Log message:
ruby-nokogiri: update to 1.13.1.

Upstream changes:
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.1

1.13.1 / 2022-01-13

Fixed

  * Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an
    exception when non-string stylesheet parameters were passed. Non-string
    parameters (e.g., integers and symbols) are now explicitly supported and
    both keys and values will be stringified with #to_s. [#2418]
  * Fix HTML5 CSS selector query regression in v1.13.0 that raised an
    Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into
    the CSS query. Although this mash-up of XPath and CSS syntax previously
    worked unintentionally, it is now an officially supported feature and is
    documented as such. [#2419]

Log message:
ruby-nokogiri: update to 1.13.0.

Upstream changes:
 https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.0

1.13.0 / 2022-01-06

Notes

Ruby

This release introduces native gem support for Ruby 3.1. Please note that
Windows users should use the x64-mingw-ucrt platform gem for Ruby 3.1, and
x64-mingw32 for Ruby 2.6-3.0 (see RubyInstaller 3.1.0 release notes).

This release ends support for:

  * Ruby 2.5, for which official support ended 2021-03-31.
  * JRuby 9.2, which is a Ruby 2.5-compatible release.

Faster, more reliable installation: Native Gem for ARM64 Linux

This version of Nokogiri ships experimental native gem support for the
aarch64-linux platform, which should support AWS Graviton and other ARM Linux
platforms. We don't yet have CI running for this platform, and so we're
interested in hearing back from y'all whether this is working, and what
problems you're seeing. Please send us feedback here: Feedback: Have you used
the aarch64-linux native gem?

Publishing

This version of Nokogiri opts-in to the "MFA required to publish" \ 
setting on
Rubygems.org. This and all future Nokogiri gem files must be published to
Rubygems by an account with multi-factor authentication enabled. This should
provide some additional protection against supply-chain attacks.

A related discussion about Trust exists at #2357 in which I invite you to
participate if you have feelings or opinions on this topic.

Dependencies

  * [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (Note that libiconv
    is only redistributed in the native windows and native darwin gems, see
    LICENSE-DEPENDENCIES.md for more information.) [#2206]
  * [CRuby] Upgrade mini_portile2 dependency from ~> 2.6.1 to ~> 2.7.0. \ 
("ruby"
    platform gem only.)

Improved

  * {XML,HTML4}::DocumentFragment constructors all now take an optional parse
    options parameter or block (similar to Document constructors). [#1692]
    (Thanks, @JackMc!)
  * Nokogiri::CSS.xpath_for allows an XPathVisitor to be injected, for
    finer-grained control over how CSS queries are translated into XPath.
  * [CRuby] XML::Reader#encoding will return the encoding detected by the
    parser when it's not passed to the constructor. [#980]
  * [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG.
    (Thanks to tehryanx for reporting!)
  * [CRuby] Node#line is no longer capped at 65535. libxml v2.9.0 and later
    support a new parse option, exposed as
    Nokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default
    in ParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA} (Note that JRuby already
    supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533]
  * [CRuby] If a cycle is introduced when reparenting a node (i.e., the node
    becomes its own ancestor), a RuntimeError is raised. libxml2 does no
    checking for this, which means cycles would otherwise result in infinite
    loops on subsequent operations. (Note that JRuby already did this.) [#1912]
  * [CRuby] Source builds will download zlib and libiconv via HTTPS. \ 
("ruby"
    platform gem only.) [#2391] (Thanks, @jmartin-r7!)
  * [JRuby] Node#line behavior has been modified to return the line number of
    the node in the final DOM structure. This behavior is different from CRuby,
    which returns the node's position in the input string. Ideally the two
    implementations would be the same, but at least is now officially
    documented and tested. The real-world impact of this change is that the
    value returned in JRuby is greater by 1 to account for the XML prolog in
    the output. [#2380] (Thanks, @dabdine!)

Fixed

  * CSS queries on HTML5 documents now correctly match foreign elements (SVG,
    MathML) when namespaces are not specified in the query. [#2376]
  * XML::Builder blocks restore context properly when exceptions are raised.
    [#2372] (Thanks, @ric2b and @rinthedev!)
  * The Nokogiri::CSS::Parser cache now uses the XPathVisitor configuration as
    part of the cache key, preventing incorrect cache results from being
    returned when multiple XPathVisitor options are being used.
  * Error recovery from in-context parsing (e.g., Node#parse) now always uses
    the correct DocumentFragment class. Previously
    Nokogiri::HTML4::DocumentFragment was always used, even for XML documents.
    [#1158]
  * DocumentFragment#> now works properly, matching a CSS selector against only
    the fragment roots. [#1857]
  * XML::DocumentFragment#errors now correctly contains any parsing errors
    encountered. Previously this was always empty. (Note that
    HTML::DocumentFragment#errors already did this.)
  * [CRuby] Fix memory leak in Document#canonicalize when inclusive namespaces
    are passed in. [#2345]
  * [CRuby] Fix memory leak in Document#canonicalize when an argument type
    error is raised. [#2345]
  * [CRuby] Fix memory leak in EncodingHandler where iconv handlers were not
    being cleaned up. [#2345]
  * [CRuby] Fix memory leak in XPath custom handlers where string arguments
    were not being cleaned up. [#2345]
  * [CRuby] Fix memory leak in Reader#base_uri where the string returned by
    libxml2 was not freed. [#2347]
  * [JRuby] Deleting a Namespace from a NodeSet no longer modifies the href to
    be the default namespace URL.
  * [JRuby] Fix XHTML formatting of closing tags for non-container elements.
    [#2355]

Deprecated

  * Passing a Nokogiri::XML::Node as the second parameter to Node.new is
    deprecated and will generate a warning. This parameter should be a kind of
    Nokogiri::XML::Document. This will become an error in a future version of
    Nokogiri. [#975]
  * Nokogiri::CSS::Parser, Nokogiri::CSS::Tokenizer, and Nokogiri::CSS::Node
    are now internal-only APIs that are no longer documented, and should not be
    considered stable. With the introduction of XPathVisitor injection into
    Nokogiri::CSS.xpath_for there should be no reason to rely on these internal
    APIs.
  * CSS-to-XPath utility classes Nokogiri::CSS::XPathVisitorAlwaysUseBuiltins
    and XPathVisitorOptimallyUseBuiltins are deprecated. Prefer
    Nokogiri::CSS::XPathVisitor with appropriate constructor arguments. These
    classes will be removed in a future version of Nokogiri.

Log message:
textproc/ruby-nokogiri: reduce dependency

Depends on devel/ruby-racc only on ruby26 since Ruby 2.7 and later contains
racc as bundled gem.

Bump PKGREVISION.

Log message:
revbump for icu and libffi

Log message:
textproc: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./textproc/convertlit/distinfo clit18src.zip

Log message:
textproc: Remove SHA1 hashes for distfiles

Log message:
ruby-nokogiri: update to 1.12.5.

Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.12.5

1.12.5 / 2021-09-27

Security

[JRuby] Address CVE-2021-41098 (GHSA-2rr5-8q37-2w7h).

In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parsers resolve
external entities (XXE) by default. This fix turns off
entity-resolution-by-default in the JRuby SAX parsers to match the CRuby SAX
parsers' behavior.

CRuby users are not affected by this CVE.

Fixed

  * [CRuby] Document#to_xhtml properly serializes self-closing tags in libxml >
    2.9.10. A behavior change introduced in libxml 2.9.11 resulted in emitting
    start and and tags (e.g., <br></br>) instead of a self-closing \ 
tag (e.g.,
    <br/>) in previous Nokogiri versions. [#2324]

Log message:
ruby-nokogiri: Work around ARFLAGS bug on SunOS.

This can be removed once bootstrap-mk-files is fixed after the freeze and when
it's likely that most users have switched to a newer bootstrap.

Log message:
textproc/ruby-nokogiri: fix dependency

Allow depending to misc/ruby-mini_portile2 2.7.0 and later.

* Override gemspec.
* There is dependency to mini_portile2 in ext/nokogiri/extconf.rb.  :(

No PKGREVISION bump since this change fix broken package.

Log message:
ruby-nokogiri: update to 1.12.4.

Upstream changes
https://github.com/sparklemotion/nokogiri/releases/tag/v1.12.4

1.12.4 / 2021-08-29

Notable fix: Namespace inheritance

Namespace behavior when reparenting nodes has historically been poorly
specified and the behavior diverged between CRuby and JRuby. As a result,
making this behavior consistent in v1.12.0 introduced a breaking change.

This patch release reverts the Builder behavior present in v1.12.0..v1.12.3 but
keeps the Document behavior. This release also introduces a Document attribute
to allow affected users to easily change this behavior for their legacy code
without invasive changes.

Compensating Feature in XML::Document

This release of Nokogiri introduces a new Document boolean attribute,
namespace_inheritance, which controls whether children should inherit a
namespace when they are reparented. Nokogiri::XML:Document defaults this
attribute to false meaning "do not inherit," thereby making explicit the
behavior change introduced in v1.12.0.

CRuby users who desire the pre-v1.12.0 behavior may set
document.namespace_inheritance = true before reparenting nodes.

See https://nokogiri.org/rdoc/Nokogiri/XML/Document.html#
namespace_inheritance-instance_method for example usage.

Fix for XML::Builder

However, recognizing that we want Builder-created children to inherit
namespaces, Builder now will set namespace_inheritance=true on the underlying
document for both JRuby and CRuby. This means that, on CRuby, the pre-v1.12.0
behavior is restored.

Users who want to turn this behavior off may pass a keyword argument to the
Builder constructor like so:

Nokogiri::XML::Builder.new(namespace_inheritance: false)

See https://nokogiri.org/rdoc/Nokogiri/XML/Builder.html#
label-Namespace+inheritance for example usage.

Downstream gem maintainers

Note that any downstream gems may want to specifically omit Nokogiri
v1.12.0--v1.12.3 from their dependency specification if they rely on child
namespace inheritance:

Gem::Specification.new do |gem|
  # ...
  gem.add_runtime_dependency 'nokogiri', '!=1.12.3', '!=1.12.2', '!=1.12.1', \ 
'!=1.12.0'
  # ...
end

Fixed

  * [JRuby] Fix NPE in Schema parsing when an imported resource doesn't have a
    systemId. [#2296] (Thanks, @pepijnve!)