- Update to 5.0.1:

* Add missing comma to tinycss2 require. Thank you, @shadchin! * Add url parse tests based on wpt url tests. (#688) * Support scheme-less urls if "https" is in allow list. (#662) * Handle escaping ``<`` in edge cases where it doesn't start a tag. (#544) * Correctly urlencode email address parts. Thank you, @larseggert! (#659) * ``clean`` and ``linkify`` now preserve the order of HTML attributes. * Drop support for Python 3.6. Thank you, @hugovk! (#629) * CSS sanitization in style tags is completely different now. * Python 3.9 support * Drop support for unsupported Python versions <3.6. (#520) * add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq - Refresh de-vendor.patch, and convert to patch level 1 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=43
2022-09-29 07:00:27 +00:00 · 2022-09-29 07:00:27 +00:00 · 2605210ed4
commit 2605210ed4
parent 19b3ff6175
5 changed files with 43 additions and 26 deletions
--- a/bleach-3.3.0.tar.gz
+++ b/bleach-3.3.0.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:98b3170739e5e83dd9dc19633f074727ad848cbedb6026708c8ac2d3b697a433
-size 181274
--- a/bleach-5.0.1.tar.gz
+++ b/bleach-5.0.1.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0d03255c47eb9bd2f26aa9bb7f2107732e7e8fe195ca2f64709fcf3b0a4a085c
+size 199642
--- a/de-vendor.patch
+++ b/de-vendor.patch
@ -1,8 +1,6 @@
-Index: bleach/html5lib_shim.py
-===================================================================
--- bleach/html5lib_shim.py.orig
-+++ bleach/html5lib_shim.py
-@@ -18,44 +18,44 @@ warnings.filterwarnings(
+--- a/bleach/html5lib_shim.py.orig
+++ b/bleach/html5lib_shim.py
+@@ -14,46 +14,46 @@ warnings.filterwarnings(
     "ignore",
     message="html5lib's sanitizer is deprecated",
     category=DeprecationWarning,
@ -35,6 +33,8 @@ Index: bleach/html5lib_shim.py
 -from bleach._vendor.html5lib.filters.sanitizer import (
 +from html5lib.filters.sanitizer import (
     allowed_protocols,
+     allowed_css_properties,
+     allowed_svg_properties,
 )  # noqa: E402 module level import not at top of file
 -from bleach._vendor.html5lib.filters.sanitizer import (
 +from html5lib.filters.sanitizer import (
@ -59,29 +59,30 @@ Index: bleach/html5lib_shim.py
     Trie,
 )  # noqa: E402 module level import not at top of file
 
-Index: tests/test_clean.py
-===================================================================
--- tests/test_clean.py.orig
-+++ tests/test_clean.py
-@@ -7,7 +7,7 @@ import pytest
+--- a/tests/test_clean.py.orig
+++ b/tests/test_clean.py
+@@ -5,7 +5,7 @@ import pytest
 from bleach import clean
 from bleach.html5lib_shim import Filter
- from bleach.sanitizer import Cleaner
+ from bleach.sanitizer import ALLOWED_PROTOCOLS, Cleaner
 -from bleach._vendor.html5lib.constants import rcdataElements
 +from html5lib.constants import rcdataElements
 
 
- def test_clean_idempotent():
-Index: bleach/sanitizer.py
-===================================================================
--- bleach/sanitizer.py.orig
-+++ bleach/sanitizer.py
-@@ -283,7 +283,7 @@ class BleachSanitizerFilter(html5lib_shi
+ @pytest.mark.parametrize(
+--- a/bleach/sanitizer.py.orig
+++ b/bleach/sanitizer.py
+@@ -277,7 +277,7 @@ class BleachSanitizerFilter(html5lib_shi
             "ignore",
             message="html5lib's sanitizer is deprecated",
             category=DeprecationWarning,
 -            module="bleach._vendor.html5lib",
 +            module="html5lib",
         )
-         return super(BleachSanitizerFilter, self).__init__(source, **kwargs)
- 
+         return super().__init__(
+             source,
+--- a/bleach/parse_shim.py.orig
+++ b/bleach/parse_shim.py
+@@ -1 +1 @@
+-from bleach._vendor.parse import urlparse  # noqa
+from urllib.parse import urlparse  # noqa
--- a/python-bleach.changes
+++ b/python-bleach.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Thu Sep 29 06:58:58 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Update to 5.0.1:
+  * Add missing comma to tinycss2 require. Thank you, @shadchin!
+  * Add url parse tests based on wpt url tests. (#688)
+  * Support scheme-less urls if "https" is in allow list. (#662)
+  * Handle escaping ``<`` in edge cases where it doesn't start a tag. (#544)
+  * Correctly urlencode email address parts. Thank you, @larseggert! (#659)
+  * ``clean`` and ``linkify`` now preserve the order of HTML attributes.
+  * Drop support for Python 3.6. Thank you, @hugovk! (#629)
+  * CSS sanitization in style tags is completely different now.
+  * Python 3.9 support
+  * Drop support for unsupported Python versions <3.6. (#520)
+  * add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq
+- Refresh de-vendor.patch, and convert to patch level 1
+
 -------------------------------------------------------------------
 Tue Apr 13 09:20:21 UTC 2021 - Andreas Stieger <andreas.stieger@gmx.de>

--- a/python-bleach.spec
+++ b/python-bleach.spec
@ -1,7 +1,7 @@
 #
 # spec file for package python-bleach
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 # Copyright (c) 2015 LISA GmbH, Bingen, Germany.
 #
 # All modifications and additions to the file contributed by third parties
@ -19,7 +19,7 @@

 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-bleach
-Version:        3.3.0
+Version:        5.0.1
 Release:        0
 Summary:        A whitelist-based HTML-sanitizing tool
 License:        Apache-2.0
@ -54,8 +54,7 @@ unbalanced or mis-nested tags.
 Documentation is at http://bleach.readthedocs.org/ .

 %prep
-%setup -q -n bleach-%{version}
-%patch0
+%autosetup -p1 -n bleach-%{version}
 rm -rf bleach/_vendor

 %build