./textproc/py-lxml, Python binding for libxml2 and libxslt

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 4.7.1nb1, Package name: py39-lxml-4.7.1nb1, Maintainer: pkgsrc-users

lxml is a Pythonic binding for the libxml2 and libxslt libraries.
It is unique in that it combines the speed and feature completeness
of these libraries with the simplicity of a native Python API,
mostly compatible but superior to the well-known ElementTree API.


Required to run:
[textproc/libxml2] [textproc/libxslt] [devel/py-setuptools] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 3129.104 KB

Version history: (Expand)


CVS history: (Expand)


   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-12-16 21:17:10 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-lxml: updated to 4.7.1

4.7.1 (2021-12-13)

Features added

Chunked Unicode string parsing via parser.feed() now encodes the input data to \ 
the native UTF-8 encoding directly, instead of going through Py_UNICODE / \ 
wchar_t encoding first, which previously required duplicate recoding in most \ 
cases.

Bugs fixed

The standard namespace prefixes were mishandled during "C14N2" \ 
serialisation on Python 3. See \ 
https://mail.python.org/archives/list/lxml@python.org/thread/6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/
lxml.objectify previously accepted non-XML numbers with underscores (like \ 
"1_000") as integers or float values in Python 3.6 and later. It now \ 
adheres to the number format of the XML spec again.
Static wheels of lxml now contain the header files of zlib and libiconv (in \ 
addition to the already provided headers of libxml2/libxslt/libexslt).

Other changes

Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).

4.7.0 (2021-12-13)

Release retracted due to missing files in lxml/includes/.

4.6.5 (2021-12-12)

Bugs fixed

A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script \ 
content through SVG images (CVE-2021-43818).
A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script \ 
content through CSS imports and other crafted constructs (CVE-2021-43818).
   2021-12-08 17:07:18 by Adam Ciarcinski | Files touched by this commit (3063)
Log message:
revbump for icu and libffi
   2021-11-03 10:38:40 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-lxml: updated to 4.6.4

4.6.4

Features added

* A new property ``system_url`` was added to DTD entities.
* The ``STATIC_*`` variables in ``setup.py`` can now be passed via env vars.
   2021-10-26 13:23:42 by Nia Alarie | Files touched by this commit (1161)
Log message:
textproc: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./textproc/convertlit/distinfo clit18src.zip
   2021-10-07 17:02:49 by Nia Alarie | Files touched by this commit (1162)
Log message:
textproc: Remove SHA1 hashes for distfiles
   2021-04-21 13:43:04 by Adam Ciarcinski | Files touched by this commit (1822)
Log message:
revbump for textproc/icu
   2021-03-23 07:47:48 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-lxml: updated to 4.6.3

4.6.3

Bugs fixed
* A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
  which allowed JavaScript to pass through.  The cleaner now removes the HTML5
  ``formaction`` attribute.