: sporkmonger/addressable#465 #466: sporkmonger/addressable#466

... (truncated)

Commits

• 35a0f5c gemspec: more #freeze and rubygems_version bump (#526)
• 63ab40e Update version, gemspec, and CHANGELOG for 2.8.6 (#525)
• 20879a9 Memoize regexps for common character classes (#524)
• 60feb48 Link directly to versioned changelog from gemspec (#522)
• d3635cc Bump actions/checkout from 3 to 4 (#521)
• 7cd185e Update version, gemspec, and CHANGELOG for 2.8.5 (#518)
• a5a8514 Fix gemspec generation (#517)
• e01456b Fix thread safety issue with encoding tables (#515)
• cf2153e Allow ruby-head to fail (#516)
• b56cef3 Define URI::NONE as a module to avoid serialization issues (#509)
• Additional commits viewable in compare view

Updates json from 2.5.1 to 2.7.2

Release notes

Sourced from json's releases.

v2.7.2

What's Changed

• Use rb_sym2str instead of SYM2ID by @​jhawthorn in flori/json#561
• Fix memory leak when exception is raised during JSON generation by @​peterzhu2118 in flori/json#574
• Remove references to "19" methods in JRuby by @​headius in flori/json#576
• Make OpenStruct support as optional by @​hsbt in flori/json#565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 by @​tompng in flori/json#577
• Warn to install ostruct if json couldn't load it by @​hsbt in flori/json#578

New Contributors

• @​mperham made their first contribution in flori/json#571
• @​peterzhu2118 made their first contribution in flori/json#574

Full Changelog: ruby/json@v2.7.1...v2.7.2

v2.7.1

What's Changed

Improved

• [DOC] RDoc for additions by @​BurdetteLamar in flori/json#557

Fixed

• JSON.dump: handle unenclosed hashes regression by @​casperisfine in flori/json#554
• Overload kwargs in JSON.dump by @​k0kubun in flori/json#556
• Fix JSON.dump overload combination by @​tompng in flori/json#558

Misc

• Remove needless encodings by @​hsbt in flori/json#559
• Unify versions by @​hsbt in flori/json#560

New Contributors

• @​k0kubun made their first contribution in flori/json#556
• @​tompng made their first contribution in flori/json#558

Full Changelog: ruby/json@v2.7.0...v2.7.1

v2.7.0

What's Changed

Improved

• Perf. improvements to Hash#to_json in pure implementation generator. by @​vipulnsward in flori/json#203
• Remove unnecessary initialization of create_id in JSON.parse() by @​Watson1978 in flori/json#454

Added

• Call super in included hook by @​paracycle in flori/json#486
• Rename escape_slash in script_safe and also escape E+2028 and E+2029 by @​casperisfine in flori/json#525
• Add a strict option to Generator by @​casperisfine in flori/json#519

... (truncated)

Changelog

Sourced from json's changelog.

2024-04-04 (2.7.2)

• Use rb_sym2str instead of SYM2ID #561
• Fix memory leak when exception is raised during JSON generation #574
• Remove references to "19" methods in JRuby #576
• Make OpenStruct support as optional by @​hsbt in #565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 #577
• Warn to install ostruct if json couldn't load it by @​hsbt #578

2023-12-05 (2.7.1)

• JSON.dump: handle unenclosed hashes regression #554
• Overload kwargs in JSON.dump #556
• [DOC] RDoc for additions #557
• Fix JSON.dump overload combination #558

2023-12-01 (2.7.0)

• Add a strict option to Generator #519
• escape_slash option was renamed as script_safe and now also escape U+2028 and U+2029. escape_slash is now an alias of script_safe #525
• Remove unnecessary initialization of create_id in JSON.parse() #454
• Improvements to Hash#to_json in pure implementation generator #203
• Use ruby_xfree to free buffers #518
• Fix "unexpected token" offset for Infinity #507
• Avoid using deprecated BigDecimal.new on JRuby #546
• Removed code for Ruby 1.8 #540
• Rename JSON::ParseError to JSON:ParserError #530
• Call super in included hook #486
• JRuby requires a minimum of Java 8 #516
• Always indent even if empty #517

2022-11-30 (2.6.3)

• bugfix json/pure mixing escaped with literal unicode raises Encoding::CompatibilityError #483
• Stop including the parser source LINE in exceptions #470

2022-11-17 (2.6.2)

• Remove unknown keyword arg from DateTime.parse #488
• Ignore java artifacts by @​hsbt #489
• Fix parser bug for empty string allocation #496

2021-10-24 (2.6.1)

• Restore version.rb with 2.6.1

2021-10-14 (2.6.0)

• Use rb_enc_interned_str if available to reduce allocations in freeze: true mode. #451.
• Bump required_ruby_version to 2.3.

... (truncated)

Commits

• 036944a Bump up 2.7.2
• 5a1659d Merge pull request #578 from flori/warn-bundled-gems
• fff2859 Warn to install ostruct if json couldn't load it
• cdbcbd0 Merge pull request #577 from tompng/autoload_generic_object
• 84b7517 Merge pull request #576 from headius/no_19_jruby_methods
• b507f9e Autoload GenericObject to avoid require ostruct warning in Ruby 3.4
• a480682 Remove references to "19" methods in JRuby
• 35d435e Merge pull request #575 from flori/refine-ci
• 817d7b0 Exclude 2.3-2.5 on macos-14 iamge
• df33e8e Added JRuby 9.4
• Additional commits viewable in compare view

Updates jmespath from 1.4.0 to 1.6.2

Release notes

Sourced from jmespath's releases.

Release v1.6.2 - 2022-11-25

• Issue - Allow comparison of Numeric types (includes Float).

• Issue - Add jmespath.rb to gemspec executables.

Release v1.6.1 - 2022-03-07

• Issue - Use JSON.parse instead of JSON.load.

Release v1.6.0 - 2022-02-14

• Feature - Add support for string comparissons.

Release v1.5.0 - 2022-01-10

• Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

  [See related GitHub pull request #51](jmespath/jmespath.rb#51).

Changelog

Sourced from jmespath's changelog.

1.6.2 (2022-11-25)

• Issue - Allow comparison of Numeric types (includes Float).

• Issue - Add jmespath.rb to gemspec executables.

1.6.1 (2022-03-07)

• Issue - Use JSON.parse instead of JSON.load.

1.6.0 (2022-02-14)

• Feature - Add support for string comparisons.

1.5.0 (2022-01-10)

• Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

  [See related GitHub pull request #51](jmespath/jmespath.rb#51).

Commits

• 8336859 Bump changelog and version
• 9c7d316 Merge pull request #57 from mtichner/patch-1
• 90ab191 Merge branch 'main' into patch-1
• a085656 Merge pull request #48 from mvastola/master
• a700772 Update syntax and add changelog entry
• 1b91b71 Merge branch 'main' into master
• c27c82d Add numeric as a comparable type
• 57d77ea Update lib/jmespath/nodes/condition.rb
• fbb7ff4 nit
• a78135f use numerics
• Additional commits viewable in compare view

Updates json from 2.2.0 to 2.7.2

Release notes

Sourced from json's releases.

v2.7.2

What's Changed

• Use rb_sym2str instead of SYM2ID by @​jhawthorn in flori/json#561
• Fix memory leak when exception is raised during JSON generation by @​peterzhu2118 in flori/json#574
• Remove references to "19" methods in JRuby by @​headius in flori/json#576
• Make OpenStruct support as optional by @​hsbt in flori/json#565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 by @​tompng in flori/json#577
• Warn to install ostruct if json couldn't load it by @​hsbt in flori/json#578

New Contributors

• @​mperham made their first contribution in flori/json#571
• @​peterzhu2118 made their first contribution in flori/json#574

Full Changelog: ruby/json@v2.7.1...v2.7.2

v2.7.1

What's Changed

Improved

• [DOC] RDoc for additions by @​BurdetteLamar in flori/json#557

Fixed

• JSON.dump: handle unenclosed hashes regression by @​casperisfine in flori/json#554
• Overload kwargs in JSON.dump by @​k0kubun in flori/json#556
• Fix JSON.dump overload combination by @​tompng in flori/json#558

Misc

• Remove needless encodings by @​hsbt in flori/json#559
• Unify versions by @​hsbt in flori/json#560

New Contributors

• @​k0kubun made their first contribution in flori/json#556
• @​tompng made their first contribution in flori/json#558

Full Changelog: ruby/json@v2.7.0...v2.7.1

v2.7.0

What's Changed

Improved

• Perf. improvements to Hash#to_json in pure implementation generator. by @​vipulnsward in flori/json#203
• Remove unnecessary initialization of create_id in JSON.parse() by @​Watson1978 in flori/json#454

Added

• Call super in included hook by @​paracycle in flori/json#486
• Rename escape_slash in script_safe and also escape E+2028 and E+2029 by @​casperisfine in flori/json#525
• Add a strict option to Generator by @​casperisfine in flori/json#519

... (truncated)

Changelog

Sourced from json's changelog.

2024-04-04 (2.7.2)

• Use rb_sym2str instead of SYM2ID #561
• Fix memory leak when exception is raised during JSON generation #574
• Remove references to "19" methods in JRuby #576
• Make OpenStruct support as optional by @​hsbt in #565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 #577
• Warn to install ostruct if json couldn't load it by @​hsbt #578

2023-12-05 (2.7.1)

• JSON.dump: handle unenclosed hashes regression #554
• Overload kwargs in JSON.dump #556
• [DOC] RDoc for additions #557
• Fix JSON.dump overload combination #558

2023-12-01 (2.7.0)

• Add a strict option to Generator #519
• escape_slash option was renamed as script_safe and now also escape U+2028 and U+2029. escape_slash is now an alias of script_safe #525
• Remove unnecessary initialization of create_id in JSON.parse() #454
• Improvements to Hash#to_json in pure implementation generator #203
• Use ruby_xfree to free buffers #518
• Fix "unexpected token" offset for Infinity #507
• Avoid using deprecated BigDecimal.new on JRuby #546
• Removed code for Ruby 1.8 #540
• Rename JSON::ParseError to JSON:ParserError #530
• Call super in included hook #486
• JRuby requires a minimum of Java 8 #516
• Always indent even if empty #517

2022-11-30 (2.6.3)

• bugfix json/pure mixing escaped with literal unicode raises Encoding::CompatibilityError #483
• Stop including the parser source LINE in exceptions #470

2022-11-17 (2.6.2)

• Remove unknown keyword arg from DateTime.parse #488
• Ignore java artifacts by @​hsbt #489
• Fix parser bug for empty string allocation #496

2021-10-24 (2.6.1)

• Restore version.rb with 2.6.1

2021-10-14 (2.6.0)

• Use rb_enc_interned_str if available to reduce allocations in freeze: true mode. #451.
• Bump required_ruby_version to 2.3.

... (truncated)

Commits

• 036944a Bump up 2.7.2
• 5a1659d Merge pull request #578 from flori/warn-bundled-gems
• fff2859 Warn to install ostruct if json couldn't load it
• cdbcbd0 Merge pull request #577 from tompng/autoload_generic_object
• 84b7517 Merge pull request #576 from headius/no_19_jruby_methods
• b507f9e Autoload GenericObject to avoid require ostruct warning in Ruby 3.4
• a480682 Remove references to "19" methods in JRuby
• 35d435e Merge pull request #575 from flori/refine-ci
• 817d7b0 Exclude 2.3-2.5 on macos-14 iamge
• df33e8e Added JRuby 9.4
• Additional commits viewable in compare view

Updates rack from 1.6.11 to 1.6.13

Commits

• 47a1fd7 bump version
• b8dc520 Handle case where session id key is requested but it is missing
• 698a060 Merge pull request #1462 from jeremyevans/sessionid-to_s
• de902e4 Merge branch '1-6-sec' into 1-6-stable
• b7d6546 Bump version
• d3e2f88 making diff smaller
• 99a8a87 fix memcache tests on 1.6
• f2cb48e fix tests on 1.6
• 7ff635c Introduce a new base class to avoid breaking when upgrading
• 3232f93 Add a version prefix to the private id to make easier to migrate old values
• Additional commits viewable in compare view

Updates git from 1.5.0 to 1.19.1

Release notes

Sourced from git's releases.

Release v1.19.1

v1.19.1 (2024-01-13)

Full Changelog

Changes since v1.19.0:

• f97c57c Announce the 2.0.0 pre-release (#682)

Release v1.19.0

v1.19.0 (2023-12-28)

Full Changelog

Changes since v1.18.0:

• 3bdb280 Add option to push all branches to a remote repo at one time (#678)
• b0d89ac Remove calls to Dir.chdir (#673)
• e64c2f6 Refactor tests for read_tree, write_tree, and commit_tree (#679)
• 0bb965d Explicitly name remote tracking branch in test (#676)
• 8481f8c Document how to delete a remote branch (#672)
• dce6816 show .log example with count in README, fixes #667 (#668)
• b1799f6 Update test of 'git worktree add' with no commits (#670)
• dd5a24d Add --filter to Git.clone for partial clones (#663)

Release v1.18.0

v1.18.0 (2023-03-19)

Full Changelog

Changes since v1.17.2:

• 3c70 Add support for --update-head-ok to fetch (#660)
• b53d Do not generate yard documentation when building in TruffleRuby (#659)
• 5af1 Correctly report command output when there is an error (#658)
• b27a Add test to ensure that Git.open works to open a submodule (#655)
• 5b0e Update Git.clone to set multiple config variables (#653)

Release v1.17.2

v1.17.2 (2023-03-07)

Full Changelog

Changes since v1.17.1:

• f43d6 Fix branch name parsing to handle names that include slashes (#651)

Release v1.17.1

v1.17.1 (2023-03-06)

... (truncated)

Changelog

Sourced from git's changelog.

v1.19.1 (2024-01-13)

Full Changelog

Changes since v1.19.0:

• f97c57c Announce the 2.0.0 pre-release (#682)

v1.19.0 (2023-12-28)

Full Changelog

Changes since v1.18.0:

• 3bdb280 Add option to push all branches to a remote repo at one time (#678)
• b0d89ac Remove calls to Dir.chdir (#673)
• e64c2f6 Refactor tests for read_tree, write_tree, and commit_tree (#679)
• 0bb965d Explicitly name remote tracking branch in test (#676)
• 8481f8c Document how to delete a remote branch (#672)
• dce6816 show .log example with count in README, fixes #667 (#668)
• b1799f6 Update test of 'git worktree add' with no commits (#670)
• dd5a24d Add --filter to Git.clone for partial clones (#663)

v1.18.0 (2023-03-19)

Full Changelog

Changes since v1.17.2:

• 3c70 Add support for --update-head-ok to fetch (#660)
• b53d Do not generate yard documentation when building in TruffleRuby (#659)
• 5af1 Correctly report command output when there is an error (#658)
• b27a Add test to ensure that Git.open works to open a submodule (#655)
• 5b0e Update Git.clone to set multiple config variables (#653)

v1.17.2 (2023-03-07)

Full Changelog

Changes since v1.17.1:

• f43d6 Fix branch name parsing to handle names that include slashes (#651)

v1.17.1 (2023-03-06)

Full Changelog

Changes since v1.17.0:

• 774e Revert introduction of ActiveSupport dependency (#649)

... (truncated)

Commits

• 4979923 Release v1.19.1
• f97c57c Announce the 2.0.0 pre-release (#682)
• b588e66 Release v1.19.0
• 3bdb280 Add option to push all branches to a remote repo at one time (#678)
• b0d89ac Remove calls to Dir.chdir (#673)
• e64c2f6 Refactor tests for read_tree, write_tree, and commit_tree (#679)
• 0bb965d Explicitly name remote tracking branch in test (#676)
• 8481f8c Document how to delete a remote branch (#672)
• dce6816 show .log example with count in README, fixes #667 (#668)
• b1799f6 Update test of 'git worktree add' with no commits (#670)
• Additional commits viewable in compare view

Updates nokogiri from 1.10.3 to 1.15.6

Release notes

Sourced from nokogiri's releases.

1.15.6 / 2024-03-16

Note

This security release is a backport to the unsupported v1.15.x branch. Current stable is v1.16.x, which addressed the referenced CVE in v1.16.2 on 2024-02-04.

Security

• [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See GHSA-xc9x-jj77-9p9j for more information.

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.11.7 from v2.11.6. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.7

---

sha256 checksums:

d79f713dffff149d60ab272d206a3ca96db2b891ab6a9f65362bfb78aface37a  gems/nokogiri-1.15.6-aarch64-linux.gem
62b5b7b387ec6c61c1ea5f889b7bc579eedd37f265f7cc1dc392484938549f1a  gems/nokogiri-1.15.6-arm-linux.gem
ba93c63f5c03047778abf16c80676fe67e7eb7d871ab0aaa7e2c2dfe4ec20027  gems/nokogiri-1.15.6-arm64-darwin.gem
d24639a546ba58c86d18da1ed124eaecbd45c5ae4c4dec41751b730a2b732ac3  gems/nokogiri-1.15.6-java.gem
e36887d89ec1b080e4a01dd2ff52650003db01d2a5edf5e6ab19e4c0bdb1385f  gems/nokogiri-1.15.6-x64-mingw-ucrt.gem
852c59a398499c8fcb6478d76396dcd50afa8f8902563b76265cd7dc90a731a1  gems/nokogiri-1.15.6-x64-mingw32.gem
19e0a5fbfa4393353fbcf6801f8f62350b6e16f43c907680c5884896858a23a2  gems/nokogiri-1.15.6-x86-linux.gem
9d464bbbaad6721a5a73181165fda67573f64ef2803c3337f6f733603e9d309a  gems/nokogiri-1.15.6-x86-mingw32.gem
32d045cdb0ce097e4543a5e7a79efd13ff05d904e32f4328732149dbea3c7f15  gems/nokogiri-1.15.6-x86_64-darwin.gem
26a79da0377100d6938ae2f1b115230a8a4a4595e35b89164d8495af32091186  gems/nokogiri-1.15.6-x86_64-linux.gem
70ce799b4b3e23b358501f1da3914f70b1c7a113fb12e96a7d53558481146e08  gems/nokogiri-1.15.6.gem

1.15.5 / 2023-11-17

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
• [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For details please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39

---

sha256 checksums:

6dfa1d9837ddb233e234d56e244560ab1bc545d3d1744478060e18691f44ded7  nokogiri-1.15.5-aarch64-linux.gem
e3ac6608c6e1714bc11ff04e29a43fedf4cac2aea1bd88256cc3b927c06f347f  nokogiri-1.15.5-arm-linux.gem
4d7b15d53c0397d131376a19875aa97dd1c8b404c2c03bd2171f9b77e9592d40  nokogiri-1.15.5-arm64-darwin.gem
5f87e71aaeb4f7479b94698737a0aacea77836b4805c7433b655e9565bd56cfe  nokogiri-1.15.5-java.gem
7612be800909ae51e0a7cfbe1f768757857a9ff0339686814ca67d9bae271ca2  nokogiri-1.15.5-x64-mingw-ucrt.gem
</tr></table> 

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.15.6 / 2024-03-16

Security

• [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See GHSA-xc9x-jj77-9p9j for more information.

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.11.7 from v2.11.6. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.7

1.15.5 / 2023-11-17

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
• [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For details please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39

1.15.4 / 2023-08-11

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.11.5 from v2.11.4. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5

Fixed

• Fixed a typo in a HTML5 parser error message. #2927 (@​anishathalye)
• [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [Fix x11 include and lib parameters for configure script. NixOS/nixpkgs#2923, #2924]

1.15.3 / 2023-07-05

Fixed

• Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). #2920
• Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). #2920
• [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. #2920
• [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). #2916
• [JRuby] Fixed NPE when serializing an unparented HTML node. [Removing users.extraUsers.<user>.openssh.authorizedKeys.keys does not remove /etc/ssh/authorized_keys.d/<user> NixOS/nixpkgs#2559, #2895] (@​cbasguti)

1.15.2 / 2023-05-24

Dependencies

• [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.

... (truncated)

Commits

• 7ab6310 version bump to v1.15.6
• f8156b4 dep: update libxml to 2.11.7 (branch 1.15.x) (#3154)
• 9827619 ci: pin to a version of bundler that works across supported rubies
• 83a2571 dep: bump libxml to v2.11.7
• 5745d4b version bump to v1.15.5
• da2d908 ci: add ruby version to vendored libs cache key (backport) (#3029)
• 0f56450 ci: add ruby version to vendored libs cache key (#3028)
• 32b2c35 dep: update libxml to 2.11.5 and libxslt to 1.1.39 (v1.15.x) (#3025)
• b8f7e16 ci: skip the BSD builds for now
• aa3208b dep: update libxml to 2.11.5 and libxslt to 1.1.39
• Additional commits viewable in compare view

Updates yard from 0.9.25 to 0.9.36

Release notes

Sourced from yard's releases.

Release v0.9.36

• Further XSS fixes for generated frameset pages (#1538)
• Improve tests for Ruby 3.3 compatibility (#1519, #1531)
• Documentation improvements (#1524)

Release v0.9.35

• Fix possible XSS on generated YARD frameset pages (thanks to @​RedYetiDev for finding and patching) (2069e2b).
• Fix errors when using @option on non-method objects (#1508)
• Support Ruby 3.3 changes in Ripper parser (#1510)

Release v0.9.34

• Add changelog to yard.gemspec
• Fix fork behavior in yard server --fork

Release v0.9.33

• Ensure .yardopts is present in gem package (internal YARD documentation change)

Release v0.9.32

• Fix issue with custom Rack::Request attributes in yard server

Release v0.9.31

• Remove dependency on webrick in YARD::Server::Commands::StaticFileHelpers

Release v0.9.30

• Hot release fix to correct issue with gem packaging missing templates (#1490)

Release v0.9.29

• Enable table support for CommonMarker (#1443)
• Parser performance improvements (#1452, #1453, #1454, #1455)
• Fix autoload of RipperParser (#1460)
• Remove dependency on webrick for better Ruby 3.1+ support
• Improvements for mixin resolution (#1467, #1468)

Release v0.9.28

... (truncated)

Changelog

Sourced from yard's changelog.

0.9.36 - February 29th, 2024

• Further XSS fixes for generated frameset pages (#1538)
• Improve tests for Ruby 3.3 compatibility (#1519, #1531)
• Documentation improvements (#1524)

0.9.35 - February 28th, 2024

• Fix possible XSS on generated YARD frameset pages (thanks to @​RedYetiDev for finding and patching) (2069e2b).
• Fix errors when using @option on non-method objects (#1508)
• Support Ruby 3.3 changes in Ripper parser (#1510)

0.9.34 - April 12nd, 2023

• Add changelog to yard.gemspec
• Fix fork behavior in yard server --fork

0.9.33 - April 11st, 2023

• Ensure .yardopts is present in gem package (internal YARD documentation change)

0.9.32 - April 9th, 2023

• Fix issue with custom Rack::Request attributes in yard server

0.9.31 - April 9th, 2023

• Remove dependency on webrick in YARD::Server::Commands::StaticFileHelpers

0.9.30 - April 9th, 2023

• Hot release fix to correct issue with gem packaging missing templates (#1490)

0.9.29 - April 8th, 2023

... (truncated)

Commits

• e833aac Tag release v0.9.36
• 1fcb2d8 Merge pull request #1538 from RedYetiDev/patch-2
• a831a59 Fix semicolon
• 2a0b999 assign url_for_main to a variable
• 3059017 Merge pull request #1519 from mtasaka/ruby33_test_fix
• c88406e Update frames.erb
• 7cb3fc5 Merge pull request Description has been truncated

[dependabot]

Superseded by #4.