chore(deps): bump the dependencies group across 1 directory with 4 updates

[dependabot]

Updates the requirements on rdoc, rexml, minitest and nokogiri to permit the latest version.
Updates rdoc from 6.7.0 to 6.10.0

Release notes

Sourced from rdoc's releases.

v6.10.0

What's Changed

✨ Enhancements

• Print warnings for rdoc-ref links that can't be resolved by @​st0012 in ruby/rdoc#1241
• Enable cross reference in code by @​nobu in ruby/rdoc#1240
• Auto-hide navigation on link click by @​sunblaze in ruby/rdoc#1238

🐛 Bug Fixes

• aligns may include :center by @​soutaro in ruby/rdoc#1247

🛠 Other Changes

• Fix to parse rb_define_global_const by @​nobu in ruby/rdoc#1245
• Bump ruby/setup-ruby from 1.187.0 to 1.204.0 by @​dependabot in ruby/rdoc#1246
• Update tests for ruby/rdoc#1247 by @​st0012 in ruby/rdoc#1248

Full Changelog: ruby/rdoc@v6.9.1...v6.10.0

v6.9.1

What's Changed

🐛 Bug Fixes

• Fix iPad Pro navigation not shown by @​sunblaze in ruby/rdoc#1236
• Hide hamburger on desktop by @​sunblaze in ruby/rdoc#1237
• Add attribute :force to RDoc::RubygemsHook just like RDoc::RubyGemsHook by @​tompng in ruby/rdoc#1244

📚 Documentation

• Fix dead links in the markup reference page by @​st0012 in ruby/rdoc#1242

New Contributors

• @​sunblaze made their first contribution in ruby/rdoc#1236

Full Changelog: ruby/rdoc@v6.9.0...v6.9.1

v6.9.0

What's Changed

✨ Enhancements

• Deprecate main and title directives by @​st0012 in ruby/rdoc#1218
• Expand rdoc-ref targets at the end of ri output by @​st0012 in ruby/rdoc#1141

🐛 Bug Fixes

• Improve how gemspec's files are defined by @​st0012 in ruby/rdoc#1212
• fix: C variables should never show up in Ancestors tree by @​flavorjones in ruby/rdoc#1217
• Sort MethodAttr so that names starting with symbols are before names starting with alpha ASCII by @​flavorjones in ruby/rdoc#1219
• ClassModule#superclass= accepts a ClassModule as an argument by @​flavorjones in ruby/rdoc#1222
• Use distinct styles for note lists and label lists by @​nevans in ruby/rdoc#1209

🛠 Other Changes

• Bump step-security/harden-runner from 2.10.1 to 2.10.2 by @​dependabot in ruby/rdoc#1215
• Bump rubygems/release-gem from 612653d273a73bdae1df8453e090060bb4db5f31 to 9e85cb11501bebc2ae661c1500176316d3987059 by @​dependabot in ruby/rdoc#1214

... (truncated)

Commits

• 2b79892 Bump version to v6.10.0
• f12a96b Auto-hide navigation on link click (#1238)
• 7d7efb0 Enable cross reference in code (#1240)
• 94b9858 Update tests for ruby/rdoc#1247 (#1248)
• cbbf04d aligns may include :center (#1247)
• 4a5206a Print warnings for rdoc-ref links that can't be resolved (#1241)
• 5a8820a Bump ruby/setup-ruby from 1.187.0 to 1.204.0 (#1246)
• 458ecbb Fix to parse rb_define_global_const
• 7cd125e Bump version to v6.9.1
• 01bdbcd Add attribute :force to RDoc::RubygemsHook just like RDoc::RubyGemsHook (#1244)
• Additional commits viewable in compare view

Updates rexml from 3.3.9 to 3.4.0

Release notes

Sourced from rexml's releases.

REXML 3.4.0 - 2024-12-15

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

• Dmitry Pogrebnoy

Changelog

Sourced from rexml's changelog.

3.4.0 - 2024-12-15 {#version-3-4-0}

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

• Dmitry Pogrebnoy

Commits

• 19d8ebf Add 3.4.0 entry
• dfc7753 release: use Trusted Publishing
• 91305c1 Remove old code for Ruby 1.8 (#223)
• 46dd810 test: Fix NameError: uninitialized constant REXML::Parsers::PullParser (#222)
• 963ccdf Fix error handling when parsing XML via IO.pipe (#221)
• 20562ec parser pull: Add support for reusing parser (#220)
• ed9168e Stop requiring stringio dynamically (#219)
• 519ae6c Clarify variable name (#218)
• 8ef7502 Add IOSource#match? method (#216)
• 6a8c041 test jruby: omit fragile test
• Additional commits viewable in compare view

Updates minitest from 5.25.1 to 5.25.4

Changelog

Sourced from minitest's changelog.

=== 5.25.4 / 2024-12-03

• 1 bug fix:

  • Fix for must_verify definition if only requiring minitest/mock (but why?).

=== 5.25.3 / 2024-12-03

• 5 bug fixes:

  • Fixed assert_mock to fail instead of raise on unmet mock expectations.
  • Fixed assert_mock to take an optional message argument.
  • Fixed formatting of unmet mock expectation messages.
  • Fixed missing must_verify expectation to match assert_mock.
  • minitest/pride: Fixed to use true colors with *-direct terminals (bk2204)

=== 5.25.2 / 2024-11-21

• 4 bug fixes:

  • Include class name in spec name. (thomasmarshall)
  • Fixed 'redefining object_id' warning from ruby 3.4. (mattbrictson)
  • Minitest top-level namespace no longer includes entire contents of README.rdoc. Too much!
  • Refactored spec's describe to more cleanly determine the superclass and name

Commits

• d84437f prepped for release
• 51cfac5 - Fix for must_verify definition if only requiring minitest/mock (but why?).
• 704d310 prepped for release
• 2d542ff - Fixed formatting of unmet mock expectation messages.
• 212de90 - minitest/pride: Fixed to use true colors with *-direct terminals (bk2204)
• d1b5451 prepped for release
• 3d54995 + Include class name in spec name. (thomasmarshall)
• b3cab87 - Refactored spec's describe to more cleanly determine the superclass and name
• 3214429 - Fixed 'redefining object_id' warning from ruby 3.4. (mattbrictson)
• e4417c5 Changed some reporter tests to use FakeTest instead of loading up Runnable w/...
• Additional commits viewable in compare view

Updates nokogiri from 1.16.7 to 1.17.2

Release notes

Sourced from nokogiri's releases.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

585c8cac6380848b7973bacfd0584628d116810e5f209db25e22d0c32313e681  nokogiri-1.17.2-aarch64-linux.gem
0c5eb06ba1c112d33c2bb29973b07e2f21c4ddb66c67c9386fd97ff1c5d84686  nokogiri-1.17.2-arm64-darwin.gem
3d033ad9b09d5b8a203f0f2156053e93a9327a9c7887c0ceb9fa78c71d27280d  nokogiri-1.17.2-arm-linux.gem
75825401f59b1a8746ee8ce5d066c8f11e745642e36a4452e206730b03d1fd8c  nokogiri-1.17.2.gem
ffe1fc1353f831793260b3023f575b4ed2e6144404947c57ad37ad932f9adb94  nokogiri-1.17.2-java.gem
da29e3d6add44bfc0bec8b9d4c7c660b38c7fc16ef505313839e07c3358d1059  nokogiri-1.17.2-x64-mingw32.gem
2bb710109d52f1209ea013c1f9603cd24271a9f22d387c0c45fced62945b4a30  nokogiri-1.17.2-x64-mingw-ucrt.gem
dc5977eb3416e1d501b22b0ed4737bf7604121491405865b887975eacfb3e896  nokogiri-1.17.2-x86_64-darwin.gem
e8614ae8d776bd9adb535ca814375e7ae05d7cfa6aa01909e561484f6d70be0b  nokogiri-1.17.2-x86_64-linux.gem
8c4dd75e35810bdeb7c74943f383ca665baf6aed8fc2b78c1d305094a72794aa  nokogiri-1.17.2-x86-linux.gem
9038e8b59e2eb48feb18f0efb093bd21a19d0eb17eed822a155b2a6860381702  nokogiri-1.17.2-x86-mingw32.gem

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

b3fce09bddfab61ae587f83af97bf0d0834352bcd23ad99831f2993d978627bd  nokogiri-1.17.1-aarch64-linux.gem
0e79badf832783e81439c3211562ed904a5c8eaaa0038c8fdfdb3778e873f3d0  nokogiri-1.17.1-arm64-darwin.gem
b8e9909ff893b257a58066e6bfc39456be18b87f4af1e22ca18d7c0dbc9925e5  nokogiri-1.17.1-arm-linux.gem
910fe0f194db99677f7ddb21b19a1d071ceffc4a0e39d44c08736d9b1e558cfc  nokogiri-1.17.1.gem
baf2cf6785f83c8cb3cdc427d0eb8b7f91d76748bfeb6c2612ce639e82c1ecee  nokogiri-1.17.1-java.gem
601a8bca523bf2b1a576c728ad4901c57263d0c29e4f9e6d2abe654c6a929841  nokogiri-1.17.1-x64-mingw32.gem
299ab9cd2c4ce882112e79fc31f82915920cb3e54ba526287e86d9a5fbfafebe  nokogiri-1.17.1-x64-mingw-ucrt.gem
94bcacacd123379229a8ece0d31c38af36d0ef6f86f399d5813be5ca0f566c88  nokogiri-1.17.1-x86_64-darwin.gem
2234250605b03433747e8d21de947b38b79f33a4280930e58bec179fd95d415d  nokogiri-1.17.1-x86_64-linux.gem
d09565316ffc8f8bb522bd6d1b460dec2a57d23d6e479c2d0d49d9ccbb11076c  nokogiri-1.17.1-x86-linux.gem
8f720dd62bf5d3791aa67f933085be5d2a2ab06afc120d4f210f40a5d184fafb  nokogiri-1.17.1-x86-mingw32.gem

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

v1.17.0 / 2024-12-08

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.13.5. @​flavorjones
• [CRuby] Vendored libxslt is updated to v1.1.42. @​flavorjones
• [CRuby] Minimum supported version of libxml2 raised to v2.9.2 (released 2014-10-16) from v2.6.21. [#3232, #3287] @​flavorjones
• [JRuby] Minimum supported version of Java raised to 8 (released 2014-03-18) from 7. #3134 @​flavorjones
• [CRuby] Update to rake-compiler-dock v1.5.1 for building precompiled native gems. #3216 @​flavorjones

Notable changes

SAX Parsers

The XML and HTML4 SAX parsers have received a lot of attention in this release, and we've fixed multiple long-standing bugs with encoding and entity handling. In addition, libxml2 v2.13 has also made some underlying fixes and improvements to encoding and entity handling.

We're shipping these fixes in a minor release because we firmly believe the resulting behavior is correct and standards-compliant, however applications that have been depending on the buggy behavior may be impacted.

If your application relies on the SAX parsers, and in particular if you're SAX-parsing documents with parsed entities or incorrect encoding declarations, please read the changelog below carefully.

Fragment parsing

Document fragment parsing has been improved, particularly with respect to handling malformed fragments or fragments with implicit namespace prefixes. Namespace reconciliation still isn't where we want it to be, but it's an improvement.

HTML5 fragment parsing now allows the context node to be specified as a context: keyword argument to the HTML5::DocumentFragment.parse and .new methods, which should allow for more flexible sanitization and future support for the draft HTML Sanitizer API in downstream libraries.

Error handling

In scenarios where multiple errors could be reported by the underlying parser, the errors will be aggregated into a single Nokogiri::XML::SyntaxError that is raised. Previously only the final error reported by libxml2 was raised (which was often misleading if it was only a warning and not the fatal error).

Schema validation

... (truncated)

Commits

• 35ec8c5 version bump to v1.17.2
• ffaa44c fix(jruby): XML::DocumentFragment.dup to another document (v1.17.x) (#3373)
• 8bd6c6d fix(jruby): XML::DocumentFragment.dup to another document
• e4bae8a version bump to v1.17.1
• 12244fe fix: Node#dup adds the new node to the document's node cache (backport to v1....
• 7bf2fc1 fix: Node#dup adds the new node to the document's node cache
• 765754c doc: update CHANGELOG bullet lists to render with mkdocs
• 076d647 doc: extract older changelog entries into misc/CHANGELOG-archive.md
• c7b75ef version bump to v1.17.0
• e8e8ffe Nokogiri::XSLT() uses parameter forwarding (#3356)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions