commit rubygem-rails-html-sanitizer for openSUSE:Factory

root Wed, 13 Nov 2019 04:27:02 -0800

Hello community,

here is the log from the commit of package rubygem-rails-html-sanitizer for 
openSUSE:Factory checked in at 2019-11-13 13:26:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-rails-html-sanitizer (Old)
 and      /work/SRC/openSUSE:Factory/.rubygem-rails-html-sanitizer.new.2990 
(New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "rubygem-rails-html-sanitizer"

Wed Nov 13 13:26:16 2019 rev:7 rq:747758 version:1.3.0

Changes:
--------
--- 
/work/SRC/openSUSE:Factory/rubygem-rails-html-sanitizer/rubygem-rails-html-sanitizer.changes
        2019-08-16 15:50:57.629585363 +0200
+++ 
/work/SRC/openSUSE:Factory/.rubygem-rails-html-sanitizer.new.2990/rubygem-rails-html-sanitizer.changes
      2019-11-13 13:26:21.311574390 +0100
@@ -1,0 +2,9 @@
+Tue Nov 12 15:06:13 UTC 2019 - Manuel Schnitzer <[email protected]>
+
+- updated to version 1.3.0
+
+  * Address deprecations in Loofah 2.3.0.
+
+    *Josh Goodall*
+
+-------------------------------------------------------------------

Old:
----
  rails-html-sanitizer-1.2.0.gem

New:
----
  rails-html-sanitizer-1.3.0.gem

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ rubygem-rails-html-sanitizer.spec ++++++
--- /var/tmp/diff_new_pack.ZE98QX/_old  2019-11-13 13:26:22.483575610 +0100
+++ /var/tmp/diff_new_pack.ZE98QX/_new  2019-11-13 13:26:22.487575614 +0100
@@ -24,7 +24,7 @@
 #
 
 Name:           rubygem-rails-html-sanitizer
-Version:        1.2.0
+Version:        1.3.0
 Release:        0
 %define mod_name rails-html-sanitizer
 %define mod_full_name %{mod_name}-%{version}

++++++ rails-html-sanitizer-1.2.0.gem -> rails-html-sanitizer-1.3.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md    2019-08-09 00:04:05.000000000 +0200
+++ new/CHANGELOG.md    2019-10-06 17:11:17.000000000 +0200
@@ -1,3 +1,9 @@
+## 1.3.0
+
+* Address deprecations in Loofah 2.3.0.
+
+  *Josh Goodall*
+
 ## 1.2.0
 
 * Remove needless `white_list_sanitizer` deprecation.
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rails/html/sanitizer/version.rb 
new/lib/rails/html/sanitizer/version.rb
--- old/lib/rails/html/sanitizer/version.rb     2019-08-09 00:04:05.000000000 
+0200
+++ new/lib/rails/html/sanitizer/version.rb     2019-10-06 17:11:17.000000000 
+0200
@@ -1,7 +1,7 @@
 module Rails
   module Html
     class Sanitizer
-      VERSION = "1.2.0"
+      VERSION = "1.3.0"
     end
   end
 end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rails/html/sanitizer.rb 
new/lib/rails/html/sanitizer.rb
--- old/lib/rails/html/sanitizer.rb     2019-08-09 00:04:05.000000000 +0200
+++ new/lib/rails/html/sanitizer.rb     2019-10-06 17:11:17.000000000 +0200
@@ -74,7 +74,7 @@
     #
     # === Options
     # Sanitizes both html and css via the safe lists found here:
-    # 
https://github.com/flavorjones/loofah/blob/master/lib/loofah/html5/whitelist.rb
+    # 
https://github.com/flavorjones/loofah/blob/master/lib/loofah/html5/safelist.rb
     #
     # SafeListSanitizer also accepts options to configure
     # the safe list used when sanitizing html.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lib/rails/html/scrubbers.rb 
new/lib/rails/html/scrubbers.rb
--- old/lib/rails/html/scrubbers.rb     2019-08-09 00:04:05.000000000 +0200
+++ new/lib/rails/html/scrubbers.rb     2019-10-06 17:11:17.000000000 +0200
@@ -138,17 +138,17 @@
                       attr_node.node_name
                     end
 
-        if Loofah::HTML5::WhiteList::ATTR_VAL_IS_URI.include?(attr_name)
+        if Loofah::HTML5::SafeList::ATTR_VAL_IS_URI.include?(attr_name)
           # this block lifted nearly verbatim from HTML5 sanitization
           val_unescaped = 
CGI.unescapeHTML(attr_node.value).gsub(Loofah::HTML5::Scrub::CONTROL_CHARACTERS,'').downcase
-          if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && ! 
Loofah::HTML5::WhiteList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(Loofah::HTML5::WhiteList::PROTOCOL_SEPARATOR)[0])
+          if val_unescaped =~ /^[a-z0-9][-+.a-z0-9]*:/ && ! 
Loofah::HTML5::SafeList::ALLOWED_PROTOCOLS.include?(val_unescaped.split(Loofah::HTML5::SafeList::PROTOCOL_SEPARATOR)[0])
             attr_node.remove
           end
         end
-        if 
Loofah::HTML5::WhiteList::SVG_ATTR_VAL_ALLOWS_REF.include?(attr_name)
+        if Loofah::HTML5::SafeList::SVG_ATTR_VAL_ALLOWS_REF.include?(attr_name)
           attr_node.value = attr_node.value.gsub(/url\s*\(\s*[^#\s][^)]+?\)/m, 
' ') if attr_node.value
         end
-        if Loofah::HTML5::WhiteList::SVG_ALLOW_LOCAL_HREF.include?(node.name) 
&& attr_name == 'xlink:href' && attr_node.value =~ /^\s*[^#\s].*/m
+        if Loofah::HTML5::SafeList::SVG_ALLOW_LOCAL_HREF.include?(node.name) 
&& attr_name == 'xlink:href' && attr_node.value =~ /^\s*[^#\s].*/m
           attr_node.remove
         end
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata        2019-08-09 00:04:05.000000000 +0200
+++ new/metadata        2019-10-06 17:11:17.000000000 +0200
@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rails-html-sanitizer
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Rafael Mendonça França
@@ -9,7 +9,7 @@
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-08-08 00:00:00.000000000 Z
+date: 2019-10-06 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: loofah
@@ -17,20 +17,14 @@
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: '2.3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.2'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.2.2
+        version: '2.3'
 - !ruby/object:Gem::Dependency
   name: bundler
   requirement: !ruby/object:Gem::Requirement
@@ -123,7 +117,7 @@
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.4
+rubygems_version: 3.0.3
 signing_key: 
 specification_version: 4
 summary: This gem is responsible to sanitize HTML fragments in Rails 
applications.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/test/sanitizer_test.rb new/test/sanitizer_test.rb
--- old/test/sanitizer_test.rb  2019-08-09 00:04:05.000000000 +0200
+++ new/test/sanitizer_test.rb  2019-10-06 17:11:17.000000000 +0200
@@ -181,7 +181,7 @@
     assert_sanitized raw, %{src="javascript:bang" <img width="5">foo</img>, 
<span>bar</span>}
   end
 
-  tags = Loofah::HTML5::WhiteList::ALLOWED_ELEMENTS - %w(script form)
+  tags = Loofah::HTML5::SafeList::ALLOWED_ELEMENTS - %w(script form)
   tags.each do |tag_name|
     define_method "test_should_allow_#{tag_name}_tag" do
       scope_allowed_tags(tags) do

commit rubygem-rails-html-sanitizer for openSUSE:Factory

Reply via email to