Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package perl-CSS-Minifier-XS for
openSUSE:Factory checked in at 2026-07-07 21:05:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/perl-CSS-Minifier-XS (Old)
and /work/SRC/openSUSE:Factory/.perl-CSS-Minifier-XS.new.1982 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-CSS-Minifier-XS"
Tue Jul 7 21:05:50 2026 rev:5 rq:1364267 version:0.150.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/perl-CSS-Minifier-XS/perl-CSS-Minifier-XS.changes
2026-06-30 15:15:06.199437175 +0200
+++
/work/SRC/openSUSE:Factory/.perl-CSS-Minifier-XS.new.1982/perl-CSS-Minifier-XS.changes
2026-07-07 21:08:13.560719498 +0200
@@ -1,0 +2,11 @@
+Wed Jul 1 08:57:22 UTC 2026 - Tina Müller <[email protected]>
+
+- updated to 0.150.0 (0.15)
+ see /usr/share/doc/packages/perl-CSS-Minifier-XS/Changes
+
+ 0.15 2026-06-30 11:19:01-07:00 America/Vancouver
+ - Fix bug which resulted in zeroes being collapsed when they shouldn't,
+ affecting filenames with zeroes in them (e.g. "url(status-0.png)").
+ Thanks to Stefan Berger for reporting GH#5.
+
+-------------------------------------------------------------------
Old:
----
CSS-Minifier-XS-0.14.tar.gz
New:
----
CSS-Minifier-XS-0.15.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ perl-CSS-Minifier-XS.spec ++++++
--- /var/tmp/diff_new_pack.KAtcAF/_old 2026-07-07 21:08:14.156740097 +0200
+++ /var/tmp/diff_new_pack.KAtcAF/_new 2026-07-07 21:08:14.156740097 +0200
@@ -18,10 +18,10 @@
%define cpan_name CSS-Minifier-XS
Name: perl-CSS-Minifier-XS
-Version: 0.140.0
+Version: 0.150.0
Release: 0
-# 0.14 -> normalize -> 0.140.0
-%define cpan_version 0.14
+# 0.15 -> normalize -> 0.150.0
+%define cpan_version 0.15
License: Artistic-1.0 OR GPL-1.0-or-later
Summary: XS based CSS minifier
URL: https://metacpan.org/release/%{cpan_name}
++++++ CSS-Minifier-XS-0.14.tar.gz -> CSS-Minifier-XS-0.15.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/Changes
new/CSS-Minifier-XS-0.15/Changes
--- old/CSS-Minifier-XS-0.14/Changes 2026-06-29 01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/Changes 2026-06-30 20:19:02.000000000 +0200
@@ -1,8 +1,13 @@
Revision history for Perl extension CSS::Minifier::XS.
+0.15 2026-06-30 11:19:01-07:00 America/Vancouver
+ - Fix bug which resulted in zeroes being collapsed when they shouldn't,
+ affecting filenames with zeroes in them (e.g. "url(status-0.png)").
+ Thanks to Stefan Berger for reporting GH#5.
+
0.14 2026-06-28 16:30:59-07:00 America/Vancouver
- Fixes a memory leak in minify(), when the entire document is minified
- away.
+ away. CVE-2026-13593
0.13 2021-02-06 17:26:39-08:00 America/Vancouver
- Internals; avoid allocating memory for each node as we tokenize the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/MANIFEST
new/CSS-Minifier-XS-0.15/MANIFEST
--- old/CSS-Minifier-XS-0.14/MANIFEST 2026-06-29 01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/MANIFEST 2026-06-30 20:19:02.000000000 +0200
@@ -11,6 +11,7 @@
t/00-report-prereqs.dd
t/00-report-prereqs.t
t/01-compile.t
+t/minify-collapse-zeroes.t
t/minify.t
xt/author/clean-namespaces.t
xt/author/comparison.t
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/META.json
new/CSS-Minifier-XS-0.15/META.json
--- old/CSS-Minifier-XS-0.14/META.json 2026-06-29 01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/META.json 2026-06-30 20:19:02.000000000 +0200
@@ -79,14 +79,14 @@
"bugtracker" : {
"web" : "https://github.com/bleargh45/CSS-Minifier-XS/issues"
},
- "homepage" : "http://metacpan.org/release/CSS-Minifier-XS/",
+ "homepage" : "https://metacpan.org/release/CSS-Minifier-XS/",
"repository" : {
"type" : "git",
"url" : "git://github.com/bleargh45/CSS-Minifier-XS.git",
"web" : "https://github.com/bleargh45/CSS-Minifier-XS"
}
},
- "version" : "0.14",
+ "version" : "0.15",
"x_generated_by_perl" : "v5.42.2",
"x_serialization_backend" : "Cpanel::JSON::XS version 4.41",
"x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/META.yml
new/CSS-Minifier-XS-0.15/META.yml
--- old/CSS-Minifier-XS-0.14/META.yml 2026-06-29 01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/META.yml 2026-06-30 20:19:02.000000000 +0200
@@ -27,9 +27,9 @@
perl: '5.008001'
resources:
bugtracker: https://github.com/bleargh45/CSS-Minifier-XS/issues
- homepage: http://metacpan.org/release/CSS-Minifier-XS/
+ homepage: https://metacpan.org/release/CSS-Minifier-XS/
repository: git://github.com/bleargh45/CSS-Minifier-XS.git
-version: '0.14'
+version: '0.15'
x_generated_by_perl: v5.42.2
x_serialization_backend: 'YAML::Tiny version 1.76'
x_spdx_expression: 'Artistic-1.0-Perl OR GPL-1.0-or-later'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/Makefile.PL
new/CSS-Minifier-XS-0.15/Makefile.PL
--- old/CSS-Minifier-XS-0.14/Makefile.PL 2026-06-29 01:31:00.000000000
+0200
+++ new/CSS-Minifier-XS-0.15/Makefile.PL 2026-06-30 20:19:02.000000000
+0200
@@ -26,7 +26,7 @@
"Test::DiagINC" => "0.002",
"Test::More" => "0.96"
},
- "VERSION" => "0.14",
+ "VERSION" => "0.15",
"test" => {
"TESTS" => "t/*.t"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/XS.xs
new/CSS-Minifier-XS-0.15/XS.xs
--- old/CSS-Minifier-XS-0.14/XS.xs 2026-06-29 01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/XS.xs 2026-06-30 20:19:02.000000000 +0200
@@ -219,6 +219,52 @@
return 0;
}
+/* checks if this node contains a numeric value: an optional leading run of
+ * digits, followed by an optional single decimal point, which MUST be followed
+ * by a digit, and an optional trailing unit (letters and/or "%").
+ *
+ * NOTE: "node->contents" may not be NULL terminated (it is a pointer into a
+ * pre-existing string value), so iterate using "->contents" and "->length".
+ */
+bool nodeIsNumber(Node* node) {
+ const char* p = node->contents;
+ const char* end = p + node->length;
+ bool sawDigit = 0;
+
+ /* leading run of digits */
+ while ((p < end) && charIsNumeric(*p)) {
+ sawDigit = 1;
+ p++;
+ }
+
+ /* decimal point, which MUST be followed by a digit */
+ if ((p < end) && (*p == '.')) {
+ p++;
+ /* no trailing digit? Then not a number */
+ if ((p >= end) || !charIsNumeric(*p))
+ return 0;
+ /* skip past all following digits */
+ while ((p < end) && charIsNumeric(*p))
+ p++;
+ sawDigit = 1;
+ }
+
+ /* must have seen at least one digit, otherwise it's not a number */
+ if (!sawDigit)
+ return 0;
+
+ /* optional trailing unit: letters and/or "%" only */
+ while (p < end) {
+ char ch = *p++;
+ if ( ((ch>='a')&&(ch<='z')) || ((ch>='A')&&(ch<='Z')) || (ch=='%') )
+ continue;
+ return 0;
+ }
+
+ /* looks sane; it's a number */
+ return 1;
+}
+
/* ****************************************************************************
* NODE MANIPULATION FUNCTIONS
* ****************************************************************************
@@ -474,14 +520,24 @@
break;
case NODE_IDENTIFIER:
{
- /* if the node doesn't begin with a "zero", nothing to
collapse */
- const char* ptr = curr->contents;
- if ( (*ptr != '0') && (*ptr != '.' )) {
- /* not "0" and not "point-something" */
+ const char* ptr;
+
+ /* if the node isn't numeric, there's no point trying to
+ * collapse a Zero (as it won't have any).
+ */
+ if (!nodeIsNumber(curr))
break;
- }
- if ( (*ptr == '.') && (*(ptr+1) != '0') ) {
- /* "point-something", but not "point-zero" */
+
+ /* numerics can be part of a NAME or PATH segment, instead of
+ * being an actual numeric value (e.g. ".grid-001",
+ * "--spacing-001", "url(cache/00/foo.png)"). Those need to be
+ * preserved.
+ */
+ if (curr->prev
+ && (nodeIsCHAR(curr->prev, '-') || nodeIsCHAR(curr->prev,
'/'))
+ && curr->prev->prev
+ && nodeIsIDENTIFIER(curr->prev->prev))
+ {
break;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/lib/CSS/Minifier/XS.pm
new/CSS-Minifier-XS-0.15/lib/CSS/Minifier/XS.pm
--- old/CSS-Minifier-XS-0.14/lib/CSS/Minifier/XS.pm 2026-06-29
01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/lib/CSS/Minifier/XS.pm 2026-06-30
20:19:02.000000000 +0200
@@ -8,7 +8,7 @@
our @ISA = qw(Exporter DynaLoader);
our @EXPORT_OK = qw(minify);
-our $VERSION = '0.14';
+our $VERSION = '0.15';
bootstrap CSS::Minifier::XS $VERSION;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/t/minify-collapse-zeroes.t
new/CSS-Minifier-XS-0.15/t/minify-collapse-zeroes.t
--- old/CSS-Minifier-XS-0.14/t/minify-collapse-zeroes.t 1970-01-01
01:00:00.000000000 +0100
+++ new/CSS-Minifier-XS-0.15/t/minify-collapse-zeroes.t 2026-06-30
20:19:02.000000000 +0200
@@ -0,0 +1,52 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+use if $ENV{AUTOMATED_TESTING}, 'Test::DiagINC'; use Test::More;
+use CSS::Minifier::XS qw(minify);
+
+###############################################################################
+# When collapsing "zeroes", we ONLY want to collapse ones that are genuine
+# numeric values. We should NOT be collapsing identifier/filename fragments
+# that simply happen to begin with a "0" (e.g. "status-0.png").
+subtest 'identifiers w/zeroes are preserved' => sub {
+ is minify('a{background:url(0.png)}'),
'a{background:url(0.png)}', 'paren: 0.png';
+ is minify('a{background:url(001.png)}'),
'a{background:url(001.png)}', 'paren: 001.png';
+ is minify('a{background:url(img/0.png)}'),
'a{background:url(img/0.png)}', 'slash: img/0.png';
+ is minify('a{background:url(a.png),url(0.png)}'),
'a{background:url(a.png),url(0.png)}', 'comma list: 0.png';
+};
+
+###############################################################################
+# Verify that leading-zeroes in identifiers are preserved.
+subtest 'leading zeroes in identifiers are preserved' => sub {
+ is minify('.grid-001{color:red}'), '.grid-001{color:red}',
'class .grid-001';
+ is minify('.icon-007{color:red}'), '.icon-007{color:red}',
'class .icon-007';
+ is minify('#item-001{color:red}'), '#item-001{color:red}', 'id
#item-001';
+ is minify(':root{--spacing-001:5px}'), ':root{--spacing-001:5px}',
'custom property name';
+ is minify('a{animation-name:spin-001}'), 'a{animation-name:spin-001}',
'animation name';
+};
+
+###############################################################################
+# Verify that leading-zeroes in url() paths are preserved
+subtest 'leading zeroes in url() paths are preserved' => sub {
+ is minify('a{background:url(cache/00/x.png)}'),
'a{background:url(cache/00/x.png)}', 'numeric cache dir /00/';
+ is minify('a{background:url(v1/007/icon.png)}'),
'a{background:url(v1/007/icon.png)}', 'numeric path segment /007/';
+};
+
+###############################################################################
+# Double-check that numeric values collapse as expected.
+#
+# While yes, this is somewhat duplicative to tests already done in "minify.t",
+# I'm leaving them here as well for mental context.
+subtest 'numeric values collapse as expected' => sub {
+ is minify('a{margin:0px}'), 'a{margin:0}', '0px -> 0';
+ is minify('a{opacity:0.5}'), 'a{opacity:.5}', '0.5 ->
.5';
+ is minify('a{opacity:0.50}'), 'a{opacity:.50}', '0.50 ->
.50';
+ is minify('a{margin:0.0px}'), 'a{margin:0}', '0.0px ->
0';
+ is minify('a{margin:0px}'), 'a{margin:0}', '0px -> 0';
+ is minify('a{margin:-0.5px}'), 'a{margin:-.5px}', 'negative
-0.5px -> -.5px';
+ is minify('a{color:rgba(0,0,0,0.5)}'), 'a{color:rgba(0,0,0,.5)}', 'rgba
alpha 0.5 -> .5';
+};
+
+###############################################################################
+done_testing();
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/xt/author/eol.t
new/CSS-Minifier-XS-0.15/xt/author/eol.t
--- old/CSS-Minifier-XS-0.14/xt/author/eol.t 2026-06-29 01:31:00.000000000
+0200
+++ new/CSS-Minifier-XS-0.15/xt/author/eol.t 2026-06-30 20:19:02.000000000
+0200
@@ -11,6 +11,7 @@
't/00-report-prereqs.dd',
't/00-report-prereqs.t',
't/01-compile.t',
+ 't/minify-collapse-zeroes.t',
't/minify.t'
);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CSS-Minifier-XS-0.14/xt/author/no-tabs.t
new/CSS-Minifier-XS-0.15/xt/author/no-tabs.t
--- old/CSS-Minifier-XS-0.14/xt/author/no-tabs.t 2026-06-29
01:31:00.000000000 +0200
+++ new/CSS-Minifier-XS-0.15/xt/author/no-tabs.t 2026-06-30
20:19:02.000000000 +0200
@@ -11,6 +11,7 @@
't/00-report-prereqs.dd',
't/00-report-prereqs.t',
't/01-compile.t',
+ 't/minify-collapse-zeroes.t',
't/minify.t'
);
++++++ _scmsync.obsinfo ++++++
--- /var/tmp/diff_new_pack.KAtcAF/_old 2026-07-07 21:08:14.372747563 +0200
+++ /var/tmp/diff_new_pack.KAtcAF/_new 2026-07-07 21:08:14.380747839 +0200
@@ -1,6 +1,6 @@
-mtime: 1782819454
-commit: 47b10727e167dea38cdc64925eb15f55c8e887956b99f606f5a0403b8420b88d
+mtime: 1782896242
+commit: acbd749c0835607a3532635ad93315261ba8cd27286d91f92bebdadff8e2b6e7
url: https://src.opensuse.org/perl/perl-CSS-Minifier-XS
-revision: 47b10727e167dea38cdc64925eb15f55c8e887956b99f606f5a0403b8420b88d
+revision: acbd749c0835607a3532635ad93315261ba8cd27286d91f92bebdadff8e2b6e7
projectscmsync: https://src.opensuse.org/perl/_ObsPrj
++++++ build.specials.obscpio ++++++
++++++ build.specials.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/.gitignore new/.gitignore
--- old/.gitignore 1970-01-01 01:00:00.000000000 +0100
+++ new/.gitignore 2026-07-01 10:57:22.000000000 +0200
@@ -0,0 +1 @@
+.osc