You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@any23.apache.org by GitBox <gi...@apache.org> on 2021/09/13 00:01:26 UTC

[GitHub] [any23] dependabot[bot] opened a new pull request #175: Bump jsoup from 1.13.1 to 1.14.2

dependabot[bot] opened a new pull request #175:
URL: https://github.com/apache/any23/pull/175


   Bumps [jsoup](https://github.com/jhy/jsoup) from 1.13.1 to 1.14.2.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/jhy/jsoup/releases">jsoup's releases</a>.</em></p>
   <blockquote>
   <h2>jsoup 1.14.2</h2>
   <p>Caught by the fuzz! <strong>jsoup 1.14.2</strong> is out now, and includes a set of parser bug fixes and improvements for handling rough HTML and XML, as identified by the Jazzer JVM fuzzer. This release also includes other fixes and improvements.</p>
   <p>See the <a href="https://jsoup.org/news/release-1.14.2">release announcement</a> for the full changelog.</p>
   <h2>jsoup 1.14.1</h2>
   <p>jsoup <strong>1.14.1</strong> is out now, with simple request session management, increased parse robustness, and a ton of other improvements, speed-ups, and bug fixes.</p>
   <p>See the full <a href="https://jsoup.org/news/release-1.14.1">announcement</a> for all the details on what's changed.</p>
   </blockquote>
   </details>
   <details>
   <summary>Changelog</summary>
   <p><em>Sourced from <a href="https://github.com/jhy/jsoup/blob/master/CHANGES">jsoup's changelog</a>.</em></p>
   <blockquote>
   <p>jsoup changelog</p>
   <p>*** Release 1.14.3 [PENDING]</p>
   <ul>
   <li>
   <p>Improvement: added support in CharacterReader to track newlines, so that parse errors can be reported more
   intuitively.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/pull/1624">jhy/jsoup#1624</a></p>
   </li>
   <li>
   <p>Improvement: tracked parse errors now have more details, including the erroneous token, to help clarify the errors.</p>
   </li>
   <li>
   <p>Bugfix: when tracking errors or checking for validity in the Cleaner, errors were incorrectly raised for missing
   optional closing tags.</p>
   </li>
   <li>
   <p>Bugfix: the OSGi bundle meta-data incorrectly set a version on the import of java.annotation (used as a build-time
   dependency for nullability assertions).
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1616">jhy/jsoup#1616</a></p>
   </li>
   <li>
   <p>Build Improvement: fixed nullability annotations for Node.equals(other) and other equals methods.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1628">jhy/jsoup#1628</a></p>
   </li>
   </ul>
   <p>*** Release 1.14.2 [2021-Aug-15]</p>
   <ul>
   <li>
   <p>Improvement: support Pattern.quote \Q and \E escapes in the selector regex matchers.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/pull/1536">jhy/jsoup#1536</a></p>
   </li>
   <li>
   <p>Improvement: Element.absUrl() now supports tel: URLs, and other URLs that are already absolute but that Java does
   not have input stream handlers for.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1610">jhy/jsoup#1610</a></p>
   </li>
   <li>
   <p>Bugfix: when serializing output, escape characters that are in the &lt; 0x20 range. This improves XML output
   compatibility, and makes HTML output with these characters easier to read (as they're otherwise invisible).
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1556">jhy/jsoup#1556</a></p>
   </li>
   <li>
   <p>Bugfix: the *|el wildcard namespace selector now also matches elements with no namespace.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1565">jhy/jsoup#1565</a></p>
   </li>
   <li>
   <p>Bugfix: corrected a potential case of the parser input stream not being closed immediately on a read exception.</p>
   </li>
   <li>
   <p>Bugfix: when making a HTTP POST, if the request write fails, make sure the connection is immediately cleaned up.</p>
   </li>
   <li>
   <p>Bugfix: in the XML parser, XML processing instructions without attributes would be serialized as if they did.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/770">jhy/jsoup#770</a></p>
   </li>
   <li>
   <p>Bugfix: updated the HtmlTreeParser resetInsertionMode to the current spec for supported elements.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1491">jhy/jsoup#1491</a></p>
   </li>
   <li>
   <p>Bugfix: fixed an NPE when parsing fragment HTML into a standalone table element.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1603">jhy/jsoup#1603</a></p>
   </li>
   <li>
   <p>Bugfix: fixed an NPE when parsing fragment heading HTML into a standalone p element.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1601">jhy/jsoup#1601</a></p>
   </li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/jhy/jsoup/commit/19c77325c9abb6f8b8b65034470e15faad6ce822"><code>19c7732</code></a> [maven-release-plugin] prepare release jsoup-1.14.2</li>
   <li><a href="https://github.com/jhy/jsoup/commit/acde180f094e2749d22034916cb35914289e521a"><code>acde180</code></a> Compress harder</li>
   <li><a href="https://github.com/jhy/jsoup/commit/530c5b0fcbef330ea762071144a864e19b1c7595"><code>530c5b0</code></a> Refactored fuzz tests to iterate all files in directory; run timeout tests</li>
   <li><a href="https://github.com/jhy/jsoup/commit/d2c455c94a3aaaca29d8cec6bd53ee9824622b51"><code>d2c455c</code></a> Speed improvement: cap number of cloned active formatting elements</li>
   <li><a href="https://github.com/jhy/jsoup/commit/0dcb53a73cd11530caee713a46d95ac9867b2805"><code>0dcb53a</code></a> Correctly consume to exit state</li>
   <li><a href="https://github.com/jhy/jsoup/commit/42da86439df7545a7418044f7e8804b7dfb2de15"><code>42da864</code></a> In bogusComment, make sure unconsume not called after a potential buffer up</li>
   <li><a href="https://github.com/jhy/jsoup/commit/eba3e39a0d4c6e55295b565511873f81a751dde2"><code>eba3e39</code></a> Fix an IOOB when HTML root cleared and then attributes added</li>
   <li><a href="https://github.com/jhy/jsoup/commit/9d538e634c47754f976e6503ed7e427f92802ec2"><code>9d538e6</code></a> Annotate some nullables</li>
   <li><a href="https://github.com/jhy/jsoup/commit/a909600117d18af97cc432a15a1fa3c67bc100de"><code>a909600</code></a> Comment on URL normalization</li>
   <li><a href="https://github.com/jhy/jsoup/commit/6b3ec64329f24f61f0eb806cef59f1fa5b233ca2"><code>6b3ec64</code></a> Removed unused import</li>
   <li>Additional commits viewable in <a href="https://github.com/jhy/jsoup/compare/jsoup-1.13.1...jsoup-1.14.2">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jsoup:jsoup&package-manager=maven&previous-version=1.13.1&new-version=1.14.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@any23.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [any23] lewismc merged pull request #175: ANY23-487 Bump jsoup from 1.13.1 to 1.14.2

Posted by GitBox <gi...@apache.org>.

lewismc merged pull request #175:
URL: https://github.com/apache/any23/pull/175


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@any23.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org