Sourced from json's releases.

v2.7.2

What's Changed

• Use rb_sym2str instead of SYM2ID by @​jhawthorn in flori/json#561
• Fix memory leak when exception is raised during JSON generation by @​peterzhu2118 in flori/json#574
• Remove references to "19" methods in JRuby by @​headius in flori/json#576
• Make OpenStruct support as optional by @​hsbt in flori/json#565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 by @​tompng in flori/json#577
• Warn to install ostruct if json couldn't load it by @​hsbt in flori/json#578

New Contributors

• @​mperham made their first contribution in flori/json#571
• @​peterzhu2118 made their first contribution in flori/json#574

Full Changelog: ruby/json@v2.7.1...v2.7.2

v2.7.1

What's Changed

Improved

• [DOC] RDoc for additions by @​BurdetteLamar in flori/json#557

Fixed

• JSON.dump: handle unenclosed hashes regression by @​casperisfine in flori/json#554
• Overload kwargs in JSON.dump by @​k0kubun in flori/json#556
• Fix JSON.dump overload combination by @​tompng in flori/json#558

Misc

• Remove needless encodings by @​hsbt in flori/json#559
• Unify versions by @​hsbt in flori/json#560

New Contributors

• @​k0kubun made their first contribution in flori/json#556
• @​tompng made their first contribution in flori/json#558

Full Changelog: ruby/json@v2.7.0...v2.7.1

v2.7.0

What's Changed

Improved

• Perf. improvements to Hash#to_json in pure implementation generator. by @​vipulnsward in flori/json#203
• Remove unnecessary initialization of create_id in JSON.parse() by @​Watson1978 in flori/json#454

Added

• Call super in included hook by @​paracycle in flori/json#486
• Rename escape_slash in script_safe and also escape E+2028 and E+2029 by @​casperisfine in flori/json#525
• Add a strict option to Generator by @​casperisfine in flori/json#519

... (truncated)

Sourced from json's changelog.

2024-04-04 (2.7.2)

• Use rb_sym2str instead of SYM2ID #561
• Fix memory leak when exception is raised during JSON generation #574
• Remove references to "19" methods in JRuby #576
• Make OpenStruct support as optional by @​hsbt in #565
• Autoload JSON::GenericObject to avoid require ostruct warning in Ruby 3.4 #577
• Warn to install ostruct if json couldn't load it by @​hsbt #578

2023-12-05 (2.7.1)

• JSON.dump: handle unenclosed hashes regression #554
• Overload kwargs in JSON.dump #556
• [DOC] RDoc for additions #557
• Fix JSON.dump overload combination #558

2023-12-01 (2.7.0)

• Add a strict option to Generator #519
• escape_slash option was renamed as script_safe and now also escape U+2028 and U+2029. escape_slash is now an alias of script_safe #525
• Remove unnecessary initialization of create_id in JSON.parse() #454
• Improvements to Hash#to_json in pure implementation generator #203
• Use ruby_xfree to free buffers #518
• Fix "unexpected token" offset for Infinity #507
• Avoid using deprecated BigDecimal.new on JRuby #546
• Removed code for Ruby 1.8 #540
• Rename JSON::ParseError to JSON:ParserError #530
• Call super in included hook #486
• JRuby requires a minimum of Java 8 #516
• Always indent even if empty #517

2022-11-30 (2.6.3)

• bugfix json/pure mixing escaped with literal unicode raises Encoding::CompatibilityError #483
• Stop including the parser source LINE in exceptions #470

2022-11-17 (2.6.2)

• Remove unknown keyword arg from DateTime.parse #488
• Ignore java artifacts by @​hsbt #489
• Fix parser bug for empty string allocation #496

2021-10-24 (2.6.1)

• Restore version.rb with 2.6.1

2021-10-14 (2.6.0)

• Use rb_enc_interned_str if available to reduce allocations in freeze: true mode. #451.
• Bump required_ruby_version to 2.3.

... (truncated)

• 036944a Bump up 2.7.2
• 5a1659d Merge pull request #578 from flori/warn-bundled-gems
• fff2859 Warn to install ostruct if json couldn't load it
• cdbcbd0 Merge pull request #577 from tompng/autoload_generic_object
• 84b7517 Merge pull request #576 from headius/no_19_jruby_methods
• b507f9e Autoload GenericObject to avoid require ostruct warning in Ruby 3.4
• a480682 Remove references to "19" methods in JRuby
• 35d435e Merge pull request #575 from flori/refine-ci
• 817d7b0 Exclude 2.3-2.5 on macos-14 iamge
• df33e8e Added JRuby 9.4
• Additional commits viewable in compare view

Sourced from addressable's changelog.

Addressable 2.8.6

• Memoize regexps for common character classes (#524)

#524: sporkmonger/addressable#524

Addressable 2.8.5

• Fix thread safety issue with encoding tables (#515)
• Define URI::NONE as a module to avoid serialization issues (#509)
• Fix YAML serialization (#508)

#508: sporkmonger/addressable#508 #509: sporkmonger/addressable#509 #515: sporkmonger/addressable#515

Addressable 2.8.4

• Restore Addressable::IDNA.unicode_normalize_kc as a deprecated method (#504)

#504: sporkmonger/addressable#504

Addressable 2.8.3

• Fix template expand level 2 hash support for non-string objects (#499, #498)

#499: sporkmonger/addressable#499 #498: sporkmonger/addressable#498

Addressable 2.8.2

• Improve cache hits and JIT friendliness (#486)
• Improve code style and test coverage (#482)
• Ensure reset of deferred validation (#481)
• Resolve normalization differences between IDNA::Native and IDNA::Pure (#408, #492)
• Remove redundant colon in Addressable::URI::CharacterClasses::AUTHORITY regex (#438) (accidentally reverted by #449 merge but added back in #492)

#492: sporkmonger/addressable#492

Addressable 2.8.1

• refactor Addressable::URI.normalize_path to address linter offenses (#430)
• update gemspec to reflect supported Ruby versions (#466, #464, #463)
• compatibility w/ public_suffix 5.x (#466, #465, #460)
• fixes "invalid byte sequence in UTF-8" exception when unencoding URLs containing non UTF-8 characters (#459)
• Ractor compatibility (#449)
• use the whole string instead of a single line for template match (#431)
• force UTF-8 encoding only if needed (#341)

#449: sporkmonger/addressable#449 #460: sporkmonger/addressable#460 #463: sporkmonger/addressable#463 #464: sporkmonger/addressable#464 #465: sporkmonger/addressable#465 #466: sporkmonger/addressable#466

... (truncated)

• 35a0f5c gemspec: more #freeze and rubygems_version bump (#526)
• 63ab40e Update version, gemspec, and CHANGELOG for 2.8.6 (#525)
• 20879a9 Memoize regexps for common character classes (#524)
• 60feb48 Link directly to versioned changelog from gemspec (#522)
• d3635cc Bump actions/checkout from 3 to 4 (#521)
• 7cd185e Update version, gemspec, and CHANGELOG for 2.8.5 (#518)
• a5a8514 Fix gemspec generation (#517)
• e01456b Fix thread safety issue with encoding tables (#515)
• cf2153e Allow ruby-head to fail (#516)
• b56cef3 Define URI::NONE as a module to avoid serialization issues (#509)
• Additional commits viewable in compare view

Sourced from ffi's changelog.

1.16.3 / 2023-10-04

Fixed:

• Fix gcc error when building on CentOS 7. #1052
• Avoid trying to store new DataConverter type in frozen TypeDefs hash. #1057

1.16.2 / 2023-09-25

Fixed:

• Handle null pointer crash after fork. #1051

1.16.1 / 2023-09-24

Fixed:

• Fix compiling the builtin libffi. #1049

1.16.0 / 2023-09-23

Fixed:

• Fix an issue with signed bitmasks when using flags on the most significant bit. #949
• Fix FFI::Pointer#initialize using NUM2LL instead of NUM2ULL.
• Fix FFI::Type#inspect to properly display the constant name. #1002
• Use libffi closure allocations on hppa-Linux. #1017 Previously they would segfault.
• Fix class name of Symbol#inspect.
• Fix MSVC support of libtest. #1028
• Fix attach_function of functions ending in ? or ! #971

Added:

• Convert all C-based classes to TypedData and use write barriers. #994, #995, #996, #997, #998, #999, #1000, #1001, #1003, #1004, #1005, #1006, #1007, #1008, #1009, #1010, #1011, #1012 This results in less pressure on the garbage collector, since the objects can be promoted to the old generation, which means they only get marked on major GC.
• Implement ObjectSpace.memsize_of() of all C-based classes.
• Make FFI Ractor compatible. #1023 Modules extended per extend FFI::Library need to be frozen in order to be used by non-main Ractors. This can be done by calling freeze below of all C interface definitions.
  • In a Ractor it's possible to:
    • load DLLs and call its functions, access its global variables
    • use builtin typedefs
    • use and modify ractor local typedefs
    • define callbacks
    • receive async callbacks from non-ruby threads
    • use frozen FFI::Library based modules with all attributes (enums, structs, typedefs, functions, callbacks)
    • invoke frozen functions and callbacks defined in the main Ractor

... (truncated)

• 6cef66d Bump VERSION to 1.16.3
• 87ca653 Update CHANGELOG for ffi-1.16.3
• a8f7d97 Update link in README.md [ci skip]
• 87ff960 Merge branch 'master' of github.com:ffi/ffi
• c97b825 Add examples from https://github.com/ffi/ffi/wiki/How-to-use-FFI-in-Ruby-Ractors
• c1ed9bc Add link to Ractor docs to README.md
• 13afd23 Merge pull request #1057 from mvz/avoid-frozen-typemap
• 6e29dc1 Avoid trying to store new DataConverter type in frozen TypeDefs hash
• bf21280 Prepare a CHANGELOG entry for ffi-1.16.3
• 683e18b Merge pull request #1053 from larskanis/fix-1052
• Additional commits viewable in compare view

Sourced from ffi's changelog.

1.16.3 / 2023-10-04

Fixed:

• Fix gcc error when building on CentOS 7. #1052
• Avoid trying to store new DataConverter type in frozen TypeDefs hash. #1057

1.16.2 / 2023-09-25

Fixed:

• Handle null pointer crash after fork. #1051

1.16.1 / 2023-09-24

Fixed:

• Fix compiling the builtin libffi. #1049

1.16.0 / 2023-09-23

Fixed:

• Fix an issue with signed bitmasks when using flags on the most significant bit. #949
• Fix FFI::Pointer#initialize using NUM2LL instead of NUM2ULL.
• Fix FFI::Type#inspect to properly display the constant name. #1002
• Use libffi closure allocations on hppa-Linux. #1017 Previously they would segfault.
• Fix class name of Symbol#inspect.
• Fix MSVC support of libtest. #1028
• Fix attach_function of functions ending in ? or ! #971

Added:

• Convert all C-based classes to TypedData and use write barriers. #994, #995, #996, #997, #998, #999, #1000, #1001, #1003, #1004, #1005, #1006, #1007, #1008, #1009, #1010, #1011, #1012 This results in less pressure on the garbage collector, since the objects can be promoted to the old generation, which means they only get marked on major GC.
• Implement ObjectSpace.memsize_of() of all C-based classes.
• Make FFI Ractor compatible. #1023 Modules extended per extend FFI::Library need to be frozen in order to be used by non-main Ractors. This can be done by calling freeze below of all C interface definitions.
  • In a Ractor it's possible to:
    • load DLLs and call its functions, access its global variables
    • use builtin typedefs
    • use and modify ractor local typedefs
    • define callbacks
    • receive async callbacks from non-ruby threads
    • use frozen FFI::Library based modules with all attributes (enums, structs, typedefs, functions, callbacks)
    • invoke frozen functions and callbacks defined in the main Ractor

... (truncated)

• 6cef66d Bump VERSION to 1.16.3
• 87ca653 Update CHANGELOG for ffi-1.16.3
• a8f7d97 Update link in README.md [ci skip]
• 87ff960 Merge branch 'master' of github.com:ffi/ffi
• c97b825 Add examples from https://github.com/ffi/ffi/wiki/How-to-use-FFI-in-Ruby-Ractors
• c1ed9bc Add link to Ractor docs to README.md
• 13afd23 Merge pull request #1057 from mvz/avoid-frozen-typemap
• 6e29dc1 Avoid trying to store new DataConverter type in frozen TypeDefs hash
• bf21280 Prepare a CHANGELOG entry for ffi-1.16.3
• 683e18b Merge pull request #1053 from larskanis/fix-1052
• Additional commits viewable in compare view

Sourced from puma's releases.

v3.12.1

v3.11.4

No release notes provided.

3.11.0 - Love Song

• 2 features:

  • HTTP 103 Early Hints (#1403)
  • 421/451 status codes now have correct status messages attached (#1435)

• 9 bugfixes:

  • Environment config files (/config/puma/.rb) load correctly (#1340)
  • Specify windows dependencies correctly (#1434, #1436)
  • puma/events required in test helper (#1418)
  • Correct control CLI's option help text (#1416)
  • Remove a warning for unused variable in mini_ssl (#1409)
  • Correct pumactl docs argument ordering (#1427)
  • Fix an uninitialized variable warning in server.rb (#1430)
  • Fix docs typo/error in Launcher init (#1429)
  • Deal with leading spaces in RUBYOPT (#1455)

• 2 other:

  • Add docs about internals (#1425, #1452)
  • Tons of test fixes from @​MSP-Greg (#1439, #1442, #1464)

3.10.0 - Russell's Teapot

• 3 features:

  • The status server has a new /gc and /gc-status command. (#1384)
  • The persistent and first data timeouts are now configurable (#1111)
  • Implemented RFC 2324 (#1392)

• 12 bugfixes:

  • Not really a Puma bug, but @​NickolasVashchenko created a gem to workaround a Ruby bug that some users of Puma may be experiencing. See README for more. (#1347)
  • Fix hangups with SSL and persistent connections. (#1334)
  • Fix Rails double-binding to a port (#1383)
  • Fix incorrect thread names (#1368)
  • Fix issues with /etc/hosts and JRuby where localhost addresses were not correct. (#1318)
  • Fix compatibility with RUBYOPT="--enable-frozen-string-literal" (#1376)
  • Fixed some compiler warnings (#1388)
  • We actually run the integration tests in CI now (#1390)
  • No longer shipping unnecessary directories in the gemfile (#1391)
  • If RUBYOPT is nil, we no longer blow up on restart. (#1385)
  • Correct response to SIGINT (#1377)
  • Proper exit code returned when we receive a TERM signal (#1337)

• 3 refactors:

... (truncated)

Sourced from puma's changelog.

4.3.4/4.3.5 and 3.12.5/3.12.6 / 2020-05-22

Each patchlevel release contains a separate security fix. We recommend simply upgrading to 4.3.5/3.12.6.

• Security
  • Fix: Fixed two separate HTTP smuggling vulnerabilities that used the Transfer-Encoding header. CVE-2020-11076 and CVE-2020-11077.

4.3.3 and 3.12.4 / 2020-02-28

• Bugfixes
  • Fix: Fixes a problem where we weren't splitting headers correctly on newlines (#2132)
• Security
  • Fix: Prevent HTTP Response splitting via CR in early hints. CVE-2020-5249.

4.3.2 and 3.12.3 / 2020-02-27 (YANKED)

• Security
  • Fix: Prevent HTTP Response splitting via CR/LF in header values. CVE-2020-5247.

4.3.1 and 3.12.2 / 2019-12-05

• Security
  • Fix: a poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack. CVE-2019-16770.

4.3.0 / 2019-11-07

• Features

  • Strip whitespace at end of HTTP headers (#2010)
  • Optimize HTTP parser for JRuby (#2012)
  • Add SSL support for the control app and cli (#2046, #2052)

• Bugfixes

  • Fix Errno::EINVAL when SSL is enabled and browser rejects cert (#1564)
  • Fix pumactl defaulting puma to development if an environment was not specified (#2035)
  • Fix closing file stream when reading pid from pidfile (#2048)
  • Fix a typo in configuration option --extra_runtime_dependencies (#2050)

4.2.1 / 2019-10-07

• 3 bugfixes
  • Fix socket activation of systemd (pre-existing) unix binder files (#1842, #1988)
  • Deal with multiple calls to bind correctly (#1986, #1994, #2006)
  • Accepts symbols for verify_mode (#1222)

4.2.0 / 2019-09-23

• 6 features
  • Pumactl has a new -e environment option and reads config/puma/<environment>.rb config files (#1885)
  • Semicolons are now allowed in URL paths (MRI only), useful for Angular or Redmine (#1934)
  • Allow extra dependencies to be defined when using prune_bundler (#1105)

... (truncated)

• 0a3c09a Adjust test to match real world value
• e503cce Bump version
• 089df07 Reduce ambiguity of headers
• 99b18e8 Bump version
• 87e7fe4 Better handle client input
• f809e6b Add missing server_run
• 87fc7d7 3.12.4
• e79a5b2 HTTP Injection - fix bug + 1 more vector (#2136)
• 2ff978f 3.12.3
• 3a2b918 Test backport
• Additional commits viewable in compare view

Sourced from globalid's releases.

v0.4.2

• Allow configuration in initialisers rails/globalid@3c8f909

• Clear to_global_id memoization on dup rails/globalid#109

• Adds hash equality rails/globalid#108

Commits: rails/globalid@v0.4.1...v0.4.2

0.4.1

• Fix occasional error while trying to deserialize arguments: "uninitialized constant GlobalID::Locator"

  Yuji Yaginuma (#102)

v0.4.0

• Generate URL-safe SGIDs by default.

  Goerge Claghorn (#98)

• Bump Rails support to 4.2 and above.

  #98 required the ActiveSupport::MessageVerifier from Active Support 4.2 to work.

  Kasper Timm Hansen

v0.3.7

• Verify instances of SignedGlobalID when locating them.

  y-yagi

• c98b809 Ignore pkg directory for releasing.
• ae7d97b Release 0.4.2
• c76b027 Test against latest Rubies
• 6fae2d6 Merge pull request #113 from y-yagi/test_against_rails_52
• b4139ef Specify Rails env in a test of secret_key_base is not present
• e3cf5cd Use secret_key_base instead of deprecated secret_token
• 16f47ac Test against Rails 5.2
• 3c8f909 Allow configuration in initializers
• d2a0ece Fix typo
• 288ac24 Merge pull request #108 from fattymiller/uniq-equality
• Additional commits viewable in compare view

Sourced from i18n's releases.

v0.9.5

• #404 reported a regression in 0.9.3, which wasn't fixed by 0.9.4. #408 fixes this issue.

Thanks @​wjordan!

v0.9.4

• Fixed a regression with chained backends introduced in v0.9.3 (#402) - #405 - bug report / #407 - PR to fix
• Optimize Backend::Simple#available_locales - reports are that this is now 4x faster than previously - #406

v0.9.3

(For those wondering where v0.9.2 went: I got busy after I pushed the commit for the release, so there was no gem release that day. I am not busy today, so here is v0.9.3 in its stead. This changelog contains changes from v0.9.1 -> v0.9.3)

• I18n no longer stores translations for unavailable locales. #391.
• Added the ability to interpolate with arrays #395.
• Documentation for lambda has been corrected. #396
• I18n will use oj -- a faster JSON library -- but only if it is available. #398
• Fixed an issue with translate and default: [false] as an option. #399
• Fixed an issue with translate with nil and empty keys. #400
• Fix issue with disabled subtrees and pluralization for KeyValue backend #402

Thank you to @​stereobooster, @​fatkodima and @​lulalala for the patches that went towards this release. We appreciate your efforts!

v0.9.1

• Reverted Hash#slice behaviour introduced with #250 - See #390.
• Fixed a regression caused by #387, where translations may have returned a not-helpful error message - See #389

v0.9.0

• Made Backend::Memoize threadsafe. See #51 and #352.
• Added a middleware I18n::Middleware that should be used to ensure that i18n config is reset correctly between requests. See #381 and #382.

v0.8.6

Fixed a small regression introduced in v0.8.5 when using fallbacks - See #378

v0.8.5

• Improved error message for MissingPluralizationKey error - See #371
• Fixed a thread issue when calling translate when fallbacks were enabled - See #369

v0.8.4

Reverted #236 - "Don't allow nil to be submitted as a key to I18n.translate" - See #370

v0.8.3

I18n::Gettext#plural_keys will now return a hash from Gettext if no arguments are provided - svenfuchs/i18n#122 Fixed a bug where passing false to translate would not translate that value - svenfuchs/i18n#367

v0.8.2

Do not allow nil to be passed to translate - svenfuchs/i18n#236

... (truncated)

• 416859a Bump to 0.9.5
• 5c28de8 Lock Rake to 12.2.x versions
• 29fe565 Merge pull request #408 from wjordan/enforce_available_locales_false_fix
• 596a71d store translations for unavailable locales if enforce_available_locales is false
• 888abcb Bump to 0.9.4
• ba8b206 Merge pull request #407 from fatkodima/fix-key-value-subtrees
• 9ddc9f5 Merge pull request #406 from jhawthorn/optimize_available_locales
• 77c26aa Fix Chained backend with KeyValue
• 7eb3576 Optimize Backend::Simple#available_locales
• 7c6ccf4 Bump to 0.9.3
• Additional commits viewable in compare view

Sourced from loofah's releases.

2.22.0 / 2023-11-13

Added

• A :targetblank HTML scrubber which ensures all hyperlinks have target="_blank". #275 @​stefannibrasil and @​thdaraujo
• A :noreferrer HTML scrubber which ensures all hyperlinks have rel=noreferrer, similar to the :nofollow and :noopener scrubbers. #277 @​wynksaiddestroy

2.21.4 / 2023-10-10

Fixed

• Loofah::HTML5::Scrub.scrub_css is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, .scrub_css no longer inserts whitespace between tokens that did not already have whitespace between them. [#273, fixes #271]

2.21.3 / 2023-05-15

• Quash "instance variable not initialized" warning in Ruby < 3.0. [#268] (Thanks, @​dharamgollapudi!)

2.21.2 / 2023-05-11

Dependencies

• Update the dependency on Nokogiri to be >= 1.12.0. The dependency in 2.21.0 and 2.21.1 was left at >= 1.5.9 but versions before 1.12 would result in a NameError exception. [#266]

2.21.1 / 2023-05-10

Fixed

• Don't define HTML5::Document and HTML5::DocumentFragment when Nokogiri is < 1.14. In 2.21.0 these classes were defined whenever Nokogiri::HTML5 was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly.

2.21.0 / 2023-05-10

HTML5 Support

Classes Loofah::HTML5::Document and Loofah::HTML5::DocumentFragment are introduced, along with helper methods:

• Loofah.html5_document
• Loofah.html5_fragment
• Loofah.scrub_html5_document
• Loofah.scrub_html5_fragment

These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used.

⚠ HTML5 functionality is only available with Nokogiri v1.14.0 and higher.

... (truncated)

Sourced from loofah's changelog.

2.22.0 / 2023-11-13

Added

• A :targetblank HTML scrubber which ensures all hyperlinks have target="_blank". #275 @​stefannibrasil and @​thdaraujo
• A :noreferrer HTML scrubber which ensures all hyperlinks have rel=noreferrer, similar to the :nofollow and :noopener scrubbers. #277 @​wynksaiddestroy

2.21.4 / 2023-10-10

Fixed

• Loofah::HTML5::Scrub.scrub_css is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, .scrub_css no longer inserts whitespace between tokens that did not already have whitespace between them. [#273, fixes #271]

2.21.3 / 2023-05-15

Fixed

• Quash "instance variable not initialized" warning in Ruby < 3.0. [#268] (Thanks, @​dharamgollapudi!)

2.21.2 / 2023-05-11

Dependencies

• Update the dependency on Nokogiri to be >= 1.12.0. The dependency in 2.21.0 and 2.21.1 was left at >= 1.5.9 but versions before 1.12 would result in a NameError exception. [#266]

2.21.1 / 2023-05-10

Fixed

• Don't define HTML5::Document and HTML5::DocumentFragment when Nokogiri is < 1.14. In 2.21.0 these classes were defined whenever Nokogiri::HTML5 was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly.

2.21.0 / 2023-05-10

HTML5 Support

Classes Loofah::HTML5::Document and Loofah::HTML5::DocumentFragment are introduced, along with helper methods:

• Loofah.html5_document
• Loofah.html5_fragment
• Loofah.scrub_html5_document
• Loofah.scrub_html5_fragment

These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used.

⚠ HTML5 functionality is only available with Nokogiri v1.14.0 and higher.

... (truncated)

• cb14ea7 version bump to v2.22.0
• 64e0a26 update CHANGELOG
• c5cfb80 Merge pull request #277 from wynksaiddestroy/feature/noreferrer_scrubber
• 4ad2e13 Add noreferrer scrubber
• 5345bb7 Merge pull request #275 from hexdevs/add-target-blank-scrub
• 09e11ad feat: adds :targetblank scrubber
• 992b054 version bump to v2.21.4
• 5d9a22f Merge pull request #273 from flavorjones/flavorjones-css-whitespace-handling
• 876116e fix: scrub_css is more consistent with whitespace
• edde5f2 Merge pull request #274 from flavorjones/flavorjones-bump-hoe-markdown
• Additional commits viewable in compare view

Sourced from nokogiri's releases.

v1.16.5 / 2024-05-13

Security

• [CRuby] Vendored libxml2 is updated to address CVE-2024-34459. See GHSA-r95h-9x8f-r3f7 for more information.

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.12.7 from v2.12.6. (@​flavorjones)

---

sha256 checksums:

af0f44fa3e664dfb2aa10de8b551447d720c1e8d1f0aa3f35783dcc43e40a874  nokogiri-1.16.5-aarch64-linux.gem
23dc2357b26409a5c33b7e32a82902f0e9995305420f16d1a03ab3ea1a482fec  nokogiri-1.16.5-arm-linux.gem
950d037530edb49f75ad35de0b8038b970a7dda57e2b6326895b0e49fadf6214  nokogiri-1.16.5-arm6...
Description has been truncated