Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-04-21 21:00:04 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-loofah" Wed Apr 21 21:00:04 2021 rev:17 rq:887019 version:2.9.1 Changes: -------- --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-01-21 21:55:04.169786454 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324/rubygem-loofah.changes 2021-04-21 21:00:32.946309993 +0200 @@ -1,0 +2,10 @@ +Tue Apr 20 13:38:21 UTC 2021 - Manuel Schnitzer <mschnit...@suse.com> + +- updated to version 2.9.1 + + ### Bug fixes + + * Fix a regression in v2.9.0 which inappropriately removed CSS properties + with quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)] + +------------------------------------------------------------------- Old: ---- loofah-2.9.0.gem New: ---- loofah-2.9.1.gem ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ rubygem-loofah.spec ++++++ --- /var/tmp/diff_new_pack.akooEm/_old 2021-04-21 21:00:33.402310711 +0200 +++ /var/tmp/diff_new_pack.akooEm/_new 2021-04-21 21:00:33.406310717 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version: 2.9.0 +Version: 2.9.1 Release: 0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++++++ loofah-2.9.0.gem -> loofah-2.9.1.gem ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md 2021-01-14 22:36:18.000000000 +0100 +++ new/CHANGELOG.md 2021-04-07 17:17:52.000000000 +0200 @@ -1,11 +1,22 @@ # Changelog -### 2.9.0 / 2021-01-14 +## 2.9.1 / 2021-04-07 + +### Bug fixes + +* Fix a regression in v2.9.0 which inappropriately removed CSS properties with quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)] + + +## 2.9.0 / 2021-01-14 + +### Features * Handle CSS functions in a CSS shorthand property (like `background`). [[#199](https://github.com/flavorjones/loofah/issues/199), [#200](https://github.com/flavorjones/loofah/issues/200)] -### 2.8.0 / 2020-11-25 +## 2.8.0 / 2020-11-25 + +### Features * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`, `flex-shrink`, `flex-flow`, `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and `align-content`. [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks, [@miguelperez](https://github.com/miguelperez)!) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-01-14 22:36:18.000000000 +0100 +++ new/README.md 2021-04-07 17:17:52.000000000 +0200 @@ -1,12 +1,12 @@ # Loofah * https://github.com/flavorjones/loofah -* Docs: http://rubydoc.info/github/flavorjones/loofah/master/frames +* Docs: http://rubydoc.info/github/flavorjones/loofah/main/frames * Mailing list: [loofah-t...@googlegroups.com](https://groups.google.com/forum/#!forum/loofah-talk) ## Status -[![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/loofah/jobs/ruby-2.5/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah?groups=master) +[![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/loofah/jobs/ruby-3.0/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah) [![Code Climate](https://codeclimate.com/github/flavorjones/loofah.svg)](https://codeclimate.com/github/flavorjones/loofah) [![Tidelift dependencies](https://tidelift.com/badges/package/rubygems/loofah)](https://tidelift.com/subscription/pkg/rubygems-loofah?utm_source=rubygems-loofah&utm_medium=referral&utm_campaign=readme) @@ -211,7 +211,7 @@ Loofah.xml_document(File.read('plague.xml')).scrub!(bring_out_your_dead) ``` -=== Built-In HTML Scrubbers +### Built-In HTML Scrubbers Loofah comes with a set of sanitizing scrubbers that use HTML5lib's safelist algorithm: Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/scrub.rb new/lib/loofah/html5/scrub.rb --- old/lib/loofah/html5/scrub.rb 2021-01-14 22:36:18.000000000 +0100 +++ new/lib/loofah/html5/scrub.rb 2021-04-07 17:17:52.000000000 +0200 @@ -9,6 +9,7 @@ CSS_KEYWORDISH = /\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/ CRASS_SEMICOLON = { node: :semicolon, raw: ";" } CSS_IMPORTANT = '!important' + CSS_PROPERTY_STRING_WITHOUT_EMBEDDED_QUOTES = /\A(["'])?[^"']+\1\z/ class << self def allowed_element?(element_name) @@ -92,7 +93,11 @@ when :whitespace nil when :string - nil + if child[:raw] =~ CSS_PROPERTY_STRING_WITHOUT_EMBEDDED_QUOTES + Crass::Parser.stringify(child) + else + nil + end when :function if SafeList::ALLOWED_CSS_FUNCTIONS.include?(child[:name].downcase) Crass::Parser.stringify(child) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/version.rb new/lib/loofah/version.rb --- old/lib/loofah/version.rb 2021-01-14 22:36:18.000000000 +0100 +++ new/lib/loofah/version.rb 2021-04-07 17:17:52.000000000 +0200 @@ -1,5 +1,5 @@ # frozen_string_literal: true module Loofah # The version of Loofah you are using - VERSION = "2.9.0" + VERSION = "2.9.1" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata 2021-01-14 22:36:18.000000000 +0100 +++ new/metadata 2021-04-07 17:17:52.000000000 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: loofah version: !ruby/object:Gem::Version - version: 2.9.0 + version: 2.9.1 platform: ruby authors: - Mike Dalessio @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2021-01-14 00:00:00.000000000 Z +date: 2021-04-07 00:00:00.000000000 Z dependencies: - !ruby/object:Gem::Dependency name: nokogiri @@ -196,7 +196,7 @@ homepage_uri: https://github.com/flavorjones/loofah source_code_uri: https://github.com/flavorjones/loofah bug_tracker_uri: https://github.com/flavorjones/loofah/issues - changelog_uri: https://github.com/flavorjones/loofah/blob/master/CHANGELOG.md + changelog_uri: https://github.com/flavorjones/loofah/blob/main/CHANGELOG.md documentation_uri: https://www.rubydoc.info/gems/loofah/ post_install_message: rdoc_options: []