commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2023-11-15 21:07:50 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.17445 (New) Package is "rubygem-loofah" Wed Nov 15 21:07:50 2023 rev:26 rq:1126292 version:2.22.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2023-03-08 14:52:27.542638945 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.17445/rubygem-loofah.changes 2023-11-15 21:09:05.573371546 +0100 @@ -1,0 +2,76 @@ +Tue Nov 14 15:13:24 UTC 2023 - Dan Äermák + +- ## 2.22.0 / 2023-11-13 + +### Added + +* A `:targetblank` HTML scrubber which ensures all hyperlinks have `target="_blank"`. [#275] @stefannibrasil and @thdaraujo +* A `:noreferrer` HTML scrubber which ensures all hyperlinks have `rel=noreferrer`, similar to the `:nofollow` and `:noopener` scrubbers. [#277] @wynksaiddestroy + + +--- +Fri Nov 3 07:41:26 UTC 2023 - Dan Äermák + +- ## 2.21.4 / 2023-10-10 + +### Fixed + +* `Loofah::HTML5::Scrub.scrub_css` is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, `.scrub_css` no longer inserts whitespace between tokens that did not already have whitespace between them. [[#273](https://github.com/flavorjones/loofah/issues/273), fixes [#271](https://github.com/flavorjones/loofah/issues/271)] + +## 2.21.3 / 2023-05-15 + +### Fixed + +* Quash "instance variable not initialized" warning in Ruby < 3.0. [[#268](https://github.com/flavorjones/loofah/issues/268)] (Thanks, [@dharamgollapudi](https://github.com/dharamgollapudi)!) + +## 2.21.2 / 2023-05-11 + +### Dependencies + +* Update the dependency on Nokogiri to be `>= 1.12.0`. The dependency in 2.21.0 and 2.21.1 was left at `>= 1.5.9` but versions before 1.12 would result in a `NameError` exception. [[#266](https://github.com/flavorjones/loofah/issues/266)] + +## 2.21.1 / 2023-05-10 + +### Fixed + +* Don't define `HTML5::Document` and `HTML5::DocumentFragment` when Nokogiri is `< 1.14`. In 2.21.0 these classes were defined whenever `Nokogiri::HTML5` was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly. + +## 2.21.0 / 2023-05-10 + +### HTML5 Support + +Classes `Loofah::HTML5::Document` and `Loofah::HTML5::DocumentFragment` are introduced, along with helper methods: + +- `Loofah.html5_document` +- `Loofah.html5_fragment` +- `Loofah.scrub_html5_document` +- `Loofah.scrub_html5_fragment` + +These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used. + +â HTML5 functionality is only available with Nokogiri v1.14.0 and higher. + +â HTML5 functionality is not available for JRuby. Please see [this upstream Nokogiri issue](https://github.com/sparklemotion/nokogiri/issues/2227) if you're interested in helping implement and support HTML5 support. + +### `Loofah::HTML4` module and namespace + +`Loofah::HTML` has been renamed to `Loofah::HTML4`, and `Loofah::HTML` is aliased to preserve backwards-compatibility. `Nokogiri::HTML` and `Nokogiri::HTML4` parse methods still use libxml2's (or NekoHTML's) HTML4 parser. + +Take special note that if you rely on the class name of an object in your code, objects will now report a class of `Loofah::HTML4::Foo` where they previously reported `Loofah::HTML::Foo`. Instead of relying on the string returned by `Object#class`, prefer `Class#===` or `Object#is_a?` or `Object#instance_of?`. + +Future releases of Nokogiri may deprecate `HTML` classes and methods or otherwise change this behavior, so please start using `HTML4` in place of `HTML`. + +### Official support for JRuby + +This version introduces official support for JRuby. Previously, the test suite had never been green due to differences in behavior in the underlying HTML parser used by Nokogiri. We've updated the test suite to accommodate those differences, and have added JRuby to the CI suite. + +## 2.20.0 / 2023-04-01 + +### Features + +* Allow SVG attributes `color-profile`, `cursor`, `filter`, `marker`, and `mask`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow SVG elements `altGlyph`, `cursor`, `feImage`, `pattern`, and `tref`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow protocols `fax` and `modem`. [[#255](https://github.com/flavorjones/loofah/issues/255)] (Thanks, [@cjba7](https://github.com/cjba7)!) + + +--- Old: loofah-2.19.1.gem New: loofah-2.22.0.gem Other differences: ---
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2023-03-08 14:52:23 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.31432 (New) Package is "rubygem-loofah" Wed Mar 8 14:52:23 2023 rev:25 rq:1069966 version:2.19.1 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2022-10-12 18:27:06.966010097 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.31432/rubygem-loofah.changes 2023-03-08 14:52:27.542638945 +0100 @@ -1,0 +2,13 @@ +Mon Mar 6 14:42:39 UTC 2023 - Paolo Perego + +- udpated to version 2.19.1 + +## 2.19.1 / 2022-12-13 + +### SecurityAddress +* Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. +* Address CVE-2022-23515, improper neutralization of data URIs. See GHSA-228g-948r-83gx for more information. +* Address CVE-2022-23516, uncontrolled recursion. See GHSA-3x8r-x6xp-q4vm for more information. + + +--- @@ -405 +417,0 @@ - Old: loofah-2.19.0.gem New: loofah-2.19.1.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.Qbptab/_old 2023-03-08 14:52:28.034641624 +0100 +++ /var/tmp/diff_new_pack.Qbptab/_new 2023-03-08 14:52:28.042641668 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-loofah # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.19.0 +Version:2.19.1 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.19.0.gem -> loofah-2.19.1.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2022-09-14 15:37:45.0 +0200 +++ new/CHANGELOG.md2022-12-12 23:22:47.0 +0100 @@ -1,5 +1,14 @@ # Changelog +## 2.19.1 / 2022-12-13 + +### Security + +* Address CVE-2022-23514, inefficient regular expression complexity. See [GHSA-486f-hjj9-9vhh](https://github.com/flavorjones/loofah/security/advisories/GHSA-486f-hjj9-9vhh) for more information. +* Address CVE-2022-23515, improper neutralization of data URIs. See [GHSA-228g-948r-83gx](https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx) for more information. +* Address CVE-2022-23516, uncontrolled recursion. See [GHSA-3x8r-x6xp-q4vm](https://github.com/flavorjones/loofah/security/advisories/GHSA-3x8r-x6xp-q4vm) for more information. + + ## 2.19.0 / 2022-09-14 ### Features Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2022-09-14 15:37:45.0 +0200 +++ new/lib/loofah/html5/safelist.rb2022-12-12 23:22:47.0 +0100 @@ -999,7 +999,6 @@ "image/gif", "image/jpeg", "image/png", - "image/svg+xml", "text/css", "text/plain", ]) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/scrub.rb new/lib/loofah/html5/scrub.rb --- old/lib/loofah/html5/scrub.rb 2022-09-14 15:37:45.0 +0200 +++ new/lib/loofah/html5/scrub.rb 2022-12-12 23:22:47.0 +0100 @@ -36,24 +36,13 @@ end if SafeList::ATTR_VAL_IS_URI.include?(attr_name) - # this block lifted nearly verbatim from HTML5 sanitization - val_unescaped = CGI.unescapeHTML(attr_node.value).gsub(CONTROL_CHARACTERS, "").downcase - if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && !SafeList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0]) -attr_node.remove -next - elsif val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0] == "data" -# permit only allowed data mediatypes -mediatype = val_unescaped.split(Safe
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2022-10-12 18:25:17 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2275 (New) Package is "rubygem-loofah" Wed Oct 12 18:25:17 2022 rev:24 rq:1010074 version:2.19.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2022-05-16 18:11:00.825397283 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2275/rubygem-loofah.changes 2022-10-12 18:27:06.966010097 +0200 @@ -1,0 +2,14 @@ +Mon Oct 10 13:09:46 UTC 2022 - Stephan Kulow + +updated to version 2.19.0 + see installed CHANGELOG.md + + ## 2.19.0 / 2022-09-14 + + ### Features + + * Allow SVG 1.0 color keyword names in CSS attributes. These colors are part of the [CSS Color Module Level 3](https://www.w3.org/TR/css-color-3/#svg-color) recommendation released 2022-01-18. [[#243](https://github.com/flavorjones/loofah/issues/243)] + + + +--- Old: loofah-2.18.0.gem New: loofah-2.19.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.viHONQ/_old 2022-10-12 18:27:07.358010961 +0200 +++ /var/tmp/diff_new_pack.viHONQ/_new 2022-10-12 18:27:07.362010970 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.18.0 +Version:2.19.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.18.0.gem -> loofah-2.19.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2022-05-11 20:41:50.0 +0200 +++ new/CHANGELOG.md2022-09-14 15:37:45.0 +0200 @@ -1,5 +1,12 @@ # Changelog +## 2.19.0 / 2022-09-14 + +### Features + +* Allow SVG 1.0 color keyword names in CSS attributes. These colors are part of the [CSS Color Module Level 3](https://www.w3.org/TR/css-color-3/#svg-color) recommendation released 2022-01-18. [[#243](https://github.com/flavorjones/loofah/issues/243)] + + ## 2.18.0 / 2022-05-11 ### Features Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2022-05-11 20:41:50.0 +0200 +++ new/lib/loofah/html5/safelist.rb2022-09-14 15:37:45.0 +0200 @@ -684,23 +684,16 @@ ACCEPTABLE_CSS_KEYWORDS = Set.new([ "!important", - "aqua", "auto", - "black", "block", - "blue", "bold", "both", "bottom", - "brown", "center", "collapse", "dashed", "dotted", "double", - "fuchsia", - "gray", - "green", "groove", "hidden", "inherit", @@ -708,35 +701,196 @@ "inset", "italic", "left", - "lime", - "maroon", "medium", - "navy", "none", "normal", "nowrap", - "olive", "outset", "pointer", - "purple", - "red", "revert", "ridge",
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2022-05-16 18:08:33 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538 (New) Package is "rubygem-loofah" Mon May 16 18:08:33 2022 rev:23 rq:977448 version:2.18.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2022-04-30 22:52:39.936234625 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538/rubygem-loofah.changes 2022-05-16 18:11:00.825397283 +0200 @@ -1,0 +2,15 @@ +Sun May 15 15:40:12 UTC 2022 - Manuel Schnitzer + +- updated to version 2.18.0 + + ### Features + + * Allow CSS property `aspect-ratio`. [[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks, [@louim](https://github.com/louim)!) + + ## 2.17.0 / 2022-04-28 + + ### Features + + * Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!) + +--- Old: loofah-2.16.0.gem New: loofah-2.18.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.W1Hw49/_old 2022-05-16 18:11:01.309397668 +0200 +++ /var/tmp/diff_new_pack.W1Hw49/_new 2022-05-16 18:11:01.309397668 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.16.0 +Version:2.18.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.16.0.gem -> loofah-2.18.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2022-04-01 20:17:15.0 +0200 +++ new/CHANGELOG.md2022-05-11 20:41:50.0 +0200 @@ -1,5 +1,19 @@ # Changelog +## 2.18.0 / 2022-05-11 + +### Features + +* Allow CSS property `aspect-ratio`. [[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks, [@louim](https://github.com/louim)!) + + +## 2.17.0 / 2022-04-28 + +### Features + +* Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!) + + ## 2.16.0 / 2022-04-01 ### Features diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2022-04-01 20:17:15.0 +0200 +++ new/README.md 2022-05-11 20:41:50.0 +0200 @@ -348,7 +348,7 @@ ## Thank You -The following people have generously donated via the [Pledgie](http://pledgie.com) badge on the [Loofah github page](https://github.com/flavorjones/loofah): +The following people have generously funded Loofah: * Bill Harding Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2022-04-01 20:17:15.0 +0200 +++ new/lib/loofah/html5/safelist.rb2022-05-11 20:41:50.0 +0200 @@ -512,6 +512,62 @@ "zoomAndPan", ]) + ARIA_ATTRIBUTES = Set.new([ + "aria-activedescendant", + "aria-atomic", + "aria-autocomplete", + "aria-braillelabel", + "aria-brailleroledescription", + "aria-busy", + "aria-checked", + "aria-colcount", + "aria-colindex", + "aria-colindextext", + "aria-colspan", + "aria-controls", + "aria-current", + "aria-describedby", + "aria-description", + "aria-details", + "aria-disabled", + "aria-dropeffect", + "aria-errormessage", + "aria-expanded", + "aria-flowto", + "aria-grabbed", + "aria-haspopup", +
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2022-04-30 22:52:30 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538 (New) Package is "rubygem-loofah" Sat Apr 30 22:52:30 2022 rev:22 rq:974054 version:2.16.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2022-03-07 17:49:03.319083209 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538/rubygem-loofah.changes 2022-04-30 22:52:39.936234625 +0200 @@ -1,0 +2,21 @@ +Thu Apr 28 05:35:21 UTC 2022 - Stephan Kulow + +updated to version 2.16.0 + see installed CHANGELOG.md + + ## 2.16.0 / 2022-04-01 + + ### Features + + * Allow MathML elements `menclose` and `ms`, and MathML attributes `dir`, `href`, `lquote`, `mathsize`, `notation`, and `rquote`. [[#231](https://github.com/flavorjones/loofah/issues/231)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!) + + + ## 2.15.0 / 2022-03-14 + + ### Features + + * Expand set of allowed protocols to include `sms:`. [[#228](https://github.com/flavorjones/loofah/issues/228)] (Thanks, [@brendon](https://github.com/brendon)!) + + + +--- Old: loofah-2.14.0.gem New: loofah-2.16.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.fOb04f/_old 2022-04-30 22:52:40.540235442 +0200 +++ /var/tmp/diff_new_pack.fOb04f/_new 2022-04-30 22:52:40.544235447 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.14.0 +Version:2.16.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.14.0.gem -> loofah-2.16.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2022-02-11 20:08:24.0 +0100 +++ new/CHANGELOG.md2022-04-01 20:17:15.0 +0200 @@ -1,5 +1,19 @@ # Changelog +## 2.16.0 / 2022-04-01 + +### Features + +* Allow MathML elements `menclose` and `ms`, and MathML attributes `dir`, `href`, `lquote`, `mathsize`, `notation`, and `rquote`. [[#231](https://github.com/flavorjones/loofah/issues/231)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!) + + +## 2.15.0 / 2022-03-14 + +### Features + +* Expand set of allowed protocols to include `sms:`. [[#228](https://github.com/flavorjones/loofah/issues/228)] (Thanks, [@brendon](https://github.com/brendon)!) + + ## 2.14.0 / 2022-02-11 ### Features Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2022-02-11 20:08:24.0 +0100 +++ new/lib/loofah/html5/safelist.rb2022-04-01 20:17:15.0 +0200 @@ -148,6 +148,7 @@ "annotation-xml", "maction", "math", + "menclose", "merror", "mfenced", "mfrac", @@ -161,6 +162,7 @@ "mprescripts", "mroot", "mrow", + "ms", "mspace", "msqrt", "mstyle", @@ -313,6 +315,7 @@ "columnspacing", "columnspan", "depth", +"dir", "display", "displaystyle", "encoding", @@ -323,19 +326,24 @@ "fontweight", "frame", "height", +"href", "linethickness", +"lquote", "lspace", "mathbackground", "mathcolor", +"mathsize", "mathvariant", "maxsize",
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2022-03-07 17:48:14 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1958 (New) Package is "rubygem-loofah" Mon Mar 7 17:48:14 2022 rev:21 rq:959948 version:2.14.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-12-25 20:17:11.605276354 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1958/rubygem-loofah.changes 2022-03-07 17:49:03.319083209 +0100 @@ -1,0 +2,14 @@ +Thu Mar 3 08:22:28 UTC 2022 - Stephan Kulow + +updated to version 2.14.0 + see installed CHANGELOG.md + + ## 2.14.0 / 2022-02-11 + + ### Features + + * The `#to_text` method on `Loofah::HTML::{Document,DocumentFragment}` replaces `` line break elements with a newline. [[#225](https://github.com/flavorjones/loofah/issues/225)] + + + +--- Old: loofah-2.13.0.gem New: loofah-2.14.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.JDzxnE/_old 2022-03-07 17:49:03.843083058 +0100 +++ /var/tmp/diff_new_pack.JDzxnE/_new 2022-03-07 17:49:03.847083057 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-loofah # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.13.0 +Version:2.14.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} @@ -45,6 +45,7 @@ Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, so it most likely won't make your codes less secure. + %prep %build ++ loofah-2.13.0.gem -> loofah-2.14.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2021-12-10 06:20:57.0 +0100 +++ new/CHANGELOG.md2022-02-11 20:08:24.0 +0100 @@ -1,5 +1,12 @@ # Changelog +## 2.14.0 / 2022-02-11 + +### Features + +* The `#to_text` method on `Loofah::HTML::{Document,DocumentFragment}` replaces `` line break elements with a newline. [[#225](https://github.com/flavorjones/loofah/issues/225)] + + ## 2.13.0 / 2021-12-10 ### Bug fixes diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-12-10 06:20:57.0 +0100 +++ new/README.md 2022-02-11 20:08:24.0 +0100 @@ -133,13 +133,12 @@ doc.text# => "ohai! div is safe " ``` -Also, `to_text` is available, which does the right thing with -whitespace around block-level elements. +Also, `to_text` is available, which does the right thing with whitespace around block-level and line break elements. ``` ruby -doc = Loofah.fragment("TitleContent") -doc.text# => "TitleContent" # probably not what you want -doc.to_text # => "\nTitle\n\nContent\n" # better +doc = Loofah.fragment("TitleContentNext line") +doc.text# => "TitleContentNext line"# probably not what you want +doc.to_text # => "\nTitle\n\nContent\nNext line\n" # better ``` ### Loofah::XML::Document and Loofah::XML::DocumentFragment Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/elements.rb new/lib/loofah/elements.rb --- old/lib/loofah/elements.rb 2021-12-10 06:20:57.0 +0100 +++ new/lib/loofah/elements.rb 2022-02-11 20:08:24.0 +0100 @@ -70,8 +70,6 @@ video ] -STRICT_BLOCK_LEVEL = STRICT_BLOCK_LEVEL_HTML4 + STRICT_BLOCK_LEVEL_HTML5 - # The following elements may also be considered block-level # elements since they may contain block-level elements LOOSE_BLOCK_LEVEL = Set.new %w[dd @@ -86,7 +84,12 @@ tr ] +# Elements that aren't block but should generate a newline in #to_text +INLINE_LINE_BREAK = Set.new(["br"]) + +STRICT_BLOCK_LEVEL = STRICT_BLOCK_LEVEL_HTML4 + STRICT_BLOCK_LEVEL_HTML5 BLOCK_LEVEL = STRICT_BLOCK_LEVEL + LOOSE_BLOCK_LEVEL +LINEBREAKERS = BLOCK_LEVEL + INLINE_LINE_BREAK end ::Loofah::MetaHelpers.add_downcased_set_members_to
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-12-25 20:16:44 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2520 (New) Package is "rubygem-loofah" Sat Dec 25 20:16:44 2021 rev:20 rq:942432 version:2.13.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-08-25 20:59:39.893046449 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2520/rubygem-loofah.changes 2021-12-25 20:17:11.605276354 +0100 @@ -1,0 +2,9 @@ +Fri Dec 24 23:54:55 UTC 2021 - Manuel Schnitzer + +- updated to version 2.13.0 + + ### Bug fixes + + * Loofah::HTML::DocumentFragment#text no longer serializes top-level comment children. [[#221](https://github.com/flavorjones/loofah/issues/221)] + +--- Old: loofah-2.12.0.gem New: loofah-2.13.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.mqNPsP/_old 2021-12-25 20:17:12.021276693 +0100 +++ /var/tmp/diff_new_pack.mqNPsP/_new 2021-12-25 20:17:12.025276696 +0100 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.12.0 +Version:2.13.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.12.0.gem -> loofah-2.13.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2021-08-11 19:30:17.0 +0200 +++ new/CHANGELOG.md2021-12-10 06:20:57.0 +0100 @@ -1,5 +1,12 @@ # Changelog +## 2.13.0 / 2021-12-10 + +### Bug fixes + +* Loofah::HTML::DocumentFragment#text no longer serializes top-level comment children. [[#221](https://github.com/flavorjones/loofah/issues/221)] + + ## 2.12.0 / 2021-08-11 ### Features Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/instance_methods.rb new/lib/loofah/instance_methods.rb --- old/lib/loofah/instance_methods.rb 2021-08-11 19:30:17.0 +0200 +++ new/lib/loofah/instance_methods.rb 2021-12-10 06:20:57.0 +0100 @@ -93,7 +93,11 @@ #frag.text(:encode_special_chars => false) # => "alert('EVIL');" # def text(options = {}) - result = serialize_root.children.inner_text rescue "" + result = if serialize_root +serialize_root.children.reject(&:comment?).map(&:inner_text).join("") + else +"" + end if options[:encode_special_chars] == false result # possibly dangerous if rendered in a browser else diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/version.rb new/lib/loofah/version.rb --- old/lib/loofah/version.rb 2021-08-11 19:30:17.0 +0200 +++ new/lib/loofah/version.rb 2021-12-10 06:20:57.0 +0100 @@ -1,5 +1,5 @@ # frozen_string_literal: true module Loofah # The version of Loofah you are using - VERSION = "2.12.0" + VERSION = "2.13.0" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata2021-08-11 19:30:17.0 +0200 +++ new/metadata2021-12-10 06:20:57.0 +0100 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: loofah version: !ruby/object:Gem::Version - version: 2.12.0 + version: 2.13.0 platform: ruby authors: - Mike Dalessio @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2021-08-11 00:00:00.0 Z +date: 2021-12-10 00:00:00.0 Z dependencies: - !ruby/object:Gem::Dependency name: crass @@ -199,7 +199,7 @@ - !ruby/object:Gem::Version version: '0' requirements: [] -rubygems_version: 3.2.15 +rubygems_version: 3.2.32 signing_key: specification_version: 4 summary: Loofah is a general library for manipulating and transforming HTML/XML documents
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-08-25 20:58:08 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1899 (New) Package is "rubygem-loofah" Wed Aug 25 20:58:08 2021 rev:19 rq:914125 version:2.12.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-07-02 13:28:39.432206542 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1899/rubygem-loofah.changes 2021-08-25 20:59:39.893046449 +0200 @@ -1,0 +2,25 @@ +Wed Aug 25 05:14:19 UTC 2021 - Manuel Schnitzer + +- updated to version 2.12.0 + + ## 2.12.0 / 2021-08-11 + + ### Features + + * Support empty HTML5 data attributes. [[#215](https://github.com/flavorjones/loofah/issues/215)] + + + ## 2.11.0 / 2021-07-31 + + ### Features + + * Allow HTML5 element `wbr`. + * Allow all CSS property values for `border-collapse`. [[#201](https://github.com/flavorjones/loofah/issues/201)] + + + ### Changes + + * Deprecating `Loofah::HTML5::SafeList::VOID_ELEMENTS` which is not a canonical list of void HTML4 or HTML5 elements. + * Removed some elements from `Loofah::HTML5::SafeList::VOID_ELEMENTS` that either are not acceptable elements or aren't considered "void" by libxml2. + +--- Old: loofah-2.10.0.gem New: loofah-2.12.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.QZNntp/_old 2021-08-25 20:59:40.373045819 +0200 +++ /var/tmp/diff_new_pack.QZNntp/_new 2021-08-25 20:59:40.377045814 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.10.0 +Version:2.12.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} @@ -45,7 +45,6 @@ Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, so it most likely won't make your codes less secure. - %prep %build ++ loofah-2.10.0.gem -> loofah-2.12.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2021-06-06 19:00:32.0 +0200 +++ new/CHANGELOG.md2021-08-11 19:30:17.0 +0200 @@ -1,5 +1,26 @@ # Changelog +## 2.12.0 / 2021-08-11 + +### Features + +* Support empty HTML5 data attributes. [[#215](https://github.com/flavorjones/loofah/issues/215)] + + +## 2.11.0 / 2021-07-31 + +### Features + +* Allow HTML5 element `wbr`. +* Allow all CSS property values for `border-collapse`. [[#201](https://github.com/flavorjones/loofah/issues/201)] + + +### Changes + +* Deprecating `Loofah::HTML5::SafeList::VOID_ELEMENTS` which is not a canonical list of void HTML4 or HTML5 elements. +* Removed some elements from `Loofah::HTML5::SafeList::VOID_ELEMENTS` that either are not acceptable elements or aren't considered "void" by libxml2. + + ## 2.10.0 / 2021-06-06 ### Features diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-06-06 19:00:32.0 +0200 +++ new/README.md 2021-08-11 19:30:17.0 +0200 @@ -6,8 +6,7 @@ ## Status -[![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/loofah/jobs/ruby-3.0/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah) -[![Code Climate](https://codeclimate.com/github/flavorjones/loofah.svg)](https://codeclimate.com/github/flavorjones/loofah) +[![ci](https://github.com/flavorjones/loofah/actions/workflows/ci.yml/badge.svg?branch=main)](https://github.com/flavorjones/loofah/actions/workflows/ci.yml) [![Tidelift dependencies](https://tidelift.com/badges/package/rubygems/loofah)](https://tidelift.com/subscription/pkg/rubygems-loofah?utm_source=rubygems-loofah&utm_medium=referral&utm_campaign=readme) Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2021-06-06 19:00:32.0 +0200 +++ new/lib/loofah/html5/safelist.rb2021-08-11 19:30:17.0 +0200 @@ -140,6 +140,7 @@ "ul", "var", "video", + "wbr", ]) MATHML_ELEMENTS = Set.new([ @@ -637,6 +638,8 @@
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-07-02 13:27:41 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2625 (New) Package is "rubygem-loofah" Fri Jul 2 13:27:41 2021 rev:18 rq:903514 version:2.10.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-04-21 21:00:32.946309993 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2625/rubygem-loofah.changes 2021-07-02 13:28:39.432206542 +0200 @@ -1,0 +2,14 @@ +Thu Jun 24 17:35:09 UTC 2021 - Stephan Kulow + +updated to version 2.10.0 + see installed CHANGELOG.md + + ## 2.10.0 / 2021-06-06 + + ### Features + + * Allow CSS properties `overflow-x` and `overflow-y`. [[#206](https://github.com/flavorjones/loofah/issues/206)] (Thanks, [@sampokuokkanen](https://github.com/sampokuokkanen)!) + + + +--- Old: loofah-2.9.1.gem New: loofah-2.10.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.Ttu7Wp/_old 2021-07-02 13:28:39.788203780 +0200 +++ /var/tmp/diff_new_pack.Ttu7Wp/_new 2021-07-02 13:28:39.788203780 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.9.1 +Version:2.10.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} @@ -45,6 +45,7 @@ Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers, which are based on HTML5lib's whitelist, so it most likely won't make your codes less secure. + %prep %build ++ loofah-2.9.1.gem -> loofah-2.10.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2021-04-07 17:17:52.0 +0200 +++ new/CHANGELOG.md2021-06-06 19:00:32.0 +0200 @@ -1,5 +1,12 @@ # Changelog +## 2.10.0 / 2021-06-06 + +### Features + +* Allow CSS properties `overflow-x` and `overflow-y`. [[#206](https://github.com/flavorjones/loofah/issues/206)] (Thanks, [@sampokuokkanen](https://github.com/sampokuokkanen)!) + + ## 2.9.1 / 2021-04-07 ### Bug fixes Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/safelist.rb new/lib/loofah/html5/safelist.rb --- old/lib/loofah/html5/safelist.rb2021-04-07 17:17:52.0 +0200 +++ new/lib/loofah/html5/safelist.rb2021-06-06 19:00:32.0 +0200 @@ -588,6 +588,8 @@ "max-width", "order", "overflow", +"overflow-x", +"overflow-y", "page-break-after", "page-break-before", "page-break-inside", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/version.rb new/lib/loofah/version.rb --- old/lib/loofah/version.rb 2021-04-07 17:17:52.0 +0200 +++ new/lib/loofah/version.rb 2021-06-06 19:00:32.0 +0200 @@ -1,5 +1,5 @@ # frozen_string_literal: true module Loofah # The version of Loofah you are using - VERSION = "2.9.1" + VERSION = "2.10.0" end diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/metadata new/metadata --- old/metadata2021-04-07 17:17:52.0 +0200 +++ new/metadata2021-06-06 19:00:32.0 +0200 @@ -1,7 +1,7 @@ --- !ruby/object:Gem::Specification name: loofah version: !ruby/object:Gem::Version - version: 2.9.1 + version: 2.10.0 platform: ruby authors: - Mike Dalessio @@ -9,7 +9,7 @@ autorequire: bindir: bin cert_chain: [] -date: 2021-04-07 00:00:00.0 Z +date: 2021-06-06 00:00:00.0 Z dependencies: - !ruby/object:Gem::Dependency name: nokogiri @@ -213,7 +213,7 @@ - !ruby/object:Gem::Version version: '0' requirements: [] -rubygems_version: 3.1.4 +rubygems_version: 3.2.15 signing_key: specification_version: 4 summary: Loofah is a general library for manipulating and transforming HTML/XML documents
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-04-21 21:00:04 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324 (New) Package is "rubygem-loofah" Wed Apr 21 21:00:04 2021 rev:17 rq:887019 version:2.9.1 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2021-01-21 21:55:04.169786454 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324/rubygem-loofah.changes 2021-04-21 21:00:32.946309993 +0200 @@ -1,0 +2,10 @@ +Tue Apr 20 13:38:21 UTC 2021 - Manuel Schnitzer + +- updated to version 2.9.1 + + ### Bug fixes + + * Fix a regression in v2.9.0 which inappropriately removed CSS properties +with quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)] + +--- Old: loofah-2.9.0.gem New: loofah-2.9.1.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.akooEm/_old 2021-04-21 21:00:33.402310711 +0200 +++ /var/tmp/diff_new_pack.akooEm/_new 2021-04-21 21:00:33.406310717 +0200 @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.9.0 +Version:2.9.1 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.9.0.gem -> loofah-2.9.1.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2021-01-14 22:36:18.0 +0100 +++ new/CHANGELOG.md2021-04-07 17:17:52.0 +0200 @@ -1,11 +1,22 @@ # Changelog -### 2.9.0 / 2021-01-14 +## 2.9.1 / 2021-04-07 + +### Bug fixes + +* Fix a regression in v2.9.0 which inappropriately removed CSS properties with quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)] + + +## 2.9.0 / 2021-01-14 + +### Features * Handle CSS functions in a CSS shorthand property (like `background`). [[#199](https://github.com/flavorjones/loofah/issues/199), [#200](https://github.com/flavorjones/loofah/issues/200)] -### 2.8.0 / 2020-11-25 +## 2.8.0 / 2020-11-25 + +### Features * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`, `flex-shrink`, `flex-flow`, `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and `align-content`. [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks, [@miguelperez](https://github.com/miguelperez)!) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/README.md new/README.md --- old/README.md 2021-01-14 22:36:18.0 +0100 +++ new/README.md 2021-04-07 17:17:52.0 +0200 @@ -1,12 +1,12 @@ # Loofah * https://github.com/flavorjones/loofah -* Docs: http://rubydoc.info/github/flavorjones/loofah/master/frames +* Docs: http://rubydoc.info/github/flavorjones/loofah/main/frames * Mailing list: [loofah-t...@googlegroups.com](https://groups.google.com/forum/#!forum/loofah-talk) ## Status -[![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/loofah/jobs/ruby-2.5/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah?groups=master) +[![Concourse CI](https://ci.nokogiri.org/api/v1/teams/nokogiri-core/pipelines/loofah/jobs/ruby-3.0/badge)](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah) [![Code Climate](https://codeclimate.com/github/flavorjones/loofah.svg)](https://codeclimate.com/github/flavorjones/loofah) [![Tidelift dependencies](https://tidelift.com/badges/package/rubygems/loofah)](https://tidelift.com/subscription/pkg/rubygems-loofah?utm_source=rubygems-loofah&utm_medium=referral&utm_campaign=readme) @@ -211,7 +211,7 @@ Loofah.xml_document(File.read('plague.xml')).scrub!(bring_out_your_dead) ``` -=== Built-In HTML Scrubbers +### Built-In HTML Scrubbers Loofah comes with a set of sanitizing scrubbers that use HTML5lib's safelist algorithm: Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/scrub.rb new/lib/loofah/html5/scrub.rb --- old/lib/loofah/html5/scrub.rb 2021-01-14 22:36:18.0 +0100 +++ new/lib/loofah/html5/scrub.rb 2021-04-07 17:17:52.0 +0200 @@ -9,6 +9,7 @@ CSS_KEYWORDISH = /\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/ CRASS_SEMICOLON = { node: :semicolon, raw: ";" } CSS_IMPORTANT = '!important' +
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2021-01-21 21:55:02 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.28504 (New) Package is "rubygem-loofah" Thu Jan 21 21:55:02 2021 rev:16 rq:864570 version:2.9.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2020-12-11 20:16:22.640651231 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.28504/rubygem-loofah.changes 2021-01-21 21:55:04.169786454 +0100 @@ -1,0 +2,8 @@ +Wed Jan 20 07:36:46 UTC 2021 - Manuel Schnitzer + +- updated to version 2.9.0 + + * Handle CSS functions in a CSS shorthand property (like `background`). [[#199](https://github.com/flavorjones/loofah/issues/199), +[#200](https://github.com/flavorjones/loofah/issues/200)] + +--- Old: loofah-2.8.0.gem New: loofah-2.9.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.A0JO1U/_old 2021-01-21 21:55:04.689786650 +0100 +++ /var/tmp/diff_new_pack.A0JO1U/_new 2021-01-21 21:55:04.689786650 +0100 @@ -1,7 +1,7 @@ # # spec file for package rubygem-loofah # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,7 +24,7 @@ # Name: rubygem-loofah -Version:2.8.0 +Version:2.9.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} ++ loofah-2.8.0.gem -> loofah-2.9.0.gem ++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md --- old/CHANGELOG.md2020-11-25 22:12:09.0 +0100 +++ new/CHANGELOG.md2021-01-14 22:36:18.0 +0100 @@ -1,5 +1,10 @@ # Changelog +### 2.9.0 / 2021-01-14 + +* Handle CSS functions in a CSS shorthand property (like `background`). [[#199](https://github.com/flavorjones/loofah/issues/199), [#200](https://github.com/flavorjones/loofah/issues/200)] + + ### 2.8.0 / 2020-11-25 * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`, `flex-shrink`, `flex-flow`, `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and `align-content`. [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks, [@miguelperez](https://github.com/miguelperez)!) Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/lib/loofah/html5/scrub.rb new/lib/loofah/html5/scrub.rb --- old/lib/loofah/html5/scrub.rb 2020-11-25 22:12:09.0 +0100 +++ new/lib/loofah/html5/scrub.rb 2021-01-14 22:36:18.0 +0100 @@ -7,22 +7,22 @@ module Scrub CONTROL_CHARACTERS = /[`\u-\u0020\u007f\u0080-\u0101]/ CSS_KEYWORDISH = /\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/ - CRASS_SEMICOLON = { :node => :semicolon, :raw => ";" } + CRASS_SEMICOLON = { node: :semicolon, raw: ";" } CSS_IMPORTANT = '!important' class << self def allowed_element?(element_name) - ::Loofah::HTML5::SafeList::ALLOWED_ELEMENTS_WITH_LIBXML2.include? element_name + ::Loofah::HTML5::SafeList::ALLOWED_ELEMENTS_WITH_LIBXML2.include?(element_name) end # alternative implementation of the html5lib attribute scrubbing algorithm def scrub_attributes(node) node.attribute_nodes.each do |attr_node| attr_name = if attr_node.namespace - "#{attr_node.namespace.prefix}:#{attr_node.node_name}" -else - attr_node.node_name -end + "#{attr_node.namespace.prefix}:#{attr_node.node_name}" +else + attr_node.node_name +end if attr_name =~ /\Adata-[\w-]+\z/ next @@ -58,13 +58,13 @@ end end - scrub_css_attribute node + scrub_css_attribute(node) node.attribute_nodes.each do |attr_node| node.remove_attribute(attr_node.name) if attr_node.value !~ /[^[:space:]]/ end - force_correct_attribute_escaping! node + force_correct_attribute_escaping!(node) end def scrub_css_attribute(node) @@ -73,33 +73,50 @@ e
commit rubygem-loofah for openSUSE:Factory
Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2020-12-11 20:16:21 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2328 (New) Package is "rubygem-loofah" Fri Dec 11 20:16:21 2020 rev:15 rq:854706 version:2.8.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2020-09-14 12:32:00.537239477 +0200 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2328/rubygem-loofah.changes 2020-12-11 20:16:22.640651231 +0100 @@ -1,0 +2,9 @@ +Fri Dec 11 03:13:59 UTC 2020 - Manuel Schnitzer + +- updated to version 2.8.0 + + * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`, `flex-shrink`, `flex-flow`, + `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and `align-content`. + [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks, [@miguelperez](https://github.com/miguelperez)!) + +--- Old: loofah-2.7.0.gem New: loofah-2.8.0.gem Other differences: -- ++ rubygem-loofah.spec ++ --- /var/tmp/diff_new_pack.dcW8Rb/_old 2020-12-11 20:16:23.284651498 +0100 +++ /var/tmp/diff_new_pack.dcW8Rb/_new 2020-12-11 20:16:23.292651501 +0100 @@ -24,13 +24,12 @@ # Name: rubygem-loofah -Version:2.7.0 +Version:2.8.0 Release:0 %define mod_name loofah %define mod_full_name %{mod_name}-%{version} BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: %{rubygem gem2rpm} -BuildRequires: %{rubygem rdoc > 3.10} BuildRequires: %{ruby} BuildRequires: ruby-macros >= 5 URL:https://github.com/flavorjones/loofah ++ loofah-2.7.0.gem -> loofah-2.8.0.gem ++ 3461 lines of diff (skipped) ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org