./www/py-bleach, Easy whitelist-based HTML-sanitizing tool

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 6.1.0nb1, Package name: py311-bleach-6.1.0nb1, Maintainer: ryoon

Bleach is an HTML sanitizing library that escapes or strips markup
and attributes based on a white list. Bleach can also linkify text
safely, applying filters that Django's ``urlize`` filter cannot,
and optionally setting ``rel`` attributes, even on links already
in the text.


Required to run:
[devel/py-setuptools] [lang/py-six] [textproc/py-webencodings] [lang/python37]

Required to build:
[pkgtools/cwrappers] [devel/py-test-runner]

Master sites:

Filesize: 197.382 KB

Version history: (Expand)


CVS history: (Expand)


   2023-10-20 13:31:22 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
py-bleach: updated to 6.1.0

Version 6.1.0 (October 6th, 2023)
---------------------------------

**Backwards incompatible changes**

* Dropped support for Python 3.7.

**Security fixes**

None

**Bug fixes**

* Add support for Python 3.12.
* Fix linkify with arrays in querystring
* Handle more cases with < followed by character data
* Fix entities inside a tags in linkification
* Update cap for tinycss2 to <1.3
* Updated Sphinx requirement
* Add dependabot for github actions and update github actions
   2023-05-05 17:46:44 by Thomas Klausner | Files touched by this commit (1)
Log message:
py-bleach: fix filename in REPLACE_SH
   2023-05-05 10:47:37 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
py-bleach: updated to 6.0.0

Version 6.0.0 (January 23rd, 2023)
----------------------------------

**Backwards incompatible changes**

* ``bleach.clean``, ``bleach.sanitizer.Cleaner``,
  ``bleach.html5lib_shim.BleachHTMLParser``: the ``tags`` and ``protocols``
  arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

     bleach.clean(
         "some text",
         tags=["a", "p", "img"],
         #    ^               ^ list
         protocols=["http", "https"],
         #         ^               ^ list
     )

  New 6.0.0 and later:

  .. code-block:: python

     bleach.clean(
         "some text",
         tags={"a", "p", "img"},
         #    ^               ^ set
         protocols={"http", "https"},
         #         ^               ^ set
     )

* ``bleach.linkify``, ``bleach.linkifier.Linker``: the ``skip_tags`` and
  ``recognized_tags`` arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

     bleach.linkify(
         "some text",
         skip_tags=["pre"],
         #         ^     ^ list
     )

     linker = Linker(
         skip_tags=["pre"],
         #         ^     ^ list
         recognized_tags=html5lib_shim.HTML_TAGS + ["custom-element"],
         #                                       ^ ^                ^ list
         #                                       |
         #                                       | list concatenation
     )

  New 6.0.0 and later:

  .. code-block:: python

     bleach.linkify(
         "some text",
         skip_tags={"pre"},
         #         ^     ^ set
     )

     linker = Linker(
         skip_tags={"pre"},
         #         ^     ^ set
         recognized_tags=html5lib_shim.HTML_TAGS | {"custom-element"},
         #                                       ^ ^                ^ set
         #                                       |
         #                                       | union operator
     )

* ``bleach.sanitizer.BleachSanitizerFilter``: ``strip_allowed_elements`` is now
  ``strip_allowed_tags``. We now use "tags" everywhere rather than a \ 
mishmash
  of "tags" in some places and "elements" in others.

**Security fixes**

None

**Bug fixes**

* Add support for Python 3.11.

* Fix API weirness in ``BleachSanitizerFilter``.

  We're using "tags" instead of "elements" everywhere--no \ 
more weird
  overloading of "elements" anymore.

  Also, it no longer calls the superclass constructor.

* Add warning when ``css_sanitizer`` isn't set, but the ``style``
  attribute is allowed.

* Fix linkify handling of character entities.

* Rework dev dependencies to use ``requirements-dev.txt`` and
  ``requirements-flake8.txt`` instead of extras.

* Fix project infrastructure to be tox-based so it's easier to have CI
  run the same things we're running in development and with flake8
  in an isolated environment.

* Update action versions in CI.

* Switch to f-strings where possible. Make tests parametrized to be
  easier to read/maintain.
   2023-04-30 20:45:35 by Thomas Klausner | Files touched by this commit (1)
Log message:
py-bleach: only for python 2
   2022-01-04 21:55:40 by Thomas Klausner | Files touched by this commit (1595)
Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS
   2021-11-09 21:34:41 by Thomas Klausner | Files touched by this commit (9)
Log message:
*: convert packaging to lang/python/versioned_dependencies.mk
   2021-10-26 13:31:15 by Nia Alarie | Files touched by this commit (1030)
Log message:
www: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Not committed (merge conflicts):
www/nghttp2/distinfo

Unfetchable distfiles (almost certainly fetched conditionally...):
./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx-devel/distinfo naxsi-1.3.tar.gz
./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx-devel/distinfo njs-0.5.0.tar.gz
./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz
./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz
./www/nginx/distinfo echo-nginx-module-0.62.tar.gz
./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz
./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz
./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz
./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz
./www/nginx/distinfo naxsi-1.3.tar.gz
./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz
./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz
./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz
./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz
./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz
./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz
./www/nginx/distinfo njs-0.5.0.tar.gz
./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz
   2021-10-07 17:09:00 by Nia Alarie | Files touched by this commit (1033)
Log message:
www: Remove SHA1 hashes for distfiles