head 1.29; access; symbols pkgsrc-2026Q1:1.28.0.2 pkgsrc-2026Q1-base:1.28 pkgsrc-2025Q4:1.27.0.6 pkgsrc-2025Q4-base:1.27 pkgsrc-2025Q3:1.27.0.4 pkgsrc-2025Q3-base:1.27 pkgsrc-2025Q2:1.27.0.2 pkgsrc-2025Q2-base:1.27 pkgsrc-2025Q1:1.26.0.2 pkgsrc-2025Q1-base:1.26 pkgsrc-2024Q4:1.25.0.2 pkgsrc-2024Q4-base:1.25 pkgsrc-2024Q3:1.24.0.8 pkgsrc-2024Q3-base:1.24 pkgsrc-2024Q2:1.24.0.6 pkgsrc-2024Q2-base:1.24 pkgsrc-2024Q1:1.24.0.4 pkgsrc-2024Q1-base:1.24 pkgsrc-2023Q4:1.24.0.2 pkgsrc-2023Q4-base:1.24 pkgsrc-2023Q3:1.23.0.4 pkgsrc-2023Q3-base:1.23 pkgsrc-2023Q2:1.23.0.2 pkgsrc-2023Q2-base:1.23 pkgsrc-2023Q1:1.20.0.4 pkgsrc-2023Q1-base:1.20 pkgsrc-2022Q4:1.20.0.2 pkgsrc-2022Q4-base:1.20 pkgsrc-2022Q3:1.19.0.2 pkgsrc-2022Q3-base:1.19 pkgsrc-2022Q2:1.17.0.6 pkgsrc-2022Q2-base:1.17 pkgsrc-2022Q1:1.17.0.4 pkgsrc-2022Q1-base:1.17 pkgsrc-2021Q4:1.17.0.2 pkgsrc-2021Q4-base:1.17 pkgsrc-2021Q3:1.14.0.2 pkgsrc-2021Q3-base:1.14 pkgsrc-2021Q2:1.13.0.2 pkgsrc-2021Q2-base:1.13 pkgsrc-2021Q1:1.11.0.2 pkgsrc-2021Q1-base:1.11 pkgsrc-2020Q4:1.10.0.4 pkgsrc-2020Q4-base:1.10 pkgsrc-2020Q3:1.10.0.2 pkgsrc-2020Q3-base:1.10 pkgsrc-2020Q2:1.9.0.2 pkgsrc-2020Q2-base:1.9 pkgsrc-2020Q1:1.7.0.2 pkgsrc-2020Q1-base:1.7 pkgsrc-2019Q4:1.6.0.4 pkgsrc-2019Q4-base:1.6 pkgsrc-2019Q3:1.5.0.8 pkgsrc-2019Q3-base:1.5 pkgsrc-2019Q2:1.5.0.6 pkgsrc-2019Q2-base:1.5 pkgsrc-2019Q1:1.5.0.4 pkgsrc-2019Q1-base:1.5 pkgsrc-2018Q4:1.5.0.2 pkgsrc-2018Q4-base:1.5 pkgsrc-2018Q3:1.4.0.6 pkgsrc-2018Q3-base:1.4 pkgsrc-2018Q2:1.4.0.4 pkgsrc-2018Q2-base:1.4 pkgsrc-2018Q1:1.4.0.2 pkgsrc-2018Q1-base:1.4 pkgsrc-2017Q4:1.1.0.8 pkgsrc-2017Q4-base:1.1 pkgsrc-2017Q3:1.1.0.6 pkgsrc-2017Q3-base:1.1 pkgsrc-2017Q2:1.1.0.2 pkgsrc-2017Q2-base:1.1; locks; strict; comment @# @; 1.29 date 2026.03.29.13.47.19; author taca; state Exp; branches; next 1.28; commitid OsGuPnz7BxbEjSzG; 1.28 date 2026.01.18.15.13.42; author taca; state Exp; branches; next 1.27; commitid kY6N2CmsBrwM2TqG; 1.27 date 2025.05.18.14.25.11; author taca; state Exp; branches; next 1.26; commitid YazaL8AXZV1oEoVF; 1.26 date 2025.01.02.06.09.41; author taca; state Exp; branches; next 1.25; commitid d2z9BPsl5xFrhSDF; 1.25 date 2024.11.06.15.06.16; author taca; state Exp; branches; next 1.24; commitid 8Yd6R5D2RZt75BwF; 1.24 date 2023.12.17.16.25.10; author taca; state Exp; branches; next 1.23; commitid QhNBfG7xsZVRXPQE; 1.23 date 2023.05.21.03.29.12; author taca; state Exp; branches; next 1.22; commitid WcGyssuswfubqMpE; 1.22 date 2023.05.14.14.24.49; author taca; state Exp; branches; next 1.21; commitid GdZrI13xuEC0hWoE; 1.21 date 2023.04.30.14.22.55; author taca; state Exp; branches; next 1.20; commitid dP1EiVJJchJiI8nE; 1.20 date 2022.12.18.14.49.24; author taca; state Exp; branches; next 1.19; commitid A2rkpTtxdRqq836E; 1.19 date 2022.09.16.06.23.10; author taca; state Exp; branches; next 1.18; commitid 7JQpIk5m6497k3UD; 1.18 date 2022.09.04.15.47.06; author taca; state Exp; branches; next 1.17; commitid Dw0pOXTOiWKtPySD; 1.17 date 2021.12.14.14.17.47; author taca; state Exp; branches; next 1.16; commitid GlSxFUnRevAXOCkD; 1.16 date 2021.10.26.11.31.00; author nia; state Exp; branches; next 1.15; commitid Gv0TNLbuylhFsjeD; 1.15 date 2021.10.07.15.08.43; author nia; state Exp; branches; next 1.14; commitid kEwAbZZbki9jhTbD; 1.14 date 2021.09.19.17.53.13; author taca; state Exp; branches; next 1.13; commitid 0tNawSnFYM4hMA9D; 1.13 date 2021.06.14.15.45.29; author taca; state Exp; branches; next 1.12; commitid RRR28wboTOjJb7XC; 1.12 date 2021.06.02.15.02.44; author taca; state Exp; branches; next 1.11; commitid PloIIBpz8Zb0lzVC; 1.11 date 2021.01.18.16.02.38; author taca; state Exp; branches; next 1.10; commitid 7W9lnYgYxM4B0eEC; 1.10 date 2020.09.14.15.35.34; author taca; state Exp; branches; next 1.9; commitid VjV9BknOA7PpU1oC; 1.9 date 2020.06.18.16.23.53; author taca; state Exp; branches; next 1.8; commitid A6jVwK591XEl0JcC; 1.8 date 2020.05.17.15.59.29; author taca; state Exp; branches; next 1.7; commitid 9gTu7IZXHBJGTB8C; 1.7 date 2020.03.21.17.01.18; author taca; state Exp; branches; next 1.6; commitid 5x70mekL4MUt4i1C; 1.6 date 2019.10.22.16.24.20; author taca; state Exp; branches; next 1.5; commitid s83cJUVmOgrMISHB; 1.5 date 2018.11.01.16.11.45; author taca; state Exp; branches 1.5.8.1; next 1.4; commitid 7e7fpC5ErWgC3gYA; 1.4 date 2018.03.23.14.33.21; author taca; state Exp; branches 1.4.6.1; next 1.3; commitid g65oPhpxCgIAGAvA; 1.3 date 2018.03.21.12.09.39; author taca; state Exp; branches; next 1.2; commitid 5nb8peNd75o6XjvA; 1.2 date 2018.03.17.16.21.48; author taca; state Exp; branches; next 1.1; commitid s54jIkwndsiLtPuA; 1.1 date 2017.04.06.03.10.52; author minskim; state Exp; branches; next ; commitid 43yBE8mo6XGUbqMz; 1.5.8.1 date 2019.10.23.11.33.38; author bsiegert; state Exp; branches; next ; commitid k5474b9Cxga85ZHB; 1.4.6.1 date 2018.11.04.20.02.38; author spz; state Exp; branches; next ; commitid lWGw3pNd2BMefFYA; desc @@ 1.29 log @www/ruby-loofah: update to 2.25.1 2.25.1 (2026-03-17) * Ensure Loofah::HTML5::Scrub.allowed_uri? recognizes unescaped whitespace entities and rejects schemas containing them. See GHSA-46fp-8f5p-pf2m. #302 @@flavorjones @ text @$NetBSD: distinfo,v 1.28 2026/01/18 15:13:42 taca Exp $ BLAKE2s (loofah-2.25.1.gem) = 30cd892cfed52141241c9f4efc619b5bbc6372745a0188cb555241971733e7d3 SHA512 (loofah-2.25.1.gem) = 8cccfc6ab2009e8f997a4595cc00d9621061ac4ec044391ae4893be95775a0218fd1fd9e3e34ae6167449c2506b87f713219c7273209b898972e21736bf9be50 Size (loofah-2.25.1.gem) = 34816 bytes @ 1.28 log @www/ruby-loofah: update to 2.25.0 2.25.0 (2025-12-15) * Extract Loofah::HTML5::Scrub.allowed_uri? which operates on a string. Previously this logic was coupled to the parsed tree in .scrub_uri_attribute. #300 @@flavorjones * Tightened up how entities and control characters are handled when detecting allowed URIs. #301 @@flavorjones @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2025/05/18 14:25:11 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.25.0.gem) = 5ca8eb73d31ad616ada30b3811f2d038cd6afc875d1b67356b3f134320701d2c SHA512 (loofah-2.25.0.gem) = bf860baa49305c7e33cf1aa292a3e1d238bfb06d6618da2c72c61d0f3dce74533dae6379539f2e9a7269d8e2a07a63ad2ef15303d7a3288c0edde735c686e09a Size (loofah-2.25.0.gem) = 34816 bytes @ 1.27 log @www/ruby-loofah: update to 2.24.1 2.24.1 (2025-05-12) Ruby support * Import only what's needed from cgi for support for Ruby 3.5 #296 @@Earlopain @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2025/01/02 06:09:41 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.24.1.gem) = 57a81ad7e294906d31c36d345d9d7e2539921d4425b9a2be49ea2814f5cc9e09 SHA512 (loofah-2.24.1.gem) = a94cbd23cd3dbd259464934779b6e78e2612264df2692cb83438dc26bfa12785f68afab2d37dafdc210a84a71d995d885ebc3db7dc5bc0370c11d120bbf78f95 Size (loofah-2.24.1.gem) = 34304 bytes @ 1.26 log @www/ruby-loofah: update to 2.24.0 2.24.0 (2024-12-24) Added * Built-in scrubber :double_breakpoint which sees

and wraps the surrounding content in

tags. #279, #284 @@josecolella @@torihuang Improved * Built-in scrubber :targetblank now skips a tags whose href attribute is an anchor link. Previously, all a tags were modified to have target='_blank'. #291 @@fnando New Contributors * @@andrew made their first contribution in #289 * @@fnando made their first contribution in #291 * @@josecolella and @@torihuang made their first contribution in #284 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2024/11/06 15:06:16 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.24.0.gem) = 860dc87da2c1a2d5ec20d9aa4ee679bf3e811e8c329d88d0aa6438e809490189 SHA512 (loofah-2.24.0.gem) = 7fa43a1b35bba223054fb4c7842acae3c844520dfe16a4ef3f9c9755df7439cff75cfcb2af6dec3519016b835c6c3e002a97c828a45649ccb80d9218781011b1 Size (loofah-2.24.0.gem) = 34304 bytes @ 1.25 log @www/ruby-loofah: update to 2.23.1 2.23.0 (2024-10-24) Added * Allow CSS property min-width. [#287] @@lazyatom New Contributors * @@m-nakamura145 made their first contribution in #280 * @@lazyatom made their first contribution in #287 2.23.1 (2024-10-25) Added * Allow CSS properties min-height and max-height. [#288] @@lazyatom @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2023/12/17 16:25:10 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.23.1.gem) = 050326387e6f9489406631b12154c9cfd0bb2a8ea3323f8a42f023aa62a7e719 SHA512 (loofah-2.23.1.gem) = 056f6b2b7304d4797acff7ed30ae4104d50a01c57e9ad0b43f0327b3bfd6b92ac4c068bf8c0beb99fb2ac7cc173766c752135951b7c32f06a3ca0d654ecc6794 Size (loofah-2.23.1.gem) = 33792 bytes @ 1.24 log @www/ruby-loofah: update to 2.22.0 2.21.4 (2023-10-10) Fixed * Loofah::HTML5::Scrub.scrub_css is more consistent in preserving whitespace (and lack of whitespace) in CSS property values. In particular, .scrub_css no longer inserts whitespace between tokens that did not already have whitespace between them. [#273, fixes #271] 2.22.0 (2023-11-13) Added * A :targetblank HTML scrubber which ensures all hyperlinks have target="_blank". [#275] @@stefannibrasil and @@thdaraujo * A :noreferrer HTML scrubber which ensures all hyperlinks have rel=noreferrer, similar to the :nofollow and :noopener scrubbers. [#277] @@wynksaiddestroy @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2023/05/21 03:29:12 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.22.0.gem) = 0b4677fe13cc45323c5097cf6e2b49824417f49cec54ea978ad5250bcf5a3f92 SHA512 (loofah-2.22.0.gem) = c54192bf43c2f0fee331c4ebfc0cbacbe83fe6be2a834132d4f10835d903a7265f8efda4309e09daec7c8c83e5c599c131148e80abdea26a8f4e6423337457f5 Size (loofah-2.22.0.gem) = 33280 bytes @ 1.23 log @www/ruby-loofah: update to 2.21.3 2.21.3 / 2023-05-15 * Quash "instance variable not initialized" warning in Ruby < 3.0. [#268] (Thanks, @@dharamgollapudi!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2023/05/14 14:24:49 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.21.3.gem) = e7017c51c7f2cf3f9c9db694afa3f18ec38477116de3b24b0baa2414f1ccd17e SHA512 (loofah-2.21.3.gem) = 1cb17591143ba5f42fad3c13143ee18ceb3758eb2241fc9eb2d4815da72ff10fc0497e58420798a75199280ecdffbb01ed4a1edb8b274c76446ba6f94a0271c4 Size (loofah-2.21.3.gem) = 32256 bytes @ 1.22 log @www/ruby-loofah: update to 2.21.2 2.21.0 (2023-05-10) HTML5 Support Classes Loofah::HTML5::Document and Loofah::HTML5::DocumentFragment are introduced, along with helper methods: * Loofah.html5_document * Loofah.html5_fragment * Loofah.scrub_html5_document * Loofah.scrub_html5_fragment These classes and methods use Nokogiri's HTML5 parser to ensure modern web standards are used. ⚠ HTML5 functionality is only available with Nokogiri v1.14.0 and higher. ⚠ HTML5 functionality is not available for JRuby. Please see this upstream Nokogiri issue if you're interested in helping implement and support HTML5 support. Loofah::HTML4 module and namespace Loofah::HTML has been renamed to Loofah::HTML4, and Loofah::HTML is aliased to preserve backwards-compatibility. Nokogiri::HTML and Nokogiri::HTML4 parse methods still use libxml2's (or NekoHTML's) HTML4 parser. Take special note that if you rely on the class name of an object in your code, objects will now report a class of Loofah::HTML4::Foo where they previously reported Loofah::HTML::Foo. Instead of relying on the string returned by Object#class, prefer Class#=== or Object#is_a? or Object#instance_of?. Future releases of Nokogiri may deprecate HTML classes and methods or otherwise change this behavior, so please start using HTML4 in place of HTML. Official support for JRuby This version introduces official support for JRuby. Previously, the test suite had never been green due to differences in behavior in the underlying HTML parser used by Nokogiri. We've updated the test suite to accommodate those differences, and have added JRuby to the CI suite. 2.21.1 (2023-05-10) Fixed * Don't define HTML5::Document and HTML5::DocumentFragment when Nokogiri is < 1.14. In 2.21.0 these classes were defined whenever Nokogiri::HTML5 was defined, but Nokogiri v1.12 and v1.13 do not support Loofah subclassing properly. 2.21.2 (2023-05-11) Dependencies * Update the dependency on Nokogiri to be >= 1.12.0. The dependency in 2.21.0 and 2.21.1 was left at >= 1.5.9 but versions before 1.12 would result in a NameError exception. [#266] @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2023/04/30 14:22:55 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.21.2.gem) = 94a4dd782ae00914db4cf3f9176946e4b45738f699511c669e48516c670d24ca SHA512 (loofah-2.21.2.gem) = f9f539e6338c29c3f5d1bd2bcdff34e539fdad39a8f24469cacd578205dfe538341e3b021bd3efcccac5cff0adf363a06fd8fefdb661c074f3b1704f953a3ff9 Size (loofah-2.21.2.gem) = 32256 bytes @ 1.21 log @www/ruby-loofah: update to 2.20.0 2.20.0 (2023-04-01) Features * Allow SVG attributes color-profile, cursor, filter, marker, and mask. [#246] * Allow SVG elements altGlyph, cursor, feImage, pattern, and tref. [#246] * Allow protocols fax and modem. [#255] (Thanks, @@cjba7!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2022/12/18 14:49:24 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.20.0.gem) = 7a48d58ffd6a97ceb7e3eba8dbea0ef98ff5968cb7b5a3a40c21dee0d31f8a0d SHA512 (loofah-2.20.0.gem) = 71cbed9b08caac6133ac0da4444b80879684a284b58f4c733c06e3db56d948f06b667b50471f19ba1a6701b3995ab677eea245b49bbb577b6af54985f7fe5ad9 Size (loofah-2.20.0.gem) = 32768 bytes @ 1.20 log @www/ruby-loofah: update to 2.19.0 2.19.0 (2022-12-13) * Address CVE-2022-23514, inefficient regular expression complexity. See GHSA-486f-hjj9-9vhh for more information. * Address CVE-2022-23515, improper neutralization of data URIs. See GHSA-228g-948r-83gx for more information. * Address CVE-2022-23516, uncontrolled recursion. See GHSA-3x8r-x6xp-q4vm for more information. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2022/09/16 06:23:10 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.19.1.gem) = cf365be4b8d3c925e39e03121e120c9a9397aea5dc6209de32d4af1c612b6929 SHA512 (loofah-2.19.1.gem) = 608cdf5d6f6bf4489e851117bb57a779b1070c094fac3b413935f1b883cd8098fb1c0be6ccbc81921aef1e3081959bdbb0ce9e2b559183ef6d8c1abccb71770b Size (loofah-2.19.1.gem) = 32768 bytes @ 1.19 log @www/ruby-loofah: update to 2.19.0 2.19.0 (2022-09-14) Features * Allow SVG 1.0 color keyword names in CSS attributes. These colors are part of the CSS Color Module Level 3 recommendation released 2022-01-18. [#243] @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2022/09/04 15:47:06 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.19.0.gem) = 31c332c79e44a3ee3404bd1c818d0bc19f6a97a11e94f8cf395be8dd1b1b8576 SHA512 (loofah-2.19.0.gem) = 8ac91bf04045c5e78271a13e5c7ed6d83962d80ace022ce52ccbcf5b58e0b6edb924657c0d9f8af85043bbdbaa2aa73999bfc30e2c83345f9e78e02f97ee7ac9 Size (loofah-2.19.0.gem) = 32256 bytes @ 1.18 log @www/ruby-loofah: update to 2.18.0 2.14.0 (2022-02-11) Features * The #to_text method on Loofah::HTML::{Document,DocumentFragment} replaces
line break elements with a newline. [#225] 2.15.0 (2022-03-14) Features * Expand set of allowed protocols to include sms:. [#228] (Thanks, @@brendon!) 2.16.0 (2022-04-01) Features * Allow MathML elements menclose and ms, and MathML attributes dir, href, lquote, mathsize, notation, and rquote. [#231] (Thanks, @@nick-desteffen!) 2.17.0 (2022-04-28) Features * Allow ARIA attributes. [#232, #233] (Thanks, @@nick-desteffen!) 2.18.0 (2022-05-11) Features * Allow CSS property aspect-ratio. [#236] (Thanks, @@louim!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2021/12/14 14:17:47 taca Exp $ d3 3 a5 3 BLAKE2s (loofah-2.18.0.gem) = d886b455a5b152f47cd0ed56049fce999550309c9a2e2c4587cecd57fee2eed1 SHA512 (loofah-2.18.0.gem) = 57a29482fa76ae73863e388636047648e26d6a776255c92b8d74f10665752c2a76c98b1b15014432d67929626515fb60031a608f48a49c88f1f70cc02d5148a6 Size (loofah-2.18.0.gem) = 31232 bytes @ 1.17 log @www/ruby-loofah: update to 2.13.0 2.13.0 (2021-12-10) Bug fixes * Loofah::HTML::DocumentFragment#text no longer serializes top-level comment children. [#221] @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2021/10/26 11:31:00 nia Exp $ d3 3 a5 3 BLAKE2s (loofah-2.13.0.gem) = c637c2585590fe9e0a65369c4b588cd818403ec34e901076135a794fc02c5c29 SHA512 (loofah-2.13.0.gem) = 9554188ceee73308fac8869e71823b072c4d6800a10f8c5939b1daba780c0b611725db0e37a8cffa4c09c1005b3d21365644f780661af4d775191a1edbf131d1 Size (loofah-2.13.0.gem) = 30208 bytes @ 1.16 log @www: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Not committed (merge conflicts): www/nghttp2/distinfo Unfetchable distfiles (almost certainly fetched conditionally...): ./www/nginx-devel/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx-devel/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx-devel/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx-devel/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx-devel/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx-devel/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx-devel/distinfo naxsi-1.3.tar.gz ./www/nginx-devel/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx-devel/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx-devel/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx-devel/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx-devel/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx-devel/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx-devel/distinfo njs-0.5.0.tar.gz ./www/nginx-devel/distinfo set-misc-nginx-module-0.32.tar.gz ./www/nginx/distinfo array-var-nginx-module-0.05.tar.gz ./www/nginx/distinfo echo-nginx-module-0.62.tar.gz ./www/nginx/distinfo encrypted-session-nginx-module-0.08.tar.gz ./www/nginx/distinfo form-input-nginx-module-0.12.tar.gz ./www/nginx/distinfo headers-more-nginx-module-0.33.tar.gz ./www/nginx/distinfo lua-nginx-module-0.10.19.tar.gz ./www/nginx/distinfo naxsi-1.3.tar.gz ./www/nginx/distinfo nginx-dav-ext-module-3.0.0.tar.gz ./www/nginx/distinfo nginx-rtmp-module-1.2.2.tar.gz ./www/nginx/distinfo nginx_http_push_module-1.2.10.tar.gz ./www/nginx/distinfo ngx_cache_purge-2.5.1.tar.gz ./www/nginx/distinfo ngx_devel_kit-0.3.1.tar.gz ./www/nginx/distinfo ngx_http_geoip2_module-3.3.tar.gz ./www/nginx/distinfo njs-0.5.0.tar.gz ./www/nginx/distinfo set-misc-nginx-module-0.32.tar.gz @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2021/10/07 15:08:43 nia Exp $ d3 3 a5 3 BLAKE2s (loofah-2.12.0.gem) = c8447d9a3a59bc28b32801f8b166260ae9047f1d91d3a9caa8a5458f4c0ab987 SHA512 (loofah-2.12.0.gem) = 47da6b3af129b9f0ddc999c11865f453a9a284a260b873bbd27b9bc291d9e4297893040c8dbe4c4ef3b251cee68710c3733e6c53a455e60904ab8d9839b2a7e8 Size (loofah-2.12.0.gem) = 30208 bytes @ 1.15 log @www: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2021/09/19 17:53:13 taca Exp $ d3 1 a3 1 RMD160 (loofah-2.12.0.gem) = cfd1f1b7000c6cbfcd2f0e215373e2a20c3e31b6 @ 1.14 log @www/ruby-loofah: update to 2.12.0 2.12.0 (2021-08-11) Features * Support empty HTML5 data attributes. [#215] 2.11.0 (2021-07-31) Features * Allow HTML5 element wbr. * Allow all CSS property values for border-collapse. [#201] Changes * Deprecating Loofah::HTML5::SafeList::VOID_ELEMENTS which is not a canonical list of void HTML4 or HTML5 elements. * Removed some elements from Loofah::HTML5::SafeList::VOID_ELEMENTS that either are not acceptable elements or aren't considered "void" by libxml2. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2021/06/14 15:45:29 taca Exp $ a2 1 SHA1 (loofah-2.12.0.gem) = e9aa3afe6b84aa7e0ca479256ba28097a0780ef2 @ 1.13 log @www/ruby-loofah: update to 2.10.0 2.10.0 (2021-06-06) Features * Allow CSS properties overflow-x and overflow-y. [#206] (Thanks, @@sampokuokkanen!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2021/06/02 15:02:44 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.10.0.gem) = d6665595d8f4130c15f88d88ef97024bbe8ad848 RMD160 (loofah-2.10.0.gem) = 3b1ab197e038f8be27b707631124e72d8808b3af SHA512 (loofah-2.10.0.gem) = 490ca39fcd44f08b3225994643203a37ee26841b7a9e8044b5826e2c85266d7eb559371723166ecb768ffcef3b54a9bf098e5583c3e0299a8a03736c7478d6ed Size (loofah-2.10.0.gem) = 30208 bytes @ 1.12 log @www/ruby-loofah: update to 2.9.1 2.9.1 (2021-04-07) Bug fixes * Fix a regression in v2.9.0 which inappropriately removed CSS properties with quoted string values. [#202] @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2021/01/18 16:02:38 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.9.1.gem) = 86db3fd961b7f0816372e6774b24b40de0dafad3 RMD160 (loofah-2.9.1.gem) = e1b691b9455a08eb70d26172f14cb142afcdccd8 SHA512 (loofah-2.9.1.gem) = c753daa0aba788cefe2605c51d743f4f1cc119bb03299ec6a35ce219b2187214d28529b3dc72bd3c755c6b77e8f747314c9b6ededd0794a2e5184705744103ed Size (loofah-2.9.1.gem) = 29696 bytes @ 1.11 log @www/ruby-loofah: update to 2.9.0 2.9.0 / 2021-01-14 * Handle CSS functions in a CSS shorthand property (like background). [#199, #200] 2.8.0 / 2020-11-25 * Allow CSS properties order, flex-direction, flex-grow, flex-wrap, flex-shrink, flex-flow, flex-basis, flex, justify-content, align-self, align-items, and align-content. [#197] (Thanks, @@miguelperez!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2020/09/14 15:35:34 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.9.0.gem) = 1a02f78b1e7e419b485d804d7ffb6db9a30738b7 RMD160 (loofah-2.9.0.gem) = 6ed496e3058d1286cddc0e19d73d25c8d3d192da SHA512 (loofah-2.9.0.gem) = eb1644b940ed315dd032a76992048805f74fc23680a1096e87c4af2ed99d3e48daef428ba66a769684f3ad5350f8a752801d9b5f3ee06e9f8c66c5fe1008e045 Size (loofah-2.9.0.gem) = 29696 bytes @ 1.10 log @www/ruby-loofah: update to 2.7.0 Update ruby-loofah package to 2.7.0. 2.7.0 / 2020-08-26 Features * Allow CSS properties page-break-before, page-break-inside, and page-break-after. [#190] (Thanks, @@ahorek!) Fixes * Don't drop the !important rule from some CSS properties. [#191] (Thanks, @@b7kich!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2020/06/18 16:23:53 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.7.0.gem) = 8076a0128df04424d88b010d2aaf2bd8f27e4a9c RMD160 (loofah-2.7.0.gem) = ba5981c1edff0223b3d305e9d6f06cd5daa61c0f SHA512 (loofah-2.7.0.gem) = e76375adcaf924070b38d882e7ff4669a3f6d0d521d38e7221ac2c224c1f8c25c6daced2079e982a514be0df03e8baa2650dd43bb3ddaf576d4195a66490a27a Size (loofah-2.7.0.gem) = 54272 bytes @ 1.9 log @www/ruby-loofah: update to 2.6.0 Update ruby-loofah to 2.6.0. 2.6.0 / 2020-06-16 Features * Allow CSS border-style keywords. [#188] (Thanks, @@tarcisiozf!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2020/05/17 15:59:29 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.6.0.gem) = b5a01ea784e7341f121c2504d3111230af095b7d RMD160 (loofah-2.6.0.gem) = 06cb681be23dd9dffce215cff2d2cca9ab083b7f SHA512 (loofah-2.6.0.gem) = c94ac83607ad31d95e0b263fa9bf76cf6745c1356ee006fa1592d7eef1353956e17e44d5fd8b345b97a837cc55227d770bc3b3dd2cff26acaa4566e4c3d7d417 Size (loofah-2.6.0.gem) = 53760 bytes @ 1.8 log @www/ruby-loofah: update to 2.5.0 Update ruby-loofah to 2.5.0. ## 2.5.0 / 2020-04-05 ### Features * Allow more CSS length units: "ch", "vw", "vh", "Q", "lh", "vmin", "vmax". [#178] (Thanks, @@JuanitoFatas!) ### Fixes * Remove comments from `Loofah::HTML::Document`s that exist outside the `html` element. [#80] ### Other changes * Gem metadata being set [#181] (Thanks, @@JuanitoFatas!) * Test files removed from gem file [#180,#166,#159] (Thanks, @@JuanitoFatas and @@greysteil!) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2020/03/21 17:01:18 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.5.0.gem) = e48801969d54673e53ff4ad11a49227545ce4200 RMD160 (loofah-2.5.0.gem) = 6cbd617eda6948147b19533ca3ac73bdaa864d61 SHA512 (loofah-2.5.0.gem) = 565b55f50a215642c020308afe3a032b31d6e5f98bd4e40299ce276440e57abc44e663933ed7b674727696542944ca3f4108ab9ee99fb9826570f0d149893fe5 Size (loofah-2.5.0.gem) = 53248 bytes @ 1.7 log @www/ruby-loofah: update to 2.4.0 Update ruby-loofah to 2.4.0. ## 2.4.0 / 2019-11-25 ### Features * Allow CSS property `max-width` [#175] (Thanks, @@bchaney!) * Allow CSS sizes expressed in `rem` [#176, #177] * Add `frozen_string_literal: true` magic comment to all `lib` files. [#118] @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2019/10/22 16:24:20 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.4.0.gem) = e48493b52483742bd4fffdd47886c4668c9f032b RMD160 (loofah-2.4.0.gem) = 0d9145241ea1c675d6dc3545d6172c4b76fe02b1 SHA512 (loofah-2.4.0.gem) = 95bea374c0cf9e49becd4533c141a6ebb388f4ae0a1c27263612d3a4089177fd97956e4fbe7a8c8a8b17d8d69387e4629cf7c004f17008fb592f6b71297ed22a Size (loofah-2.4.0.gem) = 68096 bytes @ 1.6 log @www/ruby-loofah: update to 2.3.1 ## 2.3.1 / 2019-10-22 ### Security Address CVE-2019-15587: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. This CVE's public notice is at https://github.com/flavorjones/loofah/issues/171 ## 2.3.0 / unreleased ### Features * Expand set of allowed protocols to include `tel:` and `line:`. [#104, #147] * Expand set of allowed CSS functions. [related to #122] * Allow greater precision in shorthand CSS values. [#149] (Thanks, @@danfstucky!) * Allow CSS property `list-style` [#162] (Thanks, @@jaredbeck!) * Allow CSS keywords `thick` and `thin` [#168] (Thanks, @@georgeclaghorn!) * Allow HTML property `contenteditable` [#167] (Thanks, @@andreynering!) ### Bug fixes * CSS hex values are no longer limited to lowercase hex. Previously uppercase hex were scrubbed. [#165] (Thanks, @@asok!) ### Deprecations / Name Changes The following method and constants are hereby deprecated, and will be completely removed in a future release: * Deprecate `Loofah::Helpers::ActionView.white_list_sanitizer`, please use `Loofah::Helpers::ActionView.safe_list_sanitizer` instead. * Deprecate `Loofah::Helpers::ActionView::WhiteListSanitizer`, please use `Loofah::Helpers::ActionView::SafeListSanitizer` instead. * Deprecate `Loofah::HTML5::WhiteList`, please use `Loofah::HTML5::SafeList` instead. Thanks to @@JuanitoFatas for submitting these changes in #164 and for making the language used in Loofah more inclusive. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2018/11/01 16:11:45 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.3.1.gem) = 732be438c5a2a3c7e63a8f173b24b05f78df1ff2 RMD160 (loofah-2.3.1.gem) = 382991856327a36978f2c47ccda2b1185338f412 SHA512 (loofah-2.3.1.gem) = 188e84818abc3a3eed39afd66a75e7fa3c0a29f8ec957441f43f4cbfd962c8c3ea848e83f435a3d61ffc667273b5ff006df39d718b7631a11b62ae2d3f78b6ba Size (loofah-2.3.1.gem) = 68096 bytes @ 1.5 log @www/ruby-loofah: update to 2.2.3 ## 2.2.3 / 2018-10-30 ### Security Address CVE-2018-16468: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. This CVE's public notice is at https://github.com/flavorjones/loofah/issues/154 ## Meta / 2018-10-27 The mailing list is now on Google Groups [#146](https://github.com/flavorjones/loofah/issues/146): * Mail: loofah-talk@@googlegroups.com * Archive: https://groups.google.com/forum/#!forum/loofah-talk This change was made because librelist no longer appears to be maintained. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2018/03/23 14:33:21 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.2.3.gem) = b907029ec05b39a8f239a83c443e5cf94baecfad RMD160 (loofah-2.2.3.gem) = 7da4488ecc2a3c341a3716e0286e556b20bde270 SHA512 (loofah-2.2.3.gem) = 8e63e1d4e3719c2ffcc8cf3208dbdfa3eb6e328bb91fc8dc6de88c472aac47f1a22771928b08f3c6816c159c6a9672299823f5d48177ae543358e73444b8ac56 Size (loofah-2.2.3.gem) = 65536 bytes @ 1.5.8.1 log @Pullup ticket #6074 - requested by taca www/ruby-loofah: seucurity fix Revisions pulled up: - www/ruby-loofah/Makefile 1.6 - www/ruby-loofah/PLIST 1.5 - www/ruby-loofah/distinfo 1.6 --- Module Name: pkgsrc Committed By: taca Date: Tue Oct 22 16:24:20 UTC 2019 Modified Files: pkgsrc/www/ruby-loofah: Makefile PLIST distinfo Log Message: www/ruby-loofah: update to 2.3.1 ## 2.3.1 / 2019-10-22 ### Security Address CVE-2019-15587: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. This CVE's public notice is at https://github.com/flavorjones/loofah/issues/171 ## 2.3.0 / unreleased ### Features * Expand set of allowed protocols to include `tel:` and `line:`. [#104, #147] * Expand set of allowed CSS functions. [related to #122] * Allow greater precision in shorthand CSS values. [#149] (Thanks, @@danfstucky!) * Allow CSS property `list-style` [#162] (Thanks, @@jaredbeck!) * Allow CSS keywords `thick` and `thin` [#168] (Thanks, @@georgeclaghorn!) * Allow HTML property `contenteditable` [#167] (Thanks, @@andreynering!) ### Bug fixes * CSS hex values are no longer limited to lowercase hex. Previously uppercase hex were scrubbed. [#165] (Thanks, @@asok!) ### Deprecations / Name Changes The following method and constants are hereby deprecated, and will be completely removed in a future release: * Deprecate `Loofah::Helpers::ActionView.white_list_sanitizer`, please use `Loofah::Helpers::ActionView.safe_list_sanitizer` instead. * Deprecate `Loofah::Helpers::ActionView::WhiteListSanitizer`, please use `Loofah::Helpers::ActionView::SafeListSanitizer` instead. * Deprecate `Loofah::HTML5::WhiteList`, please use `Loofah::HTML5::SafeList` instead. Thanks to @@JuanitoFatas for submitting these changes in #164 and for making the language used in Loofah more inclusive. @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (loofah-2.3.1.gem) = 732be438c5a2a3c7e63a8f173b24b05f78df1ff2 RMD160 (loofah-2.3.1.gem) = 382991856327a36978f2c47ccda2b1185338f412 SHA512 (loofah-2.3.1.gem) = 188e84818abc3a3eed39afd66a75e7fa3c0a29f8ec957441f43f4cbfd962c8c3ea848e83f435a3d61ffc667273b5ff006df39d718b7631a11b62ae2d3f78b6ba Size (loofah-2.3.1.gem) = 68096 bytes @ 1.4 log @www/ruby-loofah: update to 2.2.2 ## 2.2.2 / 2018-03-22 Make public `Loofah::HTML5::Scrub.force_correct_attribute_escaping!`, which was previously a private method. This is so that downstream gems (like rails-html-sanitizer) can use this logic directly for their own attribute scrubbers should they need to address CVE-2018-8048. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2018/03/21 12:09:39 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.2.2.gem) = 6673a94800c0b179eb25d16fb0610d632eb87614 RMD160 (loofah-2.2.2.gem) = 9c3b97665e35a74d2ea838d2a51324a2f4811575 SHA512 (loofah-2.2.2.gem) = 3c64182f8fdb7d79a5be65969728c4c51a4535f53fdae7c8e5f4d487d43af3efac9d2f3746d8e02564d0979e94a0e63dc5974701c151e31c502cb8ff97f1295e Size (loofah-2.2.2.gem) = 65024 bytes @ 1.4.6.1 log @Pullup ticket #5874 - requested by taca www/ruby-loofah: security update Revisions pulled up: - www/ruby-loofah/Makefile 1.5 - www/ruby-loofah/PLIST 1.4 - www/ruby-loofah/distinfo 1.5 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: taca Date: Thu Nov 1 16:11:45 UTC 2018 Modified Files: pkgsrc/www/ruby-loofah: Makefile PLIST distinfo Log Message: www/ruby-loofah: update to 2.2.3 ## 2.2.3 / 2018-10-30 ### Security Address CVE-2018-16468: Unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished. This CVE's public notice is at https://github.com/flavorjones/loofah/issues/154 ## Meta / 2018-10-27 The mailing list is now on Google Groups [#146](https://github.com/flavorjones/loofah/issues/146): * Mail: loofah-talk@@googlegroups.com * Archive: https://groups.google.com/forum/#!forum/loofah-talk This change was made because librelist no longer appears to be maintained. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 pkgsrc/www/ruby-loofah/Makefile \ pkgsrc/www/ruby-loofah/distinfo cvs rdiff -u -r1.3 -r1.4 pkgsrc/www/ruby-loofah/PLIST @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (loofah-2.2.3.gem) = b907029ec05b39a8f239a83c443e5cf94baecfad RMD160 (loofah-2.2.3.gem) = 7da4488ecc2a3c341a3716e0286e556b20bde270 SHA512 (loofah-2.2.3.gem) = 8e63e1d4e3719c2ffcc8cf3208dbdfa3eb6e328bb91fc8dc6de88c472aac47f1a22771928b08f3c6816c159c6a9672299823f5d48177ae543358e73444b8ac56 Size (loofah-2.2.3.gem) = 65536 bytes @ 1.3 log @www/ruby-loofah: update to 2.2.1 ## 2.2.1 / 2018-03-19 Addresses CVE-2018-8048. Loofah allowed non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments. This CVE's public notice is at https://github.com/flavorjones/loofah/issues/144 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2018/03/17 16:21:48 taca Exp $ d3 4 a6 4 SHA1 (loofah-2.2.1.gem) = 124094ccdb70f8ed7dbc899c828e5d902f3155c8 RMD160 (loofah-2.2.1.gem) = cfb7ab71026d8952165ff316383653d8899f79af SHA512 (loofah-2.2.1.gem) = df971a1bee08f0ee0913af2b4b7baefa6d1ad04af82de796f6f0d505fab7749d52ce79db0118343d336bdae6fcfd4190fecb315019b2c821d81ac1c08d5b8e2a Size (loofah-2.2.1.gem) = 65024 bytes @ 1.2 log @www/ruby-loofah: update to 2.2.0 ## 2.2.0 / 2018-02-11 Features: * Support HTML5 `

` tag. #133 (Thanks, @@MothOnMars!) * Recognize HTML5 block elements. #136 (Thanks, @@MothOnMars!) * Support SVG `` tag. #131 (Thanks, @@baopham!) * Support for whitelisting CSS functions, initially just `calc` and `rgb`. #122/#123/#129 (Thanks, @@NikoRoberts!) * Whitelist CSS property `list-style-type`. #68/#137/#142 (Thanks, @@andela-ysanni and @@NikoRoberts!) Bugfixes: * Properly handle nested `script` tags. #127. ## 2.1.1 / 2017-09-24 Bugfixes: * Removed warning for unused variable. #124 (Thanks, @@y-yagi!) ## 2.1.0 / 2017-09-24 Notes: * Re-implemented CSS parsing and sanitization using the {crass}[https://github.com/rgrove/crass] library. #91 Features: * Added :noopener HTML scrubber (Thanks, @@tastycode!) * Support `data` URIs with the following media types: text/plain, text/css, image/png, image/gif, image/jpeg, image/svg+xml. #101, #120. (Thanks, @@mrpasquini!) Bugfixes: * The :unprintable scrubber now scrubs unprintable characters in CDATA nodes (like `