Accepting request 827270 from devel:languages:python

- update to 2.3.9: - [pull #335] Added header support for wiki tables - [pull #336] Reset _toc when convert is run - [pull #353] XSS fix - [pull #350] XSS fix - remove 0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch, 0002-Fixed-code-highlighting-unit-tests.patch (upstream) OBS-URL: https://build.opensuse.org/request/show/827270 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-markdown2?expand=0&rev=6
2020-08-18 13:11:47 +00:00
parent 8def8b755d bcd5e345a6
commit d5cb9b210b
6 changed files with 15 additions and 137 deletions
--- a/0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch
+++ b/0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch
@@ -1,53 +0,0 @@
-From 9144d0fc5d5249cc4d81287ee79091806e6dde52 Mon Sep 17 00:00:00 2001
-From: Gareth Simpson <gareth.simpson@zoodigital.com>
-Date: Fri, 1 May 2020 19:31:21 +0100
-Subject: [PATCH] Fix for issue 348 - incomplete tags with punctuation after as
- part of the tag name are a source of XSS
-
---
- lib/markdown2.py                           | 2 +-
- test/tm-cases/issue348_incomplete_tag.html | 1 +
- test/tm-cases/issue348_incomplete_tag.opts | 1 +
- test/tm-cases/issue348_incomplete_tag.text | 1 +
- 4 files changed, 4 insertions(+), 1 deletion(-)
- create mode 100644 test/tm-cases/issue348_incomplete_tag.html
- create mode 100644 test/tm-cases/issue348_incomplete_tag.opts
- create mode 100644 test/tm-cases/issue348_incomplete_tag.text
-
-diff --git a/lib/markdown2.py b/lib/markdown2.py
-index 3a5d5d9..636bf07 100755
--- a/lib/markdown2.py
-+++ b/lib/markdown2.py
-@@ -2164,7 +2164,7 @@ class Markdown(object):
-         text = self._naked_gt_re.sub('&gt;', text)
-         return text
- 
-    _incomplete_tags_re = re.compile("<(/?\w+[\s/]+?)")
-+    _incomplete_tags_re = re.compile("<(/?\w+?(?!://).?[\s/]+?)")
- 
-     def _encode_incomplete_tags(self, text):
-         if self.safe_mode not in ("replace", "escape"):
-diff --git a/test/tm-cases/issue348_incomplete_tag.html b/test/tm-cases/issue348_incomplete_tag.html
-new file mode 100644
-index 0000000..46059cc
--- /dev/null
-+++ b/test/tm-cases/issue348_incomplete_tag.html
-@@ -0,0 +1 @@
-+<p>&lt;lol@/ //id="pwn"//onclick="alert(1)"//<strong>abc</strong></p>
-diff --git a/test/tm-cases/issue348_incomplete_tag.opts b/test/tm-cases/issue348_incomplete_tag.opts
-new file mode 100644
-index 0000000..ad487c0
--- /dev/null
-+++ b/test/tm-cases/issue348_incomplete_tag.opts
-@@ -0,0 +1 @@
-+{"safe_mode": "escape"}
-diff --git a/test/tm-cases/issue348_incomplete_tag.text b/test/tm-cases/issue348_incomplete_tag.text
-new file mode 100644
-index 0000000..bb4a0de
--- /dev/null
-+++ b/test/tm-cases/issue348_incomplete_tag.text
-@@ -0,0 +1 @@
-+<lol@/ //id="pwn"//onclick="alert(1)"//**abc**
-- 
-2.26.2
-
--- a/0002-Fixed-code-highlighting-unit-tests.patch
+++ b/0002-Fixed-code-highlighting-unit-tests.patch
@@ -1,76 +0,0 @@
-From 55ba78e29ac983978806970ce4b81718fe68275b Mon Sep 17 00:00:00 2001
-From: ryanvilbrandt <ryan.vilbrandt@gmail.com>
-Date: Tue, 26 Nov 2019 13:54:27 -0800
-Subject: [PATCH 2/2] Fixed code highlighting unit tests
-
-Which broke for some reason??
---
- test/tm-cases/fenced_code_blocks_leading_lang_space.html  | 4 ++--
- test/tm-cases/fenced_code_blocks_safe_highlight.html      | 4 ++--
- test/tm-cases/fenced_code_blocks_syntax_highlighting.html | 4 ++--
- test/tm-cases/fenced_code_blocks_syntax_indentation.html  | 4 ++--
- test/tm-cases/issue3_bad_code_color_hack.html             | 4 ++--
- 5 files changed, 10 insertions(+), 10 deletions(-)
-
-diff --git a/test/tm-cases/fenced_code_blocks_leading_lang_space.html b/test/tm-cases/fenced_code_blocks_leading_lang_space.html
-index 8f7a090..a61524b 100644
--- a/test/tm-cases/fenced_code_blocks_leading_lang_space.html
-+++ b/test/tm-cases/fenced_code_blocks_leading_lang_space.html
-@@ -1,3 +1,3 @@
-<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span>
-    <span class="k">print</span> <span class="s2">&quot;hi&quot;</span>
-+<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span>
-+    <span class="nb">print</span> <span class="s2">&quot;hi&quot;</span>
- </code></pre></div>
-diff --git a/test/tm-cases/fenced_code_blocks_safe_highlight.html b/test/tm-cases/fenced_code_blocks_safe_highlight.html
-index df5bbec..a08985a 100644
--- a/test/tm-cases/fenced_code_blocks_safe_highlight.html
-+++ b/test/tm-cases/fenced_code_blocks_safe_highlight.html
-@@ -1,5 +1,5 @@
-<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span>
-    <span class="k">print</span> <span class="s2">&quot;hi&quot;</span>
-+<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span>
-+    <span class="nb">print</span> <span class="s2">&quot;hi&quot;</span>
- </code></pre></div>
- 
- <p>That's using the <em>fenced-code-blocks</em> extra with Python
-diff --git a/test/tm-cases/fenced_code_blocks_syntax_highlighting.html b/test/tm-cases/fenced_code_blocks_syntax_highlighting.html
-index df5bbec..a08985a 100644
--- a/test/tm-cases/fenced_code_blocks_syntax_highlighting.html
-+++ b/test/tm-cases/fenced_code_blocks_syntax_highlighting.html
-@@ -1,5 +1,5 @@
-<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span>
-    <span class="k">print</span> <span class="s2">&quot;hi&quot;</span>
-+<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span>
-+    <span class="nb">print</span> <span class="s2">&quot;hi&quot;</span>
- </code></pre></div>
- 
- <p>That's using the <em>fenced-code-blocks</em> extra with Python
-diff --git a/test/tm-cases/fenced_code_blocks_syntax_indentation.html b/test/tm-cases/fenced_code_blocks_syntax_indentation.html
-index 11a7c24..37b5723 100644
--- a/test/tm-cases/fenced_code_blocks_syntax_indentation.html
-+++ b/test/tm-cases/fenced_code_blocks_syntax_indentation.html
-@@ -1,5 +1,5 @@
- <div class="codehilite"><pre><span></span><code><span class="k">def</span> <span class="nf">foo</span><span class="p">():</span>
-    <span class="k">print</span> <span class="s2">&quot;foo&quot;</span>
-+    <span class="nb">print</span> <span class="s2">&quot;foo&quot;</span>
- 
-    <span class="k">print</span> <span class="s2">&quot;bar&quot;</span>
-+    <span class="nb">print</span> <span class="s2">&quot;bar&quot;</span>
- </code></pre></div>
-diff --git a/test/tm-cases/issue3_bad_code_color_hack.html b/test/tm-cases/issue3_bad_code_color_hack.html
-index 46f329a..8aedb76 100644
--- a/test/tm-cases/issue3_bad_code_color_hack.html
-+++ b/test/tm-cases/issue3_bad_code_color_hack.html
-@@ -7,6 +7,6 @@
- <p>Some python code:</p>
- 
- <div class="codehilite"><pre><span></span><code><span class="c1"># комментарий</span>
-<span class="k">if</span> <span class="bp">True</span><span class="p">:</span>
-    <span class="k">print</span> <span class="s2">&quot;hi&quot;</span>
-+<span class="k">if</span> <span class="kc">True</span><span class="p">:</span>
-+    <span class="nb">print</span> <span class="s2">&quot;hi&quot;</span>
- </code></pre></div>
-- 
-2.26.2
-
--- a/markdown2-2.3.8.tar.gz
+++ b/markdown2-2.3.8.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:7ff88e00b396c02c8e1ecd8d176cfa418fb01fe81234dcea77803e7ce4f05dbe
-size 86850
--- a/markdown2-2.3.9.tar.gz
+++ b/markdown2-2.3.9.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:89526090907ae5ece66d783c434b35c29ee500c1986309e306ce2346273ada6a
+size 101067
--- a/python-markdown2.changes
+++ b/python-markdown2.changes
@@ -1,3 +1,14 @@
+-------------------------------------------------------------------
+Mon Aug 17 07:51:19 UTC 2020 - Dirk Mueller <dmueller@suse.com>
+
+- update to 2.3.9:
+  - [pull #335] Added header support for wiki tables
+  - [pull #336] Reset _toc when convert is run
+  - [pull #353] XSS fix
+  - [pull #350] XSS fix
+- remove 0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch,
+  0002-Fixed-code-highlighting-unit-tests.patch (upstream)
+
 -------------------------------------------------------------------
 Thu May  7 14:35:38 UTC 2020 - Petr Cervinka <petr@cervinka.net>

--- a/python-markdown2.spec
+++ b/python-markdown2.spec
@@ -18,15 +18,13 @@

 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 Name:           python-markdown2
-Version:        2.3.8
+Version:        2.3.9
 Release:        0
 Summary:        A Python implementation of Markdown
 License:        MIT
 Group:          Development/Languages/Python
 URL:            https://github.com/trentm/python-markdown2
 Source:         https://files.pythonhosted.org/packages/source/m/markdown2/markdown2-%{version}.tar.gz
-Patch0:         0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch
-Patch1:         0002-Fixed-code-highlighting-unit-tests.patch
 BuildRequires:  %{python_module pygments}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
@@ -46,8 +44,6 @@ header-ids.

 %prep
 %setup -q -n markdown2-%{version}
-%patch0 -p1
-%patch1 -p1

 %build
 %python_build