Hello community,
here is the log from the commit of package rubygem-loofah for openSUSE:Factory
checked in at 2019-11-28 10:17:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-loofah (Old)
and /work/SRC/openSUSE:Factory/.rubygem-loofah.new.26869 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-loofah"
Thu Nov 28 10:17:50 2019 rev:11 rq:751497 version:2.4.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-loofah/rubygem-loofah.changes
2019-11-13 13:26:28.943582334 +0100
+++ /work/SRC/openSUSE:Factory/.rubygem-loofah.new.26869/rubygem-loofah.changes
2019-11-28 10:18:03.287639558 +0100
@@ -1,0 +2,11 @@
+Thu Nov 28 07:22:05 UTC 2019 - Manuel Schnitzer <mschnit...@suse.com>
+
+- updated to version 2.4.0
+
+ ### Features
+
+ * Allow CSS property `max-width` [#175] (Thanks, @bchaney!)
+ * Allow CSS sizes expressed in `rem` [#176, #177]
+ * Add `frozen_string_literal: true` magic comment to all `lib` files. [#118]
+
+-------------------------------------------------------------------
Old:
----
loofah-2.3.1.gem
New:
----
loofah-2.4.0.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-loofah.spec ++++++
--- /var/tmp/diff_new_pack.5vAum4/_old 2019-11-28 10:18:03.707639563 +0100
+++ /var/tmp/diff_new_pack.5vAum4/_new 2019-11-28 10:18:03.707639563 +0100
@@ -24,7 +24,7 @@
#
Name: rubygem-loofah
-Version: 2.3.1
+Version: 2.4.0
Release: 0
%define mod_name loofah
%define mod_full_name %{mod_name}-%{version}
++++++ loofah-2.3.1.gem -> loofah-2.4.0.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/CHANGELOG.md new/CHANGELOG.md
--- old/CHANGELOG.md 2019-10-22 15:10:42.000000000 +0200
+++ new/CHANGELOG.md 2019-11-25 19:45:25.000000000 +0100
@@ -1,5 +1,14 @@
# Changelog
+## 2.4.0 / 2019-11-25
+
+### Features
+
+* Allow CSS property `max-width` [#175] (Thanks, @bchaney!)
+* Allow CSS sizes expressed in `rem` [#176, #177]
+* Add `frozen_string_literal: true` magic comment to all `lib` files. [#118]
+
+
## 2.3.1 / 2019-10-22
### Security
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Gemfile new/Gemfile
--- old/Gemfile 2019-10-22 15:10:42.000000000 +0200
+++ new/Gemfile 2019-11-25 19:45:25.000000000 +0100
@@ -7,16 +7,17 @@
gem "nokogiri", ">=1.5.9"
gem "crass", "~>1.0.2"
-gem "rake", ">=0.8", :group => [:development, :test]
+gem "rake", "~>12.3", :group => [:development, :test]
gem "minitest", "~>2.2", :group => [:development, :test]
gem "rr", "~>1.2.0", :group => [:development, :test]
-gem "json", ">=0", :group => [:development, :test]
-gem "hoe-gemspec", ">=0", :group => [:development, :test]
-gem "hoe-debugging", ">=0", :group => [:development, :test]
-gem "hoe-bundler", ">=0", :group => [:development, :test]
-gem "hoe-git", ">=0", :group => [:development, :test]
+gem "json", "~>2.2.0", :group => [:development, :test]
+gem "hoe-gemspec", "~>1.0", :group => [:development, :test]
+gem "hoe-debugging", "~>2.0", :group => [:development, :test]
+gem "hoe-bundler", "~>1.5", :group => [:development, :test]
+gem "hoe-git", "~>1.6", :group => [:development, :test]
gem "concourse", ">=0.26.0", :group => [:development, :test]
+gem "rubocop", ">=0.76.0", :group => [:development, :test]
gem "rdoc", ">=4.0", "<7", :group => [:development, :test]
-gem "hoe", "~>3.17", :group => [:development, :test]
+gem "hoe", "~>3.20", :group => [:development, :test]
# vim: syntax=ruby
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/Rakefile new/Rakefile
--- old/Rakefile 2019-10-22 15:10:42.000000000 +0200
+++ new/Rakefile 2019-11-25 19:45:25.000000000 +0100
@@ -28,6 +28,7 @@
extra_dev_deps << ["hoe-bundler", "~> 1.5"]
extra_dev_deps << ["hoe-git", "~> 1.6"]
extra_dev_deps << ["concourse", ">=0.26.0"]
+ extra_dev_deps << ["rubocop", ">=0.76.0"]
end
task :gemspec do
@@ -75,6 +76,15 @@
load "tasks/generate-safelists"
end
+task :rubocop => [:rubocop_security, :rubocop_frozen_string_literals]
+task :rubocop_security do
+ sh "rubocop lib --only Security"
+end
+task :rubocop_frozen_string_literals do
+ sh "rubocop lib --auto-correct --only Style/FrozenStringLiteralComment"
+end
+Rake::Task[:test].prerequisites << :rubocop
+
Concourse.new("loofah", fly_target: "ci") do |c|
c.add_pipeline "loofah", "loofah.yml"
c.add_pipeline "loofah-pr", "loofah-pr.yml"
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/elements.rb new/lib/loofah/elements.rb
--- old/lib/loofah/elements.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/elements.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
require 'set'
module Loofah
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/helpers.rb new/lib/loofah/helpers.rb
--- old/lib/loofah/helpers.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/helpers.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module Helpers
class << self
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html/document.rb
new/lib/loofah/html/document.rb
--- old/lib/loofah/html/document.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/html/document.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module HTML # :nodoc:
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html/document_fragment.rb
new/lib/loofah/html/document_fragment.rb
--- old/lib/loofah/html/document_fragment.rb 2019-10-22 15:10:42.000000000
+0200
+++ new/lib/loofah/html/document_fragment.rb 2019-11-25 19:45:25.000000000
+0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module HTML # :nodoc:
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/libxml2_workarounds.rb
new/lib/loofah/html5/libxml2_workarounds.rb
--- old/lib/loofah/html5/libxml2_workarounds.rb 2019-10-22 15:10:42.000000000
+0200
+++ new/lib/loofah/html5/libxml2_workarounds.rb 2019-11-25 19:45:25.000000000
+0100
@@ -1,4 +1,5 @@
# coding: utf-8
+# frozen_string_literal: true
require 'set'
module Loofah
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/safelist.rb
new/lib/loofah/html5/safelist.rb
--- old/lib/loofah/html5/safelist.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/html5/safelist.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
require "set"
module Loofah
@@ -573,6 +574,7 @@
"line-height",
"list-style",
"list-style-type",
+ "max-width",
"overflow",
"pause",
"pause-after",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/html5/scrub.rb
new/lib/loofah/html5/scrub.rb
--- old/lib/loofah/html5/scrub.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/html5/scrub.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
require 'cgi'
require 'crass'
@@ -6,7 +7,7 @@
module Scrub
CONTROL_CHARACTERS = /[`\u0000-\u0020\u007f\u0080-\u0101]/
- CSS_KEYWORDISH =
/\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(cm|em|ex|in|mm|pc|pt|px|%|,|\))?)\z/
+ CSS_KEYWORDISH =
/\A(#[0-9a-fA-F]+|rgb\(\d+%?,\d*%?,?\d*%?\)?|-?\d{0,3}\.?\d{0,10}(cm|r?em|ex|in|mm|pc|pt|px|%|,|\))?)\z/
CRASS_SEMICOLON = {:node => :semicolon, :raw => ";"}
class << self
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/instance_methods.rb
new/lib/loofah/instance_methods.rb
--- old/lib/loofah/instance_methods.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/instance_methods.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
#
# Mixes +scrub!+ into Document, DocumentFragment, Node and NodeSet.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/metahelpers.rb
new/lib/loofah/metahelpers.rb
--- old/lib/loofah/metahelpers.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/metahelpers.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module MetaHelpers # :nodoc:
def self.add_downcased_set_members_to_all_set_constants mojule
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/scrubber.rb new/lib/loofah/scrubber.rb
--- old/lib/loofah/scrubber.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/scrubber.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
#
# A RuntimeError raised when Loofah could not find an appropriate scrubber.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/scrubbers.rb new/lib/loofah/scrubbers.rb
--- old/lib/loofah/scrubbers.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/scrubbers.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
#
# Loofah provides some built-in scrubbers for sanitizing with
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/xml/document.rb
new/lib/loofah/xml/document.rb
--- old/lib/loofah/xml/document.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah/xml/document.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module XML # :nodoc:
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah/xml/document_fragment.rb
new/lib/loofah/xml/document_fragment.rb
--- old/lib/loofah/xml/document_fragment.rb 2019-10-22 15:10:42.000000000
+0200
+++ new/lib/loofah/xml/document_fragment.rb 2019-11-25 19:45:25.000000000
+0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
module Loofah
module XML # :nodoc:
#
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/loofah.rb new/lib/loofah.rb
--- old/lib/loofah.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/lib/loofah.rb 2019-11-25 19:45:25.000000000 +0100
@@ -1,3 +1,4 @@
+# frozen_string_literal: true
$LOAD_PATH.unshift(File.expand_path(File.dirname(__FILE__))) unless
$LOAD_PATH.include?(File.expand_path(File.dirname(__FILE__)))
require "nokogiri"
@@ -28,7 +29,7 @@
#
module Loofah
# The version of Loofah you are using
- VERSION = "2.3.1"
+ VERSION = "2.4.0"
class << self
# Shortcut for Loofah::HTML::Document.parse
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 2019-10-22 15:10:42.000000000 +0200
+++ new/metadata 2019-11-25 19:45:25.000000000 +0100
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: loofah
version: !ruby/object:Gem::Version
- version: 2.3.1
+ version: 2.4.0
platform: ruby
authors:
- Mike Dalessio
@@ -9,7 +9,7 @@
autorequire:
bindir: bin
cert_chain: []
-date: 2019-10-22 00:00:00.000000000 Z
+date: 2019-11-25 00:00:00.000000000 Z
dependencies:
- !ruby/object:Gem::Dependency
name: nokogiri
@@ -166,6 +166,20 @@
- !ruby/object:Gem::Version
version: 0.26.0
- !ruby/object:Gem::Dependency
+ name: rubocop
+ requirement: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">="
+ - !ruby/object:Gem::Version
+ version: 0.76.0
+ type: :development
+ prerelease: false
+ version_requirements: !ruby/object:Gem::Requirement
+ requirements:
+ - - ">="
+ - !ruby/object:Gem::Version
+ version: 0.76.0
+- !ruby/object:Gem::Dependency
name: rdoc
requirement: !ruby/object:Gem::Requirement
requirements:
@@ -191,14 +205,14 @@
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '3.18'
+ version: '3.20'
type: :development
prerelease: false
version_requirements: !ruby/object:Gem::Requirement
requirements:
- - "~>"
- !ruby/object:Gem::Version
- version: '3.18'
+ version: '3.20'
description: |-
Loofah is a general library for manipulating and transforming HTML/XML
documents and fragments, built on top of Nokogiri.
@@ -261,7 +275,8 @@
homepage: https://github.com/flavorjones/loofah
licenses:
- MIT
-metadata: {}
+metadata:
+ homepage_uri: https://github.com/flavorjones/loofah
post_install_message:
rdoc_options:
- "--main"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/test/html5/test_sanitizer.rb
new/test/html5/test_sanitizer.rb
--- old/test/html5/test_sanitizer.rb 2019-10-22 15:10:42.000000000 +0200
+++ new/test/html5/test_sanitizer.rb 2019-11-25 19:45:25.000000000 +0100
@@ -294,6 +294,12 @@
assert_match %r/0.3333333334em/, sane.inner_html
end
+ def test_css_rem_value
+ html = "<span style=\"margin-top:10rem;\">"
+ sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
+ assert_match %r/10rem/, sane.inner_html
+ end
+
def test_css_function_sanitization_leaves_safelisted_functions_calc
html = "<span style=\"width:calc(5%)\">"
sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :strip).to_html)
@@ -326,6 +332,13 @@
assert_match %r/<span><\/span>/, sane.inner_html
end
+ def test_css_max_width
+ html = '<div style="max-width: 100%;"></div>'
+ sane = Nokogiri::HTML(Loofah.scrub_fragment(html, :escape).to_xml)
+ assert_match %r/max-width/, sane.inner_html
+ end
+
+
def test_issue_90_slow_regex
skip("timing tests are hard to make pass and have little
regression-testing value")
