Skip to content

Bump the ruby-deps group with 2 updates#1327

Merged
chadlwilson merged 1 commit intomasterfrom
dependabot/bundler/ruby-deps-027352f631
Mar 20, 2026
Merged

Bump the ruby-deps group with 2 updates#1327
chadlwilson merged 1 commit intomasterfrom
dependabot/bundler/ruby-deps-027352f631

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 20, 2026

Bumps the ruby-deps group with 2 updates: mime-types-data and nokogiri.

Updates mime-types-data from 3.2026.0303 to 3.2026.0317

Changelog

Sourced from mime-types-data's changelog.

3.2026.0317 / 2026-03-17

  • Updated registry entries from the IANA [media registry][registry] and [provisional media registry][provisional] and the [Apache Tika media registry][tika] as of the release date.

  • Juliana Lucena (@​julianalucena) added parquet extension for application/vnd.apache.parquet. #271[pull-271]

Commits
  • 0798655 Update mime-types-data 3.2026.0317 / 2026-03-17
  • f39588f Add parquet extension to application/vnd.apache.parquet MIME type
  • See full diff in compare view

Updates nokogiri from 1.19.1 to 1.19.2

Release notes

Sourced from nokogiri's releases.

v1.19.2 / 2026-03-19

Dependencies

  • [JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. #3611 @​flavorjones

SHA256 Checksums

c34d5c8208025587554608e98fd88ab125b29c80f9352b821964e9a5d5cfbd19  nokogiri-1.19.2-aarch64-linux-gnu.gem
7f6b4b0202d507326841a4f790294bf75098aef50c7173443812e3ac5cb06515  nokogiri-1.19.2-aarch64-linux-musl.gem
b7fa1139016f3dc850bda1260988f0d749934a939d04ef2da13bec060d7d5081  nokogiri-1.19.2-arm-linux-gnu.gem
61114d44f6742ff72194a1b3020967201e2eb982814778d130f6471c11f9828c  nokogiri-1.19.2-arm-linux-musl.gem
58d8ea2e31a967b843b70487a44c14c8ba1866daa1b9da9be9dbdf1b43dee205  nokogiri-1.19.2-arm64-darwin.gem
e9d67034bc80ca71043040beea8a91be5dc99b662daa38a2bfb361b7a2cc8717  nokogiri-1.19.2-java.gem
8ccf25eea3363a2c7b3f2e173a3400582c633cfead27f805df9a9c56d4852d1a  nokogiri-1.19.2-x64-mingw-ucrt.gem
7d9af11fda72dfaa2961d8c4d5380ca0b51bc389dc5f8d4b859b9644f195e7a4  nokogiri-1.19.2-x86_64-darwin.gem
fa8feca882b73e871a9845f3817a72e9734c8e974bdc4fbad6e4bc6e8076b94f  nokogiri-1.19.2-x86_64-linux-gnu.gem
93128448e61a9383a30baef041bf1f5817e22f297a1d400521e90294445069a8  nokogiri-1.19.2-x86_64-linux-musl.gem
38fdd8b59db3d5ea9e7dfb14702e882b9bf819198d5bf976f17ebce12c481756  nokogiri-1.19.2.gem

Full Changelog: sparklemotion/nokogiri@v1.19.1...v1.19.2

Changelog

Sourced from nokogiri's changelog.

v1.19.2 / 2026-03-19

Dependencies

  • [JRuby] Saxon-HE is updated to 12.7, from 9.6.0-4. Saxon-HE is a transitive dependency of nu.validator:jing, and this update addresses CVEs in Saxon-HE's own transitive dependencies JDOM and dom4j. We don't think this warrants a security release, however we're cutting a patch release to help users whose security scanners are flagging this. #3611 @​flavorjones
Commits
  • 6f5d025 version bump to v1.19.2
  • 6d4677f dep: upgrade Saxon-HE from 9.6.0-4 to 12.7 [v1.19.x backport] (#3614)
  • acf9527 dep: upgrade Saxon-HE from 9.6.0-4 to 12.7
  • b42e620 Skip compressed file SAX test on libxml2 >= 2.15
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the ruby-deps group with 2 updates
3ead903 
Bumps the ruby-deps group with 2 updates: [mime-types-data](https://github.com/mime-types/mime-types-data) and [nokogiri](https://github.com/sparklemotion/nokogiri).


Updates `mime-types-data` from 3.2026.0303 to 3.2026.0317
- [Changelog](https://github.com/mime-types/mime-types-data/blob/main/CHANGELOG.md)
- [Commits](mime-types/mime-types-data@v3.2026.0303...v3.2026.0317)

Updates `nokogiri` from 1.19.1 to 1.19.2
- [Release notes](https://github.com/sparklemotion/nokogiri/releases)
- [Changelog](https://github.com/sparklemotion/nokogiri/blob/main/CHANGELOG.md)
- [Commits](sparklemotion/nokogiri@v1.19.1...v1.19.2)

---
updated-dependencies:
- dependency-name: mime-types-data
  dependency-version: 3.2026.0317
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
- dependency-name: nokogiri
  dependency-version: 1.19.2
  dependency-type: indirect
  update-type: version-update:semver-patch
  dependency-group: ruby-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Mar 20, 2026
@chadlwilson chadlwilson merged commit 4ef0d47 into master Mar 20, 2026
@dependabot dependabot Bot deleted the dependabot/bundler/ruby-deps-027352f631 branch March 20, 2026 04:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chadlwilson