Overview Repositories Revisions Requests Users Attributes Meta

Revisions of python-lxml

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 955744 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 89) 
- update to 4.8.0:
  * GH#337: Path-like objects are now supported throughout the API instead of
    just strings.
  * The ``ElementMaker`` now supports ``QName`` values as tags, which always
    override the default namespace of the factory.
  * GH#338: In lxml.objectify, the XSI float annotation "nan" and "inf" were spelled in
    lower case, whereas XML Schema datatypes define them as "NaN" and "INF" respectively.
  * Built with Cython 0.29.28.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 945448 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 88) 
- update to 4.7.1:
  * Chunked Unicode string parsing via ``parser.feed()`` now encodes the input data
    to the native UTF-8 encoding directly, instead of going through ``Py_UNICODE`` /
    ``wchar_t`` encoding first, which previously required duplicate recoding in most cases.
  * The standard namespace prefixes were mishandled during "C14N2" serialisation on Python 3.
  * ``lxml.objectify`` previously accepted non-XML numbers with underscores (like "1_000")
    as integers or float values in Python 3.6 and later. It now adheres to the number
    format of the XML spec again.
  * LP#1939031: Static wheels of lxml now contain the header files of zlib and libiconv
    (in addition to the already provided headers of libxml2/libxslt/libexslt).
  * Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 943802 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 87) 
- update to 4.6.5 (bsc#1193752, CVE-2021-43818):
  * A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
    content through SVG images.
  * A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
    content through CSS imports and other crafted constructs.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 935074 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 86) 
Automatic submission by obs-autosubmit
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 898540 from Factory Maintainer's avatar Factory Maintainer (factory-maintainer) (revision 85) 
Automatic submission by obs-autosubmit
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 883115 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 83) 
- update to 4.6.3:
  * A vulnerability (CVE-2021-28957) was discovered in the HTML Cleaner by Kevin Chung,
    which allowed JavaScript to pass through.  The cleaner now removes the HTML5
    ``formaction`` attribute.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 866353 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 82) 
- update to 4.6.2:
* A vulnerability (CVE-2020-27783) was discovered in the HTML Cleaner by Yaniv Nizry,
  which allowed JavaScript to pass through.  The cleaner now removes more sneaky
  "style" content.
* A vulnerability was discovered in the HTML Cleaner by Yaniv Nizry, which allowed
  JavaScript to pass through.  The cleaner now removes more sneaky "style" content.
* GH#310: ``lxml.html.InputGetter`` supports ``__len__()`` to count the number of input fields.
  Patch by Aidan Woolley.
* ``lxml.html.InputGetter`` has a new ``.items()`` method to ease processing all input fields.
* ``lxml.html.InputGetter.keys()`` now returns the field names in document order.
* GH-309: The API documentation is now generated using ``sphinx-apidoc``.
* LP#1869455: C14N 2.0 serialisation failed for unprefixed attributes
  when a default namespace was defined.
* ``TreeBuilder.close()`` raised ``AssertionError`` in some error cases where it
  should have raised ``XMLSyntaxError``.  It now raises a combined exception to
  keep up backwards compatibility, while switching to ``XMLSyntaxError`` as an
  interface.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 821439 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 81) 
- update to 4.5.2:
  * ``Cleaner()`` now validates that only known configuration options can be set.
  * LP#1882606: ``Cleaner.clean_html()`` discarded comments and PIs regardless of the
    corresponding configuration option, if ``remove_unknown_tags`` was set.
  * LP#1880251: Instead of globally overwriting the document loader in libxml2, lxml now
    sets it per parser run, which improves the interoperability with other users of libxml2
    such as libxmlsec.
  * LP#1881960: Fix build in CPython 3.10 by using Cython 0.29.21.
  * The setup options "--with-xml2-config" and "--with-xslt-config" were accidentally renamed
    to "--xml2-config" and "--xslt-config" in 4.5.1 and are now available again.
Yuchen Lin's avatar Yuchen Lin (maxlin_factory) accepted request 803766 from Matej Cepl's avatar Matej Cepl (mcepl) (revision 79) 
- Remove explicit Provides of python-doc, which is just wrong.

Send to Staging:E.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 781843 from Ondřej Súkup's avatar Ondřej Súkup (mimi_vx) (revision 78) 
- update to 4.5.0
 * A new function indent() was added to insert tail whitespace
    for pretty-printing an XML tree.
 * LP#1857794 Tail text of nodes that get removed from a document
     using item deletion disappeared silently instead of sticking with the node
     that was removed.
 * LP#1840234: The package version number is now available as lxml.__version__
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 730139 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 75) 
- Update to 4.4.1:
  * LP#1838252: The order of an OrderedDict was lost in 4.4.0 when passing it as attrib mapping during element creation.
  * LP#1838521: The package metadata now lists the supported Python versions.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 691801 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 71) 
- Update to 4.3.3:
  * Fix leak of output buffer and unclosed files in ``_XSLTResultTree.write_output()``.
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 681724 from Tomáš Chvátal's avatar Tomáš Chvátal (scarabeus_iv) (revision 70) 
- Update to 4.3.2:
  * Crash in 4.3.1 when appending a child subtree with certain text nodes.

- Update to v4.3.1
  * Fixed crash when appending a child subtree that contains unsubstituted
    entity references
- from v4.3.0
  * Features
    + The module ``lxml.sax`` is compiled using Cython in order to speed it up.
    + lxml.sax.ElementTreeProducer now preserves the namespace prefixes.
      If two prefixes point to the same URI, the first prefix in alphabetical
      order is used.
    + Updated ISO-Schematron implementation to 2013 version (now MIT licensed)
      and the corresponding schema to the 2016 version (with optional "properties").
  * Other
    + Support for Python 2.6 and 3.3 was removed.
    + The minimum dependency versions were raised to libxml2 2.9.2 and libxslt 1.1.27,
      which were released in 2014 and 2012 respectively.
- from v4.2.6
  * Fix a DeprecationWarning in Py3.7+.
  * Import warnings in Python 3.6+ were resolved.
- Remove no longer needed
  0001-Make-test-more-resilient-against-changes-in-latest-l.patch
Displaying revisions 21 - 40 of 109
openSUSE Build Service is sponsored by
Places