SAP / fosstars-rating-core

A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.
https://sap.github.io/fosstars-rating-core/
Apache License 2.0
60 stars 28 forks source link

Bump jsoup from 1.15.3 to 1.15.4 #920

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps jsoup from 1.15.3 to 1.15.4.

Release notes

Sourced from jsoup's releases.

jsoup 1.15.4

... (truncated)

Changelog

Sourced from jsoup's changelog.

jsoup changelog

Release 1.16.1 [PENDING]

  • Bugfix: Corrected support for ruby elements (, , , and ) to current spec. jhy/jsoup#1294

Release 1.15.4 [18-Feb-2023]

  • Improvement: added the ability to escape CSS selectors (tags, IDs, classes) to match elements that don't follow regular CSS syntax. For example, to match by classname , use document.select("p.one\.two"); jhy/jsoup#838

  • Improvement: when pretty-printing, wrap text that follows a tag. jhy/jsoup#1858

  • Improvement: when pretty-printing, normalize newlines that follow self-closing tags in custom tags. jhy/jsoup#1852

  • Improvement: when pretty-printing, collapse non-significant whitespace between a block and an inline tag. jhy/jsoup#1802

  • Improvement: in Element#forEach and Node#forEachNode, use java.util.function.Consumer instead of the previous Android compatibility shim org.jsoup.helper.Consumer. Subsequently, the latter has been deprecated. jhy/jsoup#1870

  • Improvement: added a new method Document#forms(), to conveniently retrieve a List containing the elements in a document.

  • Improvement: added a new method Document#expectForm(query), to find the first matching FormElement, or blow up trying.

  • Bugfix: URLs containing characters such as [ and ] were not escaped correctly, and would throw a MalformedURLException when fetched. jhy/jsoup#1873

  • Bugfix: Element.cssSelector would create invalid selectors for elements where the tag name, ID, or classnames needed to be escaped (e.g. if a class name contained a ':' or '.'). jhy/jsoup#1742

  • Bugfix: element.text() should have a space between a block and an inline element. jhy/jsoup#1877

  • Bugfix: if a Node or an Element was replaced with itself, that node would incorrectly be orphaned. jhy/jsoup#1843

  • Bugfix: form data on a previous request was copied to a new request in newRequest(), resulting in an accumulation of form data when executing multi-step form submissions, or data sent to later requests incorrectly. Now, newRequest() only copies session related settings (cookies, proxy settings, user-agent, etc) but not the request data nor the body. jhy/jsoup#1778

... (truncated)

Commits
  • becdd2e [maven-release-plugin] prepare release jsoup-1.15.4
  • 6285062 Clarified Parser instances are not threadsafe
  • e52224f Pretty-print - don't wrap a blank line after a br
  • 9d104b7 Test that wrap() can't overflow
  • 3091b66 Iterate vs recurse to find the deepest child
  • 998f429 Tests methods don't overflow
  • b5de45f Use Iterator.remove to avoid ConcurrentModificationException
  • da20d2b Collapse single-used method
  • e3e2c6b Removed recursion from accumulateParents
  • 075b0e6 Moved to a traversor vs recursion to gather data()
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)