Bump jekyll and liquid

[dependabot]

Bumps jekyll and liquid. These dependencies needed to be updated together.
Updates jekyll from 0.11.0 to 4.3.2

Release notes

Sourced from jekyll's releases.

v4.3.2

Bug Fixes

• Backport #9257 for v4.3.x: Rename sass partial created for new blank site (#9262)
• Backport #9187 for v4.3.x: Optimize Site#each_site_file (#9256)
• Backport #9186 for v4.3.x: Remove totals in profile table properly (#9255)

Development Fixes

• Backport #9223 for 4.3.x: Update sass related tests for jekyll-sass-converter 3.x (#9254)

v4.3.1

Bug Fixes

• Respect user-defined name attribute in documents (#9167)
• Revert "Incrementally rebuild when a data file is changed" (#9170)

Documentation

• Release post for v4.3.1 (#9171)

v4.3.0

Minor Enhancements

• Add webrick as a dependency (#8524)
• Regenerate supported mime types (#8542)
• Update include tag to be more permissive (#8618)
• Optimize Jekyll::Utils.parse_date (#8425)
• Update rubocop from 1.12 to 1.18 and min ruby from 2.4 to 2.5 (#8741)
• Always hide cache-dir contents from Git (#8798)
• Remove the warning about auto-regeneration on Windows (#8821)
• Propagate _data folder from theme (#8815)
• Support both tzinfo v1 and v2 alongwith non-half hour offsets. (#8880)
• Run vendor-mimes to update mime.types (#8940)
• Expose collection static files via site.static_files (#8961)
• Expose basename from document.rb as name to Liquid templates (#8761)
• Allow Configurable Converters on CSV (#8858)
• Introduce theme drop to expose theme-gem details (#9129)
• Relax version constraint to allow Rouge 4.x (#9134)
• Incrementally rebuild when a data file is changed (#8771)
• Support jekyll-sass-converter 3.x (#9132)

Bug Fixes

• fix: pin rubocop to 1.12 due to error with ruby 2.4 (#8651)
• Load Jekyll plugins from BUNDLE_GEMFILE location (#8585)
• fix(security): CVE-2021-28834 (#8680)
• Inject livereload script using location.protocol instead of http: (#8718)
• Respect collections_dir config within include tag (#8756)
• Fix regression in Convertible module from v4.2.0 (#8786)

... (truncated)

Changelog

Sourced from jekyll's changelog.

4.3.2 / 2023-01-20

Bug Fixes

• Backport #9257 for v4.3.x: Rename sass partial created for new blank site (#9262)
• Backport #9187 for v4.3.x: Optimize Site#each_site_file (#9256)
• Backport #9186 for v4.3.x: Remove totals in profile table properly (#9255)

Development Fixes

• Backport #9223 for 4.3.x: Update sass related tests for jekyll-sass-converter 3.x (#9254)

4.3.1 / 2022-10-26

Bug Fixes

• Respect user-defined name attribute in documents (#9167)
• Revert "Incrementally rebuild when a data file is changed" (#9170)

Documentation

• Release post for v4.3.1 (#9171)

4.3.0 / 2022-10-20

Minor Enhancements

• Add webrick as a dependency (#8524)
• Regenerate supported mime types (#8542)
• Update include tag to be more permissive (#8618)
• Optimize Jekyll::Utils.parse_date (#8425)
• Update rubocop from 1.12 to 1.18 and min ruby from 2.4 to 2.5 (#8741)
• Always hide cache-dir contents from Git (#8798)
• Remove the warning about auto-regeneration on Windows (#8821)
• Propagate _data folder from theme (#8815)
• Support both tzinfo v1 and v2 along with non-half hour offsets. (#8880)
• Run vendor-mimes to update mime.types (#8940)
• Expose collection static files via site.static_files (#8961)
• Expose basename from document.rb as name to Liquid templates (#8761)
• Allow Configurable Converters on CSV (#8858)
• Introduce theme drop to expose theme-gem details (#9129)
• Relax version constraint to allow Rouge 4.x (#9134)
• Incrementally rebuild when a data file is changed (#8771)
• Support jekyll-sass-converter 3.x (#9132)

Bug Fixes

• fix: pin rubocop to 1.12 due to error with ruby 2.4 (#8651)
• Load Jekyll plugins from BUNDLE_GEMFILE location (#8585)
• fix(security): CVE-2021-28834 (#8680)

... (truncated)

Commits

• 3874e12 Release 💎 v4.3.2
• 2a6efa2 Update history to reflect merge of #9262 [ci skip]
• e0f339a Backport #9257 for v4.3.x: Rename sass partial created for new blank site (#9...
• 4df3d24 Update history to reflect merge of #9256 [ci skip]
• 14a9c9c Backport #9187 for v4.3.x: Optimize Site#each_site_file (#9256)
• a079df5 Update history to reflect merge of #9255 [ci skip]
• 7a6e0f1 Backport #9186 for v4.3.x: Remove totals in profile table properly
• da570f0 Update history to reflect merge of #9254 [ci skip]
• 868d969 Backport #9223 for 4.3.x
• a260cab Lock Ruby in CI to v3.1.2
• Additional commits viewable in compare view

Updates liquid from 2.2.2 to 4.0.4

Changelog

Sourced from liquid's changelog.

4.0.4 / (unreleased)

Fixed

• Fix ruby 3.2 compatibility by avoiding use of the removed taint API

4.0.3 / 2019-03-12

Fixed

• Fix break and continue tags inside included templates in loops (#1072) [Justin Li]

4.0.2 / 2019-03-08

Changed

• Add where filter (#1026) [Samuel Doiron]
• Add ParseTreeVisitor to iterate the Liquid AST (#1025) [Stephen Paul Weber]
• Improve strip_html performance (#1032) [printercu]

Fixed

• Add error checking for invalid combinations of inputs to sort, sort_natural, where, uniq, map, compact filters (#1059) [Garland Zhang]
• Validate the character encoding in url_decode (#1070) [Clayton Smith]

4.0.1 / 2018-10-09

Changed

• Add benchmark group in Gemfile (#855) [Jerry Liu]
• Allow benchmarks to benchmark render by itself (#851) [Jerry Liu]
• Avoid calling line_number on String node when rescuing a render error. (#860) [Dylan Thacker-Smith]
• Avoid duck typing to detect whether to call render on a node. [Dylan Thacker-Smith]
• Clarify spelling of reversed on for block tag (#843) [Mark Crossfield]
• Replace recursion with loop to avoid potential stack overflow from malicious input (#891, #892) [Dylan Thacker-Smith]
• Limit block tag nesting to 100 (#894) [Dylan Thacker-Smith]
• Replace assert_equal nil with assert_nil (#895) [Dylan Thacker-Smith]
• Remove Spy Gem (#896) [Dylan Thacker-Smith]
• Add collection_name and variable_name reader to For block (#909)
• Symbols render as strings (#920) [Justin Li]
• Remove default value from Hash objects (#932) [Maxime Bedard]
• Remove one level of nesting (#944) [Dylan Thacker-Smith]
• Update Rubocop version (#952) [Justin Li]
• Add at_least and at_most filters (#954, #958) [Nithin Bekal]
• Add a regression test for a liquid-c trim mode bug (#972) [Dylan Thacker-Smith]
• Use https rather than git protocol to fetch liquid-c [Dylan Thacker-Smith]
• Add tests against Ruby 2.4 (#963) and 2.5 (#981)
• Replace RegExp literals with constants (#988) [Ashwin Maroli]
• Replace unnecessary #each_with_index with #each (#992) [Ashwin Maroli]
• Improve the unexpected end delimiter message for block tags. (#1003) [Dylan Thacker-Smith]
• Refactor and optimize rendering (#1005) [Christopher Aue]
• Add installation instruction (#1006) [Ben Gift]
• Remove Circle CI (#1010)
• Rename deprecated BigDecimal.new to BigDecimal (#1024) [Koichi ITO]
• Rename deprecated Rubocop name (#1027) [Justin Li]

... (truncated)

Commits

• ae3057e Backport flaky no object allocation test fix
• fe49615 Use the released version of the liquid-c 4-0-stable branch
• 1f8bafc Add allowed_push_host to gemspec to allow releases
• 30a6569 Merge pull request #1668 from Shopify/4-0-backports
• a19320f rubocop: Exclude vendored dependencies in CI
• 8983fcb Update History.md
• c1c9157 Use 4-0-stable liquid-c branch to fix extension compilation in CI
• f199ba0 Backport CI migration
• dd70fcf Bump rake for ruby 3.2 compatibility
• abfcec9 Fix ParseTreeVisitorTest for ruby 3 compatibility
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.