dependabot[bot] opened a new pull request, #135:
URL: https://github.com/apache/manifoldcf/pull/135
Bumps [jsoup](https://github.com/jhy/jsoup) from 1.8.1 to 1.15.3.
Release notes
Sourced from https://github.com/jhy/jsoup/releases;>jsoup's
releases.
jsoup 1.15.3
jsoup 1.15.3 is out now, and includes a security fix for
potential XSS attacks, along with other bug fixes and improvements, including
more descriptive validation error messages.
Details:
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369;>Security
advisory
https://jsoup.org/news/release-1.15.3;>Release notes
https://jsoup.org/download;>Download
jsoup 1.15.2 is out now with a bunch of https://jsoup.org/news/release-1.15.2;>improvements and bug fixes.
jsoup 1.15.1 is out now with a bunch of https://jsoup.org/news/release-1.15.1;>improvements and bug fixes.
jsoup 1.14.3
jsoup 1.14.3 is out now, adding native
XPath selector support, improved
\template support, and also includes a bunch of bug fixes,
improvements, and performance enhancements.
See the https://jsoup.org/news/release-1.14.3;>release
announcement for the full changelog.
jsoup 1.14.2
Caught by the fuzz! jsoup 1.14.2 is out now, and
includes a set of parser bug fixes and improvements for handling rough HTML and
XML, as identified by the Jazzer JVM fuzzer. This release also includes other
fixes and improvements.
See the https://jsoup.org/news/release-1.14.2;>release
announcement for the full changelog.
jsoup 1.14.1
jsoup 1.14.1 is out now, with simple request session
management, increased parse robustness, and a ton of other improvements,
speed-ups, and bug fixes.
See the full https://jsoup.org/news/release-1.14.1;>announcement for all the
details on what's changed.
jsoup 1.13.1
See the https://jsoup.org/news/release-1.13.1;>release
notes.
dependency
!-- jsoup HTML parser library @ https://jsoup.org/ --
groupIdorg.jsoup/groupId
artifactIdjsoup/artifactId
version1.13.1/version
/dependency
jsoup-1.12.2
No release notes provided.
Changelog
Sourced from https://github.com/jhy/jsoup/blob/master/CHANGES;>jsoup's
changelog.
jsoup changelog
Release 1.15.3 [2022-Aug-24]
Security: fixed an issue where the jsoup cleaner may incorrectly sanitize
crafted XSS attempts if
SafeList.preserveRelativeLinks is enabled.
https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369;>https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369
Improvement: the Cleaner will preserve the source position of cleaned
elements, if source tracking is enabled in the
original parse.
Improvement: the error messages output from Validate are more
descriptive. Exceptions are now ValidationExceptions
(extending IllegalArgumentException). Stack traces do not include the
Validate class, to make it simpler to see
where the exception originated. Common validation errors including malformed
URLs and empty selector results have
more explicit error messages.
Bugfix: the DataUtil would incorrectly read from InputStreams that
emitted reads less than the requested size. This
lead to incorrect results when parsing from chunked server responses, for
e.g.
https://github-redirect.dependabot.com/jhy/jsoup/issues/1807;>jhy/jsoup#1807
Build Improvement: added implementation version and related fields to the
jar manifest.
https://github-redirect.dependabot.com/jhy/jsoup/issues/1809;>jhy/jsoup#1809
*** Release 1.15.2 [2022-Jul-04]
Improvement: added the ability to track the position (line, column,
index) in the original input source from where
a given node was parsed. Accessible via Node.sourceRange() and
Element.endSourceRange().
https://github-redirect.dependabot.com/jhy/jsoup/pull/1790;>jhy/jsoup#1790
Improvement: added Element.firstElementChild(),
Element.lastElementChild(), Node.firstChild(), Node.lastChild(),
as convenient accessors to those child nodes and elements.
Improvement: added Element.expectFirst(cssQuery), which is just like
Element.selectFirst(), but instead of returning
a null if there is no match, will throw an IllegalArgumentException. This is
useful if you want to simply abort
processing if an expected match is not found.
Improvement: when pretty-printing HTML, doctypes are emitted on a newline
if there is a preceding comment.
https://github-redirect.dependabot.com/jhy/jsoup/pull/1664;>jhy/jsoup#1664
Improvement: when pretty-printing, trim the leading and trailing spaces
of textnodes in block tags when possible,
so that they are indented correctly.
https://github-redirect.dependabot.com/jhy/jsoup/issues/1798;>jhy/jsoup#1798
Improvement: in Element#selectXpath(), disable namespace awareness. This
makes it possible to always select