dependabot[bot] opened a new pull request, #361: URL: https://github.com/apache/maven-dependency-plugin/pull/361
Bumps [org.jsoup:jsoup](https://github.com/jhy/jsoup) from 1.17.1 to 1.17.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/jhy/jsoup/releases";>org.jsoup:jsoup's releases</a>.</em></p> <blockquote> <h2>jsoup Java HTML Parser release 1.17.2</h2> <h3>Improvements</h3> <ul> <li><strong>Attribute object accessors</strong>: Added <code>Element.attribute(String)</code> and <code>Attributes.attribute(String)</code> to more simply obtain an <code>Attribute</code> object. <a href="https://redirect.github.com/jhy/jsoup/issues/2069";>2069</a></li> <li><strong>Attribute source tracking</strong>: If source tracking is on, and an Attribute's key is changed ( via <code>Attribute.setKey(String)</code>), the source range is now still tracked in <code>Attribute.sourceRange()</code>. <a href="https://redirect.github.com/jhy/jsoup/issues/2070";>2070</a></li> <li><strong>Wildcard attribute selector</strong>: Added support for the <code>[*]</code> element with any attribute selector. And also restored support for selecting by an empty attribute name prefix (<code>[^]</code>). <a href="https://redirect.github.com/jhy/jsoup/issues/2079";>2079</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>Mixed-cased source position</strong>: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. <a href="https://redirect.github.com/jhy/jsoup/issues/2067";>2067</a></li> <li><strong>Source position NPE</strong>: When tracking the source position of a body fragment parse, a null pointer exception was thrown. <a href="https://redirect.github.com/jhy/jsoup/issues/2068";>2068</a></li> <li><strong>Multi-point emoji entity</strong>: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. <a href="https://redirect.github.com/jhy/jsoup/issues/2074";>2074</a></li> <li><strong>Selector sub-expressions</strong>: (Regression) in a selector like <code>parent [attr=va], other</code>, the <code>, OR</code> was binding to <code>[attr=va]</code> instead of <code>parent [attr=va]</code>, causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. <a href="https://redirect.github.com/jhy/jsoup/issues/2073";>2073</a></li> <li><strong>XML CData output</strong>: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. <a href="https://redirect.github.com/jhy/jsoup/issues/2078";>2078</a></li> <li><strong>Thread safety</strong>: The <code>:has</code> evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. <a href="https://redirect.github.com/jhy/jsoup/issues/2088";>2088</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/jhy/jsoup/blob/master/CHANGES.md";>org.jsoup:jsoup's changelog</a>.</em></p> <blockquote> <h2>1.17.2 (2023-Dec-29)</h2> <h3>Improvements</h3> <ul> <li><strong>Attribute object accessors</strong>: Added <code>Element.attribute(String)</code> and <code>Attributes.attribute(String)</code> to more simply obtain an <code>Attribute</code> object. <a href="https://redirect.github.com/jhy/jsoup/issues/2069";>2069</a></li> <li><strong>Attribute source tracking</strong>: If source tracking is on, and an Attribute's key is changed ( via <code>Attribute.setKey(String)</code>), the source range is now still tracked in <code>Attribute.sourceRange()</code>. <a href="https://redirect.github.com/jhy/jsoup/issues/2070";>2070</a></li> <li><strong>Wildcard attribute selector</strong>: Added support for the <code>[*]</code> element with any attribute selector. And also restored support for selecting by an empty attribute name prefix (<code>[^]</code>). <a href="https://redirect.github.com/jhy/jsoup/issues/2079";>2079</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li><strong>Mixed-cased source position</strong>: When tracking the source position of attributes, if the source attribute name was mix-cased but the parser was lower-case normalizing attribute names, the source position for that attribute was not tracked correctly. <a href="https://redirect.github.com/jhy/jsoup/issues/2067";>2067</a></li> <li><strong>Source position NPE</strong>: When tracking the source position of a body fragment parse, a null pointer exception was thrown. <a href="https://redirect.github.com/jhy/jsoup/issues/2068";>2068</a></li> <li><strong>Multi-point emoji entity</strong>: A multi-point encoded emoji entity may be incorrectly decoded to the replacement character. <a href="https://redirect.github.com/jhy/jsoup/issues/2074";>2074</a></li> <li><strong>Selector sub-expressions</strong>: (Regression) in a selector like <code>parent [attr=va], other</code>, the <code>, OR</code> was binding to <code>[attr=va]</code> instead of <code>parent [attr=va]</code>, causing incorrect selections. The fix includes a EvaluatorDebug class that generates a sexpr to represent the query, allowing simpler and more thorough query parse tests. <a href="https://redirect.github.com/jhy/jsoup/issues/2073";>2073</a></li> <li><strong>XML CData output</strong>: When generating XML-syntax output from parsed HTML, script nodes containing (pseudo) CData sections would have an extraneous CData section added, causing script execution errors. Now, the data content is emitted in a HTML/XML/XHTML polyglot format, if the data is not already within a CData section. <a href="https://redirect.github.com/jhy/jsoup/issues/2078";>2078</a></li> <li><strong>Thread safety</strong>: The <code>:has</code> evaluator held a non-thread-safe Iterator, and so if an Evaluator object was shared across multiple concurrent threads, a NoSuchElement exception may be thrown, and the selected results may be incorrect. Now, the iterator object is a thread-local. <a href="https://redirect.github.com/jhy/jsoup/issues/2088";>2088</a></li> </ul> <hr /> <p>Older changes for versions 0.1.1 (2010-Jan-31) through 1.17.1 (2023-Nov-27) may be found in <a href="https://github.com/jhy/jsoup/blob/master/change-archive.txt";>change-archive.txt</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/jhy/jsoup/commit/9dec1baba5b3d0fa11268c95630b391f9de664ad";><code>9dec1ba</code></a> [maven-release-plugin] prepare release jsoup-1.17.2</li> <li><a href="https://github.com/jhy/jsoup/commit/d3a572423233ff6ce4ff2892e60e4c80febc7b9c";><code>d3a5724</code></a> Changelog for 1.17.2</li> <li><a href="https://github.com/jhy/jsoup/commit/1963a7c17fc8b95ec6f6d150d716c9d9c4065c2e";><code>1963a7c</code></a> Bump org.apache.maven.plugins:maven-compiler-plugin from 3.12.0 to 3.12.1 (<a href="https://redirect.github.com/jhy/jsoup/issues/2";>#2</a>...</li> <li><a href="https://github.com/jhy/jsoup/commit/d4b2c36dadad3e644d1c1b5b85aa704b22c3b077";><code>d4b2c36</code></a> Simplify node filtering operations using Streams API (<a href="https://redirect.github.com/jhy/jsoup/issues/2080";>#2080</a>)</li> <li><a href="https://github.com/jhy/jsoup/commit/78be89abde691c066fd55a1ca24254447e21cfe6";><code>78be89a</code></a> Move iter into Has class</li> <li><a href="https://github.com/jhy/jsoup/commit/374ded2bc3d57108fffbead844371ecc5fab63ee";><code>374ded2</code></a> Use a threadlocal to hold the NodeIterator</li> <li><a href="https://github.com/jhy/jsoup/commit/4fb1036ce7892fa1f938cee4f37435e85dd30797";><code>4fb1036</code></a> Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3 (<a href="https://redirect.github.com/jhy/jsoup/issues/2086";>#2086</a>)</li> <li><a href="https://github.com/jhy/jsoup/commit/c9ce65a9fec3cf6ddeb2dbe5d98214b6a03698b4";><code>c9ce65a</code></a> Bump org.apache.maven.plugins:maven-failsafe-plugin from 3.2.2 to 3.2.3 (<a href="https://redirect.github.com/jhy/jsoup/issues/2085";>#2085</a>)</li> <li><a href="https://github.com/jhy/jsoup/commit/20c9162234e55a297cd1a2195af70d9353ab3e05";><code>20c9162</code></a> Bump org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.0 (<a href="https://redirect.github.com/jhy/jsoup/issues/2";>#2</a>...</li> <li><a href="https://github.com/jhy/jsoup/commit/d5bc100eab6238b4b682a45fc04e829ff46459ef";><code>d5bc100</code></a> Corrected namespace tests</li> <li>Additional commits viewable in <a href="https://github.com/jhy/jsoup/compare/jsoup-1.17.1...jsoup-1.17.2";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@maven.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
