Log message:
www: Remove SHA1 hashes for distfiles

Log message:
py-bleach: updated to 3.3.1

Version 3.3.1 (July 14th, 2021)
-------------------------------

**Features**

* add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq
* bump python version to 3.8 for tox doc, vendorverify, and lint targets
* update bug report template tag
* update vendorverify script to detect and fail when extra files are vendored
* update release process docs to check vendorverify passes locally

**Bug fixes**

* remove extra vendored django present in the v3.3.0 whl
* duplicate h1 header doc fix

Log message:
py-bleach: updated to 3.3.0

Version 3.3.0 (February 1st, 2021)
----------------------------------

**Backwards incompatible changes**

* clean escapes HTML comments even when strip_comments=False

**Security fixes**

* Fix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.

Log message:
py-bleach: updated to 3.2.3

Version 3.2.3 (January 26th, 2021)
----------------------------------

**Security fixes**
None

**Features**
None

**Bug fixes**
* fix clean and linkify raising ValueErrors for certain inputs.

Version 3.2.2 (January 20th, 2021)
----------------------------------

**Security fixes**
None

**Features**
* Migrate CI to Github Actions.

**Bug fixes**
* fix linkify raising an IndexError on certain inputs.

Log message:
py-bleach: updated to 3.2.1

Version 3.2.1
* change linkifier to add rel="nofollow" as documented.
* suppress html5lib sanitizer DeprecationWarnings

Version 3.2.0
* ``html5lib`` dependency to version 1.1.0.
* update tests_website terminology.

Log message:
www/py-bleach: Add missing dependency

Log message:
pytest from versioned depends

Log message:
py-bleach: updated to 3.1.5

Version 3.1.5:
Bug fixes
* replace missing ``setuptools`` dependency with ``packaging``.

Log message:
py-bleach: updated to 3.1.4

Version 3.1.4:

Security fixes

* ``bleach.clean`` behavior parsing style attributes could result in a
  regular expression denial of service (ReDoS).

  Calls to ``bleach.clean`` with an allowed tag with an allowed
  ``style`` attribute were vulnerable to ReDoS. For example,
  ``bleach.clean(..., attributes={'a': ['style']})``.

  This issue was confirmed in Bleach versions v3.1.3, v3.1.2, v3.1.1,
  v3.1.0, v3.0.0, v2.1.4, and v2.1.3. Earlier versions used a similar
  regular expression and should be considered vulnerable too.

  Anyone using Bleach <=v3.1.3 is encouraged to upgrade.

Backwards incompatible changes

* Style attributes with dashes, or single or double quoted values are
  cleaned instead of passed through.

Log message:
py-bleach: updated to 3.1.3

Version 3.1.3:

**Features**

* Add relative link to code of conduct.
* Drop deprecated 'setup.py test' support.
* Fix typo: curren -> current in tests/test_clean.py
* Test on PyPy 7
* Drop test support for end of life Python 3.4

Version 3.1.2:

**Security fixes**

* ``bleach.clean`` behavior parsing embedded MathML and SVG content
  with RCDATA tags did not match browser behavior and could result in
  a mutation XSS.

  Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or
  ``svg`` tags and one or more of the RCDATA tags ``script``,
  ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
  ``xmp`` in the allowed tags whitelist were vulnerable to a mutation
  XSS.

  This security issue was confirmed in Bleach version v3.1.1. Earlier
  versions are likely affected too.

Version 3.1.1:

**Security fixes**

* ``bleach.clean`` behavior parsing ``noscript`` tags did not match
  browser behavior.

  Calls to ``bleach.clean`` allowing ``noscript`` and one or more of
  the raw text tags (``title``, ``textarea``, ``script``, ``style``,
  ``noembed``, ``noframes``, ``iframe``, and ``xmp``) were vulnerable
  to a mutation XSS.

  This security issue was confirmed in Bleach versions v2.1.4, v3.0.2,
  and v3.1.0. Earlier versions are probably affected too.