Bump nokogiri from 1.16.6 to 1.16.7 #4129
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.6 to 1.16.7. - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](sparklemotion/nokogiri@v1.16.6...v1.16.7) --- updated-dependencies: - dependency-name: nokogiri dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
vegaro
approved these changes
Jul 29, 2024
jamesrb1
pushed a commit
that referenced
this pull request
Aug 7, 2024
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.6 to 1.16.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's releases</a>.</em></p> <blockquote> <h2>v1.16.7 / 2024-07-27</h2> <h2>Dependencies</h2> <ul> <li>[CRuby] Vendored libxml2 is updated to <a href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9">v2.12.9</a>, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.</li> </ul> <hr /> <p>sha256 checksums:</p> <pre><code>78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b nokogiri-1.16.7-aarch64-linux.gem c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3 nokogiri-1.16.7-arm-linux.gem 276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad nokogiri-1.16.7-arm64-darwin.gem 044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42 nokogiri-1.16.7-java.gem 01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56 nokogiri-1.16.7-x64-mingw-ucrt.gem d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec nokogiri-1.16.7-x64-mingw32.gem dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664 nokogiri-1.16.7-x86-linux.gem b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c nokogiri-1.16.7-x86-mingw32.gem 630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa nokogiri-1.16.7-x86_64-darwin.gem 9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6 nokogiri-1.16.7-x86_64-linux.gem f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95 nokogiri-1.16.7.gem </code></pre> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's changelog</a>.</em></p> <blockquote> <h2>v1.16.7 / 2024-07-27</h2> <h2>Dependencies</h2> <ul> <li>[CRuby] Vendored libxml2 is updated to <a href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9">v2.12.9</a>, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparklemotion/nokogiri/commit/d8d6ba30aaa0a0b3b0baa499ed79811814f789a2"><code>d8d6ba3</code></a> version bump to v1.16.7</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/76199bb5b00f246a3de24a416e98050321374a95"><code>76199bb</code></a> dep: update libxml2 to v2.12.9 (branch v1.16.x) (<a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3297">#3297</a>)</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/ca92e48b0c7c85bed1cbc42845cae8ccad57fce1"><code>ca92e48</code></a> dep: update packaged libxml2 to v2.12.9</li> <li>See full diff in <a href="https://github.com/sparklemotion/nokogiri/compare/v1.16.6...v1.16.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
MarkVillacampa
pushed a commit
that referenced
this pull request
Aug 7, 2024
**This is an automatic release.** ### Bugfixes * Fix Paywalls crash on iOS 18 beta (#4154) via Andy Boedo (@aboedo) ### Dependency Updates * Bump danger from 9.4.3 to 9.5.0 (#4143) via dependabot[bot] (@dependabot[bot]) * Bump nokogiri from 1.16.6 to 1.16.7 (#4129) via dependabot[bot] (@dependabot[bot]) * Bump fastlane from 2.221.1 to 2.222.0 (#4130) via dependabot[bot] (@dependabot[bot]) ### Other Changes * Update deployment targets for tests (#4145) via Andy Boedo (@aboedo) * Deploy purchaserTester: clean up dry-run parameter (#4140) via Andy Boedo (@aboedo) * Clean up API Testers (#4141) via Andy Boedo (@aboedo) * More project structure cleanup (#4131) via Andy Boedo (@aboedo) * temporarily disables purchasetester deploy (#4133) via Andy Boedo (@aboedo) * Fix trigger all tests branch (#4135) via Andy Boedo (@aboedo) * Clean up XCWorkspace and testing apps (#4111) via Andy Boedo (@aboedo) * tests trigger: add target-branch parameter to trigger from the right branch (#4121) via Andy Boedo (@aboedo) * Re-added the RevenueCatUI tests job on every commit (#4113) via Andy Boedo (@aboedo)
nyeu
pushed a commit
that referenced
this pull request
Oct 2, 2024
Bumps [nokogiri](https://github.com/sparklemotion/nokogiri) from 1.16.6 to 1.16.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's releases</a>.</em></p> <blockquote> <h2>v1.16.7 / 2024-07-27</h2> <h2>Dependencies</h2> <ul> <li>[CRuby] Vendored libxml2 is updated to <a href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9">v2.12.9</a>, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.</li> </ul> <hr /> <p>sha256 checksums:</p> <pre><code>78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b nokogiri-1.16.7-aarch64-linux.gem c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3 nokogiri-1.16.7-arm-linux.gem 276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad nokogiri-1.16.7-arm64-darwin.gem 044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42 nokogiri-1.16.7-java.gem 01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56 nokogiri-1.16.7-x64-mingw-ucrt.gem d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec nokogiri-1.16.7-x64-mingw32.gem dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664 nokogiri-1.16.7-x86-linux.gem b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c nokogiri-1.16.7-x86-mingw32.gem 630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa nokogiri-1.16.7-x86_64-darwin.gem 9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6 nokogiri-1.16.7-x86_64-linux.gem f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95 nokogiri-1.16.7.gem </code></pre> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's changelog</a>.</em></p> <blockquote> <h2>v1.16.7 / 2024-07-27</h2> <h2>Dependencies</h2> <ul> <li>[CRuby] Vendored libxml2 is updated to <a href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.9">v2.12.9</a>, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sparklemotion/nokogiri/commit/d8d6ba30aaa0a0b3b0baa499ed79811814f789a2"><code>d8d6ba3</code></a> version bump to v1.16.7</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/76199bb5b00f246a3de24a416e98050321374a95"><code>76199bb</code></a> dep: update libxml2 to v2.12.9 (branch v1.16.x) (<a href="https://redirect.github.com/sparklemotion/nokogiri/issues/3297">#3297</a>)</li> <li><a href="https://github.com/sparklemotion/nokogiri/commit/ca92e48b0c7c85bed1cbc42845cae8ccad57fce1"><code>ca92e48</code></a> dep: update packaged libxml2 to v2.12.9</li> <li>See full diff in <a href="https://github.com/sparklemotion/nokogiri/compare/v1.16.6...v1.16.7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
nyeu
pushed a commit
that referenced
this pull request
Oct 2, 2024
**This is an automatic release.** ### Bugfixes * Fix Paywalls crash on iOS 18 beta (#4154) via Andy Boedo (@aboedo) ### Dependency Updates * Bump danger from 9.4.3 to 9.5.0 (#4143) via dependabot[bot] (@dependabot[bot]) * Bump nokogiri from 1.16.6 to 1.16.7 (#4129) via dependabot[bot] (@dependabot[bot]) * Bump fastlane from 2.221.1 to 2.222.0 (#4130) via dependabot[bot] (@dependabot[bot]) ### Other Changes * Update deployment targets for tests (#4145) via Andy Boedo (@aboedo) * Deploy purchaserTester: clean up dry-run parameter (#4140) via Andy Boedo (@aboedo) * Clean up API Testers (#4141) via Andy Boedo (@aboedo) * More project structure cleanup (#4131) via Andy Boedo (@aboedo) * temporarily disables purchasetester deploy (#4133) via Andy Boedo (@aboedo) * Fix trigger all tests branch (#4135) via Andy Boedo (@aboedo) * Clean up XCWorkspace and testing apps (#4111) via Andy Boedo (@aboedo) * tests trigger: add target-branch parameter to trigger from the right branch (#4121) via Andy Boedo (@aboedo) * Re-added the RevenueCatUI tests job on every commit (#4113) via Andy Boedo (@aboedo)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps nokogiri from 1.16.6 to 1.16.7.
Release notes
Sourced from nokogiri's releases.
Changelog
Sourced from nokogiri's changelog.
Commits
d8d6ba3version bump to v1.16.776199bbdep: update libxml2 to v2.12.9 (branch v1.16.x) (#3297)ca92e48dep: update packaged libxml2 to v2.12.9Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)