Log message:
py-bleach: updated to 6.0.0
Version 6.0.0 (January 23rd, 2023)
----------------------------------
**Backwards incompatible changes**
* ``bleach.clean``, ``bleach.sanitizer.Cleaner``,
``bleach.html5lib_shim.BleachHTMLParser``: the ``tags`` and ``protocols``
arguments were changed from lists to sets.
Old pre-6.0.0:
.. code-block:: python
bleach.clean(
"some text",
tags=["a", "p", "img"],
# ^ ^ list
protocols=["http", "https"],
# ^ ^ list
)
New 6.0.0 and later:
.. code-block:: python
bleach.clean(
"some text",
tags={"a", "p", "img"},
# ^ ^ set
protocols={"http", "https"},
# ^ ^ set
)
* ``bleach.linkify``, ``bleach.linkifier.Linker``: the ``skip_tags`` and
``recognized_tags`` arguments were changed from lists to sets.
Old pre-6.0.0:
.. code-block:: python
bleach.linkify(
"some text",
skip_tags=["pre"],
# ^ ^ list
)
linker = Linker(
skip_tags=["pre"],
# ^ ^ list
recognized_tags=html5lib_shim.HTML_TAGS + ["custom-element"],
# ^ ^ ^ list
# |
# | list concatenation
)
New 6.0.0 and later:
.. code-block:: python
bleach.linkify(
"some text",
skip_tags={"pre"},
# ^ ^ set
)
linker = Linker(
skip_tags={"pre"},
# ^ ^ set
recognized_tags=html5lib_shim.HTML_TAGS | {"custom-element"},
# ^ ^ ^ set
# |
# | union operator
)
* ``bleach.sanitizer.BleachSanitizerFilter``: ``strip_allowed_elements`` is now
``strip_allowed_tags``. We now use "tags" everywhere rather than a \
mishmash
of "tags" in some places and "elements" in others.
**Security fixes**
None
**Bug fixes**
* Add support for Python 3.11.
* Fix API weirness in ``BleachSanitizerFilter``.
We're using "tags" instead of "elements" everywhere--no \
more weird
overloading of "elements" anymore.
Also, it no longer calls the superclass constructor.
* Add warning when ``css_sanitizer`` isn't set, but the ``style``
attribute is allowed.
* Fix linkify handling of character entities.
* Rework dev dependencies to use ``requirements-dev.txt`` and
``requirements-flake8.txt`` instead of extras.
* Fix project infrastructure to be tox-based so it's easier to have CI
run the same things we're running in development and with flake8
in an isolated environment.
* Update action versions in CI.
* Switch to f-strings where possible. Make tests parametrized to be
easier to read/maintain.
|