commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package rubygem-loofah for openSUSE:Factory checked in at 2023-11-15 21:07:50 Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old) and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.17445 (New) Package is "rubygem-loofah" Wed Nov 15 21:07:50 2023 rev:26 rq:1126292 version:2.22.0 Changes: --- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes 2023-03-08 14:52:27.542638945 +0100 +++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.17445/rubygem-loofah.changes 2023-11-15 21:09:05.573371546 +0100 @@ -1,0 +2,76 @@ +Tue Nov 14 15:13:24 UTC 2023 - Dan Äermák + +- ## 2.22.0 / 2023-11-13 + +### Added + +* A `:targetblank` HTML scrubber which ensures all hyperlinks have `target="_blank"`. [#275] @stefannibrasil and @thdaraujo +* A `:noreferrer` HTML scrubber which ensures all hyperlinks have `rel=noreferrer`, similar to the `:nofollow` and `:noopener` scrubbers. [#277] @wynksaiddestroy + + +--- +Fri Nov 3 07:41:26 UTC 2023 - Dan Äermák + +- ## 2.21.4 / 2023-10-10 + +### Fixed + +* `Loofah::HTML5::Scrub.scrub_css` is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, `.scrub_css` no longer inserts whitespace between tokens that did not already have whitespace between them. [[#273](https://github.com/flavorjones/loofah/issues/273), fixes [#271](https://github.com/flavorjones/loofah/issues/271)] + +## 2.21.3 / 2023-05-15 + +### Fixed + +* Quash "instance variable not initialized" warning in Ruby < 3.0. [[#268](https://github.com/flavorjones/loofah/issues/268)] (Thanks, [@dharamgollapudi](https://github.com/dharamgollapudi)!) + +## 2.21.2 / 2023-05-11 + +### Dependencies + +* Update the dependency on Nokogiri to be `>= 1.12.0`. The dependency in 2.21.0 and 2.21.1 was left at `>= 1.5.9` but versions before 1.12 would result in a `NameError` exception. [[#266](https://github.com/flavorjones/loofah/issues/266)] + +## 2.21.1 / 2023-05-10 + +### Fixed + +* Don't define `HTML5::Document` and `HTML5::DocumentFragment` when Nokogiri is `< 1.14`. In 2.21.0 these classes were defined whenever `Nokogiri::HTML5` was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly. + +## 2.21.0 / 2023-05-10 + +### HTML5 Support + +Classes `Loofah::HTML5::Document` and `Loofah::HTML5::DocumentFragment` are introduced, along with helper methods: + +- `Loofah.html5_document` +- `Loofah.html5_fragment` +- `Loofah.scrub_html5_document` +- `Loofah.scrub_html5_fragment` + +These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used. + +â HTML5 functionality is only available with Nokogiri v1.14.0 and higher. + +â HTML5 functionality is not available for JRuby. Please see [this upstream Nokogiri issue](https://github.com/sparklemotion/nokogiri/issues/2227) if you're interested in helping implement and support HTML5 support. + +### `Loofah::HTML4` module and namespace + +`Loofah::HTML` has been renamed to `Loofah::HTML4`, and `Loofah::HTML` is aliased to preserve backwards-compatibility. `Nokogiri::HTML` and `Nokogiri::HTML4` parse methods still use libxml2's (or NekoHTML's) HTML4 parser. + +Take special note that if you rely on the class name of an object in your code, objects will now report a class of `Loofah::HTML4::Foo` where they previously reported `Loofah::HTML::Foo`. Instead of relying on the string returned by `Object#class`, prefer `Class#===` or `Object#is_a?` or `Object#instance_of?`. + +Future releases of Nokogiri may deprecate `HTML` classes and methods or otherwise change this behavior, so please start using `HTML4` in place of `HTML`. + +### Official support for JRuby + +This version introduces official support for JRuby. Previously, the test suite had never been green due to differences in behavior in the underlying HTML parser used by Nokogiri. We've updated the test suite to accommodate those differences, and have added JRuby to the CI suite. + +## 2.20.0 / 2023-04-01 + +### Features + +* Allow SVG attributes `color-profile`, `cursor`, `filter`, `marker`, and `mask`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow SVG elements `altGlyph`, `cursor`, `feImage`, `pattern`, and `tref`. [[#246](https://github.com/flavorjones/loofah/issues/246)] +* Allow protocols `fax` and `modem`. [[#255](https://github.com/flavorjones/loofah/issues/255)] (Thanks, [@cjba7](https://github.com/cjba7)!) + + +--- Old: loofah-2.19.1.gem New: loofah-2.22.0.gem Other differences: ---
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2023-03-08 14:52:23
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.31432 (New)
Package is "rubygem-loofah"
Wed Mar 8 14:52:23 2023 rev:25 rq:1069966 version:2.19.1
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2022-10-12 18:27:06.966010097 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.31432/rubygem-loofah.changes
2023-03-08 14:52:27.542638945 +0100
@@ -1,0 +2,13 @@
+Mon Mar 6 14:42:39 UTC 2023 - Paolo Perego
+
+- udpated to version 2.19.1
+
+## 2.19.1 / 2022-12-13
+
+### SecurityAddress
+* Address CVE-2022-23514, inefficient regular expression complexity. See
GHSA-486f-hjj9-9vhh for more information.
+* Address CVE-2022-23515, improper neutralization of data URIs. See
GHSA-228g-948r-83gx for more information.
+* Address CVE-2022-23516, uncontrolled recursion. See GHSA-3x8r-x6xp-q4vm
for more information.
+
+
+---
@@ -405 +417,0 @@
-
Old:
loofah-2.19.0.gem
New:
loofah-2.19.1.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.Qbptab/_old 2023-03-08 14:52:28.034641624 +0100
+++ /var/tmp/diff_new_pack.Qbptab/_new 2023-03-08 14:52:28.042641668 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-loofah
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.19.0
+Version:2.19.1
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.19.0.gem -> loofah-2.19.1.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2022-09-14 15:37:45.0 +0200
+++ new/CHANGELOG.md2022-12-12 23:22:47.0 +0100
@@ -1,5 +1,14 @@
# Changelog
+## 2.19.1 / 2022-12-13
+
+### Security
+
+* Address CVE-2022-23514, inefficient regular expression complexity. See
[GHSA-486f-hjj9-9vhh](https://github.com/flavorjones/loofah/security/advisories/GHSA-486f-hjj9-9vhh)
for more information.
+* Address CVE-2022-23515, improper neutralization of data URIs. See
[GHSA-228g-948r-83gx](https://github.com/flavorjones/loofah/security/advisories/GHSA-228g-948r-83gx)
for more information.
+* Address CVE-2022-23516, uncontrolled recursion. See
[GHSA-3x8r-x6xp-q4vm](https://github.com/flavorjones/loofah/security/advisories/GHSA-3x8r-x6xp-q4vm)
for more information.
+
+
## 2.19.0 / 2022-09-14
### Features
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2022-09-14 15:37:45.0 +0200
+++ new/lib/loofah/html5/safelist.rb2022-12-12 23:22:47.0 +0100
@@ -999,7 +999,6 @@
"image/gif",
"image/jpeg",
"image/png",
- "image/svg+xml",
"text/css",
"text/plain",
])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/scrub.rb
new/lib/loofah/html5/scrub.rb
--- old/lib/loofah/html5/scrub.rb 2022-09-14 15:37:45.0 +0200
+++ new/lib/loofah/html5/scrub.rb 2022-12-12 23:22:47.0 +0100
@@ -36,24 +36,13 @@
end
if SafeList::ATTR_VAL_IS_URI.include?(attr_name)
- # this block lifted nearly verbatim from HTML5 sanitization
- val_unescaped =
CGI.unescapeHTML(attr_node.value).gsub(CONTROL_CHARACTERS, "").downcase
- if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ &&
!SafeList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0])
-attr_node.remove
-next
- elsif val_unescaped.split(SafeList::PROTOCOL_SEPARATOR)[0] ==
"data"
-# permit only allowed data mediatypes
-mediatype =
val_unescaped.split(Safe
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2022-10-12 18:25:17
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2275 (New)
Package is "rubygem-loofah"
Wed Oct 12 18:25:17 2022 rev:24 rq:1010074 version:2.19.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2022-05-16 18:11:00.825397283 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2275/rubygem-loofah.changes
2022-10-12 18:27:06.966010097 +0200
@@ -1,0 +2,14 @@
+Mon Oct 10 13:09:46 UTC 2022 - Stephan Kulow
+
+updated to version 2.19.0
+ see installed CHANGELOG.md
+
+ ## 2.19.0 / 2022-09-14
+
+ ### Features
+
+ * Allow SVG 1.0 color keyword names in CSS attributes. These colors are part
of the [CSS Color Module Level 3](https://www.w3.org/TR/css-color-3/#svg-color)
recommendation released 2022-01-18.
[[#243](https://github.com/flavorjones/loofah/issues/243)]
+
+
+
+---
Old:
loofah-2.18.0.gem
New:
loofah-2.19.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.viHONQ/_old 2022-10-12 18:27:07.358010961 +0200
+++ /var/tmp/diff_new_pack.viHONQ/_new 2022-10-12 18:27:07.362010970 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.18.0
+Version:2.19.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.18.0.gem -> loofah-2.19.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2022-05-11 20:41:50.0 +0200
+++ new/CHANGELOG.md2022-09-14 15:37:45.0 +0200
@@ -1,5 +1,12 @@
# Changelog
+## 2.19.0 / 2022-09-14
+
+### Features
+
+* Allow SVG 1.0 color keyword names in CSS attributes. These colors are part
of the [CSS Color Module Level 3](https://www.w3.org/TR/css-color-3/#svg-color)
recommendation released 2022-01-18.
[[#243](https://github.com/flavorjones/loofah/issues/243)]
+
+
## 2.18.0 / 2022-05-11
### Features
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2022-05-11 20:41:50.0 +0200
+++ new/lib/loofah/html5/safelist.rb2022-09-14 15:37:45.0 +0200
@@ -684,23 +684,16 @@
ACCEPTABLE_CSS_KEYWORDS = Set.new([
"!important",
- "aqua",
"auto",
- "black",
"block",
- "blue",
"bold",
"both",
"bottom",
- "brown",
"center",
"collapse",
"dashed",
"dotted",
"double",
- "fuchsia",
- "gray",
- "green",
"groove",
"hidden",
"inherit",
@@ -708,35 +701,196 @@
"inset",
"italic",
"left",
- "lime",
- "maroon",
"medium",
- "navy",
"none",
"normal",
"nowrap",
- "olive",
"outset",
"pointer",
- "purple",
- "red",
"revert",
"ridge",
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2022-05-16 18:08:33
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538 (New)
Package is "rubygem-loofah"
Mon May 16 18:08:33 2022 rev:23 rq:977448 version:2.18.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2022-04-30 22:52:39.936234625 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538/rubygem-loofah.changes
2022-05-16 18:11:00.825397283 +0200
@@ -1,0 +2,15 @@
+Sun May 15 15:40:12 UTC 2022 - Manuel Schnitzer
+
+- updated to version 2.18.0
+
+ ### Features
+
+ * Allow CSS property `aspect-ratio`.
[[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks,
[@louim](https://github.com/louim)!)
+
+ ## 2.17.0 / 2022-04-28
+
+ ### Features
+
+ * Allow ARIA attributes.
[[#232](https://github.com/flavorjones/loofah/issues/232),
[#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks,
[@nick-desteffen](https://github.com/nick-desteffen)!)
+
+---
Old:
loofah-2.16.0.gem
New:
loofah-2.18.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.W1Hw49/_old 2022-05-16 18:11:01.309397668 +0200
+++ /var/tmp/diff_new_pack.W1Hw49/_new 2022-05-16 18:11:01.309397668 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.16.0
+Version:2.18.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.16.0.gem -> loofah-2.18.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2022-04-01 20:17:15.0 +0200
+++ new/CHANGELOG.md2022-05-11 20:41:50.0 +0200
@@ -1,5 +1,19 @@
# Changelog
+## 2.18.0 / 2022-05-11
+
+### Features
+
+* Allow CSS property `aspect-ratio`.
[[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks,
[@louim](https://github.com/louim)!)
+
+
+## 2.17.0 / 2022-04-28
+
+### Features
+
+* Allow ARIA attributes.
[[#232](https://github.com/flavorjones/loofah/issues/232),
[#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks,
[@nick-desteffen](https://github.com/nick-desteffen)!)
+
+
## 2.16.0 / 2022-04-01
### Features
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2022-04-01 20:17:15.0 +0200
+++ new/README.md 2022-05-11 20:41:50.0 +0200
@@ -348,7 +348,7 @@
## Thank You
-The following people have generously donated via the
[Pledgie](http://pledgie.com) badge on the [Loofah github
page](https://github.com/flavorjones/loofah):
+The following people have generously funded Loofah:
* Bill Harding
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2022-04-01 20:17:15.0 +0200
+++ new/lib/loofah/html5/safelist.rb2022-05-11 20:41:50.0 +0200
@@ -512,6 +512,62 @@
"zoomAndPan",
])
+ ARIA_ATTRIBUTES = Set.new([
+ "aria-activedescendant",
+ "aria-atomic",
+ "aria-autocomplete",
+ "aria-braillelabel",
+ "aria-brailleroledescription",
+ "aria-busy",
+ "aria-checked",
+ "aria-colcount",
+ "aria-colindex",
+ "aria-colindextext",
+ "aria-colspan",
+ "aria-controls",
+ "aria-current",
+ "aria-describedby",
+ "aria-description",
+ "aria-details",
+ "aria-disabled",
+ "aria-dropeffect",
+ "aria-errormessage",
+ "aria-expanded",
+ "aria-flowto",
+ "aria-grabbed",
+ "aria-haspopup",
+
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2022-04-30 22:52:30
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538 (New)
Package is "rubygem-loofah"
Sat Apr 30 22:52:30 2022 rev:22 rq:974054 version:2.16.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2022-03-07 17:49:03.319083209 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1538/rubygem-loofah.changes
2022-04-30 22:52:39.936234625 +0200
@@ -1,0 +2,21 @@
+Thu Apr 28 05:35:21 UTC 2022 - Stephan Kulow
+
+updated to version 2.16.0
+ see installed CHANGELOG.md
+
+ ## 2.16.0 / 2022-04-01
+
+ ### Features
+
+ * Allow MathML elements `menclose` and `ms`, and MathML attributes `dir`,
`href`, `lquote`, `mathsize`, `notation`, and `rquote`.
[[#231](https://github.com/flavorjones/loofah/issues/231)] (Thanks,
[@nick-desteffen](https://github.com/nick-desteffen)!)
+
+
+ ## 2.15.0 / 2022-03-14
+
+ ### Features
+
+ * Expand set of allowed protocols to include `sms:`.
[[#228](https://github.com/flavorjones/loofah/issues/228)] (Thanks,
[@brendon](https://github.com/brendon)!)
+
+
+
+---
Old:
loofah-2.14.0.gem
New:
loofah-2.16.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.fOb04f/_old 2022-04-30 22:52:40.540235442 +0200
+++ /var/tmp/diff_new_pack.fOb04f/_new 2022-04-30 22:52:40.544235447 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.14.0
+Version:2.16.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.14.0.gem -> loofah-2.16.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2022-02-11 20:08:24.0 +0100
+++ new/CHANGELOG.md2022-04-01 20:17:15.0 +0200
@@ -1,5 +1,19 @@
# Changelog
+## 2.16.0 / 2022-04-01
+
+### Features
+
+* Allow MathML elements `menclose` and `ms`, and MathML attributes `dir`,
`href`, `lquote`, `mathsize`, `notation`, and `rquote`.
[[#231](https://github.com/flavorjones/loofah/issues/231)] (Thanks,
[@nick-desteffen](https://github.com/nick-desteffen)!)
+
+
+## 2.15.0 / 2022-03-14
+
+### Features
+
+* Expand set of allowed protocols to include `sms:`.
[[#228](https://github.com/flavorjones/loofah/issues/228)] (Thanks,
[@brendon](https://github.com/brendon)!)
+
+
## 2.14.0 / 2022-02-11
### Features
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2022-02-11 20:08:24.0 +0100
+++ new/lib/loofah/html5/safelist.rb2022-04-01 20:17:15.0 +0200
@@ -148,6 +148,7 @@
"annotation-xml",
"maction",
"math",
+ "menclose",
"merror",
"mfenced",
"mfrac",
@@ -161,6 +162,7 @@
"mprescripts",
"mroot",
"mrow",
+ "ms",
"mspace",
"msqrt",
"mstyle",
@@ -313,6 +315,7 @@
"columnspacing",
"columnspan",
"depth",
+"dir",
"display",
"displaystyle",
"encoding",
@@ -323,19 +326,24 @@
"fontweight",
"frame",
"height",
+"href",
"linethickness",
+"lquote",
"lspace",
"mathbackground",
"mathcolor",
+"mathsize",
"mathvariant",
"maxsize",
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2022-03-07 17:48:14
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1958 (New)
Package is "rubygem-loofah"
Mon Mar 7 17:48:14 2022 rev:21 rq:959948 version:2.14.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2021-12-25 20:17:11.605276354 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1958/rubygem-loofah.changes
2022-03-07 17:49:03.319083209 +0100
@@ -1,0 +2,14 @@
+Thu Mar 3 08:22:28 UTC 2022 - Stephan Kulow
+
+updated to version 2.14.0
+ see installed CHANGELOG.md
+
+ ## 2.14.0 / 2022-02-11
+
+ ### Features
+
+ * The `#to_text` method on `Loofah::HTML::{Document,DocumentFragment}`
replaces `` line break elements with a newline.
[[#225](https://github.com/flavorjones/loofah/issues/225)]
+
+
+
+---
Old:
loofah-2.13.0.gem
New:
loofah-2.14.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.JDzxnE/_old 2022-03-07 17:49:03.843083058 +0100
+++ /var/tmp/diff_new_pack.JDzxnE/_new 2022-03-07 17:49:03.847083057 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-loofah
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.13.0
+Version:2.14.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
@@ -45,6 +45,7 @@
Loofah excels at HTML sanitization (XSS prevention). It includes some nice
HTML sanitizers,
which are based on HTML5lib's whitelist, so it most likely won't make your
codes less secure.
+
%prep
%build
++ loofah-2.13.0.gem -> loofah-2.14.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2021-12-10 06:20:57.0 +0100
+++ new/CHANGELOG.md2022-02-11 20:08:24.0 +0100
@@ -1,5 +1,12 @@
# Changelog
+## 2.14.0 / 2022-02-11
+
+### Features
+
+* The `#to_text` method on `Loofah::HTML::{Document,DocumentFragment}`
replaces `` line break elements with a newline.
[[#225](https://github.com/flavorjones/loofah/issues/225)]
+
+
## 2.13.0 / 2021-12-10
### Bug fixes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2021-12-10 06:20:57.0 +0100
+++ new/README.md 2022-02-11 20:08:24.0 +0100
@@ -133,13 +133,12 @@
doc.text# => "ohai! div is safe "
```
-Also, `to_text` is available, which does the right thing with
-whitespace around block-level elements.
+Also, `to_text` is available, which does the right thing with whitespace
around block-level and line break elements.
``` ruby
-doc = Loofah.fragment("TitleContent")
-doc.text# => "TitleContent" # probably not what you want
-doc.to_text # => "\nTitle\n\nContent\n" # better
+doc = Loofah.fragment("TitleContentNext line")
+doc.text# => "TitleContentNext line"# probably not what you
want
+doc.to_text # => "\nTitle\n\nContent\nNext line\n" # better
```
### Loofah::XML::Document and Loofah::XML::DocumentFragment
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/elements.rb new/lib/loofah/elements.rb
--- old/lib/loofah/elements.rb 2021-12-10 06:20:57.0 +0100
+++ new/lib/loofah/elements.rb 2022-02-11 20:08:24.0 +0100
@@ -70,8 +70,6 @@
video
]
-STRICT_BLOCK_LEVEL = STRICT_BLOCK_LEVEL_HTML4 + STRICT_BLOCK_LEVEL_HTML5
-
# The following elements may also be considered block-level
# elements since they may contain block-level elements
LOOSE_BLOCK_LEVEL = Set.new %w[dd
@@ -86,7 +84,12 @@
tr
]
+# Elements that aren't block but should generate a newline in #to_text
+INLINE_LINE_BREAK = Set.new(["br"])
+
+STRICT_BLOCK_LEVEL = STRICT_BLOCK_LEVEL_HTML4 + STRICT_BLOCK_LEVEL_HTML5
BLOCK_LEVEL = STRICT_BLOCK_LEVEL + LOOSE_BLOCK_LEVEL
+LINEBREAKERS = BLOCK_LEVEL + INLINE_LINE_BREAK
end
::Loofah::MetaHelpers.add_downcased_set_members_to
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2021-12-25 20:16:44
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2520 (New)
Package is "rubygem-loofah"
Sat Dec 25 20:16:44 2021 rev:20 rq:942432 version:2.13.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2021-08-25 20:59:39.893046449 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2520/rubygem-loofah.changes
2021-12-25 20:17:11.605276354 +0100
@@ -1,0 +2,9 @@
+Fri Dec 24 23:54:55 UTC 2021 - Manuel Schnitzer
+
+- updated to version 2.13.0
+
+ ### Bug fixes
+
+ * Loofah::HTML::DocumentFragment#text no longer serializes top-level comment
children. [[#221](https://github.com/flavorjones/loofah/issues/221)]
+
+---
Old:
loofah-2.12.0.gem
New:
loofah-2.13.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.mqNPsP/_old 2021-12-25 20:17:12.021276693 +0100
+++ /var/tmp/diff_new_pack.mqNPsP/_new 2021-12-25 20:17:12.025276696 +0100
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.12.0
+Version:2.13.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.12.0.gem -> loofah-2.13.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2021-08-11 19:30:17.0 +0200
+++ new/CHANGELOG.md2021-12-10 06:20:57.0 +0100
@@ -1,5 +1,12 @@
# Changelog
+## 2.13.0 / 2021-12-10
+
+### Bug fixes
+
+* Loofah::HTML::DocumentFragment#text no longer serializes top-level comment
children. [[#221](https://github.com/flavorjones/loofah/issues/221)]
+
+
## 2.12.0 / 2021-08-11
### Features
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/instance_methods.rb
new/lib/loofah/instance_methods.rb
--- old/lib/loofah/instance_methods.rb 2021-08-11 19:30:17.0 +0200
+++ new/lib/loofah/instance_methods.rb 2021-12-10 06:20:57.0 +0100
@@ -93,7 +93,11 @@
#frag.text(:encode_special_chars => false) # =>
"alert('EVIL');"
#
def text(options = {})
- result = serialize_root.children.inner_text rescue ""
+ result = if serialize_root
+serialize_root.children.reject(&:comment?).map(&:inner_text).join("")
+ else
+""
+ end
if options[:encode_special_chars] == false
result # possibly dangerous if rendered in a browser
else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/version.rb new/lib/loofah/version.rb
--- old/lib/loofah/version.rb 2021-08-11 19:30:17.0 +0200
+++ new/lib/loofah/version.rb 2021-12-10 06:20:57.0 +0100
@@ -1,5 +1,5 @@
# frozen_string_literal: true
module Loofah
# The version of Loofah you are using
- VERSION = "2.12.0"
+ VERSION = "2.13.0"
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata2021-08-11 19:30:17.0 +0200
+++ new/metadata2021-12-10 06:20:57.0 +0100
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: loofah
version: !ruby/object:Gem::Version
- version: 2.12.0
+ version: 2.13.0
platform: ruby
authors:
- Mike Dalessio
@@ -9,7 +9,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2021-08-11 00:00:00.0 Z
+date: 2021-12-10 00:00:00.0 Z
dependencies:
- !ruby/object:Gem::Dependency
name: crass
@@ -199,7 +199,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubygems_version: 3.2.15
+rubygems_version: 3.2.32
signing_key:
specification_version: 4
summary: Loofah is a general library for manipulating and transforming
HTML/XML documents
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2021-08-25 20:58:08
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1899 (New)
Package is "rubygem-loofah"
Wed Aug 25 20:58:08 2021 rev:19 rq:914125 version:2.12.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2021-07-02 13:28:39.432206542 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.1899/rubygem-loofah.changes
2021-08-25 20:59:39.893046449 +0200
@@ -1,0 +2,25 @@
+Wed Aug 25 05:14:19 UTC 2021 - Manuel Schnitzer
+
+- updated to version 2.12.0
+
+ ## 2.12.0 / 2021-08-11
+
+ ### Features
+
+ * Support empty HTML5 data attributes.
[[#215](https://github.com/flavorjones/loofah/issues/215)]
+
+
+ ## 2.11.0 / 2021-07-31
+
+ ### Features
+
+ * Allow HTML5 element `wbr`.
+ * Allow all CSS property values for `border-collapse`.
[[#201](https://github.com/flavorjones/loofah/issues/201)]
+
+
+ ### Changes
+
+ * Deprecating `Loofah::HTML5::SafeList::VOID_ELEMENTS` which is not a
canonical list of void HTML4 or HTML5 elements.
+ * Removed some elements from `Loofah::HTML5::SafeList::VOID_ELEMENTS` that
either are not acceptable elements or aren't considered "void" by libxml2.
+
+---
Old:
loofah-2.10.0.gem
New:
loofah-2.12.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.QZNntp/_old 2021-08-25 20:59:40.373045819 +0200
+++ /var/tmp/diff_new_pack.QZNntp/_new 2021-08-25 20:59:40.377045814 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.10.0
+Version:2.12.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
@@ -45,7 +45,6 @@
Loofah excels at HTML sanitization (XSS prevention). It includes some nice
HTML sanitizers,
which are based on HTML5lib's whitelist, so it most likely won't make your
codes less secure.
-
%prep
%build
++ loofah-2.10.0.gem -> loofah-2.12.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2021-06-06 19:00:32.0 +0200
+++ new/CHANGELOG.md2021-08-11 19:30:17.0 +0200
@@ -1,5 +1,26 @@
# Changelog
+## 2.12.0 / 2021-08-11
+
+### Features
+
+* Support empty HTML5 data attributes.
[[#215](https://github.com/flavorjones/loofah/issues/215)]
+
+
+## 2.11.0 / 2021-07-31
+
+### Features
+
+* Allow HTML5 element `wbr`.
+* Allow all CSS property values for `border-collapse`.
[[#201](https://github.com/flavorjones/loofah/issues/201)]
+
+
+### Changes
+
+* Deprecating `Loofah::HTML5::SafeList::VOID_ELEMENTS` which is not a
canonical list of void HTML4 or HTML5 elements.
+* Removed some elements from `Loofah::HTML5::SafeList::VOID_ELEMENTS` that
either are not acceptable elements or aren't considered "void" by libxml2.
+
+
## 2.10.0 / 2021-06-06
### Features
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2021-06-06 19:00:32.0 +0200
+++ new/README.md 2021-08-11 19:30:17.0 +0200
@@ -6,8 +6,7 @@
## Status
-[](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah)
-[](https://codeclimate.com/github/flavorjones/loofah)
+[](https://github.com/flavorjones/loofah/actions/workflows/ci.yml)
[](https://tidelift.com/subscription/pkg/rubygems-loofah?utm_source=rubygems-loofah&utm_medium=referral&utm_campaign=readme)
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2021-06-06 19:00:32.0 +0200
+++ new/lib/loofah/html5/safelist.rb2021-08-11 19:30:17.0 +0200
@@ -140,6 +140,7 @@
"ul",
"var",
"video",
+ "wbr",
])
MATHML_ELEMENTS = Set.new([
@@ -637,6 +638,8 @@
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2021-07-02 13:27:41
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2625 (New)
Package is "rubygem-loofah"
Fri Jul 2 13:27:41 2021 rev:18 rq:903514 version:2.10.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2021-04-21 21:00:32.946309993 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2625/rubygem-loofah.changes
2021-07-02 13:28:39.432206542 +0200
@@ -1,0 +2,14 @@
+Thu Jun 24 17:35:09 UTC 2021 - Stephan Kulow
+
+updated to version 2.10.0
+ see installed CHANGELOG.md
+
+ ## 2.10.0 / 2021-06-06
+
+ ### Features
+
+ * Allow CSS properties `overflow-x` and `overflow-y`.
[[#206](https://github.com/flavorjones/loofah/issues/206)] (Thanks,
[@sampokuokkanen](https://github.com/sampokuokkanen)!)
+
+
+
+---
Old:
loofah-2.9.1.gem
New:
loofah-2.10.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.Ttu7Wp/_old 2021-07-02 13:28:39.788203780 +0200
+++ /var/tmp/diff_new_pack.Ttu7Wp/_new 2021-07-02 13:28:39.788203780 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.9.1
+Version:2.10.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
@@ -45,6 +45,7 @@
Loofah excels at HTML sanitization (XSS prevention). It includes some nice
HTML sanitizers,
which are based on HTML5lib's whitelist, so it most likely won't make your
codes less secure.
+
%prep
%build
++ loofah-2.9.1.gem -> loofah-2.10.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2021-04-07 17:17:52.0 +0200
+++ new/CHANGELOG.md2021-06-06 19:00:32.0 +0200
@@ -1,5 +1,12 @@
# Changelog
+## 2.10.0 / 2021-06-06
+
+### Features
+
+* Allow CSS properties `overflow-x` and `overflow-y`.
[[#206](https://github.com/flavorjones/loofah/issues/206)] (Thanks,
[@sampokuokkanen](https://github.com/sampokuokkanen)!)
+
+
## 2.9.1 / 2021-04-07
### Bug fixes
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb2021-04-07 17:17:52.0 +0200
+++ new/lib/loofah/html5/safelist.rb2021-06-06 19:00:32.0 +0200
@@ -588,6 +588,8 @@
"max-width",
"order",
"overflow",
+"overflow-x",
+"overflow-y",
"page-break-after",
"page-break-before",
"page-break-inside",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/version.rb new/lib/loofah/version.rb
--- old/lib/loofah/version.rb 2021-04-07 17:17:52.0 +0200
+++ new/lib/loofah/version.rb 2021-06-06 19:00:32.0 +0200
@@ -1,5 +1,5 @@
# frozen_string_literal: true
module Loofah
# The version of Loofah you are using
- VERSION = "2.9.1"
+ VERSION = "2.10.0"
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata2021-04-07 17:17:52.0 +0200
+++ new/metadata2021-06-06 19:00:32.0 +0200
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: loofah
version: !ruby/object:Gem::Version
- version: 2.9.1
+ version: 2.10.0
platform: ruby
authors:
- Mike Dalessio
@@ -9,7 +9,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2021-04-07 00:00:00.0 Z
+date: 2021-06-06 00:00:00.0 Z
dependencies:
- !ruby/object:Gem::Dependency
name: nokogiri
@@ -213,7 +213,7 @@
- !ruby/object:Gem::Version
version: '0'
requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.2.15
signing_key:
specification_version: 4
summary: Loofah is a general library for manipulating and transforming
HTML/XML documents
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2021-04-21 21:00:04
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324 (New)
Package is "rubygem-loofah"
Wed Apr 21 21:00:04 2021 rev:17 rq:887019 version:2.9.1
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2021-01-21 21:55:04.169786454 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.12324/rubygem-loofah.changes
2021-04-21 21:00:32.946309993 +0200
@@ -1,0 +2,10 @@
+Tue Apr 20 13:38:21 UTC 2021 - Manuel Schnitzer
+
+- updated to version 2.9.1
+
+ ### Bug fixes
+
+ * Fix a regression in v2.9.0 which inappropriately removed CSS properties
+with quoted string values.
[[#202](https://github.com/flavorjones/loofah/issues/202)]
+
+---
Old:
loofah-2.9.0.gem
New:
loofah-2.9.1.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.akooEm/_old 2021-04-21 21:00:33.402310711 +0200
+++ /var/tmp/diff_new_pack.akooEm/_new 2021-04-21 21:00:33.406310717 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.9.0
+Version:2.9.1
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.9.0.gem -> loofah-2.9.1.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2021-01-14 22:36:18.0 +0100
+++ new/CHANGELOG.md2021-04-07 17:17:52.0 +0200
@@ -1,11 +1,22 @@
# Changelog
-### 2.9.0 / 2021-01-14
+## 2.9.1 / 2021-04-07
+
+### Bug fixes
+
+* Fix a regression in v2.9.0 which inappropriately removed CSS properties with
quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)]
+
+
+## 2.9.0 / 2021-01-14
+
+### Features
* Handle CSS functions in a CSS shorthand property (like `background`).
[[#199](https://github.com/flavorjones/loofah/issues/199),
[#200](https://github.com/flavorjones/loofah/issues/200)]
-### 2.8.0 / 2020-11-25
+## 2.8.0 / 2020-11-25
+
+### Features
* Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`,
`flex-shrink`, `flex-flow`, `flex-basis`, `flex`, `justify-content`,
`align-self`, `align-items`, and `align-content`.
[[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks,
[@miguelperez](https://github.com/miguelperez)!)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/README.md new/README.md
--- old/README.md 2021-01-14 22:36:18.0 +0100
+++ new/README.md 2021-04-07 17:17:52.0 +0200
@@ -1,12 +1,12 @@
# Loofah
* https://github.com/flavorjones/loofah
-* Docs: http://rubydoc.info/github/flavorjones/loofah/master/frames
+* Docs: http://rubydoc.info/github/flavorjones/loofah/main/frames
* Mailing list:
[loofah-t...@googlegroups.com](https://groups.google.com/forum/#!forum/loofah-talk)
## Status
-[](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah?groups=master)
+[](https://ci.nokogiri.org/teams/nokogiri-core/pipelines/loofah)
[](https://codeclimate.com/github/flavorjones/loofah)
[](https://tidelift.com/subscription/pkg/rubygems-loofah?utm_source=rubygems-loofah&utm_medium=referral&utm_campaign=readme)
@@ -211,7 +211,7 @@
Loofah.xml_document(File.read('plague.xml')).scrub!(bring_out_your_dead)
```
-=== Built-In HTML Scrubbers
+### Built-In HTML Scrubbers
Loofah comes with a set of sanitizing scrubbers that use HTML5lib's
safelist algorithm:
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/scrub.rb
new/lib/loofah/html5/scrub.rb
--- old/lib/loofah/html5/scrub.rb 2021-01-14 22:36:18.0 +0100
+++ new/lib/loofah/html5/scrub.rb 2021-04-07 17:17:52.0 +0200
@@ -9,6 +9,7 @@
CSS_KEYWORDISH =
/\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/
CRASS_SEMICOLON = { node: :semicolon, raw: ";" }
CSS_IMPORTANT = '!important'
+
commit rubygem-loofah for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2021-01-21 21:55:02
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.28504 (New)
Package is "rubygem-loofah"
Thu Jan 21 21:55:02 2021 rev:16 rq:864570 version:2.9.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2020-12-11 20:16:22.640651231 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.28504/rubygem-loofah.changes
2021-01-21 21:55:04.169786454 +0100
@@ -1,0 +2,8 @@
+Wed Jan 20 07:36:46 UTC 2021 - Manuel Schnitzer
+
+- updated to version 2.9.0
+
+ * Handle CSS functions in a CSS shorthand property (like `background`).
[[#199](https://github.com/flavorjones/loofah/issues/199),
+[#200](https://github.com/flavorjones/loofah/issues/200)]
+
+---
Old:
loofah-2.8.0.gem
New:
loofah-2.9.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.A0JO1U/_old 2021-01-21 21:55:04.689786650 +0100
+++ /var/tmp/diff_new_pack.A0JO1U/_new 2021-01-21 21:55:04.689786650 +0100
@@ -1,7 +1,7 @@
#
# spec file for package rubygem-loofah
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version:2.8.0
+Version:2.9.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++ loofah-2.8.0.gem -> loofah-2.9.0.gem ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md2020-11-25 22:12:09.0 +0100
+++ new/CHANGELOG.md2021-01-14 22:36:18.0 +0100
@@ -1,5 +1,10 @@
# Changelog
+### 2.9.0 / 2021-01-14
+
+* Handle CSS functions in a CSS shorthand property (like `background`).
[[#199](https://github.com/flavorjones/loofah/issues/199),
[#200](https://github.com/flavorjones/loofah/issues/200)]
+
+
### 2.8.0 / 2020-11-25
* Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`,
`flex-shrink`, `flex-flow`, `flex-basis`, `flex`, `justify-content`,
`align-self`, `align-items`, and `align-content`.
[[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks,
[@miguelperez](https://github.com/miguelperez)!)
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/scrub.rb
new/lib/loofah/html5/scrub.rb
--- old/lib/loofah/html5/scrub.rb 2020-11-25 22:12:09.0 +0100
+++ new/lib/loofah/html5/scrub.rb 2021-01-14 22:36:18.0 +0100
@@ -7,22 +7,22 @@
module Scrub
CONTROL_CHARACTERS = /[`\u-\u0020\u007f\u0080-\u0101]/
CSS_KEYWORDISH =
/\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(ch|cm|r?em|ex|in|lh|mm|pc|pt|px|Q|vmax|vmin|vw|vh|%|,|\))?)\z/
- CRASS_SEMICOLON = { :node => :semicolon, :raw => ";" }
+ CRASS_SEMICOLON = { node: :semicolon, raw: ";" }
CSS_IMPORTANT = '!important'
class << self
def allowed_element?(element_name)
- ::Loofah::HTML5::SafeList::ALLOWED_ELEMENTS_WITH_LIBXML2.include?
element_name
+
::Loofah::HTML5::SafeList::ALLOWED_ELEMENTS_WITH_LIBXML2.include?(element_name)
end
# alternative implementation of the html5lib attribute scrubbing
algorithm
def scrub_attributes(node)
node.attribute_nodes.each do |attr_node|
attr_name = if attr_node.namespace
-
"#{attr_node.namespace.prefix}:#{attr_node.node_name}"
-else
- attr_node.node_name
-end
+ "#{attr_node.namespace.prefix}:#{attr_node.node_name}"
+else
+ attr_node.node_name
+end
if attr_name =~ /\Adata-[\w-]+\z/
next
@@ -58,13 +58,13 @@
end
end
- scrub_css_attribute node
+ scrub_css_attribute(node)
node.attribute_nodes.each do |attr_node|
node.remove_attribute(attr_node.name) if attr_node.value !~
/[^[:space:]]/
end
- force_correct_attribute_escaping! node
+ force_correct_attribute_escaping!(node)
end
def scrub_css_attribute(node)
@@ -73,33 +73,50 @@
e
commit rubygem-loofah for openSUSE:Factory
Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2020-12-11 20:16:21
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2328 (New)
Package is "rubygem-loofah"
Fri Dec 11 20:16:21 2020 rev:15 rq:854706 version:2.8.0
Changes:
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2020-09-14 12:32:00.537239477 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.2328/rubygem-loofah.changes
2020-12-11 20:16:22.640651231 +0100
@@ -1,0 +2,9 @@
+Fri Dec 11 03:13:59 UTC 2020 - Manuel Schnitzer
+
+- updated to version 2.8.0
+
+ * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`,
`flex-shrink`, `flex-flow`,
+ `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and
`align-content`.
+ [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks,
[@miguelperez](https://github.com/miguelperez)!)
+
+---
Old:
loofah-2.7.0.gem
New:
loofah-2.8.0.gem
Other differences:
--
++ rubygem-loofah.spec ++
--- /var/tmp/diff_new_pack.dcW8Rb/_old 2020-12-11 20:16:23.284651498 +0100
+++ /var/tmp/diff_new_pack.dcW8Rb/_new 2020-12-11 20:16:23.292651501 +0100
@@ -24,13 +24,12 @@
#
Name: rubygem-loofah
-Version:2.7.0
+Version:2.8.0
Release:0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: %{rubygem gem2rpm}
-BuildRequires: %{rubygem rdoc > 3.10}
BuildRequires: %{ruby}
BuildRequires: ruby-macros >= 5
URL:https://github.com/flavorjones/loofah
++ loofah-2.7.0.gem -> loofah-2.8.0.gem ++
3461 lines of diff (skipped)
___
openSUSE Commits mailing list -- commit@lists.opensuse.org
To unsubscribe, email commit-le...@lists.opensuse.org
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives:
https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
