build(deps): bump quick-xml from 0.36.2 to 0.37.1

[dependabot]

Bumps quick-xml from 0.36.2 to 0.37.1.

Release notes

Sourced from quick-xml's releases.

v0.37.1 - Write CDATA safely

What's Changed

New Features

• #831: Add BytesCData::escaped() fn to construct CDATA events from arbitrary user input.

#831: tafia/quick-xml#831

New Contributors

• @​allan2 made their first contribution in tafia/quick-xml#830
• @​Turbo87 made their first contribution in tafia/quick-xml#832

Full Changelog: tafia/quick-xml@v0.37.0...v0.37.1

v0.37.0 - serde & errors imporvements

What's Changed

⚠️ Significant Changes

Those changes could require not trivial adoption of your code:

• The recognized boolean values in serde Deserializer are reduced. Use #[serde(deserialize_with)] which will accept and parse strings if you need the old behavior.
• Serializer no longer serialize consequent primitive values (those which would produce only text, without surrounding tags), because it is impossible to deserialize them back to the same value.
• The crate's errors was changed, some variants was splitted to their own error types, some removed.

New Features

• #826: Implement From<String> and From<Cow<str>> for quick_xml::de::Text.
• #826: Make SimpleTypeDeserializer and SimpleTypeSerializer public.
• #826: Implement IntoDeserializer for &mut Deserializer.

Bug Fixes

• #655: Do not write indent before and after $text fields and those $value fields that are serialized as a text (for example, usize or String).
• #826: Handle only those boolean representations that are allowed by [Xml Schema] which is only "true", "1", "false", and "0". Previously the following values also was accepted:

  bool	XML content
  true	"True", "TRUE", "t", "Yes", "YES", "yes", "y"
  false	"False", "FALSE", "f", "No", "NO", "no", "n"

Misc Changes

• #227: Split SeError from DeError in the serialize feature. Serialize functions and methods now return SeError.
• #810: Return std::io::Error from Writer methods.
• #811: Split NamespaceError and EncodingError from Error.
• #811: Renamed Error::EscapeError to Error::Escape to match other variants.
• #811: Narrow down error return type from Error where only one variant is ever returned: attribute related methods on BytesStart and BytesDecl returns AttrError.
• #820: Classify output of the Serializer by returning an enumeration with kind of written data.
• #823: Do not allow serialization of consequent primitives, for example Vec<usize> or Vec<String> in $value fields. They cannot be deserialized back with the same result.

... (truncated)

Changelog

Sourced from quick-xml's changelog.

0.37.1 -- 2024-11-17

New Features

• #831: Add BytesCData::escaped() fn to construct CDATA events from arbitrary user input.

#831: tafia/quick-xml#831

0.37.0 -- 2024-10-27

New Features

• #826: Implement From<String> and From<Cow<str>> for quick_xml::de::Text.
• #826: Make SimpleTypeDeserializer and SimpleTypeSerializer public.
• #826: Implement IntoDeserializer for &mut Deserializer.

Bug Fixes

• #655: Do not write indent before and after $text fields and those $value fields that are serialized as a text (for example, usize or String).
• #826: Handle only those boolean representations that are allowed by [Xml Schema] which is only "true", "1", "false", and "0". Previously the following values also was accepted:

  bool	XML content
  true	"True", "TRUE", "t", "Yes", "YES", "yes", "y"
  false	"False", "FALSE", "f", "No", "NO", "no", "n"

Misc Changes

• #227: Split SeError from DeError in the serialize feature. Serialize functions and methods now return SeError.
• #810: Return std::io::Error from Writer methods.
• #811: Split NamespaceError and EncodingError from Error.
• #811: Renamed Error::EscapeError to Error::Escape to match other variants.
• #811: Narrow down error return type from Error where only one variant is ever returned: attribute related methods on BytesStart and BytesDecl returns AttrError
• #820: Classify output of the Serializer by returning an enumeration with kind of written data
• #823: Do not allow serialization of consequent primitives, for example Vec<usize> or Vec<String> in $value fields. They cannot be deserialized back with the same result
• #827: Make escape and it variants take a impl Into<Cow<str>> argument and implement From<(&'a str, Cow<'a, str>)> on Attribute
• #826: Removed DeError::InvalidInt, DeError::InvalidFloat and DeError::InvalidBoolean. Now the responsibility for returning the error lies with the visitor of the type. See rationale in serde-rs/serde#2811

#227: tafia/quick-xml#227 #655: tafia/quick-xml#655 #810: tafia/quick-xml#810

... (truncated)

Commits

• 10177b1 Release 0.37.1
• 6c4c766 Merge pull request #832 from Turbo87/cdata-escape
• be09876 Add BytesCData::escaped() fn
• a5ad85e Merge pull request #830 from allan2/fix-typo
• 7b5c972 Fix typo
• 3ac75a6 Release 0.37.0
• 7799744 Sort dependencies and table of tests which requires features
• 8311eef Rename test xmlrs_reader_tests -> html and run it only when escape-html featu...
• a6c5fc5 Merge pull request #826 from Mingun/more-deserializers
• 83d2957 Implement IntoDeserializer for public deserializers
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[bilelmoussaoui]

@sdroege i intentionally didn't merge this until wayland-rs gets the update as well :p