From cc1340663fd41c833b08fa0139310ee166bbf1a7 Mon Sep 17 00:00:00 2001 From: Josh Soref Date: Sun, 6 Jun 2021 19:53:25 -0400 Subject: [PATCH 01/35] spelling: exclude Signed-off-by: Josh Soref --- test/markups/README.org | 2 +- test/markups/README.org.html | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/markups/README.org b/test/markups/README.org index dded60e3..0eca800a 100644 --- a/test/markups/README.org +++ b/test/markups/README.org @@ -58,7 +58,7 @@ end - Skipping text before the first headline (option skip:t) - Skipping tables (option |:nil) - Custom todo keywords - - EXPORT_SELECT_TAGS and EXPORT_EXLUDE_TAGS for controlling parts of + - EXPORT_SELECT_TAGS and EXPORT_EXCLUDE_TAGS for controlling parts of the tree to export - Rewrite "file:(blah).org" links to "http:(blah).html" links. This makes the inter-links to other org-mode files work. diff --git a/test/markups/README.org.html b/test/markups/README.org.html index ddf8b27e..458024af 100644 --- a/test/markups/README.org.html +++ b/test/markups/README.org.html @@ -52,7 +52,7 @@

2.3 2009-12-30: Version 0.5.0

  • Skipping text before the first headline (option skip:t)
  • Skipping tables (option |:nil)
  • Custom todo keywords
    • -
  • EXPORT_SELECT_TAGS and EXPORT_EXLUDE_TAGS for controlling parts of +
  • EXPORT_SELECT_TAGS and EXPORT_EXCLUDE_TAGS for controlling parts of the tree to export
    • From 040f91d9919c51a5ecbe54352a207a3281f07359 Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Tue, 12 Apr 2022 07:20:31 +0200 Subject: [PATCH 02/35] Make sure all anchors are created for RST links. --- lib/github/commands/rest2html | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/github/commands/rest2html b/lib/github/commands/rest2html index c7c89dce..c6fc663e 100755 --- a/lib/github/commands/rest2html +++ b/lib/github/commands/rest2html @@ -199,8 +199,8 @@ class GitHubHTMLTranslator(HTMLTranslator): # see also: http://bit.ly/NHtyRx # the a is to support ::contents with ::sectnums: http://git.io/N1yC def visit_section(self, node): - id_attribute = node.attributes['ids'][0] - self.body.append('\n' % id_attribute) + for id_attribute in node.attributes['ids']: + self.body.append('\n' % id_attribute) self.section_level += 1 def depart_section(self, node): From a78c9a718bf64daeb6cf2f996c5844fa7fc3457f Mon Sep 17 00:00:00 2001 From: Felix Fontein Date: Tue, 12 Apr 2022 07:28:04 +0200 Subject: [PATCH 03/35] Add test. On my system rest2html generates quite some different markup so I'm not sure whether this actually works. --- test/markups/README.rst | 4 ++++ test/markups/README.rst.html | 2 ++ 2 files changed, 6 insertions(+) diff --git a/test/markups/README.rst b/test/markups/README.rst index 53cba9e0..ad7af380 100644 --- a/test/markups/README.rst +++ b/test/markups/README.rst @@ -8,6 +8,8 @@ Example text. .. contents:: Table of Contents +.. _label_for_header_2: + Header 2 -------- @@ -17,6 +19,8 @@ Header 2 3. Somé UTF-8° +4. `Link to the above header `_ + The UTF-8 quote character in this table used to cause python to go boom. Now docutils just silently ignores it. .. csv-table:: Things that are Awesome (on a scale of 1-11) diff --git a/test/markups/README.rst.html b/test/markups/README.rst.html index 6accfdf6..ca6807f8 100644 --- a/test/markups/README.rst.html +++ b/test/markups/README.rst.html @@ -9,11 +9,13 @@

    Subtitle

    +

    Header 2

    1. Blah blah code blah
    2. More code, hooray
    3. Somé UTF-8°
      4. +
    4. Link to the above header

    The UTF-8 quote character in this table used to cause python to go boom. Now docutils just silently ignores it.

    From 65bfe283658857d7d506c923bd808c369a8cd90d Mon Sep 17 00:00:00 2001 From: TAbdiukov Date: Tue, 4 Jul 2023 06:23:18 +0200 Subject: [PATCH 04/35] Textile language link now leads to something completely different - replace the link with the current official one --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index b2bcc809..93eb15ba 100644 --- a/README.md +++ b/README.md @@ -20,7 +20,7 @@ The following markups are supported. The dependencies listed are required if you wish to run the library. You can also run `script/bootstrap` to fetch them all. * [.markdown, .mdown, .mkdn, .md](http://daringfireball.net/projects/markdown/) -- `gem install commonmarker` (https://github.com/gjtorikian/commonmarker) -* [.textile](https://www.promptworks.com/textile) -- `gem install RedCloth` (https://github.com/jgarber/redcloth) +* [.textile](https://textile-lang.com/) -- `gem install RedCloth` (https://github.com/jgarber/redcloth) * [.rdoc](https://ruby.github.io/rdoc/) -- `gem install rdoc -v 3.6.1` * [.org](http://orgmode.org/) -- `gem install org-ruby` (https://github.com/wallyqs/org-ruby) * [.creole](http://wikicreole.org/) -- `gem install creole` (https://github.com/larsch/creole) From aa09a8a8d4d8fa7752500fa063802e4aba89cda3 Mon Sep 17 00:00:00 2001 From: Justin Kenyon Date: Mon, 17 Jun 2024 11:18:26 -0400 Subject: [PATCH 05/35] Update activesupport to 7.1.3.4 --- .gitignore | 1 + github-markup.gemspec | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index c93c0b18..5e84e6f2 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,4 @@ Gemfile.lock .buildpath *~ vendor/ +.DS_Store diff --git a/github-markup.gemspec b/github-markup.gemspec index 4818706d..260df18c 100644 --- a/github-markup.gemspec +++ b/github-markup.gemspec @@ -21,7 +21,7 @@ Gem::Specification.new do |s| s.require_paths = %w[lib] s.add_development_dependency 'rake', '~> 12' - s.add_development_dependency 'activesupport', '~> 4.0' + s.add_development_dependency 'activesupport', '~> 7.1.3.4' s.add_development_dependency 'minitest', '~> 5.4', '>= 5.4.3' s.add_development_dependency 'html-pipeline', '~> 1.0' s.add_development_dependency 'sanitize', '>= 4.6.3' From 26b77f5d7c86c2f6f307491e946035424ae62e9e Mon Sep 17 00:00:00 2001 From: Justin Kenyon Date: Mon, 17 Jun 2024 11:20:56 -0400 Subject: [PATCH 06/35] update version and history --- HISTORY.md | 3 +++ lib/github-markup.rb | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/HISTORY.md b/HISTORY.md index 0e01f49c..745a9c1b 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -1,3 +1,6 @@ +## 5.0.1 - 2024-06-17 +* Bump activesupport from 4.0 to 7.1.3.4 + ## 5.0.0 - 2024-06-17 * Drop support for Ruby versions < 3 * Bump nokogiri from 1.8.1 to 1.16.5 diff --git a/lib/github-markup.rb b/lib/github-markup.rb index 646e341c..7c36ad17 100644 --- a/lib/github-markup.rb +++ b/lib/github-markup.rb @@ -1,6 +1,6 @@ module GitHub module Markup - VERSION = '5.0.0' + VERSION = '5.0.1' Version = VERSION end end From e6973dfdacfb5d124fc45fdef2a6467d91ac3aa8 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Mon, 17 Jun 2024 10:44:53 -0500 Subject: [PATCH 07/35] chore: add dependabot and update github actions Closes #1756 - [x] update github actions to latest versions - [x] use SHAs instead of tags for github actions, more secure supply chain - [x] add dependabot file grouping minor/patch dependency updates to reduce PRs - [x] remove Gemfile.lock from .gitignore and add it back to source control - this will allow dependabot to detect dependency updates Signed-off-by: jmeridth Co-authored-by: Zack Koppert --- .github/dependabot.yaml | 39 +++++++++++ .github/workflows/ci.yml | 8 +-- .gitignore | 1 - Gemfile.lock | 135 +++++++++++++++++++++++++++++++++++++++ 4 files changed, 178 insertions(+), 5 deletions(-) create mode 100644 .github/dependabot.yaml create mode 100644 Gemfile.lock diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml new file mode 100644 index 00000000..802b7513 --- /dev/null +++ b/.github/dependabot.yaml @@ -0,0 +1,39 @@ +--- +version: 2 +updates: + - package-ecosystem: 'bundler' + directory: '/' + schedule: + interval: 'weekly' + commit-message: + prefix: 'chore(deps)' + groups: + dependencies: + applies-to: version-updates + update-types: + - 'minor' + - 'patch' + - package-ecosystem: 'github-actions' + directory: '/' + schedule: + interval: 'weekly' + commit-message: + prefix: 'chore(deps)' + groups: + dependencies: + applies-to: version-updates + update-types: + - 'minor' + - 'patch' + - package-ecosystem: 'docker' + directory: '/' + schedule: + interval: 'weekly' + commit-message: + prefix: 'chore(deps)' + groups: + dependencies: + applies-to: version-updates + update-types: + - 'minor' + - 'patch' diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a25fdefc..e0feed3c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -19,21 +19,21 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 with: fetch-depth: 10 - - uses: ruby/setup-ruby@v1 + - uses: ruby/setup-ruby@ff740bc00a01b3a50fffc55a1071b1060eeae9dc # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@v2 + - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST python-version: '3.x' - - uses: actions/cache@v2 + - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip diff --git a/.gitignore b/.gitignore index 5e84e6f2..eac4d715 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ *.pyc pkg/ .bundle -Gemfile.lock .project .buildpath *~ diff --git a/Gemfile.lock b/Gemfile.lock new file mode 100644 index 00000000..225b59a6 --- /dev/null +++ b/Gemfile.lock @@ -0,0 +1,135 @@ +GIT + remote: https://github.com/gjtorikian/commonmarker.git + revision: 2838ebaa83ee0081d481c21f3bc0e4cb3e8de9da + tag: v0.18.3 + specs: + commonmarker (0.18.3) + ruby-enum (~> 0.5) + +PATH + remote: . + specs: + github-markup (5.0.1) + +GEM + remote: http://rubygems.org/ + specs: + RedCloth (4.3.4) + activesupport (7.1.3.4) + base64 + bigdecimal + concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb + i18n (>= 1.6, < 2) + minitest (>= 5.1) + mutex_m + tzinfo (~> 2.0) + asciidoctor (2.0.23) + base64 (0.2.0) + bigdecimal (3.1.8) + builder (3.3.0) + cgi (0.4.1) + charlock_holmes (0.7.7) + concurrent-ruby (1.3.3) + connection_pool (2.4.1) + crass (1.0.6) + creole (0.3.8) + drb (2.2.1) + expression_parser (0.9.0) + github-linguist (7.30.0) + cgi + charlock_holmes (~> 0.7.7) + mini_mime (~> 1.0) + rugged (~> 1.0) + html-pipeline (1.11.0) + activesupport (>= 2) + nokogiri (~> 1.4) + htmlentities (4.3.4) + i18n (1.14.5) + concurrent-ruby (~> 1.0) + mini_mime (1.1.5) + minitest (5.23.1) + mutex_m (0.2.0) + nokogiri (1.16.6-aarch64-linux) + racc (~> 1.4) + nokogiri (1.16.6-arm-linux) + racc (~> 1.4) + nokogiri (1.16.6-arm64-darwin) + racc (~> 1.4) + nokogiri (1.16.6-x86-linux) + racc (~> 1.4) + nokogiri (1.16.6-x86_64-darwin) + racc (~> 1.4) + nokogiri (1.16.6-x86_64-linux) + racc (~> 1.4) + nokogiri-diff (0.3.0) + nokogiri (~> 1.5) + tdiff (~> 0.4) + org-ruby (0.9.9) + rubypants (~> 0.2) + psych (5.1.2) + stringio + racc (1.8.0) + rake (13.2.1) + rdoc (6.7.0) + psych (>= 4.0.0) + redcarpet (3.6.0) + rexml (3.3.0) + strscan + ruby-enum (0.9.0) + i18n + rubypants (0.7.1) + rugged (1.7.2) + sanitize (6.1.1) + crass (~> 1.0.2) + nokogiri (>= 1.12.0) + stringio (3.1.1) + strscan (3.1.0) + tdiff (0.4.0) + twitter-text (1.14.7) + unf (~> 0.1.0) + tzinfo (2.0.6) + concurrent-ruby (~> 1.0) + unf (0.1.4) + unf_ext + unf_ext (0.0.9.1) + wikicloth (0.8.3) + builder + expression_parser + htmlentities + nokogiri + twitter-text + +PLATFORMS + aarch64-linux + arm-linux + arm64-darwin + x86-linux + x86_64-darwin + x86_64-linux + +DEPENDENCIES + RedCloth + activesupport (~> 7.1.3.4) + asciidoctor (~> 2.0.5) + commonmarker! + creole (~> 0.3.6) + github-linguist (>= 7.1.3) + github-markup! + html-pipeline (~> 1.0) + kramdown + minitest (~> 5.4, >= 5.4.3) + nokogiri (~> 1.16.5) + nokogiri-diff (~> 0.3.0) + org-ruby (= 0.9.9) + rake + rdoc (~> 6.7.0) + redcarpet + rexml + sanitize (>= 4.6.3) + twitter-text (~> 1.14) + wikicloth (= 0.8.3) + +BUNDLED WITH + 2.5.9 From 06e35c7cd36c297d220a07118b6b89cc925d0843 Mon Sep 17 00:00:00 2001 From: Justin Kenyon Date: Wed, 19 Jun 2024 15:36:52 -0400 Subject: [PATCH 08/35] Create stale.yml --- .github/workflows/stale.yml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 .github/workflows/stale.yml diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml new file mode 100644 index 00000000..6bf0d0b6 --- /dev/null +++ b/.github/workflows/stale.yml @@ -0,0 +1,27 @@ +# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time. +# +# You can adjust the behavior by modifying this file. +# For more information, see: +# https://github.com/actions/stale +name: Mark stale issues and pull requests + +on: + schedule: + - cron: '0 12 * * *' + +jobs: + stale: + + runs-on: ubuntu-latest + permissions: + issues: write + pull-requests: write + + steps: + - uses: actions/stale@v5 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + stale-issue-message: 'Stale issue message' + stale-pr-message: 'Stale pull request message' + stale-issue-label: 'no-issue-activity' + stale-pr-label: 'no-pr-activity' From 2a0c8ddb79d66be5d03e8618896b2f1db89e82a9 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Wed, 19 Jun 2024 15:33:14 -0500 Subject: [PATCH 09/35] chore: use sha instead of tag on stale workflow didn't catch this in #1821 Using SHA instead of tag ensures secure supply chain. Tags are mutable, SHAs are not Signed-off-by: jmeridth --- .github/workflows/stale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 6bf0d0b6..6f52b5d0 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -18,7 +18,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v5 + - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'Stale issue message' From 7e6c70341e46d0212a811a259f4706d88e9629fa Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Jul 2024 00:03:10 +0000 Subject: [PATCH 10/35] chore(deps): bump rexml from 3.3.0 to 3.3.2 in the bundler group Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml). Updates `rexml` from 3.3.0 to 3.3.2 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.0...v3.3.2) --- updated-dependencies: - dependency-name: rexml dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 225b59a6..30c4454c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rdoc (6.7.0) psych (>= 4.0.0) redcarpet (3.6.0) - rexml (3.3.0) + rexml (3.3.2) strscan ruby-enum (0.9.0) i18n From 2b0455a36cda769a2da7df1e29cb77143d1bd3f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 2 Aug 2024 16:46:51 +0000 Subject: [PATCH 11/35] chore(deps): bump rexml from 3.3.2 to 3.3.3 in the bundler group Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml). Updates `rexml` from 3.3.2 to 3.3.3 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.2...v3.3.3) --- updated-dependencies: - dependency-name: rexml dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 30c4454c..9a4cdb41 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rdoc (6.7.0) psych (>= 4.0.0) redcarpet (3.6.0) - rexml (3.3.2) + rexml (3.3.3) strscan ruby-enum (0.9.0) i18n From 83b09f8186a3f364c537726c3cfaa3a62924f8bc Mon Sep 17 00:00:00 2001 From: jmeridth Date: Tue, 6 Aug 2024 15:05:30 -0500 Subject: [PATCH 12/35] fix: ensure rubygems url is using https Fixes https://github.com/github/markup/security/code-scanning/1 `Dependency source URL uses the unencrypted protocol HTTP. Use HTTPS instead.` Signed-off-by: jmeridth --- Gemfile | 2 +- Gemfile.lock | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile b/Gemfile index fb3c1308..9b317555 100644 --- a/Gemfile +++ b/Gemfile @@ -1,4 +1,4 @@ -source "http://rubygems.org" +source "https://rubygems.org" gemspec gem "redcarpet", :platforms => :ruby diff --git a/Gemfile.lock b/Gemfile.lock index 30c4454c..b6d184d4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -12,7 +12,7 @@ PATH github-markup (5.0.1) GEM - remote: http://rubygems.org/ + remote: https://rubygems.org/ specs: RedCloth (4.3.4) activesupport (7.1.3.4) From 1e2c03935912e5cf4bfb81726f5a9bfe18a86c43 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Tue, 6 Aug 2024 15:24:51 -0500 Subject: [PATCH 13/35] fix: add explicit permissions to ci github action Fixing a code scanning alert Signed-off-by: jmeridth --- .github/workflows/ci.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e0feed3c..9e8e31dc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -4,6 +4,9 @@ on: [push, pull_request] env: JRUBY_OPTS: -Xcext.enabled=true +permissions: + contents: read + jobs: build: name: "Test / Ruby ${{ matrix.ruby }}" From 6d287a98bb5a400b780bc9db191899ba442dd6ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 20:51:15 +0000 Subject: [PATCH 14/35] chore(deps): bump rexml from 3.3.3 to 3.3.6 in the bundler group Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml). Updates `rexml` from 3.3.3 to 3.3.6 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.3...v3.3.6) --- updated-dependencies: - dependency-name: rexml dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 6dc75c96..d2c84309 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,7 +75,7 @@ GEM rdoc (6.7.0) psych (>= 4.0.0) redcarpet (3.6.0) - rexml (3.3.3) + rexml (3.3.6) strscan ruby-enum (0.9.0) i18n From 2880c2c6d108531a8eed179b369762e0aeaec9ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 11:01:09 +0000 Subject: [PATCH 15/35] chore(deps): bump the dependencies group across 1 directory with 2 updates Bumps the dependencies group with 2 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/setup-python](https://github.com/actions/setup-python). Updates `ruby/setup-ruby` from 1.180.0 to 1.190.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/ff740bc00a01b3a50fffc55a1071b1060eeae9dc...a6e6f86333f0a2523ece813039b8b4be04560854) Updates `actions/setup-python` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...f677139bbe7f9c59b41e40162b753c062f5d49a3) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9e8e31dc..3640b8b4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,12 +26,12 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@ff740bc00a01b3a50fffc55a1071b1060eeae9dc # v1 + - uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST python-version: '3.x' From b4f9c54a4b4c117cb315cd0f4df09ffd5a1484b7 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Wed, 4 Sep 2024 15:06:15 -0500 Subject: [PATCH 16/35] chore: add .venv/venv to .gitignore best practices with local python development is to create a virtual environment. The most common are either .venv or venv folders in the root of the repo. We currently install [docutils](https://github.com/github/markup/blob/914839fd31c93b93a8054a3c91fce0906b2d1375/script/bootstrap#L8) via pip (python). - [x] add .venv/venv folders to .gitignore - [x] update README with how to setup locally environment Signed-off-by: jmeridth --- .gitignore | 2 ++ README.md | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/.gitignore b/.gitignore index eac4d715..b0f0821c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,3 +6,5 @@ pkg/ *~ vendor/ .DS_Store +.venv +venv diff --git a/README.md b/README.md index b2bcc809..3aeb7110 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,15 @@ require 'github/markup' GitHub::Markup.render_s(GitHub::Markups::MARKUP_MARKDOWN, "* One\n* Two") ``` +Local Development +----------------- + +```sh +python3 -m venv .venv +source .venv/bin/activate +cd script +./bootstrap +``` Contributing ------------ From bc6e6e36a6cdf5e4cd73f4d3bcfafd05c3e4cb67 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Sep 2024 10:25:23 +0000 Subject: [PATCH 17/35] chore(deps): bump ruby/setup-ruby in the dependencies group Bumps the dependencies group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.190.0 to 1.191.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/a6e6f86333f0a2523ece813039b8b4be04560854...52753b7da854d5c07df37391a986c76ab4615999) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3640b8b4..dd8812d5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1 + - uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true From 459fb1b32f42e005140979f007ad84ca75e0b7d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Sep 2024 10:32:15 +0000 Subject: [PATCH 18/35] chore(deps): bump ruby/setup-ruby in the dependencies group Bumps the dependencies group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.191.0 to 1.193.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/52753b7da854d5c07df37391a986c76ab4615999...f321cf5a4d1533575411f8752cf25b86478b0442) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dd8812d5..3ed2585a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1 + - uses: ruby/setup-ruby@f321cf5a4d1533575411f8752cf25b86478b0442 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true From af6b5419e67273b90a3db2cdfaeab46f40c2d80c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Sep 2024 10:32:39 +0000 Subject: [PATCH 19/35] chore(deps): bump the dependencies group with 2 updates Bumps the dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...d632683dd7b4114ad314bca15554477dd762a938) Updates `ruby/setup-ruby` from 1.193.0 to 1.194.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/f321cf5a4d1533575411f8752cf25b86478b0442...c04af2bb7258bb6a03df1d3c1865998ac9390972) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3ed2585a..effc3f2a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,11 +22,11 @@ jobs: steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4 with: fetch-depth: 10 - - uses: ruby/setup-ruby@f321cf5a4d1533575411f8752cf25b86478b0442 # v1 + - uses: ruby/setup-ruby@c04af2bb7258bb6a03df1d3c1865998ac9390972 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true From 0a930b28d65d8d3bffec77ee3dbaafcb11032d32 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Oct 2024 18:49:07 +0000 Subject: [PATCH 20/35] chore(deps): bump rexml from 3.3.6 to 3.3.9 in the bundler group Bumps the bundler group with 1 update: [rexml](https://github.com/ruby/rexml). Updates `rexml` from 3.3.6 to 3.3.9 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.6...v3.3.9) --- updated-dependencies: - dependency-name: rexml dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d2c84309..761f6cc0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -75,8 +75,7 @@ GEM rdoc (6.7.0) psych (>= 4.0.0) redcarpet (3.6.0) - rexml (3.3.6) - strscan + rexml (3.3.9) ruby-enum (0.9.0) i18n rubypants (0.7.1) @@ -85,7 +84,6 @@ GEM crass (~> 1.0.2) nokogiri (>= 1.12.0) stringio (3.1.1) - strscan (3.1.0) tdiff (0.4.0) twitter-text (1.14.7) unf (~> 0.1.0) From 57e250f0fb775a154a0184702f310f954b3d5762 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Sun, 3 Nov 2024 22:34:28 -0600 Subject: [PATCH 21/35] fix: stale issue/pr message Signed-off-by: jmeridth --- .github/workflows/stale.yml | 26 ++++++++++++-------------- 1 file changed, 12 insertions(+), 14 deletions(-) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 6f52b5d0..fc5a93dc 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -1,27 +1,25 @@ -# This workflow warns and then closes issues and PRs that have had no activity for a specified amount of time. -# -# You can adjust the behavior by modifying this file. -# For more information, see: -# https://github.com/actions/stale name: Mark stale issues and pull requests on: schedule: - - cron: '0 12 * * *' + - cron: "0 12 * * *" jobs: stale: - runs-on: ubuntu-latest permissions: issues: write pull-requests: write steps: - - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5 - with: - repo-token: ${{ secrets.GITHUB_TOKEN }} - stale-issue-message: 'Stale issue message' - stale-pr-message: 'Stale pull request message' - stale-issue-label: 'no-issue-activity' - stale-pr-label: 'no-pr-activity' + - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5 + with: + repo-token: ${{ secrets.GITHUB_TOKEN }} + stale-issue-message: > + This issue has been automatically marked as stale because it has not + had recent activity. It will be closed if no further activity occurs. + Thank you for your contributions. + stale-pr-message: > + This pull request has been automatically marked as stale because it has not + had recent activity. It will be closed if no further activity occurs. + Thank you for your contributions. From 371da086ed849e8a3b255eed932b040ef7ca2042 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 10:49:14 +0000 Subject: [PATCH 22/35] chore(deps): bump the dependencies group across 1 directory with 4 updates Bumps the dependencies group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [actions/setup-python](https://github.com/actions/setup-python) and [actions/cache](https://github.com/actions/cache). Updates `actions/checkout` from 4.2.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `ruby/setup-ruby` from 1.194.0 to 1.199.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/c04af2bb7258bb6a03df1d3c1865998ac9390972...7d3497fd78c07c0d84ebafa58d8dac60cd1f0763) Updates `actions/setup-python` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/f677139bbe7f9c59b41e40162b753c062f5d49a3...0b93645e9fea7318ecaed2b359559ac225c90a2b) Updates `actions/cache` from 4.0.2 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/0c45773b623bea8c8e75f6c82b208c3cf94ea4f9...6849a6489940f00c2f30c0fb92c6274307ccb58a) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index effc3f2a..0a661e9b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,21 +22,21 @@ jobs: steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 with: fetch-depth: 10 - - uses: ruby/setup-ruby@c04af2bb7258bb6a03df1d3c1865998ac9390972 # v1 + - uses: ruby/setup-ruby@7d3497fd78c07c0d84ebafa58d8dac60cd1f0763 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST python-version: '3.x' - - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 + - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: ~/.cache/pip key: ${{ runner.os }}-pip From 5767386b134d0b70634a2187001beadafaf39a3c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Nov 2024 10:49:47 +0000 Subject: [PATCH 23/35] chore(deps): bump the dependencies group across 1 directory with 6 updates Updates the requirements on [org-ruby](https://github.com/wallyqs/org-ruby), [creole](https://github.com/minad/creole), [activesupport](https://github.com/rails/rails), [minitest](https://github.com/minitest/minitest), [sanitize](https://github.com/rgrove/sanitize) and [nokogiri](https://github.com/sparklemotion/nokogiri) to permit the latest version. Updates `org-ruby` from 0.9.9 to 0.9.12 - [Changelog](https://github.com/wallyqs/org-ruby/blob/master/History.org) - [Commits](https://github.com/wallyqs/org-ruby/compare/version-0.9.9...version-0.9.12) Updates `creole` from 0.3.8 to 0.5.0 - [Changelog](https://github.com/minad/creole/blob/master/CHANGES) - [Commits](https://github.com/minad/creole/compare/0.3.8...v0.5.0) Updates `activesupport` from 7.1.3.4 to 7.1.5 - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v7.2.2/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.1.3.4...v7.1.5) Updates `minitest` from 5.23.1 to 5.25.1 - [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc) - [Commits](https://github.com/minitest/minitest/compare/v5.23.1...v5.25.1) Updates `sanitize` from 6.1.1 to 6.1.3 - [Release notes](https://github.com/rgrove/sanitize/releases) - [Changelog](https://github.com/rgrove/sanitize/blob/main/HISTORY.md) - [Commits](https://github.com/rgrove/sanitize/compare/v6.1.1...v6.1.3) Updates `nokogiri` from 1.16.6 to 1.16.7 - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.6...v1.16.7) --- updated-dependencies: - dependency-name: org-ruby dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: creole dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: activesupport dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: minitest dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: sanitize dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: nokogiri dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- Gemfile | 4 ++-- Gemfile.lock | 40 +++++++++++++++++++++++----------------- github-markup.gemspec | 2 +- 3 files changed, 26 insertions(+), 20 deletions(-) diff --git a/Gemfile b/Gemfile index 9b317555..b2983b9b 100644 --- a/Gemfile +++ b/Gemfile @@ -8,8 +8,8 @@ gem "RedCloth" # however we want to bump up to this version since this has a security patch gem "commonmarker", git: "https://github.com/gjtorikian/commonmarker.git", tag: "v0.18.3" gem "rdoc", "~> 6.7.0" -gem "org-ruby", "= 0.9.9" -gem "creole", "~>0.3.6" +gem "org-ruby", "0.9.12" +gem "creole", "~>0.5.0" gem "wikicloth", "=0.8.3" gem "twitter-text", "~> 1.14" gem "asciidoctor", "~> 2.0.5" diff --git a/Gemfile.lock b/Gemfile.lock index 761f6cc0..5912d3b1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -15,26 +15,30 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.3.4) - activesupport (7.1.3.4) + activesupport (7.1.5) base64 + benchmark (>= 0.3) bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) mutex_m + securerandom (>= 0.3) tzinfo (~> 2.0) asciidoctor (2.0.23) base64 (0.2.0) + benchmark (0.3.0) bigdecimal (3.1.8) builder (3.3.0) cgi (0.4.1) charlock_holmes (0.7.7) - concurrent-ruby (1.3.3) + concurrent-ruby (1.3.4) connection_pool (2.4.1) crass (1.0.6) - creole (0.3.8) + creole (0.5.0) drb (2.2.1) expression_parser (0.9.0) github-linguist (7.30.0) @@ -46,31 +50,32 @@ GEM activesupport (>= 2) nokogiri (~> 1.4) htmlentities (4.3.4) - i18n (1.14.5) + i18n (1.14.6) concurrent-ruby (~> 1.0) + logger (1.6.1) mini_mime (1.1.5) - minitest (5.23.1) + minitest (5.25.1) mutex_m (0.2.0) - nokogiri (1.16.6-aarch64-linux) + nokogiri (1.16.7-aarch64-linux) racc (~> 1.4) - nokogiri (1.16.6-arm-linux) + nokogiri (1.16.7-arm-linux) racc (~> 1.4) - nokogiri (1.16.6-arm64-darwin) + nokogiri (1.16.7-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.6-x86-linux) + nokogiri (1.16.7-x86-linux) racc (~> 1.4) - nokogiri (1.16.6-x86_64-darwin) + nokogiri (1.16.7-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.6-x86_64-linux) + nokogiri (1.16.7-x86_64-linux) racc (~> 1.4) nokogiri-diff (0.3.0) nokogiri (~> 1.5) tdiff (~> 0.4) - org-ruby (0.9.9) + org-ruby (0.9.12) rubypants (~> 0.2) psych (5.1.2) stringio - racc (1.8.0) + racc (1.8.1) rake (13.2.1) rdoc (6.7.0) psych (>= 4.0.0) @@ -80,9 +85,10 @@ GEM i18n rubypants (0.7.1) rugged (1.7.2) - sanitize (6.1.1) + sanitize (6.1.3) crass (~> 1.0.2) nokogiri (>= 1.12.0) + securerandom (0.3.1) stringio (3.1.1) tdiff (0.4.0) twitter-text (1.14.7) @@ -109,10 +115,10 @@ PLATFORMS DEPENDENCIES RedCloth - activesupport (~> 7.1.3.4) + activesupport (~> 7.1.5) asciidoctor (~> 2.0.5) commonmarker! - creole (~> 0.3.6) + creole (~> 0.5.0) github-linguist (>= 7.1.3) github-markup! html-pipeline (~> 1.0) @@ -120,7 +126,7 @@ DEPENDENCIES minitest (~> 5.4, >= 5.4.3) nokogiri (~> 1.16.5) nokogiri-diff (~> 0.3.0) - org-ruby (= 0.9.9) + org-ruby (= 0.9.12) rake rdoc (~> 6.7.0) redcarpet diff --git a/github-markup.gemspec b/github-markup.gemspec index 260df18c..ccf5908a 100644 --- a/github-markup.gemspec +++ b/github-markup.gemspec @@ -21,7 +21,7 @@ Gem::Specification.new do |s| s.require_paths = %w[lib] s.add_development_dependency 'rake', '~> 12' - s.add_development_dependency 'activesupport', '~> 7.1.3.4' + s.add_development_dependency 'activesupport', '~> 7.1.5' s.add_development_dependency 'minitest', '~> 5.4', '>= 5.4.3' s.add_development_dependency 'html-pipeline', '~> 1.0' s.add_development_dependency 'sanitize', '>= 4.6.3' From cec16df50930cfd7870f6addab2e0acdaedb41f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Nov 2024 10:28:29 +0000 Subject: [PATCH 24/35] chore(deps): bump ruby/setup-ruby in the dependencies group Bumps the dependencies group with 1 update: [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `ruby/setup-ruby` from 1.199.0 to 1.202.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/7d3497fd78c07c0d84ebafa58d8dac60cd1f0763...a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0a661e9b..b2c0469c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@7d3497fd78c07c0d84ebafa58d8dac60cd1f0763 # v1 + - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true From eed8f53691db84d1788fd142c9235bb6b8379b76 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Mon, 18 Nov 2024 09:10:32 -0600 Subject: [PATCH 25/35] chore: add keep label to mark issues/prs from being marked as stale - [x] added keep label to repo - [x] add `exempt-issue-labels` and `exempt-pre-labels` to stale config Signed-off-by: jmeridth --- .github/workflows/stale.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index fc5a93dc..ef40f1b0 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -23,3 +23,5 @@ jobs: This pull request has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. + exempt-issue-labels: keep + exempt-pr-labels: keep From 9362a5204fd1551e692b5d9c7a44b70b9e5d4374 Mon Sep 17 00:00:00 2001 From: jmeridth Date: Mon, 18 Nov 2024 09:31:19 -0600 Subject: [PATCH 26/35] fix: switch from shas to tags for immutable actions closes 4 security warnings Signed-off-by: jmeridth --- .github/workflows/ci.yml | 8 ++++---- .github/workflows/stale.yml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b2c0469c..0eb7e108 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@v4.2.2 with: fetch-depth: 10 @@ -31,12 +31,12 @@ jobs: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5 + - uses: actions/setup-python@v5.3.0 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST - python-version: '3.x' + python-version: "3.x" - - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + - uses: actions/cache@v4.1.2 with: path: ~/.cache/pip key: ${{ runner.os }}-pip diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index ef40f1b0..2ef91e16 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@f7176fd3007623b69d27091f9b9d4ab7995f0a06 # v5 + - uses: actions/stale@v9.0.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: > From 70055d6c111806adef3090f1d8210c7888bcfa65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Mar 2025 10:54:07 +0000 Subject: [PATCH 27/35] chore(deps): bump the dependencies group across 1 directory with 4 updates Bumps the dependencies group with 4 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [actions/setup-python](https://github.com/actions/setup-python), [actions/cache](https://github.com/actions/cache) and [actions/stale](https://github.com/actions/stale). Updates `ruby/setup-ruby` from 1.202.0 to 1.222.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc...277ba2a127aba66d45bad0fa2dc56f80dbfedffa) Updates `actions/setup-python` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.3.0...v5.4.0) Updates `actions/cache` from 4.1.2 to 4.2.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.1.2...v4.2.2) Updates `actions/stale` from 9.0.0 to 9.1.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v9.0.0...v9.1.0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 6 +++--- .github/workflows/stale.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0eb7e108..65a1cf08 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,17 +26,17 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@a2bbe5b1b236842c1cb7dd11e8e3b51e0a616acc # v1 + - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@v5.3.0 + - uses: actions/setup-python@v5.4.0 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST python-version: "3.x" - - uses: actions/cache@v4.1.2 + - uses: actions/cache@v4.2.2 with: path: ~/.cache/pip key: ${{ runner.os }}-pip diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 2ef91e16..84cbf0ed 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v9.0.0 + - uses: actions/stale@v9.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: > From 9831835518ebb07419678300f6ec01870b73d0c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Mar 2025 21:05:33 +0000 Subject: [PATCH 28/35] chore(deps): bump the dependencies group with 5 updates Updates the requirements on [redcarpet](https://github.com/vmg/redcarpet), [rdoc](https://github.com/ruby/rdoc), [rexml](https://github.com/ruby/rexml), [minitest](https://github.com/minitest/minitest) and [nokogiri](https://github.com/sparklemotion/nokogiri) to permit the latest version. Updates `redcarpet` from 3.6.0 to 3.6.1 - [Release notes](https://github.com/vmg/redcarpet/releases) - [Changelog](https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md) - [Commits](https://github.com/vmg/redcarpet/compare/v3.6.0...v3.6.1) Updates `rdoc` from 6.7.0 to 6.12.0 - [Release notes](https://github.com/ruby/rdoc/releases) - [Changelog](https://github.com/ruby/rdoc/blob/master/History.rdoc) - [Commits](https://github.com/ruby/rdoc/compare/v6.7.0...v6.12.0) Updates `rexml` from 3.3.9 to 3.4.1 - [Release notes](https://github.com/ruby/rexml/releases) - [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md) - [Commits](https://github.com/ruby/rexml/compare/v3.3.9...v3.4.1) Updates `minitest` from 5.25.1 to 5.25.4 - [Changelog](https://github.com/minitest/minitest/blob/master/History.rdoc) - [Commits](https://github.com/minitest/minitest/compare/v5.25.1...v5.25.4) Updates `nokogiri` from 1.16.7 to 1.17.2 - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.16.7...v1.17.2) --- updated-dependencies: - dependency-name: redcarpet dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: rdoc dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: rexml dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: minitest dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: nokogiri dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 30 ++++++++++++++++-------------- github-markup.gemspec | 2 +- 3 files changed, 18 insertions(+), 16 deletions(-) diff --git a/Gemfile b/Gemfile index b2983b9b..be52c0a6 100644 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gem "RedCloth" # using a tag version here because 0.18.3 was not published by the author to encourage users to upgrade. # however we want to bump up to this version since this has a security patch gem "commonmarker", git: "https://github.com/gjtorikian/commonmarker.git", tag: "v0.18.3" -gem "rdoc", "~> 6.7.0" +gem "rdoc", "~> 6.13.0" gem "org-ruby", "0.9.12" gem "creole", "~>0.5.0" gem "wikicloth", "=0.8.3" diff --git a/Gemfile.lock b/Gemfile.lock index 5912d3b1..ba36467a 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -39,6 +39,7 @@ GEM connection_pool (2.4.1) crass (1.0.6) creole (0.5.0) + date (3.4.1) drb (2.2.1) expression_parser (0.9.0) github-linguist (7.30.0) @@ -54,33 +55,34 @@ GEM concurrent-ruby (~> 1.0) logger (1.6.1) mini_mime (1.1.5) - minitest (5.25.1) + minitest (5.25.5) mutex_m (0.2.0) - nokogiri (1.16.7-aarch64-linux) + nokogiri (1.17.2-aarch64-linux) racc (~> 1.4) - nokogiri (1.16.7-arm-linux) + nokogiri (1.17.2-arm-linux) racc (~> 1.4) - nokogiri (1.16.7-arm64-darwin) + nokogiri (1.17.2-arm64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86-linux) + nokogiri (1.17.2-x86-linux) racc (~> 1.4) - nokogiri (1.16.7-x86_64-darwin) + nokogiri (1.17.2-x86_64-darwin) racc (~> 1.4) - nokogiri (1.16.7-x86_64-linux) + nokogiri (1.17.2-x86_64-linux) racc (~> 1.4) nokogiri-diff (0.3.0) nokogiri (~> 1.5) tdiff (~> 0.4) org-ruby (0.9.12) rubypants (~> 0.2) - psych (5.1.2) + psych (5.2.3) + date stringio racc (1.8.1) rake (13.2.1) - rdoc (6.7.0) + rdoc (6.13.0) psych (>= 4.0.0) - redcarpet (3.6.0) - rexml (3.3.9) + redcarpet (3.6.1) + rexml (3.4.1) ruby-enum (0.9.0) i18n rubypants (0.7.1) @@ -89,7 +91,7 @@ GEM crass (~> 1.0.2) nokogiri (>= 1.12.0) securerandom (0.3.1) - stringio (3.1.1) + stringio (3.1.6) tdiff (0.4.0) twitter-text (1.14.7) unf (~> 0.1.0) @@ -124,11 +126,11 @@ DEPENDENCIES html-pipeline (~> 1.0) kramdown minitest (~> 5.4, >= 5.4.3) - nokogiri (~> 1.16.5) + nokogiri (~> 1.17.2) nokogiri-diff (~> 0.3.0) org-ruby (= 0.9.12) rake - rdoc (~> 6.7.0) + rdoc (~> 6.13.0) redcarpet rexml sanitize (>= 4.6.3) diff --git a/github-markup.gemspec b/github-markup.gemspec index ccf5908a..ddd4635f 100644 --- a/github-markup.gemspec +++ b/github-markup.gemspec @@ -25,7 +25,7 @@ Gem::Specification.new do |s| s.add_development_dependency 'minitest', '~> 5.4', '>= 5.4.3' s.add_development_dependency 'html-pipeline', '~> 1.0' s.add_development_dependency 'sanitize', '>= 4.6.3' - s.add_development_dependency 'nokogiri', '~> 1.16.5' + s.add_development_dependency 'nokogiri', '~> 1.17.2' s.add_development_dependency 'nokogiri-diff', '~> 0.3.0' s.add_development_dependency "github-linguist", ">= 7.1.3" end From b88ec4392314d5f873ea0adea9e4ff526ab2ff04 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Mar 2025 21:17:51 +0000 Subject: [PATCH 29/35] chore(deps): bump activesupport from 7.1.5 to 7.1.5.1 Bumps [activesupport](https://github.com/rails/rails) from 7.1.5 to 7.1.5.1. - [Release notes](https://github.com/rails/rails/releases) - [Changelog](https://github.com/rails/rails/blob/v8.0.1/activesupport/CHANGELOG.md) - [Commits](https://github.com/rails/rails/compare/v7.1.5...v7.1.5.1) --- updated-dependencies: - dependency-name: activesupport dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index ba36467a..38813bb1 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -15,7 +15,7 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.3.4) - activesupport (7.1.5) + activesupport (7.1.5.1) base64 benchmark (>= 0.3) bigdecimal @@ -30,13 +30,13 @@ GEM tzinfo (~> 2.0) asciidoctor (2.0.23) base64 (0.2.0) - benchmark (0.3.0) - bigdecimal (3.1.8) + benchmark (0.4.0) + bigdecimal (3.1.9) builder (3.3.0) cgi (0.4.1) charlock_holmes (0.7.7) - concurrent-ruby (1.3.4) - connection_pool (2.4.1) + concurrent-ruby (1.3.5) + connection_pool (2.5.0) crass (1.0.6) creole (0.5.0) date (3.4.1) @@ -51,12 +51,12 @@ GEM activesupport (>= 2) nokogiri (~> 1.4) htmlentities (4.3.4) - i18n (1.14.6) + i18n (1.14.7) concurrent-ruby (~> 1.0) - logger (1.6.1) + logger (1.7.0) mini_mime (1.1.5) minitest (5.25.5) - mutex_m (0.2.0) + mutex_m (0.3.0) nokogiri (1.17.2-aarch64-linux) racc (~> 1.4) nokogiri (1.17.2-arm-linux) @@ -90,7 +90,7 @@ GEM sanitize (6.1.3) crass (~> 1.0.2) nokogiri (>= 1.12.0) - securerandom (0.3.1) + securerandom (0.3.2) stringio (3.1.6) tdiff (0.4.0) twitter-text (1.14.7) From 0f6838c1f8110cb2ee005cb74a5392c4dbb48881 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 10:48:59 +0000 Subject: [PATCH 30/35] chore(deps): bump rdoc from 6.13.0 to 6.13.1 in the dependencies group Bumps the dependencies group with 1 update: [rdoc](https://github.com/ruby/rdoc). Updates `rdoc` from 6.13.0 to 6.13.1 - [Release notes](https://github.com/ruby/rdoc/releases) - [Changelog](https://github.com/ruby/rdoc/blob/master/History.rdoc) - [Commits](https://github.com/ruby/rdoc/compare/v6.13.0...v6.13.1) --- updated-dependencies: - dependency-name: rdoc dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index be52c0a6..e2c29f9c 100644 --- a/Gemfile +++ b/Gemfile @@ -7,7 +7,7 @@ gem "RedCloth" # using a tag version here because 0.18.3 was not published by the author to encourage users to upgrade. # however we want to bump up to this version since this has a security patch gem "commonmarker", git: "https://github.com/gjtorikian/commonmarker.git", tag: "v0.18.3" -gem "rdoc", "~> 6.13.0" +gem "rdoc", "~> 6.13.1" gem "org-ruby", "0.9.12" gem "creole", "~>0.5.0" gem "wikicloth", "=0.8.3" diff --git a/Gemfile.lock b/Gemfile.lock index ba36467a..2f72687c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -79,7 +79,7 @@ GEM stringio racc (1.8.1) rake (13.2.1) - rdoc (6.13.0) + rdoc (6.13.1) psych (>= 4.0.0) redcarpet (3.6.1) rexml (3.4.1) @@ -130,7 +130,7 @@ DEPENDENCIES nokogiri-diff (~> 0.3.0) org-ruby (= 0.9.12) rake - rdoc (~> 6.13.0) + rdoc (~> 6.13.1) redcarpet rexml sanitize (>= 4.6.3) From 1ba0b17f610f4cdf6cf33ec7bc2c618f8b0f9208 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 11:04:59 +0000 Subject: [PATCH 31/35] chore(deps): bump the dependencies group with 3 updates Bumps the dependencies group with 3 updates: [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [actions/setup-python](https://github.com/actions/setup-python) and [actions/cache](https://github.com/actions/cache). Updates `ruby/setup-ruby` from 1.222.0 to 1.229.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/277ba2a127aba66d45bad0fa2dc56f80dbfedffa...354a1ad156761f5ee2b7b13fa8e09943a5e8d252) Updates `actions/setup-python` from 5.4.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5.4.0...v5.5.0) Updates `actions/cache` from 4.2.2 to 4.2.3 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.2...v4.2.3) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 65a1cf08..f313947e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,17 +26,17 @@ jobs: with: fetch-depth: 10 - - uses: ruby/setup-ruby@277ba2a127aba66d45bad0fa2dc56f80dbfedffa # v1 + - uses: ruby/setup-ruby@354a1ad156761f5ee2b7b13fa8e09943a5e8d252 # v1 with: ruby-version: ${{ matrix.ruby }} bundler-cache: true - - uses: actions/setup-python@v5.4.0 + - uses: actions/setup-python@v5.5.0 with: # This should match lib/github/markups.rb GitHub::Markups::MARKUP_RST python-version: "3.x" - - uses: actions/cache@v4.2.2 + - uses: actions/cache@v4.2.3 with: path: ~/.cache/pip key: ${{ runner.os }}-pip From 63895bf131f69398fab9beaa0d9839c79ceeddfd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 14:39:39 +0000 Subject: [PATCH 32/35] chore(deps): bump cgi from 0.4.1 to 0.4.2 in the bundler group Bumps the bundler group with 1 update: [cgi](https://github.com/ruby/cgi). Updates `cgi` from 0.4.1 to 0.4.2 - [Release notes](https://github.com/ruby/cgi/releases) - [Commits](https://github.com/ruby/cgi/compare/v0.4.1...v0.4.2) --- updated-dependencies: - dependency-name: cgi dependency-type: indirect dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index ba36467a..84f33bdf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -33,7 +33,7 @@ GEM benchmark (0.3.0) bigdecimal (3.1.8) builder (3.3.0) - cgi (0.4.1) + cgi (0.4.2) charlock_holmes (0.7.7) concurrent-ruby (1.3.4) connection_pool (2.4.1) From ead5ff8f21d0db8d672a7283a6afec24cbfee3ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 31 Mar 2025 15:05:35 +0000 Subject: [PATCH 33/35] chore(deps): bump github-linguist from 7.30.0 to 9.1.0 Bumps [github-linguist](https://github.com/github-linguist/linguist) from 7.30.0 to 9.1.0. - [Release notes](https://github.com/github-linguist/linguist/releases) - [Commits](https://github.com/github-linguist/linguist/compare/v7.30.0...v9.1.0) --- updated-dependencies: - dependency-name: github-linguist dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index c8c61181..1ebd7841 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -34,7 +34,7 @@ GEM bigdecimal (3.1.9) builder (3.3.0) cgi (0.4.2) - charlock_holmes (0.7.7) + charlock_holmes (0.7.9) concurrent-ruby (1.3.5) connection_pool (2.5.0) crass (1.0.6) @@ -42,7 +42,7 @@ GEM date (3.4.1) drb (2.2.1) expression_parser (0.9.0) - github-linguist (7.30.0) + github-linguist (9.1.0) cgi charlock_holmes (~> 0.7.7) mini_mime (~> 1.0) @@ -86,7 +86,7 @@ GEM ruby-enum (0.9.0) i18n rubypants (0.7.1) - rugged (1.7.2) + rugged (1.9.0) sanitize (6.1.3) crass (~> 1.0.2) nokogiri (>= 1.12.0) From 92a2ed2692f9b162e7008820f32d226bb99f88e8 Mon Sep 17 00:00:00 2001 From: Max Beizer Date: Tue, 1 Apr 2025 14:34:59 +0000 Subject: [PATCH 34/35] Bump nokogiri to 1.18, require at least Ruby 3.1 --- .github/workflows/ci.yml | 2 +- Gemfile | 1 + Gemfile.lock | 16 +++++++++------- github-markup.gemspec | 4 ++-- 4 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f313947e..50ccc50b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,10 +14,10 @@ jobs: strategy: matrix: ruby: - - "3.0" - "3.1" - "3.2" - "3.3" + - "3.4" fail-fast: false steps: diff --git a/Gemfile b/Gemfile index e2c29f9c..bcd13f88 100644 --- a/Gemfile +++ b/Gemfile @@ -15,3 +15,4 @@ gem "twitter-text", "~> 1.14" gem "asciidoctor", "~> 2.0.5" gem "rake" gem "rexml" +gem "nokogiri", "~> 1.18.4" diff --git a/Gemfile.lock b/Gemfile.lock index 1ebd7841..7e738e4d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -55,19 +55,21 @@ GEM concurrent-ruby (~> 1.0) logger (1.7.0) mini_mime (1.1.5) + mini_portile2 (2.8.8) minitest (5.25.5) mutex_m (0.3.0) - nokogiri (1.17.2-aarch64-linux) + nokogiri (1.18.7) + mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.17.2-arm-linux) + nokogiri (1.18.7-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.17.2-arm64-darwin) + nokogiri (1.18.7-arm-linux-gnu) racc (~> 1.4) - nokogiri (1.17.2-x86-linux) + nokogiri (1.18.7-arm64-darwin) racc (~> 1.4) - nokogiri (1.17.2-x86_64-darwin) + nokogiri (1.18.7-x86_64-darwin) racc (~> 1.4) - nokogiri (1.17.2-x86_64-linux) + nokogiri (1.18.7-x86_64-linux-gnu) racc (~> 1.4) nokogiri-diff (0.3.0) nokogiri (~> 1.5) @@ -126,7 +128,7 @@ DEPENDENCIES html-pipeline (~> 1.0) kramdown minitest (~> 5.4, >= 5.4.3) - nokogiri (~> 1.17.2) + nokogiri (~> 1.18.4) nokogiri-diff (~> 0.3.0) org-ruby (= 0.9.12) rake diff --git a/github-markup.gemspec b/github-markup.gemspec index ddd4635f..4329a901 100644 --- a/github-markup.gemspec +++ b/github-markup.gemspec @@ -13,7 +13,7 @@ Gem::Specification.new do |s| s.homepage = "https://github.com/github/markup" s.license = "MIT" - s.required_ruby_version = '>= 3.0.0' + s.required_ruby_version = '>= 3.1.0' s.files = `git ls-files`.split($\) s.executables = s.files.grep(%r{^bin/}).map{ |f| File.basename(f) } @@ -25,7 +25,7 @@ Gem::Specification.new do |s| s.add_development_dependency 'minitest', '~> 5.4', '>= 5.4.3' s.add_development_dependency 'html-pipeline', '~> 1.0' s.add_development_dependency 'sanitize', '>= 4.6.3' - s.add_development_dependency 'nokogiri', '~> 1.17.2' + s.add_development_dependency 'nokogiri', '~> 1.18.4' s.add_development_dependency 'nokogiri-diff', '~> 0.3.0' s.add_development_dependency "github-linguist", ">= 7.1.3" end From a732c1a614333efe7b6a367238ec1c278fcb3a30 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Apr 2025 04:55:46 +0000 Subject: [PATCH 35/35] chore(deps): bump nokogiri from 1.18.7 to 1.18.8 in the bundler group Bumps the bundler group with 1 update: [nokogiri](https://github.com/sparklemotion/nokogiri). Updates `nokogiri` from 1.18.7 to 1.18.8 - [Release notes](https://github.com/sparklemotion/nokogiri/releases) - [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md) - [Commits](https://github.com/sparklemotion/nokogiri/compare/v1.18.7...v1.18.8) --- updated-dependencies: - dependency-name: nokogiri dependency-version: 1.18.8 dependency-type: direct:production dependency-group: bundler ... Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index bcd13f88..60920bee 100644 --- a/Gemfile +++ b/Gemfile @@ -15,4 +15,4 @@ gem "twitter-text", "~> 1.14" gem "asciidoctor", "~> 2.0.5" gem "rake" gem "rexml" -gem "nokogiri", "~> 1.18.4" +gem "nokogiri", "~> 1.18.8" diff --git a/Gemfile.lock b/Gemfile.lock index 7e738e4d..9ee4b029 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -58,18 +58,18 @@ GEM mini_portile2 (2.8.8) minitest (5.25.5) mutex_m (0.3.0) - nokogiri (1.18.7) + nokogiri (1.18.8) mini_portile2 (~> 2.8.2) racc (~> 1.4) - nokogiri (1.18.7-aarch64-linux-gnu) + nokogiri (1.18.8-aarch64-linux-gnu) racc (~> 1.4) - nokogiri (1.18.7-arm-linux-gnu) + nokogiri (1.18.8-arm-linux-gnu) racc (~> 1.4) - nokogiri (1.18.7-arm64-darwin) + nokogiri (1.18.8-arm64-darwin) racc (~> 1.4) - nokogiri (1.18.7-x86_64-darwin) + nokogiri (1.18.8-x86_64-darwin) racc (~> 1.4) - nokogiri (1.18.7-x86_64-linux-gnu) + nokogiri (1.18.8-x86_64-linux-gnu) racc (~> 1.4) nokogiri-diff (0.3.0) nokogiri (~> 1.5) @@ -128,7 +128,7 @@ DEPENDENCIES html-pipeline (~> 1.0) kramdown minitest (~> 5.4, >= 5.4.3) - nokogiri (~> 1.18.4) + nokogiri (~> 1.18.8) nokogiri-diff (~> 0.3.0) org-ruby (= 0.9.12) rake pFad - Phonifier reborn

    Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

    Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


    Alternative Proxies:

    Alternative Proxy

    pFad Proxy

    pFad v3 Proxy

    pFad v4 Proxy