./textproc/ruby-rexml, XML toolkit for Ruby

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 3.3.9, Package name: ruby31-rexml-3.3.9, Maintainer: pkgsrc-users

REXML

REXML was inspired by the Electric XML library for Java, which features an
easy-to-use API, small size, and speed. Hopefully, REXML, designed with the
same philosophy, has these same features. I've tried to keep the API as
intuitive as possible, and have followed the Ruby methodology for method
naming and code flow, rather than mirroring the Java API.

REXML supports both tree and stream document parsing. Stream parsing is
faster (about 1.5 times as fast). However, with stream parsing, you don't
get access to features such as XPath.


Required to run:
[lang/ruby27-base]

Master sites:

Filesize: 102 KB

Version history: (Expand)

CVS history: (Expand)


   2024-11-06 14:33:48 by Takahiro Kambe | Files touched by this commit (1) 
Log message:
textproc/ruby-rexml: drop Ruby 3.3

Ruby 3.3.6 has the same version of rexml as bundled gem and conflict
with it.
   2024-11-05 16:02:22 by Takahiro Kambe | Files touched by this commit (1) 
Log message:
textproc/ruby-rexml: drop Ruby 3.2

Ruby 3.2.6 has the same version of rexml as bundled gem and conflict
with it.
   2024-10-27 15:07:16 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
textproc/ruby-rexml: update to 3.3.9

3.3.9 (2024-10-24)

Improvements

* Improved performance.  [GH-210] Patch by NAITOH Jun.

Fixes

* Fixed a parse bug for text only invalid XML.  [GH-215] Patch
  by NAITOH Jun.

* Fixed a parse bug that &#0x...; is accepted as a character reference.
   2024-10-13 18:50:27 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
textproc/ruby-rexml: update to 3.3.8

3.3.8 (2024-09-29)

Improvements

* SAX2: Improve parse performance.

  - GH-207
  - Patch by NAITOH Jun.

Fixes

* Fixed a bug that unexpected attribute namespace conflict error for the
  predefined "xml" namespace is reported.

  - GH-208
  - Patch by KITAITI Makoto

Thanks

* NAITOH Jun
* KITAITI Makoto
   2024-09-05 17:00:35 by Takahiro Kambe | Files touched by this commit (2) | Package updated
Log message:
textproc/ruby-rexml: update to 3.3.7

3.3.7 (2024-09-04)

Improvements

* Added local entity expansion limit methods

  - GH-192
  - GH-202
  - Reported by takuya kodama.
  - Patch by NAITOH Jun.

* Removed explicit strscan dependency

  - GH-204
  - Patch by Bo Anderson.

Thanks

* takuya kodama
* NAITOH Jun
* Bo Anderson
   2024-08-25 12:57:23 by Thomas Klausner | Files touched by this commit (2) | Package updated
Log message:
ruby32-rexml: update to 3.3.6.

3.3.6
Improvements

    Removed duplicated entity expansions for performance.
        GH-194
        Patch by Viktor Ivarsson.

    Improved namespace conflicted attribute check performance. It was
    too slow for deep elements.
        Reported by l33thaxor.

Fixes

    Fixed a bug that default entity expansions are counted for
    security check. Default entity expansions should not be counted
    because they don't have a security risk.
        GH-198
        GH-199
        Patch Viktor Ivarsson

    Fixed a parser bug that parameter entity references in internal
    subsets are expanded. It's not allowed in the XML specification.
        GH-191
        Patch by NAITOH Jun.

    Fixed a stream parser bug that user-defined entity references in
    text aren't expanded.
        GH-200
        Patch by NAITOH Jun.

REXML 3.3.5 - 2024-08-12
Fixes

    Fixed a bug that REXML::Security.entity_expansion_text_limit
    check has wrong text size calculation in SAX and pull parsers.
        GH-193
        GH-195
        Reported by Viktor Ivarsson.
        Patch by NAITOH Jun.

REXML 3.3.4 - 2024-08-01
Fixes

    Fixed a bug that REXML::Security isn't defined when
    REXML::Parsers::StreamParser is used and
    rexml/parsers/streamparser is only required.
        GH-189
        Patch by takuya kodama.

REXML 3.3.3 - 2024-08-01
Improvements

    Added support for detecting invalid XML that has unsupported
    content before root element
        GH-184
        Patch by NAITOH Jun.

    Added support for REXML::Security.entity_expansion_limit= and
    REXML::Security.entity_expansion_text_limit= in SAX2 and pull
    parsers
        GH-187
        Patch by NAITOH Jun.

    Added more tests for invalid XMLs.
        GH-183
        Patch by Watson.

    Added more performance tests.
        Patch by Watson.

    Improved parse performance.
        GH-186
        Patch by tomoya ishida.
   2024-07-20 18:15:03 by Takahiro Kambe | Files touched by this commit (4) 
Log message:
textproc/ruby-rexml: add package version 3.3.2

ruby-rexml package had once removed from pkgsrc since all Ruby language
release contains it as a bundled gem.

But recently, there are two security problem in rexml and there is no
Ruby language release which fixes these problems.

	CVE-2024-35176: DoS in REXML
	CVE-2024-39908 : DoS in REXML

Instead, new rexml release are provided and installing ruby-rexml package
solves there security problems.

REXML

REXML was inspired by the Electric XML library for Java, which features an
easy-to-use API, small size, and speed.  Hopefully, REXML, designed with the
same philosophy, has these same features.  I've tried to keep the API as
intuitive as possible, and have followed the Ruby methodology for method
naming and code flow, rather than mirroring the Java API.

REXML supports both tree and stream document parsing.  Stream parsing is
faster (about 1.5 times as fast).  However, with stream parsing, you don't
get access to features such as XPath.
   2023-05-30 17:23:36 by Takahiro Kambe | Files touched by this commit (4) | Package removed
Log message:
textproc/ruby-rexml: remove package

This package was kept for ruby27 and ruby30 and later have rexml as
default gem.