Hello community, here is the log from the commit of package python-markdown2 for openSUSE:Factory checked in at 2020-08-18 15:11:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-markdown2 (Old) and /work/SRC/openSUSE:Factory/.python-markdown2.new.3399 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-markdown2" Tue Aug 18 15:11:47 2020 rev:6 rq:827270 version:2.3.9 Changes: -------- --- /work/SRC/openSUSE:Factory/python-markdown2/python-markdown2.changes 2020-05-08 23:07:08.422081484 +0200 +++ /work/SRC/openSUSE:Factory/.python-markdown2.new.3399/python-markdown2.changes 2020-08-18 15:11:55.196062254 +0200 @@ -1,0 +2,11 @@ +Mon Aug 17 07:51:19 UTC 2020 - Dirk Mueller <dmuel...@suse.com> + +- update to 2.3.9: + - [pull #335] Added header support for wiki tables + - [pull #336] Reset _toc when convert is run + - [pull #353] XSS fix + - [pull #350] XSS fix +- remove 0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch, + 0002-Fixed-code-highlighting-unit-tests.patch (upstream) + +------------------------------------------------------------------- Old: ---- 0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch 0002-Fixed-code-highlighting-unit-tests.patch markdown2-2.3.8.tar.gz New: ---- markdown2-2.3.9.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-markdown2.spec ++++++ --- /var/tmp/diff_new_pack.w4bxe4/_old 2020-08-18 15:11:55.772062492 +0200 +++ /var/tmp/diff_new_pack.w4bxe4/_new 2020-08-18 15:11:55.776062494 +0200 @@ -18,15 +18,13 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-markdown2 -Version: 2.3.8 +Version: 2.3.9 Release: 0 Summary: A Python implementation of Markdown License: MIT Group: Development/Languages/Python URL: https://github.com/trentm/python-markdown2 Source: https://files.pythonhosted.org/packages/source/m/markdown2/markdown2-%{version}.tar.gz -Patch0: 0001-Fix-for-issue-348-incomplete-tags-with-punctuation-a.patch -Patch1: 0002-Fixed-code-highlighting-unit-tests.patch BuildRequires: %{python_module pygments} BuildRequires: %{python_module setuptools} BuildRequires: fdupes @@ -46,8 +44,6 @@ %prep %setup -q -n markdown2-%{version} -%patch0 -p1 -%patch1 -p1 %build %python_build ++++++ markdown2-2.3.8.tar.gz -> markdown2-2.3.9.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/CHANGES.md new/markdown2-2.3.9/CHANGES.md --- old/markdown2-2.3.8/CHANGES.md 2019-05-29 20:55:44.000000000 +0200 +++ new/markdown2-2.3.9/CHANGES.md 2020-05-12 02:07:43.000000000 +0200 @@ -1,5 +1,13 @@ # python-markdown2 Changelog +## python-markdown2 2.3.9 + +- [pull #335] Added header support for wiki tables +- [pull #336] Reset _toc when convert is run +- [pull #353] XSS fix +- [pull #350] XSS fix + + ## python-markdown2 2.3.8 - [pull #317] Temporary fix to issue #150 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/CONTRIBUTORS.txt new/markdown2-2.3.9/CONTRIBUTORS.txt --- old/markdown2-2.3.8/CONTRIBUTORS.txt 2019-05-28 19:49:01.000000000 +0200 +++ new/markdown2-2.3.9/CONTRIBUTORS.txt 2020-05-04 19:00:34.000000000 +0200 @@ -42,3 +42,5 @@ Alex Elzenaar (github.com/aelzenaar) Francisco Saldaña (github.com/FrankSalad) Shivam Kumar Jha (github.com/thealphadollar) +ryanvilbrandt (github.com/ryanvilbrandt) +Gareth Simpson (github.com/xurble) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/PKG-INFO new/markdown2-2.3.9/PKG-INFO --- old/markdown2-2.3.8/PKG-INFO 2019-05-29 20:55:53.000000000 +0200 +++ new/markdown2-2.3.9/PKG-INFO 2020-05-12 02:07:55.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: markdown2 -Version: 2.3.8 +Version: 2.3.9 Summary: A fast and complete Python implementation of Markdown Home-page: https://github.com/trentm/python-markdown2 Author: Trent Mick diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/lib/markdown2.egg-info/PKG-INFO new/markdown2-2.3.9/lib/markdown2.egg-info/PKG-INFO --- old/markdown2-2.3.8/lib/markdown2.egg-info/PKG-INFO 2019-05-29 20:55:52.000000000 +0200 +++ new/markdown2-2.3.9/lib/markdown2.egg-info/PKG-INFO 2020-05-12 02:07:55.000000000 +0200 @@ -1,6 +1,6 @@ Metadata-Version: 1.1 Name: markdown2 -Version: 2.3.8 +Version: 2.3.9 Summary: A fast and complete Python implementation of Markdown Home-page: https://github.com/trentm/python-markdown2 Author: Trent Mick diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/lib/markdown2.egg-info/SOURCES.txt new/markdown2-2.3.9/lib/markdown2.egg-info/SOURCES.txt --- old/markdown2-2.3.8/lib/markdown2.egg-info/SOURCES.txt 2019-05-29 20:55:52.000000000 +0200 +++ new/markdown2-2.3.9/lib/markdown2.egg-info/SOURCES.txt 2020-05-12 02:07:55.000000000 +0200 @@ -223,6 +223,12 @@ test/tm-cases/issue2_safe_mode_borks_markup.opts test/tm-cases/issue2_safe_mode_borks_markup.tags test/tm-cases/issue2_safe_mode_borks_markup.text +test/tm-cases/issue341_xss.html +test/tm-cases/issue341_xss.opts +test/tm-cases/issue341_xss.text +test/tm-cases/issue348_incomplete_tag.html +test/tm-cases/issue348_incomplete_tag.opts +test/tm-cases/issue348_incomplete_tag.text test/tm-cases/issue3_bad_code_color_hack.html test/tm-cases/issue3_bad_code_color_hack.opts test/tm-cases/issue3_bad_code_color_hack.tags diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/lib/markdown2.py new/markdown2-2.3.9/lib/markdown2.py --- old/markdown2-2.3.8/lib/markdown2.py 2019-05-28 19:47:41.000000000 +0200 +++ new/markdown2-2.3.9/lib/markdown2.py 2020-05-11 23:24:03.000000000 +0200 @@ -96,7 +96,7 @@ # not yet sure if there implications with this. Compare 'pydoc sre' # and 'perldoc perlre'. -__version_info__ = (2, 3, 8) +__version_info__ = (2, 3, 9) __version__ = '.'.join(map(str, __version_info__)) __author__ = "Trent Mick" @@ -200,7 +200,10 @@ titles = None html_blocks = None html_spans = None - html_removed_text = "[HTML_REMOVED]" # for compat with markdown.py + html_removed_text = "{(#HTML#)}" # placeholder removed text that does not trigger bold + html_removed_text_compat = "[HTML_REMOVED]" # for compat with markdown.py + + _toc = None # Used to track when we're inside an ordered or unordered list # (see _ProcessListItems() for details): @@ -217,6 +220,7 @@ else: self.empty_element_suffix = " />" self.tab_width = tab_width + self.tab = tab_width * " " # For compatibility with earlier markdown2.py and with # markdown.py's safe_mode being a boolean, @@ -273,6 +277,7 @@ self._count_from_header_id = defaultdict(int) if "metadata" in self.extras: self.metadata = {} + self._toc = None # Per <https://developer.mozilla.org/en-US/docs/HTML/Element/a> "rel" # should only be used in <a> tags with an "href" attribute. @@ -384,6 +389,8 @@ if self.safe_mode: text = self._unhash_html_spans(text) + # return the removed text warning to its markdown.py compatible form + text = text.replace(self.html_removed_text, self.html_removed_text_compat) if "nofollow" in self.extras: text = self._a_nofollow.sub(r'<\1 rel="nofollow"\2', text) @@ -1070,23 +1077,43 @@ def _wiki_table_sub(self, match): ttext = match.group(0).strip() - # print 'wiki table: %r' % match.group(0) + # print('wiki table: %r' % match.group(0)) rows = [] for line in ttext.splitlines(0): line = line.strip()[2:-2].strip() row = [c.strip() for c in re.split(r'(?<!\\)\|\|', line)] rows.append(row) + # from pprint import pprint # pprint(rows) - hlines = ['<table%s>' % self._html_class_str_from_tag('table'), '<tbody>'] - for row in rows: - hrow = ['<tr>'] - for cell in row: - hrow.append('<td>') - hrow.append(self._run_span_gamut(cell)) - hrow.append('</td>') - hrow.append('</tr>') - hlines.append(''.join(hrow)) - hlines += ['</tbody>', '</table>'] + hlines = [] + + def add_hline(line, indents=0): + hlines.append((self.tab * indents) + line) + + def format_cell(text): + return self._run_span_gamut(re.sub(r"^\s*~", "", cell).strip(" ")) + + add_hline('<table%s>' % self._html_class_str_from_tag('table')) + # Check if first cell of first row is a header cell. If so, assume the whole row is a header row. + if rows and rows[0] and re.match(r"^\s*~", rows[0][0]): + add_hline('<thead>', 1) + add_hline('<tr>', 2) + for cell in rows[0]: + add_hline("<th>{}</th>".format(format_cell(cell)), 3) + add_hline('</tr>', 2) + add_hline('</thead>', 1) + # Only one header row allowed. + rows = rows[1:] + # If no more rows, don't create a tbody. + if rows: + add_hline('<tbody>', 1) + for row in rows: + add_hline('<tr>', 2) + for cell in row: + add_hline('<td>{}</td>'.format(format_cell(cell)), 3) + add_hline('</tr>', 2) + add_hline('</tbody>', 1) + add_hline('</table>') return '\n'.join(hlines) + '\n' def _do_wiki_tables(self, text): @@ -1351,6 +1378,11 @@ continue link_text = text[start_idx+1:p] + # Fix for issue 341 - Injecting XSS into link text + if self.safe_mode: + link_text = self._hash_html_spans(link_text) + link_text = self._unhash_html_spans(link_text) + # Possibly a footnote ref? if "footnotes" in self.extras and link_text.startswith("^"): normed_id = re.sub(r'\W', '-', link_text[1:]) @@ -1509,7 +1541,6 @@ return header_id - _toc = None def _toc_add_entry(self, level, id, name): if level > self._toc_depth: return @@ -2141,11 +2172,14 @@ text = self._naked_gt_re.sub('>', text) return text - _incomplete_tags_re = re.compile("<(/?\w+[\s/]+?)") + _incomplete_tags_re = re.compile("<(/?\w+?(?!\w).+?[\s/]+?)") def _encode_incomplete_tags(self, text): if self.safe_mode not in ("replace", "escape"): return text + + if text.endswith(">"): + return text # this is not an incomplete tag, this is a link in the form <http://x.y.z> return self._incomplete_tags_re.sub("<\\1", text) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/setup.cfg new/markdown2-2.3.9/setup.cfg --- old/markdown2-2.3.8/setup.cfg 2019-05-29 20:55:53.000000000 +0200 +++ new/markdown2-2.3.9/setup.cfg 2020-05-12 02:07:55.000000000 +0200 @@ -2,7 +2,7 @@ universal = 1 [egg_info] -tag_svn_revision = 0 -tag_date = 0 tag_build = +tag_date = 0 +tag_svn_revision = 0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/test_markdown2.py new/markdown2-2.3.9/test/test_markdown2.py --- old/markdown2-2.3.8/test/test_markdown2.py 2018-09-26 02:50:46.000000000 +0200 +++ new/markdown2-2.3.9/test/test_markdown2.py 2019-11-25 19:09:50.000000000 +0100 @@ -291,6 +291,52 @@ '<h2>%s</h2>\n' % ko) test_russian.tags = ["unicode", "issue3"] + def test_toc_with_persistent_object(self): + """ + Tests that the toc is the same every time it's run on HTML, even if the Markdown object isn't disposed of. + """ + md = markdown2.Markdown(extras=["toc"]) + html = """ +# Header 1 +## Header 1.1 +## Header 1.2 +### Header 1.3 +# Header 2 +## Header 2.1 + """ + expected_toc_html = """<ul> + <li><a href="#header-1">Header 1</a> + <ul> + <li><a href="#header-11">Header 1.1</a></li> + <li><a href="#header-12">Header 1.2</a> + <ul> + <li><a href="#header-13">Header 1.3</a></li> + </ul></li> + </ul></li> + <li><a href="#header-2">Header 2</a> + <ul> + <li><a href="#header-21">Header 2.1</a></li> + </ul></li> +</ul> +""" + self.assertEqual(expected_toc_html, md.convert(html).toc_html) + # Do it again, to check if the toc_html is just appended rather than replaced + self.assertEqual(expected_toc_html, md.convert(html).toc_html) + # Create different html, and confirm toc_html is replaced + html = """ +# I'm new html +## I don't have to be long, just different +""" + expected_toc_html = """<ul> + <li><a href="#im-new-html">I'm new html</a> + <ul> + <li><a href="#i-dont-have-to-be-long-just-different">I don't have to be long, just different</a></li> + </ul></li> +</ul> +""" + self.assertEqual(expected_toc_html, md.convert(html).toc_html) + test_toc_with_persistent_object.tags = ["toc", "issue208"] + class DocTestsTestCase(unittest.TestCase): def test_api(self): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_leading_lang_space.html new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_leading_lang_space.html --- old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_leading_lang_space.html 2018-09-30 23:04:36.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_leading_lang_space.html 2020-01-23 00:56:00.000000000 +0100 @@ -1,3 +1,3 @@ -<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span> - <span class="k">print</span> <span class="s2">"hi"</span> +<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span> + <span class="nb">print</span> <span class="s2">"hi"</span> </code></pre></div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_safe_highlight.html new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_safe_highlight.html --- old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_safe_highlight.html 2018-09-30 23:04:36.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_safe_highlight.html 2020-01-23 00:56:00.000000000 +0100 @@ -1,5 +1,5 @@ -<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span> - <span class="k">print</span> <span class="s2">"hi"</span> +<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span> + <span class="nb">print</span> <span class="s2">"hi"</span> </code></pre></div> <p>That's using the <em>fenced-code-blocks</em> extra with Python diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_syntax_highlighting.html new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_syntax_highlighting.html --- old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_syntax_highlighting.html 2018-09-30 23:04:36.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_syntax_highlighting.html 2020-01-23 00:56:00.000000000 +0100 @@ -1,5 +1,5 @@ -<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="bp">True</span><span class="p">:</span> - <span class="k">print</span> <span class="s2">"hi"</span> +<div class="codehilite"><pre><span></span><code><span class="k">if</span> <span class="kc">True</span><span class="p">:</span> + <span class="nb">print</span> <span class="s2">"hi"</span> </code></pre></div> <p>That's using the <em>fenced-code-blocks</em> extra with Python diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_syntax_indentation.html new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_syntax_indentation.html --- old/markdown2-2.3.8/test/tm-cases/fenced_code_blocks_syntax_indentation.html 2018-09-30 23:04:36.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/fenced_code_blocks_syntax_indentation.html 2020-01-23 00:56:00.000000000 +0100 @@ -1,5 +1,5 @@ <div class="codehilite"><pre><span></span><code><span class="k">def</span> <span class="nf">foo</span><span class="p">():</span> - <span class="k">print</span> <span class="s2">"foo"</span> + <span class="nb">print</span> <span class="s2">"foo"</span> - <span class="k">print</span> <span class="s2">"bar"</span> + <span class="nb">print</span> <span class="s2">"bar"</span> </code></pre></div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/html_classes.html new/markdown2-2.3.9/test/tm-cases/html_classes.html --- old/markdown2-2.3.8/test/tm-cases/html_classes.html 2019-05-09 00:01:50.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/html_classes.html 2019-11-25 03:18:43.000000000 +0100 @@ -18,12 +18,30 @@ </table> <table class="table table-striped"> -<tbody> -<tr><td><em>Year</em></td><td><em>Temperature (low)</em></td><td><em>Temperature (high)</em></td></tr> -<tr><td>1900</td><td>-10</td><td>25</td></tr> -<tr><td>1910</td><td>-15</td><td>30</td></tr> -<tr><td>1920</td><td>-10</td><td>32</td></tr> -</tbody> + <thead> + <tr> + <th>Year</th> + <th>Temperature (low)</th> + <th>Temperature (high)</th> + </tr> + </thead> + <tbody> + <tr> + <td>1900</td> + <td>-10</td> + <td>25</td> + </tr> + <tr> + <td>1910</td> + <td>-15</td> + <td>30</td> + </tr> + <tr> + <td>1920</td> + <td>-10</td> + <td>32</td> + </tr> + </tbody> </table> <p class="col-xs-3 custom-paragraph-class">For example:</p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/html_classes.text new/markdown2-2.3.9/test/tm-cases/html_classes.text --- old/markdown2-2.3.8/test/tm-cases/html_classes.text 2014-12-22 06:29:36.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/html_classes.text 2019-11-25 03:18:43.000000000 +0100 @@ -3,7 +3,7 @@ | `Cell 1` | [Cell 2](http://example.com) link | | Cell 3 | **Cell 4** | -|| *Year* || *Temperature (low)* || *Temperature (high)* || +||~ Year ||~ Temperature (low) ||~ Temperature (high) || || 1900 || -10 || 25 || || 1910 || -15 || 30 || || 1920 || -10 || 32 || diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue341_xss.html new/markdown2-2.3.9/test/tm-cases/issue341_xss.html --- old/markdown2-2.3.8/test/tm-cases/issue341_xss.html 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue341_xss.html 2020-05-11 23:24:03.000000000 +0200 @@ -0,0 +1,5 @@ +<p>Example 1: +<ftp:<a href="#">[HTML_REMOVED]alert(1);//</a>><ftp:<a href="#">[HTML_REMOVED]</a>></p> + +<p>Example 2: +<http://g<!s://q?<!-<<a href="http://g">[HTML_REMOVED]alert(1);/*</a>->a><http://g<!s://g.c?<!-<<a href="http://g">a\\*/[HTML_REMOVED]alert(1);/*</a>->a></p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue341_xss.opts new/markdown2-2.3.9/test/tm-cases/issue341_xss.opts --- old/markdown2-2.3.8/test/tm-cases/issue341_xss.opts 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue341_xss.opts 2020-05-11 23:24:03.000000000 +0200 @@ -0,0 +1 @@ +{"safe_mode": "replace"} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue341_xss.text new/markdown2-2.3.9/test/tm-cases/issue341_xss.text --- old/markdown2-2.3.8/test/tm-cases/issue341_xss.text 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue341_xss.text 2020-05-11 23:24:03.000000000 +0200 @@ -0,0 +1,5 @@ +Example 1: +<ftp:[<script>alert(1);//]()><ftp:[</script>]()> + +Example 2: +<http://g<!s://q?<!-<[<script>alert(1);/\*](http://g)->a><http://g<!s://g.c?<!-<[a\\*/</script>alert(1);/*](http://g)->a> \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.html new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.html --- old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.html 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.html 2020-05-04 18:54:15.000000000 +0200 @@ -0,0 +1 @@ +<p><lol@/ //id="pwn"//onclick="alert(1)"//<strong>abc</strong></p> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.opts new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.opts --- old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.opts 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.opts 2020-05-04 18:54:15.000000000 +0200 @@ -0,0 +1 @@ +{"safe_mode": "escape"} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.text new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.text --- old/markdown2-2.3.8/test/tm-cases/issue348_incomplete_tag.text 1970-01-01 01:00:00.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/issue348_incomplete_tag.text 2020-05-04 18:54:15.000000000 +0200 @@ -0,0 +1 @@ +<lol@/ //id="pwn"//onclick="alert(1)"//**abc** diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/issue3_bad_code_color_hack.html new/markdown2-2.3.9/test/tm-cases/issue3_bad_code_color_hack.html --- old/markdown2-2.3.8/test/tm-cases/issue3_bad_code_color_hack.html 2018-09-30 23:04:36.000000000 +0200 +++ new/markdown2-2.3.9/test/tm-cases/issue3_bad_code_color_hack.html 2020-01-23 00:56:00.000000000 +0100 @@ -7,6 +7,6 @@ <p>Some python code:</p> <div class="codehilite"><pre><span></span><code><span class="c1"># комментарий</span> -<span class="k">if</span> <span class="bp">True</span><span class="p">:</span> - <span class="k">print</span> <span class="s2">"hi"</span> +<span class="k">if</span> <span class="kc">True</span><span class="p">:</span> + <span class="nb">print</span> <span class="s2">"hi"</span> </code></pre></div> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/wiki_tables.html new/markdown2-2.3.9/test/tm-cases/wiki_tables.html --- old/markdown2-2.3.8/test/tm-cases/wiki_tables.html 2013-11-12 18:07:14.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/wiki_tables.html 2019-11-25 03:18:43.000000000 +0100 @@ -1,28 +1,123 @@ <table> -<tbody> -<tr><td><em>Year</em></td><td><em>Temperature (low)</em></td><td><em>Temperature (high)</em></td></tr> -<tr><td>1900</td><td>-10</td><td>25</td></tr> -<tr><td>1910</td><td>-15</td><td>30</td></tr> -<tr><td>1920</td><td>-10</td><td>32</td></tr> -</tbody> + <tbody> + <tr> + <td><em>Year</em></td> + <td><em>Temperature (low)</em></td> + <td><em>Temperature (high)</em></td> + </tr> + <tr> + <td>1900</td> + <td>-10</td> + <td>25</td> + </tr> + <tr> + <td>1910</td> + <td>-15</td> + <td>30</td> + </tr> + <tr> + <td>1920</td> + <td>-10</td> + <td>32</td> + </tr> + </tbody> +</table> + +<h1>With header row</h1> + +<table> + <thead> + <tr> + <th>Name</th> + <th>Class</th> + <th>Race</th> + <th>Level</th> + </tr> + </thead> + <tbody> + <tr> + <td>Vlad</td> + <td>Barbarian</td> + <td>Dragonborn</td> + <td>12</td> + </tr> + <tr> + <td>Jimbo</td> + <td>Rogue</td> + <td>Halfling</td> + <td>13</td> + </tr> + </tbody> +</table> + +<h1>With only header row</h1> + +<table> + <thead> + <tr> + <th>Name</th> + <th>Class</th> + <th>Race</th> + <th>Level</th> + </tr> + </thead> +</table> + +<h1>With header row, alternate spacing</h1> + +<table> + <thead> + <tr> + <th>Name</th> + <th>Class</th> + <th>Race</th> + <th>Level</th> + </tr> + </thead> + <tbody> + <tr> + <td>Vlad</td> + <td>Barbarian</td> + <td>Dragonborn</td> + <td>12</td> + </tr> + <tr> + <td>Jimbo</td> + <td>Rogue</td> + <td>Halfling</td> + <td>13</td> + </tr> + </tbody> </table> <h1>just one line</h1> <table> -<tbody> -<tr><td>foo</td><td>bar</td><td>baz</td></tr> -</tbody> + <tbody> + <tr> + <td>foo</td> + <td>bar</td> + <td>baz</td> + </tr> + </tbody> </table> <h1>blockquote</h1> <blockquote> <table> - <tbody> - <tr><td>grinch</td><td>stole</td><td>xmas</td></tr> - <tr><td>green</td><td><strong>eggs</strong></td><td>ham</td></tr> - </tbody> + <tbody> + <tr> + <td>grinch</td> + <td>stole</td> + <td>xmas</td> + </tr> + <tr> + <td>green</td> + <td><strong>eggs</strong></td> + <td>ham</td> + </tr> + </tbody> </table> <p>-- Dr. Seuss</p> @@ -31,7 +126,10 @@ <h1>end of file</h1> <table> -<tbody> -<tr><td>ResourceNotFound</td><td>If :login does not exist</td></tr> -</tbody> + <tbody> + <tr> + <td>ResourceNotFound</td> + <td>If :login does not exist</td> + </tr> + </tbody> </table> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/wiki_tables.tags new/markdown2-2.3.9/test/tm-cases/wiki_tables.tags --- old/markdown2-2.3.8/test/tm-cases/wiki_tables.tags 2013-11-12 18:07:14.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/wiki_tables.tags 2019-11-25 03:18:43.000000000 +0100 @@ -1 +1 @@ -extra wiki-tables issue66 +extra wiki-tables diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/markdown2-2.3.8/test/tm-cases/wiki_tables.text new/markdown2-2.3.9/test/tm-cases/wiki_tables.text --- old/markdown2-2.3.8/test/tm-cases/wiki_tables.text 2013-11-12 18:07:14.000000000 +0100 +++ new/markdown2-2.3.9/test/tm-cases/wiki_tables.text 2019-11-25 03:18:43.000000000 +0100 @@ -3,6 +3,21 @@ || 1910 || -15 || 30 || || 1920 || -10 || 32 || +# With header row + +||~ Name ||~ Class ||~ Race ||~ Level || +|| Vlad || Barbarian || Dragonborn || 12 || +|| Jimbo || Rogue || Halfling || 13 || + +# With only header row + +||~ Name ||~ Class ||~ Race ||~ Level || + +# With header row, alternate spacing + +|| ~Name || ~Class || ~Race || ~Level || +|| Vlad || Barbarian || Dragonborn || 12 || +|| Jimbo || Rogue || Halfling || 13 || # just one line