dependabot[bot] opened a new pull request, #5281:
URL: https://github.com/apache/myfaces-tobago/pull/5281

   Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.17.2 to 1.18.1.
   <details>
   <summary>Release notes</summary>
   <p><em>Sourced from <a 
href="https://github.com/jhy/jsoup/releases";>org.jsoup:jsoup's 
releases</a>.</em></p>
   <blockquote>
   <h2>jsoup-1.18.1</h2>
   <p><a 
href="https://jsoup.org/news/release-1.18.1";>https://jsoup.org/news/release-1.18.1</a></p>
   <h3>Improvements</h3>
   <ul>
   <li><strong>Stream Parser</strong>: A <code>StreamParser</code> provides a 
progressive parse of its input. As each <code>Element</code> is completed, it is
   emitted via a <code>Stream</code> or <code>Iterator</code> interface. 
Elements returned will be complete with all their children, and an
   (empty) next sibling, if applicable. Elements (or their children) may be 
removed from the DOM during the parse,
   for e.g. to conserve memory, providing a mechanism to parse an input 
document that would otherwise be too large to fit
   into memory, yet still providing a DOM interface to the document and its 
elements. Additionally, the parser provides
   a <code>selectFirst(String query)</code> / <code>selectNext(String 
query)</code>, which will run the parser until a hit is found, at which
   point the parse is suspended. It can be resumed via another 
<code>select()</code> call, or via the <code>stream()</code> or 
<code>iterator()</code>
   methods. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2096";>2096</a></li>
   <li><strong>Download Progress</strong>: added a Response Progress event 
interface, which reports progress and URLs are downloaded (and
   parsed). Supported on both a session and a single connection
   level. <a href="https://redirect.github.com/jhy/jsoup/pull/2164";>2164</a>, 
<a href="https://redirect.github.com/jhy/jsoup/issues/656";>656</a></li>
   <li>Added <code>Path</code> accepting parse methods: 
<code>Jsoup.parse(Path)</code>, <code>Jsoup.parse(path, charsetName, baseUri, 
parser)</code>,
   etc. <a href="https://redirect.github.com/jhy/jsoup/pull/2055";>2055</a></li>
   <li>Updated the <code>button</code> tag configuration to include a space 
between multiple button elements in the <code>Element.text()</code>
   method. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2105";>2105</a></li>
   <li>Added support for the <code>ns|*</code> all elements in namespace 
Selector. <a 
href="https://redirect.github.com/jhy/jsoup/issues/1811";>1811</a></li>
   <li>When normalising attribute names during serialization, invalid 
characters are now replaced with <code>_</code>, vs being
   stripped. This should make the process clearer, and generally prevent an 
invalid attribute name being coerced
   unexpectedly. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2143";>2143</a></li>
   </ul>
   <h3>Changes</h3>
   <ul>
   <li>Removed previously deprecated internal classes and methods. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2094";>2094</a></li>
   <li>Build change: the built jar's OSGi manifest no longer imports itself. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2158";>2158</a></li>
   </ul>
   <h3>Bug Fixes</h3>
   <ul>
   <li>When tracking source positions, if the first node was a TextNode, its 
position was incorrectly set
   to <code>-1.</code> <a 
href="https://redirect.github.com/jhy/jsoup/issues/2106";>2106</a></li>
   <li>When connecting (or redirecting) to URLs with characters such as 
<code>{</code>, <code>}</code> in the path, a Malformed URL exception would
   be thrown (if in development), or the URL might otherwise not be escaped 
correctly (if in
   production). The URL encoding process has been improved to handle these 
characters
   correctly. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2142";>2142</a></li>
   <li>When using <code>W3CDom</code> with a custom output Document, a Null 
Pointer Exception would be
   thrown. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2114";>2114</a></li>
   <li>The <code>:has()</code> selector did not match correctly when using 
sibling combinators (like
   e.g.: <code>h1:has(+h2)</code>). <a 
href="https://redirect.github.com/jhy/jsoup/issues/2137";>2137</a></li>
   <li>The <code>:empty</code> selector incorrectly matched elements that 
started with a blank text node and were followed by
   non-empty nodes, due to an incorrect short-circuit. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2130";>2130</a></li>
   <li><code>Element.cssSelector()</code> would fail with &quot;Did not find 
balanced marker&quot; when building a selector for elements that had
   a <code>(</code> or <code>[</code> in their class names. And selectors with 
those characters escaped would not match as
   expected. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2146";>2146</a></li>
   <li>Updated <code>Entities.escape(string)</code> to make the escaped text 
suitable for both text nodes and attributes (previously was
   only for text nodes). This does not impact the output of 
<code>Element.html()</code> which correctly applies a minimal escape
   depending on if the use will be for text data or in a quoted</li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Changelog</summary>
   <p><em>Sourced from <a 
href="https://github.com/jhy/jsoup/blob/master/CHANGES.md";>org.jsoup:jsoup's 
changelog</a>.</em></p>
   <blockquote>
   <h2>1.18.1 (2024-Jul-10)</h2>
   <h3>Improvements</h3>
   <ul>
   <li><strong>Stream Parser</strong>: A <code>StreamParser</code> provides a 
progressive parse of its input. As each <code>Element</code> is completed, it is
   emitted via a <code>Stream</code> or <code>Iterator</code> interface. 
Elements returned will be complete with all their children, and an
   (empty) next sibling, if applicable. Elements (or their children) may be 
removed from the DOM during the parse,
   for e.g. to conserve memory, providing a mechanism to parse an input 
document that would otherwise be too large to fit
   into memory, yet still providing a DOM interface to the document and its 
elements. Additionally, the parser provides
   a <code>selectFirst(String query)</code> / <code>selectNext(String 
query)</code>, which will run the parser until a hit is found, at which
   point the parse is suspended. It can be resumed via another 
<code>select()</code> call, or via the <code>stream()</code> or 
<code>iterator()</code>
   methods. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2096";>2096</a></li>
   <li><strong>Download Progress</strong>: added a Response Progress event 
interface, which reports progress and URLs are downloaded (and
   parsed). Supported on both a session and a single connection
   level. <a href="https://redirect.github.com/jhy/jsoup/pull/2164";>2164</a>, 
<a href="https://redirect.github.com/jhy/jsoup/issues/656";>656</a></li>
   <li>Added <code>Path</code> accepting parse methods: 
<code>Jsoup.parse(Path)</code>, <code>Jsoup.parse(path, charsetName, baseUri, 
parser)</code>,
   etc. <a href="https://redirect.github.com/jhy/jsoup/pull/2055";>2055</a></li>
   <li>Updated the <code>button</code> tag configuration to include a space 
between multiple button elements in the <code>Element.text()</code>
   method. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2105";>2105</a></li>
   <li>Added support for the <code>ns|*</code> all elements in namespace 
Selector. <a 
href="https://redirect.github.com/jhy/jsoup/issues/1811";>1811</a></li>
   <li>When normalising attribute names during serialization, invalid 
characters are now replaced with <code>_</code>, vs being
   stripped. This should make the process clearer, and generally prevent an 
invalid attribute name being coerced
   unexpectedly. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2143";>2143</a></li>
   </ul>
   <h3>Changes</h3>
   <ul>
   <li>Removed previously deprecated internal classes and methods. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2094";>2094</a></li>
   <li>Build change: the built jar's OSGi manifest no longer imports itself. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2158";>2158</a></li>
   </ul>
   <h3>Bug Fixes</h3>
   <ul>
   <li>When tracking source positions, if the first node was a TextNode, its 
position was incorrectly set
   to <code>-1.</code> <a 
href="https://redirect.github.com/jhy/jsoup/issues/2106";>2106</a></li>
   <li>When connecting (or redirecting) to URLs with characters such as 
<code>{</code>, <code>}</code> in the path, a Malformed URL exception would
   be thrown (if in development), or the URL might otherwise not be escaped 
correctly (if in
   production). The URL encoding process has been improved to handle these 
characters
   correctly. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2142";>2142</a></li>
   <li>When using <code>W3CDom</code> with a custom output Document, a Null 
Pointer Exception would be
   thrown. <a 
href="https://redirect.github.com/jhy/jsoup/pull/2114";>2114</a></li>
   <li>The <code>:has()</code> selector did not match correctly when using 
sibling combinators (like
   e.g.: <code>h1:has(+h2)</code>). <a 
href="https://redirect.github.com/jhy/jsoup/issues/2137";>2137</a></li>
   <li>The <code>:empty</code> selector incorrectly matched elements that 
started with a blank text node and were followed by
   non-empty nodes, due to an incorrect short-circuit. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2130";>2130</a></li>
   <li><code>Element.cssSelector()</code> would fail with &quot;Did not find 
balanced marker&quot; when building a selector for elements that had
   a <code>(</code> or <code>[</code> in their class names. And selectors with 
those characters escaped would not match as
   expected. <a 
href="https://redirect.github.com/jhy/jsoup/issues/2146";>2146</a></li>
   <li>Updated <code>Entities.escape(string)</code> to make the escaped text 
suitable for both text nodes and attributes (previously was
   only for text nodes). This does not impact the output of 
<code>Element.html()</code> which correctly applies a minimal escape
   depending on if the use will be for text data or in a quoted
   attribute. <a 
href="https://redirect.github.com/jhy/jsoup/issues/1278";>1278</a></li>
   </ul>
   <!-- raw HTML omitted -->
   </blockquote>
   <p>... (truncated)</p>
   </details>
   <details>
   <summary>Commits</summary>
   <ul>
   <li><a 
href="https://github.com/jhy/jsoup/commit/19e8539fbfae80432fc4d8e9b562a39f786f547e";><code>19e8539</code></a>
 [maven-release-plugin] prepare release jsoup-1.18.1</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/c8b6f2e91d7a76ad4635b7e9933e1aadeb0c55e8";><code>c8b6f2e</code></a>
 Progress javadoc tweaks</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/6cbe7e494fe88f1d8c082353e2c54f6eb8fdc381";><code>6cbe7e4</code></a>
 Replace attribute invalid characters with <code>_</code>, vs stripping</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/68f6f9ccb349d9ceef8caaf212d513b2d8f8d7ea";><code>68f6f9c</code></a>
 Bump jetty.version from 9.4.54.v20240208 to 9.4.55.v20240627 (<a 
href="https://redirect.github.com/jhy/jsoup/issues/2168";>#2168</a>)</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/6423e659d5da3de14fc7bf2e31f3383d5c3646c4";><code>6423e65</code></a>
 Relaxed the multi-thread w/o newRequest test</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/6c55f019248a0ff617086565451d21754b9cfd15";><code>6c55f01</code></a>
 Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.23 to 1.24 (<a 
href="https://redirect.github.com/jhy/jsoup/issues/2167";>#2167</a>)</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/e1bfee9357360d0783d46476a6f029bf0336446e";><code>e1bfee9</code></a>
 Shh</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/b4b3fd177d5750b15f8ad8322a696d91cbea034e";><code>b4b3fd1</code></a>
 Added test of partial fetch in Stream Parser</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/9ba6dc7a955ed23884e8e25f8d503c4fe144c27a";><code>9ba6dc7</code></a>
 Make Entities.escape(string) suitable for both text and attributes</li>
   <li><a 
href="https://github.com/jhy/jsoup/commit/a0537c7623ba84252c5535020227babdf6da314f";><code>a0537c7</code></a>
 Handle escaped characters in consumeSubQuery</li>
   <li>Additional commits viewable in <a 
href="https://github.com/jhy/jsoup/compare/jsoup-1.17.2...jsoup-1.18.1";>compare 
view</a></li>
   </ul>
   </details>
   <br />
   
   
   [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.jsoup:jsoup&package-manager=maven&previous-version=1.17.2&new-version=1.18.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
   
   Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`@dependabot rebase`.
   
   [//]: # (dependabot-automerge-start)
   [//]: # (dependabot-automerge-end)
   
   ---
   
   <details>
   <summary>Dependabot commands and options</summary>
   <br />
   
   You can trigger Dependabot actions by commenting on this PR:
   - `@dependabot rebase` will rebase this PR
   - `@dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
   - `@dependabot merge` will merge this PR after your CI passes on it
   - `@dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
   - `@dependabot cancel merge` will cancel a previously requested merge and 
block automerging
   - `@dependabot reopen` will reopen this PR if it is closed
   - `@dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
   - `@dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
   - `@dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
   - `@dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
   
   
   </details>


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@myfaces.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to