python-bleach

pool/python-bleach

SHA256

Fork 1

ca6b125ef0 Accepting request 1120892 from devel:languages:python factory Ana Guerrero 2023-10-29 18:39:48 +0000
2b7a6ad3d7 - update to 6.1.0: * Dropped support for Python 3.7. * Add support for Python 3.12. * Fix linkify with arrays in querystring * Handle more cases with < followed by character data * Fix entities inside a tags in linkification * Update cap for tinycss2 to <1.3 * Updated Sphinx requirement * Add dependabot for github actions and update github actions - Update to V3.1.1: Security update for CVE-2020-6802 * CVE-2020-6802: Fixed mutation XSS vulnerabilities (bsc#1165303). Dirk Mueller 2023-10-28 09:51:39 +0000
1dd5b37b3b Accepting request 1096012 from devel:languages:python Dominique Leuenberger 2023-06-30 17:58:26 +0000
6a4ad89810 Accepting request 1095966 from home:mcalabkova:branches:devel:languages:python:D Matej Cepl 2023-06-29 16:26:38 +0000
264dc20c81 Accepting request 1085516 from devel:languages:python Dominique Leuenberger 2023-05-09 11:08:03 +0000
a683d0f9c5 - Update to 6.0.0: * bleach.clean, bleach.sanitizer.Cleaner, bleach.html5lib_shim.BleachHTMLParser: the tags and protocols arguments were changed from lists to sets. * bleach.linkify, bleach.linkifier.Linker: the skip_tags and recognized_tags arguments were changed from lists to sets. * bleach.sanitizer.BleachSanitizerFilter: strip_allowed_elements is now strip_allowed_tags. We now use “tags” everywhere rather than a mishmash of “tags” in some places and “elements” in others. # Bug fixes * Add support for Python 3.11. (#675) * Fix API weirness in BleachSanitizerFilter. (#649) * We’re using “tags” instead of “elements” everywhere–no more weird overloading of “elements” anymore. * Also, it no longer calls the superclass constructor. * Add warning when css_sanitizer isn’t set, but the style attribute is allowed. (#676) * Fix linkify handling of character entities. (#501) * Rework dev dependencies to use requirements-dev.txt and requirements-flake8.txt instead of extras. * Fix project infrastructure to be tox-based so it’s easier to have CI run the same things we’re running in development and with flake8 in an isolated environment. * Update action versions in CI. * Switch to f-strings where possible. Make tests parametrized to be easier to read/maintain. Daniel Garcia 2023-05-08 12:00:20 +0000
16af7538d4 Accepting request 1081979 from devel:languages:python Dominique Leuenberger 2023-04-22 20:01:47 +0000
3ad0a28ce2 Accepting request 1081348 from home:dirkmueller:acdc:as_python3_module Dirk Mueller 2023-04-21 14:52:15 +0000
178fe72bbb Accepting request 1074154 from devel:languages:python Dominique Leuenberger 2023-03-25 17:55:13 +0000
177b1af6a1 - Remove not needed dependency python-packaging Daniel Garcia 2023-03-24 11:39:17 +0000
865d6a5ceb Accepting request 1033010 from devel:languages:python Dominique Leuenberger 2022-11-04 16:31:40 +0000
46a7d5b1cd - Remove not needed python-six dependency - Remove python_module macro definition - More specific python_sitelib in files Daniel Garcia 2022-11-03 09:01:34 +0000
78606a7767 Accepting request 1006839 from devel:languages:python Richard Brown 2022-10-01 15:42:38 +0000
2605210ed4 - Update to 5.0.1: * Add missing comma to tinycss2 require. Thank you, @shadchin! * Add url parse tests based on wpt url tests. (#688) * Support scheme-less urls if "https" is in allow list. (#662) * Handle escaping `< in edge cases where it doesn't start a tag. (#544) * Correctly urlencode email address parts. Thank you, @larseggert! (#659) * clean and linkify` now preserve the order of HTML attributes. * Drop support for Python 3.6. Thank you, @hugovk! (#629) * CSS sanitization in style tags is completely different now. * Python 3.9 support * Drop support for unsupported Python versions <3.6. (#520) * add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq - Refresh de-vendor.patch, and convert to patch level 1 Steve Kowalik 2022-09-29 07:00:27 +0000
ea092a2076 Accepting request 884911 from devel:languages:python Dominique Leuenberger 2021-04-14 11:05:10 +0000
19b3ff6175 Accepting request 884898 from home:AndreasStieger:branches:devel:languages:python Matej Cepl 2021-04-13 10:30:56 +0000
c20e423e50 Accepting request 830713 from devel:languages:python Dominique Leuenberger 2020-09-04 09:02:55 +0000
efa22fed01 - Skip tests that fail with html5lib 1.1 ref the upstream ticket * replace missing `setuptools dependency with packaging`. Thank you Benjamin Peterson. Tomáš Chvátal 2020-08-31 09:15:54 +0000
da3de4af4c Accepting request 800583 from devel:languages:python Dominique Leuenberger 2020-05-08 21:02:04 +0000
f264ca5fab - Update to 3.1.5: * * replace missing `setuptools dependency with packaging`. Thank you Benjamin Peterson. Tomáš Chvátal 2020-05-06 07:14:32 +0000
cf65231a75 Accepting request 790549 from devel:languages:python Dominique Leuenberger 2020-04-05 18:51:47 +0000
5e4292f9bb - update to 3.1.4 (bsc#1168280, CVE-2020-6817): * `bleach.clean behavior parsing style attributes could result in a regular expression denial of service (ReDoS). Calls to bleach.clean with an allowed tag with an allowed style attribute were vulnerable to ReDoS. For example, bleach.clean(..., attributes={'a': ['style']})`. * Style attributes with dashes, or single or double quoted values are cleaned instead of passed through. Dirk Mueller 2020-04-01 11:21:16 +0000
e36ce7b3c2 address review feedback from https://build.opensuse.org/request/show/790090 Dirk Mueller 2020-03-31 20:28:11 +0000
48b9e746b6 Accepting request 787398 from devel:languages:python Dominique Leuenberger 2020-03-26 23:28:19 +0000
2cc23971a9 - update to 3.1.3 (bsc#1167379): * Add relative link to code of conduct. (#442) * Drop deprecated 'setup.py test' support. (#507) * Fix typo: curren -> current in tests/test_clean.py (#504) * Test on PyPy 7 * Drop test support for end of life Python 3.4 * `bleach.clean behavior parsing embedded MathML and SVG content with RCDATA tags did not match browser behavior and could result in a mutation XSS. Calls to bleach.clean with strip=False and math or svg tags and one or more of the RCDATA tags script, noscript, style, noframes, iframe, noembed, or xmp` in the allowed tags whitelist were vulnerable to a mutation XSS. This security issue was confirmed in Bleach version v3.1.1. Earlier versions are likely affected too. Dirk Mueller 2020-03-23 10:22:56 +0000
928b2ef5b5 Accepting request 780475 from devel:languages:python Dominique Leuenberger 2020-03-08 21:22:00 +0000
394b9b98a6 Accepting request 780338 from home:atopt:branches:devel:languages:python Tomáš Chvátal 2020-02-29 10:05:37 +0000
bb709d0cb6 Run spec-cleaner Matej Cepl 2020-01-08 09:36:43 +0000
dd30fdb54f - Switch off test_uri_value_allowed_protocols test to work around gh#mozilla/bleach#503. Matej Cepl 2020-01-08 09:36:18 +0000
669eb1de7c Accepting request 717075 from devel:languages:python Dominique Leuenberger 2019-07-30 11:02:43 +0000
3741963f03 - Restrict pytest to <5.0; upstream has an issue already reported Tomáš Chvátal 2019-07-19 12:03:38 +0000
4e60753534 Accepting request 681085 from devel:languages:python Dominique Leuenberger 2019-03-04 08:23:44 +0000
b1e5f6a0bb Accepting request 681074 from home:jayvdb:noflake8 Tomáš Chvátal 2019-03-03 12:34:08 +0000
e0bf1d7dcc Accepting request 655395 from devel:languages:python Dominique Leuenberger 2018-12-13 18:47:15 +0000
64204dd675 Accepting request 654136 from home:jengelh:branches:devel:languages:python Todd R 2018-12-05 19:22:46 +0000
3c2753cf75 Clean up the SPEC file Matej Cepl 2018-12-04 17:10:21 +0000
2846e60ac2 Remove superfluous devel dependency for noarch package Matej Cepl 2018-12-04 13:16:55 +0000
4b7c41e4e1 Accepting request 589030 from devel:languages:python Dominique Leuenberger 2018-03-20 21:01:11 +0000
c2eee5a36f Accepting request 589012 from home:kbabioch:branches:devel:languages:python Tomáš Chvátal 2018-03-20 09:37:42 +0000
b910cc8b93 osc copypac from project:devel:languages:python package:python-bleach revision:11 Tomáš Chvátal 2017-12-13 14:46:54 +0000
44acfc3ed6 osc copypac from project:devel:languages:python package:python-bleach revision:13 Tomáš Chvátal 2017-12-13 14:45:06 +0000
6233b41349 Add python-six to runtime deps as per setup.py Tomáš Chvátal 2017-12-13 14:36:08 +0000
50e6385bd7 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=14 Tomáš Chvátal 2017-12-13 14:28:13 +0000
9862f6181f - Add patch pytest-requirement.patch to build with new pytest-runner Tomáš Chvátal 2017-12-13 14:27:19 +0000
3689b3a762 osc copypac from project:openSUSE:infrastructure:elections.opensuse.org package:python-bleach revision:3 Tomáš Chvátal 2017-12-13 14:12:06 +0000
81ccebfcf8 Accepting request 555534 from devel:languages:python Dominique Leuenberger 2017-12-11 17:56:32 +0000
c44a6c6eba Accepting request 555279 from home:apersaud:branches:devel:languages:python Tomáš Chvátal 2017-12-09 12:39:53 +0000
cc18d925b4 Accepting request 541217 from devel:languages:python Dominique Leuenberger 2017-11-15 15:57:49 +0000
1d0a64577f Accepting request 540765 from home:apersaud:branches:devel:languages:python Dirk Mueller 2017-11-13 09:18:37 +0000
817fc6f94e Accepting request 493464 from devel:languages:python Dominique Leuenberger 2017-05-09 16:03:57 +0000
117afdf080 Accepting request 487617 from home:TheBlackCat:branches:devel:languages:python Todd R 2017-04-12 15:28:57 +0000
dbd38b3c33 Accepting request 486218 from home:TheBlackCat:branches:devel:languages:python Todd R 2017-04-06 17:57:05 +0000
ffd286e797 Accepting request 328828 from home:TheBlackCat:branches:devel:languages:python Todd R 2015-09-03 15:15:38 +0000
6d40d0f003 Accepting request 321278 from home:frispete:python Denisart Benjamin 2015-08-08 15:05:21 +0000
2ff2922b15 Accepting request 319611 from home:frispete:python Todd R 2015-08-03 12:12:19 +0000
bc41ab51a8 Accepting request 235461 from home:frispete:python Sascha Peilicke 2014-06-02 09:05:03 +0000

Commit Graph Select branches Hide Pull Requests factory Mono Color

Commit Graph

Select branches

Hide Pull Requests

factory