search

greenbone / ospd

OSPd is a framework for vulnerability scanners which share the same communication protocol: OSP (Open Scanner Protocol)
GNU Affero General Public License v3.0
30 stars 36 forks source link

Bump lxml from 4.5.1 to 4.5.2 #299

Closed dependabot[bot] closed 4 years ago

dependabot[bot] commented 4 years ago

Bumps lxml from 4.5.1 to 4.5.2.

Changelog

Sourced from lxml's changelog.

4.5.2 (2020-07-09)

Bugs fixed

  • Cleaner() now validates that only known configuration options can be set.

  • LP#1882606: Cleaner.clean_html() discarded comments and PIs regardless of the corresponding configuration option, if remove_unknown_tags was set.

  • LP#1880251: Instead of globally overwriting the document loader in libxml2, lxml now sets it per parser run, which improves the interoperability with other users of libxml2 such as libxmlsec.

  • LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21.

  • The setup options "--with-xml2-config" and "--with-xslt-config" were accidentally renamed to "--xml2-config" and "--xslt-config" in 4.5.1 and are now available again.

Commits
  • 076c674 Prepare release of 4.5.2.
  • 4d0e47a Update sponsorship section.
  • b53526b Make mkhtml.py Python 3 compatible by replacing itervalues() (GH-302)
  • 99653f6 Cleaner: Catch bad arg combo in constructor (GH-301)
  • 540368f Update changelog.
  • cb1941e Improve compilation of clean.py (e.g. dict iteration) by switching to languag...
  • 27559f2 Avoid calling hasattr when we need the attribute anyway, and validate the arg...
  • 6b7e5ec Extend C14N2 tests to cover comment handling and "strip_text" together.
  • dd2d80a LP#1882606: Cleaner.clean_html() discarded comments and PIs regardless of...
  • b704e1f Use a bound method instead of looking it up on each element.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 4 years ago

Codecov Report

Merging #299 into master will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master     #299   +/-   ##
=======================================
  Coverage   74.72%   74.72%           
=======================================
  Files          23       23           
  Lines        2544     2544           
=======================================
  Hits         1901     1901           
  Misses        643      643

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 26c1f2a...a95559c. Read the comment docs.