chore(deps-dev): Bump the bundler group across 1 directory with 2 upd… · google/osv-scanner@e26774d

Commit

chore(deps-dev): Bump the bundler group across 1 directory with 2 upd…
…ates (#983)

Bumps the bundler group with 2 updates in the /docs directory:
[nokogiri](https://github.com/sparklemotion/nokogiri) and
[rexml](https://github.com/ruby/rexml).

Updates `nokogiri` from 1.16.4 to 1.16.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sparklemotion/nokogiri/releases">nokogiri's
releases</a>.</em></p>
<blockquote>
<h2>v1.16.5 / 2024-05-13</h2>
<h3>Security</h3>
<ul>
<li>[CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See
<a
href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-r95h-9x8f-r3f7">GHSA-r95h-9x8f-r3f7</a>
for more information.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>[CRuby] Vendored libxml2 is updated to <a
href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7">v2.12.7</a>
from v2.12.6. (<a
href="https://github.com/flavorjones"><code>@flavorjones</code></a>)</li>
</ul>
<hr />
<p>sha256 checksums:</p>

<pre><code>af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874
nokogiri-1.16.5-aarch64-linux.gem
23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec
nokogiri-1.16.5-arm-linux.gem
950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214
nokogiri-1.16.5-arm64-darwin.gem
b7aefc94370c62476b8528e8d8abb6160203abd84a1f4eceda8f1aa8974d9989
nokogiri-1.16.5-java.gem
ec2167160df8fec3137bf95d574ed80ebc1d002bb3b281546b60b4aa9002466e
nokogiri-1.16.5-x64-mingw-ucrt.gem
6984200491fac69974005ecfa2de129d61843d345eafa5d6f58e8b908d1cf107
nokogiri-1.16.5-x64-mingw32.gem
abdc389ab1ec6604492da16bd9d06ad746fdb6bd6a1bd274c400d61ffcadb3c4
nokogiri-1.16.5-x86-linux.gem
63d24981345856f2baf7f4089870a62d3042fb8d3021b280fb04fc052532e3c4
nokogiri-1.16.5-x86-mingw32.gem
71b5f54e378c433d13df67c3b71acc4716129da62402d8181f310c4216a63279
nokogiri-1.16.5-x86_64-darwin.gem
0ca238da870066bed2f7837af6f35791bb9b76c4c5638999c46aac44818a6a97
nokogiri-1.16.5-x86_64-linux.gem
ec36162c68984fa0a90a5c4ae7ab7759460639e716cc1ce75f34c3cb54158ad2
nokogiri-1.16.5.gem
</code></pre>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md">nokogiri's
changelog</a>.</em></p>
<blockquote>
<h2>v1.16.5</h2>
<h3>Security</h3>
<ul>
<li>[CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See
<a
href="https://github.com/sparklemotion/nokogiri/security/advisories/GHSA-r95h-9x8f-r3f7">GHSA-r95h-9x8f-r3f7</a>
for more information.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>[CRuby] Vendored libxml2 is updated to <a
href="https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.7">v2.12.7</a>
from v2.12.6. (<a
href="https://github.com/flavorjones"><code>@flavorjones</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/cd70bd3dc9e0dc15b04b42d67b639eb5804e77d5"><code>cd70bd3</code></a>
version bump to v1.16.5</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/afc36de553085b6b397b23a0c09a2449655a3a47"><code>afc36de</code></a>
dep: update vendored libxml2 to v2.12.7 (<a
href="https://github.com/sparklemotion/nokogiri/issues/3191">#3191</a>)</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/41b4f0846d2c264b48ef93ecd034dd230ab8125a"><code>41b4f08</code></a>
ci: add arm64-darwin coverage using macos-14</li>
<li><a
href="https://github.com/sparklemotion/nokogiri/commit/67b9e863a67164ae6ffbe5ed4cc482267db7c436"><code>67b9e86</code></a>
dep: update libxml2 to v2.12.7</li>
<li>See full diff in <a
href="https://github.com/sparklemotion/nokogiri/compare/v1.16.4...v1.16.5">compare
view</a></li>
</ul>
</details>
<br />

Updates `rexml` from 3.2.6 to 3.2.8
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/rexml/releases">rexml's
releases</a>.</em></p>
<blockquote>
<h2>REXML 3.2.8 - 2024-05-16</h2>
<h3>Fixes</h3>
<ul>
<li>Suppressed a warning</li>
</ul>
<h2>REXML 3.2.7 - 2024-05-16</h2>
<h3>Improvements</h3>
<ul>
<li>
<p>Improve parse performance by using <code>StringScanner</code>.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/106">GH-106</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/107">GH-107</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/108">GH-108</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/109">GH-109</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/112">GH-112</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/113">GH-113</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/114">GH-114</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/115">GH-115</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/116">GH-116</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/117">GH-117</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/118">GH-118</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/119">GH-119</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/121">GH-121</a></p>
</li>
<li>
<p>Patch by NAITOH Jun.</p>
</li>
</ul>
</li>
<li>
<p>Improved parse performance when an attribute has many
<code>&lt;</code>s.</p>
<ul>
<li><a
href="https://github.com/ruby/rexml/issues/124">GH-124</a></li>
</ul>
</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>
<p>XPath: Fixed a bug of <code>normalize_space(array)</code>.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/110">GH-110</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/111">GH-111</a></p>
</li>
<li>
<p>Patch by flatisland.</p>
</li>
</ul>
</li>
<li>
<p>XPath: Fixed a bug that wrong position is used with nested path.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/110">GH-110</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/122">GH-122</a></p>
</li>
<li>
<p>Reported by jcavalieri.</p>
</li>
<li>
<p>Patch by NAITOH Jun.</p>
</li>
</ul>
</li>
<li>
<p>Fixed a bug that an exception message can't be generated for
invalid encoding XML.</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/ruby/rexml/blob/master/NEWS.md">rexml's
changelog</a>.</em></p>
<blockquote>
<h2>3.2.8 - 2024-05-16 {#version-3-2-8}</h2>
<h3>Fixes</h3>
<ul>
<li>Suppressed a warning</li>
</ul>
<h2>3.2.7 - 2024-05-16 {#version-3-2-7}</h2>
<h3>Improvements</h3>
<ul>
<li>
<p>Improve parse performance by using <code>StringScanner</code>.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/106">GH-106</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/107">GH-107</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/108">GH-108</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/109">GH-109</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/112">GH-112</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/113">GH-113</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/114">GH-114</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/115">GH-115</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/116">GH-116</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/117">GH-117</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/118">GH-118</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/119">GH-119</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/121">GH-121</a></p>
</li>
<li>
<p>Patch by NAITOH Jun.</p>
</li>
</ul>
</li>
<li>
<p>Improved parse performance when an attribute has many
<code>&lt;</code>s.</p>
<ul>
<li><a
href="https://github.com/ruby/rexml/issues/124">GH-124</a></li>
</ul>
</li>
</ul>
<h3>Fixes</h3>
<ul>
<li>
<p>XPath: Fixed a bug of <code>normalize_space(array)</code>.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/110">GH-110</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/111">GH-111</a></p>
</li>
<li>
<p>Patch by flatisland.</p>
</li>
</ul>
</li>
<li>
<p>XPath: Fixed a bug that wrong position is used with nested path.</p>
<ul>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/110">GH-110</a></p>
</li>
<li>
<p><a
href="https://github.com/ruby/rexml/issues/122">GH-122</a></p>
</li>
<li>
<p>Reported by jcavalieri.</p>
</li>
<li>
<p>Patch by NAITOH Jun.</p>
</li>
</ul>
</li>
<li>
<p>Fixed a bug that an exception message can't be generated for</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/ruby/rexml/commit/1cf37bab79d61d6183bbda8bf525ed587012b718"><code>1cf37ba</code></a>
Add 3.2.8 entry</li>
<li><a
href="https://github.com/ruby/rexml/commit/b67081caa807fad48d31983137b7ed8711e7f0df"><code>b67081c</code></a>
Remove an unused variable (<a
href="https://github.com/ruby/rexml/issues/128">#128</a>)</li>
<li><a
href="https://github.com/ruby/rexml/commit/94e180e939baff8f7e328a287bb96ebbd99db6eb"><code>94e180e</code></a>
Suppress a warning</li>
<li><a
href="https://github.com/ruby/rexml/commit/d574ba5fe1c40adbafbf16e47533f4eb32b43e60"><code>d574ba5</code></a>
ci: install only gems required for running tests (<a
href="https://github.com/ruby/rexml/issues/129">#129</a>)</li>
<li><a
href="https://github.com/ruby/rexml/commit/4670f8fc187c89d0504d027ea997959287143453"><code>4670f8f</code></a>
Add missing Thanks section</li>
<li><a
href="https://github.com/ruby/rexml/commit/9ba35f9f032c07c39b8c86536ac13a9cb313bef2"><code>9ba35f9</code></a>
Bump version</li>
<li><a
href="https://github.com/ruby/rexml/commit/085def07425561862d8329001168d8bc9c75ae8f"><code>085def0</code></a>
Add 3.2.7 entry</li>
<li><a
href="https://github.com/ruby/rexml/commit/4325835f92f3f142ebd91a3fdba4e1f1ab7f1cfb"><code>4325835</code></a>
Read quoted attributes in chunks (<a
href="https://github.com/ruby/rexml/issues/126">#126</a>)</li>
<li><a
href="https://github.com/ruby/rexml/commit/e77365e2d1c9cdb822c7e09b05fc5a4903d92c23"><code>e77365e</code></a>
Exclude older than 2.6 on macos-14</li>
<li><a
href="https://github.com/ruby/rexml/commit/bf2c8edb5facb206c25a62952aa37218793283e6"><code>bf2c8ed</code></a>
Move development dependencies to Gemfile (<a
href="https://github.com/ruby/rexml/issues/124">#124</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/ruby/rexml/compare/v3.2.6...v3.2.8">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/google/osv-scanner/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
Loading branch information
dependabot[bot] and cuixq committed May 23, 2024
1 parent e2816e3 commit e26774d
docs/Gemfile.lock
-Original file line number
+Diff line change
@@ Expand Up / @@ -222,7 +222,7 @@ GEM @@
         mutex_m (0.2.0)
         net-http (0.4.1)
           uri
-        nokogiri (1.16.4-x86_64-linux)
+        nokogiri (1.16.5-x86_64-linux)
           racc (~> 1.4)
         octokit (4.25.1)
           faraday (>= 1, < 3)
@@ Expand All / @@ -234,7 +234,8 @@ GEM @@
         rb-fsevent (0.11.2)
         rb-inotify (0.10.1)
           ffi (~> 1.0)
-        rexml (3.2.6)
+        rexml (3.2.8)
+          strscan (>= 3.0.9)
         rouge (3.30.0)
         rubyzip (2.3.2)
         safe_yaml (1.0.5)
@@ Expand All / @@ -248,6 +249,7 @@ GEM @@
           faraday (>= 0.17.3, < 3)
         simpleidn (0.2.2)
           unf (~> 0.1.4)
+        strscan (3.1.0)
         terminal-table (1.8.0)
           unicode-display_width (~> 1.1, >= 1.1.1)
         typhoeus (1.4.1)
@@ Expand Down @@
0 comments on commit `e26774d`

Please sign in to comment.
Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `e26774d`

Commit

There are no files selected for viewing

0 comments on commit e26774d

0 comments on commit `e26774d`
