refactor: Security upgrade jazzy from 0.15.3 to 0.15.4

[parseplatformorg]

Snyk has created this PR to fix 1 vulnerabilities in the rubygems dependencies of this project.

Snyk changed the following file(s):

• Gemfile
• Gemfile.lock

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') SNYK-RUBY-REXML-12878608	559

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

Summary by CodeRabbit

• Chores
  • Updated Jazzy dependency to the latest version.

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant]

🚀 Thanks for opening this pull request!

[coderabbitai]

📝 Walkthrough

Walkthrough

The Gemfile dependency was updated, specifically upgrading the Jazzy gem from version 0.15.3 to 0.15.4. This is a minor version patch update with no changes to other dependencies.

Changes

Cohort / File(s)	Change Summary
Dependency Version Update Gemfile	Updated Jazzy gem version from 0.15.3 to 0.15.4

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

• Single file with a straightforward version bump
• No logic, configuration, or behavior changes
• Minimal risk; purely a dependency maintenance update

Pre-merge checks and finishing touches

❌ Failed checks (2 warnings)

Check name	Status	Explanation	Resolution
Description Check	⚠️ Warning	The PR description does not follow the required template structure for this repository. The provided description is Snyk-generated content that includes vulnerability details and links but completely omits all required sections: the New Pull Request Checklist (vulnerability disclosure and issue reference boxes), Issue Description section with the "Closes:" reference, Approach section explaining the change strategy, and TODOs before merging checklist. While the description provides useful context about the security vulnerability being fixed, it fails to meet the repository's mandatory template requirements.	The description should be restructured to follow the required template. Add the New Pull Request Checklist with appropriate checkboxes (noting this is not a vulnerability disclosure, and referencing the related Snyk issue if available), fill in the Issue Description section with details about the vulnerability being fixed, add an Approach section explaining that the Gemfile was updated to upgrade the jazzy dependency, and include the TODOs section with any tasks needed before merge.
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (1 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The PR title "refactor: Security upgrade jazzy from 0.15.3 to 0.15.4" is clear and directly describes the main change in the changeset. The title accurately conveys that the jazzy gem dependency was upgraded for security purposes, with specific version numbers provided. This directly corresponds to the changeset modifications in the Gemfile. While the "refactor:" conventional commit prefix could arguably be more precise (since this is a dependency upgrade for security rather than code refactoring), the title itself is specific and informative enough for a developer to understand the primary change.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch snyk-fix-3e64d92e5ac19b7e1ac77eb17c66a6ea

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 94596f9 and b18bb6f.

⛔ Files ignored due to path filters (1)

• Gemfile.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Gemfile (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (5)

• GitHub Check: Core Module, macOS 15
• GitHub Check: Xcode 16
• GitHub Check: LiveQuery Module, iOS 17
• GitHub Check: Xcode 15
• GitHub Check: Core Module, macOS 14

🔇 Additional comments (1)

Gemfile (1)

4-4: Security patch approved – jazzy 0.15.4 is a legitimate release with no breaking changes.

This patch-level version bump addresses the SNYK-RUBY-REXML-12878608 XML entity expansion vulnerability, and as a documentation tool, jazzy is not a runtime dependency. The upgrade is low-risk and ready to merge.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[parseplatformorg]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.