[CVE] remove nokogiri and dependencies

Nokogiri was used to bump performance on MacOS clients when parsing
plist files. Without it, CFPropertyList will fall back to rexml.
However, performance testing indicates that the boost is negligible.
This just removes it and reduces our security exposure.

This removes the libxml2 & libxslt libraries from the agent runtime, but
doesn't actually delete the components yet because Bolt uses them.

Author: binford2k

configs/components/rubygem-mini_portile2.rb

@@ -35,8 +35,6 @@
 proj.component "ruby-#{proj.ruby_version}"
 proj.component "readline" if platform.is_macos?
 proj.component 'augeas' unless platform.is_windows?
-proj.component 'libxml2' unless platform.is_windows?
-proj.component 'libxslt' unless platform.is_windows?
 
 proj.component 'ruby-augeas' unless platform.is_windows?
 proj.component 'ruby-shadow' unless platform.is_aix? || platform.is_windows?

configs/components/rubygem-nokogiri.rb

@@ -67,12 +67,6 @@
     proj.component 'rubygem-sys-filesystem'
   end
 
-  # Nokogiri and dependencies to improve macOS performance (PUP-11332)
-  if platform.is_macos?
-    proj.component 'rubygem-nokogiri'
-    proj.component 'rubygem-mini_portile2'
-  end
-
   # Dependencies for gettext for Ruby >= 3.2 (PA-4815)
   proj.component 'rubygem-erubi'
   proj.component 'rubygem-prime'