Skip to content

Bump rexml from 3.4.0 to 3.4.2#69

Merged
joescottdave merged 2 commits into
mainfrom
dependabot/bundler/rexml-3.4.2
Jul 13, 2026
Merged

Bump rexml from 3.4.0 to 3.4.2#69
joescottdave merged 2 commits into
mainfrom
dependabot/bundler/rexml-3.4.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Sep 17, 2025

Copy link
Copy Markdown
Contributor

Bumps rexml from 3.4.0 to 3.4.2.

Release notes

Sourced from rexml's releases.

REXML 3.4.2 - 2025-08-26

Improvement

  • Improved performance.

  • Raise appropriate exception when failing to match start tag in DOCTYPE

  • Deprecate accepting array as an element in XPath.match, first and each

    • GH-252
    • Patch by tomoya ishida
  • Don't call needless encoding_updated

    • GH-259
    • Patch by Sutou Kouhei
  • Reuse XPath::match

  • Cache redundant calls for doctype

  • Use Safe Navigation (&.) from Ruby 2.3

  • Remove redundant return statements

  • Added XML declaration check & Source#skip_spaces method

    • GH-282
    • Patch by NAITOH Jun
    • Reported by Sofi Aberegg

Fixes

  • Fix docs typo
    • GH-248
    • Patch by James Coleman

... (truncated)

Changelog

Sourced from rexml's changelog.

3.4.2 - 2025-08-26 {#version-3-4-2}

Improvement

  • Improved performance.

  • Raise appropriate exception when failing to match start tag in DOCTYPE

  • Deprecate accepting array as an element in XPath.match, first and each

    • GH-252
    • Patch by tomoya ishida
  • Don't call needless encoding_updated

    • GH-259
    • Patch by Sutou Kouhei
  • Reuse XPath::match

  • Cache redundant calls for doctype

  • Use Safe Navigation (&.) from Ruby 2.3

  • Remove redundant return statements

  • Added XML declaration check & Source#skip_spaces method

    • GH-282
    • Patch by NAITOH Jun
    • Reported by Sofi Aberegg

Fixes

  • Fix docs typo
    • GH-248
    • Patch by James Coleman

... (truncated)

Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Sep 17, 2025
@joescottdave

Copy link
Copy Markdown
Contributor

Would merging this demand a release, do you think, @jonrandahl ?

@jonrandahl

Copy link
Copy Markdown
Contributor

Would merging this demand a release, do you think, @jonrandahl ?

TL:DR = yes


Remember, in Rails, even if there is a new version of a gem the current applications running are not looking for it and will happily use the version that's currently set in their Gemfile.lock.

Therefore, in order to gain the benefits from updated gems, we need to both publish the gem to our repository as well as manually update any application that is using the gem to use the new version when "re-built".

@joescottdave

Copy link
Copy Markdown
Contributor

Thank you for the reminder, @jonrandahl. Maybe worth adding as a chore somewhere.

Maybe this PR can be added to front end tasks

@jonrandahl

Copy link
Copy Markdown
Contributor

@joescottdave usually I will update the gem and release a new version, then bundle install on the application that triggered the update need; then check if there are any other applications that have been affected by the reason for the update. Happy to discuss ownership and responsibility with you in the morning! 👍

@joescottdave

Copy link
Copy Markdown
Contributor

@dependabot recreate

Bumps [rexml](https://github.com/ruby/rexml) from 3.4.0 to 3.4.2.
- [Release notes](https://github.com/ruby/rexml/releases)
- [Changelog](https://github.com/ruby/rexml/blob/master/NEWS.md)
- [Commits](ruby/rexml@v3.4.0...v3.4.2)

---
updated-dependencies:
- dependency-name: rexml
  dependency-version: 3.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/bundler/rexml-3.4.2 branch from 7936f31 to bb4752a Compare July 10, 2026 07:51
@joescottdave
joescottdave merged commit dd50d2d into main Jul 13, 2026
2 checks passed
@joescottdave
joescottdave deleted the dependabot/bundler/rexml-3.4.2 branch July 13, 2026 08:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants