Skip to content

Bump org.jsoup:jsoup from 1.15.3 to 1.17.2#131

Open
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/gradle/org.jsoup-jsoup-1.17.2
Open

Bump org.jsoup:jsoup from 1.15.3 to 1.17.2#131
dependabot[bot] wants to merge 2 commits intomainfrom
dependabot/gradle/org.jsoup-jsoup-1.17.2

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 29, 2023
edited
Loading

Bumps org.jsoup:jsoup from 1.15.3 to 1.17.2.

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup Java HTML Parser release 1.17.2

Improvements

  • Attribute object accessors: Added Element.attribute(String) and Attributes.attribute(String) to more simply obtain an Attribute object. 2069
  • Attribute source tracking: If source tracking is on, and an Attribute's key is changed ( via Attribute.setKey(String)), the source range is now still tracked in Attribute.sourceRange(). 2070
  • Wildcard attribute selector: Added support for the [*] element with any attribute selector. And also restored support for selecting by an empty attribute name prefix ([^]). 2079

Bug Fixes

  • Mixed-cased source position: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. 2067
  • Source position NPE: When tracking the source position of a body fragment parse, a null pointer exception was thrown. 2068
  • Multi-point emoji entity: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. 2074
  • Selector sub-expressions: (Regression) in a selector like parent [attr=va], other, the , OR was binding to [attr=va] instead of parent [attr=va], causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. 2073
  • XML CData output: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. 2078
  • Thread safety: The :has evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. 2088

jsoup 1.17.1

... (truncated)

Changelog

Sourced from org.jsoup:jsoup's changelog.

1.17.2 (2023-Dec-29)

Improvements

  • Attribute object accessors: Added Element.attribute(String) and Attributes.attribute(String) to more simply obtain an Attribute object. 2069
  • Attribute source tracking: If source tracking is on, and an Attribute's key is changed ( via Attribute.setKey(String)), the source range is now still tracked in Attribute.sourceRange(). 2070
  • Wildcard attribute selector: Added support for the [*] element with any attribute selector. And also restored support for selecting by an empty attribute name prefix ([^]). 2079

Bug Fixes

  • Mixed-cased source position: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. 2067
  • Source position NPE: When tracking the source position of a body fragment parse, a null pointer exception was thrown. 2068
  • Multi-point emoji entity: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. 2074
  • Selector sub-expressions: (Regression) in a selector like parent [attr=va], other, the , OR was binding to [attr=va] instead of parent [attr=va], causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. 2073
  • XML CData output: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. 2078
  • Thread safety: The :has evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. 2088

Older changes for versions 0.1.1 (2010-Jan-31) through 1.17.1 (2023-Nov-27) may be found in change-archive.txt.

Commits
  • 9dec1ba [maven-release-plugin] prepare release jsoup-1.17.2
  • d3a5724 Changelog for 1.17.2
  • 1963a7c Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.0 to 3.12.1 (#2...
  • d4b2c36 Simplify node filtering operations using Streams API (#2080)
  • 78be89a Move iter into Has class
  • 374ded2 Use a threadlocal to hold the NodeIterator
  • 4fb1036 Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 (#2086)
  • c9ce65a Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.2 to 3.2.3 (#2085)
  • 20c9162 Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.0 (#2...
  • d5bc100 Corrected namespace tests
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 29, 2023
@dependabot dependabot bot mentioned this pull request Dec 29, 2023
Closed
@github-actions github-actions bot enabled auto-merge (squash) December 29, 2023 20:09
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 29, 2023

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@ulfsauer0815
Copy link
Owner

ulfsauer0815 commented Mar 26, 2024

@dependabot rebase

@dependabot
Bump org.jsoup:jsoup from 1.15.3 to 1.17.2
583f7a3 
Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.15.3 to 1.17.2.
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md)
- [Commits](jhy/jsoup@jsoup-1.15.3...jsoup-1.17.2)

---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/org.jsoup-jsoup-1.17.2 branch from 62eb2ae to 583f7a3 Compare March 26, 2024 13:41
@ulfsauer0815 ulfsauer0815 disabled auto-merge March 26, 2024 14:11
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 26, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jul 10, 2024

A newer version of org.jsoup:jsoup exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ulfsauer0815