head	1.13;
access;
symbols
	pkgsrc-2026Q1:1.13.0.2
	pkgsrc-2026Q1-base:1.13
	pkgsrc-2025Q4:1.12.0.2
	pkgsrc-2025Q4-base:1.12
	pkgsrc-2025Q3:1.10.0.2
	pkgsrc-2025Q3-base:1.10
	pkgsrc-2025Q2:1.9.0.2
	pkgsrc-2025Q2-base:1.9
	pkgsrc-2025Q1:1.8.0.4
	pkgsrc-2025Q1-base:1.8
	pkgsrc-2024Q4:1.8.0.2
	pkgsrc-2024Q4-base:1.8
	pkgsrc-2024Q3:1.4.0.2
	pkgsrc-2024Q3-base:1.4
	pkgsrc-2024Q2:1.1.0.2
	pkgsrc-2024Q2-base:1.1;
locks; strict;
comment	@# @;


1.13
date	2026.03.01.08.29.31;	author adam;	state Exp;
branches;
next	1.12;
commitid	qcp3GESKXh1nsfwG;

1.12
date	2025.10.09.07.58.00;	author wiz;	state Exp;
branches;
next	1.11;
commitid	t4nMY0Dt3rBjSRdG;

1.11
date	2025.10.03.05.45.35;	author adam;	state Exp;
branches;
next	1.10;
commitid	jJj7GVhVlx35l5dG;

1.10
date	2025.07.05.11.44.16;	author wiz;	state Exp;
branches;
next	1.9;
commitid	B2KLCDAZOmgedy1G;

1.9
date	2025.04.12.19.17.27;	author adam;	state Exp;
branches;
next	1.8;
commitid	d8vTo3tvtXWmqNQF;

1.8
date	2024.11.17.12.28.01;	author adam;	state Exp;
branches;
next	1.7;
commitid	11cOemVfBMsSQZxF;

1.7
date	2024.11.16.10.19.49;	author adam;	state Exp;
branches;
next	1.6;
commitid	j8MA6B0HWFwSaRxF;

1.6
date	2024.11.11.07.29.05;	author wiz;	state Exp;
branches;
next	1.5;
commitid	1fBDq3LwS98NncxF;

1.5
date	2024.10.14.05.13.13;	author adam;	state Exp;
branches;
next	1.4;
commitid	AHWPnYvHYmnrxAtF;

1.4
date	2024.09.07.05.39.07;	author adam;	state Exp;
branches;
next	1.3;
commitid	x3Qgy5PjqNz5SPoF;

1.3
date	2024.08.29.12.25.11;	author adam;	state Exp;
branches;
next	1.2;
commitid	aAusMVagZclkpInF;

1.2
date	2024.07.30.03.52.59;	author adam;	state Exp;
branches;
next	1.1;
commitid	khsWHsxtGRlpxOjF;

1.1
date	2024.05.27.14.39.28;	author adam;	state Exp;
branches;
next	;
commitid	em9qHZ5f8gXIaEbF;


desc
@@


1.13
log
@py-lxml-html-clean: updated to 0.4.4

0.4.4 (2026-02-26)

Bugs fixed

* Fixed a bug where Unicode escapes in CSS were not properly decoded
  before security checks. This prevents attackers from bypassing filters
  using escape sequences.
* Fixed a security issue where ``<base>`` tags could be used for URL
  hijacking attacks. The ``<base>`` tag is now automatically removed
  whenever the ``<head>`` tag is removed (via ``page_structure=True``
  or manual configuration), as ``<base>`` must be inside ``<head>``
  according to HTML specifications.
@
text
@# $NetBSD: Makefile,v 1.12 2025/10/09 07:58:00 wiz Exp $

DISTNAME=	lxml_html_clean-0.4.4
PKGNAME=	${PYPKGPREFIX}-${DISTNAME:S/_/-/g}
CATEGORIES=	textproc python
MASTER_SITES=	${MASTER_SITE_PYPI:=l/lxml-html-clean/}

MAINTAINER=	pkgsrc-users@@NetBSD.org
HOMEPAGE=	https://github.com/fedora-python/lxml_html_clean
COMMENT=	HTML cleaner from lxml project
LICENSE=	modified-bsd

TOOL_DEPENDS+=	${PYPKGPREFIX}-setuptools>=78:../../devel/py-setuptools
DEPENDS+=	${PYPKGPREFIX}-lxml-[0-9]*:../../textproc/py-lxml

PYTHON_VERSIONS_INCOMPATIBLE=	310

.include "../../lang/python/wheel.mk"
.include "../../mk/bsd.pkg.mk"
@


1.12
log
@*: remove reference to (removed) Python 3.9
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.11 2025/10/03 05:45:35 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.4.3
@


1.11
log
@py-lxml-html-clean: updated to 0.4.3

0.4.3 (2025-10-02)

Maintenance

* Tests updated to work correctly with new lxml and libxml2 releases.
* Python 3.6 and 3.7 are no longer tested.
* Improved documentation about CSS removal behavior.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.10 2025/07/05 11:44:16 wiz Exp $
d16 1
a16 1
PYTHON_VERSIONS_INCOMPATIBLE=	39 310
@


1.10
log
@*: some more recursive Python restrictions on Python 3.11+

Reported in SmartOS bulk build
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.9 2025/04/12 19:17:27 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.4.2
@


1.9
log
@py-lxml-html-clean: updated to 0.4.2

0.4.2 (2025-04-09)

Bugs fixed

* `lxml_html_clean` now correctly handles HTML input as bytes
  as it did before the 0.2.0 release.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.8 2024/11/17 12:28:01 adam Exp $
d16 2
@


1.8
log
@py-lxml-html-clean: updated to 0.4.1

0.4.1 (2024-11-15)

Bugs fixed

* Removed superfluous debug prints.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.7 2024/11/16 10:19:49 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.4.1
d13 1
a13 1
TOOL_DEPENDS+=	${PYPKGPREFIX}-setuptools>=61.0:../../devel/py-setuptools
@


1.7
log
@py-lxml-html-clean: updated to 0.4.0

0.4.0 (2024-11-12)

Bugs fixed

* The ``Cleaner()`` now scans for hidden JavaScript code embedded
  within CSS comments. In certain contexts, such as within ``<svg>`` or ``<math>`` tags,
  ``<style>`` tags may lose their intended function, allowing comments
  like ``/* foo */`` to potentially be executed by the browser.
  If a suspicious content is detected, only the comment is removed.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.6 2024/11/11 07:29:05 wiz Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.4.0
@


1.6
log
@py-*: remove unused tool dependency

py-setuptools includes the py-wheel functionality nowadays
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.5 2024/10/14 05:13:13 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.3.1
@


1.5
log
@py-lxml-html-clean: updated to 0.3.1

0.3.1 (2024-10-09)

Features added
* Do not parse URL addresses when it is not necessary.

0.3.0 (2024-10-09)

Features added
* Parsing of URL addresses has been enhanced and Cleaner removes ambiguous URLs.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.4 2024/09/07 05:39:07 adam Exp $
a13 1
TOOL_DEPENDS+=	${PYPKGPREFIX}-wheel-[0-9]*:../../devel/py-wheel
@


1.4
log
@py-lxml-html-clean: updated to 0.2.2

0.2.2 (2024-08-30)

Bugs fixed
* sdist now includes all test files and changelog.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.3 2024/08/29 12:25:11 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.2.2
@


1.3
log
@py-lxml-html-clean: updated to 0.2.1

0.2.1

Bugs fixed

Memory efficiency is now much better for HTML pages where cleaner removes a lot of elements.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.2 2024/07/30 03:52:59 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.2.1
@


1.2
log
@py-lxml-html-clean: updated to 0.2.0

0.2.0 (2024-07-29)

Features added

ASCII control characters (except HT, VT, CR and LF) are now removed from string inputs before they're parsed by lxml/libxml2.
@
text
@d1 1
a1 1
# $NetBSD: Makefile,v 1.1 2024/05/27 14:39:28 adam Exp $
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.2.0
a16 2
PYTHON_VERSIONS_INCOMPATIBLE=	27

@


1.1
log
@py-lxml-html-clean: added version 0.1.1

This project was initially a part of lxml. Because HTML cleaner is designed as
blocklist-based, many reports about possible security vulnerabilities were
filed for lxml and that make the project problematic for security-sensitive
environments. Therefore we decided to extract the problematic part to a
separate project.
@
text
@d1 1
a1 1
# $NetBSD$
d3 1
a3 1
DISTNAME=	lxml_html_clean-0.1.1
@