Bump dom4j from 2.0.0 to 2.1.1

[dependabot[bot]]

Bumps dom4j from 2.0.0 to 2.1.1.

Release notes

*Sourced from [dom4j's releases](https://github.com/dom4j/dom4j/releases).* > ## version-2.1.1 > Bug fix release. > > # Potential breaking changes > * If you use some optional dependency of dom4j (for example Jaxen, xsdlib etc.), you need to specify an explicit dependency on it in your project. They are no longer marked as a mandatory transitive dependency by dom4j. > * Following SAX parser features are disabled by default in `DocumentHelper.parse()` for security reasons (they were enabled in previous versions): > * `http://xml.org/sax/properties/external-general-entities` > * `http://xml.org/sax/properties/external-parameter-entities` > > # Fixed issues > * [#28](https://github-redirect.dependabot.com/dom4j/dom4j/issues/28) Possible vulnerability of `DocumentHelper.parseText()` to XML injection (reported by [@​s0m30ne](https://github.com/s0m30ne)) > * [#34](https://github-redirect.dependabot.com/dom4j/dom4j/issues/34) CVS directories left in the source tree (reported by [@​ebourg](https://github.com/ebourg)) > * [#38](https://github-redirect.dependabot.com/dom4j/dom4j/issues/38) XMLWriter does not escape supplementary unicode characters correctly (reported by [@​abenkovskii](https://github.com/abenkovskii)) > * [#39](https://github-redirect.dependabot.com/dom4j/dom4j/issues/39) writer.writeOpen(x) doesn't write namespaces (reported by [@​borissmidt](https://github.com/borissmidt)) > * [#40](https://github-redirect.dependabot.com/dom4j/dom4j/issues/40) concurrency problem with `QNameCache` ([@​jbennett2091](https://github.com/jbennett2091)) > * [#43](https://github-redirect.dependabot.com/dom4j/dom4j/issues/43) and [#46](https://github-redirect.dependabot.com/dom4j/dom4j/issues/46) all dependencies are optional (reported by [@​Zardoz89](https://github.com/Zardoz89) and [@​vmassol](https://github.com/vmassol)) > * [#44](https://github-redirect.dependabot.com/dom4j/dom4j/issues/44) SAXReader: hardcoded namespace features (reported by [@​philippeu](https://github.com/philippeu)) > * [#48](https://github-redirect.dependabot.com/dom4j/dom4j/issues/48) validate `QName`s (reported by [@​mario](https://github.com/mario)-areias) > > > ## dom4j-2.1.0 > Minimum supported version of Java for this branch upgraded to Java 8. Added support for build with Java 9. > > ## dom4j-2.0.2 > This release contain only bug-fixes: > * StringIndexOutOfBoundsException in XMLWriter.writeElementContent() ([#26](https://github-redirect.dependabot.com/dom4j/dom4j/issues/26)) > * TreeNode has grown some generics > > ## dom4j-2.0.1 > This release contain only bug-fixes: > * QName serialization fix ([#17](https://github-redirect.dependabot.com/dom4j/dom4j/issues/17)) > * DocumentException initialize with nested exception ([#20](https://github-redirect.dependabot.com/dom4j/dom4j/issues/20)) > * Accidentally occurring error in a multi-threaded test ([#14](https://github-redirect.dependabot.com/dom4j/dom4j/issues/14))

Commits

- [`b408f43`](https://github.com/dom4j/dom4j/commit/b408f43b5abc0b0f408819e620bd69e72248352f) Fix bug in encoding whitespaces introduced with bugfix of [#38](https://github-redirect.dependabot.com/dom4j/dom4j/issues/38). - [`b3d9226`](https://github.com/dom4j/dom4j/commit/b3d92267cc91bb898c8301d30368b21f0468513a) Add files via upload - [`75e59b1`](https://github.com/dom4j/dom4j/commit/75e59b16c12c2202b4fbd7545ac3efc99aa014ff) [#38](https://github-redirect.dependabot.com/dom4j/dom4j/issues/38) Support for supplementary unicode characters in XMLWriter. - [`351bfef`](https://github.com/dom4j/dom4j/commit/351bfef0ad5c5e5328758981797f80beba1d017d) [#39](https://github-redirect.dependabot.com/dom4j/dom4j/issues/39) XMLWriter.writeOpen(Element) writes namespaces declared directly on element. - [`53f923a`](https://github.com/dom4j/dom4j/commit/53f923ad459caa70f16f43bd3cb3d474db9818b4) [#28](https://github-redirect.dependabot.com/dom4j/dom4j/issues/28) Disable downloading external resources by default. - [`161078a`](https://github.com/dom4j/dom4j/commit/161078a8a520dcd1db6d451190f2434d56547664) [#44](https://github-redirect.dependabot.com/dom4j/dom4j/issues/44) Default SAXParser features are set when SAXParser is created, so they can... - [`92d8795`](https://github.com/dom4j/dom4j/commit/92d87957c4c4948d048ff7729c77ba10474f73ae) Fix tests with invalid QNames. - [`8f6a7f6`](https://github.com/dom4j/dom4j/commit/8f6a7f6001d679176c1079ac65871d4e493360db) [#28](https://github-redirect.dependabot.com/dom4j/dom4j/issues/28) Disable downloading external resources with DocumentHelper.parseText() he... - [`983701f`](https://github.com/dom4j/dom4j/commit/983701fed49ed477c5858bb945a673c96dc60a4d) [#34](https://github-redirect.dependabot.com/dom4j/dom4j/issues/34) Remove old CVS files from repository. - [`239569f`](https://github.com/dom4j/dom4j/commit/239569f25a3d1d0186feb5943591191a32aa38a1) [#46](https://github-redirect.dependabot.com/dom4j/dom4j/issues/46) Jaxen is optional dependency only - Additional commits viewable in [compare view](https://github.com/dom4j/dom4j/compare/v2.0.0...version-2.1.1)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language