Commit Graph

33 Commits

Author SHA256 Message Date
177b1af6a1 - Remove not needed dependency python-packaging
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=47
2023-03-24 11:39:17 +00:00
46a7d5b1cd - Remove not needed python-six dependency
- Remove python_module macro definition
- More specific python_sitelib in files

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=45
2022-11-03 09:01:34 +00:00
Steve Kowalik
2605210ed4 - Update to 5.0.1:
* Add missing comma to tinycss2 require. Thank you, @shadchin!
  * Add url parse tests based on wpt url tests. (#688)
  * Support scheme-less urls if "https" is in allow list. (#662)
  * Handle escaping ``<`` in edge cases where it doesn't start a tag. (#544)
  * Correctly urlencode email address parts. Thank you, @larseggert! (#659)
  * ``clean`` and ``linkify`` now preserve the order of HTML attributes.
  * Drop support for Python 3.6. Thank you, @hugovk! (#629)
  * CSS sanitization in style tags is completely different now.
  * Python 3.9 support
  * Drop support for unsupported Python versions <3.6. (#520)
  * add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq
- Refresh de-vendor.patch, and convert to patch level 1

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=43
2022-09-29 07:00:27 +00:00
19b3ff6175 Accepting request 884898 from home:AndreasStieger:branches:devel:languages:python
python-bleach 3.3.0 CVE-2021-23980 boo#1184547

OBS-URL: https://build.opensuse.org/request/show/884898
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=41
2021-04-13 10:30:56 +00:00
Tomáš Chvátal
efa22fed01 - Skip tests that fail with html5lib 1.1 ref the upstream ticket
* replace missing ``setuptools`` dependency with ``packaging``. Thank you Benjamin Peterson.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=39
2020-08-31 09:15:54 +00:00
Tomáš Chvátal
f264ca5fab - Update to 3.1.5:
* * replace missing ``setuptools`` dependency with ``packaging``. Thank you Benjamin Peterson.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=37
2020-05-06 07:14:32 +00:00
5e4292f9bb - update to 3.1.4 (bsc#1168280, CVE-2020-6817):
* ``bleach.clean`` behavior parsing style attributes could result in a
    regular expression denial of service (ReDoS).
    Calls to ``bleach.clean`` with an allowed tag with an allowed
    ``style`` attribute were vulnerable to ReDoS. For example,
    ``bleach.clean(..., attributes={'a': ['style']})``.
  * Style attributes with dashes, or single or double quoted values are
    cleaned instead of passed through.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=35
2020-04-01 11:21:16 +00:00
e36ce7b3c2 address review feedback from https://build.opensuse.org/request/show/790090
- update to 3.1.3 (bsc#1167379, CVE-2020-6816):

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=34
2020-03-31 20:28:11 +00:00
2cc23971a9 - update to 3.1.3 (bsc#1167379):
* Add relative link to code of conduct. (#442)
  * Drop deprecated 'setup.py test' support. (#507)
  * Fix typo: curren -> current in tests/test_clean.py (#504)
  * Test on PyPy 7
  * Drop test support for end of life Python 3.4
  * ``bleach.clean`` behavior parsing embedded MathML and SVG content
    with RCDATA tags did not match browser behavior and could result in
    a mutation XSS.
    Calls to ``bleach.clean`` with ``strip=False`` and ``math`` or
    ``svg`` tags and one or more of the RCDATA tags ``script``,
    ``noscript``, ``style``, ``noframes``, ``iframe``, ``noembed``, or
    ``xmp`` in the allowed tags whitelist were vulnerable to a mutation
    XSS.
    This security issue was confirmed in Bleach version v3.1.1. Earlier
    versions are likely affected too.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=32
2020-03-23 10:22:56 +00:00
Tomáš Chvátal
394b9b98a6 Accepting request 780338 from home:atopt:branches:devel:languages:python
- Update to V3.1.1: Security update for CVE-2020-6802  
  * CVE-2020-6802: Fixed mutation XSS vulnerabilities (bsc#1165303).

OBS-URL: https://build.opensuse.org/request/show/780338
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=30
2020-02-29 10:05:37 +00:00
bb709d0cb6 Run spec-cleaner
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=29
2020-01-08 09:36:43 +00:00
dd30fdb54f - Switch off test_uri_value_allowed_protocols test to work around
gh#mozilla/bleach#503.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=28
2020-01-08 09:36:18 +00:00
Tomáš Chvátal
3741963f03 - Restrict pytest to <5.0; upstream has an issue already reported
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=26
2019-07-19 12:03:38 +00:00
Tomáš Chvátal
b1e5f6a0bb Accepting request 681074 from home:jayvdb:noflake8
- Add de-vendor.patch to avoid new vendoring of html5lib in v3.1.0
- Remove direct dependency on webencodings, a dependency of html5lib
- Update to v3.1.0

OBS-URL: https://build.opensuse.org/request/show/681074
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=24
2019-03-03 12:34:08 +00:00
Todd R
64204dd675 Accepting request 654136 from home:jengelh:branches:devel:languages:python
- Trim rhetorics and bias from descriptions.

OBS-URL: https://build.opensuse.org/request/show/654136
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=22
2018-12-05 19:22:46 +00:00
3c2753cf75 Clean up the SPEC file
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=21
2018-12-04 17:10:21 +00:00
2846e60ac2 Remove superfluous devel dependency for noarch package
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=20
2018-12-04 13:16:55 +00:00
Tomáš Chvátal
c2eee5a36f Accepting request 589012 from home:kbabioch:branches:devel:languages:python
- Update to version 2.1.3:
  * Attributes that have URI values weren't properly sanitized if the
    values contained character entities. Using character entities, it
    was possible to construct a URI value with a scheme that was not
    allowed that would slide through unsanitized.
    (CVE-2018-7753 bnc#1085969)

OBS-URL: https://build.opensuse.org/request/show/589012
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=18
2018-03-20 09:37:42 +00:00
Tomáš Chvátal
b910cc8b93 osc copypac from project:devel:languages:python package:python-bleach revision:11
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=17
2017-12-13 14:46:54 +00:00
Tomáš Chvátal
44acfc3ed6 osc copypac from project:devel:languages:python package:python-bleach revision:13
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=16
2017-12-13 14:45:06 +00:00
Tomáš Chvátal
6233b41349 Add python-six to runtime deps as per setup.py
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=15
2017-12-13 14:36:08 +00:00
Tomáš Chvátal
50e6385bd7 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=14 2017-12-13 14:28:13 +00:00
Tomáš Chvátal
9862f6181f - Add patch pytest-requirement.patch to build with new pytest-runner
- Version update to 2.1.2:
  * Support new html5lib

- Convert to singlespec and enable tests/etc.

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=13
2017-12-13 14:27:19 +00:00
Tomáš Chvátal
3689b3a762 osc copypac from project:openSUSE:infrastructure:elections.opensuse.org package:python-bleach revision:3
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=12
2017-12-13 14:12:06 +00:00
Tomáš Chvátal
c44a6c6eba Accepting request 555279 from home:apersaud:branches:devel:languages:python
update to latest version

OBS-URL: https://build.opensuse.org/request/show/555279
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=10
2017-12-09 12:39:53 +00:00
1d0a64577f Accepting request 540765 from home:apersaud:branches:devel:languages:python
update to latest version

OBS-URL: https://build.opensuse.org/request/show/540765
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=8
2017-11-13 09:18:37 +00:00
Dominique Leuenberger
817fc6f94e Accepting request 493464 from devel:languages:python
Needed by python-jupyter_nbconvert, which is already in openSUSE:Factory.

OBS-URL: https://build.opensuse.org/request/show/493464
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-bleach?expand=0&rev=1
2017-05-09 16:03:57 +00:00
Todd R
117afdf080 Accepting request 487617 from home:TheBlackCat:branches:devel:languages:python
Fix source URL

OBS-URL: https://build.opensuse.org/request/show/487617
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=6
2017-04-12 15:28:57 +00:00
Todd R
dbd38b3c33 Accepting request 486218 from home:TheBlackCat:branches:devel:languages:python
* Update to Version 2.0.0
* Implement single-spec version

OBS-URL: https://build.opensuse.org/request/show/486218
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=5
2017-04-06 17:57:05 +00:00
Todd R
ffd286e797 Accepting request 328828 from home:TheBlackCat:branches:devel:languages:python
Fix build on SLE 11

OBS-URL: https://build.opensuse.org/request/show/328828
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=4
2015-09-03 15:15:38 +00:00
Denisart Benjamin
6d40d0f003 Accepting request 321278 from home:frispete:python
- eabled checks again: don't know, why they failed in the first place

OBS-URL: https://build.opensuse.org/request/show/321278
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=3
2015-08-08 15:05:21 +00:00
Todd R
2ff2922b15 Accepting request 319611 from home:frispete:python
Guess, I'm not the only one, that could make use of it..

OBS-URL: https://build.opensuse.org/request/show/319611
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=2
2015-08-03 12:12:19 +00:00
Sascha Peilicke
bc41ab51a8 Accepting request 235461 from home:frispete:python
that's a useful library

OBS-URL: https://build.opensuse.org/request/show/235461
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=1
2014-06-02 09:05:03 +00:00