You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@myfaces.apache.org by GitBox <gi...@apache.org> on 2021/07/12 20:03:07 UTC

[GitHub] [myfaces-tobago] dependabot[bot] opened a new pull request #1083: build(deps): bump jsoup from 1.13.1 to 1.14.1

dependabot[bot] opened a new pull request #1083:
URL: https://github.com/apache/myfaces-tobago/pull/1083


   Bumps [jsoup](https://github.com/jhy/jsoup) from 1.13.1 to 1.14.1.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a href="https://github.com/jhy/jsoup/releases">jsoup's releases</a>.</em></p>
   <blockquote>
   <h2>jsoup 1.14.1</h2>
   <p>jsoup <strong>1.14.1</strong> is out now, with simple request session management, increased parse robustness, and a ton of other improvements, speed-ups, and bug fixes.</p>
   <p>See the full <a href="https://jsoup.org/news/release-1.14.1">announcement</a> for all the details on what's changed.</p>
   </blockquote>
   </details>
   <details>
   <summary>Changelog</summary>
   <p><em>Sourced from <a href="https://github.com/jhy/jsoup/blob/master/CHANGES">jsoup's changelog</a>.</em></p>
   <blockquote>
   <p>jsoup changelog</p>
   <p>*** Release 1.14.2 [PENDING]</p>
   <ul>
   <li>
   <p>Bugfix: the *|el wildcard namespace selector now also matches elements with no namespace.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1565">jhy/jsoup#1565</a></p>
   </li>
   <li>
   <p>Bugfix: corrected a potential case of the parser input stream not being closed immediately on a read exception.</p>
   </li>
   <li>
   <p>Bugfix: when making a HTTP POST, if the request write fails, make sure the connection is immediately cleaned up.</p>
   </li>
   <li>
   <p>Bugfix: updated the HtmlTreeParser resetInsertionMode to the current spec for supported elements
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1491">jhy/jsoup#1491</a></p>
   </li>
   <li>
   <p>Bugfix [Fuzz]: fixed a slow parse when a tag has thousands of null characters in it.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1580">jhy/jsoup#1580</a></p>
   </li>
   <li>
   <p>Bugfix [Fuzz]: the adoption agency algorithm can have an incorrect bookmark position
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1576">jhy/jsoup#1576</a></p>
   </li>
   <li>
   <p>Bugfiz [Fuzz]: malformed HTML could result in null elements on stack
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1579">jhy/jsoup#1579</a></p>
   </li>
   <li>
   <p>Bugfix [Fuzz]: malformed deeply nested table elements could create a stack overflow.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1577">jhy/jsoup#1577</a></p>
   </li>
   </ul>
   <p>*** Release 1.14.1 [2021-Jul-10]</p>
   <ul>
   <li>
   <p>Change: updated the minimum supported Java version from Java 7 to Java 8.</p>
   </li>
   <li>
   <p>Change: updated the minimum Android API level from 8 to 10.</p>
   </li>
   <li>
   <p>Change: although Node#childNodes() returns an UnmodifiableList as a view into its children, it was still
   directly backed by the internal child list. That made some uses, such as looping and moving those children to
   another element, throw a ConcurrentModificationException. Now this method returns its own list so that they are
   separated and changes to the parent's contents will not impact the children view. This aligns with similar methods
   such as Element#children(). If you have code that iterates this list and makes parenting changes to its contents,
   you may need to make a code update.
   <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1431">jhy/jsoup#1431</a></p>
   </li>
   <li>
   <p>Change: the org.jsoup.Connection interface has been modified to introduce new methods for sessions and the cookie
   store. If you have a custom implementation of this interface, you will need to add implementations of these methods.</p>
   </li>
   <li>
   <p>Improvement: added HTTP request session management support with Jsoup.newSession(). This extends the Connection
   implementation to support (optional) sessions, which allow request defaults (timeout, proxy, etc) to be set once and
   then applied to all requests within that session.</p>
   <p>Cookies are re-implemented to correctly support path and domain filtering when used within a session. A default
   in-memory cookie store is used for the session, or a custom implementation (perhaps disk-persistent, or pre-set)
   can be used instead.</p>
   <p>Forms submitted using the FormElement#submit() use the same session that was used to fetch the document and so pass</p>
   </li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a href="https://github.com/jhy/jsoup/commit/b24f2e463231269e9bc1e9118a70b9fd654f1a2f"><code>b24f2e4</code></a> [maven-release-plugin] prepare release jsoup-1.14.1</li>
   <li><a href="https://github.com/jhy/jsoup/commit/0bd588555f088b550ee5b046c34bb1ae8ae33e3f"><code>0bd5885</code></a> Release prep changelog update</li>
   <li><a href="https://github.com/jhy/jsoup/commit/f0345613a58ff6b9699b051ad7bcf8105529355b"><code>f034561</code></a> Code cleanup</li>
   <li><a href="https://github.com/jhy/jsoup/commit/0a5a7ef1c69319cb2fd3f70eb0c9c85e5c972d71"><code>0a5a7ef</code></a> Minor cleanup</li>
   <li><a href="https://github.com/jhy/jsoup/commit/cedf83c47f5fe58c4c9b2514c864bc2d576321d4"><code>cedf83c</code></a> Cleanup UTF BOM recognition</li>
   <li><a href="https://github.com/jhy/jsoup/commit/87085a830179877087dd0ae4480b53555b42a80e"><code>87085a8</code></a> Changelog for <a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1482">#1482</a></li>
   <li><a href="https://github.com/jhy/jsoup/commit/8db724e82cc73f921adc2fad900e10655438e662"><code>8db724e</code></a> resolve abnormal urls in compliance with rfc3986 (<a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1482">#1482</a>)</li>
   <li><a href="https://github.com/jhy/jsoup/commit/661523f261c750ffa2a6148316b3946e30349558"><code>661523f</code></a> Changelog for adoption agency fix</li>
   <li><a href="https://github.com/jhy/jsoup/commit/e45e53c849197be70364a63db8a7c6c8971c1ead"><code>e45e53c</code></a> Complete adoption agency algorithm (<a href="https://github-redirect.dependabot.com/jhy/jsoup/issues/1517">#1517</a>)</li>
   <li><a href="https://github.com/jhy/jsoup/commit/f49f92c4c29cc2a8440c4ffccc2fb248cdd30694"><code>f49f92c</code></a> More robust prevention of XML Declaration recursion</li>
   <li>Additional commits viewable in <a href="https://github.com/jhy/jsoup/compare/jsoup-1.13.1...jsoup-1.14.1">compare view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jsoup:jsoup&package-manager=maven&previous-version=1.13.1&new-version=1.14.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
   - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@myfaces.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [myfaces-tobago] henningn merged pull request #1083: build(deps): bump jsoup from 1.13.1 to 1.14.1

Posted by GitBox <gi...@apache.org>.

henningn merged pull request #1083:
URL: https://github.com/apache/myfaces-tobago/pull/1083


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscribe@myfaces.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org