chore(deps): bump the dependencies group across 1 directory with 4 updates

[dependabot]

Updates the requirements on rdoc, rexml, minitest and nokogiri to permit the latest version.
Updates rdoc from 6.7.0 to 6.12.0

Release notes

Sourced from rdoc's releases.

v6.12.0

What's Changed

✨ Enhancements

• Display main page's Table of Contents when viewed from the index page by @​st0012 in ruby/rdoc#1250

🐛 Bug Fixes

• Stop accepting Document objects as CodeObject#comment by @​tompng in ruby/rdoc#1210
• Reduce document difference between RDoc::Parser::Ruby and RDoc::Parser::PrismRuby by @​tompng in ruby/rdoc#1284

🛠 Other Changes

• Bump ruby/setup-ruby from 1.207.0 to 1.213.0 by @​dependabot in ruby/rdoc#1280
• Bump step-security/harden-runner from 2.10.3 to 2.10.4 by @​dependabot in ruby/rdoc#1279
• Update ruby-core workflow to just generate documentation by @​st0012 in ruby/rdoc#1278
• Add a build:local_ruby task to simplify local testing flow by @​st0012 in ruby/rdoc#1281
• Bump ruby/setup-ruby from 1.213.0 to 1.214.0 by @​dependabot in ruby/rdoc#1283
• Remove unnecessary file_name parameter from Parser#initialize by @​st0012 in ruby/rdoc#1146
• Bump ruby/setup-ruby from 1.214.0 to 1.215.0 by @​dependabot in ruby/rdoc#1285

Full Changelog: ruby/rdoc@v6.11.0...v6.12.0

v6.11.0

What's Changed

✨ Enhancements

• Add autolink_excluded_words option to ignore cross-references by @​st0012 in ruby/rdoc#1259
• Enable warn_missing_rdoc_ref by default by @​st0012 in ruby/rdoc#1275

🐛 Bug Fixes

• Introduce apply_default_exclude config to separate default and user excluding patterns by @​nobu in ruby/rdoc#1251
• Fix prism_ruby superclass resolve order by @​tompng in ruby/rdoc#1267
• Add missing RDoc::RubygemsHook API for gem server by @​mterada1228 in ruby/rdoc#1270
• Finalize RDoc::Options before calling RDoc::RDoc#parse_files by @​rhenium in ruby/rdoc#1274

📚 Documentation

• Documentation for #1240 by @​nobu in ruby/rdoc#1263
• [DOC] Stop autolinking the word "RDoc" by @​nobu in ruby/rdoc#1266
• [DOC] Ignore racc-generated files by @​nobu in ruby/rdoc#1265
• [DOC] Remove unnecessary rdoc-ref missing example by @​st0012 in ruby/rdoc#1271

🛠 Other Changes

• Bump rubygems/release-gem from 1.1.0 to 1.1.1 by @​dependabot in ruby/rdoc#1253
• Merge commit from ruby/ruby HEAD by @​hsbt in ruby/rdoc#1255
• Exclude latest windows & Ruby 3.4 on CI by @​st0012 in ruby/rdoc#1260
• Bump ruby/setup-ruby from 1.204.0 to 1.206.0 by @​dependabot in ruby/rdoc#1262
• Bump ruby/setup-ruby from 1.206.0 to 1.207.0 by @​dependabot in ruby/rdoc#1273
• Run ruby/ruby doc generation on CI by @​st0012 in ruby/rdoc#1272
• Bump step-security/harden-runner from 2.10.2 to 2.10.3 by @​dependabot in ruby/rdoc#1276
• CI: test.yml - Windows - add mswin, remove 3.4 exclude by @​MSP-Greg in ruby/rdoc#1277

Full Changelog: ruby/rdoc@v6.10.0...v6.11.0

... (truncated)

Commits

• ab27fe9 Bump version to v6.12.0
• 14a7631 Merge pull request #1285 from ruby/dependabot/github_actions/ruby/setup-ruby-...
• e12b93f Bump ruby/setup-ruby from 1.214.0 to 1.215.0
• eb85efb Merge pull request #1284 from tompng/prismruby_compatibility
• de96607 pend→omit test that RDoc::Parser::Ruby has a bug or does not support
• 2973d9d Support :nodoc: on method definition parameter end line
• 0299ae1 Fix superclass override when class Object is documented
• 25f1df9 Fix wrong test for class defined inside singleton class
• c5d96a8 Accept "new" and "initialize" method both documented
• 69bb46d Reject documenting def inside block
• Additional commits viewable in compare view

Updates rexml from 3.3.9 to 3.4.1

Release notes

Sourced from rexml's releases.

REXML 3.4.1 - 2025-02-16

Improvement

• Improved performance.
  • GH-226
  • GH-227
  • GH-237
  • Patch by NAITOH Jun

Fixes

• Fix serialization of ATTLIST is incorrect
  • GH-233
  • GH-234
  • Patch by OlofKalufs
  • Reported by OlofKalufs

Thanks

• NAITOH Jun

• OlofKalufs

REXML 3.4.0 - 2024-12-15

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

... (truncated)

Changelog

Sourced from rexml's changelog.

3.4.1 - 2025-02-16 {#version-3-4-1}

Improvement

• Improved performance.
  • GH-226
  • GH-227
  • GH-237
  • Patch by NAITOH Jun

Fixes

• Fix serialization of ATTLIST is incorrect
  • GH-233
  • GH-234
  • Patch by OlofKalufs
  • Reported by OlofKalufs

Thanks

• NAITOH Jun

• OlofKalufs

3.4.0 - 2024-12-15 {#version-3-4-0}

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

... (truncated)

Commits

• bfb37e9 Add 3.4.1 entry (#239)
• 67d21be Reduced regular expression processing in the form of processing white space f...
• f63c510 Changed benchmark target to Ruby latest (#236)
• 107e273 Fix serialization of ATTLIST is incorrect (#234)
• a4bf93a Added rdoc as a development dependency (for Ruby 3.5+) (#235)
• b70388c Use StringScanner#peek_byte to get double or single quotation mark (#227)
• bb0bedd Optimize IOSource#read_until method by using `StringScanner#check_until(str...
• a1d875b Bump version
• 19d8ebf Add 3.4.0 entry
• dfc7753 release: use Trusted Publishing
• Additional commits viewable in compare view

Updates minitest from 5.25.1 to 5.25.4

Changelog

Sourced from minitest's changelog.

=== 5.25.4 / 2024-12-03

• 1 bug fix:

  • Fix for must_verify definition if only requiring minitest/mock (but why?).

=== 5.25.3 / 2024-12-03

• 5 bug fixes:

  • Fixed assert_mock to fail instead of raise on unmet mock expectations.
  • Fixed assert_mock to take an optional message argument.
  • Fixed formatting of unmet mock expectation messages.
  • Fixed missing must_verify expectation to match assert_mock.
  • minitest/pride: Fixed to use true colors with *-direct terminals (bk2204)

=== 5.25.2 / 2024-11-21

• 4 bug fixes:

  • Include class name in spec name. (thomasmarshall)
  • Fixed 'redefining object_id' warning from ruby 3.4. (mattbrictson)
  • Minitest top-level namespace no longer includes entire contents of README.rdoc. Too much!
  • Refactored spec's describe to more cleanly determine the superclass and name

Commits

• d84437f prepped for release
• 51cfac5 - Fix for must_verify definition if only requiring minitest/mock (but why?).
• 704d310 prepped for release
• 2d542ff - Fixed formatting of unmet mock expectation messages.
• 212de90 - minitest/pride: Fixed to use true colors with *-direct terminals (bk2204)
• d1b5451 prepped for release
• 3d54995 + Include class name in spec name. (thomasmarshall)
• b3cab87 - Refactored spec's describe to more cleanly determine the superclass and name
• 3214429 - Fixed 'redefining object_id' warning from ruby 3.4. (mattbrictson)
• e4417c5 Changed some reporter tests to use FakeTest instead of loading up Runnable w/...
• Additional commits viewable in compare view

Updates nokogiri from 1.16.7 to 1.17.2

Release notes

Sourced from nokogiri's releases.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

585c8cac6380848b7973bacfd0584628d116810e5f209db25e22d0c32313e681  nokogiri-1.17.2-aarch64-linux.gem
0c5eb06ba1c112d33c2bb29973b07e2f21c4ddb66c67c9386fd97ff1c5d84686  nokogiri-1.17.2-arm64-darwin.gem
3d033ad9b09d5b8a203f0f2156053e93a9327a9c7887c0ceb9fa78c71d27280d  nokogiri-1.17.2-arm-linux.gem
75825401f59b1a8746ee8ce5d066c8f11e745642e36a4452e206730b03d1fd8c  nokogiri-1.17.2.gem
ffe1fc1353f831793260b3023f575b4ed2e6144404947c57ad37ad932f9adb94  nokogiri-1.17.2-java.gem
da29e3d6add44bfc0bec8b9d4c7c660b38c7fc16ef505313839e07c3358d1059  nokogiri-1.17.2-x64-mingw32.gem
2bb710109d52f1209ea013c1f9603cd24271a9f22d387c0c45fced62945b4a30  nokogiri-1.17.2-x64-mingw-ucrt.gem
dc5977eb3416e1d501b22b0ed4737bf7604121491405865b887975eacfb3e896  nokogiri-1.17.2-x86_64-darwin.gem
e8614ae8d776bd9adb535ca814375e7ae05d7cfa6aa01909e561484f6d70be0b  nokogiri-1.17.2-x86_64-linux.gem
8c4dd75e35810bdeb7c74943f383ca665baf6aed8fc2b78c1d305094a72794aa  nokogiri-1.17.2-x86-linux.gem
9038e8b59e2eb48feb18f0efb093bd21a19d0eb17eed822a155b2a6860381702  nokogiri-1.17.2-x86-mingw32.gem

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

b3fce09bddfab61ae587f83af97bf0d0834352bcd23ad99831f2993d978627bd  nokogiri-1.17.1-aarch64-linux.gem
0e79badf832783e81439c3211562ed904a5c8eaaa0038c8fdfdb3778e873f3d0  nokogiri-1.17.1-arm64-darwin.gem
b8e9909ff893b257a58066e6bfc39456be18b87f4af1e22ca18d7c0dbc9925e5  nokogiri-1.17.1-arm-linux.gem
910fe0f194db99677f7ddb21b19a1d071ceffc4a0e39d44c08736d9b1e558cfc  nokogiri-1.17.1.gem
baf2cf6785f83c8cb3cdc427d0eb8b7f91d76748bfeb6c2612ce639e82c1ecee  nokogiri-1.17.1-java.gem
601a8bca523bf2b1a576c728ad4901c57263d0c29e4f9e6d2abe654c6a929841  nokogiri-1.17.1-x64-mingw32.gem
299ab9cd2c4ce882112e79fc31f82915920cb3e54ba526287e86d9a5fbfafebe  nokogiri-1.17.1-x64-mingw-ucrt.gem
94bcacacd123379229a8ece0d31c38af36d0ef6f86f399d5813be5ca0f566c88  nokogiri-1.17.1-x86_64-darwin.gem
2234250605b03433747e8d21de947b38b79f33a4280930e58bec179fd95d415d  nokogiri-1.17.1-x86_64-linux.gem
d09565316ffc8f8bb522bd6d1b460dec2a57d23d6e479c2d0d49d9ccbb11076c  nokogiri-1.17.1-x86-linux.gem
8f720dd62bf5d3791aa67f933085be5d2a2ab06afc120d4f210f40a5d184fafb  nokogiri-1.17.1-x86-mingw32.gem

... (truncated)

Changelog

Sourced from nokogiri's changelog.

v1.17.2 / 2024-12-12

Fixed

• [JRuby] Fixed an issue where Node#dup when called with the new_parent_doc parameter was not decorating the node with the document's Node decorators. #3372 @​flavorjones

v1.17.1 / 2024-12-10

Fixed

• Fixed a potential segfault when using Node#dup and DocumentFragment#dup. #3359 @​byroot @​flavorjones
• Node#dup and Node#clone now correctly decorate the new node with the document's Node decorators. #3363 @​flavorjones

v1.17.0 / 2024-12-08

Dependencies

• [CRuby] Vendored libxml2 is updated to v2.13.5. @​flavorjones
• [CRuby] Vendored libxslt is updated to v1.1.42. @​flavorjones
• [CRuby] Minimum supported version of libxml2 raised to v2.9.2 (released 2014-10-16) from v2.6.21. [#3232, #3287] @​flavorjones
• [JRuby] Minimum supported version of Java raised to 8 (released 2014-03-18) from 7. #3134 @​flavorjones
• [CRuby] Update to rake-compiler-dock v1.5.1 for building precompiled native gems. #3216 @​flavorjones

Notable changes

SAX Parsers

The XML and HTML4 SAX parsers have received a lot of attention in this release, and we've fixed multiple long-standing bugs with encoding and entity handling. In addition, libxml2 v2.13 has also made some underlying fixes and improvements to encoding and entity handling.

We're shipping these fixes in a minor release because we firmly believe the resulting behavior is correct and standards-compliant, however applications that have been depending on the buggy behavior may be impacted.

If your application relies on the SAX parsers, and in particular if you're SAX-parsing documents with parsed entities or incorrect encoding declarations, please read the changelog below carefully.

Fragment parsing

Document fragment parsing has been improved, particularly with respect to handling malformed fragments or fragments with implicit namespace prefixes. Namespace reconciliation still isn't where we want it to be, but it's an improvement.

HTML5 fragment parsing now allows the context node to be specified as a context: keyword argument to the HTML5::DocumentFragment.parse and .new methods, which should allow for more flexible sanitization and future support for the draft HTML Sanitizer API in downstream libraries.

Error handling

In scenarios where multiple errors could be reported by the underlying parser, the errors will be aggregated into a single Nokogiri::XML::SyntaxError that is raised. Previously only the final error reported by libxml2 was raised (which was often misleading if it was only a warning and not the fatal error).

Schema validation

... (truncated)

Commits

• 35ec8c5 version bump to v1.17.2
• ffaa44c fix(jruby): XML::DocumentFragment.dup to another document (v1.17.x) (#3373)
• 8bd6c6d fix(jruby): XML::DocumentFragment.dup to another document
• e4bae8a version bump to v1.17.1
• 12244fe fix: Node#dup adds the new node to the document's node cache (backport to v1....
• 7bf2fc1 fix: Node#dup adds the new node to the document's node cache
• 765754c doc: update CHANGELOG bullet lists to render with mkdocs
• 076d647 doc: extract older changelog entries into misc/CHANGELOG-archive.md
• c7b75ef version bump to v1.17.0
• e8e8ffe Nokogiri::XSLT() uses parameter forwarding (#3356)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions