Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency #2205

dependabot · 2024-07-22T09:43:16Z

Bumps rexml from 3.2.8 to 3.3.2.

Release notes

REXML 3.3.2 - 2024-07-16

Improvements

Improved parse performance.

GH-160

Patch by NAITOH Jun.

Improved parse performance.

GH-169

GH-170

GH-171

GH-172

GH-173

GH-174

GH-175

GH-176

GH-177

Patch by Watson.

Added support for raising a parse exception when an XML has extra content after the root element.

GH-161

Patch by NAITOH Jun.

Added support for raising a parse exception when an XML declaration exists in wrong position.

GH-162

Patch by NAITOH Jun.

Removed needless a space after XML declaration in pretty print mode.

GH-164

Patch by NAITOH Jun.

Stopped to emit :text event after the root element.

GH-167

Patch by NAITOH Jun.

Fixes

Fixed a bug that SAX2 parser doesn't expand predefined entities for characters callback.

GH-168

Patch by NAITOH Jun.

Thanks

NAITOH Jun

Watson

... (truncated)

Changelog

Sourced from rexml's changelog.

3.3.2 - 2024-07-16 {#version-3-3-2}

Improvements

Improved parse performance.

GH-160

Patch by NAITOH Jun.

Improved parse performance.

GH-169

GH-170

GH-171

GH-172

GH-173

GH-174

GH-175

GH-176

GH-177

Patch by Watson.

Added support for raising a parse exception when an XML has extra content after the root element.

GH-161

Patch by NAITOH Jun.

Added support for raising a parse exception when an XML declaration exists in wrong position.

GH-162

Patch by NAITOH Jun.

Removed needless a space after XML declaration in pretty print mode.

GH-164

Patch by NAITOH Jun.

Stopped to emit :text event after the root element.

GH-167

Patch by NAITOH Jun.

Fixes

Fixed a bug that SAX2 parser doesn't expand predefined entities for characters callback.

GH-168

Patch by NAITOH Jun.

Thanks

NAITOH Jun

Watson

... (truncated)

Commits

2b285ac Add 3.3.2 entry
0e33d3a test: improve linear performance test names
910e5a2 Fix performance issue caused by using repeated > characters inside `<xml><!...
1f1e6e9 Fix ReDoS by using repeated space characters inside `<!DOCTYPE name [<!ATTLIS...
1cc1d9a Suppress have_root not initialized warnings on Ruby < 3
67efb59 Fix performance issue caused by using repeated > characters inside `<!DOCTY...
a79ac8b Fix performance issue caused by using repeated > characters inside `<!DOCTY...
c33ea49 Fix performance issue caused by using repeated > characters after ` <!DOCTY...
9f1415a Fix performance issue caused by using repeated > characters inside `CDATA [...
c1b64c1 Fix performance issue caused by using repeated > characters inside comments...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.

* adds stretchr testify mock bucket for hns dirs test * adds stretchr testify mock bucket for hns dirs test * fix PR comments * fix PR comments * fix PR comments

Google is [shutting down](https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/) `goo.gl` short link redirects (after [previously announcing](https://developers.googleblog.com/en/transitioning-google-url-shortener-to-firebase-dynamic-links/) that they'll continue to work). Google also previously announced that you could export your links from "the `goo.gl` console", but I can't find that anywhere (the site is now just a redirect to their stupid blog post), so I had to do this by hand. There may be some errors.

* Bump golang.org/x/sys from 0.21.0 to 0.22.0 (#2123) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.21.0 to 0.22.0. - [Commits](golang/sys@v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump cloud.google.com/go/storage from 1.42.0 to 1.43.0 (#2127) Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.42.0 to 1.43.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.42.0...spanner/v1.43.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump golang from 1.22.4-alpine to 1.22.5-alpine (#2130) Bumps golang from 1.22.4-alpine to 1.22.5-alpine. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump golang.org/x/net from 0.26.0 to 0.27.0 (#2124) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0. - [Commits](golang/net@v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google.golang.org/grpc from 1.64.0 to 1.65.0 (#2125) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.65.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.64.0...v1.65.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * Bump google.golang.org/api from 0.186.0 to 0.188.0 (#2168) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.186.0 to 0.188.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.186.0...v0.188.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * Bump cloud.google.com/go/compute/metadata from 0.3.0 to 0.5.0 (#2166) Bumps [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@v0.3.0...v0.5.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/compute/metadata dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * fix merge conflict * upgrade grpc --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [rexml](https://github.com/ruby/rexml) from 3.2.8 to 3.3.2. - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](ruby/rexml@v3.2.8...v3.3.2) --- updated-dependencies: - dependency-name: rexml dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]>

* move files (#2157) * Refactor dirs test for hns (#2194) * adds stretchr testify mock bucket for hns dirs test * adds stretchr testify mock bucket for hns dirs test * fix PR comments * fix PR comments * fix PR comments * Migrate goo.gl links to TinyURL. (#2193) Google is [shutting down](https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/) `goo.gl` short link redirects (after [previously announcing](https://developers.googleblog.com/en/transitioning-google-url-shortener-to-firebase-dynamic-links/) that they'll continue to work). Google also previously announced that you could export your links from "the `goo.gl` console", but I can't find that anywhere (the site is now just a redirect to their stupid blog post), so I had to do this by hand. There may be some errors. * Bump Dependabot PRs (#2195) * Bump golang.org/x/sys from 0.21.0 to 0.22.0 (#2123) Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.21.0 to 0.22.0. - [Commits](golang/sys@v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump cloud.google.com/go/storage from 1.42.0 to 1.43.0 (#2127) Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.42.0 to 1.43.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.42.0...spanner/v1.43.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump golang from 1.22.4-alpine to 1.22.5-alpine (#2130) Bumps golang from 1.22.4-alpine to 1.22.5-alpine. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump golang.org/x/net from 0.26.0 to 0.27.0 (#2124) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.27.0. - [Commits](golang/net@v0.26.0...v0.27.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump google.golang.org/grpc from 1.64.0 to 1.65.0 (#2125) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.65.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.64.0...v1.65.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * Bump google.golang.org/api from 0.186.0 to 0.188.0 (#2168) Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.186.0 to 0.188.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.186.0...v0.188.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * Bump cloud.google.com/go/compute/metadata from 0.3.0 to 0.5.0 (#2166) Bumps [cloud.google.com/go/compute/metadata](https://github.com/googleapis/google-cloud-go) from 0.3.0 to 0.5.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@v0.3.0...v0.5.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/compute/metadata dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Tulsi Shah <[email protected]> * fix merge conflict * upgrade grpc --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency Bumps [rexml](https://github.com/ruby/rexml) from 3.2.8 to 3.3.2. - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](ruby/rexml@v3.2.8...v3.3.2) --- updated-dependencies: - dependency-name: rexml dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Ashmeen Kaur <[email protected]> Co-authored-by: Ankita Luthra <[email protected]> Co-authored-by: Aaron Jacobs <[email protected]> Co-authored-by: Tulsi Shah <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This reverts commit c68e8d3.

…" (#2210) This reverts commit c68e8d3.

ashmeenkaur and others added 5 commits July 22, 2024 12:15

move files (#2157)

ae117bd

Refactor dirs test for hns (#2194)

afc945a

* adds stretchr testify mock bucket for hns dirs test * adds stretchr testify mock bucket for hns dirs test * fix PR comments * fix PR comments * fix PR comments

dependabot bot requested a review from a team as a code owner July 22, 2024 09:43

dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Jul 22, 2024

dependabot bot requested a review from charith87 July 22, 2024 09:43

Tulsishah changed the base branch from master to dependabot_pr_2 July 23, 2024 05:54

Tulsishah merged commit c68e8d3 into dependabot_pr_2 Jul 23, 2024
4 of 7 checks passed

dependabot bot deleted the dependabot/bundler/tools/gem_dependency/rexml-3.3.2 branch July 23, 2024 05:54

Tulsishah mentioned this pull request Jul 23, 2024

Upgrade gem lock dependency #2209

Merged

Tulsishah added a commit that referenced this pull request Jul 23, 2024

Revert "Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency (#2205)"

a43211b

This reverts commit c68e8d3.

Tulsishah mentioned this pull request Jul 23, 2024

Revert "Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency" #2210

Merged

Tulsishah added a commit that referenced this pull request Jul 23, 2024

Revert "Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency (#2205)…

f5713a1

…" (#2210) This reverts commit c68e8d3.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency #2205

Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency #2205

dependabot bot commented on behalf of github Jul 22, 2024

Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency #2205

Bump rexml from 3.2.8 to 3.3.2 in /tools/gem_dependency #2205

Conversation

dependabot bot commented on behalf of github Jul 22, 2024

REXML 3.3.2 - 2024-07-16

Improvements

Fixes

Thanks

3.3.2 - 2024-07-16 {#version-3-3-2}

Improvements

Fixes

Thanks