ruby3.4-rubygem-loofah-2.23.1-slfo.1.1.1 RPM for ppc64le

From OpenSuSE Leap 16.0 for ppc64le

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments.
It's built on top of Nokogiri and libxml2, so it's fast and has a nice API.

Loofah excels at HTML sanitization (XSS prevention). It includes some nice HTML sanitizers,
which are based on HTML5lib's whitelist, so it most likely won't make your codes less secure.

Provides

• ruby3.4-rubygem-loofah
• ruby3.4-rubygem-loofah(ppc-64)
• rubygem(loofah)
• rubygem(ruby:3.4.0:loofah)
• rubygem(ruby:3.4.0:loofah:2)
• rubygem(ruby:3.4.0:loofah:2.23)
• rubygem(ruby:3.4.0:loofah:2.23.1)

Requires

• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• ruby(abi) = 3.4.0
• rubygem(ruby:3.4.0:crass:1.0) >= 1.0.2
• rubygem(ruby:3.4.0:nokogiri) >= 1.12.0

License

MIT

Changelog

* Mon Nov 04 2024 [email protected]
  - ## 2.23.1 / 2024-10-25
    [#]## Added
    * Allow CSS properties `min-height` and `max-height`. [#288] @lazyatom
    [#]# 2.23.0 / 2024-10-24
    [#]## Added
    * Allow CSS property `min-width`. [#287] @lazyatom
* Tue Nov 14 2023 [email protected]
  - ## 2.22.0 / 2023-11-13
    [#]## Added
    * A `:targetblank` HTML scrubber which ensures all hyperlinks have `target="_blank"`. [#275] @stefannibrasil and @thdaraujo
    * A `:noreferrer` HTML scrubber which ensures all hyperlinks have `rel=noreferrer`, similar to the `:nofollow` and `:noopener` scrubbers. [#277] @wynksaiddestroy
* Fri Nov 03 2023 [email protected]
  - ## 2.21.4 / 2023-10-10
    [#]## Fixed
    * `Loofah::HTML5::Scrub.scrub_css` is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, `.scrub_css` no longer inserts whitespace between tokens that did not already have whitespace between them. [[#273](https://github.com/flavorjones/loofah/issues/273), fixes [#271](https://github.com/flavorjones/loofah/issues/271)]
    [#]# 2.21.3 / 2023-05-15
    [#]## Fixed
    * Quash "instance variable not initialized" warning in Ruby < 3.0. [[#268](https://github.com/flavorjones/loofah/issues/268)] (Thanks, [@dharamgollapudi](https://github.com/dharamgollapudi)!)
    [#]# 2.21.2 / 2023-05-11
    [#]## Dependencies
    * Update the dependency on Nokogiri to be `>= 1.12.0`. The dependency in 2.21.0 and 2.21.1 was left at `>= 1.5.9` but versions before 1.12 would result in a `NameError` exception. [[#266](https://github.com/flavorjones/loofah/issues/266)]
    [#]# 2.21.1 / 2023-05-10
    [#]## Fixed
    * Don't define `HTML5::Document` and `HTML5::DocumentFragment` when Nokogiri is `< 1.14`. In 2.21.0 these classes were defined whenever `Nokogiri::HTML5` was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly.
    [#]# 2.21.0 / 2023-05-10
    [#]## HTML5 Support
    Classes `Loofah::HTML5::Document` and `Loofah::HTML5::DocumentFragment` are introduced, along with helper methods:
  - `Loofah.html5_document`
  - `Loofah.html5_fragment`
  - `Loofah.scrub_html5_document`
  - `Loofah.scrub_html5_fragment`
    These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used.
    ⚠ HTML5 functionality is only available with Nokogiri v1.14.0 and higher.
    ⚠ HTML5 functionality is not available for JRuby. Please see [this upstream Nokogiri issue](https://github.com/sparklemotion/nokogiri/issues/2227) if you're interested in helping implement and support HTML5 support.
    [#]## `Loofah::HTML4` module and namespace
    `Loofah::HTML` has been renamed to `Loofah::HTML4`, and `Loofah::HTML` is aliased to preserve backwards-compatibility. `Nokogiri::HTML` and `Nokogiri::HTML4` parse methods still use libxml2's (or NekoHTML's) HTML4 parser.
    Take special note that if you rely on the class name of an object in your code, objects will now report a class of `Loofah::HTML4::Foo` where they previously reported `Loofah::HTML::Foo`. Instead of relying on the string returned by `Object#class`, prefer `Class#===` or `Object#is_a?` or `Object#instance_of?`.
    Future releases of Nokogiri may deprecate `HTML` classes and methods or otherwise change this behavior, so please start using `HTML4` in place of `HTML`.
    [#]## Official support for JRuby
    This version introduces official support for JRuby. Previously, the test suite had never been green due to differences in behavior in the underlying HTML parser used by Nokogiri. We've updated the test suite to accommodate those differences, and have added JRuby to the CI suite.
    [#]# 2.20.0 / 2023-04-01
    [#]## Features
    * Allow SVG attributes `color-profile`, `cursor`, `filter`, `marker`, and `mask`. [[#246](https://github.com/flavorjones/loofah/issues/246)]
    * Allow SVG elements `altGlyph`, `cursor`, `feImage`, `pattern`, and `tref`. [[#246](https://github.com/flavorjones/loofah/issues/246)]
    * Allow protocols `fax` and `modem`. [[#255](https://github.com/flavorjones/loofah/issues/255)] (Thanks, [@cjba7](https://github.com/cjba7)!)
* Mon Mar 06 2023 [email protected]
  - udpated to version 2.19.1
      [#]# 2.19.1 / 2022-12-13
      [#]## SecurityAddress
    * Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information.
    * Address CVE-2022-23515, improper neutralization of data URIs. See GHSA-228g-948r-83gx for more information.
    * Address CVE-2022-23516, uncontrolled recursion. See GHSA-3x8r-x6xp-q4vm for more information.
* Mon Oct 10 2022 [email protected]
  updated to version 2.19.0
    see installed CHANGELOG.md
    [#]# 2.19.0 / 2022-09-14
    [#]## Features
    * Allow SVG 1.0 color keyword names in CSS attributes. These colors are part of the [CSS Color Module Level 3](https://www.w3.org/TR/css-color-3/#svg-color) recommendation released 2022-01-18. [[#243](https://github.com/flavorjones/loofah/issues/243)]
* Sun May 15 2022 [email protected]
  - updated to version 2.18.0
    [#]## Features
    * Allow CSS property `aspect-ratio`. [[#236](https://github.com/flavorjones/loofah/issues/236)] (Thanks, [@louim](https://github.com/louim)!)
    [#]# 2.17.0 / 2022-04-28
    [#]## Features
    * Allow ARIA attributes. [[#232](https://github.com/flavorjones/loofah/issues/232), [#233](https://github.com/flavorjones/loofah/issues/233)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!)
* Thu Apr 28 2022 [email protected]
  updated to version 2.16.0
    see installed CHANGELOG.md
    [#]# 2.16.0 / 2022-04-01
    [#]## Features
    * Allow MathML elements `menclose` and `ms`, and MathML attributes `dir`, `href`, `lquote`, `mathsize`, `notation`, and `rquote`. [[#231](https://github.com/flavorjones/loofah/issues/231)] (Thanks, [@nick-desteffen](https://github.com/nick-desteffen)!)
    [#]# 2.15.0 / 2022-03-14
    [#]## Features
    * Expand set of allowed protocols to include `sms:`. [[#228](https://github.com/flavorjones/loofah/issues/228)] (Thanks, [@brendon](https://github.com/brendon)!)
* Thu Mar 03 2022 [email protected]
  updated to version 2.14.0
    see installed CHANGELOG.md
    [#]# 2.14.0 / 2022-02-11
    [#]## Features
    * The `#to_text` method on `Loofah::HTML::{Document,DocumentFragment}` replaces `<br>` line break elements with a newline. [[#225](https://github.com/flavorjones/loofah/issues/225)]
* Fri Dec 24 2021 [email protected]
  - updated to version 2.13.0
    [#]## Bug fixes
    * Loofah::HTML::DocumentFragment#text no longer serializes top-level comment children. [[#221](https://github.com/flavorjones/loofah/issues/221)]
* Wed Aug 25 2021 [email protected]
  - updated to version 2.12.0
    [#]# 2.12.0 / 2021-08-11
    [#]## Features
    * Support empty HTML5 data attributes. [[#215](https://github.com/flavorjones/loofah/issues/215)]
    [#]# 2.11.0 / 2021-07-31
    [#]## Features
    * Allow HTML5 element `wbr`.
    * Allow all CSS property values for `border-collapse`. [[#201](https://github.com/flavorjones/loofah/issues/201)]
    [#]## Changes
    * Deprecating `Loofah::HTML5::SafeList::VOID_ELEMENTS` which is not a canonical list of void HTML4 or HTML5 elements.
    * Removed some elements from `Loofah::HTML5::SafeList::VOID_ELEMENTS` that either are not acceptable elements or aren't considered "void" by libxml2.
* Thu Jun 24 2021 [email protected]
  updated to version 2.10.0
    see installed CHANGELOG.md
    [#]# 2.10.0 / 2021-06-06
    [#]## Features
    * Allow CSS properties `overflow-x` and `overflow-y`. [[#206](https://github.com/flavorjones/loofah/issues/206)] (Thanks, [@sampokuokkanen](https://github.com/sampokuokkanen)!)
* Tue Apr 20 2021 [email protected]
  - updated to version 2.9.1
    [#]## Bug fixes
    * Fix a regression in v2.9.0 which inappropriately removed CSS properties
      with quoted string values. [[#202](https://github.com/flavorjones/loofah/issues/202)]
* Wed Jan 20 2021 [email protected]
  - updated to version 2.9.0
    * Handle CSS functions in a CSS shorthand property (like `background`). [[#199](https://github.com/flavorjones/loofah/issues/199),
      [#200](https://github.com/flavorjones/loofah/issues/200)]
* Fri Dec 11 2020 [email protected]
  - updated to version 2.8.0
    * Allow CSS properties `order`, `flex-direction`, `flex-grow`, `flex-wrap`, `flex-shrink`, `flex-flow`,
    `flex-basis`, `flex`, `justify-content`, `align-self`, `align-items`, and `align-content`.
    [[#197](https://github.com/flavorjones/loofah/issues/197)] (Thanks, [@miguelperez](https://github.com/miguelperez)!)
* Sat Sep 12 2020 [email protected]
  - updated to version 2.7.0
    [#]## Features
    * Allow CSS properties `page-break-before`, `page-break-inside`, and
      `page-break-after`. [[#190](https://github.com/flavorjones/loofah/issues/190)]
      (Thanks, [@ahorek](https://github.com/ahorek)!)
    [#]## Fixes
    * Don't drop the `!important` rule from some CSS properties.
      [[#191](https://github.com/flavorjones/loofah/issues/191)]
      (Thanks, [@b7kich](https://github.com/b7kich)!)
* Thu Jun 25 2020 [email protected]
  - updated to version 2.6.0
    * Allow CSS border-style keywords. [#188] (Thanks, @tarcisiozf!)
* Mon Apr 27 2020 [email protected]
  - updated to version 2.5.0
    [#]## Features
    * Allow more CSS length units: "ch", "vw", "vh", "Q", "lh", "vmin", "vmax". [#178] (Thanks, @JuanitoFatas!)
    [#]## Fixes
    * Remove comments from `Loofah::HTML::Document`s that exist outside the `html` element. [#80]
    [#]## Other changes
    * Gem metadata being set [#181] (Thanks, @JuanitoFatas!)
    * Test files removed from gem file [#180,#166,#159] (Thanks, @JuanitoFatas and @greysteil!)
* Thu Nov 28 2019 [email protected]
  - updated to version 2.4.0
    [#]## Features
    * Allow CSS property `max-width` [#175] (Thanks, @bchaney!)
    * Allow CSS sizes expressed in `rem` [#176, #177]
    * Add `frozen_string_literal: true` magic comment to all `lib` files. [#118]
* Tue Nov 12 2019 [email protected]
  - updated to version 2.3.1
    Address CVE-2019-15587: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
    This CVE's public notice is at #171
* Tue Nov 06 2018 [email protected]
  - updated to version 2.2.3
    [#]## Security (bsc#1113969, CVE-2018-16468)
    Address CVE-2018-16468: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
    This CVE's public notice is at https://github.com/flavorjones/loofah/issues/154
    [#]# Meta / 2018-10-27
    The mailing list is now on Google Groups [#146](https://github.com/flavorjones/loofah/issues/146):
    * Mail: [email protected]
    * Archive: https://groups.google.com/forum/#!forum/loofah-talk
    This change was made because librelist no longer appears to be maintained.
* Fri Mar 23 2018 [email protected]
  - update to version 2.2.2
    * Make public Loofah::HTML5::Scrub.force_correct_attribute_escaping!, which was previously a private method.
      This is so that downstream gems (like rails-html-sanitizer) can use this logic directly for their own attribute scrubbers should they need to address CVE-2018-8048.
    fix bsc#1086598
* Tue Mar 20 2018 [email protected]
  - Update to version 2.2.1
    Fix XSS Vulnerability [CVE-2018-8048]
    fix bsc#1085967
* Thu Feb 15 2018 [email protected]
  - also set a description again
* Mon Feb 12 2018 [email protected]
  - Update to version 2.2.0
    Features:
    * Support HTML5 <main> tag. #133 (Thanks, @MothOnMars!)
    * Recognize HTML5 block elements. #136 (Thanks, @MothOnMars!)
    * Support SVG <symbol> tag. #131 (Thanks, @baopham!)
    * Support for whitelisting CSS functions, initially just calc and rgb. #122/#123/#129 (Thanks, @NikoRoberts!)
    * Whitelist CSS property list-style-type. #68/#137/#142 (Thanks, @andela-ysanni and @NikoRoberts!)
    Bugfixes:
    * Properly handle nested script tags. #127.
* Fri Oct 13 2017 [email protected]
  - updated to version 2.1.1
    2.1.1 / 2017-09-24
    Bugfixes:
    * Removed warning for unused variable. #124 (Thanks, @y-yagi!)
* Tue Aug 18 2015 [email protected]
  - updated to version 2.0.3
    see installed CHANGELOG.rdoc
    == 2.0.3 / 2015-08-17
    Bug fixes:
    * Revert support for negative values in CSS properties due to slow performance. #90 (Related to #85.)
* Wed May 06 2015 [email protected]
  - updated to version 2.0.2
    see installed CHANGELOG.rdoc
    == 2.0.2 / 2015-05-05
    Bug fixes:
    * Fix error with `#to_text` when Loofah::Helpers hadn't been required. #75
    * Allow multi-word data attributes. #84 (Thanks, @jstorimer!)
    * Allow negative values in CSS properties. #85 (Thanks, @siddhartham!)
* Wed Nov 12 2014 [email protected]
  - updated to version 2.0.1
    Bug fixes:
    * Load RR correctly when running test files directly. (Thanks, @ktdreyer!)
    Notes:
    * Extracted HTML5::Scrub#scrub_css_attribute to accommodate the Rails integration work. (Thanks, @kaspth!)
* Mon Oct 13 2014 [email protected]
  - adapt to new rubygem packaging
* Sun May 18 2014 [email protected]
  - updated to version 2.0.0
    Compatibility notes:
    * ActionView helpers now must be required explicitly: `require "loofah/helpers"`
    * Support for Ruby 1.8.7 and prior has been dropped
    Enhancements:
    * HTML5 whitelist allows the following ...
    * tags: `article`, `aside`, `bdi`, `bdo`, `canvas`, `command`, `datalist`, `details`, `figcaption`, `figure`, `footer`, `header`, `mark`, `meter`, `nav`, `output`, `section`, `summary`, `time`
    * attributes: `data-*` (Thanks, Rafael Franca!)
    * URI attributes: `poster` and `preload`
    * Addition of the `:unprintable` scrubber to remove unprintable characters from text nodes. #65 (Thanks, Matt Swanson!)
    * `Loofah.fragment` accepts an optional encoding argument, compatible with `Nokogiri::HTML::DocumentFragment.parse`. #62 (Thanks, Ben Atkins!)
    * HTML5 sanitizers now remove attributes without values. (Thanks, Kasper Timm Hansen!)
    Bug fixes:
    * HTML5 sanitizers' CSS keyword check now actually works (broken in v2.0). Additional regression tests added. (Thanks, Kasper Timm Hansen!)
    * HTML5 sanitizers now allow negative arguments to CSS. #64 (Thanks, Jon Calhoun!)
* Mon Jul 30 2012 [email protected]
  - update to 1.2.1
    * Declaring encoding in html5/scrub.rb. Without this, use of the
      ruby -KU option would cause havoc. (#32)
* Thu Aug 25 2011 [email protected]
  - add 'Provides rubygem-loofah-1_2'
* Wed Aug 24 2011 [email protected]
  - upgrade to 1.2.0
* Thu Jul 21 2011 [email protected]
  - Upgrade to version 1.0.0
  - Add provides loofah_1_0 required to build latest version of
    rubygem-feedzirra.
* Fri Jun 11 2010 [email protected]
  - additional changes from version 0.4.7
    * New methods Loofah::HTML::Document#to_text and
      Loofah::HTML::DocumentFragment#to_text do the right thing with
      whitespace. Note that these methods are significantly slower
      than #text. GH #12
    * Loofah::Elements::BLOCK_LEVEL contains a canonical list of
      HTML4 block-level4 elements.
    * Loofah::HTML::Document#text and
      Loofah::HTML::DocumentFragment#text will return unescaped HTML
      entities by passing :encode_special_chars => false.
  - additional changes from version 0.4.4, 0.4.5, 0.4.6
    * Loofah::HTML::Document#text and
      Loofah::HTML::DocumentFragment#text now escape HTML entities.
    * Loofah::XssFoliate was not properly escaping HTML entities when
      implicitly scrubbing a string attribute. GH #17
  - additional changes from version 0.4.3
    * All built-in scrubbers are accepted by
      ActiveRecord::Base.xss_foliate
    * Loofah::XssFoliate.xss_foliate_all_models replaces use of the
      constant LOOFAH_XSS_FOLIATE_ALL_MODELS
    * Modified documentation for bootstrapping XssFoliate in a Rails
      app, since the use of Bundler breaks the previously-documented
      method. To be safe, always use an initializer file.
  - additional changes from version 0.4.2
    * Implemented Node#scrub! for scrubbing subtrees.
    * Implemented NodeSet#scrub! for scrubbing a set of subtrees.
    * Document.text now only serializes <body> contents
      (ignores <head>)
    * <head>, <html> and <body> added to the HTML5lib whitelist.
    * Supporting Rails apps that aren't loading ActiveRecord. GH #10
* Fri Jun 11 2010 [email protected]
  - use rubygems_requires macro
* Thu Jan 07 2010 [email protected]
  - created package

Files

/usr/lib64/ruby/gems/3.4.0/build_info
/usr/lib64/ruby/gems/3.4.0/cache/loofah-2.23.1.gem
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/CHANGELOG.md
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/MIT-LICENSE.txt
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/README.md
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/SECURITY.md
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/concerns.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/elements.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/helpers.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html4
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html4/document.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html4/document_fragment.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5/document.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5/document_fragment.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5/libxml2_workarounds.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5/safelist.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/html5/scrub.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/metahelpers.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/scrubber.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/scrubbers.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/version.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/xml
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/xml/document.rb
/usr/lib64/ruby/gems/3.4.0/gems/loofah-2.23.1/lib/loofah/xml/document_fragment.rb
/usr/lib64/ruby/gems/3.4.0/specifications/loofah-2.23.1.gemspec
/usr/share/doc/packages/ruby3.4-rubygem-loofah
/usr/share/doc/packages/ruby3.4-rubygem-loofah/CHANGELOG.md
/usr/share/doc/packages/ruby3.4-rubygem-loofah/MIT-LICENSE.txt
/usr/share/doc/packages/ruby3.4-rubygem-loofah/README.md

Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Feb 21 23:56:40 2025