chore(deps): update rust crate quick-xml to 0.40

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
quick-xml	dependencies	minor	0.38 → 0.40

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

tafia/quick-xml (quick-xml)

v0.40.0

Compare Source

MSRV bumped to 1.79.

Now quick-xml supports the UTF-16 encoded documents. See the new DecodingReader type.

New Features

• #​956: Add DecodingReader, a BufRead adapter that auto-detects encoding
  from BOM or XML declaration and transcodes to UTF-8. Enabled by the encoding feature.

• #​938: Add new enumeration XmlVersion and typified getter BytesDecl::xml_version().

• #​938: Add new error variant IllFormedError::UnknownVersion.

• #​371: Add new error variant EscapeError::TooManyNestedEntities.

• #​371: Improved compliance with the XML attribute value normalization process by adding

  • Attribute::normalized_value()
  • Attribute::normalized_value_with()
  • Attribute::decoded_and_normalized_value()
  • Attribute::decoded_and_normalized_value_with()

  which ought to be used in place of deprecated

  • Attribute::unescape_value()
  • Attribute::unescape_value_with()
  • Attribute::decode_and_unescape_value()
  • Attribute::decode_and_unescape_value_with()

  Deprecated functions now behaves the same as newly added.

Bug Fixes

• #​938: Use correct rules for EOL normalization in Deserializer when parse XML 1.0 documents.
  Previously XML 1.1. rules was applied.

Misc Changes

• #​914: Remove deprecated .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element()
  of NsReader. Use .resolver().<...> methods instead.
• #​938: Now BytesText::xml_content, BytesCData::xml_content and BytesRef::xml_content
  accepts XmlVersion parameter to apply correct EOL normalization rules.
• #​944: read_text() now returns BytesText which allows you to get the content with
  properly normalized EOLs. To get the previous behavior use .read_text().decode()?.
• #​956: Bumped MSRV from 1.59 (Feb 2022) to 1.79 (June 2024)

v0.39.4

Compare Source

Bug Fixes

• #​957: Fix slice-index panic when reading malformed DTD whose unknown markup
  is split across BufReader chunks. As with #​950, the returned
  Event::DocType may contain the malformed DTD; this fix only ensures that
  the parser does not panic.
• #​960: Fix sibling slice-index panic when a single chunk delivers < followed
  by 9+ bytes of unknown markup inside a DTD internal subset. Same disposition
  as #​957 / #​950: parser must not panic; DTD validity reporting is a future
  improvement.

v0.39.3

Compare Source

Bug Fixes

• #​950: Fix subtraction with overflow when parse malformed DTD in some cases.
  Note, that currently we do not check the validity of DTD, so the returned Event::DocType
  may contain the malformed DTD.

v0.39.2

Compare Source

New Features

• #​483: Implement read_text_into() and read_text_into_async().

Bug Fixes

• #​939: Fix parsing error of the tag from buffered reader, when the first byte <
  is the last in the BufRead internal buffer. This is the regression from #​936.

v0.39.1

Compare Source

New Features

• #​598: Add method NamespaceResolver::set_level which may be helpful in some circumstances.

Bug Fixes

• #​597: Fix incorrect processing of namespace scopes in NsReader::read_to_end
NsReader::read_to_end_into, NsReader::read_to_end_into_async and NsReader::read_text.
  The scope started by a start element was not ended after that call.
• #​936: Fix incorrect result of .read_text() when it is called after reading Text or GeneralRef event.

v0.39.0

Compare Source

Added a way to configure Writer. Now all configuration is contained in the writer::Config
struct and can be applied at once. When serde-types feature is enabled, configuration is serializable.

New Features

• #​846: Add methods config() and config_mut() to inspect and change the writer configuration.
• #​846: Add ability to write space before /> in self-closed tags for maximum compatibility with
  XHTML.
• #​846: Add method empty_element_handling() as a more powerful alternative to expand_empty_elements()
  in Serializer.
• #​929: Allow to pass list of field names to impl_deserialize_for_internally_tagged_enum! macro
  which is required if you enum variants contains $value fields.

Bug Fixes

• #​923: Implement correct skipping of well-formed DTD.

Misc Changes

• #​908: Increase minimal supported serde version from 1.0.139 to 1.0.180.
• #​913: Deprecate .prefixes(), .resolve(), .resolve_attribute(), and .resolve_element()
  of NsReader. Use .resolver().bindings() and .resolver().resolve() methods instead.
• #​913: Attributes::has_nil now accepts NamespaceResolver instead of Reader<R>.
• #​924: (breaking change) Split SyntaxError::UnclosedPIOrXmlDecl into UnclosedPI and
  UnclosedXmlDecl for more precise error reporting.
• #​924: (breaking change) Parser::eof_error now takes &self and content &[u8] parameters.
• #​926: (breaking change) Split SyntaxError::UnclosedTag into UnclosedTag,
  UnclosedSingleQuotedAttributeValue and UnclosedDoubleQuotedAttributeValue for more precise error reporting.

v0.38.4

Compare Source

New Features

• #​353: Add ability to serialize textual content as CDATA sections in Serializer.
  Everywhere where the text node may be created, a CDATA section(s) could be produced instead.
  See the new Serializer::text_format() method.

Bug Fixes

• #​912: Fix deserialization of numbers, booleans and characters that is space-wrapped, for example
  <int> 42 </int>. That space characters are usually indent added during serialization and
  other XML serialization libraries trims them

Misc Changes

• #​901: Fix running tests on 32-bit architecture
• #​909: Avoid some allocations in the Serializer

v0.38.3

Compare Source

Bug Fixes

• #​895: Fix incorrect normalization of \rX EOL sequences where X is a char which is
  UTF-8 encoded as [c2 xx], except [c2 85].

Misc Changes

• #​895: Add new xml10_content() and xml11_content() methods which behaves the same as
  html_content() and xml_content() methods, but express intention more clearly.

v0.38.2

Compare Source

New Features

• #​893: Implement FusedIterator for NamespaceBindingsIter.
• #​893: Make NamespaceResolver public.
• #​893: Add NsReader::resolver() for access to namespace resolver.

Misc Changes

• #​893: Rename PrefixIter to NamespaceBindingsIter.

v0.38.1

Compare Source

Important changes

To get text in events according to the XML specification (normalized EOLs) use the
new methods xml_content() instead of decode(). Deserializer uses new method
automatically.

New Features

• #​882: Add new methods to create Deserializer from existing NsReader:
  • Deserializer::borrowing
  • Deserializer::borrowing_with_resolver
  • Deserializer::buffering
  • Deserializer::buffering_with_resolver
• #​878: Add ability to serialize structs in $value fields. The struct name will
  be used as a tag name. Previously only enums was allowed there.
• #​806: Add BytesText::xml_content, BytesCData::xml_content and BytesRef::xml_content
  methods which returns XML EOL normalized strings.
• #​806: Add BytesText::html_content, BytesCData::html_content and BytesRef::html_content
  methods which returns HTML EOL normalized strings.

Bug Fixes

• #​806: Properly normalize EOL characters in Deserializer.
• #​888: Properly split attribute values by items when deserialize attribute into
  list of values and attribute requires decoding.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Package Changes Through bdc116e

No changes.

Add a change file through the GitHub UI by following this link.

---

Read about change files or the docs at github.com/jbolda/covector

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	quick-xml@​0.38.0 ⏵ 0.40.0

View full report