internetarchive / openlibrary-bots

A repository of cleanup bots implementing the openlibrary-client
Other
62 stars 49 forks source link

Bump lxml from 4.9.3 to 4.9.4 #401

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps lxml from 4.9.3 to 4.9.4.

Changelog

Sourced from lxml's changelog.

4.9.4 (2023-12-19)

Bugs fixed

  • LP#2046398: Inserting/replacing an ancestor into a node's children could loop indefinitely.

  • LP#1980767, GH#379: TreeBuilder.close() could fail with a TypeError after parsing incorrect input. Original patch by Enrico Minack.

  • LP#1522052: A file-system specific test is now optional and should no longer fail on systems that don't support it.

Other changes

  • Wheels include zlib 1.3, libxml2 2.10.3 and libxslt 1.1.39 (zlib 1.2.12, libxml2 2.10.3 and libxslt 1.1.37 on Windows).

  • Built with Cython 0.29.37.

Commits
  • d7f33d6 Prepare release of 4.9.4.
  • e6fa03e Update changelog.
  • 64b1c37 Use latest Cython release for wheels (0.29.36 crashes at shutdown).
  • 64a39c4 Use latest libxslt 1.1.39 in wheels.
  • 33c9c0e CI: Make sure we find Py2.7 on macOS.
  • 5585faf CI: Disable Py3.6 with system libraries since we cannot install a matching ve...
  • 187e81b CI: Install system libraries only if STATIC_DEPS=false.
  • 9c59c7d CI: Fix "pip" usage in Py2.7.
  • 6cb3381 CI: Use ubuntu-22.04 in the lxml-4.9 branch due to the library dependencies.
  • 02e7a31 CI: Explicitly call "python2" instead of "python" in macOS-Py2 job.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 10 months ago

Superseded by #402.