Bump xmlresolver from 4.6.4 to 5.1.0 in /pgp-keys-map-test1 by dependabot[bot] · Pull Request #1348 · s4u/pgp-keys-map (original) (raw)

Bumps xmlresolver from 4.6.4 to 5.1.0.

Release notes

Sourced from xmlresolver's releases.

5.1.0

The 5.1.0 release fixes a significant bug in the new ALWAYS_RESOLVE feature. See #133

5.0.0

The Java contract for the entity resolver is to return null if the entity isn't found. Unfortunately, redirects are common these days (for example, w3.org redirects all http: URIs to https: URIs) and parsers don't always follow redirects, so if the resolver returns null, the parse fails. That's...suboptimal.

This release adds a new feature ResolverFeature.ALWAYS_RESOLVE that will resolve the resource (and follow redirects to do so) and always return it. This feature is true by default.

This release also extends the ResolverInputSource to expose the response code (if applicable) and headers (if available) from the response.

Commits

• ab34830 Merge pull request #135 from ndw/bump-ver
• 592cdf6 Make this a 5.1.0 release
• 455e783 Merge pull request #134 from ndw/iss-133
• d278763 Refix typo
• 200c86a Fix typo
• ab41b5c Fix build status badge
• e6e2dcc Resolve against the base URI when using ALWAYS_RESOLVE
• 604077a Merge pull request #132 from ndw/extend-sources
• 6eda6da This will be 5.0.0
• f2cde9c Fix failing test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)