8000 Comparing v1.15.3...v1.15.6 · sparklemotion/nokogiri · GitHub
[go: up one dir, main page]
Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: sparklemotion/nokogiri
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.15.3
Choose a base ref
...
head repository: sparklemotion/nokogiri
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.15.6
Choose a head ref
  • 20 commits
  • 15 files changed
  • 3 contributors

Commits on Aug 11, 2023

  1. ci: update suppression stack signature 

    something changed recently, not sure if it's the compiler in CI, or
the library, or a combination.

(cherry picked from commit 871cd51)
    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    d1c62de View commit details
    Browse the repository at this point in the history

  2. style: prefer Minitest to MiniTest 

    since Minitest 5.19 doesn't load it by default

(cherry picked from commit a29042b)
    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    8d8c728 View commit details
    Browse the repository at this point in the history

  3. ci: ruby-saml's downstream test suite needs minitest compat 

    (cherry picked from commit 87d3c11)
    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    a6fc29b View commit details
    Browse the repository at this point in the history

  4. Fix typo 

    (cherry picked from commit 5b65501)
    @anishathalye @flavorjones
    anishathalye authored and flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    1617d54 View commit details
    Browse the repository at this point in the history

  5. fix memsize_node when called on xmlAttrs 

    The `properties` field of an `xmlNode` element points to an `xmlAttr`.
The first few fields of `xmlAttr` are in common with `xmlNode`, but not
the `properties` field which doesn't exist in an `xmlAttr`.

The `memsize_node` function was passing an `xmlAttr` to a
recursive call and then trying to do the same with the properties of
that.

This led to type confusion and subsequent crashes.

Fixes: #2923
(cherry picked from commit 81762fa)
    @stevecheckoway @flavorjones
    stevecheckoway authored and flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    c39ec30 View commit details
    Browse the repository at this point in the history

  6. test: add coverage for the memsize_of bug 

    which turns out to be because xmlDTD has "attributes" where xmlNode
has "properties"

(cherry picked from commit 19a64ba)
    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    14d1f5a View commit details
    Browse the repository at this point in the history

  7. dep: update libxml2 to v2.11.5 

    https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5
(cherry picked from commit f7940b7)
    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    8460bfe View commit details
    Browse the repository at this point in the history

  8. backport updates and fixes to v1.15.x (#2953) 

    **What problem is this PR intended to solve?**

Backporting changes from:

- #2927
- #2924
- #2951
    @flavorjones
    flavorjones authored Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    769faec View commit details
    Browse the repository at this point in the history

  9. version bump to v1.15.4

    @flavorjones
    flavorjones committed Aug 11, 2023
    1 Configuration menu
    Copy the full SHA
    1aee13d View commit details
    Browse the repository at this point in the history

Commits on Aug 26, 2023

  1. doc(fix): correct :nodoc: 

    This statement was moved in b910c6a, incorrectly, and as a result the
remaining methods in the file were undocumented.

(cherry picked from commit cec3f21)
    @flavorjones
    flavorjones committed Aug 26, 2023
    Configuration menu
    Copy the full SHA
    141c2ac View commit details
    Browse the repository at this point in the history

Commits on Nov 17, 2023

  1. dep: update libxml to 2.11.5 and libxslt to 1.1.39 

    - https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
- https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
    @flavorjones
    flavorjones committed Nov 17, 2023
    Configuration menu
    Copy the full SHA
    aa3208b View commit details
    Browse the repository at this point in the history

  2. ci: skip the BSD builds for now 

    they are hanging/failing too often and are taking 6+ hours to fail

see these upstream issues:
- vmactions/freebsd-vm#68
- vmactions/freebsd-vm#74

[skip ci]

(cherry picked from commit 7a8ca87)
    @flavorjones
    flavorjones committed Nov 17, 2023
    Configuration menu
    Copy the full SHA
    b8f7e16 View commit details
    Browse the repository at this point in the history

  3. dep: update libxml to 2.11.5 and libxslt to 1.1.39 (v1.15.x) (#3025) 

    **What problem is this PR intended to solve?**

update libxml to 2.11.5 and libxslt to 1.1.39

- https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6
- https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
    @flavorjones
    flavorjones authored Nov 17, 2023
    Configuration menu
    Copy the full SHA
    32b2c35 View commit details
    Browse the repository at this point in the history

  4. ci: add ruby version to vendored libs cache key (#3028) 

    **What problem is this PR intended to solve?**

In CI, add ruby version to vendored libs cache key. The ruby 2.7 and
3.0 base images are old enough to generate binaries that are not
compatible with later base images, and vice versa. CI is failing with
libxml 2.12.0 in particular.
    @flavorjones
    flavorjones committed Nov 17, 2023
    Configuration menu
    Copy the full SHA
    0f56450 View commit details
    Browse the repository at this point in the history

  5. ci: add ruby version to vendored libs cache key (backport) (#3029) 

    **What problem is this PR intended to solve?**

In CI, add ruby version to vendored libs cache key. The ruby 2.7 and 3.0
base images are old enough to generate binaries that are not compatible
with later base images, and vice versa. CI is failing with libxml 2.12.0
in particular.

Backport of #3028
    @flavorjones
    flavorjones authored Nov 17, 2023
    Configuration menu
    Copy the full SHA
    da2d908 View commit details
    Browse the repository at this point in the history

  6. version bump to v1.15.5

    @flavorjones
    flavorjones committed Nov 17, 2023
    Configuration menu
    Copy the full SHA
    5745d4b View commit details
    Browse the repository at this point in the history

Commits on Mar 15, 2024

  1. dep: bump libxml to v2.11.7 

    Addresses CVE-2024-25062

See related GHSA-xc9x-jj77-9p9j
    @flavorjones
    flavorjones committed Mar 15, 2024
    Configuration menu
    Copy the full SHA
    83a2571 View commit details
    Browse the repository at this point in the history

Commits on Mar 16, 2024

  1. ci: pin to a version of bundler that works across supported rubies

    @flavorjones
    flavorjones committed Mar 16, 2024
    Configuration menu
    Copy the full SHA
    9827619 View commit details
    Browse the repository at this point in the history

  2. dep: update libxml to 2.11.7 (branch 1.15.x) (#3154) 

    **What problem is this PR intended to solve?**

In #3146,
@jamiemccarthy requested a security release on the v1.15.x branch to
address CVE-2024-25062 which was fixed in v1.16.2 with an upgrade to
libxml 2.12.5.

This PR attempts to upgrade the v1.15.x branch to [libxml
2.11.7](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.7) (from
2.11.6) which also addresses that vulnerability.

Also see related
GHSA-xc9x-jj77-9p9j
    @flavorjones
    flavorjones authored Mar 16, 2024
    Configuration menu
    Copy the full SHA
    f8156b4 View commit details
    Browse the repository at this point in the history

  3. version bump to v1.15.6

    @flavorjones
    flavorjones committed Mar 16, 2024
    Configuration menu
    Copy the full SHA
    7ab6310 View commit details
    Browse the repository at this point in the history
Loading
0