Bump nokogiri from 1.13.8 to 1.14.0.rc1

[dependabot[bot]]

Bumps nokogiri from 1.13.8 to 1.14.0.rc1.

Release notes

Sourced from nokogiri's releases.

1.14.0.rc1 / 2022-12-29

This is a prerelease.

• Please provide feedback on it at https://github.com/sparklemotion/nokogiri/discussions/2747
• Full details on this release are at https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md

Notable changes:

• Introduces native gem support for Ruby 3.2.
• Ends support for Ruby 2.6 and JRuby 9.3
• Official native gem support for aarch64-linux
• Experimental native gem support for arm-linux
• Pattern matching API

Please note that Ruby 3.2 changes how symbols are resolved on MacOS, so we're particularly interested in hearing feedback from MacOS users about the native (precompiled) gem packages for Ruby 3.2.

We're waiting for the following to do a final release:

• a final release of rake-compiler-dock that supports Ruby 3.2
• Windows CI environment that runs Ruby 3.2.0, and green tests
• feedback to build confidence that our approach to Darwin symbol resolution in the precompiled extension works for everyone

---

sha256 checksums:

9cb5140f400c3599ba9da92a338d2384976179a05e15267d5bda27ce5ab5294a  nokogiri-1.14.0.rc1-aarch64-linux.gem
70946d652626925f0e7d8cb0f03e45b81423496e8f0db30dce7aecccc33336c6  nokogiri-1.14.0.rc1-arm-linux.gem
8562ed2a3765f2020e340d4cbde72c582843191b20114eb24bcc313307483873  nokogiri-1.14.0.rc1-arm64-darwin.gem
6359f13cccc526936913bac3515a3d3d7d1ffde5dffff4eadaaf3cad126fc753  nokogiri-1.14.0.rc1-java.gem
c83050f34b78690bd13398ad91cace3c32957614fd7b6e5ce7098386340cd23d  nokogiri-1.14.0.rc1-x64-mingw-ucrt.gem
4d2edec4b79735b648eca12c5d52b52d03f4ffd300ccacf8fda9169227eb6a4d  nokogiri-1.14.0.rc1-x64-mingw32.gem
55d334f128d86a20497a3fa4e24c67098199dc9428a44b77284cff6c95104c35  nokogiri-1.14.0.rc1-x86-linux.gem
79e1b2f25a26a9a4a87d3af64a47be27ee3cc4ec0d02eef681b64cd8b610e2a6  nokogiri-1.14.0.rc1-x86-mingw32.gem
c359c27e275da0f82d09c25f6efafd116546d2c7c43c91e9393567f00aa3064a  nokogiri-1.14.0.rc1-x86_64-darwin.gem
e15e2c0f844bd113e1b409dfb534b7e2c727b10812734064c05a732b6342f28c  nokogiri-1.14.0.rc1-x86_64-linux.gem
9d527b0b6eeb88f48bc90648df11824f247019e08b95f5a75b6ea02cefcf499a  nokogiri-1.14.0.rc1.gem

1.13.10 / 2022-12-07

Security

• [CRuby] Address CVE-2022-23476, unchecked return value from xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information.

Improvements

... (truncated)

Changelog

Sourced from nokogiri's changelog.

Nokogiri Changelog

Nokogiri follows Semantic Versioning, please see the https://github.com/sparklemotion/nokogiri/blob/main/README.md for details.

---

1.14.0 / unreleased

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.2. (Also see "Technical note" under "Changed" below.)

This release ends support for:

• Ruby 2.6, for which upstream support ended 2022-04-12.
• JRuby 9.3, which is not fully compatible with Ruby 2.7+

Faster, more reliable installation: Native Gem for aarch64-linux (aka linux/arm64/v8)

This version of Nokogiri ships official native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM64 Linux platforms. Please note that glibc >= 2.29 is required for aarch64-linux systems, see Supported Platforms for more information.

Faster, more reliable installation: Native Gem for arm-linux (aka linux/arm/v7)

This version of Nokogiri ships experimental native gem support for the arm-linux platform. Please note that glibc >= 2.29 is required for arm-linux systems, see Supported Platforms for more information.

Pattern matching

This version introduces an experimental pattern matching API for XML::Attr, XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and XML::NodeSet (and their subclasses).

Some documentation on what can be matched:

• XML::Attr#deconstruct_keys
• XML::Document#deconstruct_keys
• XML::Namespace#deconstruct_keys
• XML::Node#deconstruct_keys
• XML::DocumentFragment#deconstruct
• XML::NodeSet#deconstruct

We welcome feedback on this API at #2360.

Dependencies

CRuby

... (truncated)

Commits

• d9ea989 version bump to v1.14.0.rc1
• 8ffd319 Merge pull request #2732 from sparklemotion/flavorjones-ruby-3.2-support
• 51fb513 doc: CHANGELOG note and ADR about darwin symbol resolution
• dc2670c ext(darwin): make sure symbols will be resolved correctly
• 82c3d9e ext(cross): don't set rvm version, rely on the default
• daf6518 ci: work around git ls-files error
• d4ad370 dep: add ruby 3.2 support and test coverage
• 498eb06 dep(dev): bump rake-compiler to 1.2.1
• f6f3827 style(rubocop): for ruby 2.7+
• 64249bf dep: drop jruby-9.3 support
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #753.