nokogiri 1.13.1 → 1.13.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8227d6f153d867be16d6a1543db8775d75a4f50154977a7e197b3856733ebd91
-  data.tar.gz: f6f6894dd09880f0638c898287e6063efcea143ceec9373de827b28bd8db1ee4
+  metadata.gz: 70ba1f7df1f7cfb3938c7baea05aeee3e433175e879715fbe1741f76f8ce08d5
+  data.tar.gz: e880eb829f99a7523c03f79f76ba811e4b0b7ad92702058606785255c1c3c047
 SHA512:
-  metadata.gz: b64dedb115b211aed65dd3d710e52f61c325564fe64d790075d72c1e0269842c323d86bcd13ace576c13104067488a7fe3c1f200e9bf6828081956d24fa34793
-  data.tar.gz: 6b86c4de764df2b7b8798e44986da0fd9cbf4b0fc0e26589869f75af0330b2df1039fc47cc6a5ba432cde02329e48c703ba30c497d45afd68b1f6bcd0c80bce0
+  metadata.gz: 337d0e021fd058340333e001464e1aedc51f9ca67935058d25e00f807c7aefc0e53eb05c141cb58f4a311f6e7ef7743b4ea4fda0cbb18162db8454f06594be5b
+  data.tar.gz: c68d0f6a067e20d1c3df94565b010fdadabb56dc58b6f54dede92884b9310bd799053af4c5da43dd216a5f5ebf159d873cd4f8fd6241923cc4053ff21ff99401

data/Gemfile

@@ -3,6 +3,3 @@
 source "https://rubygems.org"
 
 gemspec
-
-# gem "rcodetools"
-# gem "rdoc", path: "../rdoc"

data/dependencies.yml

@@ -1,62 +1,12 @@
 libxml2:
-  version: "2.9.12"
-  sha256: "c8d6681e38c56f172892c85ddc0852e1fd4b53b4209e7f4ebf17f7e2eae71d92"
-  #  manually verified checksum:
-  #
-  #    $ gpg --verify libxml2-2.9.12.tar.gz.asc ports/archives/libxml2-2.9.12.tar.gz
-  #    gpg: Signature made Thu 13 May 2021 02:59:16 PM EDT
-  #    gpg:                using RSA key DB46681BB91ADCEA170FA2D415588B26596BEA5D
-  #    gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
-  #    gpg:                 aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
-  #    gpg: WARNING: This key is not certified with a trusted signature!
-  #    gpg:          There is no indication that the signature belongs to the owner.
-  #    Primary key fingerprint: C744 15BA 7C9C 7F78 F02E  1DC3 4606 B8A5 DE95 BC1F
-  #         Subkey fingerprint: DB46 681B B91A DCEA 170F  A2D4 1558 8B26 596B EA5D
-  #
-  #  using this pgp signature:
-  #
-  #    -----BEGIN PGP SIGNATURE-----
-  #    
-  #    iQEzBAABCAAdFiEE20ZoG7ka3OoXD6LUFViLJllr6l0FAmCddwQACgkQFViLJllr
-  #    6l11LQgAioRTdfmcC+uK/7+6HPtF/3c5zkX6j8VGYuvFBwZ0jayqMRBAl++fcpjE
-  #    JUU/JKebSZ/KCYjzyeOWK/i3Gq77iqm3UbZFB85rqu4a5P3gmj/4STWVyAx0KU3z
-  #    G3jKqDhJOt7c0acXb5lh2DngfDa1dn/VGcQcIXsqplNxNr4ET7MnSJjZ3nlxYfW2
-  #    E5vWBdPCMUeXDBl6MjYvw9XnGGBLUAaEJWoFToG6jKmVf4GAd9nza20jj5dtbcJq
-  #    QEOaSDKDr+f9h2NS8haOhJ9vOpy52PdeGzaFlbRkXarGXuAr8kITgATVs8FAqcgv
-  #    MoVhmrO5r2hJf0dCM9fZoYqzpMfmNA==
-  #    =KfJ9
-  #    -----END PGP SIGNATURE-----
-  #
+  version: "2.9.13"
+  sha256: "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"
+  # sha-256 hash provided in https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.sha256sum
 
 libxslt:
-  version: "1.1.34"
-  sha256: "98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f"
-  #  manually verified checksum:
-  #
-  #    $ gpg --verify ~/Downloads/libxslt-1.1.34.tar.gz.asc ports/archives/libxslt-1.1.34.tar.gz
-  #    gpg: Signature made Wed 30 Oct 2019 04:02:48 PM EDT
-  #    gpg:                using RSA key DB46681BB91ADCEA170FA2D415588B26596BEA5D
-  #    gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
-  #    gpg:                 aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
-  #    gpg: WARNING: This key is not certified with a trusted signature!
-  #    gpg:          There is no indication that the signature belongs to the owner.
-  #    Primary key fingerprint: C744 15BA 7C9C 7F78 F02E  1DC3 4606 B8A5 DE95 BC1F
-  #         Subkey fingerprint: DB46 681B B91A DCEA 170F  A2D4 1558 8B26 596B EA5D
-  #
-  #  using this pgp signature:
-  #
-  #    -----BEGIN PGP SIGNATURE-----
-  #    
-  #    iQEzBAABCAAdFiEE20ZoG7ka3OoXD6LUFViLJllr6l0FAl257GgACgkQFViLJllr
-  #    6l2vVggAjJEHmASiS56SxhPOsGqbfBihM66gQFoIymQfMu2430N1GSTkLsfbkJO8
-  #    8yBX11NjzK/m9uxwshMW3rVCU7EpL3PUimN3reXdPiQj9hAOAWF1V3BZNevbQC2E
-  #    FCIraioukaidf8sjUG4/sGpK/gOcP/3hYoN0HUoBigCNJjDqhijxM3M3GJJtCASp
-  #    jL4CQbs2OmxW8ixOZbuWEESvFFHUgYRsdZjRVN+GRfSOvJjxypurmYwQ3RjO7JxL
-  #    2FY8qKQ+xpeID8NV8F5OUEvWBjk1QS133VTqBZNlONdnEtV/og6jNu5k0O/Kvhup
-  #    caR+8TMErOcLr9OgDklO6DoYyAsf9Q==
-  #    =g4i4
-  #    -----END PGP SIGNATURE-----
-  #
+  version: "1.1.35"
+  sha256: "8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79"
+  # sha-256 hash provided in https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.sha256sum
 
 zlib:
   version: "1.2.11"

data/ext/nokogiri/extconf.rb

@@ -15,7 +15,7 @@ PACKAGE_ROOT_DIR = File.expand_path(File.join(File.dirname(__FILE__), "..", ".."
 REQUIRED_LIBXML_VERSION = "2.6.21"
 RECOMMENDED_LIBXML_VERSION = "2.9.3"
 
-REQUIRED_MINI_PORTILE_VERSION = "~> 2.7.0" # keep this version in sync with the one in the gemspec
+REQUIRED_MINI_PORTILE_VERSION = "~> 2.8.0" # keep this version in sync with the one in the gemspec
 REQUIRED_PKG_CONFIG_VERSION = "~> 1.1"
 
 # Keep track of what versions of what libraries we build against
@@ -211,6 +211,18 @@ def local_have_library(lib, func = nil, headers = nil)
   have_library(lib, func, headers) || have_library("lib#{lib}", func, headers)
 end
 
+def gnome_source
+  # As of 2022-02-20, some mirrors have expired SSL certificates. I'm able to retrieve from my home,
+  # but whatever host is resolved on the github actions workers see an expired cert.
+  #
+  # See https://github.com/sparklemotion/nokogiri/runs/5266206403?check_suite_focus=true
+  if ENV["NOKOGIRI_USE_CANONICAL_GNOME_SOURCE"]
+    "https://download.gnome.org"
+  else
+    "https://mirror.csclub.uwaterloo.ca/gnome" # old reliable
+  end
+end
+
 LOCAL_PACKAGE_RESPONSE = Object.new
 def LOCAL_PACKAGE_RESPONSE.%(package)
   package ? "yes: #{package}" : "no"
@@ -512,6 +524,7 @@ def process_recipe(name, version, static_p, cross_p, cacheable_p = true)
 
       EOM
 
+      pp(recipe.files)
       chdir_for_build { recipe.cook }
       FileUtils.touch(checkpoint)
     end
@@ -770,8 +783,9 @@ else
     if source_dir
       recipe.source_directory = source_dir
     else
+      minor_version = Gem::Version.new(recipe.version).segments.take(2).join(".")
       recipe.files = [{
-        url: "http://xmlsoft.org/sources/#{recipe.name}-#{recipe.version}.tar.gz",
+        url: "#{gnome_source}/sources/libxml2/#{minor_version}/#{recipe.name}-#{recipe.version}.tar.xz",
         sha256: dependencies["libxml2"]["sha256"],
       }]
       recipe.patch_files = Dir[File.join(PACKAGE_ROOT_DIR, "patches", "libxml2", "*.patch")].sort
@@ -818,8 +832,9 @@ else
     if source_dir
       recipe.source_directory = source_dir
     else
+      minor_version = Gem::Version.new(recipe.version).segments.take(2).join(".")
       recipe.files = [{
-        url: "http://xmlsoft.org/sources/#{recipe.name}-#{recipe.version}.tar.gz",
+        url: "#{gnome_source}/sources/libxslt/#{minor_version}/#{recipe.name}-#{recipe.version}.tar.xz",
         sha256: dependencies["libxslt"]["sha256"],
       }]
       recipe.patch_files = Dir[File.join(PACKAGE_ROOT_DIR, "patches", "libxslt", "*.patch")].sort

data/lib/nokogiri/version/constant.rb

@@ -2,5 +2,5 @@
 
 module Nokogiri
   # The version of Nokogiri you are using
-  VERSION = "1.13.1"
+  VERSION = "1.13.2"
 end

data/patches/libxml2/0004-use-glibc-strlen.patch

@@ -31,18 +31,18 @@ diff --git a/xmlstring.c b/xmlstring.c
 index e8a1e45d..df247dff 100644
 --- a/xmlstring.c
 +++ b/xmlstring.c
-@@ -423,14 +423,9 @@ xmlStrsub(const xmlChar *str, int start, int len) {
+@@ -423,12 +423,7 @@ xmlStrsub(const xmlChar *str, int start, int len) {
 
  int
  xmlStrlen(const xmlChar *str) {
--    int len = 0;
+-    size_t len = 0;
 -
      if (str == NULL) return(0);
 -    while (*str != 0) { /* non input consuming */
 -        str++;
 -        len++;
 -    }
--    return(len);
+-    return(len > INT_MAX ? 0 : len);
 +
 +    return strlen((const char*)str);
  }