Skip to content

Bump the bundler-all group across 1 directory with 2 updates#167

Open
dependabot[bot] wants to merge 1 commit into
sourcefrom
dependabot/bundler/bundler-all-d6a9b14b0b
Open

Bump the bundler-all group across 1 directory with 2 updates#167
dependabot[bot] wants to merge 1 commit into
sourcefrom
dependabot/bundler/bundler-all-d6a9b14b0b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 27, 2026
edited
Loading

Bumps the bundler-all group with 2 updates in the / directory: json and nokogiri.

Updates json from 2.19.2 to 2.19.3

Release notes

Sourced from json's releases.

v2.19.3

  • Fix handling of unescaped control characters preceeded by a backslash.

Full Changelog: ruby/json@v2.19.2...v2.19.3

Changelog

Sourced from json's changelog.

2026-03-25 (2.19.3)

  • Fix handling of unescaped control characters preceeded by a backslash.
Commits
  • 779d441 Release 2.19.3
  • 75e2f64 Fix handling of unescaped control characters preceeded by a backslash
  • See full diff in compare view

Updates nokogiri from 1.19.1 to 1.19.2

Changelog

Sourced from nokogiri's changelog.

v1.19.2 / 2026-03-19

Dependencies

  • [JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. #3611 @​flavorjones
Commits
  • 6f5d025 version bump to v1.19.2
  • 6d4677f dep: upgrade Saxon-HE from 9.6.0-4 to 12.7 [v1.19.x backport] (#3614)
  • acf9527 dep: upgrade Saxon-HE from 9.6.0-4 to 12.7
  • b42e620 Skip compressed file SAX test on libxml2 >= 2.15
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the bundler-all group across 1 directory with 2 updates
079a6be 
Bumps the bundler-all group with 2 updates in the / directory: [json](https://github.com/ruby/json) and [nokogiri](https://github.com/sparklemotion/nokogiri).


Updates `json` from 2.19.2 to 2.19.3
- [Release notes](https://github.com/ruby/json/releases)
- [Changelog](https://github.com/ruby/json/blob/master/CHANGES.md)
- [Commits](ruby/json@v2.19.2...v2.19.3)

Updates `nokogiri` from 1.19.1 to 1.19.2
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.19.1...v1.19.2)

---
updated-dependencies:
- dependency-name: json
  dependency-version: 2.19.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler-all
- dependency-name: nokogiri
  dependency-version: 1.19.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: bundler-all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Apr 27, 2026
@dependabot dependabot Bot requested a review from Nymphium as a code owner April 27, 2026 21:00
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels Apr 27, 2026
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 27, 2026

Visual Regression Report

Page Viewport Diff pixels Status

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Nymphium Nymphium Awaiting requested review from Nymphium Nymphium is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants