Data

Tools

Indexes

Applications

Experiments

Ruby

A summary of data about the Ruby ecosystem.

Recent Releases of https://github.com/sparklemotion/nokogiri

https://github.com/sparklemotion/nokogiri - v1.19.1

v1.19.1 / 2026-02-16

Security

  • [CRuby] Address unchecked return value from xmlC14NExecute which was a contributing cause to ruby-saml GHSA-x4h9-gwv3-r4m4. See GHSA-wx95-c6cv-8532 for more information.
cfdb0eafd9a554a88f12ebcc688d2b9005f9fce42b00b970e3dc199587b27f32  nokogiri-1.19.1-aarch64-linux-gnu.gem
1e2150ab43c3b373aba76cd1190af7b9e92103564063e48c474f7600923620b5  nokogiri-1.19.1-aarch64-linux-musl.gem
0a39ed59abe3bf279fab9dd4c6db6fe8af01af0608f6e1f08b8ffa4e5d407fa3  nokogiri-1.19.1-arm-linux-gnu.gem
3a18e559ee499b064aac6562d98daab3d39ba6cbb4074a1542781b2f556db47d  nokogiri-1.19.1-arm-linux-musl.gem
dfe2d337e6700eac47290407c289d56bcf85805d128c1b5a6434ddb79731cb9e  nokogiri-1.19.1-arm64-darwin.gem
1e0bda88b1c6409f0edb9e0c25f1bf9ff4fa94c3958f492a10fcf50dda594365  nokogiri-1.19.1-java.gem
110d92ae57694ae7866670d298a5d04cd150fae5a6a7849957d66f171e6aec9b  nokogiri-1.19.1-x64-mingw-ucrt.gem
7093896778cc03efb74b85f915a775862730e887f2e58d6921e3fa3d981e68bf  nokogiri-1.19.1-x86_64-darwin.gem
1a4902842a186b4f901078e692d12257678e6133858d0566152fe29cdb98456a  nokogiri-1.19.1-x86_64-linux-gnu.gem
4267f38ad4fc7e52a2e7ee28ed494e8f9d8eb4f4b3320901d55981c7b995fc23  nokogiri-1.19.1-x86_64-linux-musl.gem
598b327f36df0b172abd57b68b18979a6e14219353bca87180c31a51a00d5ad3  nokogiri-1.19.1.gem

- C
Published by flavorjones 15 days ago

https://github.com/sparklemotion/nokogiri - v1.19.0

v1.19.0 / 2025-12-28

Ruby

This release is focused on changes to Ruby version support, and is otherwise functionally identical to v1.18.10.

  • Introduce native gem support for Ruby 4.0. #3590
  • End support for Ruby 3.1, for which upstream support ended 2025-03-26.
  • End support for JRuby 9.4 (which targets Ruby 3.1 compatibility).
11a97ecc3c0e7e5edcf395720b10860ef493b768f6aa80c539573530bc933767  nokogiri-1.19.0-aarch64-linux-gnu.gem
eb70507f5e01bc23dad9b8dbec2b36ad0e61d227b42d292835020ff754fb7ba9  nokogiri-1.19.0-aarch64-linux-musl.gem
572a259026b2c8b7c161fdb6469fa2d0edd2b61cd599db4bbda93289abefbfe5  nokogiri-1.19.0-arm-linux-gnu.gem
23ed90922f1a38aed555d3de4d058e90850c731c5b756d191b3dc8055948e73c  nokogiri-1.19.0-arm-linux-musl.gem
0811dfd936d5f6dd3f6d32ef790568bf29b2b7bead9ba68866847b33c9cf5810  nokogiri-1.19.0-arm64-darwin.gem
5f3a70e252be641d8a4099f7fb4cc25c81c632cb594eec9b4b8f2ca8be4374f3  nokogiri-1.19.0-java.gem
05d7ed2d95731edc9bef2811522dc396df3e476ef0d9c76793a9fca81cab056b  nokogiri-1.19.0-x64-mingw-ucrt.gem
1dad56220b603a8edb9750cd95798bffa2b8dd9dd9aa47f664009ee5b43e3067  nokogiri-1.19.0-x86_64-darwin.gem
f482b95c713d60031d48c44ce14562f8d2ce31e3a9e8dd0ccb131e9e5a68b58c  nokogiri-1.19.0-x86_64-linux-gnu.gem
1c4ca6b381622420073ce6043443af1d321e8ed93cc18b08e2666e5bd02ffae4  nokogiri-1.19.0-x86_64-linux-musl.gem
e304d21865f62518e04f2bf59f93bd3a97ca7b07e7f03952946d8e1c05f45695  nokogiri-1.19.0.gem

- C
Published by flavorjones 2 months ago

https://github.com/sparklemotion/nokogiri - v1.18.10 / 2025-09-15

v1.18.10 / 2025-09-15

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.13.9. Note that the security fixes published in v2.13.9 were already present in Nokogiri v1.18.9.
  • [CRuby] [Windows and MacOS] Vendored libiconv is updated to v1.18
7fb87235d729c74a2be635376d82b1d459230cc17c50300f8e4fcaabc6195344  nokogiri-1.18.10-aarch64-linux-gnu.gem
7e74e58314297cc8a8f1b533f7212d1999dbe2639a9ee6d97b483ea2acc18944  nokogiri-1.18.10-aarch64-linux-musl.gem
51f4f25ab5d5ba1012d6b16aad96b840a10b067b93f35af6a55a2c104a7ee322  nokogiri-1.18.10-arm-linux-gnu.gem
1c6ea754e51cecc85c30ee8ab1e6aa4ce6b6e134d01717e9290e79374a9e00aa  nokogiri-1.18.10-arm-linux-musl.gem
c2b0de30770f50b92c9323fa34a4e1cf5a0af322afcacd239cd66ee1c1b22c85  nokogiri-1.18.10-arm64-darwin.gem
cd431a09c45d84a2f870ba0b7e8f571199b3727d530f2b4888a73639f76510b5  nokogiri-1.18.10-java.gem
64f40d4a41af9f7f83a4e236ad0cf8cca621b97e31f727b1bebdae565a653104  nokogiri-1.18.10-x64-mingw-ucrt.gem
536e74bed6db2b5076769cab5e5f5af0cd1dccbbd75f1b3e1fa69d1f5c2d79e2  nokogiri-1.18.10-x86_64-darwin.gem
ff5ba26ba2dbce5c04b9ea200777fd225061d7a3930548806f31db907e500f72  nokogiri-1.18.10-x86_64-linux-gnu.gem
0651fccf8c2ebbc2475c8b1dfd7ccac3a0a6d09f8a41b72db8c21808cb483385  nokogiri-1.18.10-x86_64-linux-musl.gem
d5cc0731008aa3b3a87b361203ea3d19b2069628cb55e46ac7d84a0445e69cc1  nokogiri-1.18.10.gem

- C
Published by flavorjones 6 months ago

https://github.com/sparklemotion/nokogiri - v1.18.9 / 2025-07-20

v1.18.9 / 2025-07-20

Security

  • [CRuby] Applied upstream libxml2 patches to address CVE-2025-6021, CVE-2025-6170, CVE-2025-49794, CVE-2025-49795, and CVE-2025-49796. See GHSA-353f-x4gh-cqq8 for more information.
5bcfdf7aa8d1056a7ad5e52e1adffc64ef53d12d0724fbc6f458a3af1a4b9e32  nokogiri-1.18.9-aarch64-linux-gnu.gem
55e9e6ca46c4ad1715e313f407d8481d15be1e3b65d9f8e52ba1c124d01676a7  nokogiri-1.18.9-aarch64-linux-musl.gem
eea3f1f06463ff6309d3ff5b88033c4948d0da1ab3cc0a3a24f63c4d4a763979  nokogiri-1.18.9-arm64-darwin.gem
fe611ae65880e445a9c0f650d52327db239f3488626df4173c05beafd161d46e  nokogiri-1.18.9-arm-linux-gnu.gem
935605e14c0ba17da18d203922440bf6c0676c602659278d855d4622d756a324  nokogiri-1.18.9-arm-linux-musl.gem
ac5a7d93fd0e3cef388800b037407890882413feccca79eb0272a2715a82fa33  nokogiri-1.18.9.gem
1fe5b7aa4a054eda689a969bb4e03999960a6ea806582d327207d687168bceb5  nokogiri-1.18.9-java.gem
6b4fc1523aa0370c78653e38c94cb50e7f3ab786425de66ba7ad24222c1164a3  nokogiri-1.18.9-x64-mingw-ucrt.gem
e0d2deb03d3d7af8016e8c9df5ff4a7d692159cefb135cbb6a4109f265652348  nokogiri-1.18.9-x86_64-darwin.gem
b52f5defedc53d14f71eeaaf990da66b077e1918a2e13088b6a96d0230f44360  nokogiri-1.18.9-x86_64-linux-gnu.gem
e69359d6240c17e64cc9f43970d54f13bfc7b8cc516b819228f687e953425e69  nokogiri-1.18.9-x86_64-linux-musl.gem

- C
Published by flavorjones 8 months ago

https://github.com/sparklemotion/nokogiri - v1.18.8 / 2025-04-21

v1.18.8 / 2025-04-21

Security

  • [CRuby] Vendored libxml2 is updated to v2.13.8 to address CVE-2025-32414 and CVE-2025-32415. See GHSA-5w6v-399v-w3cc for more information.
36badd2eb281fca6214a5188e24a34399b15d89730639a068d12931e2adc210e  nokogiri-1.18.8-aarch64-linux-gnu.gem
664e0f9a77a7122a66d6c03abba7641ca610769a4728db55ee1706a0838b78a2  nokogiri-1.18.8-aarch64-linux-musl.gem
483b5b9fb33653f6f05cbe00d09ea315f268f0e707cfc809aa39b62993008212  nokogiri-1.18.8-arm64-darwin.gem
17de01ca3adf9f8e187883ed73c672344d3dbb3c260f88ffa1008e8dc255a28e  nokogiri-1.18.8-arm-linux-gnu.gem
6e6d7e71fc39572bd613a82d528cf54392c3de1ba5ce974f05c832b8187a040b  nokogiri-1.18.8-arm-linux-musl.gem
8c7464875d9ca7f71080c24c0db7bcaa3940e8be3c6fc4bcebccf8b9a0016365  nokogiri-1.18.8.gem
41002596960ff854198a20aaeb34cff0d445406d5ad85ba7ca9c3fd0c8f03de0  nokogiri-1.18.8-java.gem
11ab0f76772c5f2d718fb253fca5b74c6ef7628b72bbf8deba6ab1ffc93344cf  nokogiri-1.18.8-x64-mingw-ucrt.gem
024cdfe7d9ae3466bba6c06f348fb2a8395d9426b66a3c82f1961b907945cc0c  nokogiri-1.18.8-x86_64-darwin.gem
4a747875db873d18a2985ee2c320a6070c4a414ad629da625fbc58d1a20e5ecc  nokogiri-1.18.8-x86_64-linux-gnu.gem
ddd735fba49475a395b9ea793bb6474e3a3125b89960339604d08a5397de1165  nokogiri-1.18.8-x86_64-linux-musl.gem

- C
Published by flavorjones 11 months ago

https://github.com/sparklemotion/nokogiri - v1.18.7 / 2025-03-31

v1.18.7 / 2025-03-31

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.13.7, which is a bugfix release.
57a064ab5440814a69a0e040817bd8154adea68a30d2ff2b3aa515a6a06dbb5f  nokogiri-1.18.7-aarch64-linux-gnu.gem
3e442dc5b69376e84288295fe37cbb890a21ad816a7e571e5e9967b3c1e30cd3  nokogiri-1.18.7-aarch64-linux-musl.gem
083abb2e9ed2646860f6b481a981485a658c6064caafaa81bf1cda1bada2e9d5  nokogiri-1.18.7-arm64-darwin.gem
337d9149deb5ae01022dff7c90f97bed81715fd586aacab0c5809ef933994c5e  nokogiri-1.18.7-arm-linux-gnu.gem
97a26edcc975f780a0822aaf7f7d7427c561067c1c9ee56bd3542960f0c28a6e  nokogiri-1.18.7-arm-linux-musl.gem
6b63ff5defe48f30d1d3b3122f65255ca91df2caf5378c6e0482ce73ff46fb31  nokogiri-1.18.7.gem
2cb83666f35619ec59d24d831bf492e49cfe27b112c222330ee929737f42f2eb  nokogiri-1.18.7-java.gem
681148fbc918aa5d54933d8b48aeb9462ab708d23409797ed750af961107f72b  nokogiri-1.18.7-x64-mingw-ucrt.gem
081d1aa517454ba3415304e2ea51fe411d6a3a809490d0c4aa42799cada417b7  nokogiri-1.18.7-x86_64-darwin.gem
3a0bf946eb2defde13d760f869b61bc8b0c18875afdd3cffa96543cfa3a18005  nokogiri-1.18.7-x86_64-linux-gnu.gem
9d83f8ec1fc37a305fa835d7ee61a4f37899e6ccc6dcb05be6645fa9797605af  nokogiri-1.18.7-x86_64-linux-musl.gem

- C
Published by flavorjones 11 months ago

https://github.com/sparklemotion/nokogiri - v1.18.6 / 2025-03-24

v1.18.6 / 2025-03-24

Fixed

  • [JRuby] In HTML documents, Node#attribute now returns the correct attribute. This has been broken, and returning nil, since v1.17.0. (#3487) @flavorjones
1b11f9a814068282cc2b47ebe61395b2a69d1918092d2ca3bd664074f72540e9  nokogiri-1.18.6-aarch64-linux-gnu.gem
797662f201c37a8feac3bd5b0c0e3447053bc71e6633d273fefd4c68b03e6a54  nokogiri-1.18.6-aarch64-linux-musl.gem
727a441d179d934b4b7c73e0e28e6723ee46463d96bb0cc6e2e33a13540962c4  nokogiri-1.18.6-arm64-darwin.gem
2da07a07ef4c9d9e9da809b3dc0937ed90b031e32c2c658d9918941b85d68b95  nokogiri-1.18.6-arm-linux-gnu.gem
e8ae1c9a4d8cfa7a92d632a6f596a88235ebe66d4b70418543378ba16c601f70  nokogiri-1.18.6-arm-linux-musl.gem
4d283431d7829719ea1287ca388f24c6ce343af736bbcbd1365cbdb83bce41a4  nokogiri-1.18.6.gem
bf16c53446987007ff3e1deb29d65d20444073ba112cb5bddbd2671135ba293c  nokogiri-1.18.6-java.gem
134f6d54f56edd46cb6db77c9d9de1704b3f83b3981a6763671e3cfbeba221f5  nokogiri-1.18.6-x64-mingw-ucrt.gem
fb72568c97ccd90a8d68cb765b0ff0720b109bd62e3babbf372e854ef8fef995  nokogiri-1.18.6-x86_64-darwin.gem
df065db6ba6e1e80f76ef04f860fcf260cc24685125fe33cdc3d1572a1c66b71  nokogiri-1.18.6-x86_64-linux-gnu.gem
75ec7a93cec54687aa63b2eaf830dc4ac5b4f3d8c969f20c035e67c9e6a30cef  nokogiri-1.18.6-x86_64-linux-musl.gem

- C
Published by flavorjones 11 months ago

https://github.com/sparklemotion/nokogiri - v1.18.5 / 2025-03-19

v1.18.5 / 2025-03-19

Fixed

  • [JRuby] Update JRuby's XML serialization so it outputs namespaces exactly like CRuby. (#3455, #3456) @johnnyshields
3f12540863e45db38236257be30a8605cd1d2d074c38a63c6f1307fd968a477c  nokogiri-1.18.5-aarch64-linux-gnu.gem
296a9e346d9a816526ee0944b5df26e947d91ec09225897bf2fc14561e8861ca  nokogiri-1.18.5-aarch64-linux-musl.gem
df7731e550a7653c003ed142cc8bc3c611c15fae3b7be4ff317b61dfe32842d9  nokogiri-1.18.5-arm64-darwin.gem
25fc71081c671fc4e983eac76ad1b3c8ee2707c467dcdb96a066f749f978eaba  nokogiri-1.18.5-arm-linux-gnu.gem
8682d38ac2015ffa3b0c23925c579ced7e455f16931130ab434f26ff1c2846fa  nokogiri-1.18.5-arm-linux-musl.gem
c8a6f8da9418ac21345124bc79b94701f036fa05b27dfec4a6dc148d5fa136dc  nokogiri-1.18.5.gem
22354b83a81acefd028e7622d4dd832c1e3cc305bf152f7f77e7db9c820b59d0  nokogiri-1.18.5-java.gem
874080a907a550a60b28febd56fe8ae921e6a7e0bb0ae61aaecd6c71665dc604  nokogiri-1.18.5-x64-mingw-ucrt.gem
28659cf43eedb652ae2fb94a8c7a14d368b6944db97e63b4158c8d5d5b4f49d8  nokogiri-1.18.5-x86_64-darwin.gem
195f4a139961f3c892ac22fda6ae4e665919e6573149f0adc786adc8c20402be  nokogiri-1.18.5-x86_64-linux-gnu.gem
8c2786d259e3c73687f8c595e1ab040a66809799ad066dad8eb492fd58f4f8fd  nokogiri-1.18.5-x86_64-linux-musl.gem

- C
Published by flavorjones 12 months ago

https://github.com/sparklemotion/nokogiri - v1.18.4 / 2025-03-14

v1.18.4 / 2025-03-14

Security

  • [CRuby] Vendored libxslt is updated to v1.1.43 to address CVE-2025-24855 and CVE-2024-55549. See GHSA-mrxw-mxhj-p664 for more information.
8f2263cef9953ce09bd5293d76c9bbd3013d2f94d1cca67783dfe6635c529deb  nokogiri-1.18.4-aarch64-linux-gnu.gem
4e231f8ba3128cfc2ef0cc0bdc807d7ce71fc62cb6a78216e817be8631fe6a96  nokogiri-1.18.4-aarch64-linux-musl.gem
73902663b23b1123282b9c0b6d9654b1fb286dfee8d65cb1f6029087b7f0d037  nokogiri-1.18.4-arm64-darwin.gem
cc2945e2c19560a61a97737e6bd3b329edb1f82ca204d46a18e5e98ad0a550a6  nokogiri-1.18.4-arm-linux-gnu.gem
4fb7f44de0cd85abfa869e4cfb619410da174ebf9fbe26ae0caa65462b818bcb  nokogiri-1.18.4-arm-linux-musl.gem
bb7820521c1bbae1d3e0092ff03b27a8e700912b37d80f962b7e4567947a64ac  nokogiri-1.18.4.gem
cbc0bab72eb5a9573efa7b98351fdd44c609e8d4585456ca1be18db2b7764b64  nokogiri-1.18.4-java.gem
bd567cb509eb75de8f27ca6ecaf4a38bf0563482188991f9bcccccac9c3b9a2f  nokogiri-1.18.4-x64-mingw-ucrt.gem
e4776f58eea9b94d05caf8bf351e3c6aa1cce01edcc2ed530f3c302c13178965  nokogiri-1.18.4-x86_64-darwin.gem
b1c6407b346b88704e97a342a80acd4755175324e624da34d0c5cfdc8d34191e  nokogiri-1.18.4-x86_64-linux-gnu.gem
ea7c0356a70f3d2d0d76315b533877013d20368d5c9f437c38e0bd462c4844dc  nokogiri-1.18.4-x86_64-linux-musl.gem

- C
Published by flavorjones 12 months ago

https://github.com/sparklemotion/nokogiri -

v1.18.3 / 2025-02-18

Security

  • [CRuby] Vendored libxml2 is updated to v2.13.6 to address CVE-2025-24928 and CVE-2024-56171. See GHSA-vvfq-8hwr-qm4m for more information.
cab20305133078a8f6b60cf96311b48319175038cc7772e5ec586ff624cb7838  nokogiri-1.18.3-aarch64-linux-gnu.gem
acb256bb3213a180b1ed84a49c06d5d4c6c1da26f33bc9681f1fece4dab09a79  nokogiri-1.18.3-aarch64-linux-musl.gem
ce088965cd424b8e752d82087dcf017069d55791f157098ed1f671d966857610  nokogiri-1.18.3-arm64-darwin.gem
37b73a55e0d1e8a058a24abb16868903e81cb4773049739c532b864f87236b1b  nokogiri-1.18.3-arm-linux-gnu.gem
09407970cd13736cf87e975fae69c13e1178bab0313d07b35580ee4dd3650793  nokogiri-1.18.3-arm-linux-musl.gem
6b9fc3b14fd0cedd21f6cad8cf565123ba7401e56b5d0aec180c23cdca28fd5a  nokogiri-1.18.3.gem
236078c5f80ffc3d49c223fa98933d970543455403f9d672ca0aa5a6178a84fe  nokogiri-1.18.3-java.gem
216be1cb454c4657fc64747e5ae32b2ab4015843183766f238e4f4a62fb1f6be  nokogiri-1.18.3-x64-mingw-ucrt.gem
d729406bb5a7b1bbe7ed3c0922336dd2c46085ed444d6de2a0a4c33950a4edea  nokogiri-1.18.3-x86_64-darwin.gem
3c7ad5cee39855ed9c746065f39b584b9fd2aaff61df02d0f85ba8d671bbe497  nokogiri-1.18.3-x86_64-linux-gnu.gem
8aaecc22c0e5f12dac613e15f9a04059c3ec859d6f98f493cc831bd88fe8e731  nokogiri-1.18.3-x86_64-linux-musl.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.18.2 / 2024-01-19

v1.18.2 / 2024-01-19

Fixed

  • When performing a CSS selector query, an XML document's root namespace declarations should not be applied to wildcard selectors ("*"). Fixes a bug introduced in v1.17.0. (#3411) @flavorjones
74e0f9a7487a30a2957f46c5113d58f836436b033c9906e0bc6fee9d8cdafabf  nokogiri-1.18.2-aarch64-linux-gnu.gem
99bcea596a80eaee99f2bae2596275641ea688262c1da32b4e90db6159e86477  nokogiri-1.18.2-aarch64-linux-musl.gem
8288ec7a296e2510ca9bd053c0c5989f11260f8c07bc3e9afbafa536f7077281  nokogiri-1.18.2-arm64-darwin.gem
6fb0246b69f2c589a69254e82bc2a40aa238c4f977fd7903e283341a92935729  nokogiri-1.18.2-arm-linux-gnu.gem
dcdd4d10ed2743f0d8c887825700c3a8506aea1aa415917ac50ccc01597c51a3  nokogiri-1.18.2-arm-linux-musl.gem
93791cfb33186fe077eb9e1b8a6855b5621e328f81f565334572fa398366f8bf  nokogiri-1.18.2.gem
eefdf9f0d6086173d3488cf7a736732ee13fb6674ef15643478c20502a67bf37  nokogiri-1.18.2-java.gem
894514572fa7503ce9210e51a7f8a9a35f34f154d6406cec1ac148c3ce1536a3  nokogiri-1.18.2-x64-mingw-ucrt.gem
7fca165e5ee87e9b6b3f1377180376afc0c8652ed2a3d761f472f0e3d3a1c651  nokogiri-1.18.2-x86_64-darwin.gem
9330ced4a976604865c2a76ce158e2bc608fa83999552e85a32ec06f85f427db  nokogiri-1.18.2-x86_64-linux-gnu.gem
1cd7786ed15c76958d6a8f9a864df6208fecd624c340eb4ed211fbea60328f02  nokogiri-1.18.2-x86_64-linux-musl.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.18.1 / 2024-12-29

v1.18.1 / 2024-12-29

Fixed

  • [CRuby] XML::SAX::ParserContext keeps a reference to the input to avoid a potential use-after-free issue that's existed since v1.4.0 (2009). (#3395) @flavorjones
35837013800e34342fcbaca305f8c49231f6bd4f779bfa23fe7b4686ae82d5b8  nokogiri-1.18.1-aarch64-linux-gnu.gem
1b303402cd045f9075a6ee291767c1ffe654b426ed30911e5b47819c21855b22  nokogiri-1.18.1-aarch64-linux-musl.gem
d75193f284c899d225943a8944479faedd995a7573ddd5c8308ffbdf2ec55204  nokogiri-1.18.1-arm64-darwin.gem
3b873fd6b0cd1ad7c77e87af701075bdfd14c9a6b2f2965c5e00ed29a5627a37  nokogiri-1.18.1-arm-linux-gnu.gem
d6fe26f6d1425f403077fbf829fc0ef8e521545c924a13777d6fdf1a0c07c1f3  nokogiri-1.18.1-arm-linux-musl.gem
df18be7e96c34736b6abfdeda80c6e845134fb9afe2fe5d4fbc1cf1f89c68475  nokogiri-1.18.1.gem
e0e19b340f92d09b2b731e22d68895b2062d6555188aff370b05617516d3a781  nokogiri-1.18.1-java.gem
50d81e905a60dff706b99c980abefedaf1c3d2c434a3b49afaf1b69b80f7f5b4  nokogiri-1.18.1-x64-mingw-ucrt.gem
d94e3aa6483577495fc8969d6b4b5c075840ce6b1ab09636a6d4177ad171051d  nokogiri-1.18.1-x86_64-darwin.gem
e516cf16ccde67ed4cc595a2621ca5ddd42562ecb24928914b0045a20a41620e  nokogiri-1.18.1-x86_64-linux-gnu.gem
f2c389bc100541247edaeaabc6d875b31d72e897471b66a67987b2e4df0192d6  nokogiri-1.18.1-x86_64-linux-musl.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.18.0 / 2024-12-25

v1.18.0 / 2024-12-25

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.4.

This release ends support for Ruby 3.0, for which upstream support ended 2024-04-23.

This release ships separate precompiled GNU and Musl gems for all linux platforms. Previously both GNU and Musl target systems could use and install the same gem, e.g., the platform gem for x86_64-linux. Now, however, the precompiled gem platforms would be x86_64-linux-gnu and x86_64-linux-musl. So long as you're on bundler >= 2.5.6 this should be seamless other than perhaps needing to update the platforms in your "Gemfile.lock".

This release drops precompiled native platform gems for x86-linux and x86-mingw32. These platforms are still supported. Users on these platforms must install the "ruby platform" gem which requires a compiler toolchain. See Installing the ruby platform gem in the installation docs. (#3369, #3081)

Improved

  • [CRuby] CSS and XPath queries are faster now that Node#xpath, Node#css, and related functions are using a faster XPathContext initialization process. We benchmarked a 1.9x improvement for a 6kb file. Big thanks to @nwellnhof for helping with this one. (#3378, superseded by #3389) @flavorjones
a240b4183b7a12d82cdd46d7a77255d785e01198ffb0c52c8aee1197daf0b465  nokogiri-1.18.0-aarch64-linux-gnu.gem
a12b764089d9c0e60f4794b685d29a97a3e2952caa1c4c87473c771edb7e9db5  nokogiri-1.18.0-aarch64-linux-musl.gem
e6e75760aa66adf5ea0dccfba2516c111526ba50f6475426975532d1a134173c  nokogiri-1.18.0-arm64-darwin.gem
80e9534e153b141242864c7274605fcb8312860a16460bae796fa4490acca4e8  nokogiri-1.18.0-arm-linux-gnu.gem
0764082c12c01447a0e9b522d3d2cc91f384a683453c7a55842502d37b0180a8  nokogiri-1.18.0-arm-linux-musl.gem
119dea343386d88849f44dd8c36fb1cc36f4a4fe42cf4d60f26f4bac18b3a709  nokogiri-1.18.0.gem
432ecef3824ff23d38c897b4d08cddb5d10cf53838add84834349422038e4812  nokogiri-1.18.0-java.gem
ab1d35ce91ee9af7fbe45e97a6eca0e6b103b724a7b4712e6eeb7968ca9809eb  nokogiri-1.18.0-x64-mingw-ucrt.gem
4c27a29a3509f38caeec582feef381b07d1e80f56a622b3548be07271dc903b9  nokogiri-1.18.0-x86_64-darwin.gem
1232a310b8e186d402a5f3d0c06affafaf25b1c30b01aa797559ac7bd5851c92  nokogiri-1.18.0-x86_64-linux-gnu.gem
5ec8161e1a0799102227009122ef836824abfab693fd4b32cb252e2f34f300c2  nokogiri-1.18.0-x86_64-linux-musl.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.18.0.rc1 / 2024-12-16

v1.18.0.rc1 / 2024-12-16

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.4.

This release ends support for Ruby 3.0, for which upstream support ended 2024-04-23.

This release ships separate precompiled GNU and Musl gems for all linux platforms. Previously both GNU and Musl target systems could use and install the same gem, e.g., the platform gem for x86_64-linux. Now, however, the precompiled gem platforms would be x86_64-linux-gnu and x86_64-linux-musl. So long as you're on bundler >= 2.5.6 this should be seamless other than perhaps needing to update the platforms in your "Gemfile.lock".

This release drops precompiled native platform gems for x86-linux and x86-mingw32. These platforms are still supported. Users on these platforms must install the "ruby platform" gem which requires a compiler toolchain. See Installing the ruby platform gem in the installation docs. (#3369, #3081)

Improved

  • [CRuby] CSS and XPath queries are faster now that Node#xpath, Node#css, and related functions are re-using the underlying xpath context object (which is expensive to initialize). We benchmarked a 2.8x improvement for a 6kb file, and a more modest 1.3x improvement for a 70kb file. (#3378) @flavorjones
aeb64725f643bdaa59910a76104a527f41848ea04848819aa41147e1a5beef9e  nokogiri-1.18.0.rc1-aarch64-linux-gnu.gem
484918b014c15b3910c5bb1d1048fd4d453c9f92fee481740e66e6cd653edb54  nokogiri-1.18.0.rc1-aarch64-linux-musl.gem
9dbfdb4743be84ba879a900ed0ed8186834b276778782bf53498e6fd489e99d2  nokogiri-1.18.0.rc1-arm64-darwin.gem
ce2b40c68639b523db3924f109ca885c61b2ab41a3edca4e6ae6edb588fb1a8b  nokogiri-1.18.0.rc1-arm-linux-gnu.gem
87a44e2eae2fed4f9b5d9d4e5314c1408cbb0687315ea14c72e2263c349da80a  nokogiri-1.18.0.rc1-arm-linux-musl.gem
a78c979ae122a104a125d032d9d596df9a2251a87995b0b51759f84aeedb37a6  nokogiri-1.18.0.rc1.gem
748d3c6de752dc79f9c6e03d610baaa2a9d1a749ebb59b3838746eaf590755b2  nokogiri-1.18.0.rc1-java.gem
f9c53e61f082c283b05d1f9c31b4ebd0b74b3f6b5403441950d19797dee18741  nokogiri-1.18.0.rc1-x64-mingw-ucrt.gem
4454b0ff5a7c2e01e5436f5ecf081efe0bc40dadb0c7e61ac9e4083ab30e9d3b  nokogiri-1.18.0.rc1-x86_64-darwin.gem
62122eb4436967fd4cd396691a2833341d59b27782971586f4d39ad73e7d1cdd  nokogiri-1.18.0.rc1-x86_64-linux-gnu.gem
fb49240f1c26ace2147afaf389e8a65986c309904d6de5a31397cd248a34c9b5  nokogiri-1.18.0.rc1-x86_64-linux-musl.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.17.2 / 2024-12-12

v1.17.2 / 2024-12-12

Fixed

  • [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. [#3372] @flavorjones
585c8cac6380848b7973bacfd0584628d116810e5f209db25e22d0c32313e681  nokogiri-1.17.2-aarch64-linux.gem
0c5eb06ba1c112d33c2bb29973b07e2f21c4ddb66c67c9386fd97ff1c5d84686  nokogiri-1.17.2-arm64-darwin.gem
3d033ad9b09d5b8a203f0f2156053e93a9327a9c7887c0ceb9fa78c71d27280d  nokogiri-1.17.2-arm-linux.gem
75825401f59b1a8746ee8ce5d066c8f11e745642e36a4452e206730b03d1fd8c  nokogiri-1.17.2.gem
ffe1fc1353f831793260b3023f575b4ed2e6144404947c57ad37ad932f9adb94  nokogiri-1.17.2-java.gem
da29e3d6add44bfc0bec8b9d4c7c660b38c7fc16ef505313839e07c3358d1059  nokogiri-1.17.2-x64-mingw32.gem
2bb710109d52f1209ea013c1f9603cd24271a9f22d387c0c45fced62945b4a30  nokogiri-1.17.2-x64-mingw-ucrt.gem
dc5977eb3416e1d501b22b0ed4737bf7604121491405865b887975eacfb3e896  nokogiri-1.17.2-x86_64-darwin.gem
e8614ae8d776bd9adb535ca814375e7ae05d7cfa6aa01909e561484f6d70be0b  nokogiri-1.17.2-x86_64-linux.gem
8c4dd75e35810bdeb7c74943f383ca665baf6aed8fc2b78c1d305094a72794aa  nokogiri-1.17.2-x86-linux.gem
9038e8b59e2eb48feb18f0efb093bd21a19d0eb17eed822a155b2a6860381702  nokogiri-1.17.2-x86-mingw32.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.17.1 / 2024-12-10

v1.17.1 / 2024-12-10

Fixed

  • Fixed a potential segfault when using Node#dup and DocumentFragment#dup. [#3359] @byroot @flavorjones
  • Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. [#3363] @flavorjones
b3fce09bddfab61ae587f83af97bf0d0834352bcd23ad99831f2993d978627bd  nokogiri-1.17.1-aarch64-linux.gem
0e79badf832783e81439c3211562ed904a5c8eaaa0038c8fdfdb3778e873f3d0  nokogiri-1.17.1-arm64-darwin.gem
b8e9909ff893b257a58066e6bfc39456be18b87f4af1e22ca18d7c0dbc9925e5  nokogiri-1.17.1-arm-linux.gem
910fe0f194db99677f7ddb21b19a1d071ceffc4a0e39d44c08736d9b1e558cfc  nokogiri-1.17.1.gem
baf2cf6785f83c8cb3cdc427d0eb8b7f91d76748bfeb6c2612ce639e82c1ecee  nokogiri-1.17.1-java.gem
601a8bca523bf2b1a576c728ad4901c57263d0c29e4f9e6d2abe654c6a929841  nokogiri-1.17.1-x64-mingw32.gem
299ab9cd2c4ce882112e79fc31f82915920cb3e54ba526287e86d9a5fbfafebe  nokogiri-1.17.1-x64-mingw-ucrt.gem
94bcacacd123379229a8ece0d31c38af36d0ef6f86f399d5813be5ca0f566c88  nokogiri-1.17.1-x86_64-darwin.gem
2234250605b03433747e8d21de947b38b79f33a4280930e58bec179fd95d415d  nokogiri-1.17.1-x86_64-linux.gem
d09565316ffc8f8bb522bd6d1b460dec2a57d23d6e479c2d0d49d9ccbb11076c  nokogiri-1.17.1-x86-linux.gem
8f720dd62bf5d3791aa67f933085be5d2a2ab06afc120d4f210f40a5d184fafb  nokogiri-1.17.1-x86-mingw32.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.17.0 / 2024-12-08

v1.17.0 / 2024-12-08

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.13.5. @flavorjones
  • [CRuby] Vendored libxslt is updated to v1.1.42. @flavorjones
  • [CRuby] Minimum supported version of libxml2 raised to v2.9.2 (released 2014-10-16) from v2.6.21. [#3232, #3287] @flavorjones
  • [JRuby] Minimum supported version of Java raised to 8 (released 2014-03-18) from 7. [#3134] @flavorjones
  • [CRuby] Update to rake-compiler-dock v1.5.1 for building precompiled native gems. [#3216] @flavorjones

Notable changes

SAX Parsers

The XML and HTML4 SAX parsers have received a lot of attention in this release, and we've fixed multiple long-standing bugs with encoding and entity handling. In addition, libxml2 v2.13 has also made some underlying fixes and improvements to encoding and entity handling.

We're shipping these fixes in a minor release because we firmly believe the resulting behavior is correct and standards-compliant, however applications that have been depending on the buggy behavior may be impacted.

If your application relies on the SAX parsers, and in particular if you're SAX-parsing documents with parsed entities or incorrect encoding declarations, please read the changelog below carefully.

Fragment parsing

Document fragment parsing has been improved, particularly with respect to handling malformed fragments or fragments with implicit namespace prefixes. Namespace reconciliation still isn't where we want it to be, but it's an improvement.

HTML5 fragment parsing now allows the context node to be specified as a context: keyword argument to the HTML5::DocumentFragment.parse and .new methods, which should allow for more flexible sanitization and future support for the draft HTML Sanitizer API in downstream libraries.

Error handling

In scenarios where multiple errors could be reported by the underlying parser, the errors will be aggregated into a single Nokogiri::XML::SyntaxError that is raised. Previously only the final error reported by libxml2 was raised (which was often misleading if it was only a warning and not the fatal error).

Schema validation

We've resolved many long-standing bugs in the various schema classes, validation methods, and their error reporting. Behavior is now consistent across schema types and input types, as well as parser backends (Xerces and libxml2).

Keyword arguments

The following methods now accept keyword arguments in addition to positional arguments, and use ... parameter forwarding when possible:
HTML4(), HTML4.fragment, HTML4.parse, HTML4::Document.parse, HTML4::DocumentFragment#initialize, HTML4::DocumentFragment.parse, HTML5(), HTML5.fragment, HTML5.parse, HTML5::Document.parse, HTML5::Document.read_io, HTML5::Document.read_memory, HTML5::DocumentFragment#initialize, HTML5::DocumentFragment.parse, XML(), XML.fragment, XML.parse, XML::Document.parse, XML::DocumentFragment#initialize, XML::DocumentFragment.parse, XML::Node#canonicalize, XML::Node.parse, XML::Reader(), XML::RelaxNG(), XML::RelaxNG.new, XML::RelaxNG.read_memory, XML::SAX::PushParser#initialize, XML::Schema(), XML::Schema.new, XML::Schema.read_memory, and XSLT().

Special thanks to those contributors who participated in the RubyConf 2024 Hack Day to work on #3323 to help modernize Nokogiri by adding keyword arguments and using parameter forwarding in many methods, and expanding some of the documentation! We intend to continue adding keyword argument support to more methods. #3323 #3324 #3326 #3327 #3329 #3330 #3332 #3333 #3334 #3335 #3336 #3342 #3355 #3356 @infews @matiasow @MattJones @mononoken @openbl @flavorjones

Added

  • Introduce support for a new SAX callback XML::SAX::Document#reference, which is called to report some parsed XML entities when XML::SAX::ParserContext#replace_entities is set to the default value false. This is necessary functionality for some applications that were previously relying on incorrect entity error reporting which has been fixed (see below). For more information, read the docs for Nokogiri::XML::SAX::Document. [#1926] @flavorjones
  • XML::SAX::Parser#parse_memory and #parse_file now accept an optional encoding argument. When not provided, the parser will fall back to the encoding passed to the initializer, and then fall back to autodetection. [#3288] @flavorjones
  • XML::SAX::ParserContext.memory now accepts an optional encoding argument. When not provided, the encoding will be autodetected. [#3288] @flavorjones
  • New readonly attributes XML::DocumentFragment#parse_options and HTML4::DocumentFragment#parse_options return the options used to parse the document fragment. @flavorjones
  • New method XML::Reader.new is the primary constructor to which XML::Reader() forwards. Both methods now take url:, encoding:, and options: kwargs in addition to the previous calling convention of passing positional parameters. #3326 @infews @flavorjones
  • [CRuby] The HTML5 parse methods accept a :parse_noscript_content_as_text keyword argument which will emulate the parsing behavior of a browser which has scripting enabled. [#3178, #3231] @stevecheckoway
  • [CRuby] HTML5::DocumentFragment.parse and .new accept a :context keyword argument that is the parse context node or element name. Previously this could only be passed in as a positional argument to .new and not at all to .parse. @flavorjones
  • [CRuby] Nokogiri::HTML5::Builder is similar to HTML4::Builder but returns an HTML5::Document. [#3119] @flavorjones
  • [CRuby] Attributes in an HTML5 document can be serialized individually, something that has always been supported by the HTML4 serializer. [#3125, #3127] @flavorjones
  • [CRuby] Introduce a compile-time option, --disable-xml2-legacy, to remove from libxml2 its dependencies on zlib and liblzma and disable implicit HTTP network requests. These all remain enabled by default, and are present in the precompiled native gems. This option is a precursor for removing these libraries in a future major release, but may be interesting for the security-minded who do not need features like automatic decompression and would like to remove these dependencies. You can read more and give feedback on these plans in #3168. [#3247] @flavorjones
  • [CRuby] If errors are returned from schema validation, a new attribute SyntaxError#path will contain the XPath path of the node that caused the validation failure. [#3316] @ryanong

Improved

  • Documentation has been improved for XML::RelaxNG, XML::Schema, XML::Reader, HTML5, HTML5::Document, HTML5::DocumentFragment, HTML4::Document, HTML4::DocumentFragment, XML, XML::Document, XML::DocumentFragment. #3355 @flavorjones
  • Documentation has been improved for CSS.xpath_for. [#3224] @flavorjones
  • Documentation for the SAX parsing classes has been greatly improved, including encoding overrides and the complex entity-handling behavior. [#3265] @flavorjones
  • XML::Schema#read_memory and XML::RelaxNG#read_memory are now Ruby methods that call #from_document. Previously these were native functions, but they were buggy on both CRuby and JRuby (but worse on JRuby) and so this is now useful, comparable in performance, and simpler code that is easier to maintain. [#2113, #2115] @flavorjones
  • XML::SAX::ParserContext.io's encoding argument is now optional, and can now be an Encoding or an encoding name. When not provided will default to autodetecting the encoding. [#3288] @flavorjones
  • [CRuby] The update to libxml v2.13 improves "in context" fragment parsing recovery. We removed our hacky workaround for recovery that led to silently-degraded functionality when parsing fragments with parse errors. Specifically, malformed XML fragments that used implicit namespace prefixes will now "link up" to the namespaces in the parent document or node, where previously they did not. [#2092] @flavorjones
  • [CRuby] When multiple errors could be detected by the parser and there's no obvious document to save them in (for example, when parsing a document with the recovery parse option turned off), the libxml2 errors are aggregated into a single Nokogiri::XML::SyntaxError. Previously, only the last error recorded by libxml2 was raised, which might be misleading if it's merely a warning and not the fatal error preventing the operation. [#2562] @flavorjones
  • [CRuby] The SAX parser context and handler implementation has been simplified and now takes advantage of some of libxml2's default SAX handlers for entities and DTD management. [#3265] @flavorjones
  • [CRuby] When compiling packaged libraries from source, allow users' AR and LD environment variables to set the archiver and linker commands, respectively. This augments the existing CC environment variable to set the compiler command. [#3165] @ziggythehamster
  • [CRuby] When building from source on MacOS, environment variables AR and RANLIB are now respected when set instead of being overridden to /usr/bin/{ar,ranlib} (which is still the default). [#3338] @joshheinrichs-shopify

Fixed

  • Node#clone, NodeSet#clone, and *::Document#clone all properly copy the metaclass of the original as expected. Previously, #clone had been aliased to #dup for these classes (since v1.3.0 in 2009). [#316, #3117] @flavorjones
  • CSS queries for pseudo-selectors that cannot be translated into XPath expressions now raise a more descriptive Nokogiri::CSS::SyntaxError when they are parsed. Previously, an invalid XPath expression was evaluated and a hard-to-understand XPath error was raised by the query engine. [#3193] @flavorjones
  • Schema#validate returns errors on empty and malformed files. Previously, it would return errors on empty/malformed Documents, but not when reading from files. [#642] @flavorjones
  • XML::Builder is now consistent with how it sets block scope. Previously, missing methods with blocks on dynamically-created nodes were always handled by invoking instance_eval(&block) on the Builder, even when the Builder was yielding self for all other missing methods with blocks. [#1041] @flavorjones
  • HTML4::DocumentFragment.parse accepts IO input. Previously, it required a string and would raise a TypeError when passed an IO. [#2069] @sharvy
  • [CRuby] libgumbo (the HTML5 parser) treats reaching max-depth as EOF. This addresses a class of issues when the parser is interrupted in this way. [#3121] @stevecheckoway
  • [CRuby] Update node GC lifecycle to avoid a potential memory leak with fragments in libxml 2.13.0 caused by changes in xmlAddChild. [#3156] @flavorjones
  • [CRuby] libgumbo correctly prints nonstandard element names in error messages. [#3219] @stevecheckoway
  • [CRuby] External entity references no long cause the SAX parser to register errors. [#1926] @flavorjones
  • [JRuby] Fixed entity reference serialization, which rendered both the reference and the replacement text. Incredibly nobody noticed this bug for over a decade. [#3272] @flavorjones
  • [JRuby] Fixed some bugs in how Node#attributes handles attributes with namespaces. [#2677, #2679] @flavorjones
  • [JRuby] Fix Schema#validate to only return the most recent Document's errors. Previously, if multiple documents were validated, this method returned the accumulated errors of all previous documents. [#1282] @flavorjones
  • [JRuby] Fix Schema#validate to not clobber the @errors instance variable. [#1282] @flavorjones
  • [JRuby] Empty documents fail schema validation as they should. [#783] @flavorjones
  • [JRuby] SAX parsing now respects the #replace_entities attribute, which defaults to false. Previously this flag defaulted to true and was completely ignored. [#614] @flavorjones
  • [JRuby] The SAX callback Document#start_element_namespace received a blank string for the URI when a namespace was not present. It now receives nil (as does the CRuby impl). [#3265] @flavorjones
  • [JRuby] Reader#outer_xml and #inner_xml encode entities properly. [#1523] @flavorjones

Changed

  • [CRuby] Nokogiri::XML::CData.new no longer accepts nil as the content argument, making CData behave like other character data classes (like Comment and Text). This change was necessitated by behavioral changes in libxml2 v2.13.0. If you wish to create an empty CDATA node, pass an empty string. [#3156] @flavorjones
  • Internals:
    • The internal CSS::XPathVisitor class now accepts the xpath prefix and the context namespaces as constructor arguments. The prefix: and ns: keyword arguments to CSS.xpath_for cannot be specified if the visitor: keyword argument is also used. CSS::XPathVisitor now exposes #builtins, #doctype, #prefix, and #namespaces attributes. [#3225] @flavorjones
    • The internal CSS selector cache has been extracted into a distinct class, CSS::SelectorCache. Previously it was part of the CSS::Parser class. [#3226] @flavorjones
    • The internal Gumbo.parse and Gumbo.fragment methods now take keyword arguments instead of positional arguments. [#3199] @flavorjones

Deprecated

  • The undocumented and unused method Nokogiri::CSS.parse is now deprecated and will generate a warning. The AST returned by this method is private and subject to change and removal in future versions of Nokogiri. This method will be removed in a future version of Nokogiri.
  • Passing an options hash to CSS.xpath_for is now deprecated and will generate a warning. Use keyword arguments instead. This will become an error in a future version of Nokogiri.
  • Passing libxml2 encoding IDs to SAX::ParserContext methods is now deprecated and will generate a warning. The use of SAX::Parser::ENCODINGS is also deprecated. Use Encoding objects or encoding names instead.

Thank you!

Supporters

The following people and organizations were kind enough to sponsor @flavorjones or the Nokogiri project during the development of v1.17.0:

  • via Github sponsors
    • renuo @renuo
    • Ajaya Agrawalla @ajaya
    • Rob Stringer @Mycobee
    • Better Stack Community @betterstack-community
    • Prowly @prowlycom
    • Maxime Gauthier @biximilien
    • Harry Lascelles @hlascelles
    • Evil Martians @evilmartians
    • Typesense @typesense
    • YOSHIDA Katsuhiko @kyoshidajp
    • Quan Nguyen @qu8n
    • Sentry @getsentry
    • Codecov @codecov
    • Frank Groeneveld @frenkel
    • Hiroshi SHIBATA @hsbt
    • Nando Vieira @fnando
    • Orien Madgwick @orien
    • Avo @avo-hq
    • Zoran Pesic @zokioki
    • @zzak
    • Graham Watts @GingerGraham
    • Nandang Permana Kusuma @nandangpk
    • Mr. Henry @mrhenry
    • Götz Görisch @GoetzGoerisch
    • Andrew Nesbitt @andrew
  • via Thanks.dev
    • Sentry @getsentry
    • Codecov @codecov
    • Keygen @keygen-sh
    • Keith Bauson @kwbauson
    • Nicco Kunzmann @niccokunzmann
    • timhaynes @timhaynes
  • via Open Collective
    • Airbnb @airbnb
    • Nemo @captn3m0
    • Velocity Labs @velocity-labs

We'd also like to thank @github who donate a ton of compute time for our CI pipelines!

New Contributors

95cdf0d33fe29dd2478d6a34656c9dd909e4b7dae9467b24721af67e1944d6e6  nokogiri-1.17.0-aarch64-linux.gem
a0364ad985eb4c0a235e95896324969c20795be941a621fe753734bdee8cfa73  nokogiri-1.17.0-arm64-darwin.gem
f0c1e71e6f4cd64a6efea4761c85e280318a450968262d02bb917c13874c1c48  nokogiri-1.17.0-arm-linux.gem
4200f1c9525ad91b7226d35849f2c7909b20a5e4571ab1204cc3cda1debe59ef  nokogiri-1.17.0.gem
21b8f5022c018a72d97bc1841bb67a8a391456491c08c744141bb6a8f39b3d04  nokogiri-1.17.0-java.gem
408ecf5bb34074bc4551f5f41388a3746cb96fdc932b06a686c142038ba7aa38  nokogiri-1.17.0-x64-mingw32.gem
b4dd8ed5f8de6814ec5ee18cb2708e716babed998f5ee7b67e62aec19d5ffbf0  nokogiri-1.17.0-x64-mingw-ucrt.gem
8d9d5bd2db1aa6b41b4ed9c0b890a9e76c33cb031008971b1fd34a35b1f525a5  nokogiri-1.17.0-x86_64-darwin.gem
fd34467481d6c50f800a516e5db029ca3ad3fb8fcdec032bae581a2d80a4a74b  nokogiri-1.17.0-x86_64-linux.gem
ac2a4eff755d00d8e8534f2af51cd5622321f3b2481cc4277df4e2cd32fabfc2  nokogiri-1.17.0-x86-linux.gem
c478d7168db29511085630280719fd23a5864ae88a5ed879e7fff2954906e727  nokogiri-1.17.0-x86-mingw32.gem

Full Changelog: https://github.com/sparklemotion/nokogiri/compare/v1.16.0...v1.17.0

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - 1.15.7 / 2024-12-02

1.15.7 / 2024-12-02

Fixed

  • [CRuby] When serializing HTML5 documents, properly escape foreign content "style" elements. Normally, a "style" tag contains raw text that does not need entity-escaping, but when it appears in either SVG or MathML foreign content, the "style" tag is now correctly escaped when serialized. @flavorjones

sha256 checksums:

ef5ef17d956009c2701f06ed37e4e8bd335c1004555114715c5b012f057279b5  nokogiri-1.15.7-aarch64-linux.gem
169e3d403b09c3b990435ffda954e3846120adfc48f17849c31f6b4c84ee87ea  nokogiri-1.15.7-arm64-darwin.gem
4f53e34447898ffc266fb28a56f5923d79af0c757207f91da41d86f2cf617be3  nokogiri-1.15.7-arm-linux.gem
9a0efa6de9d12f134a30674f3a86ef6064441143d200eeb15adc313f1025869b  nokogiri-1.15.7.gem
678a8abf54b9021ee246f44e5a472dfa6a96933e5569a43ff8105e18c6f36f46  nokogiri-1.15.7-java.gem
23c5a5ada10e629f9c663b83dbaab6b1f2e265a18c1b71e783da86f51ac41a87  nokogiri-1.15.7-x64-mingw32.gem
31cd869f8fe96995eca0e3e06487b0813fcdc9c821096da6a7c17038f0abcedd  nokogiri-1.15.7-x64-mingw-ucrt.gem
37d3d58b3a0b0d8aaa8aa658d4238ee4952dde55a0d4dcaead161ce5484ce16a  nokogiri-1.15.7-x86_64-darwin.gem
98c54b218171d05105962f6542cbccd70e8d80aee1e0270e573ed26483ec6873  nokogiri-1.15.7-x86_64-linux.gem
6132a1a4e8e859ef8d464f2fd975e68d06fa635787948e6e83a69f140d684d87  nokogiri-1.15.7-x86-linux.gem
1c3b22c19c0487e2a9f8462dda263785d4fafefba818885d151d74057e090862  nokogiri-1.15.7-x86-mingw32.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.16.8 / 2024-12-02

v1.16.8 / 2024-12-02

Fixed

  • [CRuby] When serializing HTML5 documents, properly escape foreign content "style" elements. Normally, a "style" tag contains raw text that does not need entity-escaping, but when it appears in either SVG or MathML foreign content, the "style" tag is now correctly escaped when serialized. @flavorjones

sha256 checksums:

b1d41cd9abf4180adef496cc8c9fcb5b2e38d39f5e23c8a2445362226a5df6b8  nokogiri-1.16.8-aarch64-linux.gem
b7aa4e8533a720e432d09b52a2ec089b55cf3ee66c916b44a0d9b6608df7bf8c  nokogiri-1.16.8-arm64-darwin.gem
8cbd2971624fc073b9430d86475da031903494dcb83c2339e13f7f22a4de6fad  nokogiri-1.16.8-arm-linux.gem
dece4bf9a663b2d6b6e874716297ad414c95be694656972d54049bd088f752a1  nokogiri-1.16.8.gem
8652028e72a38f2221c810550d03c91682b414e06f6271149139a9042cf727e6  nokogiri-1.16.8-java.gem
861e2d7f24b0c7f5ea2a26e6d99af7e727d7641f0eab27b9b6c51b8a0666c805  nokogiri-1.16.8-x64-mingw32.gem
23c9a8ae47afa2973cbca9e3d38c16f40ff336919f961802c4a3a5e39c767138  nokogiri-1.16.8-x64-mingw-ucrt.gem
6c40d7dc444f752634bf6ee8b53a55c3cfca3f9df52be46b8abcc559ccd49e47  nokogiri-1.16.8-x86_64-darwin.gem
ed7b1f80713ac968dd93fe2b96fc3df6e448b73bd02dd77d5fc89ba92a1ed6d9  nokogiri-1.16.8-x86_64-linux.gem
f97760e6320166d48234029bed9e999521a888376bd2b7e04f4c054537154f16  nokogiri-1.16.8-x86-linux.gem
ea48d7415b89f5dd3ff5a8f82bb2ec56fdc3431444381143fe90bb418eb9ea35  nokogiri-1.16.8-x86-mingw32.gem

- C
Published by flavorjones about 1 year ago

https://github.com/sparklemotion/nokogiri - v1.16.7 / 2024-07-27

v1.16.7 / 2024-07-27

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.9, which the upstream release notes state is a security release to address CVE-2024-40896. Nokogiri's maintainers believe this vulnerability does not affect users of Nokogiri, but we advise upgrading at your earliest convenience anyway.

sha256 checksums:

78778d35f165b59513be31c0fe232c63a82cf97626ffba695b5f822e5da1d74b  nokogiri-1.16.7-aarch64-linux.gem
c84cdb9e3aa44c35bbb981b20175838c4b2066c26c5cb118f31f177168a42fc3  nokogiri-1.16.7-arm-linux.gem
276dcea1b988a5b22b5acc1ba901d24b8e908c40b71dccd5d54a2ae279480dad  nokogiri-1.16.7-arm64-darwin.gem
044c45ca46abc2b6135a85ab39a546ff2f0434d43142bc59b83e5b1068876a42  nokogiri-1.16.7-java.gem
01ed785392f9cbdfd45e0e5ef6ad6d2c80a6128672589448f18952168bd68e56  nokogiri-1.16.7-x64-mingw-ucrt.gem
d8fd5c675743b85354c9098117bfa9e703c7cacab8c33e5190104ea8218ad1ec  nokogiri-1.16.7-x64-mingw32.gem
dddbf1c1ef99ce9fab98302b14f8bacb703e6f16e89b99f05ecee8a1fca23664  nokogiri-1.16.7-x86-linux.gem
b6517d995b024739cbb81251a26866d40e1ccb151936b5bb0977e7487f4e617c  nokogiri-1.16.7-x86-mingw32.gem
630732b80fc572690eab50c73a1f18988f3ac401ed0b67ca9956ba2b1e2c3faa  nokogiri-1.16.7-x86_64-darwin.gem
9e1e428641d5942af877c60b418c71163560e9feb4a5c4015f3230a8b86a40f6  nokogiri-1.16.7-x86_64-linux.gem
f819cbfdfb0a7b19c9c52c6f2ca63df0e58a6125f4f139707b586b9511d7fe95  nokogiri-1.16.7.gem

- C
Published by flavorjones over 1 year ago

https://github.com/sparklemotion/nokogiri - v1.16.6 / 2024-06-13

v1.16.6 / 2024-06-13

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.8, which the release notes state is a bugfix release.

sha256 checksums:

7f4c37ee2dd9c97fdfb6278cf3d9dd2078651f241eed320e26902135dbf78183  nokogiri-1.16.6-aarch64-linux.gem
73d7a7ca569308f181a234269e6607c9acb26ecc93ccbb05998d24a9546c0a94  nokogiri-1.16.6-arm-linux.gem
43e8a783697c65413408a4923b5c2ed6bea6632cfdab4da220446b601733fa4b  nokogiri-1.16.6-arm64-darwin.gem
993ec13a1f0fb2261913e62e1f7a662c77108b1a59c903033eac432f74437275  nokogiri-1.16.6-java.gem
285687f16c330a9b61793d9d45913becf7a9aa82b0ce15c48fc1e0d6c6c9972f  nokogiri-1.16.6-x64-mingw-ucrt.gem
dbbefbfabe363daaa90e7c0b15854769e17ee5b8ae243014e0e55c01047eb5cd  nokogiri-1.16.6-x64-mingw32.gem
dedac3ee38b4deed1141747f04dd5ac512ef9165259cec66ec934edaa8a2a848  nokogiri-1.16.6-x86-linux.gem
5080e9512e3ba320aef074c16a23aef737301ac0e3b7a173a299dcaaa40b6a20  nokogiri-1.16.6-x86-mingw32.gem
92fa413d866baf9b609f17558ecfbcf950d5373213babcf4ce11d7eaed4b21cf  nokogiri-1.16.6-x86_64-darwin.gem
769bd2c14ad76dd5a7e14c867741cf2e3b8c25626a34f40aee7b0b998b8de820  nokogiri-1.16.6-x86_64-linux.gem
935fe4dd67d4377f4a05002acb1ffbadbcae265ea8e7869fc40e3a8121f3e1ef  nokogiri-1.16.6.gem

- C
Published by flavorjones over 1 year ago

https://github.com/sparklemotion/nokogiri - v1.16.5 / 2024-05-13

v1.16.5 / 2024-05-13

Security

  • [CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See GHSA-r95h-9x8f-r3f7 for more information.

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.7 from v2.12.6. (@flavorjones)

sha256 checksums:

af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874  nokogiri-1.16.5-aarch64-linux.gem
23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec  nokogiri-1.16.5-arm-linux.gem
950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214  nokogiri-1.16.5-arm64-darwin.gem
b7aefc94370c62476b8528e8d8abb6160203abd84a1f4eceda8f1aa8974d9989  nokogiri-1.16.5-java.gem
ec2167160df8fec3137bf95d574ed80ebc1d002bb3b281546b60b4aa9002466e  nokogiri-1.16.5-x64-mingw-ucrt.gem
6984200491fac69974005ecfa2de129d61843d345eafa5d6f58e8b908d1cf107  nokogiri-1.16.5-x64-mingw32.gem
abdc389ab1ec6604492da16bd9d06ad746fdb6bd6a1bd274c400d61ffcadb3c4  nokogiri-1.16.5-x86-linux.gem
63d24981345856f2baf7f4089870a62d3042fb8d3021b280fb04fc052532e3c4  nokogiri-1.16.5-x86-mingw32.gem
71b5f54e378c433d13df67c3b71acc4716129da62402d8181f310c4216a63279  nokogiri-1.16.5-x86_64-darwin.gem
0ca238da870066bed2f7837af6f35791bb9b76c4c5638999c46aac44818a6a97  nokogiri-1.16.5-x86_64-linux.gem
ec36162c68984fa0a90a5c4ae7ab7759460639e716cc1ce75f34c3cb54158ad2  nokogiri-1.16.5.gem

- C
Published by flavorjones almost 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.4 / 2024-04-10

v1.16.4 / 2024-04-10

Dependencies

  • [CRuby] Vendored zlib in the precompiled native gems is updated to v1.3.1 from v1.3. Nokogiri is not affected by the minizip CVE patched in this version, but this update may satisfy some security scanners. Related, see this discussion about removing the compression libraries altogether in a future version of Nokogiri.

sha256 checksums:

bdb1dc4378ebcf3ade8f440c7df68f6d76946a1a96c4823a2b4c53c01a320cd5  nokogiri-1.16.4-aarch64-linux.gem
0c994b9996d5576eddcc3201a94ef2bff6fc3627c4ae4d2708b0ec9b9743ec6a  nokogiri-1.16.4-arm-linux.gem
8e86abb64c93c06d3c588042a0e757279e8f1dc88b5210a00be892a9a7a27196  nokogiri-1.16.4-arm64-darwin.gem
bf84fa28be4943692bd64772186e0832fb1061f80714ccb93e111e9d72b1cadc  nokogiri-1.16.4-java.gem
a46808467c1f63a2031e1ca0715cd5336bb4ec759e9c0e2f4c951c1cc30994ae  nokogiri-1.16.4-x64-mingw-ucrt.gem
4cdf64bc5e9443ec3e0b595347ecc8affe21968d9ae934c0825d26630ef96468  nokogiri-1.16.4-x64-mingw32.gem
d86d21bae47dd9f6f5223055e45d33fae08b0b89aad94cbc0ece4f4274fa7af5  nokogiri-1.16.4-x86-linux.gem
d488b872884844686780fda7cf5da44ee884d32faa713a55aeb4736d76718168  nokogiri-1.16.4-x86-mingw32.gem
a896e52a56951ffb0e6a9279afbf485d683e357a053d27f4cfcb2a73b0824628  nokogiri-1.16.4-x86_64-darwin.gem
92ff4f09910255fec84b3bc4c4b182e94cada3ed12b9f7a6ea058e0af186fb31  nokogiri-1.16.4-x86_64-linux.gem
62c116c3a14b4ed4e1faec786da266c4bd4c717a0bd04a9916164a7046040f45  nokogiri-1.16.4.gem

- C
Published by flavorjones almost 2 years ago

https://github.com/sparklemotion/nokogiri - 1.15.6 / 2024-03-16

1.15.6 / 2024-03-16

Note

This security release is a backport to the unsupported v1.15.x branch. Current stable is v1.16.x, which addressed the referenced CVE in v1.16.2 on 2024-02-04.

Security

  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See GHSA-xc9x-jj77-9p9j for more information.

Dependencies

sha256 checksums:

d79f713dffff149d60ab272d206a3ca96db2b891ab6a9f65362bfb78aface37a  gems/nokogiri-1.15.6-aarch64-linux.gem
62b5b7b387ec6c61c1ea5f889b7bc579eedd37f265f7cc1dc392484938549f1a  gems/nokogiri-1.15.6-arm-linux.gem
ba93c63f5c03047778abf16c80676fe67e7eb7d871ab0aaa7e2c2dfe4ec20027  gems/nokogiri-1.15.6-arm64-darwin.gem
d24639a546ba58c86d18da1ed124eaecbd45c5ae4c4dec41751b730a2b732ac3  gems/nokogiri-1.15.6-java.gem
e36887d89ec1b080e4a01dd2ff52650003db01d2a5edf5e6ab19e4c0bdb1385f  gems/nokogiri-1.15.6-x64-mingw-ucrt.gem
852c59a398499c8fcb6478d76396dcd50afa8f8902563b76265cd7dc90a731a1  gems/nokogiri-1.15.6-x64-mingw32.gem
19e0a5fbfa4393353fbcf6801f8f62350b6e16f43c907680c5884896858a23a2  gems/nokogiri-1.15.6-x86-linux.gem
9d464bbbaad6721a5a73181165fda67573f64ef2803c3337f6f733603e9d309a  gems/nokogiri-1.15.6-x86-mingw32.gem
32d045cdb0ce097e4543a5e7a79efd13ff05d904e32f4328732149dbea3c7f15  gems/nokogiri-1.15.6-x86_64-darwin.gem
26a79da0377100d6938ae2f1b115230a8a4a4595e35b89164d8495af32091186  gems/nokogiri-1.15.6-x86_64-linux.gem
70ce799b4b3e23b358501f1da3914f70b1c7a113fb12e96a7d53558481146e08  gems/nokogiri-1.15.6.gem

- C
Published by flavorjones almost 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.3 / 2024-03-15

v1.16.3 / 2024-03-15

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.6 from v2.12.5. (@flavorjones)

Changed

  • [CRuby] XML::Reader sets the @encoding instance variable during reading if it is not passed into the initializer. Previously, it would remain nil. The behavior of Reader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.

sha256 checksums:

3d806263a0548e5163ff256655d78a87998fa83a5ae256b83c14a1a97731e824  nokogiri-1.16.3-aarch64-linux.gem
cfb923c02bde065005e2521f0a6883c63cf305cb899a9dd4c74897731bb2af1d  nokogiri-1.16.3-arm-linux.gem
5d3268558c002fa493e33076798cfda1df8effbd5363060dc41595cfebb1cf90  nokogiri-1.16.3-arm64-darwin.gem
6bf0918233959c7d5e703061ada0f436544612397475a866aa314071f02bfabb  nokogiri-1.16.3-java.gem
656f163dd287671c3a28157a2e853ee1a36afeb3f4185a78af863f3980efc58d  nokogiri-1.16.3-x64-mingw-ucrt.gem
7330f65cf2f8fa442327112b6515b4988f396d23010d33571714fd2ac0648fb9  nokogiri-1.16.3-x64-mingw32.gem
08d8a369940fa2309379cd8af1e7b3cc702b0115d3ddd197cfa7b33daedfd541  nokogiri-1.16.3-x86-linux.gem
cd26e99fa6388cd73c8892bb99ac98af162fe83c8f71c6473dfeba7aac76bcb9  nokogiri-1.16.3-x86-mingw32.gem
bc22786f4db4c32a5587e3b77a106408148d3bb1602dd0b52c0f5c968c42d17d  nokogiri-1.16.3-x86_64-darwin.gem
47a3330e41b49a100225b6fab490b2dc43410931e01e791886e0c2998412e8cb  nokogiri-1.16.3-x86_64-linux.gem
498aa253ccd5b89a0fa5c4c82b346d22176fc865f4a12ef8da642064d1d3e248  nokogiri-1.16.3.gem

- C
Published by flavorjones almost 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.2 / 2024-02-04

v1.16.2 / 2024-02-04

Security

  • [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See GHSA-xc9x-jj77-9p9j for more information.

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.5 from v2.12.4. (@flavorjones)

sha256 checksums:

69ba15d2a2498324489ed63850997f0b8f684260114ea81116d3082f16551d2d  nokogiri-1.16.2-aarch64-linux.gem
6a05ce42e3587a40cf8936ece0beaa5d32922254215d2e8cf9ad40588bb42e57  nokogiri-1.16.2-arm-linux.gem
c957226c8e36b31be6a3afb8602e2128282bf8b40ea51016c4cd21aa2608d3f8  nokogiri-1.16.2-arm64-darwin.gem
122652bfc338cd8a54a692ac035e245e41fd3b8283299202ca26e7a7d50db310  nokogiri-1.16.2-java.gem
7344b5072ca69fc5bedb61cb01a3b765b93a27aae5a2a845c2ba7200e4345074  nokogiri-1.16.2-x64-mingw-ucrt.gem
a2a5e184a424111a0d5b77947986484920ad708009c667f061e8d02035c562dd  nokogiri-1.16.2-x64-mingw32.gem
833efddeb51a6c2c9f6356295623c2b2e0d50050d468695c59bd929162953323  nokogiri-1.16.2-x86-linux.gem
e67fc0418dffaff9dc8b1dc65f0605282c3fee9488832d0223b620b4319e0b53  nokogiri-1.16.2-x86-mingw32.gem
5def799e5f139f21a79d7cf71172313a7b6fb0e4b2a31ab9bd5d4ad305994539  nokogiri-1.16.2-x86_64-darwin.gem
5b146240ac6ec6c40fd4367623e74442bca45a542bd3282b1d4d18b07b8e5dfe  nokogiri-1.16.2-x86_64-linux.gem
68922ee5cde27497d995c46f2821957bae961947644eed2822d173daf7567f9c  nokogiri-1.16.2.gem

- C
Published by flavorjones about 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.1 / 2024-02-03

v1.16.1 / 2024-02-03

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.12.4 from v2.12.3. (@flavorjones)

Fixed

  • [CRuby] XML::Reader defaults the encoding to UTF-8 if it's not specified in either the document or as a method parameter. Previously non-ASCII characters were serialized as NCRs in this case. [#2891] (@flavorjones)
  • [CRuby] Restored support for compilation by GCC versions earlier than 4.6, which was broken in v1.15.0 (540e9aee). [#3090] (@adfoster-r7)
  • [CRuby] Patched upstream libxml2 to allow parsing HTML5 in the context of a namespaced node (e.g., foreign content like MathML). [#3112, #3116] (@flavorjones)
  • [CRuby] Fixed a small memory leak in libgumbo (HTML5 parser) when the maximum tree depth limit is hit. [#3098, #3100] (@stevecheckoway)

sha256 checksums:

a541f35e5b9798a0c97300f9ee18f4217da2a2945a6d5499e4123b9018f9cafc  nokogiri-1.16.1-aarch64-linux.gem
6b82affd195000ab2f9c36cc08744ec2d2fcf6d8da88d59a2db67e83211f7c69  nokogiri-1.16.1-arm-linux.gem
487f0072c154b8a8fd12716f746beee9fb7cea1d62773471bb2951e540f3798a  nokogiri-1.16.1-arm64-darwin.gem
d45378ce34b8d2cfac2428cebb0e21ace4d9c97e76c565ba2e8cec041df02afb  nokogiri-1.16.1-java.gem
d50359f604e650e47365baa8af231b587080ffa7bb84ffca836f34f8c06ae10d  nokogiri-1.16.1-x64-mingw-ucrt.gem
5b656174e77db8f97ee2cc45c4f1476c8262797b577e8fc8abf458beefd4372c  nokogiri-1.16.1-x64-mingw32.gem
c6ba741e41b73a75cdefbf3733101c66a93eb041cab22ba3472a6c548f5b20d7  nokogiri-1.16.1-x86-linux.gem
e37439f5ce9bf91f3797420f8a1e1502ebc3654c3ca4eca80a0b2707235c9326  nokogiri-1.16.1-x86-mingw32.gem
380c94bd8a7fbdee4633db117e5c1ef04cafd35e0dbbdb20eb9224631fe0dc49  nokogiri-1.16.1-x86_64-darwin.gem
cf43557ea7eed0e9f9ed90837a27e1dbfb7fd56d65eb806955965e02231bed3e  nokogiri-1.16.1-x86_64-linux.gem
304db173d8a87afc63f1e1702a671d9eb9e4a30974b297ccca604f6cfd3ed2a7  nokogiri-1.16.1.gem

- C
Published by flavorjones about 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.0 / 2023-12-27

v1.16.0 / 2023-12-27

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.3.

This release ends support for Ruby 2.7, for which upstream support ended 2023-03-31.

Pattern matching

This version marks official support for the pattern matching API in XML::Attr, XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and XML::NodeSet (and their subclasses), originally introduced as an experimental feature in v1.14.0. (@flavorjones)

Documentation on what can be matched:

Dependencies

Fixed

  • CSS nth pseudo-classes now handle spaces, e.g. "2n + 1". [#3018] (@fusion2004)
  • [CRuby] libgumbo no longer leaks memory when an incomplete tag is abandoned by the HTML5 parser. [#3036] (@flavorjones)

Removed

  • Removed Nokogiri::HTML5.get which was deprecated in v1.12.0. [#2278] (@flavorjones)
  • Removed the CSS-to-XPath utility modules XPathVisitorAlwaysUseBuiltins and XPathVisitorOptimallyUseBuiltins, which were deprecated in v1.13.0 in favor of XPathVisitor constructor args. [#2403] (@flavorjones)
  • Removed XML::Reader#attribute_nodes which was deprecated in v1.13.8 in favor of #attribute_hash. [#2598, #2599] (@flavorjones)
  • [CRuby] Removed the libxml/libxml2_path key from VersionInfo, used in the past for third-party library integration, in favor of the nokogiri/cppflags and nokogiri/ldflags keys. Please note that third-party library integration is not fully supported and may be deprecated soon, see #2746 for more context. [#2143] (@flavorjones)

Thank you!

The following people and organizations were kind enough to sponsor @flavorjones or the Nokogiri project during the development of v1.16.0:

  • Götz Görisch @GoetzGoerisch
  • Airbnb @airbnb
  • Maxime Gauthier @biximilien
  • Renuo AG @renuo
  • YOSHIDA Katsuhiko @kyoshidajp
  • Homebrew @Homebrew
  • Hiroshi SHIBATA @hsbt
  • @zzak
  • Evil Martians @evilmartians
  • Ajaya Agrawalla @ajaya
  • Modern Treasury @Modern-Treasury
  • Danilo Lessa Bernardineli @danlessa
  • matt marques @mestre-dos-magos
  • Quan Nguyen @qu8n
  • Harry Lascelles @hlascelles
  • Oleksandr Tyshchenko @altivi
  • Prowly @prowlycom
  • Better Stack Community @betterstack-community
  • Sentry @getsentry
  • Codecov @codecov
  • Typesense @typesense
  • Roy Boivin II @Yabbo
  • Frank Groeneveld @frenkel

We'd also like to thank @github who donate a ton of compute time for our CI pipelines!

sha256 checksums:

8cd981dfd4bea4f519ceebb885cf3b422b71c059d841c039d327e73b19247f53  nokogiri-1.16.0-aarch64-linux.gem
c68d861155c40777eee3eb4efbb375d665c8c889cebd5cd1ba32f30a8aac6c21  nokogiri-1.16.0-arm-linux.gem
10c08f246085709790ea628b5fa031cf23dadd843e173711b335ba6287b59d0a  nokogiri-1.16.0-arm64-darwin.gem
f76f2dc353993862d07eccfc5561e373e8058d62e265bae9bcf4f4793c35c9e2  nokogiri-1.16.0-java.gem
5c59792f7f5f8a76e17a87b89b9057544853a6f713b692a75b7f8895a854b74f  nokogiri-1.16.0-x64-mingw-ucrt.gem
286950458a58bdf09bb3a800ac16f0aa361aa9a6c9a63bcd71e98e3c34d314a8  nokogiri-1.16.0-x64-mingw32.gem
159107da8a35f1fc22ee5b78d70da9bda4098a3771a29beac3f727cafd5041cb  nokogiri-1.16.0-x86-linux.gem
27d3d96f53b3fa1da9c4d9d69fffadc34abf7350a8e22be61a7483f15f065438  nokogiri-1.16.0-x86-mingw32.gem
237aa89b9ef6b8e014f197167677926ebc4bdb9cafb2b101399d8001fda4fa43  nokogiri-1.16.0-x86_64-darwin.gem
6f55093bb47e75d412138f4b9462f960d3aad96cb6b43dbe9a3de62c2d31a742  nokogiri-1.16.0-x86_64-linux.gem
341388184e975d091e6e38ce3f3b3388bfb7e4ac3d790efd8e39124844040bd1  nokogiri-1.16.0.gem

- C
Published by flavorjones about 2 years ago

https://github.com/sparklemotion/nokogiri - v1.16.0.rc1 / 2023-12-13

v1.16.0.rc1 / 2023-12-13

Ruby

This release introduces native gem support for Ruby 3.3, ahead of the final release. Ruby 3.3.0 final support depends on whether the ABI changes between 3.3.0-rc1 and 3.3.0 final (see note at https://www.ruby-lang.org/en/news/2023/12/11/ruby-3-3-0-rc1-released). Expect a v1.16.0 final release that coincides with Ruby's 3.3.0 final release.

This release ends support for Ruby 2.7, for which upstream support ended 2023-03-31.

Notable Changes

Pattern matching

This version marks official support for the pattern matching API in XML::Attr, XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and XML::NodeSet (and their subclasses), originally introduced as an experimental feature in v1.14.0. (@flavorjones)

Dependencies

Fixed

  • CSS nth pseudo-classes now handle spaces, e.g. "2n + 1". [#3018] (@fusion2004)
  • libgumbo no longer leaks memory when an incomplete tag is abandoned by the HTML5 parser. [#3036] (@flavorjones)

Removed

  • Removed Nokogiri::HTML5.get which was deprecated in v1.12.0. [#2278] (@flavorjones)
  • Removed the CSS-to-XPath utility modules XPathVisitorAlwaysUseBuiltins and XPathVisitorOptimallyUseBuiltins, which were deprecated in v1.13.0 in favor of XPathVisitor constructor args. [#2403] (@flavorjones)
  • Removed XML::Reader#attribute_nodes which was deprecated in v1.13.8 in favor of #attribute_hash. [#2598, #2599] (@flavorjones)
  • Removed the libxml/libxml2_path key from VersionInfo, used in the past for third-party library integration, in favor of the nokogiri/cppflags and nokogiri/ldflags keys. Please note that third-party library integration is not fully supported and may be deprecated soon, see #2746 for more context. [#2143] (@flavorjones)

sha256 checksums:

19f07d152ed1b000301a3dc229cfa7f12418448313914a792d272d6d10a70f55  nokogiri-1.16.0.rc1-aarch64-linux.gem
b200b917ba1baed90872dc126c545f5a741b4bd107606ee20ac3c96a0cd374c6  nokogiri-1.16.0.rc1-arm-linux.gem
4b7f735093ce4e2de1622828493f7f4fdf4014a3ec5928b0145c0e05a9a006a8  nokogiri-1.16.0.rc1-arm64-darwin.gem
22d16479f8ad3ae980d045a66820fae4473d7bda19941be44a42d758a86e6273  nokogiri-1.16.0.rc1-java.gem
01416cee138d67f7a824c3ac2711ae51f0d7042b0504b1649f27757f9292bdd4  nokogiri-1.16.0.rc1-x64-mingw-ucrt.gem
7825296a6bda0d8784158f3d50c24d367cbdd2029ed1fbcf995c4d9850147873  nokogiri-1.16.0.rc1-x64-mingw32.gem
f0abb7e08aa78225b4b3b7f7ba912828bd5a1a49fe609f66323731afd9ed5678  nokogiri-1.16.0.rc1-x86-linux.gem
7715885f693c567170847488b7c84c5e3fbdfe559258877b900eec9327aa5b13  nokogiri-1.16.0.rc1-x86-mingw32.gem
716304249d9ac176a04e48bb0f2c3db7c969a33392380b9ad80f3a3aa0eaeafd  nokogiri-1.16.0.rc1-x86_64-darwin.gem
d13b07688051a812e6c555e43390985f39f18bdd4d6729f30942a665d3b1bb81  nokogiri-1.16.0.rc1-x86_64-linux.gem
61e089936b1ddf3d1ab6124f0a226f98d45d58536a53eaf738a2efe760e763c8  nokogiri-1.16.0.rc1.gem

- C
Published by flavorjones about 2 years ago

https://github.com/sparklemotion/nokogiri - 1.15.5 / 2023-11-17

1.15.5 / 2023-11-17

Dependencies

sha256 checksums:

6dfa1d9837ddb233e234d56e244560ab1bc545d3d1744478060e18691f44ded7  nokogiri-1.15.5-aarch64-linux.gem
e3ac6608c6e1714bc11ff04e29a43fedf4cac2aea1bd88256cc3b927c06f347f  nokogiri-1.15.5-arm-linux.gem
4d7b15d53c0397d131376a19875aa97dd1c8b404c2c03bd2171f9b77e9592d40  nokogiri-1.15.5-arm64-darwin.gem
5f87e71aaeb4f7479b94698737a0aacea77836b4805c7433b655e9565bd56cfe  nokogiri-1.15.5-java.gem
7612be800909ae51e0a7cfbe1f768757857a9ff0339686814ca67d9bae271ca2  nokogiri-1.15.5-x64-mingw-ucrt.gem
28fd78d98e12005fe017db5ceccb74b2497f30582e6e26a3344200625fe46aae  nokogiri-1.15.5-x64-mingw32.gem
0d1b564d7f148a6766380966bb48b23afa72c72c992c69c71d21acd4a7f5c0e4  nokogiri-1.15.5-x86-linux.gem
d27dbf44c19b83e570e65b660a8a921441d1e8b6063ab1b985b516f78e0a2854  nokogiri-1.15.5-x86-mingw32.gem
10bafa54935f68aebd23235cb0fc7dfb8f6f5e52131379484771247eb3a0cc70  nokogiri-1.15.5-x86_64-darwin.gem
c5d9453cc155dc15f08ac699cc1293fd994ec6cfacec48e67653aa95ee946adf  nokogiri-1.15.5-x86_64-linux.gem
22448ca35dbcbdcec60dbe25ccf452b685a5436c28f21b2fec2e20917aba9100  nokogiri-1.15.5.gem

- C
Published by flavorjones over 2 years ago

https://github.com/sparklemotion/nokogiri - 1.15.4 / 2023-08-11

1.15.4 / 2023-08-11

Dependencies

Fixed

  • Fixed a typo in a HTML5 parser error message. [#2927] (Thanks, @anishathalye!)
  • [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with complex DTDs. In previous versions, this debugging method could result in a segfault. [#2923, #2924]

sha256 checksums:

14091a07e07045a440213f7d5ced732fa7654ae8b6c7d180137f4124c5284ab8  nokogiri-1.15.4-aarch64-linux.gem
572ddc19934d010e98821a946d89462ae66b310fecc3fe12c48b0025c2f76855  nokogiri-1.15.4-arm-linux.gem
707288e293f4fc82a008f90b7ba0180d9f803f6a239a13e424378fedf8cf93e9  nokogiri-1.15.4-arm64-darwin.gem
04745925f63af61144eccef38a703928629cf97c34dbb1c42e3def17ac77ec92  nokogiri-1.15.4-java.gem
a0bfb65461a0453afed1a41b235fe84d5b9c7f4d70afd45f0dc2fdec8909faf1  nokogiri-1.15.4-x64-mingw-ucrt.gem
b9d01b9202e33cc23d19b2c1fc18ff4029cdda9b4f937a4baaefd4124a2158ba  nokogiri-1.15.4-x64-mingw32.gem
f6ae258d7ed5f81715118282aa45486e68fd44b9747d0244a236e9ed5b94c45d  nokogiri-1.15.4-x86-linux.gem
3f65b2426ece8da908bd5df5b6262ce525393f5245f8258a245bb4c3f5759b98  nokogiri-1.15.4-x86-mingw32.gem
d756605c540034debd7f486ae27802e6b1b129013fd6b1bb823783ef6f2bc5d7  nokogiri-1.15.4-x86_64-darwin.gem
872ced3d72d797ed9b5a76c67141c6cee7589711358e11c73e9c53724ffd1842  nokogiri-1.15.4-x86_64-linux.gem
e4a801e5ef643cc0036f0a7e93433d18818b31d48c9c287596b68e92c0173c4d  nokogiri-1.15.4.gem

- C
Published by flavorjones over 2 years ago

https://github.com/sparklemotion/nokogiri - 1.15.3 / 2023-07-05

1.15.3 / 2023-07-05

Fixed

  • Passing an object that is not a kind of XML::Node as the first parameter to CDATA.new now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • Passing an object that is not a kind of XML::Node as the first parameter to Schema.from_document now raises a TypeError. Previously this would result in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
  • [CRuby] Passing an object that is not a kind of XML::Node as the second parameter to Text.new now raises a TypeError. Previously this would result in a segfault. [#2920]
  • [CRuby] Replacing a node's children via methods like Node#inner_html=, #children=, and #replace no longer defensively dups the node's next sibling if it is a Text node. This behavior was originally adopted to work around libxml2's memory management (see #283 and #595) but should not have included operations involving xmlAddChild(). [#2916]
  • [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895] (Thanks, @cbasguti!)

sha256 checksums:

70dadf636ae026f475f07c16b12c685544d4f8a764777df629abf1f7af0f2fb5  nokogiri-1.15.3-aarch64-linux.gem
83871fa3f544dc601e27abbdef87315a77fe1270fe4904986bd3a7df9ca3d56f  nokogiri-1.15.3-arm-linux.gem
fa4a027478df9004a2ce91389af7b7b5a4fc790c23492dca43b210a0f8770596  nokogiri-1.15.3-arm64-darwin.gem
95d410f995364d9780c4147d8fca6974447a1ccd3a1e1b092f0408836a36cc9c  nokogiri-1.15.3-java.gem
599a46b6e4f5a34dd21da06bdbd69611728304af5ef42bb183e4b4ca073fd7a3  nokogiri-1.15.3-x64-mingw-ucrt.gem
92ebfb637c9b7ba92a221b49ea3328c7e5ee79a28307d75ef55bfe4b5807face  nokogiri-1.15.3-x64-mingw32.gem
ee314666eca832fa71b5bb4c090be46a80aded857aa26121b3b51f3ed658a646  nokogiri-1.15.3-x86-linux.gem
44b7f18817894a5b697bab3d757b12bb7857a0218c1b2e0000929456a2178b34  nokogiri-1.15.3-x86-mingw32.gem
1f0bc0343f9dd1db8dd42e4c9110dd24fc11a7f923b9fa0f866e7f90739e4e7a  nokogiri-1.15.3-x86_64-darwin.gem
ca244ed58568d7265088f83c568d2947102fb00bac14b5bc0e63f678dcd6323d  nokogiri-1.15.3-x86_64-linux.gem
876631295a85315dac37e7a71386d62d9eb452a891083cfe7505cca4805088cb  nokogiri-1.15.3.gem

- C
Published by flavorjones over 2 years ago

https://github.com/sparklemotion/nokogiri - 1.15.2 / 2023-05-24

1.15.2 / 2023-05-24

Dependencies

  • [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.

Fixed

  • [JRuby] Java 8 support is restored, fixing a regression present in v1.14.0..v1.14.4 and v1.15.0..v1.15.1. [#2887]

sha256 checksums:

497c698f0cc0f283934c9c93064249d113408e97e5f3677b0b5111af24a67c29  nokogiri-1.15.2-aarch64-linux.gem
505ad4b80cedd12bc3c53065079cc825e7f3d4094ca7b54176ae6f3734dbe2cc  nokogiri-1.15.2-arm-linux.gem
bbedeaf45ce1494f51806e5fab0d31816fc4584f8e2ec757dd516b9b30847ee4  nokogiri-1.15.2-arm64-darwin.gem
b15ba3c1aa5b3726d7aceb44f635250653467c5b0d04248fa0f6a6afc6515fb0  nokogiri-1.15.2-java.gem
bc3cc9631c9dd7a74a59554215474da657f956ccb126391d082a2a8c45d3ee14  nokogiri-1.15.2-x64-mingw-ucrt.gem
1fd27732b161a497275798e502b31e97dfe1ab58aac02c0d6ace9cbe1fd6a38c  nokogiri-1.15.2-x64-mingw32.gem
931383c6351d79903149b5c6a988e88daada59d7069f3a01b4dcf6730d411cc6  nokogiri-1.15.2-x86-linux.gem
3f4a6350ca1d87d185f4bf509d953820c7191d1cf4213cc3bac9c492b9b4a720  nokogiri-1.15.2-x86-mingw32.gem
b57eeec09ee1c4010e317f50d2897fb9c1133d02598260db229e81127b337930  nokogiri-1.15.2-x86_64-darwin.gem
5bca696b9283ad7ce97b9c0dfdf029a62c26e92f39f440a65795e377d44f119a  nokogiri-1.15.2-x86_64-linux.gem
20dc800b8fbe4c4f4b5b164e6aa3ab82a371bcb27eb685c166961c34dd8a22d7  nokogiri-1.15.2.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.5 / 2023-05-24

1.14.5 / 2023-05-24

Note

To ensure that JRuby users on Java 8 can apply the security changes from v1.14.4, we're cutting this release on the v1.14.x branch. We don't expect to make any more v1.14.x releases.

Dependencies

  • [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is functionally equivalent to v0.1.11.noko1 but restores support for Java 8.

Fixed

  • [JRuby] Java 8 support is restored, fixing a regression introduced in v1.14.0. [#2887]

sha256 checksums:

60e521687e7fb81dbaa2c942d48efc22083780bc76d45586dc0a324bf0fb0e97  nokogiri-1.14.5-aarch64-linux.gem
80ea31d2534b14409e37437934c1c614de9844c806f72fc64134f50e0f3c1131  nokogiri-1.14.5-arm-linux.gem
3ab8ff3b62f4ff5826406007befea2d7ac33de2ee0c66209dd72ec16d0e8f5bf  nokogiri-1.14.5-arm64-darwin.gem
edc932157786888c8f83b49c811ac0ec26a5b23f8e3c69590c311cc14b7e6bf0  nokogiri-1.14.5-java.gem
75e476c4e0c91f0f8f00f7c8e697bb3f5c9932f948658cf90babdbebbd6f6c27  nokogiri-1.14.5-x64-mingw-ucrt.gem
73bd6ee2dbabd1a337c6878a8d349a872f04a3448505fbe7c773a1dfbb69e310  nokogiri-1.14.5-x64-mingw32.gem
a9e4dc50c1cc327bfca3516281eba3fe972fd80bac64c7cdee4bcf07fbfd817d  nokogiri-1.14.5-x86-linux.gem
aea78a61c684f36213d38777a7cd09aa272c5193f11cbaf2b455bcaeebd4196b  nokogiri-1.14.5-x86-mingw32.gem
7375a81e5fba6a5ada3e47cd02a53ca54d0d25ae73b8ebc6e3a962e46947a7b9  nokogiri-1.14.5-x86_64-darwin.gem
0b2150ae90a676a504cbab018d24188eb526bc886ab18b4303102df6b3077160  nokogiri-1.14.5-x86_64-linux.gem
23f69ddeb1e8ead5341bbbbca18d37de29c0265bc90e94bc5d9663b254dfdcbc  nokogiri-1.14.5.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.15.1 / 2023-05-19

1.15.1 / 2023-05-19

Dependencies

Fixed

  • [CRuby] The libxml2 update fixes an encoding regression when push-parsing UTF-8 sequences. [#2882, upstream issue and commit]

sha256 checksums:

a5d622a36d67c5296cf892871501abf0ca168056276d6c52519254cc05e2ed8e  nokogiri-1.15.1-aarch64-linux.gem
ccc3b40e1f75e683107c78d0c77503df6520c614a0ea145743e929e492459662  nokogiri-1.15.1-arm-linux.gem
6d2ea3421f05dbd761017de1a16eae0fd83fbacf344310050796e674598ad711  nokogiri-1.15.1-arm64-darwin.gem
123c0c2f8e4bdb5b4bb42a2048ac3683b11b37d1778b804e4cb71c8fc7422d00  nokogiri-1.15.1-java.gem
bf7e93658c7ec590ccbcbf67793a12fd229c806568fdbbe4c67f03c057f0ffbe  nokogiri-1.15.1-x64-mingw-ucrt.gem
accc1d3815c92fab56b54bc0ec2512b0cd8c7c0c2aeb57f2aafcdd012565600b  nokogiri-1.15.1-x64-mingw32.gem
6f43de41616d627a2b1262f09c062f475aff0b9ed67df68f4b06eb8209fdb797  nokogiri-1.15.1-x86-linux.gem
b3b3b5c4e9315463496b4af94446a0b5b26c7cf8fbe26fd3ddd35cdcbdd60710  nokogiri-1.15.1-x86-mingw32.gem
3a2fbb7a1d641f30d06293683d6baf80183de6e0250a807061ed97a4ba4a8e52  nokogiri-1.15.1-x86_64-darwin.gem
f7992293b0a85932fed1932cf6074107e81c4e84344efbdbaf8eccc9b891dbaa  nokogiri-1.15.1-x86_64-linux.gem
68d511e3cffde00225fbbf0e7845a906581b598bf6656f9346649b05e6b7f583  nokogiri-1.15.1.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.15.0 / 2023-05-15

1.15.0 / 2023-05-15

Notes

Ability to opt into system malloc and free

Since 2009, Nokogiri has configured libxml2 to use ruby_xmalloc et al for memory management. This has provided benefits for memory management, but comes with a performance penalty.

Users can now opt into using system malloc for libxml2 memory management by setting an environment variable:

# "default" here means "libxml2's default" which is system malloc
NOKOGIRI_LIBXML_MEMORY_MANAGEMENT=default

Benchmarks show that this setting will significantly improve performance, but be aware that the tradeoff may involve poorer memory management including bloated heap sizes and/or OOM conditions.

You can read more about this in the decision record at adr/2023-04-libxml-memory-management.md.

Dependencies

Added

  • Encoding objects may now be passed to serialization methods like #to_xml, #to_html, #serialize, and #write_to to specify the output encoding. Previously only encoding names (strings) were accepted. [#2774, #2798] (Thanks, @ellaklara!)
  • [CRuby] Users may opt into using system malloc for libxml2 memory management. For more detail, see note above or adr/2023-04-libxml-memory-management.md.

Changed

  • [CRuby] Schema.from_document now makes a defensive copy of the document if it has blank text nodes with Ruby objects instantiated for them. This prevents unsafe behavior in libxml2 from causing a segfault. There is a small performance cost, but we think this has the virtue of being "what the user meant" since modifying the original is surprising behavior for most users. Previously this was addressed in v1.10.9 by raising an exception.

Fixed

  • [CRuby] XSLT.transform now makes a defensive copy of the document if it has blank text nodes with Ruby objects instantiated for them and the template uses xsl:strip-spaces. This prevents unsafe behavior in libxslt from causing a segfault. There is a small performance cost, but we think this has the virtue of being "what the user meant" since modifying the original is surprising behavior for most users. Previously this would allow unsafe memory access and potentially segfault. [#2800]

Improved

  • Nokogiri::XML::Node::SaveOptions#inspect now shows the names of the options set in the bitmask, similar to ParseOptions. [#2767]
  • #inspect and pretty-printing are improved for AttributeDecl, ElementContent, ElementDecl, and EntityDecl.
  • [CRuby] The C extension now uses Ruby's TypedData API for managing all the libxml2 structs. Write barriers may improve GC performance in some extreme cases. [#2808] (Thanks, @etiennebarrie and @byroot!)
  • [CRuby] ObjectSpace.memsize_of reports a pretty good guess of memory usage when called on Nokogiri::XML::Document objects. [#2807] (Thanks, @etiennebarrie and @byroot!)
  • [CRuby] Users installing the "ruby" platform gem and compiling libxml2 and libxslt from source will now be using a modern config.guess and config.sub that supports new architectures like loongarch64. [#2831] (Thanks, @zhangwenlong8911!)
  • [CRuby] HTML5 parser:
  • [JRuby] Node#first_element_child now returns nil if there are only non-element children. Previously a null pointer exception was raised. [#2808, #2844]
  • Documentation for Nokogiri::XSLT now has usage examples including custom function handlers.

Deprecated

  • Passing a Nokogiri::XML::Node as the first parameter to CDATA.new is deprecated and will generate a warning. This parameter should be a kind of Nokogiri::XML::Document. This will become an error in a future version of Nokogiri.
  • Passing a Nokogiri::XML::Node as the first parameter to Schema.from_document is deprecated and will generate a warning. This parameter should be a kind of Nokogiri::XML::Document. This will become an error in a future version of Nokogiri.
  • Passing a Nokogiri::XML::Node as the second parameter to Text.new is deprecated and will generate a warning. This parameter should be a kind of Nokogiri::XML::Document. This will become an error in a future version of Nokogiri.
  • [CRuby] Calling a custom XPath function without the nokogiri namespace is deprecated and will generate a warning. Support for non-namespaced functions will be removed in a future version of Nokogiri. (Note that JRuby has never supported non-namespaced custom XPath functions.)

Thank you!

The following people and organizations were kind enough to sponsor @flavorjones or the Nokogiri project during the development of v1.15.0:

  • Götz Görisch (@GoetzGoerisch)
  • Airbnb (@airbnb)
  • Kyohei Nanba (@kyo-nanba)
  • Maxime Gauthier (@biximilien)
  • @renuo
  • @dbootyfvrt
  • YOSHIDA Katsuhiko (@kyoshidajp)
  • Homebrew (@Homebrew)
  • Hiroshi SHIBATA (@hsbt)
  • PuLLi (@the-pulli)
  • SiteLog GmbH (@sitelog-gmbh)
  • @zzak
  • Evil Martians (@evilmartians)
  • Ajaya Agrawalla (@ajaya)
  • Modern Treasury (@Modern-Treasury)
  • Danilo Lessa Bernardineli (@danlessa)

We'd also like to thank @github who donate a ton of compute time for our CI pipelines!

sha256 checksums:

7dbb717c6abc6b99baa4a4e1586a6de5332513f72a8b3568a69836268c2e1f86  nokogiri-1.15.0-aarch64-linux.gem
a60c373d86a9a181f9ace78793c4a91ab8fa971af3cce93e9fdf022cd808fe41  nokogiri-1.15.0-arm-linux.gem
41d312b2d4aa6b6750c2431a25c1bf25fb567bc1e0a750cf55dd02354967724b  nokogiri-1.15.0-arm64-darwin.gem
51cc8d4d98473d00c0ee18266d146677161b6dd16f8c89cc637db91d47b87c63  nokogiri-1.15.0-java.gem
1b2d92e240d12ac0a27cb0618f52af6c405831fd339a45aaab265cecda1dc6ab  nokogiri-1.15.0-x64-mingw-ucrt.gem
497840b3ed9037095fbdd1bf6f7c63d23efab5bcbb03b89d94a6ac8bcab3eda5  nokogiri-1.15.0-x64-mingw32.gem
5c26427f3cf28d8c1e43f7a7bc58e50298461c7bed5179456b122eefc2b2c5cb  nokogiri-1.15.0-x86-linux.gem
cbf93df1c257693dfe804c01252415ca7cb9d2452d6cebddf7a35a5dbeb3ea12  nokogiri-1.15.0-x86-mingw32.gem
ca6cd6ed08e736063539c4aa7454391dfa4153908342e3d873f5bd9218d6f644  nokogiri-1.15.0-x86_64-darwin.gem
4b28e9151e884c10794e0acf4a6f49db933eee3cd90b20aab952ee0102a03b0c  nokogiri-1.15.0-x86_64-linux.gem
0ca8ea2149bdaaae8db39f11971af86c83923ec58b72c519d498ec44e1dfe97f  nokogiri-1.15.0.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.4 / 2023-05-11

1.14.4 / 2023-05-11

Dependencies

  • [JRuby] Vendored Xalan-J is updated to v2.7.3. This is the first Xalan release in nine years, and it was done to address CVE-2022-34169.

    The Nokogiri maintainers wish to stress that Nokogiri users were not vulnerable to this CVE, as we explained in GHSA-qwq9-89rg-ww72, and so upgrading is really at the discretion of users.

    This release was cut primarily so that JRuby users of v1.14.x can avoid vulnerability scanner alerts on earlier versions of Xalan-J.

sha256 checksums:

0fbca96bd832e0b12a2c4419b9a102329630d4e40a125cb85a0cae1585bc295d  nokogiri-1.14.4-aarch64-linux.gem
fe5b2c44c07b8042421634676c692d2780359c0df5d94daecb11493c028bcdf0  nokogiri-1.14.4-arm-linux.gem
44ded02aae759bada0161b7872116305f5e8b5dae924427290efd63e9adc2f3f  nokogiri-1.14.4-arm64-darwin.gem
d915a9b96d333c57d3a1bb72f05435ef311ecb19ae3b1c8c3f2263b67b519dde  nokogiri-1.14.4-java.gem
3ba597a50b6217e19a1bf1e5467022669ebad598951fa53314ed6e0ecbf41438  nokogiri-1.14.4-x64-mingw-ucrt.gem
2270ef8fc1f57fc0fa2391f82d460c0bf34b4d9e4a19a0ac81a2cb9bcffbaf2b  nokogiri-1.14.4-x64-mingw32.gem
bcccf4720d459be74f08e5b4c9704e67fbab8498cc36c686dcba69111996fb6b  nokogiri-1.14.4-x86-linux.gem
1a574a0a375dff5449af4168e432185ee77d0ad8368b60f6c4a2a699aff5c955  nokogiri-1.14.4-x86-mingw32.gem
c6400189fec268546d981a072828a44b8d4a1b2a32bee5026243c99af231b602  nokogiri-1.14.4-x86_64-darwin.gem
6d0e4e4f079fc03aa8b01cd8493acc1c34f7ae51fc0d58a04b6a0de73f8a53d8  nokogiri-1.14.4-x86_64-linux.gem
2bd1af41a980c51b8f073a3414213c8cf1c756a6e42984ad20a4a23f2e87e00d  nokogiri-1.14.4.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.3 / 2023-04-11

1.14.3 / 2023-04-11

Security

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.10.4 from v2.10.3.

sha256 checksums:

9cc53dd8d92868a0f5bcee44396357a19f95e32d8b9754092622a25bc954c60c  nokogiri-1.14.3-aarch64-linux.gem
320fa1836b8e59e86a804baee534893bcf3b901cc255bbec6d87f3dd3e431610  nokogiri-1.14.3-arm-linux.gem
67dd4ac33a8cf0967c521fa57e5a5422db39da8a9d131aaa2cd53deaa12be4cd  nokogiri-1.14.3-arm64-darwin.gem
13969ec7f41d9cff46fc7707224c55490a519feef7cfea727c6945c5b444caa2  nokogiri-1.14.3-java.gem
9885085249303461ee08f9a9b161d0a570391b8f5be0316b3ac5a6d9a947e1e2  nokogiri-1.14.3-x64-mingw-ucrt.gem
997943d7582a23ad6e7a0abe081d0d40d2c1319a6b2749f9b30fd18037f0c38a  nokogiri-1.14.3-x64-mingw32.gem
58c30b763aebd62dc4222385509d7f83ac398ee520490fadc4b6d7877e29895a  nokogiri-1.14.3-x86-linux.gem
e1d58a5c56c34aab71b00901a969e19bf9f7322ee459b4e9380f433213887c04  nokogiri-1.14.3-x86-mingw32.gem
f0a1ed1460a91fd2daf558357f4c0ceac6d994899da1bf98431aeda301e4dc74  nokogiri-1.14.3-x86_64-darwin.gem
e323a7c654ef846e64582fb6e26f6fed869a96753f8e048ff723e74d8005cb11  nokogiri-1.14.3-x86_64-linux.gem
3b1cee0eb8879e9e25b6dd431be597ca68f20283b0d4f4ca986521fad107dc3a  nokogiri-1.14.3.gem

- C
Published by flavorjones almost 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.2 / 2023-02-13

1.14.2 / 2023-02-13

Fixed

  • Calling NodeSet#to_html on an empty node set no longer raises an encoding-related exception. This bug was introduced in v1.14.0 while fixing #2649. [#2784]

sha256 checksums:

966acf4f6c1fba10518f86498141cf44265564ac5a65dcc8496b65f8c354f776  nokogiri-1.14.2-aarch64-linux.gem
8a3a35cadae4a800ddc0b967394257343d62196d9d059b54e38cf067981db428  nokogiri-1.14.2-arm-linux.gem
81404cd014ecb597725c3847523c2ee365191a968d0b5f7d857e03f388c57631  nokogiri-1.14.2-arm64-darwin.gem
0a39222af14e75eb0243e8d969345e03b90c0e02b0f33c61f1ebb6ae53538bb5  nokogiri-1.14.2-java.gem
62a18f9213a0ceeaf563d1bc7ccfd93273323c4356ded58a5617c59bc4635bc5  nokogiri-1.14.2-x64-mingw-ucrt.gem
54f6ac2c15a7a88f431bb5e23f4616aa8fc97a92eb63336bcf65b7050f2d3be0  nokogiri-1.14.2-x64-mingw32.gem
c42fa0856f01f901954898e28c3c2b4dce0e843056b1b126f441d06e887e1b77  nokogiri-1.14.2-x86-linux.gem
f940d9c8e47b0f19875465376f2d1c8911bc9489ac9a48c124579819dc4a7f19  nokogiri-1.14.2-x86-mingw32.gem
2508978f5ca28944919973f6300f0a7355fbe72604ab6a6913f1630be1030265  nokogiri-1.14.2-x86_64-darwin.gem
bc6405e1f3ddac6e401f82d775f1c0c24c6e58c371b3fadaca0596d5d511e476  nokogiri-1.14.2-x86_64-linux.gem
c765a74aac6cf430a710bb0b6038b8ee11f177393cd6ae8dadc7a44a6e2658b6  nokogiri-1.14.2.gem

- C
Published by flavorjones about 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.1 / 2023-01-30

1.14.1 / 2023-01-30

Fixed

  • Serializing documents now works again with pseudo-IO objects that don't support IO's encoding API (like rubyzip's Zip::OutputStream). This was a regression in v1.14.0 due to the fix for #752 in #2434, and was not completely fixed by #2753. [#2773]
  • [CRuby] Address compiler warnings about void* casting and old-style C function definitions.

sha256 checksums:

99594e8b94f576644ac640a223d74c79e840218948e963aa635f0254927bff10  nokogiri-1.14.1-aarch64-linux.gem
1dc9b7821e1fa1f3fda40659662e51a4b3692acc4ee6342ee34a6a537fc1d5d8  nokogiri-1.14.1-arm-linux.gem
1a693df86da8c4c97b01d614470f9c3e10b9c755de8803fbfcfffe0f9dff522a  nokogiri-1.14.1-arm64-darwin.gem
c1f87a8f7bc56028deb2aecbb29e9b318405f7c468b29047aede78b41bc735a2  nokogiri-1.14.1-java.gem
2463a1ae0be5f06a10f3f3b374c2b743bff6280db993d488511a19bb7bc7cb7c  nokogiri-1.14.1-x64-mingw-ucrt.gem
f3a2b0ceedf51d776b39dc759ce191a4df842d7d4f5900c64f33d4753db39877  nokogiri-1.14.1-x64-mingw32.gem
f395d6c28c822b0877cfb0c71781f05243c034b4823359ab25b3288a73b9fc82  nokogiri-1.14.1-x86-linux.gem
be34b32fe74e82bffca5b1f3df8727c8fdc828762b6dddab53a11cd8f8515785  nokogiri-1.14.1-x86-mingw32.gem
9b14091f77086c4f0f09451ba3acd1b5f7e0076fb34fc536682170fa9f1a5074  nokogiri-1.14.1-x86_64-darwin.gem
21d234c51582b292e2e1e02e6c30eea9188894348985d6910aa8e993749c0aff  nokogiri-1.14.1-x86_64-linux.gem
b2db3af7769c29cd77d5f39cd3d0b65ab10975bdecf04be71d683f9c9abe2663  nokogiri-1.14.1.gem

- C
Published by flavorjones about 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.0 / 2023-01-12

1.14.0 / 2023-01-12

Notable Changes

Ruby

This release introduces native gem support for Ruby 3.2. (Also see "Technical note" under "Changed" below.)

This release ends support for:

Faster, more reliable installation: Native Gem for aarch64-linux (aka linux/arm64/v8)

This version of Nokogiri ships official native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM64 Linux platforms. Please note that glibc >= 2.29 is required for aarch64-linux systems, see Supported Platforms for more information.

Faster, more reliable installation: Native Gem for arm-linux (aka linux/arm/v7)

This version of Nokogiri ships experimental native gem support for the arm-linux platform. Please note that glibc >= 2.29 is required for arm-linux systems, see Supported Platforms for more information.

Pattern matching

This version introduces an experimental pattern matching API for XML::Attr, XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and XML::NodeSet (and their subclasses).

Some documentation on what can be matched:

We welcome feedback on this API at #2360.

Dependencies

CRuby

  • Vendored libiconv is updated to v1.17

JRuby

  • This version of Nokogiri uses jar-dependencies to manage most of the vendored Java dependencies. nokogiri -v now outputs maven metadata for all Java dependencies, and Nokogiri::VERSION_INFO also contains this metadata. [#2432]
  • HTML parsing is now provided by net.sourceforge.htmlunit:neko-htmlunit:2.61.0 (previously Nokogiri used a fork of org.cyberneko.html:nekohtml)
  • Vendored Jing is updated from com.thaiopensource:jing:20091111 to nu.validator:jing:20200702VNU.
  • New dependency on net.sf.saxon:Saxon-HE:9.6.0-4 (via nu.validator:jing:20200702VNU).

Added

  • Node#wrap and NodeSet#wrap now also accept a Node type argument, which will be duped for each wrapper. For cases where many nodes are being wrapped, creating a Node once using Document#create_element and passing that Node multiple times is significantly faster than re-parsing markup on each call. [#2657]
  • [CRuby] Invocation of custom XPath or CSS handler functions may now use the nokogiri namespace prefix. Historically, the JRuby implementation required this namespace but the CRuby implementation did not support it. It's recommended that all XPath and CSS queries use the nokogiri namespace going forward. Invocation without the namespace is planned for deprecation in v1.15.0 and removal in a future release. [#2147]
  • HTML5::Document#quirks_mode and HTML5::DocumentFragment#quirks_mode expose the quirks mode used by the parser.

Improved

Functional

Performance

  • Serialization of HTML5 documents and fragments has been re-implemented and is ~10x faster than previous versions. [#2596, #2569]
  • Parsing of HTML5 documents is ~90% faster thanks to additional compiler optimizations being applied. [#2639]
  • Compare Encoding objects rather than compare their names. This is a slight performance improvement and is future-proof. [#2454] (Thanks, @casperisfine!)

Error handling

  • Document#canonicalize now raises an exception if inclusive_namespaces is non-nil and the mode is inclusive, i.e. XML_C14N_1_0 or XML_C14N_1_1. inclusive_namespaces can only be passed with exclusive modes, and previously this silently failed.
  • Empty CSS selectors now raise a clearer Nokogiri::CSS::SyntaxError message, "empty CSS selector". Previously the exception raised from the bowels of racc was "unexpected '$' after ''". [#2700]
  • [CRuby] XML::Reader parsing errors encountered during Reader#attribute_hash and Reader#namespaces now raise an XML::SyntaxError. Previously these methods would return nil and users would generally experience NoMethodErrors from elsewhere in the code.
  • Prefer ruby_xmalloc to malloc within the C extension. [#2480] (Thanks, @Garfield96!)

Installation

  • Avoid compile-time conflict with system-installed gumbo.h on OpenBSD. [#2464]
  • Remove calls to vasprintf in favor of platform-independent rb_vsprintf
  • Installation from source on systems missing libiconv will once again generate a helpful error message (broken since v1.11.0). [#2505]
  • [CRuby+OSX] Compiling from source on MacOS will use the clang option -Wno-unknown-warning-option to avoid errors when Ruby injects options that clang doesn't know about. [#2689]

Fixed

  • SAX::Parser's encoding attribute will not be clobbered when an alternative encoding is passed into SAX::Parser#parse_io. [#1942] (Thanks, @kp666!)
  • Serialized HTML4::DocumentFragment will now be properly encoded. Previously this empty string was encoded as US-ASCII. [#2649]
  • Node#wrap now uses the parent as the context node for parsing wrapper markup, falling back to the document for unparented nodes. Previously the document was always used.
  • [CRuby] UTF-16-encoded documents longer than ~4000 code points now serialize properly. Previously the serialized document was corrupted when it exceeded the length of libxml2's internal string buffer. [#752]
  • [CRuby] The HTML5 parser now correctly handles text at the end of form elements.
  • [CRuby] HTML5::Document#fragment now always uses body as the parsing context. Previously, fragments were parsed in the context of the associated document's root node, which allowed for inconsistent parsing. [#2553]
  • [CRuby] Nokogiri::HTML5::Document#url now correctly returns the URL passed to the constructor method. Previously it always returned nil. [#2583]
  • [CRuby] HTML5 encoding detection is now case-insensitive with respect to meta tag charset declaration. [#2693]
  • [CRuby] HTML5 fragment parsing in context of an annotation-xml node now works. Previously this rarely-used path invoked rb_funcall with incorrect parameters, resulting in an exception, a fatal error, or potentially a segfault. [#2692]
  • [CRuby] HTML5 quirks mode during fragment parsing more closely matches document parsing. [#2646]
  • [JRuby] Fixed a bug with adding the same namespace to multiple nodes via #add_namespace_definition. [#1247]
  • [JRuby] NodeSet#[] now raises a TypeError if passed an invalid parameter type. [#2211]

Deprecated

  • Nokogiri.install_default_aliases is deprecated in favor of Nokogiri::EncodingHandler.install_default_aliases. This is part of a private API and is probably not called by anybody, but we'll go through a deprecation cycle before removal anyway. [#2643, #2446]

Changed

  • [CRuby+OSX] Technical note: On MacOS Ruby 3.2, the symbols from libxml2 and libxslt are no longer exported. Ruby 3.2 adopted new features from the Darwin toolchain that make it challenging to continue to support this rarely-used binary API. A future minor release of Nokogiri may remove these symbols (and others) entirely. Feedback from downstream gem maintainers is welcome at #2746, where you'll also be able to read deeper context on this decision.

Thank you!

The following people and organizations were kind enough to sponsor @flavorjones or the Nokogiri project during the development of v1.14.0:

sha256 checksums:

c87564f5f8fbfb72fbcb7ed9781f6472ceabe2f288ede6b9c37071dc32320ba6  nokogiri-1.14.0-aarch64-linux.gem
33617e8a94993b8130a50bd59d6141a8d4d2aa4d4053f5c7874c71608e6e6dcc  nokogiri-1.14.0-arm-linux.gem
5c0cd4eeb8501526e7e2aaba93b60ebf3dda37bfda665691196d4e9bb87adb1a  nokogiri-1.14.0-arm64-darwin.gem
772936bf635b33b99bc89828de8e7077de47009638fe5ff11795f8b1d578465c  nokogiri-1.14.0-java.gem
ee11c092b2cf2b137e71f623746162c578b53483dccf4c6209c80f5ba47927fe  nokogiri-1.14.0-x64-mingw-ucrt.gem
9b91eede6155eb8891d7d95d8087d514f3007dd19813982104ed77452a2a7ace  nokogiri-1.14.0-x64-mingw32.gem
649019d961b0ea8aee1bc8aa2573ab8ffb77d3f5e9c333aa2462a79fc56745fc  nokogiri-1.14.0-x86-linux.gem
40985fc46315ea3d33ed900a649c0bb77484035ea882b7c9e55aef436b1958a8  nokogiri-1.14.0-x86-mingw32.gem
5d328c0d0c5f6f37a26c75b0282f9014c9686d4c10578ec8dfbbfcbea7da8b95  nokogiri-1.14.0-x86_64-darwin.gem
faa88b2bca46adaa3420c6e27eb8eb71f5b8d9f454ed7488a194a00c5ef52fbe  nokogiri-1.14.0-x86_64-linux.gem
55ca6e87ae85e944a5901dd5a6cacbb961eaaf8b8dd3901b57475665396914bb  nokogiri-1.14.0.gem

- C
Published by flavorjones about 3 years ago

https://github.com/sparklemotion/nokogiri - 1.14.0.rc1 / 2022-12-29

1.14.0.rc1 / 2022-12-29

This is a prerelease.

Notable changes:

  • Introduces native gem support for Ruby 3.2.
  • Ends support for Ruby 2.6 and JRuby 9.3
  • Official native gem support for aarch64-linux
  • Experimental native gem support for arm-linux
  • Pattern matching API

Please note that Ruby 3.2 changes how symbols are resolved on MacOS, so we're particularly interested in hearing feedback from MacOS users about the native (precompiled) gem packages for Ruby 3.2.

We're waiting for the following to do a final release:

  • a final release of rake-compiler-dock that supports Ruby 3.2
  • Windows CI environment that runs Ruby 3.2.0, and green tests
  • feedback to build confidence that our approach to Darwin symbol resolution in the precompiled extension works for everyone

sha256 checksums:

9cb5140f400c3599ba9da92a338d2384976179a05e15267d5bda27ce5ab5294a  nokogiri-1.14.0.rc1-aarch64-linux.gem
70946d652626925f0e7d8cb0f03e45b81423496e8f0db30dce7aecccc33336c6  nokogiri-1.14.0.rc1-arm-linux.gem
8562ed2a3765f2020e340d4cbde72c582843191b20114eb24bcc313307483873  nokogiri-1.14.0.rc1-arm64-darwin.gem
6359f13cccc526936913bac3515a3d3d7d1ffde5dffff4eadaaf3cad126fc753  nokogiri-1.14.0.rc1-java.gem
c83050f34b78690bd13398ad91cace3c32957614fd7b6e5ce7098386340cd23d  nokogiri-1.14.0.rc1-x64-mingw-ucrt.gem
4d2edec4b79735b648eca12c5d52b52d03f4ffd300ccacf8fda9169227eb6a4d  nokogiri-1.14.0.rc1-x64-mingw32.gem
55d334f128d86a20497a3fa4e24c67098199dc9428a44b77284cff6c95104c35  nokogiri-1.14.0.rc1-x86-linux.gem
79e1b2f25a26a9a4a87d3af64a47be27ee3cc4ec0d02eef681b64cd8b610e2a6  nokogiri-1.14.0.rc1-x86-mingw32.gem
c359c27e275da0f82d09c25f6efafd116546d2c7c43c91e9393567f00aa3064a  nokogiri-1.14.0.rc1-x86_64-darwin.gem
e15e2c0f844bd113e1b409dfb534b7e2c727b10812734064c05a732b6342f28c  nokogiri-1.14.0.rc1-x86_64-linux.gem
9d527b0b6eeb88f48bc90648df11824f247019e08b95f5a75b6ea02cefcf499a  nokogiri-1.14.0.rc1.gem

- C
Published by flavorjones about 3 years ago

https://github.com/sparklemotion/nokogiri - 1.13.10 / 2022-12-07

1.13.10 / 2022-12-07

Security

  • [CRuby] Address CVE-2022-23476, unchecked return value from xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information.

Improvements

  • [CRuby] XML::Reader#attribute_hash now returns nil on parse errors. This restores the behavior of #attributes from v1.13.7 and earlier. [#2715]

sha256 checksums:

777ce2e80f64772e91459b943e531dfef387e768f2255f9bc7a1655f254bbaa1  nokogiri-1.13.10-aarch64-linux.gem
b432ff47c51386e07f7e275374fe031c1349e37eaef2216759063bc5fa5624aa  nokogiri-1.13.10-arm64-darwin.gem
73ac581ddcb680a912e92da928ffdbac7b36afd3368418f2cee861b96e8c830b  nokogiri-1.13.10-java.gem
916aa17e624611dddbf2976ecce1b4a80633c6378f8465cff0efab022ebc2900  nokogiri-1.13.10-x64-mingw-ucrt.gem
0f85a1ad8c2b02c166a6637237133505b71a05f1bb41b91447005449769bced0  nokogiri-1.13.10-x64-mingw32.gem
91fa3a8724a1ce20fccbd718dafd9acbde099258183ac486992a61b00bb17020  nokogiri-1.13.10-x86-linux.gem
d6663f5900ccd8f72d43660d7f082565b7ffcaade0b9a59a74b3ef8791034168  nokogiri-1.13.10-x86-mingw32.gem
81755fc4b8130ef9678c76a2e5af3db7a0a6664b3cba7d9fe8ef75e7d979e91b  nokogiri-1.13.10-x86_64-darwin.gem
51d5246705dedad0a09b374d09cc193e7383a5dd32136a690a3cd56e95adf0a3  nokogiri-1.13.10-x86_64-linux.gem
d3ee00f26c151763da1691c7fc6871ddd03e532f74f85101f5acedc2d099e958  nokogiri-1.13.10.gem

- C
Published by flavorjones about 3 years ago

https://github.com/sparklemotion/nokogiri - 1.13.9 / 2022-10-18

1.13.9 / 2022-10-18

Security

Dependencies

  • [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
  • [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
  • [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

Fixed

  • [CRuby] Nokogiri::XML::Namespace objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)
  • [CRuby] Document#remove_namespaces! now defers freeing the underlying xmlNs struct until the Document is GCed. Previously, maintaining a reference to a Namespace object that was removed in this way could lead to a segfault. [#2658]

sha256 checksums:

9b69829561d30c4461ea803baeaf3460e8b145cff7a26ce397119577a4083a02  nokogiri-1.13.9-aarch64-linux.gem
e76ebb4b7b2e02c72b2d1541289f8b0679fb5984867cf199d89b8ef485764956  nokogiri-1.13.9-arm64-darwin.gem
15bae7d08bddeaa898d8e3f558723300137c26a2dc2632a1f89c8574c4467165  nokogiri-1.13.9-java.gem
f6a1dbc7229184357f3129503530af73cc59ceba4932c700a458a561edbe04b9  nokogiri-1.13.9-x64-mingw-ucrt.gem
36d935d799baa4dc488024f71881ff0bc8b172cecdfc54781169c40ec02cbdb3  nokogiri-1.13.9-x64-mingw32.gem
ebaf82aa9a11b8fafb67873d19ee48efb565040f04c898cdce8ca0cd53ff1a12  nokogiri-1.13.9-x86-linux.gem
11789a2a11b28bc028ee111f23311461104d8c4468d5b901ab7536b282504154  nokogiri-1.13.9-x86-mingw32.gem
01830e1646803ff91c0fe94bc768ff40082c6de8cfa563dafd01b3f7d5f9d795  nokogiri-1.13.9-x86_64-darwin.gem
8e93b8adec22958013799c8690d81c2cdf8a90b6f6e8150ab22e11895844d781  nokogiri-1.13.9-x86_64-linux.gem
96f37c1baf0234d3ae54c2c89aef7220d4a8a1b03d2675ff7723565b0a095531  nokogiri-1.13.9.gem

- C
Published by flavorjones over 3 years ago

https://github.com/sparklemotion/nokogiri - 1.13.8 / 2022-07-23

1.13.8 / 2022-07-23

Deprecated

  • XML::Reader#attribute_nodes is deprecated due to incompatibility between libxml2's xmlReader memory semantics and Ruby's garbage collector. Although this method continues to exist for backwards compatibility, it is unsafe to call and may segfault. This method will be removed in a future version of Nokogiri, and callers should use #attribute_hash instead. [#2598]

Improvements

  • XML::Reader#attribute_hash is a new method to safely retrieve the attributes of a node from XML::Reader. [#2598, #2599]

Fixed

  • [CRuby] Calling XML::Reader#attributes is now safe to call. In Nokogiri <= 1.13.7 this method may segfault. [#2598, #2599]

sha256 checksums:

d6b2c45a57738f12fe27783939fe1394e7049246288c7770d3b1fee7f49432a6  nokogiri-1.13.8-aarch64-linux.gem
00217e48a6995e81dd83014325c0ea0b015023a8922c7bdb2ef1416aa87c1f43  nokogiri-1.13.8-arm64-darwin.gem
9d04c616900e2b5118e501436ebb9bc48520d08f3695d012a314006e28082f72  nokogiri-1.13.8-java.gem
98f7dac7583f07a84ec3fcc01dc03a66fce10f412cd363fce7de749acdb2a42d  nokogiri-1.13.8-x64-mingw-ucrt.gem
117a71b37f2e1d774a9f031d393e72d5d04b92af8036e0c1a8dd509c247b2013  nokogiri-1.13.8-x64-mingw32.gem
6d04342456edfb8fbc041d0c2cf5a59baaa7aacdda414b2333100b02f85d441d  nokogiri-1.13.8-x86-linux.gem
0529d558b4280a55bc7af500d3d4d590b7c059c814a0cea52e4e18cb30c25d15  nokogiri-1.13.8-x86-mingw32.gem
8966d79e687b271df87a4b240456597c43cd98584e3f783fc35de4f066486421  nokogiri-1.13.8-x86_64-darwin.gem
344f1bc66feac787e5b2053c6e9095d1f33605083e58ddf2b8d4eef257bccc5f  nokogiri-1.13.8-x86_64-linux.gem
79c279298b2f22fd4e760f49990c7930436bac1b1cfeff7bacff192f30edea3c  nokogiri-1.13.8.gem

- C
Published by flavorjones over 3 years ago

https://github.com/sparklemotion/nokogiri - 1.13.7 / 2022-07-12

1.13.7 / 2022-07-12

Fixed

XML::Node objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2578] (Thanks, @eightbitraptor!)

sha256 checksums:

16facd06367325b75bba1575ee87ee4c695e017ab7d447106ed2c00d6211db43  nokogiri-1.13.7-aarch64-linux.gem
69a1705a1f2be838bd0a778c1ff04ea58f847a41c3b5159de012617abba53f86  nokogiri-1.13.7-arm64-darwin.gem
6f26c7ed388406541ddc10cf7ea670cebe8f08a37e69be60503687374f835e1a  nokogiri-1.13.7-java.gem
3952cb78db8d107942ec7f3096d417f4d5d77bf44ae812c488bc49269d1dde6a  nokogiri-1.13.7-x64-mingw-ucrt.gem
e836c387eae9c6c93d4870db0d50e4d9505edd28100eef80c38a70d4481c09ed  nokogiri-1.13.7-x64-mingw32.gem
194484866cd0d100ee6e207a69611a63ece9e0cf305e42d449f244526e102f63  nokogiri-1.13.7-x86-linux.gem
f75903e7a1fbb896b8bd6e4ed895a0fc1760e7334b9c7faf2593f491907a9e26  nokogiri-1.13.7-x86-mingw32.gem
d41b8c9f609b3eecb129da52b9605bc833e464b9b9132c29a0c2115e5ea0ab57  nokogiri-1.13.7-x86_64-darwin.gem
dcb36fd4e75782e7b1b3315f464a0942b230497cd21d296a24d90b0d3620a9d0  nokogiri-1.13.7-x86_64-linux.gem
6ca1d753334418e749beb9bb69515a906451c9abfb9a5b060a36650419b61052  nokogiri-1.13.7.gem

- C
Published by flavorjones over 3 years ago

https://github.com/sparklemotion/nokogiri - 1.13.6 / 2022-05-08

1.13.6 / 2022-05-08

Security

  • [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

Improvements

  • {HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise TypeError instead of segfaulting when an incorrect type is passed.

sha256:

58417c7c10f78cd1c0e1984f81538300d4ea98962cfd3f46f725efee48f9757a  nokogiri-1.13.6-aarch64-linux.gem
a2b04ec3b1b73ecc6fac619b41e9fdc70808b7a653b96ec97d04b7a23f158dbc  nokogiri-1.13.6-arm64-darwin.gem
4437f2d03bc7da8854f4aaae89e24a98cf5c8b0212ae2bc003af7e65c7ee8e27  nokogiri-1.13.6-java.gem
99d3e212bbd5e80aa602a1f52d583e4f6e917ec594e6aa580f6aacc253eff984  nokogiri-1.13.6-x64-mingw-ucrt.gem
a04f6154a75b6ed4fe2d0d0ff3ac02f094b54e150b50330448f834fa5726fbba  nokogiri-1.13.6-x64-mingw32.gem
a13f30c2863ef9e5e11240dd6d69ef114229d471018b44f2ff60bab28327de4d  nokogiri-1.13.6-x86-linux.gem
63a2ca2f7a4f6bd9126e1695037f66c8eb72ed1e1740ef162b4480c57cc17dc6  nokogiri-1.13.6-x86-mingw32.gem
2b266e0eb18030763277b30dc3d64337f440191e2bd157027441ac56a59d9dfe  nokogiri-1.13.6-x86_64-darwin.gem
3fa37b0c3b5744af45f9da3e4ae9cbd89480b35e12ae36b5e87a0452e0b38335  nokogiri-1.13.6-x86_64-linux.gem
b1512fdc0aba446e1ee30de3e0671518eb363e75fab53486e99e8891d44b8587  nokogiri-1.13.6.gem

- C
Published by flavorjones almost 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.5 / 2022-05-04

1.13.5 / 2022-05-04

Security

Dependencies

  • [CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

  • [CRuby] The libxml2 HTML4 parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare < characters.

Changed

  • [CRuby] The libxml2 HTML4 parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and incorrectly-opened comments will result in HTML text nodes starting with &lt;! instead of skipping the invalid tag. This behavior is a direct result of the quadratic-behavior fix noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in test/html4/test_comments.rb.

sha256sum:

aa1bfd0fd0b33110729d4a063b7b02de9419c559eb48a1f8940b74fc638d60ea  nokogiri-1.13.5-aarch64-linux.gem
d0b872786d6c2b44c10a389e585a77c07274a2b5e7211a470f76909c0711f218  nokogiri-1.13.5-arm64-darwin.gem
3f1434c198f0daf46d24c4696a53504beb69b8c15efe0548a7aa17a8378be21d  nokogiri-1.13.5-java.gem
0e60dc107c7e289dd3817acff14a12c9f4447a994a2411f772d6dd1220a35ae6  nokogiri-1.13.5-x64-mingw-ucrt.gem
c9897dd7236738d260b66ac99ea93950fd3a6375f11a9927bf345eec4ec1fde6  nokogiri-1.13.5-x64-mingw32.gem
a81586845f99a16a85586717b0051ce1508a68722a56486582ab09b3255d3b17  nokogiri-1.13.5-x86-linux.gem
e2abaef3af396adee3b0995693d5e690eb826782f7ecddf8b1b6a5a706075cff  nokogiri-1.13.5-x86-mingw32.gem
19360ba28f31562691926d1c542c783fc0ed5f2a145f1329206f8c09e46a85ea  nokogiri-1.13.5-x86_64-darwin.gem
a598598163233ee907472808c0bc7ae4354999e77409e1711b61406066a7afb4  nokogiri-1.13.5-x86_64-linux.gem
e15570ec6d46921a3de5f5b057b027cc0c4f32775353c00e8c8dfbe443741e78  nokogiri-1.13.5.gem

- C
Published by flavorjones almost 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.4 / 2022-04-11

1.13.4 / 2022-04-11

Security

Dependencies

  • [CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)
  • [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to 2.12.2.
  • [JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of 1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://github.com/sparklemotion/nekohtml

sha256sum:

095ff1995ed3dda3ea98a5f08bdc54bef02be1ce4e7c81034c4812e5e7c6e7e3  nokogiri-1.13.4-aarch64-linux.gem
7ebfc7415c819bcd4e849627e879cef2fb328bec90e802e50d74ccd13a60ec75  nokogiri-1.13.4-arm64-darwin.gem
41efd87c121991de26ef0393ac713d687e539813c3b79e454a2e3ffeecd107ea  nokogiri-1.13.4-java.gem
ab547504692ada0cec9d2e4e15afab659677c3f4c1ac3ea639bf5212b65246a1  nokogiri-1.13.4-x64-mingw-ucrt.gem
fa5c64cfdb71642ed647428e4d0d75ee0f4d189cfb63560c66fd8bdf99eb146b  nokogiri-1.13.4-x64-mingw32.gem
d6f07cbcbc28b75e8ac5d6e729ffba3602dffa0ad16ffac2322c9b4eb9b971fc  nokogiri-1.13.4-x86-linux.gem
0f7a4fd13e25abe3f98663fef0d115d58fdeff62cf23fef12d368e42adad2ce6  nokogiri-1.13.4-x86-mingw32.gem
3eef282f00ad360304fbcd5d72eb1710ff41138efda9513bb49eec832db5fa3e  nokogiri-1.13.4-x86_64-darwin.gem
3978610354ec67b59c128d23259c87b18374ee1f61cb9ed99de7143a88e70204  nokogiri-1.13.4-x86_64-linux.gem
0d46044eb39271e3360dae95ed6061ce17bc0028d475651dc48db393488c83bc  nokogiri-1.13.4.gem

- C
Published by flavorjones almost 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.3 / 2022-02-21

1.13.3 / 2022-02-21

Fixed

  • [CRuby] Revert a HTML4 parser bug in libxml 2.9.13 (introduced in Nokogiri v1.13.2). The bug causes libxml2's HTML4 parser to fail to recover when encountering a bare < character in some contexts. This version of Nokogiri restores the earlier behavior, which is to recover from the parse error and treat the < as normal character data (which will be serialized as &lt; in a text node). The bug (and the fix) is only relevant when the RECOVER parse option is set, as it is by default. [#2461]

SHA256 checksums:

025a4e333f6f903072a919f5f75b03a8f70e4969dab4280375b73f9d8ff8d2c0  nokogiri-1.13.3-aarch64-linux.gem
b9cb59c6a6da8cf4dbee5dbb569c7cc95a6741392e69053544e0f40b15ab9ad5  nokogiri-1.13.3-arm64-darwin.gem
e55d18cee64c19d51d35ad80634e465dbcdd46ac4233cb42c1e410307244ebae  nokogiri-1.13.3-java.gem
53e2d68116cd00a873406b8bdb90c78a6f10e00df7ddf917a639ac137719b67b  nokogiri-1.13.3-x64-mingw-ucrt.gem
b5f39ebb662a1be7d1c61f8f0a2a683f1bb11690a6f00a99a1aa23a071f80145  nokogiri-1.13.3-x64-mingw32.gem
7c0de5863aace4bbbc73c4766cf084d1f0b7a495591e46d1666200cede404432  nokogiri-1.13.3-x86-linux.gem
675cc3e7d7cca0d6790047a062cd3aa3eab59e3cb9b19374c34f98bade588c66  nokogiri-1.13.3-x86-mingw32.gem
f445596a5a76941a9d1980747535ab50d3399d1b46c32989bc26b7dd988ee498  nokogiri-1.13.3-x86_64-darwin.gem
3f6340661c2a283b337d227ea224f859623775b2f5c09a6bf197b786563958df  nokogiri-1.13.3-x86_64-linux.gem
bf1b1bceff910abb0b7ad825535951101a0361b859c2ad1be155c010081ecbdc  nokogiri-1.13.3.gem

- C
Published by flavorjones about 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.2 / 2022-02-21

1.13.2 / 2022-02-21

Security

  • [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308.
  • [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560.

Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs.

Dependencies

SHA256 checksums:

63469a9bb56a21c62fbaea58d15f54f8f167ff6fde51c5c2262072f939926fdd  nokogiri-1.13.2-aarch64-linux.gem
2986617f982f645c06f22515b721e6d2613dd69493e5c41ddd03c4830c3b3065  nokogiri-1.13.2-arm64-darwin.gem
aca1d66206740b29d0d586b1d049116adcb31e6cdd7c4dd3a96eb77da215a0c4  nokogiri-1.13.2-java.gem
b9e4eea1a200d9a927a5bc7d662c427e128779cba0098ea49ddbdb3ffc3ddaec  nokogiri-1.13.2-x64-mingw-ucrt.gem
48d5493fec495867c5516a908a068c1387a1d17c5aeca6a1c98c089d9d9fdcf8  nokogiri-1.13.2-x64-mingw32.gem
62034d7aaaa83fbfcb8876273cc5551489396841a66230d3200b67919ef76cf9  nokogiri-1.13.2-x86-linux.gem
e07237b82394017c2bfec73c637317ee7dbfb56e92546151666abec551e46d1d  nokogiri-1.13.2-x86-mingw32.gem
01937a6551d997aca32468da08ced0878ba4e1dfd0b51d953617185eefc57ffa  nokogiri-1.13.2-x86_64-darwin.gem
70112ae29939d4b5e1c8ba13e1f0d82ff43cd5564ce138f622fe6ebddc503654  nokogiri-1.13.2-x86_64-linux.gem
def6b330c53dcabe8b7d545cf9db4dfb45e9d39040b531eb81aee0c840fd66c2  nokogiri-1.13.2.gem

- C
Published by flavorjones about 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.1 / 2022-01-13

1.13.1 / 2022-01-13

Fixed

  • Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an exception when non-string stylesheet parameters were passed. Non-string parameters (e.g., integers and symbols) are now explicitly supported and both keys and values will be stringified with #to_s. [#2418]
  • Fix HTML5 CSS selector query regression in v1.13.0 that raised an Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into the CSS query. Although this mash-up of XPath and CSS syntax previously worked unintentionally, it is now an officially supported feature and is documented as such. [#2419]

SHA265 checksums

9206569b36f0066f943f174a832b50e69551c2a81333b7a62d4073e97ea4c3c6  nokogiri-1.13.1-aarch64-linux.gem
39d73197506acd3748c84600e000bb44ccd930695a9fc8b489b1b4df37dd14f0  nokogiri-1.13.1-arm64-darwin.gem
1aaa315876e2049b4418c60794f1f55bdb04cc9583b9b664dbb3c52696695207  nokogiri-1.13.1-java.gem
37d97e5fdaae4a14cc7122598616ac484d71c271004fb6cce6684c6734f41552  nokogiri-1.13.1-x64-mingw-ucrt.gem
683b030957c747d35499f8d766cad51a31ae9456098225af62fab7b27fe20129  nokogiri-1.13.1-x64-mingw32.gem
690958426e3151ba0c22e8d88637dba5e0c636107f3def2ffc10e334d451e61f  nokogiri-1.13.1-x86-linux.gem
30f94872729a1bbd41d6e2080bb0d48f4137a1323530263fd88299b41666ca06  nokogiri-1.13.1-x86-mingw32.gem
1fa3a5c9a460292ff03c7347185d2c394978c94fc96fd414bbfa8cef3eac7d72  nokogiri-1.13.1-x86_64-darwin.gem
843a379997c88a1b3d7524cd27b3ee652444f5371ff449af09929602fa26dfb5  nokogiri-1.13.1-x86_64-linux.gem
2138bb8e1bd5f11c2dc57a6a7ed93ddce35825dae7d25262658d89a222571fff  nokogiri-1.13.1.gem

- C
Published by flavorjones about 4 years ago

https://github.com/sparklemotion/nokogiri - 1.13.0 / 2022-01-06

1.13.0 / 2022-01-06

Notes

Ruby

This release introduces native gem support for Ruby 3.1. Please note that Windows users should use the x64-mingw-ucrt platform gem for Ruby 3.1, and x64-mingw32 for Ruby 2.6–3.0 (see RubyInstaller 3.1.0 release notes).

This release ends support for:

Faster, more reliable installation: Native Gem for ARM64 Linux

This version of Nokogiri ships experimental native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used the aarch64-linux native gem?

Publishing

This version of Nokogiri opts-in to the "MFA required to publish" setting on Rubygems.org. This and all future Nokogiri gem files must be published to Rubygems by an account with multi-factor authentication enabled. This should provide some additional protection against supply-chain attacks.

A related discussion about Trust exists at #2357 in which I invite you to participate if you have feelings or opinions on this topic.

Dependencies

  • [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (Note that libiconv is only redistributed in the native windows and native darwin gems, see LICENSE-DEPENDENCIES.md for more information.) [#2206]
  • [CRuby] Upgrade mini_portile2 dependency from ~> 2.6.1 to ~> 2.7.0. ("ruby" platform gem only.)

Improved

  • {XML,HTML4}::DocumentFragment constructors all now take an optional parse options parameter or block (similar to Document constructors). [#1692] (Thanks, @JackMc!)
  • Nokogiri::CSS.xpath_for allows an XPathVisitor to be injected, for finer-grained control over how CSS queries are translated into XPath.
  • [CRuby] XML::Reader#encoding will return the encoding detected by the parser when it's not passed to the constructor. [#980]
  • [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG. (Thanks to tehryanx for reporting!)
  • [CRuby] Node#line is no longer capped at 65535. libxml v2.9.0 and later support a new parse option, exposed as Nokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default in ParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA} (Note that JRuby already supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533]
  • [CRuby] If a cycle is introduced when reparenting a node (i.e., the node becomes its own ancestor), a RuntimeError is raised. libxml2 does no checking for this, which means cycles would otherwise result in infinite loops on subsequent operations. (Note that JRuby already did this.) [#1912]
  • [CRuby] Source builds will download zlib and libiconv via HTTPS. ("ruby" platform gem only.) [#2391] (Thanks, @jmartin-r7!)
  • [JRuby] Node#line behavior has been modified to return the line number of the node in the final DOM structure. This behavior is different from CRuby, which returns the node's position in the input string. Ideally the two implementations would be the same, but at least is now officially documented and tested. The real-world impact of this change is that the value returned in JRuby is greater by 1 to account for the XML prolog in the output. [#2380] (Thanks, @dabdine!)

Fixed

  • CSS queries on HTML5 documents now correctly match foreign elements (SVG, MathML) when namespaces are not specified in the query. [#2376]
  • XML::Builder blocks restore context properly when exceptions are raised. [#2372] (Thanks, @ric2b and @rinthedev!)
  • The Nokogiri::CSS::Parser cache now uses the XPathVisitor configuration as part of the cache key, preventing incorrect cache results from being returned when multiple XPathVisitor options are being used.
  • Error recovery from in-context parsing (e.g., Node#parse) now always uses the correct DocumentFragment class. Previously Nokogiri::HTML4::DocumentFragment was always used, even for XML documents. [#1158]
  • DocumentFragment#> now works properly, matching a CSS selector against only the fragment roots. [#1857]
  • XML::DocumentFragment#errors now correctly contains any parsing errors encountered. Previously this was always empty. (Note that HTML::DocumentFragment#errors already did this.)
  • [CRuby] Fix memory leak in Document#canonicalize when inclusive namespaces are passed in. [#2345]
  • [CRuby] Fix memory leak in Document#canonicalize when an argument type error is raised. [#2345]
  • [CRuby] Fix memory leak in EncodingHandler where iconv handlers were not being cleaned up. [#2345]
  • [CRuby] Fix memory leak in XPath custom handlers where string arguments were not being cleaned up. [#2345]
  • [CRuby] Fix memory leak in Reader#base_uri where the string returned by libxml2 was not freed. [#2347]
  • [JRuby] Deleting a Namespace from a NodeSet no longer modifies the href to be the default namespace URL.
  • [JRuby] Fix XHTML formatting of closing tags for non-container elements. [#2355]

Deprecated

  • Passing a Nokogiri::XML::Node as the second parameter to Node.new is deprecated and will generate a warning. This parameter should be a kind of Nokogiri::XML::Document. This will become an error in a future version of Nokogiri. [#975]
  • Nokogiri::CSS::Parser, Nokogiri::CSS::Tokenizer, and Nokogiri::CSS::Node are now internal-only APIs that are no longer documented, and should not be considered stable. With the introduction of XPathVisitor injection into Nokogiri::CSS.xpath_for there should be no reason to rely on these internal APIs.
  • CSS-to-XPath utility classes Nokogiri::CSS::XPathVisitorAlwaysUseBuiltins and XPathVisitorOptimallyUseBuiltins are deprecated. Prefer Nokogiri::CSS::XPathVisitor with appropriate constructor arguments. These classes will be removed in a future version of Nokogiri.

SHA256 checksums:

d147a8feff7faa67de26b152a303a0bbad8ea77ab75e64f4ccf3614b12641dbc  nokogiri-1.13.0-aarch64-linux.gem
4455dcfedeee00e1b02ddc1df5cf1fc60b72b5bae9ca53d234c85d48b169894e  nokogiri-1.13.0-arm64-darwin.gem
1a0283e525c74b97cf84d60a842e978d98a00789115e4d528d7784551909ff70  nokogiri-1.13.0-java.gem
c575d5b22132c78b95279cff259aa21fbb2f185fc7e6967c886138ba2d7286c4  nokogiri-1.13.0-x64-mingw-ucrt.gem
0607ce088cac95e7bde9d05ad9c5e8b7c342628228bca8302b966c456e9f6160  nokogiri-1.13.0-x64-mingw32.gem
d313b61192a23793af5b5ca469ec80561933cf4fa958a0106df9dcf031e76077  nokogiri-1.13.0-x86-linux.gem
dc5f9ee89b297d4f7c1e53de295243b9e6d175d5042960ea5d001eb1b1df1fd7  nokogiri-1.13.0-x86-mingw32.gem
039372ceb6e5903f70cc5a960a7d141455b2480e0d268234f14bde69347c571c  nokogiri-1.13.0-x86_64-darwin.gem
03b95ba61c3b7f85d79f99f30e1dd907548dd980e502cdc5eeccfa5db9aafb3b  nokogiri-1.13.0-x86_64-linux.gem
8dbd691d438dc12dadc3d8b5b7ed0a6e64d84a2d65b392b52dce868fda107db3  nokogiri-1.13.0.gem

- C
Published by flavorjones about 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.5 / 2021-09-27

1.12.5 / 2021-09-27

Security

[JRuby] Address CVE-2021-41098 (GHSA-2rr5-8q37-2w7h).

In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parsers resolve external entities (XXE) by default. This fix turns off entity-resolution-by-default in the JRuby SAX parsers to match the CRuby SAX parsers' behavior.

CRuby users are not affected by this CVE.

Fixed

  • [CRuby] Document#to_xhtml properly serializes self-closing tags in libxml > 2.9.10. A behavior change introduced in libxml 2.9.11 resulted in emitting start and and tags (e.g., <br></br>) instead of a self-closing tag (e.g., <br/>) in previous Nokogiri versions. [#2324]

SHA256 checksums:

36bfa3a07aced069b3f3c9b39d9fb62cb0728d284d02b079404cd55780beaeff  nokogiri-1.12.5-arm64-darwin.gem
16b1a9ddbb70a9c998462912a5972097cbc79c3e01eb373906886ef8a469f589  nokogiri-1.12.5-java.gem
218dcc6edd1b49cc6244b5f88afb978739bb2f3f166c271557fe5f51e4bc713c  nokogiri-1.12.5-x64-mingw32.gem
e33bb919d64c16d931a5f26dc880969e587d225cfa97e6b56e790fb52179f527  nokogiri-1.12.5-x86-linux.gem
e13c2ed011b8346fbd589e96fe3542d763158bc2c7ad0f4f55f6d801afd1d9ff  nokogiri-1.12.5-x86-mingw32.gem
1ed64f7db7c1414b87fce28029f2a10128611d2037e0871ba298d00f9a00edd6  nokogiri-1.12.5-x86_64-darwin.gem
0868c8d0a147904d4dedaaa05af5f06656f2d3c67e4432601718559bf69d6cea  nokogiri-1.12.5-x86_64-linux.gem
2b20905942acc580697c8c496d0d1672ab617facb9d30d156b3c7676e67902ec  nokogiri-1.12.5.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.4 / 2021-08-29

1.12.4 / 2021-08-29

Notable fix: Namespace inheritance

Namespace behavior when reparenting nodes has historically been poorly specified and the behavior diverged between CRuby and JRuby. As a result, making this behavior consistent in v1.12.0 introduced a breaking change.

This patch release reverts the Builder behavior present in v1.12.0..v1.12.3 but keeps the Document behavior. This release also introduces a Document attribute to allow affected users to easily change this behavior for their legacy code without invasive changes.

Compensating Feature in XML::Document

This release of Nokogiri introduces a new Document boolean attribute, namespace_inheritance, which controls whether children should inherit a namespace when they are reparented. Nokogiri::XML:Document defaults this attribute to false meaning "do not inherit," thereby making explicit the behavior change introduced in v1.12.0.

CRuby users who desire the pre-v1.12.0 behavior may set document.namespace_inheritance = true before reparenting nodes.

See https://nokogiri.org/rdoc/Nokogiri/XML/Document.html#namespace_inheritance-instance_method for example usage.

Fix for XML::Builder

However, recognizing that we want Builder-created children to inherit namespaces, Builder now will set namespace_inheritance=true on the underlying document for both JRuby and CRuby. This means that, on CRuby, the pre-v1.12.0 behavior is restored.

Users who want to turn this behavior off may pass a keyword argument to the Builder constructor like so:

Nokogiri::XML::Builder.new(namespace_inheritance: false)

See https://nokogiri.org/rdoc/Nokogiri/XML/Builder.html#label-Namespace+inheritance for example usage.

Downstream gem maintainers

Note that any downstream gems may want to specifically omit Nokogiri v1.12.0--v1.12.3 from their dependency specification if they rely on child namespace inheritance:

Gem::Specification.new do |gem|
  # ...
  gem.add_runtime_dependency 'nokogiri', '!=1.12.3', '!=1.12.2', '!=1.12.1', '!=1.12.0'
  # ...
end

Fixed

  • [JRuby] Fix NPE in Schema parsing when an imported resource doesn't have a systemId. [#2296] (Thanks, @pepijnve!)

SHA256 checksums:

892808245fad3dea1bd4405461ba45d8f2261a6e23af91b8fc4b136e37cd3475  nokogiri-1.12.4-arm64-darwin.gem
1179f2c8fc13f4cb349b4e9219fbe7c1e7b885e24aceb2c8a0e06d1c3fe3ec2a  nokogiri-1.12.4-java.gem
44e728900a919ca9d8c6a3f545c2ff4903f4f45c47255904548386ad9f9869d6  nokogiri-1.12.4-x64-mingw32.gem
1116dac823e27f5255024c3154f0db3d2c9008cfdcaf11bbd66bde7770dca12d  nokogiri-1.12.4-x86-linux.gem
129b372c37dc817b588c623e6899ad32fe166498320789611ae3de0c361166ed  nokogiri-1.12.4-x86-mingw32.gem
f6f606dbdedd94e85e2fdc5e5829833441962115c3b62a2eab0a51f8ba938c3a  nokogiri-1.12.4-x86_64-darwin.gem
d706df7ed9382c749382e5b3bd9bfa4986935c0c5e36856d75fd9008d80f4da0  nokogiri-1.12.4-x86_64-linux.gem
7fec161ee1c7b2329e05fed019bfc7b1f910a39e6b30ae95825e75dda2094de9  nokogiri-1.12.4.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.3 / 2021-08-06

1.12.3 / 2021-08-06

Fixed

  • [CRuby] Fix compilation of libgumbo on older systems with versions of GCC that give errors on C99-isms. Affected systems include RHEL6, RHEL7, and SLES12. [#2302]

Checksums:

454eb62fc97285c485279509b04a3dcdcd329d2d0d8040dd6361c331550f3f59  nokogiri-1.12.3-arm64-darwin.gem
f9c83416f486ab3ea1a1cf58a3337dd3b95c4059350773a95ed2219415aaba8e  nokogiri-1.12.3-java.gem
a4a21f5e58f1485d3807802aac316c14b017d596f48fe088fd963863b078d34a  nokogiri-1.12.3-x64-mingw32.gem
9da1fb5436217d94d789ba8936bbb4fa36c8367d0eff43f1c4bbd150a1fe8170  nokogiri-1.12.3-x86-linux.gem
102e169468cf70b7d7f8719648f9f69f2ef4dfb9e7a59a1392b3c1fcb74e2e88  nokogiri-1.12.3-x86-mingw32.gem
4ae5202f5b184e5264d282502998846844352c135633c8fd1165ebd4ca2bdef9  nokogiri-1.12.3-x86_64-darwin.gem
eac6482a21c3cf63fea82a7d48131d701bd305dec01f38374a9c976f772f3b60  nokogiri-1.12.3-x86_64-linux.gem
d1975e30090ae723e05a6c9bd95fb795527e1a14d53a614735e2c3d8eef1e1e0  nokogiri-1.12.3.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.2 / 2021-08-04

1.12.2 / 2021-08-04

Fixed

  • Ensure that C extension files in non-native gem installations are loaded using require and rely on $LOAD_PATH instead of using require_relative. This issue only exists when deleting shared libraries that exist outside the extensions directory, something users occasionally do to conserve disk space. [#2300]

Checksums:

2ef276b482b56cfa488dd24c261c0bf42a47770bd0c15993f5c0d8b61879c114  nokogiri-1.12.2-arm64-darwin.gem
b483fb44ca38ba5890d53a16ab06e56cb23e6facc861ad1260c7bdf45d8227a2  nokogiri-1.12.2-java.gem
254e63ce59f95a4c30721d9ec85f8eb5e5e4f61e8da35015e41b85a262c014ea  nokogiri-1.12.2-x64-mingw32.gem
f66fbeca97668d3b6563d9311fe59b3dda5f7177405ec7a4d9dceca9d8d23b23  nokogiri-1.12.2-x86-linux.gem
0ece40121d72ab9704e429e06aa2011c7c59112886e000e3dac4ded3f3aeb3d6  nokogiri-1.12.2-x86-mingw32.gem
b9e33ebbb6c5b7575cfcb69bb52f776541642bbed08c88a36c1a33718458a8b9  nokogiri-1.12.2-x86_64-darwin.gem
bd8e7eb8345ef0679f2db3afa2bc13d7338b786c51aaa05ac6e22c1c8da3f3b3  nokogiri-1.12.2-x86_64-linux.gem
94a219a8078bf55f10834445be61b3ad9aa1e1047ec1bed048a86e3ab3245bc5  nokogiri-1.12.2.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.1 / 2021-08-03

1.12.1 / 2021-08-03

Fixed

  • Fix compilation of libgumbo on BSD systems by avoiding GNU-isms. [#2298]

Checksums:

194092568135d7897d8df0472c27c82b395a6c09054b8f4e8929805faf9eb877  nokogiri-1.12.1-arm64-darwin.gem
e9e16b36f6528af16c62bcfaeae517badb1ec07f5e856b5c151a913d3b0e6368  nokogiri-1.12.1-java.gem
ee1c497c759fdbbe482ab8a0c497b75d44efce5d2ae20fdb93b8c225508dc75a  nokogiri-1.12.1-x64-mingw32.gem
30c7dff0c9a56a2f03e4e4aa029e14f15282af37d469a0b159446de4c500b28b  nokogiri-1.12.1-x86-linux.gem
fcbdfc03405624ec0a186fa1bb41111a27264f4e7a7398c64c0d4e1e83769739  nokogiri-1.12.1-x86-mingw32.gem
ee4c88c46b8797bc6dbeee233ef0862a34d8a1a799e9fdcdfb0dfd8a42bb629b  nokogiri-1.12.1-x86_64-darwin.gem
f861b04e3268bda45036907f56ceede16b9fe1969099cb8888d378f71706fc63  nokogiri-1.12.1-x86_64-linux.gem
66dc1f0aa02fc62efb166465dfcc520785068cce4a9a3d2822cdea1f1ce66775  nokogiri-1.12.1.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.0 / 2021-08-02

1.12.0 / 2021-08-02

Notable Addition: HTML5 Support (CRuby only)

HTML5 support has been added (to CRuby only) by merging Nokogumbo into Nokogiri. The Nokogumbo public API has been preserved, so this functionality is available under the Nokogiri::HTML5 namespace. [#2204]

Please note that HTML5 support is not available for JRuby in this version. However, we feel it is important to think about JRuby and we hope to work on this in the future. If you're interested in helping with HTML5 support on JRuby, please reach out to the maintainers by commenting on issue #2227.

Many thanks to Sam Ruby, Steve Checkoway, and Craig Barnes for creating and maintaining Nokogumbo and supporting the Gumbo HTML5 parser. They're now Nokogiri core contributors with all the powers and privileges pertaining thereto. 🙌

Notable Change: Nokogiri::HTML4 module and namespace

Nokogiri::HTML has been renamed to Nokogiri::HTML4, and Nokogiri::HTML is aliased to preserve backwards-compatibility. Nokogiri::HTML and Nokogiri::HTML4 parse methods still use libxml2's (or NekoHTML's) HTML4 parser in the v1.12 release series.

Take special note that if you rely on the class name of an object in your code, objects will now report a class of Nokogiri::HTML4::Foo where they previously reported Nokogiri::HTML::Foo. Instead of relying on the string returned by Object#class, prefer Class#=== or Object#is_a? or Object#instance_of?.

Future releases of Nokogiri may deprecate HTML methods or otherwise change this behavior, so please start using HTML4 in place of HTML.

Added

  • [CRuby] Nokogiri::VERSION_INFO["libxslt"]["datetime_enabled"] is a new boolean value which describes whether libxslt (or, more properly, libexslt) has compiled-in datetime support. This generally going to be true, but some distros ship without this support (e.g., some mingw UCRT-based packages, see https://github.com/msys2/MINGW-packages/pull/8957). See #2272 for more details.

Changed

  • Introduce a new constant, Nokogiri::XML::ParseOptions::DEFAULT_XSLT, which adds the libxslt-preferred options of NOENT | DTDLOAD | DTDATTR | NOCDATA to ParseOptions::DEFAULT_XML.
  • Nokogiri.XSLT parses stylesheets using ParseOptions::DEFAULT_XSLT, which should make some edge-case XSL transformations match libxslt's default behavior. [#1940]

Fixed

  • [CRuby] Namespaced attributes are handled properly when their parent node is reparented into another document. Previously, the namespace may have gotten dropped. [#2228]
  • [CRuby] Reparented nodes no longer inherit their parent's namespace. Previously, a node without a namespace was forced to adopt its parent's namespace. [#1712]

Improved

  • [CRuby] Speed up (slightly) the compile time of packaged libraries libiconv, libxml2, and libxslt by using autoconf's --disable-dependency-tracking option. ("ruby" platform gem only.)

Deprecated

  • Deprecating Nokogumbo's Nokogiri::HTML5.get. This method will be removed in a future version of Nokogiri.

Dependencies

  • [CRuby] Upgrade mini_portile2 dependency from ~> 2.5.0 to ~> 2.6.1. ("ruby" platform gem only.)

Checksums:

b0b5650ba7903c317e0ebd4ca67ed10617735719cf3595ad98dd21974404e5d2  nokogiri-1.12.0.gem
60360d9994bb2e8852deb39f8833ba81a819df921c4192d857323c181645d95e  nokogiri-1.12.0-java.gem
c439f29de83294e61eca919edfea9d6176f23fa51b23d8a3d7261de6268e5847  nokogiri-1.12.0-x64-mingw32.gem
89d43ad2ea4f492ebc4c380288077186f0242ccfd65afe14fa0b45529d1f4b5e  nokogiri-1.12.0-x86-mingw32.gem
20fc8eba21f6e6b82720c05d694d2879ebdf6756351d5d2fb236e93febd346d0  nokogiri-1.12.0-x86-linux.gem
a21c803d17f89cceda599af1adc139ae17454539276e3f9dbdafea34081b1983  nokogiri-1.12.0-x86_64-linux.gem
f6b01a013829a499a0bf72a7d5109d117b9d4333823295dcd34eb002be0f0054  nokogiri-1.12.0-arm64-darwin.gem
97b4260b3912dcfad8427b5ea15ba094790dec1f4725ee074cfc5e9b45906352  nokogiri-1.12.0-x86_64-darwin.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.12.0.rc1 / 2021-07-09

1.12.0.rc1 / 2021-07-09

Notable Addition: HTML5 Support (CRuby only)

HTML5 support has been added (to CRuby only) by merging Nokogumbo into Nokogiri. The Nokogumbo public API has been preserved, so this functionality is available under the Nokogiri::HTML5 namespace. [#2204]

Please note that HTML5 support is not available for JRuby in this version. However, we feel it is important to think about JRuby and we hope to work on this in the future. If you're interested in helping with HTML5 support on JRuby, please reach out to the maintainers by commenting on issue #2227.

Many thanks to Sam Ruby, Steve Checkoway, and Craig Barnes for creating and maintaining Nokogumbo and supporting the Gumbo HTML5 parser. They're now Nokogiri core contributors with all the powers and privileges pertaining thereto. 🙌

Notable Change: Nokogiri::HTML4 module and namespace

Nokogiri::HTML has been renamed to Nokogiri::HTML4, and Nokogiri::HTML is aliased to preserve backwards-compatibility. Nokogiri::HTML and Nokogiri::HTML4 parse methods still use libxml2's (or NekoHTML's) HTML4 parser in the v1.12 release series.

Take special note that if you rely on the class name of an object in your code, objects will now report a class of Nokogiri::HTML4::Foo where they previously reported Nokogiri::HTML::Foo. Instead of relying on the string returned by Object#class, prefer Class#=== or Object#is_a? or Object#instance_of?.

Future releases of Nokogiri may deprecate HTML methods or otherwise change this behavior, so please start using HTML4 in place of HTML.

Added

  • [CRuby] Nokogiri::VERSION_INFO["libxslt"]["datetime_enabled"] is a new boolean value which describes whether libxslt (or, more properly, libexslt) has compiled-in datetime support. This generally going to be true, but some distros ship without this support (e.g., some mingw UCRT-based packages, see https://github.com/msys2/MINGW-packages/pull/8957). See #2272 for more details.

Changed

  • Introduce a new constant, Nokogiri::XML::ParseOptions::DEFAULT_XSLT, which adds the libxslt-preferred options of NOENT | DTDLOAD | DTDATTR | NOCDATA to ParseOptions::DEFAULT_XML.
  • Nokogiri.XSLT parses stylesheets using ParseOptions::DEFAULT_XSLT, which should make some edge-case XSL transformations match libxslt's default behavior. [#1940]

Fixed

  • [CRuby] Namespaced attributes are handled properly when their parent node is reparented into another document. Previously, the namespace may have gotten dropped. [#2228]
  • [CRuby] Reparented nodes no longer inherit their parent's namespace. Previously, a node without a namespace was forced to adopt its parent's namespace. [#1712]

Improved

  • [CRuby] Speed up (slightly) the compile time of packaged libraries libiconv, libxml2, and libxslt by using autoconf's --disable-dependency-tracking option. ("ruby" platform gem only.)

Deprecated

  • Deprecating Nokogumbo's Nokogiri::HTML5.get. This method will be removed in a future version of Nokogiri.

Dependencies

  • [CRuby] Upgrade mini_portile2 dependency from ~> 2.5.0 to ~> 2.6.1. ("ruby" platform gem only.)

Checksums:

cb38e1023d5e1b6a33a1b5c7659b68ce7c88449eb69430db128d4d53731b1638  gems/nokogiri-1.12.0.rc1.gem
b5e8e912013cc73e78a1817c5b131cdbc3e224dd4c3158063b562f0a89cb9adb  gems/nokogiri-1.12.0.rc1-java.gem
598b9ed6b98fea43dfc74dbd0cbe24994a26fb1e3dff1a727ba79392495d40d5  gems/nokogiri-1.12.0.rc1-x64-mingw32.gem
7a11a5d911d98a8ddc6a88e712aae82a953fe291f9bb150d4cfe34539489792a  gems/nokogiri-1.12.0.rc1-x86-mingw32.gem
41ace0fcff1901a8d6661cac815fa573d934d9e8280e21e2ec16dd1bd3a6ff7a  gems/nokogiri-1.12.0.rc1-x86-linux.gem
5843752b3d989954ace6fee40ba0634c615b8c579f885c70ff067a8fcc62fa69  gems/nokogiri-1.12.0.rc1-x86_64-linux.gem
8e0ecef0dd76a640f4e1ba4dd9b5df8c5ee352ec944ad7f6beedb89c0b49bfcb  gems/nokogiri-1.12.0.rc1-arm64-darwin.gem
ae56204ca3d8154c46c9fc55f526ff8a71b9a3f4bc879dca26674f4714d7dff6  gems/nokogiri-1.12.0.rc1-x86_64-darwin.gem

- C
Published by flavorjones over 4 years ago

https://github.com/sparklemotion/nokogiri - 1.11.7 / 2021-06-02

1.11.7 / 2021-06-02

  • [CRuby] Backporting an upstream fix to XPath recursion depth limits which impacted some users of complex XPath queries. This issue is present in libxml 2.9.11 and 2.9.12. [#2257]

Checksums

SHA256:

4976a9c9e796527d51dc6c311b9bd93a0233f6a7962a0f569aa5c782461836ef  nokogiri-1.11.7.gem
9d69f57f6c024d86e358a8aef7a273f574721e48a6b2e1426cca007827325413  nokogiri-1.11.7-java.gem
6017dee25feb80292b04554cc1bf8a0a2ede3b6c3daeac811902157bbc6a3bdc  nokogiri-1.11.7-x64-mingw32.gem
38892350c1e695eab9bd77483300d681c32a22714d0e2d04d10a4c343b424bdd  nokogiri-1.11.7-x86-mingw32.gem
1d15603cd878fa2b710a3ba3028a99d9dd0c14b75711faebf9fb6ff40bac3880  nokogiri-1.11.7-x86-linux.gem
7ad9741e7a2fee1ffb4a4b2e20b00e87992c9efd969f557ca3b83fb2653b9bfc  nokogiri-1.11.7-x86_64-linux.gem
c93d66d9413ea7c37d30f95e2c54606fec638e556d454e08124d9a33b7fa82c8  nokogiri-1.11.7-arm64-darwin.gem
8761d9c7baacb26546869ed56dbc78d3eb3cabf49b85d91b1cd827cd6e94fb25  nokogiri-1.11.7-x86_64-darwin.gem

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - 1.11.6 / 2021-05-26

1.11.6 / 2021-05-26

Fixed

  • [CRuby] DocumentFragment#path now does proper error-checking to handle behavior introduced in libxml > 2.9.10. In v1.11.4 and v1.11.5, calling DocumentFragment#path could result in a segfault.

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - 1.11.5 / 2021-05-19

1.11.5 / 2021-05-19

Fixed

[Windows CRuby] Work around segfault at process exit on Windows when using libxml2 system DLLs.

libxml 2.9.12 introduced new behavior to avoid memory leaks when unloading libxml2 shared libraries (see libxml/!66). Early testing caught this segfault on non-Windows platforms (see #2059 and libxml@956534e) but it was incompletely fixed and is still an issue on Windows platforms that are using system DLLs.

We work around this by configuring libxml2 in this situation to use its default memory management functions. Note that if Nokogiri is not on Windows, or is not using shared system libraries, it will will continue to configure libxml2 to use Ruby's memory management functions. Nokogiri::VERSION_INFO["libxml"]["memory_management"] will allow you to verify when the default memory management functions are being used. [#2241]

Added

Nokogiri::VERSION_INFO["libxml"] now contains the key "memory_management" to declare whether libxml2 is using its default memory management functions, or whether it uses the memory management functions from ruby. See above for more details.

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - 1.11.4 / 2021-05-14

1.11.4 / 2021-05-14

Security

[CRuby] Vendored libxml2 upgraded to v2.9.12 which addresses:

Note that two additional CVEs were addressed upstream but are not relevant to this release. CVE-2021-3516 via xmllint is not present in Nokogiri, and CVE-2020-7595 has been patched in Nokogiri since v1.10.8 (see #1992).

Please see nokogiri/GHSA-7rrm-v45f-jp64 or #2233 for a more complete analysis of these CVEs and patches.

Dependencies

  • [CRuby] vendored libxml2 is updated from 2.9.10 to 2.9.12. (Note that 2.9.11 was skipped because it was superseded by 2.9.12 a few hours after its release.)

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - 1.11.3 / 2021-04-07

1.11.3 / 2021-04-07

Fixed

  • [CRuby] Passing non-Node objects to Document#root= now raises an ArgumentError exception. Previously this likely segfaulted. [#1900]
  • [JRuby] Passing non-Node objects to Document#root= now raises an ArgumentError exception. Previously this raised a TypeError exception.
  • [CRuby] arm64/aarch64 systems (like Apple's M1) can now compile libxml2 and libxslt from source (though we continue to strongly advise users to install the native gems for the best possible experience)

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - 1.11.2 / 2021-03-11

1.11.2 / 2021-03-11

Fixed

  • [CRuby] NodeSet may now safely contain Node objects from multiple documents. Previously the GC lifecycle of the parent Document objects could lead to nodes being GCed while still in scope. [#1952]
  • [CRuby] Patch libxml2 to avoid "huge input lookup" errors on large CDATA elements. (See upstream GNOME/libxml2#200 and GNOME/libxml2!100.) [#2132].
  • [CRuby+Windows] Enable Nokogumbo (and other downstream gems) to compile and link against nokogiri.so by including LDFLAGS in Nokogiri::VERSION_INFO. [#2167]
  • [CRuby] {XML,HTML}::Document.parse now invokes #initialize exactly once. Previously #initialize was invoked twice on each object.
  • [JRuby] {XML,HTML}::Document.parse now invokes #initialize exactly once. Previously #initialize was not called, which was a problem for subclassing such as done by Loofah.

Improved

  • Reduce the number of object allocations needed when parsing an HTML::DocumentFragment. [#2087] (Thanks, @ashmaroli!)
  • [JRuby] Update the algorithm used to calculate Node#line to be wrong less-often. The underlying parser, Xerces, does not track line numbers, and so we've always used a hacky solution for this method. [#1223, #2177]
  • Introduce --enable-system-libraries and --disable-system-libraries flags to extconf.rb. These flags provide the same functionality as --use-system-libraries and the NOKOGIRI_USE_SYSTEM_LIBRARIES environment variable, but are more idiomatic. [#2193] (Thanks, @eregon!)
  • [TruffleRuby] --disable-static is now the default on TruffleRuby when the packaged libraries are used. This is more flexible and compiles faster. (Note, though, that the default on TR is still to use system libraries.) [#2191, #2193] (Thanks, @eregon!)

Changed

  • Nokogiri::XML::Path is now a Module (previously it has been a Class). It has been acting solely as a Module since v1.0.0. See 8461c74.

- C
Published by flavorjones almost 5 years ago

https://github.com/sparklemotion/nokogiri - v1.11.1 / 2021-01-06

v1.11.1 / 2021-01-06

Fixed

  • [CRuby] If libxml-ruby is loaded before nokogiri, the SAX and Push parsers no longer call libxml-ruby's handlers. Instead, they defensively override the libxml2 global handler before parsing. [#2168]

SHA-256 Checksums of published gems

a41091292992cb99be1b53927e1de4abe5912742ded956b0ba3383ce4f29711c  nokogiri-1.11.1-arm64-darwin.gem
d44fccb8475394eb71f29dfa7bb3ac32ee50795972c4557ffe54122ce486479d  nokogiri-1.11.1-java.gem
f760285e3db732ee0d6e06370f89407f656d5181a55329271760e82658b4c3fc  nokogiri-1.11.1-x64-mingw32.gem
dd48343bc4628936d371ba7256c4f74513b6fa642e553ad7401ce0d9b8d26e1f  nokogiri-1.11.1-x86-linux.gem
7f49138821d714fe2c5d040dda4af24199ae207960bf6aad4a61483f896bb046  nokogiri-1.11.1-x86-mingw32.gem
5c26111f7f26831508cc5234e273afd93f43fbbfd0dcae5394490038b88d28e7  nokogiri-1.11.1-x86_64-darwin.gem
c3617c0680af1dd9fda5c0fd7d72a0da68b422c0c0b4cebcd7c45ff5082ea6d2  nokogiri-1.11.1-x86_64-linux.gem
42c2a54dd3ef03ef2543177bee3b5308313214e99f0d1aa85f984324329e5caa  nokogiri-1.11.1.gem

- C
Published by flavorjones about 5 years ago

https://github.com/sparklemotion/nokogiri - v1.11.0 / 2021-01-03

v1.11.0 / 2021-01-03

Notes

Faster, more reliable installation: Native Gems for Linux and OSX/Darwin

"Native gems" contain pre-compiled libraries for a specific machine architecture. On supported platforms, this removes the need for compiling the C extension and the packaged libraries. This results in much faster installation and more reliable installation, which as you probably know are the biggest headaches for Nokogiri users.

We've been shipping native Windows gems since 2009, but starting in v1.11.0 we are also shipping native gems for these platforms:

  • Linux: x86-linux and x86_64-linux -- including musl platforms like alpine
  • OSX/Darwin: x86_64-darwin and arm64-darwin

We'd appreciate your thoughts and feedback on this work at #2075.

Dependencies

Ruby

This release introduces support for Ruby 2.7 and 3.0 in the precompiled native gems.

This release ends support for:

Gems

  • Explicitly add racc as a runtime dependency. [#1988] (Thanks, @voxik!)
  • [MRI] Upgrade mini_portile2 dependency from ~> 2.4.0 to ~> 2.5.0 [#2005] (Thanks, @alejandroperea!)

Security

See note below about CVE-2020-26247 in the "Changed" subsection entitled "XML::Schema parsing treats input as untrusted by default".

Added

  • Add Node methods for manipulating "keyword attributes" (for example, class and rel): #kwattr_values, #kwattr_add, #kwattr_append, and #kwattr_remove. [#2000]
  • Add support for CSS queries a:has(> b), a:has(~ b), and a:has(+ b). [#688] (Thanks, @jonathanhefner!)
  • Add Node#value? to better match expected semantics of a Hash-like object. [#1838, #1840] (Thanks, @MatzFan!)
  • [CRuby] Add Nokogiri::XML::Node#line= for use by downstream libs like nokogumbo. [#1918] (Thanks, @stevecheckoway!)
  • nokogiri.gemspec is back after a 10-year hiatus. We still prefer you use the official releases, but master is pretty stable these days, and YOLO.

Performance

  • [CRuby] The CSS ~= operator and class selector . are about 2x faster. [#2137, #2135]
  • [CRuby] Patch libxml2 to call strlen from xmlStrlen rather than the naive implementation, because strlen is generally optimized for the architecture. [#2144] (Thanks, @ilyazub!)
  • Improve performance of some namespace operations. [#1916] (Thanks, @ashmaroli!)
  • Remove unnecessary array allocations from Node serialization methods [#1911] (Thanks, @ashmaroli!)
  • Avoid creation of unnecessary zero-length String objects. [#1970] (Thanks, @ashmaroli!)
  • Always compile libxml2 and libxslt with '-O2' [#2022, #2100] (Thanks, @ilyazub!)
  • [JRuby] Lots of code cleanup and performance improvements. [#1934] (Thanks, @kares!)
  • [CRuby] RelaxNG.from_document no longer leaks memory. [#2114]

Improved

  • [CRuby] Handle incorrectly-closed HTML comments as WHATWG recommends for browsers. [#2058] (Thanks to HackerOne user mayflower for reporting this!)
  • {HTML,XML}::Document#parse now accept Pathname objects. Previously this worked only if the referenced file was less than 4096 bytes long; longer files resulted in undefined behavior because the read method would be repeatedly invoked. [#1821, #2110] (Thanks, @doriantaylor and @phokz!)
  • [CRuby] Nokogumbo builds faster because it can now use header files provided by Nokogiri. [#1788] (Thanks, @stevecheckoway!)
  • Add frozen_string_literal: true magic comment to all lib files. [#1745] (Thanks, @oniofchaos!)
  • [JRuby] Clean up deprecated calls into JRuby. [#2027] (Thanks, @headius!)

Fixed

  • HTML Parsing in "strict" mode (i.e., the RECOVER parse option not set) now correctly raises a XML::SyntaxError exception. Previously the value of the RECOVER bit was being ignored by CRuby and was misinterpreted by JRuby. [#2130]
  • The CSS ~= operator now correctly handles non-space whitespace in the class attribute. commit e45dedd
  • The switch to turn off the CSS-to-XPath cache is now thread-local, rather than being shared mutable state. [#1935]
  • The Node methods add_previous_sibling, previous=, before, add_next_sibling, next=, after, replace, and swap now correctly use their parent as the context node for parsing markup. These methods now also raise a RuntimeError if they are called on a node with no parent. [nokogumbo#160]
  • [JRuby] XML::Schema XSD validation errors are captured in XML::Schema#errors. These errors were previously ignored.
  • [JRuby] Standardize reading from IO like objects, including StringIO. [#1888, #1897]
  • [JRuby] Fix how custom XPath function namespaces are inferred to be less naive. [#1890, #2148]
  • [JRuby] Clarify exception message when custom XPath functions can't be resolved.
  • [JRuby] Comparison of Node to Document with Node#<=> now matches CRuby/libxml2 behavior.
  • [CRuby] Syntax errors are now correctly captured in Document#errors for short HTML documents. Previously the SAX parser used for encoding detection was clobbering libxml2's global error handler.
  • [CRuby] Fixed installation on AIX with respect to vasprintf. [#1908]
  • [CRuby] On some platforms, avoid symbol name collision with glibc's canonicalize. [#2105]
  • [Windows Visual C++] Fixed compiler warnings and errors. [#2061, #2068]
  • [CRuby] Fixed Nokogumbo integration which broke in the v1.11.0 release candidates. [#1788] (Thanks, @stevecheckoway!)
  • [JRuby] Fixed document encoding regression in v1.11.0 release candidates. [#2080, #2083] (Thanks, @thbar!)

Removed

  • The internal method Nokogiri::CSS::Parser.cache_on= has been removed. Use .set_cache if you need to muck with the cache internals.
  • The class method Nokogiri::CSS::Parser.parse has been removed. This was originally deprecated in 2009 in 13db61b. Use Nokogiri::CSS.parse instead.

Changed

XML::Schema input is now "untrusted" by default

Address CVE-2020-26247.

In Nokogiri versions <= 1.11.0.rc3, XML Schemas parsed by Nokogiri::XML::Schema were trusted by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks.

This behavior is counter to the security policy intended by Nokogiri maintainers, which is to treat all input as untrusted by default whenever possible.

Please note that this security fix was pushed into a new minor version, 1.11.x, rather than a patch release to the 1.10.x branch, because it is a breaking change for some schemas and the risk was assessed to be "Low Severity".

More information and instructions for enabling "trusted input" behavior in v1.11.0.rc4 and later is available at the public advisory.

HTML parser now obeys the strict or norecover parsing option

(Also noted above in the "Fixed" section) HTML Parsing in "strict" mode (i.e., the RECOVER parse option not set) now correctly raises a XML::SyntaxError exception. Previously the value of the RECOVER bit was being ignored by CRuby and was misinterpreted by JRuby.

If you're using the default parser options, you will be unaffected by this fix. If you're passing strict or norecover to your HTML parser call, you may be surprised to see that the parser now fails to recover and raises a XML::SyntaxError exception. Given the number of HTML documents on the internet that libxml2 would consider to be ill-formed, this is probably not what you want, and you can omit setting that parse option to restore the behavior that you have been relying upon.

Apologies to anyone inconvenienced by this breaking bugfix being present in a minor release, but I felt it was appropriate to introduce this fix because it's straightforward to fix any code that has been relying on this buggy behavior.

VersionInfo, the output of nokogiri -v, and related constants

This release changes the metadata provided in Nokogiri::VersionInfo which also affects the output of nokogiri -v. Some related constants have also been changed. If you're using VersionInfo programmatically, or relying on constants related to underlying library versions, please read the detailed changes for Nokogiri::VersionInfo at #2139 and accept our apologies for the inconvenience.

SHA-256 Checksums of published gems

17ed2567bf76319075b4a6a7258d1a4c9e2661fca933b03e037d79ae2b9910d0  nokogiri-1.11.0.gem
2f0149c735b0672c49171b18467ce25fd323a8e608c9e6b76e2b2fa28e7f66ee  nokogiri-1.11.0-java.gem
2f249be8cc705f9e899c07225fcbe18f4f7dea220a59eb5fa82461979991082e  nokogiri-1.11.0-x64-mingw32.gem
9e219401dc3f93abf09166d12ed99c8310fcaf8c56a99d64ff93d8b5f0604e91  nokogiri-1.11.0-x86-mingw32.gem
bda2a9c9debf51da7011830c7f2dc5771c122ebcf0fc2dd2c4ba4fc95b5c38f2  nokogiri-1.11.0-x86-linux.gem
d500c3202e2514b32f4b02049d9193aa825ae3e9442c9cad2d235446c3e17d8d  nokogiri-1.11.0-x86_64-linux.gem
3a613188e3b76d593b04e0ddcc46f44c288b13f80b32ce83957356f50e22f9ee  nokogiri-1.11.0-arm64-darwin.gem
b8f9b826d09494b20b30ecd048f5eb2827dccd85b77abeb8baf1f610e5ed28ed  nokogiri-1.11.0-x86_64-darwin.gem

- C
Published by flavorjones about 5 years ago

https://github.com/sparklemotion/nokogiri - v1.11.0.rc4 / 2020-12-29

v1.11.0.rc4 / 2020-12-29

Latest is v1.11.0.rc4 (2020-12-29). To try out release candidates, use gem install --prerelease or gem install nokogiri -v1.11.0.rc4

If you're using bundler, try updating your Gemfile with:

gem "nokogiri", "~> 1.11.0.rc4"`

Delta since v1.11.0.rc3:

Notes

  • Added precompiled native gem support for Darwin (OSX) platform arm64-darwin

Dependencies

Ruby

Gems

  • Explicitly add racc as a runtime dependency. [#1988] (Thanks, @voxik!)

Security

See note below about CVE-2020-26247 in the "Changed" subsection entitled "XML::Schema parsing treats input as untrusted by default".

Performance

  • [CRuby] The CSS ~= operator and class selector . are about 2x faster. [#2137, #2135]
  • [CRuby] Patch libxml2 to call strlen from xmlStrlen rather than the naive implementation, because strlen is generally optimized for the architecture. [#2144] (Thanks, @ilyazub!)
  • Always compile libxml2 and libxslt with '-O2' [#2022, #2100] (Thanks, @ilyazub!)
  • [CRuby] RelaxNG.from_document no longer leaks memory. [#2114]

Improved

  • [CRuby] Handle incorrectly-closed HTML comments as WHATWG recommends for browsers. [#2058] (Thanks to HackerOne user mayflower for reporting this!)
  • {HTML,XML}::Document#parse now accept Pathname objects. Previously this worked only if the referenced file was less than 4096 bytes long; longer files resulted in undefined behavior because the read method would be repeatedly invoked. [#1821, #2110] (Thanks, @doriantaylor and @phokz!)
  • [CRuby] Nokogumbo builds faster because it can now use header files provided by Nokogiri. [#1788] (Thanks, @stevecheckoway!)
  • [JRuby] Clean up deprecated calls into JRuby. [#2027] (Thanks, @headius!)

Fixed

  • HTML Parsing in "strict" mode (i.e., the RECOVER parse option not set) now correctly raises a XML::SyntaxError exception. Previously the value of the RECOVER bit was being ignored by CRuby and was misinterpreted by JRuby. [#2130]
  • The CSS ~= operator now correctly handles non-space whitespace in the class attribute. commit e45dedd
  • The Node methods add_previous_sibling, previous=, before, add_next_sibling, next=, after, replace, and swap now correctly use their parent as the context node for parsing markup. These methods now also raise a RuntimeError if they are called on a node with no parent. [nokogumbo#160]
  • [JRuby] XML::Schema XSD validation errors are captured in XML::Schema#errors. These errors were previously ignored.
  • [JRuby] Fix how custom XPath function namespaces are inferred to be less naive. [#1890, #2148]
  • [JRuby] Clarify exception message when custom XPath functions can't be resolved.
  • [JRuby] Comparison of Node to Document with Node#<=> now matches CRuby/libxml2 behavior.
  • [CRuby] Syntax errors are now correctly captured in Document#errors for short HTML documents. Previously the SAX parser used for encoding detection was clobbering libxml2's global error handler.
  • [CRuby] On some platforms, avoid symbol name collision with glibc's canonicalize. [#2105]
  • [CRuby] Fixed Nokogumbo integration which broke in the v1.11.0 release candidates. [#1788] (Thanks, @stevecheckoway!)
  • [JRuby] Fixed document encoding regression in v1.11.0 release candidates. [#2080, #2083] (Thanks, @thbar!)

Changed

XML::Schema input is now "untrusted" by default

Address CVE-2020-26247.

In Nokogiri versions <= 1.11.0.rc3, XML Schemas parsed by Nokogiri::XML::Schema were trusted by default, allowing external resources to be accessed over the network, potentially enabling XXE or SSRF attacks.

This behavior is counter to the security policy intended by Nokogiri maintainers, which is to treat all input as untrusted by default whenever possible.

Please note that this security fix was pushed into a new minor version, 1.11.x, rather than a patch release to the 1.10.x branch, because it is a breaking change for some schemas and the risk was assessed to be "Low Severity".

More information and instructions for enabling "trusted input" behavior in v1.11.0.rc4 and later is available at the public advisory.

HTML parser now obeys the strict or norecover parsing option

(Also noted above in the "Fixed" section) HTML Parsing in "strict" mode (i.e., the RECOVER parse option not set) now correctly raises a XML::SyntaxError exception. Previously the value of the RECOVER bit was being ignored by CRuby and was misinterpreted by JRuby.

If you're using the default parser options, you will be unaffected by this fix. If you're passing strict or norecover to your HTML parser call, you may be surprised to see that the parser now fails to recover and raises a XML::SyntaxError exception. Given the number of HTML documents on the internet that libxml2 would consider to be ill-formed, this is probably not what you want, and you can omit setting that parse option to restore the behavior that you have been relying upon.

Apologies to anyone inconvenienced by this breaking bugfix being present in a minor release, but I felt it was appropriate to introduce this fix because it's straightforward to fix any code that has been relying on this buggy behavior.

VersionInfo, the output of nokogiri -v, and related constants

This release changes the metadata provided in Nokogiri::VersionInfo which also affects the output of nokogiri -v. Some related constants have also been changed. If you're using VersionInfo programmatically, or relying on constants related to underlying library versions, please read the detailed changes for Nokogiri::VersionInfo at #2139 and accept our apologies for the inconvenience.

- C
Published by flavorjones about 5 years ago

https://github.com/sparklemotion/nokogiri - v1.11.0.rc3 / 2020-09-08

v1.11.0.rc3 / 2020-09-08

To try out release candidates, use gem install --prerelease or gem install nokogiri -v1.11.0.rc3

If you're using bundler, try updating your Gemfile with:

gem "nokogiri", "~> 1.11.0.rc3"`

Delta since v1.11.0.rc2:

Notes

Added precompiled native gem support for OSX/Darwin platform x86_64-darwin19.

Fixed

  • [Windows Visual C++] Fixed compiler warnings and errors. [#2061, #2068]

- C
Published by flavorjones over 5 years ago

https://github.com/sparklemotion/nokogiri - 1.10.10 / 2020-07-06

1.10.10 / 2020-07-06

Features

  • [MRI] Cross-built Windows gems now support Ruby 2.7 [#2029]. Note that prior to this release, the v1.11.x prereleases provided this support.

- C
Published by flavorjones over 5 years ago

https://github.com/sparklemotion/nokogiri - v1.11.0.rc2 / 2020-04-01

v1.11.0.rc2 / 2020-04-01

To try out release candidates, use gem install --prerelease. Latest is v1.11.0.rc2.

Delta since v1.11.0.rc1:

Notes

Note that the linux-native gems for v1.11.0.rc2 and later support musl systems (e.g., alpine).

Dependencies

  • [MRI] Upgrade mini_portile2 dependency from ~> 2.4.0 to ~> 2.5.0 [#2005] (Thanks, @alejandroperea!)

Added

  • Add Node methods for manipulating keyword attributes (like class and rel): #kwattr_values, #kwattr_add, #kwattr_append, and #kwattr_remove. [#2000]

Fixed

  • The switch to turn off the CSS-to-XPath cache is now thread-local, rather than being shared mutable state. [#1935]
  • The switch to turn off the CSS-to-XPath cache is now thread-local, rather than being shared mutable state. [#1935]

Removed

  • The internal method Nokogiri::CSS::Parser.cache_on= has been removed. Use .set_cache if you need to muck with the cache internals.
  • The method Nokogiri::CSS::Parser.parse has been removed. This was originally deprecated in 2009 in 13db61b.

- C
Published by flavorjones almost 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.9 / 2020-03-01

1.10.9 / 2020-03-01

Fixed

  • [MRI] Raise an exception when Nokogiri detects a specific libxml2 edge case involving blank Schema nodes wrapped by Ruby objects that would cause a segfault. Currently no fix is available upstream, so we're preventing a dangerous operation and informing users to code around it if possible. [#1985, #2001]
  • [JRuby] Change NodeSet#to_a to return a RubyArray instead of Object, for compilation under JRuby 9.2.9 and later. [#1968, #1969] (Thanks, @headius!)

- C
Published by flavorjones about 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.8 / 2020-02-10

1.10.8 / 2020-02-10

Security

[MRI] Pulled in upstream patch from libxml that addresses CVE-2020-7595. Full details are available in #1992. Note that this patch is not yet (as of 2020-02-10) in an upstream release of libxml.

- C
Published by flavorjones about 6 years ago

https://github.com/sparklemotion/nokogiri - v1.11.0.rc1 / 2020-02-02

v1.11.0.rc1 / 2020-02-02

To try out release candidates, use gem install --prerelease.

Notes

Experiment: Pre-Compiled Native Linux Gems

With the v1.11.0 release candidates, we are experimenting with shipping pre-compiled native Linux gems for the x86-linux and x86_64-linux platforms.

If this works properly for you, it will speed up installation time on Linux.

If this doesn't work for you, please drop us a note at #1983, we may reach out to you for more information on your distro and configuration.

Either way, we'd appreciate some feedback at #1983.

Dependencies

This release introduces support for:

  • Ruby 2.7, including the precompiled native binary gems for Windows.

This release ends support for:

Added

  • Add support for CSS queries "a:has(> b)", "a:has(~ b)", and "a:has(+ b)". [#688] (Thanks, @jonathanhefner!)
  • Add Node#value? to better match expected semantics of a Hash-like object. [#1838, #1840] (Thanks, @MatzFan!)
  • [MRI] Add Nokogiri::XML::Node#line= for use by downstream libs like nokogumbo. [#1918] (Thanks, @stevecheckoway!)

Improved

  • Add frozen_string_literal: true magic comment to all lib files. [#1745] (Thanks, @oniofchaos!)
  • Improve performance of some namespace operations. [#1916] (Thanks, @ashmaroli!)
  • Remove unnecessary array allocations from Node serialization methods [#1911] (Thanks, @ashmaroli!)
  • Avoid creation of unnecessary zero-length String objects. [#1970] (Thanks, @ashmaroli!)
  • [JRuby] Lots of code cleanup and performance improvements. [#1934] (Thanks, @kares!)

Fixed

  • [JRuby] Standardize reading from IO like objects, including StringIO. [#1888, #1897]
  • [JRuby] Change NodeSet#to_a to return a RubyArray instead of Object, for compilation under JRuby 9.2.9 and later. [#1968, #1969] (Thanks, @headius!)

Changed

VersionInfo and the output of nokogiri -v

This release changes the information provided in
Nokogiri::VersionInfo, see #1482 and #1974 for background. Note that
the output of nokogiri -v will also reflect these changes.

Nokogiri::VersionInfo will no longer contain the following keys (previously these were set only when vendored libraries were being used)

  • libxml/libxml2_path
  • libxml/libxslt_path

Nokogiri::VersionInfo now contains version metadata for libxslt:

  • libxslt/source (either "packaged" or "system", similar to libxml/source)
  • libxslt/compiled (the version of libxslt compiled at installation time, similar to libxml/compiled)
  • libxslt/loaded (the version of libxslt loaded at runtime, similar to libxml/loaded)
  • libxslt/patches moved from libxml/libxslt_patches

Nokogiri::VersionInfo key libxml/libxml2_patches has been renamed to libxml/patches

These C macros will no longer be defined:

  • NOKOGIRI_LIBXML2_PATH
  • NOKOGIRI_LIBXSLT_PATH

These global variables will no longer be defined:

  • NOKOGIRI_LIBXML2_PATH
  • NOKOGIRI_LIBXSLT_PATH

These constants have been renamed:

  • Nokogiri::LIBXML_VERSION is now Nokogiri::LIBXML_COMPILED_VERSION
  • Nokogiri::LIBXML_PARSER_VERSION is now Nokogiri::LIBXML_LOADED_VERSION

These methods have been renamed and the return type changed from String to Gem::Version:

  • VersionInfo#loaded_parser_version is now #loaded_libxml_version
  • VersionInfo#compiled_parser_version is now #compiled_libxml_version

Nokogiri.uses_libxml? now accepts an optional requirement string which is interpreted as a Gem::Requirement and tested against the loaded libxml2 version (the value in VersionInfo key libxml/loaded). This greatly simplifies much of the version-dependent branching logic in both the implementation and the tests.

To sum these changes up, the output from CRuby when using vendored libraries was something like:

# Nokogiri (1.10.7)
    ---
    warnings: []
    nokogiri: 1.10.7
    ruby:
      version: 2.7.0
      platform: x86_64-linux
      description: ruby 2.7.0p0 (2019-12-25 revision 647ee6f091) [x86_64-linux]
      engine: ruby
    libxml:
      binding: extension
      source: packaged
      libxml2_path: "/home/flavorjones/.rvm/gems/ruby-2.7.0/gems/nokogiri-1.10.7/ports/x86_64-pc-linux-gnu/libxml2/2.9.10"
      libxslt_path: "/home/flavorjones/.rvm/gems/ruby-2.7.0/gems/nokogiri-1.10.7/ports/x86_64-pc-linux-gnu/libxslt/1.1.34"
      libxml2_patches:
      - 0001-Revert-Do-not-URI-escape-in-server-side-includes.patch
      - 0002-Remove-script-macro-support.patch
      - 0003-Update-entities-to-remove-handling-of-ssi.patch
      - 0004-libxml2.la-is-in-top_builddir.patch
      libxslt_patches: []
      compiled: 2.9.10
      loaded: 2.9.10

but now looks like:

# Nokogiri (1.11.0)
    ---
    warnings: []
    nokogiri: 1.11.0
    ruby:
      version: 2.7.0
      platform: x86_64-linux
      description: ruby 2.7.0p0 (2019-12-25 revision 647ee6f091) [x86_64-linux]
      engine: ruby
    libxml:
      source: packaged
      patches:
      - 0001-Revert-Do-not-URI-escape-in-server-side-includes.patch
      - 0002-Remove-script-macro-support.patch
      - 0003-Update-entities-to-remove-handling-of-ssi.patch
      - 0004-libxml2.la-is-in-top_builddir.patch
      compiled: 2.9.10
      loaded: 2.9.10
    libxslt:
      source: packaged
      patches: []
      compiled: 1.1.34
      loaded: 1.1.34

and the output from using system libraries now looks like:

# Nokogiri (1.11.0)
    ---
    warnings: []
    nokogiri: 1.11.0
    ruby:
      version: 2.7.0
      platform: x86_64-linux
      description: ruby 2.7.0p0 (2019-12-25 revision 647ee6f091) [x86_64-linux]
      engine: ruby
    libxml:
      source: system
      compiled: 2.9.4
      loaded: 2.9.4
    libxslt:
      source: system
      compiled: 1.1.29
      loaded: 1.1.29

- C
Published by flavorjones about 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.7 / 2019-12-03

1.10.7 / 2019-12-03

Bug

  • [MRI] Ensure the patch applied in v1.10.6 works with GNU patch. [#1954]

- C
Published by flavorjones about 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.6 / 2019-12-03

1.10.6 / 2019-12-03

Bug

  • [MRI] Fix FreeBSD installation of vendored libxml2. [#1941, #1953] (Thanks, @nurse!)

- C
Published by flavorjones about 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.5 / 2019-10-31

1.10.5 / 2019-10-31

Dependencies

  • [MRI] vendored libxml2 is updated from 2.9.9 to 2.9.10
  • [MRI] vendored libxslt is updated from 1.1.33 to 1.1.34

- C
Published by flavorjones over 6 years ago

https://github.com/sparklemotion/nokogiri -

- C
Published by flavorjones over 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.4 / 2019-08-11

1.10.4 / 2019-08-11

Security

Address CVE-2019-5477 (#1915)

A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's Kernel.open method. Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizer#load_file is being passed untrusted user input.

This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4.

This CVE's public notice is https://github.com/sparklemotion/nokogiri/issues/1915

- C
Published by flavorjones over 6 years ago

https://github.com/sparklemotion/nokogiri - 1.10.3 / 2019-04-22

1.10.3 / 2019-04-22

Security Notes

[MRI] Pulled in upstream patch from libxslt that addresses CVE-2019-11068. Full details are available in #1892. Note that this patch is not yet (as of 2019-04-22) in an upstream release of libxslt.

- C
Published by flavorjones almost 7 years ago

https://github.com/sparklemotion/nokogiri - 1.10.2 / 2019-03-24

1.10.2 / 2019-03-24

Security

  • [MRI] Remove support from vendored libxml2 for future script macros. [#1871]
  • [MRI] Remove support from vendored libxml2 for server-side includes within attributes. [#1877]

Bug fixes

  • [JRuby] Fix node ownership in duplicated documents. [#1060]
  • [JRuby] Rethrow exceptions caught by Java SAX handler. [#1847, #1872] (Thanks, @adjam!)

- C
Published by flavorjones almost 7 years ago

https://github.com/sparklemotion/nokogiri - 1.10.1 / 2019-01-13

1.10.1 / 2019-01-13

Features

  • [MRI] During installation, handle Xcode 10's new library pathOS. [#1801, #1851] (Thanks, @mlj and @deepj!)
  • Avoid unnecessary creation of Procs in many methods. [#1776] (Thanks, @chopraanmol1!)

Bug fixes

  • CSS selector :has() now correctly matches against any descendant. Previously this selector matched against only direct children). [#350] (Thanks, @Phrogz!)
  • NodeSet#attr now returns nil if it's empty. Previously this raised a NoMethodError.
  • [MRI] XPath errors are no longer suppressed during XSLT::Stylesheet#transform. Previously these errors were suppressed which led to silent failures and a subsequent segfault. [#1802]

- C
Published by flavorjones about 7 years ago

https://github.com/sparklemotion/nokogiri - 1.10.0 / 2019-01-04

1.10.0 / 2019-01-04

Features

  • [MRI] Cross-built Windows gems now support Ruby 2.6 [#1842, #1850]

Backwards incompatibilities

This release ends support for:

Dependencies

  • [MRI] libxml2 is updated from 2.9.8 to 2.9.9
  • [MRI] libxslt is updated from 1.1.32 to 1.1.33

- C
Published by flavorjones about 7 years ago

https://github.com/sparklemotion/nokogiri - 1.9.1 / 2018-12-17

1.9.1 / 2018-12-17

Bug fixes

  • Fix a bug introduced in v1.9.0 where XML::DocumentFragment#dup no longer returned an instance of the callee's class, instead always returning an XML::DocumentFragment. This notably broke any subclass of XML::DocumentFragment including HTML::DocumentFragment as well as the Loofah gem's Loofah::HTML::DocumentFragment. [#1846]

- C
Published by flavorjones about 7 years ago

https://github.com/sparklemotion/nokogiri - 1.9.0 / 2018-12-17

1.9.0 / 2018-12-17

Security Notes

  • [JRuby] Upgrade Xerces dependency from 2.11.0 to 2.12.0 to address upstream vulnerability CVE-2012-0881 [#1831] (Thanks @grajagandev for reporting.)

Notable non-functional changes

  • Decrease installation size by removing many unneeded files (e.g., /test) from the packaged gems. [#1719] (Thanks, @stevecrozz!)

Features

  • XML::Attr#value= allows HTML node attribute values to be set to either a blank string or an empty boolean attribute. [#1800]
  • Introduce XML::Node#wrap which does what XML::NodeSet#wrap has always done, but for a single node. [#1531] (Thanks, @ethirajsrinivasan!)
  • [MRI] Improve installation experience on macOS High Sierra (Darwin). [#1812, #1813] (Thanks, @gpakosz and @nurse!)
  • [MRI] Node#dup supports copying a node directly to a new document. See the method documentation for details.
  • [MRI] DocumentFragment#dup is now more memory-efficient, avoiding making unnecessary copies. [#1063]
  • [JRuby] NodeSet has been rewritten to improve performance! [#1795]

Bug fixes

  • NodeSet#each now returns self instead of zero. [#1822] (Thanks, @olehif!)
  • [MRI] Address a memory leak when using XML::Builder to create nodes with namespaces. [#1810]
  • [MRI] Address a memory leak when unparenting a DTD. [#1784] (Thanks, @stevecheckoway!)
  • [MRI] Use RbConfig::CONFIG instead of ::MAKEFILE_CONFIG to fix installations that use Makefile macros. [#1820] (Thanks, @nobu!)
  • [JRuby] Decrease large memory usage when making nested XPath queries. [#1749]
  • [JRuby] Fix failing tests on JRuby 9.2.x
  • [JRuby] Fix default namespaces in nodes reparented into a different document [#1774]
  • [JRuby] Fix support for Java 9. [#1759] (Thanks, @Taywee!)

Dependencies

  • [MRI] Upgrade mini_portile2 dependency from ~> 2.3.0 to ~> 2.4.0

- C
Published by flavorjones about 7 years ago

https://github.com/sparklemotion/nokogiri - 1.9.0.rc1 / 2018-12-10

1.9.0.rc1 / 2018-12-10

Security Notes

  • [JRuby] Upgrade Xerces dependency from 2.11.0 to 2.12.0 to address upstream vulnerability CVE-2012-0881 [#1831] (Thanks @grajagandev for reporting.)

Features

  • XML::Attr#value= allows HTML node attribute values to be set to either a blank string or an empty boolean attribute. [#1800]
  • Introduce XML::Node#wrap which does what XML::NodeSet#wrap has always done, but for a single node. [#1531] (Thanks, @ethirajsrinivasan!)
  • [MRI] Improve installation experience on macOS High Sierra (Darwin). [#1812, #1813] (Thanks, @gpakosz and @nurse!)
  • [MRI] Node#dup supports copying a node directly to a new document. See the method documentation for details.
  • [MRI] DocumentFragment#dup is now more memory-efficient, avoiding making unnecessary copies. [#1063]
  • [JRuby] NodeSet has been rewritten to improve performance! [#1795]

Bug fixes

  • NodeSet#each now returns self instead of zero. [#1822] (Thanks, @olehif!)
  • [MRI] Address a memory leak when using XML::Builder to create nodes with namespaces. [#1810]
  • [MRI] Address a memory leak when unparenting a DTD. [#1784] (Thanks, @stevecheckoway!)
  • [MRI] Decrease large memory usage when making nested XPath queries. [#1749]
  • [MRI] Use RbConfig::CONFIG instead of ::MAKEFILE_CONFIG to fix installations that use Makefile macros. [#1820] (Thanks, @nobu!)
  • [JRuby] Fix failing tests on JRuby 9.2.x
  • [JRuby] Fix default namespaces in nodes reparented into a different document [#1774]
  • [JRuby] Fix support for Java 9. [#1759] (Thanks, @Taywee!)

Dependencies

  • [MRI] Upgrade mini_portile2 dependency from ~> 2.3.0 to ~> 2.4.0

- C
Published by flavorjones about 7 years ago