Easiest way to load view classes into another XIB or storyboard.

MLSDev

Last update: Nov 4, 2022

Related tags

Layout LoadableViews

Overview

LoadableViews

Easiest way to load view classes into another XIB or storyboard.

Basic setup

Subclass your view from LoadableView
Create a xib file, set File's Owner class to your class
Link outlets as usual

Usage

Drop UIView to your XIB or storyboard
Set it's class to your class name

Your view is automatically loaded to different xib!

IBInspectable && IBDesignable

IBInspectables automatically render themselves if your view is IBDesignable. Usually Interface Builder is not able to automatically figure out that your view is IBDesignable, so you need to add this attribute to your view subclass:

  @IBDesignable class WTFCatView: LoadableView

UI classes supported

UIView - LoadableView
UITableViewCell - LoadableTableViewCell
UICollectionViewCell - LoadableCollectionViewCell
UICollectionReusableView - LoadableCollectionReusableView
UITextField - LoadableTextField
NSView - LoadableView using AppKit

To use loading from xibs, for example for UICollectionViewCells, drop UIView instead of UICollectionViewCell in InterfaceBuilder, and follow basic setup. Then, on your storyboard, set a class of your cell, and it will be automatically updated.

Customization

Change xib name

class CustomView : LoadableView {
  override var nibName : String {
    return "MyCustomXibName"
  }
}

Change view container

  class CustomViewWithLoadableContainerView : LoadableView {
    override var nibContainerView : UIView {
      return containerView
    }
  }

Making your custom views loadable

Adopt NibLoadableProtocol on your custom UIView or NSView subclass.
Override nibName and nibContainerView properties, if necessary.
Call setupNib method in both init(frame:) and init(coder:) methods.

Known issues

IBDesignable attribute is not recognized when it's inside framework due to bundle paths, which is why in current version you need to add IBDesignable attribute to your views manually.
UITableViewCell and therefore LoadableTableViewCell cannot be made IBDesignable, because InterfaceBuilder uses initWithFrame(_:) method to render views: radar, stack overflow
UIScrollView subclasses such as UITextView don't behave well with loadable views being inserted, which is why UITextView loadable subclass is not included in current release, but may be implemented in the future.

Requirements

iOS 8+
tvOS 9.0+
macOS 10.12+
Swift 5 / 4.0 / 3.2

Installation

CocoaPods

  pod 'LoadableViews'

License

LoadableViews is released under the MIT license. See LICENSE for details.

About MLSDev

LoadableViews are maintained by MLSDev, Inc. We specialize in providing all-in-one solution in mobile and web development. Our team follows Lean principles and works according to agile methodologies to deliver the best results reducing the budget for development and its timeline.

Find out more here and don't hesitate to contact us!

Comments

Bump nokogiri from 1.13.3 to 1.13.4
Bumps nokogiri from 1.13.3 to 1.13.4.

Release notes

Sourced from nokogiri's releases.

1.13.4 / 2022-04-11

Security

Address CVE-2022-24836, a regular expression denial-of-service vulnerability. See GHSA-crjr-9rc5-ghw8 for more information.

[CRuby] Vendored zlib is updated to address CVE-2018-25032. See GHSA-v6gp-9mmm-c6p5 for more information.

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated to address CVE-2022-23437. See GHSA-xxx9-3xcr-gjj3 for more information.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated to address CVE-2022-24839. See GHSA-gx8x-g87m-h5q6 for more information.

Dependencies

[CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to 2.12.2.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of 1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://github.com/sparklemotion/nekohtml

sha256sum:

095ff1995ed3dda3ea98a5f08bdc54bef02be1ce4e7c81034c4812e5e7c6e7e3 nokogiri-1.13.4-aarch64-linux.gem 7ebfc7415c819bcd4e849627e879cef2fb328bec90e802e50d74ccd13a60ec75 nokogiri-1.13.4-arm64-darwin.gem 41efd87c121991de26ef0393ac713d687e539813c3b79e454a2e3ffeecd107ea nokogiri-1.13.4-java.gem ab547504692ada0cec9d2e4e15afab659677c3f4c1ac3ea639bf5212b65246a1 nokogiri-1.13.4-x64-mingw-ucrt.gem fa5c64cfdb71642ed647428e4d0d75ee0f4d189cfb63560c66fd8bdf99eb146b nokogiri-1.13.4-x64-mingw32.gem d6f07cbcbc28b75e8ac5d6e729ffba3602dffa0ad16ffac2322c9b4eb9b971fc nokogiri-1.13.4-x86-linux.gem 0f7a4fd13e25abe3f98663fef0d115d58fdeff62cf23fef12d368e42adad2ce6 nokogiri-1.13.4-x86-mingw32.gem 3eef282f00ad360304fbcd5d72eb1710ff41138efda9513bb49eec832db5fa3e nokogiri-1.13.4-x86_64-darwin.gem 3978610354ec67b59c128d23259c87b18374ee1f61cb9ed99de7143a88e70204 nokogiri-1.13.4-x86_64-linux.gem 0d46044eb39271e3360dae95ed6061ce17bc0028d475651dc48db393488c83bc nokogiri-1.13.4.gem

Changelog

Sourced from nokogiri's changelog.

1.13.4 / 2022-04-11

Security

Address CVE-2022-24836, a regular expression denial-of-service vulnerability. See GHSA-crjr-9rc5-ghw8 for more information.

[CRuby] Vendored zlib is updated to address CVE-2018-25032. See GHSA-v6gp-9mmm-c6p5 for more information.

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated to address CVE-2022-23437. See GHSA-xxx9-3xcr-gjj3 for more information.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated to address CVE-2022-24839. See GHSA-gx8x-g87m-h5q6 for more information.

Dependencies

[CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to 2.12.2.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of 1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://github.com/sparklemotion/nekohtml

Commits

4e2c4b2 version bump to v1.13.4

6a20ee4 Merge pull request #2510 from sparklemotion/flavorjones-encoding-reader-perfo...

b848031 Merge pull request #2509 from sparklemotion/flavorjones-parse-processing-inst...

c0ecf3b test: pend the LIBXML_LOADED_VERSION test on freebsd

e444525 fix(perf): HTML4::EncodingReader detection

1eb5580 style(rubocop): allow intentional use of empty initializer

0feac5a fix(dep): HTML parsing of processing instructions

db72b90 test: recent nekohtml versions do not consider 'a' to be inline

2af2a87 style(rubocop): allow intentional use of empty initializer

ba7a28c Merge pull request #2499 from sparklemotion/2441-xerces-2.12.2-backport-v1.13.x

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 2
Bump nokogiri from 1.13.9 to 1.13.10
Bumps nokogiri from 1.13.9 to 1.13.10.

Release notes

Sourced from nokogiri's releases.

1.13.10 / 2022-12-07

Security

[CRuby] Address CVE-2022-23476, unchecked return value from xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information.

Improvements

[CRuby] XML::Reader#attribute_hash now returns nil on parse errors. This restores the behavior of #attributes from v1.13.7 and earlier. [#2715]

sha256 checksums:

777ce2e80f64772e91459b943e531dfef387e768f2255f9bc7a1655f254bbaa1 nokogiri-1.13.10-aarch64-linux.gem b432ff47c51386e07f7e275374fe031c1349e37eaef2216759063bc5fa5624aa nokogiri-1.13.10-arm64-darwin.gem 73ac581ddcb680a912e92da928ffdbac7b36afd3368418f2cee861b96e8c830b nokogiri-1.13.10-java.gem 916aa17e624611dddbf2976ecce1b4a80633c6378f8465cff0efab022ebc2900 nokogiri-1.13.10-x64-mingw-ucrt.gem 0f85a1ad8c2b02c166a6637237133505b71a05f1bb41b91447005449769bced0 nokogiri-1.13.10-x64-mingw32.gem 91fa3a8724a1ce20fccbd718dafd9acbde099258183ac486992a61b00bb17020 nokogiri-1.13.10-x86-linux.gem d6663f5900ccd8f72d43660d7f082565b7ffcaade0b9a59a74b3ef8791034168 nokogiri-1.13.10-x86-mingw32.gem 81755fc4b8130ef9678c76a2e5af3db7a0a6664b3cba7d9fe8ef75e7d979e91b nokogiri-1.13.10-x86_64-darwin.gem 51d5246705dedad0a09b374d09cc193e7383a5dd32136a690a3cd56e95adf0a3 nokogiri-1.13.10-x86_64-linux.gem d3ee00f26c151763da1691c7fc6871ddd03e532f74f85101f5acedc2d099e958 nokogiri-1.13.10.gem

Changelog

Sourced from nokogiri's changelog.

1.13.10 / 2022-12-07

Security

[CRuby] Address CVE-2022-23476, unchecked return value from xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information.

Improvements

[CRuby] XML::Reader#attribute_hash now returns nil on parse errors. This restores the behavior of #attributes from v1.13.7 and earlier. [#2715]

Commits

4c80121 version bump to v1.13.10

85410e3 Merge pull request #2715 from sparklemotion/flavorjones-fix-reader-error-hand...

9fe0761 fix(cruby): XML::Reader#attribute_hash returns nil on error

3b9c736 Merge pull request #2717 from sparklemotion/flavorjones-lock-psych-to-fix-bui...

2efa87b test: skip large cdata test on system libxml2

3187d67 dep(dev): pin psych to v4 until v5 builds in CI

a16b4bf style(rubocop): disable Minitest/EmptyLineBeforeAssertionMethods

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump nokogiri from 1.13.6 to 1.13.9
Bumps nokogiri from 1.13.6 to 1.13.9.

Release notes

Sourced from nokogiri's releases.

1.13.9 / 2022-10-18

Security

[CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for more information.

[CRuby] Vendored zlib is updated to address CVE-2022-37434. Nokogiri was not affected by this vulnerability, but this version of zlib was being flagged up by some vulnerability scanners, see #2626 for more information.

Dependencies

[CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.

[CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.

[CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

Fixed

[CRuby] Nokogiri::XML::Namespace objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)

[CRuby] Document#remove_namespaces! now defers freeing the underlying xmlNs struct until the Document is GCed. Previously, maintaining a reference to a Namespace object that was removed in this way could lead to a segfault. [#2658]

sha256 checksums:

9b69829561d30c4461ea803baeaf3460e8b145cff7a26ce397119577a4083a02 nokogiri-1.13.9-aarch64-linux.gem e76ebb4b7b2e02c72b2d1541289f8b0679fb5984867cf199d89b8ef485764956 nokogiri-1.13.9-arm64-darwin.gem 15bae7d08bddeaa898d8e3f558723300137c26a2dc2632a1f89c8574c4467165 nokogiri-1.13.9-java.gem f6a1dbc7229184357f3129503530af73cc59ceba4932c700a458a561edbe04b9 nokogiri-1.13.9-x64-mingw-ucrt.gem 36d935d799baa4dc488024f71881ff0bc8b172cecdfc54781169c40ec02cbdb3 nokogiri-1.13.9-x64-mingw32.gem ebaf82aa9a11b8fafb67873d19ee48efb565040f04c898cdce8ca0cd53ff1a12 nokogiri-1.13.9-x86-linux.gem 11789a2a11b28bc028ee111f23311461104d8c4468d5b901ab7536b282504154 nokogiri-1.13.9-x86-mingw32.gem 01830e1646803ff91c0fe94bc768ff40082c6de8cfa563dafd01b3f7d5f9d795 nokogiri-1.13.9-x86_64-darwin.gem 8e93b8adec22958013799c8690d81c2cdf8a90b6f6e8150ab22e11895844d781 nokogiri-1.13.9-x86_64-linux.gem 96f37c1baf0234d3ae54c2c89aef7220d4a8a1b03d2675ff7723565b0a095531 nokogiri-1.13.9.gem

1.13.8 / 2022-07-23

Deprecated

XML::Reader#attribute_nodes is deprecated due to incompatibility between libxml2's xmlReader memory semantics and Ruby's garbage collector. Although this method continues to exist for backwards compatibility, it is unsafe to call and may segfault. This method will be removed in a future version of Nokogiri, and callers should use #attribute_hash instead. [#2598]

Improvements

XML::Reader#attribute_hash is a new method to safely retrieve the attributes of a node from XML::Reader. [#2598, #2599]

Fixed

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.13.9 / 2022-10-18

Security

[CRuby] Vendored libxml2 is updated to address CVE-2022-2309, CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for more information.

[CRuby] Vendored zlib is updated to address CVE-2022-37434. Nokogiri was not affected by this vulnerability, but this version of zlib was being flagged up by some vulnerability scanners, see #2626 for more information.

Dependencies

[CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.

[CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.

[CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

Fixed

[CRuby] Nokogiri::XML::Namespace objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)

[CRuby] Document#remove_namespaces! now defers freeing the underlying xmlNs struct until the Document is GCed. Previously, maintaining a reference to a Namespace object that was removed in this way could lead to a segfault. [#2658]

1.13.8 / 2022-07-23

Deprecated

XML::Reader#attribute_nodes is deprecated due to incompatibility between libxml2's xmlReader memory semantics and Ruby's garbage collector. Although this method continues to exist for backwards compatibility, it is unsafe to call and may segfault. This method will be removed in a future version of Nokogiri, and callers should use #attribute_hash instead. [#2598]

Improvements

XML::Reader#attribute_hash is a new method to safely retrieve the attributes of a node from XML::Reader. [#2598, #2599]

Fixed

[CRuby] Calling XML::Reader#attributes is now safe to call. In Nokogiri <= 1.13.7 this method may segfault. [#2598, #2599]

1.13.7 / 2022-07-12

Fixed

XML::Node objects, when compacted, update their internal struct's reference to the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation fault was possible after compaction was triggered. [#2578] (Thanks, @eightbitraptor!)

Commits

897759c version bump to v1.13.9

aeb1ac3 doc: update CHANGELOG

c663e49 Merge pull request #2671 from sparklemotion/flavorjones-update-zlib-1.2.13_v1...

212e07d ext: hack to cross-compile zlib v1.2.13 on darwin

76dbc8c dep: update zlib to v1.2.13

24e3a9c doc: update CHANGELOG

4db3b4d Merge pull request #2668 from sparklemotion/flavorjones-namespace-scopes-comp...

73d73d6 fix: Document#remove_namespaces! use-after-free bug

5f58b34 fix: namespace nodes behave properly when compacted

b08a858 test: repro namespace_scopes compaction issue

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump jmespath from 1.4.0 to 1.6.1
Bumps jmespath from 1.4.0 to 1.6.1.

Release notes

Sourced from jmespath's releases.

Release v1.6.1 - 2022-03-07

Issue - Use JSON.parse instead of JSON.load.

Release v1.6.0 - 2022-02-14

Feature - Add support for string comparissons.

Release v1.5.0 - 2022-01-10

Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

[See related GitHub pull request #51](jmespath/jmespath.rb#51).

Changelog

Sourced from jmespath's changelog.

1.6.1 (2022-03-07)

Issue - Use JSON.parse instead of JSON.load.

1.6.0 (2022-02-14)

Feature - Add support for string comparisons.

1.5.0 (2022-01-10)

Support implicitly convertible objects/duck-type values responding to to_hash and to_ary.

[See related GitHub pull request #51](jmespath/jmespath.rb#51).

Commits

6e429f6 Bumped version to v1.6.1

e884128 Merge pull request #55 from jmespath/json-parse

f517de4 Use JSON.parse instead of JSON.load

754bf30 Create security.md

010e3cd Release 1.6.0

ac17836 Add changelog for string comparison.

4b8773a Allow string comparison (#49)

9655aa9 Minor fixes to use 1p release tools.

fb80f31 Bumped version to v1.5.0

77913ac Use the new 1p gem release tools

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump nokogiri from 1.13.3 to 1.13.6
Bumps nokogiri from 1.13.3 to 1.13.6.

Release notes

Sourced from nokogiri's releases.

1.13.6 / 2022-05-08

Security

[CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

Improvements

{HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise TypeError instead of segfaulting when an incorrect type is passed.

sha256:

58417c7c10f78cd1c0e1984f81538300d4ea98962cfd3f46f725efee48f9757a nokogiri-1.13.6-aarch64-linux.gem a2b04ec3b1b73ecc6fac619b41e9fdc70808b7a653b96ec97d04b7a23f158dbc nokogiri-1.13.6-arm64-darwin.gem 4437f2d03bc7da8854f4aaae89e24a98cf5c8b0212ae2bc003af7e65c7ee8e27 nokogiri-1.13.6-java.gem 99d3e212bbd5e80aa602a1f52d583e4f6e917ec594e6aa580f6aacc253eff984 nokogiri-1.13.6-x64-mingw-ucrt.gem a04f6154a75b6ed4fe2d0d0ff3ac02f094b54e150b50330448f834fa5726fbba nokogiri-1.13.6-x64-mingw32.gem a13f30c2863ef9e5e11240dd6d69ef114229d471018b44f2ff60bab28327de4d nokogiri-1.13.6-x86-linux.gem 63a2ca2f7a4f6bd9126e1695037f66c8eb72ed1e1740ef162b4480c57cc17dc6 nokogiri-1.13.6-x86-mingw32.gem 2b266e0eb18030763277b30dc3d64337f440191e2bd157027441ac56a59d9dfe nokogiri-1.13.6-x86_64-darwin.gem 3fa37b0c3b5744af45f9da3e4ae9cbd89480b35e12ae36b5e87a0452e0b38335 nokogiri-1.13.6-x86_64-linux.gem b1512fdc0aba446e1ee30de3e0671518eb363e75fab53486e99e8891d44b8587 nokogiri-1.13.6.gem

1.13.5 / 2022-05-04

Security

[CRuby] Vendored libxml2 is updated to address CVE-2022-29824. See GHSA-cgx6-hpwq-fhv5 for more information.

Dependencies

[CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

[CRuby] The libxml2 HTML4 parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare < characters.

Changed

[CRuby] The libxml2 HTML4 parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and incorrectly-opened comments will result in HTML text nodes starting with <! instead of skipping the invalid tag. This behavior is a direct result of the quadratic-behavior fix noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in test/html4/test_comments.rb.

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.13.6 / 2022-05-08

Security

[CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

Improvements

{HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise TypeError instead of segfaulting when an incorrect type is passed.

1.13.5 / 2022-05-04

Security

[CRuby] Vendored libxml2 is updated to address CVE-2022-29824. See GHSA-cgx6-hpwq-fhv5 for more information.

Dependencies

[CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

[CRuby] The libxml2 HTML parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare < characters.

Changed

[CRuby] The libxml2 HTML parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and incorrectly-opened comments will result in HTML text nodes starting with <! instead of skipping the invalid tag. This behavior is a direct result of the quadratic-behavior fix noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in test/html4/test_comments.rb.

1.13.4 / 2022-04-11

Security

Address CVE-2022-24836, a regular expression denial-of-service vulnerability. See GHSA-crjr-9rc5-ghw8 for more information.

[CRuby] Vendored zlib is updated to address CVE-2018-25032. See GHSA-v6gp-9mmm-c6p5 for more information.

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated to address CVE-2022-23437. See GHSA-xxx9-3xcr-gjj3 for more information.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated to address CVE-2022-24839. See GHSA-gx8x-g87m-h5q6 for more information.

Dependencies

[CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See LICENSE-DEPENDENCIES.md for details on which packages redistribute this library.)

[JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to 2.12.2.

[JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of 1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://github.com/sparklemotion/nekohtml

Commits

b7817b6 version bump to v1.13.6

61b1a39 Merge pull request #2530 from sparklemotion/flavorjones-check-parse-memory-ty...

83cc451 fix: {HTML4,XML}::SAX::{Parser,ParserContext} check arg types

22c9e5b version bump to v1.13.5

6155881 doc: update CHANGELOG for v1.13.5

c519a47 Merge pull request #2527 from sparklemotion/2525-update-libxml-2_9_14-v1_13_x

66c2886 dep: update libxml2 to v2.9.14

b7c4cc3 test: unpend the LIBXML_LOADED_VERSION test on freebsd

eac7934 dev: require yaml

f3521ba style(rubocop): pend Style/FetchEnvVar for now

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump cocoapods-downloader from 1.5.1 to 1.6.3
Bumps cocoapods-downloader from 1.5.1 to 1.6.3.

Release notes

Sourced from cocoapods-downloader's releases.

1.6.3

Enhancements

None.

Bug Fixes

None.

1.6.2

Enhancements

None.

Bug Fixes

None.

1.6.1

Enhancements

None.

Bug Fixes

None.

1.6.0

Enhancements

None.

Bug Fixes

Adds a check for command injections in the input for hg and git.
orta #124

Changelog

Sourced from cocoapods-downloader's changelog.

1.6.3 (2022-04-01)

Enhancements

None.

Bug Fixes

None.

1.6.2 (2022-03-28)

Enhancements

None.

Bug Fixes

None.

1.6.1 (2022-03-23)

Enhancements

None.

Bug Fixes

None.

1.6.0 (2022-03-22)

Enhancements

None.

Bug Fixes

Adds a check for command injections in the input for hg and git.
orta #124

Commits

c03e2ed Release 1.6.3

f75bccc Disable Bazaar tests due to macOS 12.3 not including python2

52a0d54 Merge pull request #128 from CocoaPods/validate_before_dl

d27c983 Ensure that the git pre-processor doesn't accidentally bail also

3adfe1f [CHANGELOG] Add empty Master section

591167a Release 1.6.2

d2564c3 Merge pull request #127 from CocoaPods/validate_before_dl

99fec61 Switches where we check for invalid input, to move it inside the download fun...

96679f2 [CHANGELOG] Add empty Master section

3a7c54b Release 1.6.1

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump nokogiri from 1.12.5 to 1.13.3
Bumps nokogiri from 1.12.5 to 1.13.3.

Release notes

Sourced from nokogiri's releases.

1.13.3 / 2022-02-21

Fixed

[CRuby] Revert a HTML4 parser bug in libxml 2.9.13 (introduced in Nokogiri v1.13.2). The bug causes libxml2's HTML4 parser to fail to recover when encountering a bare < character in some contexts. This version of Nokogiri restores the earlier behavior, which is to recover from the parse error and treat the < as normal character data (which will be serialized as < in a text node). The bug (and the fix) is only relevant when the RECOVER parse option is set, as it is by default. [#2461]

SHA256 checksums:

025a4e333f6f903072a919f5f75b03a8f70e4969dab4280375b73f9d8ff8d2c0 nokogiri-1.13.3-aarch64-linux.gem b9cb59c6a6da8cf4dbee5dbb569c7cc95a6741392e69053544e0f40b15ab9ad5 nokogiri-1.13.3-arm64-darwin.gem e55d18cee64c19d51d35ad80634e465dbcdd46ac4233cb42c1e410307244ebae nokogiri-1.13.3-java.gem 53e2d68116cd00a873406b8bdb90c78a6f10e00df7ddf917a639ac137719b67b nokogiri-1.13.3-x64-mingw-ucrt.gem b5f39ebb662a1be7d1c61f8f0a2a683f1bb11690a6f00a99a1aa23a071f80145 nokogiri-1.13.3-x64-mingw32.gem 7c0de5863aace4bbbc73c4766cf084d1f0b7a495591e46d1666200cede404432 nokogiri-1.13.3-x86-linux.gem 675cc3e7d7cca0d6790047a062cd3aa3eab59e3cb9b19374c34f98bade588c66 nokogiri-1.13.3-x86-mingw32.gem f445596a5a76941a9d1980747535ab50d3399d1b46c32989bc26b7dd988ee498 nokogiri-1.13.3-x86_64-darwin.gem 3f6340661c2a283b337d227ea224f859623775b2f5c09a6bf197b786563958df nokogiri-1.13.3-x86_64-linux.gem bf1b1bceff910abb0b7ad825535951101a0361b859c2ad1be155c010081ecbdc nokogiri-1.13.3.gem

1.13.2 / 2022-02-21

Security

[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308.

[CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560.

Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs.

Dependencies

[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news

[CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news

SHA256 checksums:

63469a9bb56a21c62fbaea58d15f54f8f167ff6fde51c5c2262072f939926fdd nokogiri-1.13.2-aarch64-linux.gem 2986617f982f645c06f22515b721e6d2613dd69493e5c41ddd03c4830c3b3065 nokogiri-1.13.2-arm64-darwin.gem aca1d66206740b29d0d586b1d049116adcb31e6cdd7c4dd3a96eb77da215a0c4 nokogiri-1.13.2-java.gem b9e4eea1a200d9a927a5bc7d662c427e128779cba0098ea49ddbdb3ffc3ddaec nokogiri-1.13.2-x64-mingw-ucrt.gem 48d5493fec495867c5516a908a068c1387a1d17c5aeca6a1c98c089d9d9fdcf8 nokogiri-1.13.2-x64-mingw32.gem 62034d7aaaa83fbfcb8876273cc5551489396841a66230d3200b67919ef76cf9 nokogiri-1.13.2-x86-linux.gem e07237b82394017c2bfec73c637317ee7dbfb56e92546151666abec551e46d1d nokogiri-1.13.2-x86-mingw32.gem </tr></table>

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.13.3 / 2022-02-21

Fixed

[CRuby] Revert a HTML4 parser bug in libxml 2.9.13 (introduced in Nokogiri v1.13.2). The bug causes libxml2's HTML4 parser to fail to recover when encountering a bare < character in some contexts. This version of Nokogiri restores the earlier behavior, which is to recover from the parse error and treat the < as normal character data (which will be serialized as < in a text node). The bug (and the fix) is only relevant when the RECOVER parse option is set, as it is by default. [#2461]

1.13.2 / 2022-02-21

Security

[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses CVE-2022-23308.

[CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses CVE-2021-30560.

Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs.

Dependencies

[CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news

[CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news

1.13.1 / 2022-01-13

Fixed

Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an exception when non-string stylesheet parameters were passed. Non-string parameters (e.g., integers and symbols) are now explicitly supported and both keys and values will be stringified with #to_s. [#2418]

Fix CSS selector query regression in v1.13.0 that raised an Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into the CSS query. Although this mash-up of XPath and CSS syntax previously worked unintentionally, it is now an officially supported feature and is documented as such. [#2419]

1.13.0 / 2022-01-06

Notes

Ruby

This release introduces native gem support for Ruby 3.1. Please note that Windows users should use the x64-mingw-ucrt platform gem for Ruby 3.1, and x64-mingw32 for Ruby 2.6–3.0 (see RubyInstaller 3.1.0 release notes).

This release ends support for:

Ruby 2.5, for which official support ended 2021-03-31.

JRuby 9.2, which is a Ruby 2.5-compatible release.

Faster, more reliable installation: Native Gem for ARM64 Linux

This version of Nokogiri ships experimental native gem support for the aarch64-linux platform, which should support AWS Graviton and other ARM Linux platforms. We don't yet have CI running for this platform, and so we're interested in hearing back from y'all whether this is working, and what problems you're seeing. Please send us feedback here: Feedback: Have you used the aarch64-linux native gem?

... (truncated)

Commits

7d74ced version bump to v1.13.3

5970fd9 fix: revert libxml2 regression with HTML4 recovery

49b8663 version bump to v1.13.2

4729133 Merge pull request #2457 from sparklemotion/flavorjones-libxml-2.9.13-v1.13.x

379f757 dev(package): work around gnome mirrors with expired certs

95cf66c dep: upgrade libxml2 2.9.12 → 2.9.13

d37dd02 dep: upgrade libxslt 1.1.34 → 1.1.35

59a9398 dep: upgrade mini_portile 2.7 to 2.8

e885463 dev(package): handle either .tar.gz or .tar.xz archive names

7957c7b style: rubocop

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump addressable from 2.7.0 to 2.8.0
Bumps addressable from 2.7.0 to 2.8.0.

Changelog

Sourced from addressable's changelog.

Addressable 2.8.0

fixes ReDoS vulnerability in Addressable::Template#match

no longer replaces + with spaces in queries for non-http(s) schemes

fixed encoding ipv6 literals

the :compacted flag for normalized_query now dedupes parameters

fix broken escape_component alias

dropping support for Ruby 2.0 and 2.1

adding Ruby 3.0 compatibility for development tasks

drop support for rack-mount and remove Addressable::Template#generate

performance improvements

switch CI/CD to GitHub Actions

Commits

6469a23 Updating gemspec again

2433638 Merge branch 'main' of github.com:sporkmonger/addressable into main

e9c76b8 Merge pull request #378 from ashmaroli/flat-map

56c5cf7 Update the gemspec

c1fed1c Require a non-vulnerable rake

0d8a312 Adding note about ReDoS vulnerability

89c7613 Merge branch 'template-regexp' into main

cf8884f Note about alias fix

bb03f71 Merge pull request #371 from charleystran/add_missing_encode_component_doc_entry

6d1d809 Adding note about :compacted normalization

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 1
Bump rubyzip from 1.2.3 to 1.3.0
Bumps rubyzip from 1.2.3 to 1.3.0.

Release notes

Sourced from rubyzip's releases.

v1.3.0

Security

Add validate_entry_sizes option so that callers can trust an entry's reported size when using extract #403

This option defaults to false for backward compatibility in this release, but you are strongly encouraged to set it to true. It will default to true in rubyzip 2.0.

New Feature

Add add_stored method to simplify adding entries without compression #366

Tooling / Documentation

Add more gem metadata links #402

v1.2.4

Do not rewrite zip files opened with open_buffer that have not changed #360

Tooling / Documentation

Update example_recursive.rb in README #397

Hold CI at trusty for now, automatically pick the latest ruby patch version, use rbx-4 and hold jruby at 9.1 #399

Changelog

Sourced from rubyzip's changelog.

1.3.0 (2019-09-25)

Security

Add validate_entry_sizes option so that callers can trust an entry's reported size when using extract #403

This option defaults to false for backward compatibility in this release, but you are strongly encouraged to set it to true. It will default to true in rubyzip 2.0.

New Feature

Add add_stored method to simplify adding entries without compression #366

Tooling / Documentation

Add more gem metadata links #402

1.2.4 (2019-09-06)

Do not rewrite zip files opened with open_buffer that have not changed #360

Tooling / Documentation

Update example_recursive.rb in README #397

Hold CI at trusty for now, automatically pick the latest ruby patch version, use rbx-4 and hold jruby at 9.1 #399

Commits

e79d9ea Merge pull request #407 from rubyzip/v1-3-0

7c65e1e Bump version to 1.3.0

d65fe7b Merge pull request #403 from rubyzip/check-size

97cb6ae Warn when an entry size is invalid

7849f73 Default validate_entry_sizes to false for 1.3 release

4167f0c Validate entry sizes when extracting

94b7fa2 [ci skip] Update changelog

93505ca Check expected entry size in add_stored test

6619bf3 Merge pull request #366 from hainesr/add-stored

ecb2776 Zip::File.add_stored() to add uncompressed files.

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0
Bump excon from 0.64.0 to 0.71.0
Bumps excon from 0.64.0 to 0.71.0.

Changelog

Sourced from excon's changelog.

0.71.0 2019-12-12

fix for leftover data with interrupted persistent connections

0.70.0 2019-12-02

Update bundled certificates

0.69.1 2019-11-21

Fix mistake in proxy connection error handling

0.69.0 2019-11-21

Raise better proxy connection errors

0.68.0 2019-10-25

Updated bundled certs

0.67.0 2019-09-24

Properly redact user/pass info from proxy credentials Update bundled certs

0.66.0 2019-08-06

Add remote_ip to datum, enabling usage in middleware redirect follower now raises after following too many redirects (default 10) fixed stub clearing in tests to avoid race conditions

0.65.0 2019-07-22

fix yardoc formatting fix creating Proc without a block reduce/refine gem file contents update bundled certs readd bundled certs to gem file contents

Commits

1149d44 v0.71.0

ccb57d7 fix for leftover data with interrupted persistent connections

f8de8cf v0.70.0

93f4a21 v0.69.1

e89bbb7 Merge pull request #709 from jasquat/fix_response_status_check

5647437 fixed response status check when making a request with a valid proxy is set

f769176 v0.69.0

20c0748 define ProxyConnectionError

f44106a raise on failed proxy connect

d7ed5fe be thorough in unsubscribing to notifications in instrumentation tests

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies
opened by dependabot[bot] 0

Releases(3.6.1)

3.6.1(May 7, 2021)
Fixed

Build issues for MacCatalyst following previous AppKit support.

Source code(tar.gz)
Source code(zip)
3.6.0(May 7, 2021)
Added

Support for macOS: loading AppKit.NSView from xib.

Source code(tar.gz)
Source code(zip)
3.5.0(Aug 9, 2020)
Changed

Minimum iOS deployment target - iOS 9.

Source code(tar.gz)
Source code(zip)
3.4.0(Jun 17, 2019)
Support for Swift Package Manager in Xcode 11.

Added ability to customize Bundle from which view is being loaded.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(857.71 KB)
3.3.0(Apr 6, 2019)
Added convenience methods, that allow to resize view properly if view is using AutoLayout and can determine it's desired size: compressedLayout(), expandedLayout() and systemLayout(fittingSize:, horizontalPriority:, verticalPriority:).

Dropped support for Swift 3.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(844.94 KB)
3.2.0(Mar 26, 2019)
Support for Swift 5 and Xcode 10.2.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(793.04 KB)
3.1.0(Sep 28, 2018)
Support for Swift 4.2 and Xcode 10.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(1.02 MB)
3.0.0(Jun 18, 2018)
LoadableView no longer sets translatesAutoresizingMasksIntoConstraints property on container view to false. If you plan to use LoadableView without superview, consider turning this property to false manually, because without a container view it will not be able to compute it's size.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(876.49 KB)
2.3.0(Jan 5, 2018)
Added LoadableControl to allow LoadableView subclasses to have UIControl properties and methods.

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(643.36 KB)
2.2.1(Nov 1, 2017)
Updated for Xcode 9.1 / Swift 4.0.2

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(765.51 KB)
2.2.0(Sep 25, 2017)
Support for Swift 3.2 and Swift 4.0

Source code(tar.gz)
Source code(zip)
LoadableViews.framework.zip(1014.69 KB)
2.1.0(Jun 2, 2017)
Container view no longer translates it's autoresizing mask into constraints, thus allowing self-sizing mechanics for LoadableView.

Source code(tar.gz)
Source code(zip)
2.0.2(May 28, 2017)
Improved CI and automation scripts

Source code(tar.gz)
Source code(zip)
2.0.1(Mar 6, 2017)
Open up NibLoadableProtocol extension API to allow using NibLoadableProtocol methods with custom classes

Source code(tar.gz)
Source code(zip)
2.0.0(Sep 16, 2016)

Swift 3 release!
Source code(tar.gz)
Source code(zip)