From 3689b3a762266ad754a5c827ed191de570282ae1227975aa3be710efcc5d756f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:12:06 +0000 Subject: [PATCH 1/7] osc copypac from project:openSUSE:infrastructure:elections.opensuse.org package:python-bleach revision:3 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=12 --- bleach-2.1.1.tar.gz | 3 + bleach-2.1.2.tar.gz | 3 - python-bleach.changes | 143 +----------------------------------------- python-bleach.spec | 65 +++++-------------- 4 files changed, 20 insertions(+), 194 deletions(-) create mode 100644 bleach-2.1.1.tar.gz delete mode 100644 bleach-2.1.2.tar.gz diff --git a/bleach-2.1.1.tar.gz b/bleach-2.1.1.tar.gz new file mode 100644 index 0000000..7f9c05d --- /dev/null +++ b/bleach-2.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:760a9368002180fb8a0f4ea48dc6275378e6f311c39d0236d7b904fca1f5ea0d +size 58491 diff --git a/bleach-2.1.2.tar.gz b/bleach-2.1.2.tar.gz deleted file mode 100644 index e5726f0..0000000 --- a/bleach-2.1.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:38fc8cbebea4e787d8db55d6f324820c7f74362b70db9142c1ac7920452d1a19 -size 58954 diff --git a/python-bleach.changes b/python-bleach.changes index 5021ba4..e53c500 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,143 +1,4 @@ ------------------------------------------------------------------- -Thu Dec 7 16:50:14 UTC 2017 - arun@gmx.de - -- specfile: - * update copyright year - -- update to version 2.1.2: - * Bug fixes - + Support html5lib-python 1.0.1. (#337) - + Add deprecation warning for supporting html5lib-python < 1.0. - + Switch to semver. - -------------------------------------------------------------------- -Sat Nov 11 17:17:50 UTC 2017 - arun@gmx.de - -- specfile: - * update copyright year - -- update to version 2.1.1: - * Bug fixes - + Fix setup.py opening files when LANG=. (#324) - -- changes from version 2.1: - * Security fixes - + Convert control characters (backspace particularly) to “?” - preventing malicious copy-and-paste situations. (#298) - See https://github.com/mozilla/bleach/issues/298 for more details. - This affects all previous versions of Bleach. Check the comments - on that issue for ways to alleviate the issue if you can’t - upgrade to Bleach 2.1. - * Backwards incompatible changes - + Redid versioning. bleach.VERSION is no longer available. Use the - string version at bleach.__version__ and parse it with - pkg_resources.parse_version. (#307) - + clean, linkify: linkify and clean should only accept text types; - thank you, Janusz! (#292) - + clean, linkify: accept only unicode or utf-8-encoded str (#176) - * Bug fixes - + bleach.clean() no longer unescapes entities including ones that - are missing a ; at the end which can happen in urls and other - places. (#143) - + linkify: fix http links inside of mailto links; thank you, - sedrubal! (#300) - + clarify security policy in docs (#303) - + fix dependency specification for html5lib 1.0b8, 1.0b9, and - 1.0b10; thank you, Zoltán! (#268) - + add Bleach vs. html5lib comparison to README; thank you, Stu - Cox! (#278) - + fix KeyError exceptions on tags without href attr; thank you, - Alex Defsen! (#273) - + add test website and scripts to test bleach.clean() output in - browser; thank you, Greg Guthe! - -------------------------------------------------------------------- -Wed Apr 12 15:15:17 UTC 2017 - toddrme2178@gmail.com - -- Fix source URL. - -------------------------------------------------------------------- -Thu Apr 6 17:49:43 UTC 2017 - toddrme2178@gmail.com - -- Update to Version 2.0.0 - + Backwards incompatible changes - * Removed support for Python 2.6. #206 - * Removed support for Python 3.2. #224 - * Bleach no longer supports html5lib < 0.99999999 (8 9s). - * ``bleach.clean`` and friends were rewrittenped. - * ``bleach.clean`` and friends attribute callables now take three arguments: - tag, attribute name and attribute value. Previously they only took attribute - name and attribute value. - * ``bleach.linkify`` was rewritten - * ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been - replaced with a more general ``skip_tags`` argument. - + Changes - * Supports Python 3.6. - * Supports html5lib >= 0.99999999 (8 9s). - * There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your - favorite clean settings for easy reuse. - * There's a ``bleach.linkifier.Linker`` class that you can instantiate with your - favorite linkify settings for easy reuse. - * There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that - you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean - and linkify in one pass. - * ``bleach.clean`` and friends can now take a callable as an attributes arg value. - * Tons of bug fixes. - * Cleaned up tests. - * Documentation fixes. -- Update to Version 1.5 - + Backwards incompatible changes - * clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and - mailto. - + Changes - * clean: Added ``protocols`` to arguments list to let you override the list of - allowed protocols. Thank you, Andreas Malecki! #149 - * linkify: Fix a bug involving periods at the end of an email address. Thank you, - Lorenz Schori! #219 - * linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies! - #207 - * linkify: Fix linkify inappropriately removing node tails when dropping nodes. - #132 - * Fixed a test that failed periodically. #161 - * Switched from nose to py.test. #204 - * Add test matrix for all supported Python and html5lib versions. #230 - * Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999 - and 0.99999 are busted. - * Add support for ``python setup.py test``. #97 -- Update to Version 1.4.3 (May 23rd, 2016) - + Changes - * Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to - sanitizer api. #195 -- Update to Version 1.4.2 - + Changes - * linkify: Fix hang in linkify with ``parse_email=True``. #124 - * linkify: Fix crash in linkify when removing a link that is a first-child. #136 - * Updated TLDs. - * linkify: Don't remove exterior brackets when linkifying. #146 -- Implemenet single-spec version - -------------------------------------------------------------------- -Thu Sep 3 14:39:11 UTC 2015 - toddrme2178@gmail.com - -- Fix build on SLE 11 - -------------------------------------------------------------------- -Fri Aug 7 22:19:47 UTC 2015 - hpj@urpla.net - -- eabled checks again: don't know, why they failed in the first place - -------------------------------------------------------------------- -Thu Jul 30 09:34:52 UTC 2015 - hpj@urpla.net - -- disabled checks: developer unresponsive - -------------------------------------------------------------------- -Wed Jun 17 18:11:49 UTC 2015 - hpj@urpla.net - -- updated to version 1.4.1 - -------------------------------------------------------------------- -Mon May 26 22:28:56 UTC 2014 - hpj@urpla.net - -- version 1.4: initial build +Mon Dec 4 11:25:19 UTC 2017 - tampakrap@opensuse.org +- Initial package diff --git a/python-bleach.spec b/python-bleach.spec index a2d42b7..2717107 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -2,7 +2,6 @@ # spec file for package python-bleach # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2015 LISA GmbH, Bingen, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,71 +16,37 @@ # -%{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-bleach -Version: 2.1.2 +Version: 2.1.1 Release: 0 -Summary: An easy whitelist-based HTML-sanitizing tool +Summary: An easy safelist-based HTML-sanitizing tool License: Apache-2.0 Group: Development/Languages/Python -Url: http://github.com/jsocol/bleach -Source: https://files.pythonhosted.org/packages/source/b/bleach/bleach-%{version}.tar.gz -BuildRequires: %{python_module devel} -BuildRequires: %{python_module html5lib >= 0.99999999} -BuildRequires: %{python_module pytest-runner} -BuildRequires: %{python_module pytest} -BuildRequires: %{python_module setuptools} -BuildRequires: %{python_module six} -BuildRequires: %{python_module webencodings} -BuildRequires: fdupes -BuildRequires: python-rpm-macros -Requires: python-html5lib >= 0.99999999 -Requires: python-six -Requires: python-webencodings +Url: https://github.com/mozilla/bleach +Source: https://pypi.python.org/packages/source/b/bleach/bleach-%{version}.tar.gz +BuildRequires: python-devel +BuildRequires: python-setuptools BuildRoot: %{_tmppath}/%{name}-%{version}-build +%if 0%{?suse_version} && 0%{?suse_version} <= 1110 +%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} +%else BuildArch: noarch - -%python_subpackages +%endif %description -Bleach is an HTML sanitizing library that escapes or strips markup and -attributes based on a white list. Bleach can also linkify text safely, applying -filters that Django's ``urlize`` filter cannot, and optionally setting ``rel`` -attributes, even on links already in the text. - -Bleach is intended for sanitizing text from *untrusted* sources. If you find -yourself jumping through hoops to allow your site administrators to do lots of -things, you're probably outside the use cases. Either trust those users, or -don't. - -Because it relies on html5lib, Bleach is as good as modern browsers at dealing -with weird, quirky HTML fragments. And *any* of Bleach's methods will fix -unbalanced or mis-nested tags. - -The version on GitHub_ is the most up-to-date and contains the latest bug -fixes. You can find full documentation on `ReadTheDocs`. - -http://bleach.readthedocs.org/ %prep %setup -q -n bleach-%{version} %build -%python_build +python setup.py build %install -%python_install +python setup.py install --prefix=%{_prefix} --root=%{buildroot} -%python_expand %fdupes %{buildroot}%{$python_sitelib} - -%check -%{python_expand export PYTHONPATH=%{buildroot}%{$python_sitelib} -py.test-%{$python_bin_suffix} -} - -%files %{python_files} -%defattr(-,root,root,-) -%doc CHANGES LICENSE README.rst +%files +%defattr(-,root,root) %{python_sitelib}/* %changelog + From 9862f6181fc851bb4407e4c1c7b9e57ab1bf1f482db2ef58eb936c7e69a8e117 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:27:19 +0000 Subject: [PATCH 2/7] - Add patch pytest-requirement.patch to build with new pytest-runner - Version update to 2.1.2: * Support new html5lib - Convert to singlespec and enable tests/etc. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=13 --- bleach-2.1.1.tar.gz | 3 --- bleach-2.1.2.tar.gz | 3 +++ pytest-requirement.patch | 13 +++++++++++++ python-bleach.changes | 16 ++++++++++++++++ python-bleach.spec | 35 +++++++++++++++++++++-------------- 5 files changed, 53 insertions(+), 17 deletions(-) delete mode 100644 bleach-2.1.1.tar.gz create mode 100644 bleach-2.1.2.tar.gz create mode 100644 pytest-requirement.patch diff --git a/bleach-2.1.1.tar.gz b/bleach-2.1.1.tar.gz deleted file mode 100644 index 7f9c05d..0000000 --- a/bleach-2.1.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:760a9368002180fb8a0f4ea48dc6275378e6f311c39d0236d7b904fca1f5ea0d -size 58491 diff --git a/bleach-2.1.2.tar.gz b/bleach-2.1.2.tar.gz new file mode 100644 index 0000000..e5726f0 --- /dev/null +++ b/bleach-2.1.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:38fc8cbebea4e787d8db55d6f324820c7f74362b70db9142c1ac7920452d1a19 +size 58954 diff --git a/pytest-requirement.patch b/pytest-requirement.patch new file mode 100644 index 0000000..4c7111a --- /dev/null +++ b/pytest-requirement.patch @@ -0,0 +1,13 @@ +Index: bleach-2.1.2/setup.py +=================================================================== +--- bleach-2.1.2.orig/setup.py ++++ bleach-2.1.2/setup.py +@@ -11,7 +11,7 @@ from setuptools import setup, find_packa + setup_requires = [] + if 'test' in sys.argv: + # Only add pytest-runner to setup_requires if running tests +- setup_requires.append('pytest-runner>=2.0,<3dev') ++ setup_requires.append('pytest-runner>=2.0') + + tests_require = [ + 'pytest>=3.0.0', diff --git a/python-bleach.changes b/python-bleach.changes index e53c500..a3ff661 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,3 +1,19 @@ +------------------------------------------------------------------- +Wed Dec 13 14:29:13 UTC 2017 - tchvatal@suse.com + +- Add patch pytest-requirement.patch to build with new pytest-runner + +------------------------------------------------------------------- +Wed Dec 13 14:16:03 UTC 2017 - tchvatal@suse.com + +- Version update to 2.1.2: + * Support new html5lib + +------------------------------------------------------------------- +Wed Dec 13 14:15:21 UTC 2017 - tchvatal@suse.com + +- Convert to singlespec and enable tests/etc. + ------------------------------------------------------------------- Mon Dec 4 11:25:19 UTC 2017 - tampakrap@opensuse.org diff --git a/python-bleach.spec b/python-bleach.spec index 2717107..0b993ec 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -16,37 +16,44 @@ # +%{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-bleach -Version: 2.1.1 +Version: 2.1.2 Release: 0 Summary: An easy safelist-based HTML-sanitizing tool License: Apache-2.0 Group: Development/Languages/Python Url: https://github.com/mozilla/bleach -Source: https://pypi.python.org/packages/source/b/bleach/bleach-%{version}.tar.gz -BuildRequires: python-devel -BuildRequires: python-setuptools -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%if 0%{?suse_version} && 0%{?suse_version} <= 1110 -%{!?python_sitelib: %global python_sitelib %(python -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")} -%else +Source: https://files.pythonhosted.org/packages/source/b/bleach/bleach-%{version}.tar.gz +Patch0: pytest-requirement.patch +BuildRequires: %{python_module flake8 >= 3.3.0} +BuildRequires: %{python_module html5lib} >= 1.0.1 +BuildRequires: %{python_module pytest >= 3.0.0} +BuildRequires: %{python_module pytest-runner} +BuildRequires: %{python_module setuptools} +BuildRequires: python-rpm-macros +Requires: python-html5lib >= 1.0.1 BuildArch: noarch -%endif +%python_subpackages %description +Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes. +Bleach can also linkify text safely, applying filters that Django’s urlize filter cannot, and optionally setting rel attributes, even on links already in the text. %prep %setup -q -n bleach-%{version} +%autopatch -p1 %build -python setup.py build +%python_build %install -python setup.py install --prefix=%{_prefix} --root=%{buildroot} +%python_install -%files -%defattr(-,root,root) +%check +%python_exec setup.py test + +%files %{python_files} %{python_sitelib}/* %changelog - From 50e6385bd7da560a9d3f434e8e38a03fb0c94d35a9684d8e0f1cee3dad15fad3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:28:13 +0000 Subject: [PATCH 3/7] OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=14 --- python-bleach.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/python-bleach.spec b/python-bleach.spec index 0b993ec..fb6d805 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -54,6 +54,7 @@ Bleach can also linkify text safely, applying filters that Django’s urlize fil %python_exec setup.py test %files %{python_files} +%doc README.rst CHANGES LICENSE %{python_sitelib}/* %changelog From 6233b413499f037b849c9534771d2d33d2e91cde6fbc64aaac08dc88a76d9b40 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:36:08 +0000 Subject: [PATCH 4/7] Add python-six to runtime deps as per setup.py OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=15 --- python-bleach.changes | 5 +++++ python-bleach.spec | 1 + 2 files changed, 6 insertions(+) diff --git a/python-bleach.changes b/python-bleach.changes index a3ff661..f338675 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Wed Dec 13 14:38:22 UTC 2017 - tchvatal@suse.com + +- Add python-six to runtime deps as per setup.py + ------------------------------------------------------------------- Wed Dec 13 14:29:13 UTC 2017 - tchvatal@suse.com diff --git a/python-bleach.spec b/python-bleach.spec index fb6d805..40bd24c 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -33,6 +33,7 @@ BuildRequires: %{python_module pytest-runner} BuildRequires: %{python_module setuptools} BuildRequires: python-rpm-macros Requires: python-html5lib >= 1.0.1 +Requires: python-six BuildArch: noarch %python_subpackages From 44acfc3ed6ee39b8e2cedecf4dc3421d9daad3239282045a939aa3425c19411c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:45:06 +0000 Subject: [PATCH 5/7] osc copypac from project:devel:languages:python package:python-bleach revision:13 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=16 --- python-bleach.changes | 5 ----- python-bleach.spec | 2 -- 2 files changed, 7 deletions(-) diff --git a/python-bleach.changes b/python-bleach.changes index f338675..a3ff661 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,8 +1,3 @@ -------------------------------------------------------------------- -Wed Dec 13 14:38:22 UTC 2017 - tchvatal@suse.com - -- Add python-six to runtime deps as per setup.py - ------------------------------------------------------------------- Wed Dec 13 14:29:13 UTC 2017 - tchvatal@suse.com diff --git a/python-bleach.spec b/python-bleach.spec index 40bd24c..0b993ec 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -33,7 +33,6 @@ BuildRequires: %{python_module pytest-runner} BuildRequires: %{python_module setuptools} BuildRequires: python-rpm-macros Requires: python-html5lib >= 1.0.1 -Requires: python-six BuildArch: noarch %python_subpackages @@ -55,7 +54,6 @@ Bleach can also linkify text safely, applying filters that Django’s urlize fil %python_exec setup.py test %files %{python_files} -%doc README.rst CHANGES LICENSE %{python_sitelib}/* %changelog From b910cc8b936219ebd95ed118d4df6239b1f7073d5579e8b3514d96a56da6c636 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Wed, 13 Dec 2017 14:46:54 +0000 Subject: [PATCH 6/7] osc copypac from project:devel:languages:python package:python-bleach revision:11 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=17 --- pytest-requirement.patch | 13 ---- python-bleach.changes | 141 ++++++++++++++++++++++++++++++++++++--- python-bleach.spec | 50 +++++++++++--- 3 files changed, 171 insertions(+), 33 deletions(-) delete mode 100644 pytest-requirement.patch diff --git a/pytest-requirement.patch b/pytest-requirement.patch deleted file mode 100644 index 4c7111a..0000000 --- a/pytest-requirement.patch +++ /dev/null @@ -1,13 +0,0 @@ -Index: bleach-2.1.2/setup.py -=================================================================== ---- bleach-2.1.2.orig/setup.py -+++ bleach-2.1.2/setup.py -@@ -11,7 +11,7 @@ from setuptools import setup, find_packa - setup_requires = [] - if 'test' in sys.argv: - # Only add pytest-runner to setup_requires if running tests -- setup_requires.append('pytest-runner>=2.0,<3dev') -+ setup_requires.append('pytest-runner>=2.0') - - tests_require = [ - 'pytest>=3.0.0', diff --git a/python-bleach.changes b/python-bleach.changes index a3ff661..5021ba4 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,20 +1,143 @@ ------------------------------------------------------------------- -Wed Dec 13 14:29:13 UTC 2017 - tchvatal@suse.com +Thu Dec 7 16:50:14 UTC 2017 - arun@gmx.de -- Add patch pytest-requirement.patch to build with new pytest-runner +- specfile: + * update copyright year + +- update to version 2.1.2: + * Bug fixes + + Support html5lib-python 1.0.1. (#337) + + Add deprecation warning for supporting html5lib-python < 1.0. + + Switch to semver. ------------------------------------------------------------------- -Wed Dec 13 14:16:03 UTC 2017 - tchvatal@suse.com +Sat Nov 11 17:17:50 UTC 2017 - arun@gmx.de -- Version update to 2.1.2: - * Support new html5lib +- specfile: + * update copyright year + +- update to version 2.1.1: + * Bug fixes + + Fix setup.py opening files when LANG=. (#324) + +- changes from version 2.1: + * Security fixes + + Convert control characters (backspace particularly) to “?” + preventing malicious copy-and-paste situations. (#298) + See https://github.com/mozilla/bleach/issues/298 for more details. + This affects all previous versions of Bleach. Check the comments + on that issue for ways to alleviate the issue if you can’t + upgrade to Bleach 2.1. + * Backwards incompatible changes + + Redid versioning. bleach.VERSION is no longer available. Use the + string version at bleach.__version__ and parse it with + pkg_resources.parse_version. (#307) + + clean, linkify: linkify and clean should only accept text types; + thank you, Janusz! (#292) + + clean, linkify: accept only unicode or utf-8-encoded str (#176) + * Bug fixes + + bleach.clean() no longer unescapes entities including ones that + are missing a ; at the end which can happen in urls and other + places. (#143) + + linkify: fix http links inside of mailto links; thank you, + sedrubal! (#300) + + clarify security policy in docs (#303) + + fix dependency specification for html5lib 1.0b8, 1.0b9, and + 1.0b10; thank you, Zoltán! (#268) + + add Bleach vs. html5lib comparison to README; thank you, Stu + Cox! (#278) + + fix KeyError exceptions on tags without href attr; thank you, + Alex Defsen! (#273) + + add test website and scripts to test bleach.clean() output in + browser; thank you, Greg Guthe! ------------------------------------------------------------------- -Wed Dec 13 14:15:21 UTC 2017 - tchvatal@suse.com +Wed Apr 12 15:15:17 UTC 2017 - toddrme2178@gmail.com -- Convert to singlespec and enable tests/etc. +- Fix source URL. ------------------------------------------------------------------- -Mon Dec 4 11:25:19 UTC 2017 - tampakrap@opensuse.org +Thu Apr 6 17:49:43 UTC 2017 - toddrme2178@gmail.com + +- Update to Version 2.0.0 + + Backwards incompatible changes + * Removed support for Python 2.6. #206 + * Removed support for Python 3.2. #224 + * Bleach no longer supports html5lib < 0.99999999 (8 9s). + * ``bleach.clean`` and friends were rewrittenped. + * ``bleach.clean`` and friends attribute callables now take three arguments: + tag, attribute name and attribute value. Previously they only took attribute + name and attribute value. + * ``bleach.linkify`` was rewritten + * ``bleach.linkify`` and friends had a ``skip_pre`` argument--that's been + replaced with a more general ``skip_tags`` argument. + + Changes + * Supports Python 3.6. + * Supports html5lib >= 0.99999999 (8 9s). + * There's a ``bleach.sanitizer.Cleaner`` class that you can instantiate with your + favorite clean settings for easy reuse. + * There's a ``bleach.linkifier.Linker`` class that you can instantiate with your + favorite linkify settings for easy reuse. + * There's a ``bleach.linkifier.LinkifyFilter`` which is an htm5lib filter that + you can pass as a filter to ``bleach.sanitizer.Cleaner`` allowing you to clean + and linkify in one pass. + * ``bleach.clean`` and friends can now take a callable as an attributes arg value. + * Tons of bug fixes. + * Cleaned up tests. + * Documentation fixes. +- Update to Version 1.5 + + Backwards incompatible changes + * clean: The list of ``ALLOWED_PROTOCOLS`` now defaults to http, https and + mailto. + + Changes + * clean: Added ``protocols`` to arguments list to let you override the list of + allowed protocols. Thank you, Andreas Malecki! #149 + * linkify: Fix a bug involving periods at the end of an email address. Thank you, + Lorenz Schori! #219 + * linkify: Fix linkification of non-ascii ports. Thank you Alexandre, Macabies! + #207 + * linkify: Fix linkify inappropriately removing node tails when dropping nodes. + #132 + * Fixed a test that failed periodically. #161 + * Switched from nose to py.test. #204 + * Add test matrix for all supported Python and html5lib versions. #230 + * Limit to html5lib ``>=0.999,!=0.9999,!=0.99999,<0.99999999`` because 0.9999 + and 0.99999 are busted. + * Add support for ``python setup.py test``. #97 +- Update to Version 1.4.3 (May 23rd, 2016) + + Changes + * Limit to html5lib ``>=0.999,<0.99999999`` because of impending change to + sanitizer api. #195 +- Update to Version 1.4.2 + + Changes + * linkify: Fix hang in linkify with ``parse_email=True``. #124 + * linkify: Fix crash in linkify when removing a link that is a first-child. #136 + * Updated TLDs. + * linkify: Don't remove exterior brackets when linkifying. #146 +- Implemenet single-spec version + +------------------------------------------------------------------- +Thu Sep 3 14:39:11 UTC 2015 - toddrme2178@gmail.com + +- Fix build on SLE 11 + +------------------------------------------------------------------- +Fri Aug 7 22:19:47 UTC 2015 - hpj@urpla.net + +- eabled checks again: don't know, why they failed in the first place + +------------------------------------------------------------------- +Thu Jul 30 09:34:52 UTC 2015 - hpj@urpla.net + +- disabled checks: developer unresponsive + +------------------------------------------------------------------- +Wed Jun 17 18:11:49 UTC 2015 - hpj@urpla.net + +- updated to version 1.4.1 + +------------------------------------------------------------------- +Mon May 26 22:28:56 UTC 2014 - hpj@urpla.net + +- version 1.4: initial build -- Initial package diff --git a/python-bleach.spec b/python-bleach.spec index 0b993ec..a2d42b7 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -2,6 +2,7 @@ # spec file for package python-bleach # # Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2015 LISA GmbH, Bingen, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,29 +21,50 @@ Name: python-bleach Version: 2.1.2 Release: 0 -Summary: An easy safelist-based HTML-sanitizing tool +Summary: An easy whitelist-based HTML-sanitizing tool License: Apache-2.0 Group: Development/Languages/Python -Url: https://github.com/mozilla/bleach +Url: http://github.com/jsocol/bleach Source: https://files.pythonhosted.org/packages/source/b/bleach/bleach-%{version}.tar.gz -Patch0: pytest-requirement.patch -BuildRequires: %{python_module flake8 >= 3.3.0} -BuildRequires: %{python_module html5lib} >= 1.0.1 -BuildRequires: %{python_module pytest >= 3.0.0} +BuildRequires: %{python_module devel} +BuildRequires: %{python_module html5lib >= 0.99999999} BuildRequires: %{python_module pytest-runner} +BuildRequires: %{python_module pytest} BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module six} +BuildRequires: %{python_module webencodings} +BuildRequires: fdupes BuildRequires: python-rpm-macros -Requires: python-html5lib >= 1.0.1 +Requires: python-html5lib >= 0.99999999 +Requires: python-six +Requires: python-webencodings +BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch + %python_subpackages %description -Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes. -Bleach can also linkify text safely, applying filters that Django’s urlize filter cannot, and optionally setting rel attributes, even on links already in the text. +Bleach is an HTML sanitizing library that escapes or strips markup and +attributes based on a white list. Bleach can also linkify text safely, applying +filters that Django's ``urlize`` filter cannot, and optionally setting ``rel`` +attributes, even on links already in the text. + +Bleach is intended for sanitizing text from *untrusted* sources. If you find +yourself jumping through hoops to allow your site administrators to do lots of +things, you're probably outside the use cases. Either trust those users, or +don't. + +Because it relies on html5lib, Bleach is as good as modern browsers at dealing +with weird, quirky HTML fragments. And *any* of Bleach's methods will fix +unbalanced or mis-nested tags. + +The version on GitHub_ is the most up-to-date and contains the latest bug +fixes. You can find full documentation on `ReadTheDocs`. + +http://bleach.readthedocs.org/ %prep %setup -q -n bleach-%{version} -%autopatch -p1 %build %python_build @@ -50,10 +72,16 @@ Bleach can also linkify text safely, applying filters that Django’s urlize fil %install %python_install +%python_expand %fdupes %{buildroot}%{$python_sitelib} + %check -%python_exec setup.py test +%{python_expand export PYTHONPATH=%{buildroot}%{$python_sitelib} +py.test-%{$python_bin_suffix} +} %files %{python_files} +%defattr(-,root,root,-) +%doc CHANGES LICENSE README.rst %{python_sitelib}/* %changelog From c2eee5a36fd33e8b213ed5eee35a2575f183df4bc2090afcc0a7b896532b367b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= Date: Tue, 20 Mar 2018 09:37:42 +0000 Subject: [PATCH 7/7] Accepting request 589012 from home:kbabioch:branches:devel:languages:python - Update to version 2.1.3: * Attributes that have URI values weren't properly sanitized if the values contained character entities. Using character entities, it was possible to construct a URI value with a scheme that was not allowed that would slide through unsanitized. (CVE-2018-7753 bnc#1085969) OBS-URL: https://build.opensuse.org/request/show/589012 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-bleach?expand=0&rev=18 --- bleach-2.1.2.tar.gz | 3 --- bleach-2.1.3.tar.gz | 3 +++ python-bleach.changes | 10 ++++++++++ python-bleach.spec | 4 ++-- 4 files changed, 15 insertions(+), 5 deletions(-) delete mode 100644 bleach-2.1.2.tar.gz create mode 100644 bleach-2.1.3.tar.gz diff --git a/bleach-2.1.2.tar.gz b/bleach-2.1.2.tar.gz deleted file mode 100644 index e5726f0..0000000 --- a/bleach-2.1.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:38fc8cbebea4e787d8db55d6f324820c7f74362b70db9142c1ac7920452d1a19 -size 58954 diff --git a/bleach-2.1.3.tar.gz b/bleach-2.1.3.tar.gz new file mode 100644 index 0000000..d3a43fc --- /dev/null +++ b/bleach-2.1.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:eb7386f632349d10d9ce9d4a838b134d4731571851149f9cc2c05a9a837a9a44 +size 60141 diff --git a/python-bleach.changes b/python-bleach.changes index 5021ba4..e9e07b1 100644 --- a/python-bleach.changes +++ b/python-bleach.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Tue Mar 20 08:38:36 UTC 2018 - kbabioch@suse.com + +- Update to version 2.1.3: + * Attributes that have URI values weren't properly sanitized if the + values contained character entities. Using character entities, it + was possible to construct a URI value with a scheme that was not + allowed that would slide through unsanitized. + (CVE-2018-7753 bnc#1085969) + ------------------------------------------------------------------- Thu Dec 7 16:50:14 UTC 2017 - arun@gmx.de diff --git a/python-bleach.spec b/python-bleach.spec index a2d42b7..ff7ea6a 100644 --- a/python-bleach.spec +++ b/python-bleach.spec @@ -1,7 +1,7 @@ # # spec file for package python-bleach # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # Copyright (c) 2015 LISA GmbH, Bingen, Germany. # # All modifications and additions to the file contributed by third parties @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-bleach -Version: 2.1.2 +Version: 2.1.3 Release: 0 Summary: An easy whitelist-based HTML-sanitizing tool License: Apache-2.0