build(deps): bump io.github.pdvrieze.xmlutil:serialization from 0.91.2 to 0.91.3

[dependabot]

Bumps io.github.pdvrieze.xmlutil:serialization from 0.91.2 to 0.91.3.

Release notes

Sourced from io.github.pdvrieze.xmlutil:serialization's releases.

0.91.3

Changes:

• Change the behaviour of defaultPolicy to inherit the settings of a previous policy even if it does not inherit DefaultXmlSerializationPolicy. In rare cases this changes the behaviour (where a custom policy was originally set (with different defaults), it didn't inherit the default policy, and it is now replaced by a default policy).
• In XmlWriter introduce a safeCdsect function that will handle embedded end of cdata sequences by splitting the CDATA section into two sections. This is now used in serialization to avoid serialization errors if the value contains ]]>.

Fixes:

• Fix serialization of cdata in the generic (and Android) xml writer. The writer incorrectly escaped entities in cdata (#304), and did not correctly deal with ]]> in the cdata content (this is resolved by writing as two separate cdata sections).
• Make the default instance encodeToString (XML.encodeToString) use the regular behaviour for handling null prefixes. This fixes the default empty prefix being used if none is manually set (rather than the annotated prefix).
• Fix attributes not being prefixed with a namespace if their namespace prefix is the default prefix for that namespace. As a workaround leave the prefix different from its containers.
• In pedantic mode, allow an XmlSerialName to use the xml prefix as long as its namespace is left default or maps to the xml namespace. Also force the prefix used to be the standard prefix (although, depending on the xml writer this may already be the case effectively).
• For the generic parser / serializer make handling of newline/tabs in attribute values standard compliant (#300). This means that when writing all will be written as character entities to allow for preservation of the values. For reading the entities are just resolved. Actual newline/tab content in attribute values is normalized as space characters (where CRLF is still replaced by a single space). As attribute values can be differen types than CData this does not further normalize the value by collapsing whitespace sequences.

Changelog

Sourced from io.github.pdvrieze.xmlutil:serialization's changelog.

0.91.3

(Oct 28, 2025)

Changes:

• Change the behaviour of defaultPolicy to inherit the settings of a previous policy even if it does not inherit DefaultXmlSerializationPolicy. In rare cases this changes the behaviour (where a custom policy was originally set (with different defaults), it didn't inherit the default policy, and it is now replaced by a default policy).
• In XmlWriter introduce a safeCdsect function that will handle embedded end of cdata sequences by splitting the CDATA section into two sections. This is now used in serialization to avoid serialization errors if the value contains ]]>.

Fixes:

• Fix serialization of cdata in the generic (and Android) xml writer. The writer incorrectly escaped entities in cdata (#304), and did not correctly deal with ]]> in the cdata content (this is resolved by writing as two separate cdata sections).
• Make the default instance encodeToString (XML.encodeToString) use the regular behaviour for handling null prefixes. This fixes the default empty prefix being used if none is manually set (rather than the annotated prefix).
• Fix attributes not being prefixed with a namespace if their namespace prefix is the default prefix for that namespace. As a workaround leave the prefix different from its containers.
• In pedantic mode, allow an XmlSerialName to use the xml prefix as long as its namespace is left default or maps to the xml namespace. Also force the prefix used to be the standard prefix (although, depending on the xml writer this may already be the case effectively).
• For the generic parser / serializer make handling of newline/tabs in attribute values standard compliant (#300). This means that when writing all will be written as character entities to allow for preservation of the values. For reading the entities are just resolved. Actual newline/tab content in attribute values is normalized as space characters (where CRLF is still replaced by a single space). As attribute values can be differen types than CData this does not further normalize the value by collapsing whitespace sequences.

Commits

• 6615ba1 Prepare 0.91.3 release.
• 4cf560e Fix spelling error in change log.
• ff74b5b Update gradle patch version
• cde8ff8 Merge pull request #309 from pdvrieze/dependabot/gradle/dev/kotlin-2.2.21
• cd9aaa3 Bump kotlin from 2.2.20 to 2.2.21
• 355815d Merge pull request #308 from pdvrieze/dependabot/gradle/dev/org.jetbrains.dok...
• eb10270 Bump org.jetbrains.dokka from 2.0.0 to 2.1.0
• 19ce9e3 Merge pull request #307 from pdvrieze/dependabot/gradle/dev/junit5-jupiter-5....
• dec563c Bump junit5-jupiter from 5.13.4 to 5.14.0
• f348821 Introduce safeCdsect to split cdata sections when needed.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)