./textproc/ruby-nokogiri, HTML, XML, SAX, and Reader parser with XPath and CSS selector support

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.7.1, Package name: ruby23-nokogiri-1.7.1, Maintainer: pkgsrc-users

Nokogiri parses and searches XML/HTML very quickly, and also has correctly
implemented CSS3 selector support as well as XPath support.

Features:

* XPath support for document searching
* CSS3 selector support for document searching
* XML/HTML builder
* Drop in replacement for Hpricot (though not bug for bug)


Required to run:
[textproc/libxml2] [textproc/libxslt] [lang/ruby23-base] [misc/ruby-mini_portile2]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 5731c2d494381be8440f6ace6e5fcb62e7850581
RMD160: 5b49924884b89befe9489f7c106df1841fe25cfb
Filesize: 8937.5 KB

Version history: (Expand)


CVS history: (Expand)


   2017-03-20 16:36:43 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.7.1.

# 1.7.1 / unreleased

## Security Notes

[MRI] Upstream libxml2 patches are applied to the vendored libxml 2.9.4 which \ 
address CVE-2016-4658 and CVE-2016-5131.

For more information:

* https://github.com/sparklemotion/nokogiri/issues/1615
* http://people.canonical.com/~ubuntu-sec … -4658.html
* http://people.canonical.com/~ubuntu-sec … -5131.html

## Dependencies

* [Windows] Upgrade zlib from 1.2.8 to 1.2.11 (unless --use-system-libraries)
   2017-01-08 06:36:55 by Takahiro Kambe | Files touched by this commit (1) | Package updated
Log message:
Now gemspec dose not require ruby-pkg-config any more.

Bump PKGREVISION.
   2017-01-07 23:30:13 by Thomas Klausner | Files touched by this commit (3) | Package updated
Log message:
Updated ruby-nokogiri to 1.7.0.1.

# 1.7.0.1 / 2017-01-04

## Bugs

* Fix OpenBSD support. (#1569) (related to #1543)

# 1.7.0 / 2016-12-26

## Features

* Remove deprecation warnings in Ruby 2.4.0 (#1545) (Thanks, @matthewd!)
* Support egcc compiler on OpenBSD (#1543) (Thanks, @frenkel and @knu!)

## Backwards incompatibilities.

This release ends support for:

* Ruby 1.9.2, for which official support ended on 2014-07-31
* Ruby 1.9.3, for which official support ended on 2015-02-23
* Ruby 2.0.0, for which official support ended on 2016-02-24
* MacRuby, which hasn't been actively supported since 2015-01-13 (see \ 
https://github.com/MacRuby/MacRuby/comm … 27d593a483)
   2016-10-18 16:41:15 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.6.8.1

=== 1.6.8.1 / 2016-10-03

==== Dependency License Notes

Removes required dependency on the `pkg-config` gem. This dependency
was introduced in v1.6.8 and, because it's distributed under LGPL, was
objectionable to many Nokogiri users (#1488, #1496).

This version makes `pkg-config` an optional dependency. If it's
installed, it's used; but otherwise Nokogiri will attempt to work
around its absence.

=== 1.6.8 / unreleased

==== Security Notes

[MRI] Bundled libxml2 is upgraded to 2.9.4, which fixes many security issues. \ 
Many of these had previously been patched in the vendored libxml 2.9.2 in the \ 
1.6.7.x branch, but some are newer.

See these libxml2 email posts for more:

* https://mail.gnome.org/archives/xml/201 … 00012.html
* https://mail.gnome.org/archives/xml/201 … 00023.html

For a more detailed analysis, you may care to read Canonical's take on these \ 
security issues:

* http://www.ubuntu.com/usn/usn-2994-1

[MRI] Bundled libxslt is upgraded to 1.1.29, which fixes a security issue as \ 
well as many long-known outstanding bugs, some features, some portability \ 
improvements, and general cleanup.

See this libxslt email post for more:

* https://mail.gnome.org/archives/xslt/20 … 00004.html

==== Features

Several changes were made to improve performance:

* [MRI] Simplify NodeSet#to_a with a minor speed-up. (#1397)
* XML::Node#ancestors optimization. (#1297) (Thanks, Bruno Sutic!)
* Use Symbol#to_proc where we weren't previously. (#1296) (Thanks, Bruno Sutic!)
* XML::DTD#each uses implicit block calls. (Thanks, @glaucocustodio!)
* Fall back to the `pkg-config` gem if we're having trouble finding the system \ 
libxml2. This should help many FreeBSD users. (#1417)
* Set document encoding appropriately even on blank document. (#1043) (Thanks, \ 
@batter!)

==== Bug Fixes

* [JRuby] fix slow add_child (#692)
* [JRuby] fix load errors when deploying to JRuby/Torquebox (#1114) (Thanks, \ 
@atambo and @jvshahid!)
* [JRuby] fix NPE when inspecting nodes returned by NodeSet#drop (#1042) \ 
(Thanks, @mkristian!)
* [JRuby] fix nil attriubte node's namespace in reader (#1327) (Thanks, \ 
@codekitchen!)
* [JRuby] fix Nokogiri munging unicode characters that require more than 2 bytes \ 
(#1113) (Thanks, @mkristian!)
* [JRuby] allow unlinking an unparented node (#1112, #1152) (Thanks, @esse!)
* [JRuby] allow Fragment parsing on a frozen string (#444, #1077)
* [JRuby] HTML `style` tags are no longer encoded (#1316) (Thanks, @tbeauvais!)
* [MRI] fix assertion failure while accessing attribute node's namespace in \ 
reader (#843) (Thanks, @2potatocakes!)
* [MRI] fix issue with GCing namespace nodes returned in an xpath query. (#1155)
* [MRI] Ensure C strings are null-terminated. (#1381)
* [MRI] Ensure Rubygems is loaded before using mini_portile2 at installation. \ 
(#1393, #1411) (Thanks, @JonRowe!)
* [MRI] Handling another edge case where the `libxml-ruby` gem's global \ 
callbacks were smashing the heap. (#1426). (Thanks to @bbergstrom for providing \ 
an isolated test case!)
* [MRI] Ensure encodings are passed to Sax::Parser xmldecl callback. (#844)
* [MRI] Ensure default ns prefix is applied correctly when reparenting nodes to \ 
another document. (#391) (Thanks, @ylecuyer!)
* [MRI] Ensure Reader handles non-existent attributes as expected. (#1254) \ 
(Thanks, @ccutrer!)
* [MRI] Cleanup around namespace handling when reparenting nodes. (#1332, #1333, \ 
#1444) (Thanks, @cuttrer and @bradleybeddoes!)
* unescape special characters in CSS queries (#1303) (Thanks, @twalpole!)
* consistently handle empty documents (#1349)
* Update to mini_portile2 2.1.0 to address whitespace-handling during patching. \ 
(#1402)
* Fix encoding of xml node namespaces.
* Work around issue installing Nokogiri on overlayfs (commonly used in Docker \ 
containers). (#1370, #1405)

==== Other Notes

* Removed legacy code remaining from Ruby 1.8.x support.
* Removed legacy code remaining from REE support.
* Removing hacky workarounds for bugs in some older versions of libxml2.
* Handling C strings in a forward-compatible manner, see \ 
https://github.com/ruby/ruby/blob/v2_2_0/NEWS#L319
   2016-03-15 16:45:46 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.6.7.2.

Below security problem dose not affect to pkgsrc since we do not use bundlerd
libxml2.

=== 1.6.7.2 / 2015-01-20

This version pulls in several upstream patches to the vendored libxml2 and \ 
libxslt to address:

  CVE-2015-7499

Ubuntu classifies this as "Priority: Low", RedHat classifies this as \ 
"Impact: Moderate", and NIST classifies this as "Severity: 5.0 \ 
(MEDIUM)".

MITRE record is https://cve.mitre.org/cgi-bin/cvename.c … -2015-7499
   2016-01-10 12:55:45 by Izumi Tsutsui | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.6.7.1.

pkgsrc changes:
* Fix DEPENDS on required ${RUBY_PKGPREFIX}-mini_portile2>=2.0.0

Upstream changes:

=== 1.6.7.1 / 2015-12-16

This version pulls in several upstream patches to the vendored libxml2 and \ 
libxslt to address:

  CVE-2015-5312
  CVE-2015-7497
  CVE-2015-7498
  CVE-2015-7499
  CVE-2015-7500
  CVE-2015-8241
  CVE-2015-8242
  CVE-2015-8317

See also http://www.ubuntu.com/usn/usn-2834-1/
   2015-12-13 16:26:42 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.6.7.

=== 1.6.7 / 2015-11-29

==== Notes

This version supports native builds on Windows using the RubyInstaller
DevKit. It also supports Ruby 2.2.x on Windows, as well as making
several other improvements to the installation process on various
platforms.

This version also includes the security patches already applied in
v1.6.6.3 and v1.6.6.4 to the vendored libxml2 and libxslt source.
See #1374 and #1376 for details.

==== Features

* Cross-built gems now have a proper ruby version requirement. (#1266)
* Ruby 2.2.x is supported on Windows.
* Native build is supported on Windows.
* [MRI] libxml2 and libxslt `config.guess` files brought up to date. (#1326) \ 
(Thanks, @hernan-erasmo!)
* [JRuby] fix error in validating files with jruby (#1355, #1361) (Thanks, \ 
@twalpole!)
* [MRI, OSX] Patch to handle nonstandard location of `iconv.h`. (#1206, #1210, \ 
#1218, #1345) (Thanks, @neonichu!)

==== Bug Fixes

* [JRuby] reset the namespace cache when replacing the document's innerHtml \ 
(#1265) (Thanks, @mkristian!)
* [JRuby] Document#parse should support IO objects that respond to #read. \ 
(#1124) (Thanks, Jake Byman!)
* [MRI] Duplicate-id errors when setting the `id` attribute on HTML documents \ 
are now silenced. (#1262)
* [JRuby] SAX parser cuts texts in peices when quare brackets exist. (#1261)
* [JRuby] Namespaced attributes aren't removed by remove_attribute. (#1299)
   2015-11-23 08:28:01 by Takahiro Kambe | Files touched by this commit (3) | Package updated
Log message:
Update ruby-nokogiri to 1.6.8.4.

=== 1.6.6.4 / 2015-11-19

This version pulls in an upstream patche to the vendored libxml2 to address:

* unclosed comment uninitialized access issue (#1376)

This issue does not have a CVE assigned to it as this time.