![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / textproc / ruby-nokogiri
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.62 / (download) - annotate - [select for diffs], Sat Mar 16 16:33:40 2024 UTC (4 weeks, 5 days ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2024Q1-base,
pkgsrc-2024Q1,
HEAD
Changes since 1.61: +4 -4
lines
Diff to previous 1.61 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.16.3. Upstream changes: https://github.com/sparklemotion/nokogiri/releases/tag/v1.16.3 Dependencies * [CRuby] Vendored libxml2 is updated to v2.12.6 from v2.12.5. (@flavorjones) Changed * [CRuby] XML::Reader sets the @encoding instance variable during reading if it is not passed into the initializer. Previously, it would remain nil. The behavior of Reader#encoding has not changed. This works around changes to how libxml2 reports the encoding used in v2.12.6.
Revision 1.61 / (download) - annotate - [select for diffs], Fri Feb 16 14:32:28 2024 UTC (2 months ago) by tsutsui
Branch: MAIN
Changes since 1.60: +4 -4
lines
Diff to previous 1.60 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.16.2.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases
v1.16.2 / 2024-02-04
Security
* [CRuby] Vendored libxml2 is updated to address CVE-2024-25062. See
GHSA-xc9x-jj77-9p9j for more information.
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.12.5 from v2.12.4. (@flavorjones)
v1.16.1 / 2024-02-03
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.12.4 from v2.12.3. (@flavorjones)
Fixed
* [CRuby] XML::Reader defaults the encoding to UTF-8 if it's not specified in
either the document or as a method parameter. Previously non-ASCII
characters were serialized as NCRs in this case. [#2891] (@flavorjones)
* [CRuby] Restored support for compilation by GCC versions earlier than 4.6,
which was broken in v1.15.0 (540e9ae). [#3090] (@adfoster-r7)
* [CRuby] Patched upstream libxml2 to allow parsing HTML5 in the context of a
namespaced node (e.g., foreign content like MathML). [#3112, #3116] (
@flavorjones)
* [CRuby] Fixed a small memory leak in libgumbo (HTML5 parser) when the
maximum tree depth limit is hit. [#3098, #3100] (@stevecheckoway)
v1.16.0 / 2023-12-27
Notable Changes
Ruby
This release introduces native gem support for Ruby 3.3.
This release ends support for Ruby 2.7, for which upstream support ended
2023-03-31.
Pattern matching
This version marks official support for the pattern matching API in XML::Attr,
XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and
XML::NodeSet (and their subclasses), originally introduced as an experimental
feature in v1.14.0. (@flavorjones)
Documentation on what can be matched:
* XML::Attr#deconstruct_keys
* XML::Document#deconstruct_keys
* XML::Namespace#deconstruct_keys
* XML::Node#deconstruct_keys
* XML::DocumentFragment#deconstruct
* XML::NodeSet#deconstruct
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.12.3 from v2.11.6. (@flavorjones)
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.0
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.1
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.2
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.12.3
Fixed
* CSS nth pseudo-classes now handle spaces, e.g. "2n + 1". [#3018]
(@fusion2004)
* [CRuby] libgumbo no longer leaks memory when an incomplete tag is abandoned
by the HTML5 parser. [#3036] (@flavorjones)
Removed
* Removed Nokogiri::HTML5.get which was deprecated in v1.12.0. [#2278]
(@flavorjones)
* Removed the CSS-to-XPath utility modules XPathVisitorAlwaysUseBuiltins and
XPathVisitorOptimallyUseBuiltins, which were deprecated in v1.13.0 in favor
of XPathVisitor constructor args. [#2403] (@flavorjones)
* Removed XML::Reader#attribute_nodes which was deprecated in v1.13.8 in
favor of #attribute_hash. [#2598, #2599] (@flavorjones)
* [CRuby] Removed the libxml/libxml2_path key from VersionInfo, used in the
past for third-party library integration, in favor of the nokogiri/cppflags
and nokogiri/ldflags keys. Please note that third-party library integration
is not fully supported and may be deprecated soon, see #2746 for more
context. [#2143] (@flavorjones)
Revision 1.60 / (download) - annotate - [select for diffs], Sat Nov 18 15:39:16 2023 UTC (5 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base,
pkgsrc-2023Q4
Changes since 1.59: +4 -4
lines
Diff to previous 1.59 (colored) to selected 1.21 (colored)
ruby-nokogori: update to 1.15.5 Upstream changes: https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.5 1.15.5 / 2023-11-17 Dependencies * [CRuby] Vendored libxml2 is updated to v2.11.6 from v2.11.5. For details please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.6 * [CRuby] Vendored libxslt is updated to v1.1.39 from v1.1.38. For details please see https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.39
Revision 1.59 / (download) - annotate - [select for diffs], Sat Aug 12 08:43:14 2023 UTC (8 months, 1 week ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2023Q3-base,
pkgsrc-2023Q3
Changes since 1.58: +4 -4
lines
Diff to previous 1.58 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.15.4.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.4
1.15.4 / 2023-08-11
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.5 from v2.11.4. For details
please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.5
Fixed
* Fixed a typo in a HTML5 parser error message. [#2927] (Thanks,
@anishathalye!)
* [CRuby] ObjectSpace.memsize_of is now safe to call on Documents with
complex DTDs. In previous versions, this debugging method could result in a
segfault. [#2923, #2924]
Revision 1.58 / (download) - annotate - [select for diffs], Sun Aug 6 03:07:59 2023 UTC (8 months, 1 week ago) by tsutsui
Branch: MAIN
Changes since 1.57: +4 -4
lines
Diff to previous 1.57 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.15.3.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.3
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.2
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.1
https://github.com/sparklemotion/nokogiri/releases/tag/v1.15.0
1.15.3 / 2023-07-05
Fixed
* Passing an object that is not a kind of XML::Node as the first parameter to
CDATA.new now raises a TypeError. Previously this would result in either a
segfault (CRuby) or a Java exception (JRuby). [#2920]
* Passing an object that is not a kind of XML::Node as the first parameter to
Schema.from_document now raises a TypeError. Previously this would result
in either a segfault (CRuby) or a Java exception (JRuby). [#2920]
* [CRuby] Passing an object that is not a kind of XML::Node as the second
parameter to Text.new now raises a TypeError. Previously this would result
in a segfault. [#2920]
* [CRuby] Replacing a node's children via methods like Node#inner_html=, #
children=, and #replace no longer defensively dups the node's next sibling
if it is a Text node. This behavior was originally adopted to work around
libxml2's memory management (see #283 and #595) but should not have
included operations involving xmlAddChild(). [#2916]
* [JRuby] Fixed NPE when serializing an unparented HTML node. [#2559, #2895]
(Thanks, @cbasguti!)
1.15.2 / 2023-05-24
Dependencies
* [JRuby] Vendored org.nokogiri:nekodtd is updated to v0.1.11.noko2. This is
functionally equivalent to v0.1.11.noko1 but restores support for Java 8.
Fixed
* [JRuby] Java 8 support is restored, fixing a regression present in
v1.14.0..v1.14.4 and v1.15.0..v1.15.1. [#2887]
1.15.1 / 2023-05-19
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.4 from v2.11.3. For details
please see https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.4
Fixed
* [CRuby] The libxml2 update fixes an encoding regression when push-parsing
UTF-8 sequences. [#2882, upstream issue and commit]
1.15.0 / 2023-05-15
Notes
Ability to opt into system malloc and free
Since 2009, Nokogiri has configured libxml2 to use ruby_xmalloc et al for
memory management. This has provided benefits for memory management, but comes
with a performance penalty.
Users can now opt into using system malloc for libxml2 memory management by
setting an environment variable:
# "default" here means "libxml2's default" which is system malloc
NOKOGIRI_LIBXML_MEMORY_MANAGEMENT=default
Benchmarks show that this setting will significantly improve performance, but
be aware that the tradeoff may involve poorer memory management including
bloated heap sizes and/or OOM conditions.
You can read more about this in the decision record at adr/
2023-04-libxml-memory-management.md.
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.11.3 from v2.10.4. For details
please see:
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.0
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.1
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.2
+ https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.3
* [CRuby] Vendored libxslt is updated to v1.1.38 from v1.1.37. For details
please see:
+ https://gitlab.gnome.org/GNOME/libxslt/-/releases/v1.1.38
Added
* Encoding objects may now be passed to serialization methods like #to_xml, #
to_html, #serialize, and #write_to to specify the output encoding.
Previously only encoding names (strings) were accepted. [#2774, #2798]
(Thanks, @ellaklara!)
* [CRuby] Users may opt into using system malloc for libxml2 memory
management. For more detail, see note above or adr/
2023-04-libxml-memory-management.md.
Changed
* [CRuby] Schema.from_document now makes a defensive copy of the document if
it has blank text nodes with Ruby objects instantiated for them. This
prevents unsafe behavior in libxml2 from causing a segfault. There is a
small performance cost, but we think this has the virtue of being "what the
user meant" since modifying the original is surprising behavior for most
users. Previously this was addressed in v1.10.9 by raising an exception.
Fixed
* [CRuby] XSLT.transform now makes a defensive copy of the document if it has
blank text nodes with Ruby objects instantiated for them and the template
uses xsl:strip-spaces. This prevents unsafe behavior in libxslt from
causing a segfault. There is a small performance cost, but we think this
has the virtue of being "what the user meant" since modifying the original
is surprising behavior for most users. Previously this would allow unsafe
memory access and potentially segfault. [#2800]
Improved
* Nokogiri::XML::Node::SaveOptions#inspect now shows the names of the options
set in the bitmask, similar to ParseOptions. [#2767]
* #inspect and pretty-printing are improved for AttributeDecl,
ElementContent, ElementDecl, and EntityDecl.
* [CRuby] The C extension now uses Ruby's TypedData API for managing all the
libxml2 structs. Write barriers may improve GC performance in some extreme
cases. [#2808] (Thanks, @etiennebarrie and @byroot!)
* [CRuby] ObjectSpace.memsize_of reports a pretty good guess of memory usage
when called on Nokogiri::XML::Document objects. [#2807] (Thanks,
@etiennebarrie and @byroot!)
* [CRuby] Users installing the "ruby" platform gem and compiling libxml2 and
libxslt from source will now be using a modern config.guess and config.sub
that supports new architectures like loongarch64. [#2831] (Thanks,
@zhangwenlong8911!)
* [CRuby] HTML5 parser:
+ adjusts the specified attributes, adding xlink:arcrole and removing
xml:base [#2841, #2842]
+ allows <hr> in <select> [whatwg/html#3410, whatwg/html#9124]
* [JRuby] Node#first_element_child now returns nil if there are only
non-element children. Previously a null pointer exception was raised. [#
2808, #2844]
* Documentation for Nokogiri::XSLT now has usage examples including custom
function handlers.
Deprecated
* Passing a Nokogiri::XML::Node as the first parameter to CDATA.new is
deprecated and will generate a warning. This parameter should be a kind of
Nokogiri::XML::Document. This will become an error in a future version of
Nokogiri.
* Passing a Nokogiri::XML::Node as the first parameter to
Schema.from_document is deprecated and will generate a warning. This
parameter should be a kind of Nokogiri::XML::Document. This will become an
error in a future version of Nokogiri.
* Passing a Nokogiri::XML::Node as the second parameter to Text.new is
deprecated and will generate a warning. This parameter should be a kind of
Nokogiri::XML::Document. This will become an error in a future version of
Nokogiri.
* [CRuby] Calling a custom XPath function without the nokogiri namespace is
deprecated and will generate a warning. Support for non-namespaced
functions will be removed in a future version of Nokogiri. (Note that JRuby
has never supported non-namespaced custom XPath functions.)
Revision 1.57 / (download) - annotate - [select for diffs], Sat May 13 18:13:43 2023 UTC (11 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base,
pkgsrc-2023Q2
Changes since 1.56: +4 -4
lines
Diff to previous 1.56 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.14.4.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.14.4
https://github.com/sparklemotion/nokogiri/releases/tag/v1.14.3
1.14.4 / 2023-05-11
Dependencies
* [JRuby] Vendored Xalan-J is updated to v2.7.3. This is the first Xalan
release in nine years, and it was done to address CVE-2022-34169.
The Nokogiri maintainers wish to stress that Nokogiri users were not
vulnerable to this CVE, as we explained in GHSA-qwq9-89rg-ww72, and so
upgrading is really at the discretion of users.
This release was cut primarily so that JRuby users of v1.14.x can avoid
vulnerability scanner alerts on earlier versions of Xalan-J.
1.14.3 / 2023-04-11
Security
* [CRuby] Vendored libxml2 is updated to address CVE-2023-29469,
CVE-2023-28484, and one other security-related issue. See
GHSA-pxvg-2qj5-37jqGHSA-pxvg-2qj5-37jq for more information.
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.10.4 from v2.10.3.
Revision 1.56 / (download) - annotate - [select for diffs], Sun Feb 19 03:41:56 2023 UTC (13 months, 4 weeks ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.55: +4 -4
lines
Diff to previous 1.55 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.14.2.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.14.2
1.14.2 / 2023-02-13
Fixed
* Calling NodeSet#to_html on an empty node set no longer raises an
encoding-related exception. This bug was introduced in v1.14.0 while
fixing #2649. [#2784]
Revision 1.55 / (download) - annotate - [select for diffs], Sat Feb 4 02:07:05 2023 UTC (14 months, 2 weeks ago) by tsutsui
Branch: MAIN
Changes since 1.54: +4 -4
lines
Diff to previous 1.54 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.14.1.
Upstream changes (from CHANGELOG.md)
1.14.1 / 2023-01-30
Fixed
* Serializing documents now works again with pseudo-IO objects that don't
support IO's encoding API (like rubyzip's Zip::OutputStream). This was a
regression in v1.14.0 due to the fix for #752 in #2434, and was not
completely fixed by #2753. [#2773]
* [CRuby] Address compiler warnings about void* casting and old-style C
function definitions.
1.14.0 / 2023-01-12
Notable Changes
Ruby
This release introduces native gem support for Ruby 3.2. (Also see "Technical
note" under "Changed" below.)
This release ends support for:
* Ruby 2.6, for which upstream support ended 2022-04-12.
* JRuby 9.3, which is not fully compatible with Ruby 2.7+
Faster, more reliable installation: Native Gem for aarch64-linux (aka linux/
arm64/v8)
This version of Nokogiri ships official native gem support for the
aarch64-linux platform, which should support AWS Graviton and other ARM64 Linux
platforms. Please note that glibc >= 2.29 is required for aarch64-linux
systems, see Supported Platforms for more information.
Faster, more reliable installation: Native Gem for arm-linux (aka linux/arm/
v7)
This version of Nokogiri ships experimental native gem support for the
arm-linux platform. Please note that glibc >= 2.29 is required for arm-linux
systems, see Supported Platforms for more information.
Pattern matching
This version introduces an experimental pattern matching API for XML::Attr,
XML::Document, XML::DocumentFragment, XML::Namespace, XML::Node, and
XML::NodeSet (and their subclasses).
Some documentation on what can be matched:
* XML::Attr#deconstruct_keys
* XML::Document#deconstruct_keys
* XML::Namespace#deconstruct_keys
* XML::Node#deconstruct_keys
* XML::DocumentFragment#deconstruct
* XML::NodeSet#deconstruct
We welcome feedback on this API at #2360.
Dependencies
CRuby
* Vendored libiconv is updated to v1.17
JRuby
* This version of Nokogiri uses jar-dependencies to manage most of the
vendored Java dependencies. nokogiri -v now outputs maven metadata for all
Java dependencies, and Nokogiri::VERSION_INFO also contains this metadata.
[#2432]
* HTML parsing is now provided by
net.sourceforge.htmlunit:neko-htmlunit:2.61.0 (previously Nokogiri used a
fork of org.cyberneko.html:nekohtml)
* Vendored Jing is updated from com.thaiopensource:jing:20091111 to
nu.validator:jing:20200702VNU.
* New dependency on net.sf.saxon:Saxon-HE:9.6.0-4 (via
nu.validator:jing:20200702VNU).
Added
* Node#wrap and NodeSet#wrap now also accept a Node type argument, which will
be duped for each wrapper. For cases where many nodes are being wrapped,
creating a Node once using Document#create_element and passing that Node
multiple times is significantly faster than re-parsing markup on each call.
[#2657]
* [CRuby] Invocation of custom XPath or CSS handler functions may now use the
nokogiri namespace prefix. Historically, the JRuby implementation required
this namespace but the CRuby implementation did not support it. It's
recommended that all XPath and CSS queries use the nokogiri namespace going
forward. Invocation without the namespace is planned for deprecation in
v1.15.0 and removal in a future release. [#2147]
* HTML5::Document#quirks_mode and HTML5::DocumentFragment#quirks_mode expose
the quirks mode used by the parser.
Improved
Functional
* HTML5 parser update to reflect changes to the living specification:
+ Add the <search> element by domenic - whatwg/html
+ Remove parse error for <template><tr></tr> </template> by zcorpan -
whatwg/html
Performance
* Serialization of HTML5 documents and fragments has been re-implemented and
is ~10x faster than previous versions. [#2596, #2569]
* Parsing of HTML5 documents is ~90% faster thanks to additional compiler
optimizations being applied. [#2639]
* Compare Encoding objects rather than compare their names. This is a slight
performance improvement and is future-proof. [#2454] (Thanks, @casperisfine
!)
Error handling
* Document#canonicalize now raises an exception if inclusive_namespaces is
non-nil and the mode is inclusive, i.e. XML_C14N_1_0 or XML_C14N_1_1.
inclusive_namespaces can only be passed with exclusive modes, and
previously this silently failed.
* Empty CSS selectors now raise a clearer Nokogiri::CSS::SyntaxError message,
"empty CSS selector". Previously the exception raised from the bowels of
racc was "unexpected '$' after ''". [#2700]
* [CRuby] XML::Reader parsing errors encountered during Reader#attribute_hash
and Reader#namespaces now raise an XML::SyntaxError. Previously these
methods would return nil and users would generally experience
NoMethodErrors from elsewhere in the code.
* Prefer ruby_xmalloc to malloc within the C extension. [#2480] (Thanks,
@Garfield96!)
Installation
* Avoid compile-time conflict with system-installed gumbo.h on OpenBSD. [#
2464]
* Remove calls to vasprintf in favor of platform-independent rb_vsprintf
* Installation from source on systems missing libiconv will once again
generate a helpful error message (broken since v1.11.0). [#2505]
* [CRuby+OSX] Compiling from source on MacOS will use the clang option
-Wno-unknown-warning-option to avoid errors when Ruby injects options that
clang doesn't know about. [#2689]
Fixed
* SAX::Parser's encoding attribute will not be clobbered when an alternative
encoding is passed into SAX::Parser#parse_io. [#1942] (Thanks, @kp666!)
* Serialized HTML4::DocumentFragment will now be properly encoded. Previously
this empty string was encoded as US-ASCII. [#2649]
* Node#wrap now uses the parent as the context node for parsing wrapper
markup, falling back to the document for unparented nodes. Previously the
document was always used.
* [CRuby] UTF-16-encoded documents longer than ~4000 code points now
serialize properly. Previously the serialized document was corrupted when
it exceeded the length of libxml2's internal string buffer. [#752]
* [CRuby] The HTML5 parser now correctly handles text at the end of form
elements.
* [CRuby] HTML5::Document#fragment now always uses body as the parsing
context. Previously, fragments were parsed in the context of the associated
document's root node, which allowed for inconsistent parsing. [#2553]
* [CRuby] Nokogiri::HTML5::Document#url now correctly returns the URL passed
to the constructor method. Previously it always returned nil. [#2583]
* [CRuby] HTML5 encoding detection is now case-insensitive with respect to
meta tag charset declaration. [#2693]
* [CRuby] HTML5 fragment parsing in context of an annotation-xml node now
works. Previously this rarely-used path invoked rb_funcall with incorrect
parameters, resulting in an exception, a fatal error, or potentially a
segfault. [#2692]
* [CRuby] HTML5 quirks mode during fragment parsing more closely matches
document parsing. [#2646]
* [JRuby] Fixed a bug with adding the same namespace to multiple nodes via #
add_namespace_definition. [#1247]
* [JRuby] NodeSet#[] now raises a TypeError if passed an invalid parameter
type. [#2211]
Deprecated
* Nokogiri.install_default_aliases is deprecated in favor of
Nokogiri::EncodingHandler.install_default_aliases. This is part of a
private API and is probably not called by anybody, but we'll go through a
deprecation cycle before removal anyway. [#2643, #2446]
Changed
* [CRuby+OSX] Technical note: On MacOS Ruby 3.2, the symbols from libxml2 and
libxslt are no longer exported. Ruby 3.2 adopted new features from the
Darwin toolchain that make it challenging to continue to support this
rarely-used binary API. A future minor release of Nokogiri may remove these
symbols (and others) entirely. Feedback from downstream gem maintainers is
welcome at #2746, where you'll also be able to read deeper context on this
decision.
Thank you!
The following people and organizations were kind enough to sponsor @flavorjones
or the Nokogiri project during the development of v1.14.0:
* Gotz Gorisch @GoetzGoerisch
* Airbnb @airbnb
* Kyohei Nanba @kyo-nanba
* Maxime Gauthier @biximilien
* @renuo
* @dbootyfvrt
* YOSHIDA Katsuhiko @kyoshidajp
* Homebrew @Homebrew
* David Vrensk @dvrensk
* Alex Daragiu @daragiu
* Github @github
* Julian Joseph @Julian88Tex
* Charles Simon-Meunier @csimonmeunier
* Ben Slaughter @benSlaughter
* Garen Torikian @gjtorikian
* Frank Groeneveld @frenkel
* Hiroshi SHIBATA @hsbt
Revision 1.54 / (download) - annotate - [select for diffs], Thu Dec 8 15:30:47 2022 UTC (16 months, 1 week ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4
Changes since 1.53: +4 -4
lines
Diff to previous 1.53 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.10.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.10
1.13.10 / 2022-12-07
Security
* [CRuby] Address CVE-2022-23476, unchecked return value from
xmlTextReaderExpand. See GHSA-qv4q-mr5r-qprj for more information.
Improvements
* [CRuby] XML::Reader#attribute_hash now returns nil on parse errors. This
restores the behavior of #attributes from v1.13.7 and earlier. [#2715]
Revision 1.53 / (download) - annotate - [select for diffs], Sun Oct 30 07:43:56 2022 UTC (17 months, 2 weeks ago) by tsutsui
Branch: MAIN
Changes since 1.52: +4 -4
lines
Diff to previous 1.52 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.9.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.9
1.13.9 / 2022-10-18
Security
* [CRuby] Vendored libxml2 is updated to address CVE-2022-2309,
CVE-2022-40304, and CVE-2022-40303. See GHSA-2qc6-mcvw-92cw for more
information.
* [CRuby] Vendored zlib is updated to address CVE-2022-37434.
Nokogiri was not affected by this vulnerability, but this version
of zlib was being flagged up by some vulnerability scanners,
see #2626 for more information.
Dependencies
* [CRuby] Vendored libxml2 is updated to v2.10.3 from v2.9.14.
* [CRuby] Vendored libxslt is updated to v1.1.37 from v1.1.35.
* [CRuby] Vendored zlib is updated from 1.2.12 to 1.2.13.
(See LICENSE-DEPENDENCIES.md for details on which packages redistribute
this library.)
Fixed
* [CRuby] Nokogiri::XML::Namespace objects, when compacted, update
their internal struct's reference to the Ruby object wrapper.
Previously, with GC compaction enabled, a segmentation fault was
possible after compaction was
triggered. [#2658] (Thanks, @eightbitraptor and @peterzhu2118!)
* [CRuby] Document#remove_namespaces! now defers freeing the underlying
xmlNs struct until the Document is GCed. Previously, maintaining a
reference to a Namespace object that was removed in this way could
lead to a segfault. [#2658]
Revision 1.52 / (download) - annotate - [select for diffs], Thu Aug 18 15:13:07 2022 UTC (20 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base,
pkgsrc-2022Q3
Changes since 1.51: +4 -4
lines
Diff to previous 1.51 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.8.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.8
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.7
1.13.8 / 2022-07-23
Deprecated
* XML::Reader#attribute_nodes is deprecated due to incompatibility between
libxml2's xmlReader memory semantics and Ruby's garbage collector. Although
this method continues to exist for backwards compatibility, it is unsafe to
call and may segfault. This method will be removed in a future version of
Nokogiri, and callers should use #attribute_hash instead. [#2598]
Improvements
* XML::Reader#attribute_hash is a new method to safely retrieve the
attributes of a node from XML::Reader. [#2598, #2599]
Fixed
* [CRuby] Calling XML::Reader#attributes is now safe to call. In Nokogiri <=
1.13.7 this method may segfault. [#2598, #2599]
1.13.7 / 2022-07-12
Fixed
XML::Node objects, when compacted, update their internal struct's reference to
the Ruby object wrapper. Previously, with GC compaction enabled, a segmentation
fault was possible after compaction was triggered. [#2578] (Thanks,
@eightbitraptor!)
Revision 1.51 / (download) - annotate - [select for diffs], Sat May 14 14:33:31 2022 UTC (23 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.50: +4 -4
lines
Diff to previous 1.50 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.6.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.6
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.5
1.13.6 / 2022-05-08
Security
* [CRuby] Address CVE-2022-29181, improper handling of unexpected data types,
related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for
more information.
Improvements
* {HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise
TypeError instead of segfaulting when an incorrect type is passed.
1.13.5 / 2022-05-04
Security
* [CRuby] Vendored libxml2 is updated to address CVE-2022-29824. See
GHSA-cgx6-hpwq-fhv5 for more information.
Dependencies
* [CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.
Improvements
* [CRuby] The libxml2 HTML4 parser no longer exhibits quadratic behavior when
recovering some broken markup related to start-of-tag and bare <
characters.
Changed
* [CRuby] The libxml2 HTML4 parser in v2.9.14 recovers from some broken
markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and
incorrectly-opened comments will result in HTML text nodes starting with &
lt;! instead of skipping the invalid tag. This behavior is a direct result
of the quadratic-behavior fix noted above. The behavior of downstream
sanitizers relying on this behavior will also change. Some tests describing
the changed behavior are in test/html4/test_comments.rb.
Revision 1.50 / (download) - annotate - [select for diffs], Sat Apr 16 14:28:18 2022 UTC (2 years ago) by tsutsui
Branch: MAIN
Changes since 1.49: +4 -4
lines
Diff to previous 1.49 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.4.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.4
1.13.4 / 2022-04-11
Security
* Address CVE-2022-24836, a regular expression denial-of-service
vulnerability. See GHSA-crjr-9rc5-ghw8 for more information.
* [CRuby] Vendored zlib is updated to address CVE-2018-25032. See
GHSA-v6gp-9mmm-c6p5 for more information.
* [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated to address
CVE-2022-23437. See GHSA-xxx9-3xcr-gjj3 for more information.
* [JRuby] Vendored nekohtml (org.cyberneko.html) is updated to address
CVE-2022-24839. See GHSA-gx8x-g87m-h5q6 for more information.
Dependencies
* [CRuby] Vendored zlib is updated from 1.2.11 to 1.2.12. (See
LICENSE-DEPENDENCIES.md for details on which packages redistribute this
library.)
* [JRuby] Vendored Xerces-J (xerces:xercesImpl) is updated from 2.12.0 to
2.12.2.
* [JRuby] Vendored nekohtml (org.cyberneko.html) is updated from a fork of
1.9.21 to 1.9.22.noko2. This fork is now publicly developed at https://
github.com/sparklemotion/nekohtml
Revision 1.49 / (download) - annotate - [select for diffs], Sun Mar 6 17:14:34 2022 UTC (2 years, 1 month ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.48: +4 -4
lines
Diff to previous 1.48 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.3.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.3
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.2
1.13.3 / 2022-02-21
Fixed
* [CRuby] Revert a HTML4 parser bug in libxml 2.9.13 (introduced in Nokogiri
v1.13.2). The bug causes libxml2's HTML4 parser to fail to recover when
encountering a bare < character in some contexts. This version of Nokogiri
restores the earlier behavior, which is to recover from the parse error and
treat the < as normal character data (which will be serialized as < in a
text node). The bug (and the fix) is only relevant when the RECOVER parse
option is set, as it is by default. [#2461]
1.13.2 / 2022-02-21
Security
* [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update
addresses CVE-2022-23308.
* [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update
addresses CVE-2021-30560.
Please see GHSA-fq42-c5rg-92c2 for more information about these CVEs.
Dependencies
* [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. Full changelog
is available at https://download.gnome.org/sources/libxml2/2.9/
libxml2-2.9.13.news
* [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. Full changelog
is available at https://download.gnome.org/sources/libxslt/1.1/
libxslt-1.1.35.news
Revision 1.48 / (download) - annotate - [select for diffs], Sun Jan 16 10:12:07 2022 UTC (2 years, 3 months ago) by tsutsui
Branch: MAIN
Changes since 1.47: +4 -4
lines
Diff to previous 1.47 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.1.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.1
1.13.1 / 2022-01-13
Fixed
* Fix Nokogiri::XSLT.quote_params regression in v1.13.0 that raised an
exception when non-string stylesheet parameters were passed. Non-string
parameters (e.g., integers and symbols) are now explicitly supported and
both keys and values will be stringified with #to_s. [#2418]
* Fix HTML5 CSS selector query regression in v1.13.0 that raised an
Nokogiri::XML::XPath::SyntaxError when parsing XPath attributes mixed into
the CSS query. Although this mash-up of XPath and CSS syntax previously
worked unintentionally, it is now an officially supported feature and is
documented as such. [#2419]
Revision 1.47 / (download) - annotate - [select for diffs], Sun Jan 9 19:19:23 2022 UTC (2 years, 3 months ago) by tsutsui
Branch: MAIN
Changes since 1.46: +4 -5
lines
Diff to previous 1.46 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.13.0.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.13.0
1.13.0 / 2022-01-06
Notes
Ruby
This release introduces native gem support for Ruby 3.1. Please note that
Windows users should use the x64-mingw-ucrt platform gem for Ruby 3.1, and
x64-mingw32 for Ruby 2.6-3.0 (see RubyInstaller 3.1.0 release notes).
This release ends support for:
* Ruby 2.5, for which official support ended 2021-03-31.
* JRuby 9.2, which is a Ruby 2.5-compatible release.
Faster, more reliable installation: Native Gem for ARM64 Linux
This version of Nokogiri ships experimental native gem support for the
aarch64-linux platform, which should support AWS Graviton and other ARM Linux
platforms. We don't yet have CI running for this platform, and so we're
interested in hearing back from y'all whether this is working, and what
problems you're seeing. Please send us feedback here: Feedback: Have you used
the aarch64-linux native gem?
Publishing
This version of Nokogiri opts-in to the "MFA required to publish" setting on
Rubygems.org. This and all future Nokogiri gem files must be published to
Rubygems by an account with multi-factor authentication enabled. This should
provide some additional protection against supply-chain attacks.
A related discussion about Trust exists at #2357 in which I invite you to
participate if you have feelings or opinions on this topic.
Dependencies
* [CRuby] Vendored libiconv is updated from 1.15 to 1.16. (Note that libiconv
is only redistributed in the native windows and native darwin gems, see
LICENSE-DEPENDENCIES.md for more information.) [#2206]
* [CRuby] Upgrade mini_portile2 dependency from ~> 2.6.1 to ~> 2.7.0. ("ruby"
platform gem only.)
Improved
* {XML,HTML4}::DocumentFragment constructors all now take an optional parse
options parameter or block (similar to Document constructors). [#1692]
(Thanks, @JackMc!)
* Nokogiri::CSS.xpath_for allows an XPathVisitor to be injected, for
finer-grained control over how CSS queries are translated into XPath.
* [CRuby] XML::Reader#encoding will return the encoding detected by the
parser when it's not passed to the constructor. [#980]
* [CRuby] Handle abruptly-closed HTML comments as recommended by WHATWG.
(Thanks to tehryanx for reporting!)
* [CRuby] Node#line is no longer capped at 65535. libxml v2.9.0 and later
support a new parse option, exposed as
Nokogiri::XML::ParseOptions::PARSE_BIG_LINES, which is turned on by default
in ParseOptions::DEFAULT_{XML,XSLT,HTML,SCHEMA} (Note that JRuby already
supported large line numbers.) [#1764, #1493, #1617, #1505, #1003, #533]
* [CRuby] If a cycle is introduced when reparenting a node (i.e., the node
becomes its own ancestor), a RuntimeError is raised. libxml2 does no
checking for this, which means cycles would otherwise result in infinite
loops on subsequent operations. (Note that JRuby already did this.) [#1912]
* [CRuby] Source builds will download zlib and libiconv via HTTPS. ("ruby"
platform gem only.) [#2391] (Thanks, @jmartin-r7!)
* [JRuby] Node#line behavior has been modified to return the line number of
the node in the final DOM structure. This behavior is different from CRuby,
which returns the node's position in the input string. Ideally the two
implementations would be the same, but at least is now officially
documented and tested. The real-world impact of this change is that the
value returned in JRuby is greater by 1 to account for the XML prolog in
the output. [#2380] (Thanks, @dabdine!)
Fixed
* CSS queries on HTML5 documents now correctly match foreign elements (SVG,
MathML) when namespaces are not specified in the query. [#2376]
* XML::Builder blocks restore context properly when exceptions are raised.
[#2372] (Thanks, @ric2b and @rinthedev!)
* The Nokogiri::CSS::Parser cache now uses the XPathVisitor configuration as
part of the cache key, preventing incorrect cache results from being
returned when multiple XPathVisitor options are being used.
* Error recovery from in-context parsing (e.g., Node#parse) now always uses
the correct DocumentFragment class. Previously
Nokogiri::HTML4::DocumentFragment was always used, even for XML documents.
[#1158]
* DocumentFragment#> now works properly, matching a CSS selector against only
the fragment roots. [#1857]
* XML::DocumentFragment#errors now correctly contains any parsing errors
encountered. Previously this was always empty. (Note that
HTML::DocumentFragment#errors already did this.)
* [CRuby] Fix memory leak in Document#canonicalize when inclusive namespaces
are passed in. [#2345]
* [CRuby] Fix memory leak in Document#canonicalize when an argument type
error is raised. [#2345]
* [CRuby] Fix memory leak in EncodingHandler where iconv handlers were not
being cleaned up. [#2345]
* [CRuby] Fix memory leak in XPath custom handlers where string arguments
were not being cleaned up. [#2345]
* [CRuby] Fix memory leak in Reader#base_uri where the string returned by
libxml2 was not freed. [#2347]
* [JRuby] Deleting a Namespace from a NodeSet no longer modifies the href to
be the default namespace URL.
* [JRuby] Fix XHTML formatting of closing tags for non-container elements.
[#2355]
Deprecated
* Passing a Nokogiri::XML::Node as the second parameter to Node.new is
deprecated and will generate a warning. This parameter should be a kind of
Nokogiri::XML::Document. This will become an error in a future version of
Nokogiri. [#975]
* Nokogiri::CSS::Parser, Nokogiri::CSS::Tokenizer, and Nokogiri::CSS::Node
are now internal-only APIs that are no longer documented, and should not be
considered stable. With the introduction of XPathVisitor injection into
Nokogiri::CSS.xpath_for there should be no reason to rely on these internal
APIs.
* CSS-to-XPath utility classes Nokogiri::CSS::XPathVisitorAlwaysUseBuiltins
and XPathVisitorOptimallyUseBuiltins are deprecated. Prefer
Nokogiri::CSS::XPathVisitor with appropriate constructor arguments. These
classes will be removed in a future version of Nokogiri.
Revision 1.46 / (download) - annotate - [select for diffs], Tue Oct 26 11:23:25 2021 UTC (2 years, 5 months ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.45: +2 -2
lines
Diff to previous 1.45 (colored) to selected 1.21 (colored)
textproc: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./textproc/convertlit/distinfo clit18src.zip
Revision 1.45 / (download) - annotate - [select for diffs], Thu Oct 7 15:02:32 2021 UTC (2 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.44: +1 -2
lines
Diff to previous 1.44 (colored) to selected 1.21 (colored)
textproc: Remove SHA1 hashes for distfiles
Revision 1.44 / (download) - annotate - [select for diffs], Fri Oct 1 18:54:25 2021 UTC (2 years, 6 months ago) by tsutsui
Branch: MAIN
Changes since 1.43: +5 -5
lines
Diff to previous 1.43 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.12.5.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases/tag/v1.12.5
1.12.5 / 2021-09-27
Security
[JRuby] Address CVE-2021-41098 (GHSA-2rr5-8q37-2w7h).
In Nokogiri v1.12.4 and earlier, on JRuby only, the SAX parsers resolve
external entities (XXE) by default. This fix turns off
entity-resolution-by-default in the JRuby SAX parsers to match the CRuby SAX
parsers' behavior.
CRuby users are not affected by this CVE.
Fixed
* [CRuby] Document#to_xhtml properly serializes self-closing tags in libxml >
2.9.10. A behavior change introduced in libxml 2.9.11 resulted in emitting
start and and tags (e.g., <br></br>) instead of a self-closing tag (e.g.,
<br/>) in previous Nokogiri versions. [#2324]
Revision 1.43 / (download) - annotate - [select for diffs], Sat Sep 18 08:05:09 2021 UTC (2 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3
Changes since 1.42: +2 -1
lines
Diff to previous 1.42 (colored) to selected 1.21 (colored)
textproc/ruby-nokogiri: fix dependency Allow depending to misc/ruby-mini_portile2 2.7.0 and later. * Override gemspec. * There is dependency to mini_portile2 in ext/nokogiri/extconf.rb. :( No PKGREVISION bump since this change fix broken package.
Revision 1.42 / (download) - annotate - [select for diffs], Sat Sep 11 09:54:46 2021 UTC (2 years, 7 months ago) by tsutsui
Branch: MAIN
Changes since 1.41: +5 -5
lines
Diff to previous 1.41 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.12.4.
Upstream changes
https://github.com/sparklemotion/nokogiri/releases/tag/v1.12.4
1.12.4 / 2021-08-29
Notable fix: Namespace inheritance
Namespace behavior when reparenting nodes has historically been poorly
specified and the behavior diverged between CRuby and JRuby. As a result,
making this behavior consistent in v1.12.0 introduced a breaking change.
This patch release reverts the Builder behavior present in v1.12.0..v1.12.3 but
keeps the Document behavior. This release also introduces a Document attribute
to allow affected users to easily change this behavior for their legacy code
without invasive changes.
Compensating Feature in XML::Document
This release of Nokogiri introduces a new Document boolean attribute,
namespace_inheritance, which controls whether children should inherit a
namespace when they are reparented. Nokogiri::XML:Document defaults this
attribute to false meaning "do not inherit," thereby making explicit the
behavior change introduced in v1.12.0.
CRuby users who desire the pre-v1.12.0 behavior may set
document.namespace_inheritance = true before reparenting nodes.
See https://nokogiri.org/rdoc/Nokogiri/XML/Document.html#
namespace_inheritance-instance_method for example usage.
Fix for XML::Builder
However, recognizing that we want Builder-created children to inherit
namespaces, Builder now will set namespace_inheritance=true on the underlying
document for both JRuby and CRuby. This means that, on CRuby, the pre-v1.12.0
behavior is restored.
Users who want to turn this behavior off may pass a keyword argument to the
Builder constructor like so:
Nokogiri::XML::Builder.new(namespace_inheritance: false)
See https://nokogiri.org/rdoc/Nokogiri/XML/Builder.html#
label-Namespace+inheritance for example usage.
Downstream gem maintainers
Note that any downstream gems may want to specifically omit Nokogiri
v1.12.0--v1.12.3 from their dependency specification if they rely on child
namespace inheritance:
Gem::Specification.new do |gem|
# ...
gem.add_runtime_dependency 'nokogiri', '!=1.12.3', '!=1.12.2', '!=1.12.1', '!=1.12.0'
# ...
end
Fixed
* [JRuby] Fix NPE in Schema parsing when an imported resource doesn't have a
systemId. [#2296] (Thanks, @pepijnve!)
Revision 1.41 / (download) - annotate - [select for diffs], Sat Aug 21 18:27:13 2021 UTC (2 years, 7 months ago) by tsutsui
Branch: MAIN
Changes since 1.40: +5 -5
lines
Diff to previous 1.40 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.12.3.
Upstream changes:
https://github.com/sparklemotion/nokogiri/releases
1.12.3 / 2021-08-06
Fixed
* [CRuby] Fix compilation of libgumbo on older systems with versions of GCC
that give errors on C99-isms. Affected systems include RHEL6, RHEL7, and
SLES12. [#2302]
1.12.2 / 2021-08-04
Fixed
* Ensure that C extension files in non-native gem installations are loaded
using require and rely on $LOAD_PATH instead of using require_relative.
This issue only exists when deleting shared libraries that exist outside
the extensions directory, something users occasionally do to conserve disk
space. [#2300]
1.12.1 / 2021-08-03
Fixed
* Fix compilation of libgumbo on BSD systems by avoiding GNU-isms. [#2298]
1.12.0 / 2021-08-02
Notable Addition: HTML5 Support (CRuby only)
HTML5 support has been added (to CRuby only) by merging Nokogumbo into
Nokogiri. The Nokogumbo public API has been preserved, so this functionality is
available under the Nokogiri::HTML5 namespace. [#2204]
Please note that HTML5 support is not available for JRuby in this version.
However, we feel it is important to think about JRuby and we hope to work on
this in the future. If you're interested in helping with HTML5 support on
JRuby, please reach out to the maintainers by commenting on issue #2227.
Many thanks to Sam Ruby, Steve Checkoway, and Craig Barnes for creating and
maintaining Nokogumbo and supporting the Gumbo HTML5 parser. They're now
Nokogiri core contributors with all the powers and privileges pertaining
thereto.
Notable Change: Nokogiri::HTML4 module and namespace
Nokogiri::HTML has been renamed to Nokogiri::HTML4, and Nokogiri::HTML is
aliased to preserve backwards-compatibility. Nokogiri::HTML and Nokogiri::HTML4
parse methods still use libxml2's (or NekoHTML's) HTML4 parser in the v1.12
release series.
Take special note that if you rely on the class name of an object in your code,
objects will now report a class of Nokogiri::HTML4::Foo where they previously
reported Nokogiri::HTML::Foo. Instead of relying on the string returned by
Object#class, prefer Class#=== or Object#is_a? or Object#instance_of?.
Future releases of Nokogiri may deprecate HTML methods or otherwise change this
behavior, so please start using HTML4 in place of HTML.
Added
* [CRuby] Nokogiri::VERSION_INFO["libxslt"]["datetime_enabled"] is a new
boolean value which describes whether libxslt (or, more properly, libexslt)
has compiled-in datetime support. This generally going to be true, but some
distros ship without this support (e.g., some mingw UCRT-based packages,
see msys2/MINGW-packages#8957). See #2272 for more details.
Changed
* Introduce a new constant, Nokogiri::XML::ParseOptions::DEFAULT_XSLT, which
adds the libxslt-preferred options of NOENT | DTDLOAD | DTDATTR | NOCDATA
to ParseOptions::DEFAULT_XML.
* Nokogiri.XSLT parses stylesheets using ParseOptions::DEFAULT_XSLT, which
should make some edge-case XSL transformations match libxslt's default
behavior. [#1940]
Fixed
* [CRuby] Namespaced attributes are handled properly when their parent node
is reparented into another document. Previously, the namespace may have
gotten dropped. [#2228]
* [CRuby] Reparented nodes no longer inherit their parent's namespace.
Previously, a node without a namespace was forced to adopt its parent's
namespace. [#1712]
Improved
* [CRuby] Speed up (slightly) the compile time of packaged libraries
libiconv, libxml2, and libxslt by using autoconf's
--disable-dependency-tracking option. ("ruby" platform gem only.)
Deprecated
* Deprecating Nokogumbo's Nokogiri::HTML5.get. This method will be removed in
a future version of Nokogiri.
Dependencies
* [CRuby] Upgrade mini_portile2 dependency from ~> 2.5.0 to ~> 2.6.1. ("ruby"
platform gem only.)
1.11.7 / 2021-06-02
* [CRuby] Backporting an upstream fix to XPath recursion depth limits which
impacted some users of complex XPath queries. This issue is present in
libxml 2.9.11 and 2.9.12. [#2257]
1.11.6 / 2021-05-26
Fixed
* [CRuby] DocumentFragment#path now does proper error-checking to handle
behavior introduced in libxml > 2.9.10. In v1.11.4 and v1.11.5, calling
DocumentFragment#path could result in a segfault.
1.11.5 / 2021-05-19
Fixed
[Windows CRuby] Work around segfault at process exit on Windows when using
libxml2 system DLLs.
libxml 2.9.12 introduced new behavior to avoid memory leaks when unloading
libxml2 shared libraries (see libxml/!66). Early testing caught this segfault
on non-Windows platforms (see #2059 and libxml@956534e) but it was incompletely
fixed and is still an issue on Windows platforms that are using system DLLs.
We work around this by configuring libxml2 in this situation to use its default
memory management functions. Note that if Nokogiri is not on Windows, or is not
using shared system libraries, it will will continue to configure libxml2 to
use Ruby's memory management functions. Nokogiri::VERSION_INFO["libxml"]
["memory_management"] will allow you to verify when the default memory
management functions are being used. [#2241]
Added
Nokogiri::VERSION_INFO["libxml"] now contains the key "memory_management" to
declare whether libxml2 is using its default memory management functions, or
whether it uses the memory management functions from ruby. See above for more
details.
1.11.4 / 2021-05-14
Security
[CRuby] Vendored libxml2 upgraded to v2.9.12 which addresses:
* CVE-2019-20388
* CVE-2020-24977
* CVE-2021-3517
* CVE-2021-3518
* CVE-2021-3537
* CVE-2021-3541
Note that two additional CVEs were addressed upstream but are not relevant to
this release. CVE-2021-3516 via xmllint is not present in Nokogiri, and
CVE-2020-7595 has been patched in Nokogiri since v1.10.8 (see #1992).
Please see nokogiri/GHSA-7rrm-v45f-jp64 or #2233 for a more complete analysis
of these CVEs and patches.
Dependencies
* [CRuby] vendored libxml2 is updated from 2.9.10 to 2.9.12. (Note that
2.9.11 was skipped because it was superseded by 2.9.12 a few hours after
its release.)
1.11.3 / 2021-04-07
Fixed
* [CRuby] Passing non-Node objects to Document#root= now raises an
ArgumentError exception. Previously this likely segfaulted. [#1900]
* [JRuby] Passing non-Node objects to Document#root= now raises an
ArgumentError exception. Previously this raised a TypeError exception.
* [CRuby] arm64/aarch64 systems (like Apple's M1) can now compile libxml2 and
libxslt from source (though we continue to strongly advise users to install
the native gems for the best possible experience)
Revision 1.40 / (download) - annotate - [select for diffs], Fri Mar 19 16:52:25 2021 UTC (3 years, 1 month ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1
Changes since 1.39: +5 -5
lines
Diff to previous 1.39 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.11.2.
Upstream changelog (from CHANGELOG.md):
1.11.2 / 2021-03-11
Fixed
* [CRuby] NodeSet may now safely contain Node objects from multiple
documents. Previously the GC lifecycle of the parent Document objects could
lead to nodes being GCed while still in scope. [#1952]
* [CRuby] Patch libxml2 to avoid "huge input lookup" errors on large CDATA
elements. (See upstream GNOME/libxml2#200 and GNOME/libxml2!100.) [#2132].
* [CRuby+Windows] Enable Nokogumbo (and other downstream gems) to compile and
link against nokogiri.so by including LDFLAGS in Nokogiri::VERSION_INFO. [#
2167]
* [CRuby] {XML,HTML}::Document.parse now invokes #initialize exactly once.
Previously #initialize was invoked twice on each object.
* [JRuby] {XML,HTML}::Document.parse now invokes #initialize exactly once.
Previously #initialize was not called, which was a problem for subclassing
such as done by Loofah.
Improved
* Reduce the number of object allocations needed when parsing an
HTML::DocumentFragment. [#2087] (Thanks, @ashmaroli!)
* [JRuby] Update the algorithm used to calculate Node#line to be wrong
less-often. The underlying parser, Xerces, does not track line numbers, and
so we've always used a hacky solution for this method. [#1223, #2177]
* Introduce --enable-system-libraries and --disable-system-libraries flags to
extconf.rb. These flags provide the same functionality as
--use-system-libraries and the NOKOGIRI_USE_SYSTEM_LIBRARIES environment
variable, but are more idiomatic. [#2193] (Thanks, @eregon!)
* [TruffleRuby] --disable-static is now the default on TruffleRuby when the
packaged libraries are used. This is more flexible and compiles faster.
(Note, though, that the default on TR is still to use system libraries.) [#
2191, #2193] (Thanks, @eregon!)
Changed
* Nokogiri::XML::Path is now a Module (previously it has been a Class). It
has been acting solely as a Module since v1.0.0. See 8461c74.
Revision 1.39 / (download) - annotate - [select for diffs], Fri Jan 8 17:09:41 2021 UTC (3 years, 3 months ago) by tsutsui
Branch: MAIN
Changes since 1.38: +5 -5
lines
Diff to previous 1.38 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.11.1.
Upstream changelog (from CHANGELOG.md):
v1.11.1 / 2021-01-06
Fixed
* [CRuby] If libxml-ruby is loaded before nokogiri, the SAX and Push parsers
no longer call libxml-ruby's handlers. Instead, they defensively override
the libxml2 global handler before parsing. [#2168]
v1.11.0 / 2021-01-03
Notes
Faster, more reliable installation: Native Gems for Linux and OSX/Darwin
"Native gems" contain pre-compiled libraries for a specific machine
architecture. On supported platforms, this removes the need for compiling the C
extension and the packaged libraries. This results in much faster installation
and more reliable installation, which as you probably know are the biggest
headaches for Nokogiri users.
We've been shipping native Windows gems since 2009, but starting in v1.11.0 we
are also shipping native gems for these platforms:
* Linux: x86-linux and x86_64-linux -- including musl platforms like alpine
* OSX/Darwin: x86_64-darwin and arm64-darwin
We'd appreciate your thoughts and feedback on this work at #2075.
Dependencies
Ruby
This release introduces support for Ruby 2.7 and 3.0 in the precompiled native
gems.
This release ends support for:
* Ruby 2.3, for which official support ended on 2019-03-31 [#1886] (Thanks
@ashmaroli!)
* Ruby 2.4, for which official support ended on 2020-04-05
* JRuby 9.1, which is the Ruby 2.3-compatible release.
Gems
* Explicitly add racc as a runtime dependency. [#1988] (Thanks, @voxik!)
* [MRI] Upgrade mini_portile2 dependency from ~> 2.4.0 to ~> 2.5.0 [#2005]
(Thanks, @alejandroperea!)
Security
See note below about CVE-2020-26247 in the "Changed" subsection entitled
"XML::Schema parsing treats input as untrusted by default".
Added
* Add Node methods for manipulating "keyword attributes" (for example, class
and rel): #kwattr_values, #kwattr_add, #kwattr_append, and #kwattr_remove.
[#2000]
* Add support for CSS queries a:has(> b), a:has(~ b), and a:has(+ b). [#688]
(Thanks, @jonathanhefner!)
* Add Node#value? to better match expected semantics of a Hash-like object.
[#1838, #1840] (Thanks, @MatzFan!)
* [CRuby] Add Nokogiri::XML::Node#line= for use by downstream libs like
nokogumbo. [#1918] (Thanks, @stevecheckoway!)
* nokogiri.gemspec is back after a 10-year hiatus. We still prefer you use
the official releases, but master is pretty stable these days, and YOLO.
Performance
* [CRuby] The CSS ~= operator and class selector . are about 2x faster.
[#2137, #2135]
* [CRuby] Patch libxml2 to call strlen from xmlStrlen rather than the naive
implementation, because strlen is generally optimized for the architecture.
[#2144] (Thanks, @ilyazub!)
* Improve performance of some namespace operations. [#1916] (Thanks,
@ashmaroli!)
* Remove unnecessary array allocations from Node serialization methods
[#1911] (Thanks, @ashmaroli!)
* Avoid creation of unnecessary zero-length String objects. [#1970] (Thanks,
@ashmaroli!)
* Always compile libxml2 and libxslt with '-O2' [#2022, #2100] (Thanks,
@ilyazub!)
* [JRuby] Lots of code cleanup and performance improvements. [#1934] (Thanks,
@kares!)
* [CRuby] RelaxNG.from_document no longer leaks memory. [#2114]
Improved
* [CRuby] Handle incorrectly-closed HTML comments as WHATWG recommends for
browsers. [#2058] (Thanks to HackerOne user mayflower for reporting this!)
* {HTML,XML}::Document#parse now accept Pathname objects. Previously this
worked only if the referenced file was less than 4096 bytes long; longer
files resulted in undefined behavior because the read method would be
repeatedly invoked. [#1821, #2110] (Thanks, @doriantaylor and @phokz!)
* [CRuby] Nokogumbo builds faster because it can now use header files
provided by Nokogiri. [#1788] (Thanks, @stevecheckoway!)
* Add frozen_string_literal: true magic comment to all lib files. [#1745]
(Thanks, @oniofchaos!)
* [JRuby] Clean up deprecated calls into JRuby. [#2027] (Thanks, @headius!)
Fixed
* HTML Parsing in "strict" mode (i.e., the RECOVER parse option not set) now
correctly raises a XML::SyntaxError exception. Previously the value of the
RECOVER bit was being ignored by CRuby and was misinterpreted by JRuby.
[#2130]
* The CSS ~= operator now correctly handles non-space whitespace in the class
attribute. commit e45dedd
* The switch to turn off the CSS-to-XPath cache is now thread-local, rather
than being shared mutable state. [#1935]
* The Node methods add_previous_sibling, previous=, before, add_next_sibling,
next=, after, replace, and swap now correctly use their parent as the
context node for parsing markup. These methods now also raise a
RuntimeError if they are called on a node with no parent. [nokogumbo#160]
* [JRuby] XML::Schema XSD validation errors are captured in XML::Schema#
errors. These errors were previously ignored.
* [JRuby] Standardize reading from IO like objects, including StringIO.
[#1888, #1897]
* [JRuby] Fix how custom XPath function namespaces are inferred to be less
naive. [#1890, #2148]
* [JRuby] Clarify exception message when custom XPath functions can't be
resolved.
* [JRuby] Comparison of Node to Document with Node#<=> now matches
CRuby/libxml2 behavior.
* [CRuby] Syntax errors are now correctly captured in Document#errors for
short HTML documents. Previously the SAX parser used for encoding detection
was clobbering libxml2's global error handler.
* [CRuby] Fixed installation on AIX with respect to vasprintf. [#1908]
* [CRuby] On some platforms, avoid symbol name collision with glibc's
canonicalize. [#2105]
* [Windows Visual C++] Fixed compiler warnings and errors. [#2061, #2068]
* [CRuby] Fixed Nokogumbo integration which broke in the v1.11.0 release
candidates. [#1788] (Thanks, @stevecheckoway!)
* [JRuby] Fixed document encoding regression in v1.11.0 release candidates.
[#2080, #2083] (Thanks, @thbar!)
Removed
* The internal method Nokogiri::CSS::Parser.cache_on= has been removed. Use
.set_cache if you need to muck with the cache internals.
* The class method Nokogiri::CSS::Parser.parse has been removed. This was
originally deprecated in 2009 in 13db61b. Use Nokogiri::CSS.parse instead.
Changed
XML::Schema input is now "untrusted" by default
Address CVE-2020-26247.
In Nokogiri versions <= 1.11.0.rc3, XML Schemas parsed by Nokogiri::XML::Schema
were trusted by default, allowing external resources to be accessed over the
network, potentially enabling XXE or SSRF attacks.
This behavior is counter to the security policy intended by Nokogiri
maintainers, which is to treat all input as untrusted by default whenever
possible.
Please note that this security fix was pushed into a new minor version, 1.11.x,
rather than a patch release to the 1.10.x branch, because it is a breaking
change for some schemas and the risk was assessed to be "Low Severity".
More information and instructions for enabling "trusted input" behavior in
v1.11.0.rc4 and later is available at the public advisory.
HTML parser now obeys the strict or norecover parsing option
(Also noted above in the "Fixed" section) HTML Parsing in "strict" mode (i.e.,
the RECOVER parse option not set) now correctly raises a XML::SyntaxError
exception. Previously the value of the RECOVER bit was being ignored by CRuby
and was misinterpreted by JRuby.
If you're using the default parser options, you will be unaffected by this fix.
If you're passing strict or norecover to your HTML parser call, you may be
surprised to see that the parser now fails to recover and raises a
XML::SyntaxError exception. Given the number of HTML documents on the internet
that libxml2 would consider to be ill-formed, this is probably not what you
want, and you can omit setting that parse option to restore the behavior that
you have been relying upon.
Apologies to anyone inconvenienced by this breaking bugfix being present in a
minor release, but I felt it was appropriate to introduce this fix because it's
straightforward to fix any code that has been relying on this buggy behavior.
VersionInfo, the output of nokogiri -v, and related constants
This release changes the metadata provided in Nokogiri::VersionInfo which also
affects the output of nokogiri -v. Some related constants have also been
changed. If you're using VersionInfo programmatically, or relying on constants
related to underlying library versions, please read the detailed changes for
Nokogiri::VersionInfo at #2139 and accept our apologies for the inconvenience.
Revision 1.38 / (download) - annotate - [select for diffs], Sat Oct 3 14:27:32 2020 UTC (3 years, 6 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base,
pkgsrc-2020Q4
Changes since 1.37: +5 -5
lines
Diff to previous 1.37 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.10. Upstream chages (from CHANGELOG.md): 1.10.10 / 2020-07-06 Features * [MRI] Cross-built Windows gems now support Ruby 2.7 [#2029]. Note that prior to this release, the v1.11.x prereleases provided this support.
Revision 1.37 / (download) - annotate - [select for diffs], Tue Mar 10 14:19:35 2020 UTC (4 years, 1 month ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base,
pkgsrc-2020Q3,
pkgsrc-2020Q2-base,
pkgsrc-2020Q2,
pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.36: +5 -5
lines
Diff to previous 1.36 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.9. Upstream chages (from CHANGELOG.md): 1.10.9 / 2020-03-01 Fixed * [MRI] Raise an exception when Nokogiri detects a specific libxml2 edge case involving blank Schema nodes wrapped by Ruby objects that would cause a segfault. Currently no fix is available upstream, so we're preventing a dangerous operation and informing users to code around it if possible. [#1985, #2001] * [JRuby] Change NodeSet#to_a to return a RubyArray instead of Object, for compilation under JRuby 9.2.9 and later. [#1968, #1969] (Thanks, @headius!)
Revision 1.36 / (download) - annotate - [select for diffs], Sun Feb 16 04:11:05 2020 UTC (4 years, 2 months ago) by tsutsui
Branch: MAIN
Changes since 1.35: +5 -5
lines
Diff to previous 1.35 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.8. Upstream changelog (from CHANGELOG.md): ## 1.10.8 / 2020-02-10 ### Security [MRI] Pulled in upstream patch from libxml that addresses CVE-2020-7595. Full details are available in [#1992](https://github.com/sparklemotion/nokogiri/issues/1992). Note that this patch is not yet (as of 2020-02-10) in an upstream release of libxml.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Dec 11 14:52:21 2019 UTC (4 years, 4 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.34: +5 -5
lines
Diff to previous 1.34 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.7. Upstream changes (from CHANGELOG.md): ## 1.10.7 / 2019-12-03 ### Bug * [MRI] Ensure the patch applied in v1.10.6 works with GNU `patch`. [#1954] ## 1.10.6 / 2019-12-03 ### Bug * [MRI] Fix FreeBSD installation of vendored libxml2. [#1941, #1953] (Thanks, @nurse!) ## 1.10.5 / 2019-10-31 ### Security [MRI] Vendored libxslt upgraded to v1.1.34 which addresses three CVEs for libxslt: * CVE-2019-13117 * CVE-2019-13118 * CVE-2019-18197 More details are available at #1943. ### Dependencies * [MRI] vendored libxml2 is updated from 2.9.9 to 2.9.10 * [MRI] vendored libxslt is updated from 1.1.33 to 1.1.34
Revision 1.34 / (download) - annotate - [select for diffs], Sun Aug 11 23:14:47 2019 UTC (4 years, 8 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.33: +5 -5
lines
Diff to previous 1.33 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.4. Upstream changelog: https://github.com/sparklemotion/nokogiri/blob/v1.10.4/CHANGELOG.md # 1.10.4 / 2019-08-07 ### Security #### Address CVE-2019-5477 (#1915) A command injection vulnerability in Nokogiri v1.10.3 and earlier allows commands to be executed in a subprocess by Ruby's `Kernel.open` method. Processes are vulnerable only if the undocumented method `Nokogiri::CSS::Tokenizer#load_file` is being passed untrusted user input. This vulnerability appears in code generated by the Rexical gem versions v1.0.6 and earlier. Rexical is used by Nokogiri to generate lexical scanner code for parsing CSS queries. The underlying vulnerability was addressed in Rexical v1.0.7 and Nokogiri upgraded to this version of Rexical in Nokogiri v1.10.4. This CVE's public notice is https://github.com/sparklemotion/nokogiri/issues/1915
Revision 1.33 / (download) - annotate - [select for diffs], Sat Jun 22 04:11:59 2019 UTC (4 years, 9 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.32: +5 -5
lines
Diff to previous 1.32 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.3. Upstream changelog (from CHANGELOG.md): ## 1.10.3 / 2019-04-22 ### Security Notes [MRI] Pulled in upstream patch from libxslt that addresses CVE-2019-11068. Full details are available in [#1892](https://github.com/sparklemotion/nokogiri/issues/1892). Note that this patch is not yet (as of 2019-04-22) in an upstream release of libxslt. ## 1.10.2 / 2019-03-24 ### Security * [MRI] Remove support from vendored libxml2 for future script macros. [#1871] * [MRI] Remove support from vendored libxml2 for server-side includes within attributes. [#1877] ### Bug fixes * [JRuby] Fix node ownership in duplicated documents. [#1060] * [JRuby] Rethrow exceptions caught by Java SAX handler. [#1847, #1872] (Thanks, @adjam!)
Revision 1.32 / (download) - annotate - [select for diffs], Sun Mar 10 11:24:17 2019 UTC (5 years, 1 month ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1
Changes since 1.31: +5 -5
lines
Diff to previous 1.31 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.1. Upstream changes (from CHANGELOG.md): # 1.10.1 / 2019-01-13 ### Features * [MRI] During installation, handle Xcode 10's new library path. [#1801, #1851] (Thanks, @mlj and @deepj!) * Avoid unnecessary creation of `Proc`s in many methods. [#1776] (Thanks, @chopraanmol1!) ### Bug fixes * CSS selector `:has()` now correctly matches against any descendant. Previously this selector matched against only direct children). [#350] (Thanks, @Phrogz!) * `NodeSet#attr` now returns `nil` if it's empty. Previously this raised a NoMethodError. * [MRI] XPath errors are no longer suppressed during `XSLT::Stylesheet#transform`. Previously these errors were suppressed which led to silent failures and a subsequent segfault. [#1802]
Revision 1.31 / (download) - annotate - [select for diffs], Sat Jan 12 14:31:38 2019 UTC (5 years, 3 months ago) by tsutsui
Branch: MAIN
Changes since 1.30: +5 -5
lines
Diff to previous 1.30 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.10.0. Upstream changes (from CHANGELOG.md): ## 1.10.0 / 2019-01-04 ### Features * [MRI] Cross-built Windows gems now support Ruby 2.6 [#1842, #1850] ### Backwards incompatibilities This release ends support for: * Ruby 2.2, for which [official support ended on 2018-03-31](https://www.ruby-lang.org/en/news/2018/06/20/support-of-ruby-2-2-has-ended/) [#1841] * JRuby 1.7, for which [official support ended on 2017-11-21](https://github.com/jruby/jruby/issues/4112) [#1741] ### Dependencies * [MRI] libxml2 is updated from 2.9.8 to 2.9.9 * [MRI] libxslt is updated from 1.1.32 to 1.1.33 ## 1.9.1 / 2018-12-17 ### Bug fixes * Fix a bug introduced in v1.9.0 where `XML::DocumentFragment#dup` no longer returned an instance of the callee's class, instead always returning an `XML::DocumentFragment`. This notably broke any subclass of `XML::DocumentFragment` including `HTML::DocumentFragment` as well as the Loofah gem's `Loofah::HTML::DocumentFragment`. [#1846] ## 1.9.0 / 2018-12-17 ### Security Notes * [JRuby] Upgrade Xerces dependency from 2.11.0 to 2.12.0 to address upstream vulnerability CVE-2012-0881 [#1831] (Thanks @grajagandev for reporting.) ### Notable non-functional changes * Decrease installation size by removing many unneeded files (e.g., `/test`) from the packaged gems. [#1719] (Thanks, @stevecrozz!) ### Features * `XML::Attr#value=` allows HTML node attribute values to be set to either a blank string or an empty boolean attribute. [#1800] * Introduce `XML::Node#wrap` which does what `XML::NodeSet#wrap` has always done, but for a single node. [#1531] (Thanks, @ethirajsrinivasan!) * [MRI] Improve installation experience on macOS High Sierra (Darwin). [#1812, #1813] (Thanks, @gpakosz and @nurse!) * [MRI] Node#dup supports copying a node directly to a new document. See the method documentation for details. * [MRI] DocumentFragment#dup is now more memory-efficient, avoiding making unnecessary copies. [#1063] * [JRuby] NodeSet has been rewritten to improve performance! [#1795] ### Bug fixes * `NodeSet#each` now returns `self` instead of zero. [#1822] (Thanks, @olehif!) * [MRI] Address a memory leak when using XML::Builder to create nodes with namespaces. [#1810] * [MRI] Address a memory leak when unparenting a DTD. [#1784] (Thanks, @stevecheckoway!) * [MRI] Use RbConfig::CONFIG instead of ::MAKEFILE_CONFIG to fix installations that use Makefile macros. [#1820] (Thanks, @nobu!) * [JRuby] Decrease large memory usage when making nested XPath queries. [#1749] * [JRuby] Fix failing tests on JRuby 9.2.x * [JRuby] Fix default namespaces in nodes reparented into a different document [#1774] * [JRuby] Fix support for Java 9. [#1759] (Thanks, @Taywee!) ### Dependencies * [MRI] Upgrade mini_portile2 dependency from `~> 2.3.0` to `~> 2.4.0`
Revision 1.30 / (download) - annotate - [select for diffs], Thu Nov 1 15:00:31 2018 UTC (5 years, 5 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.29: +5 -5
lines
Diff to previous 1.29 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.8.5. Upstream changes (from CHANGELOG.md): # 1.8.5 / 2018-10-04 ## Security Notes [MRI] Pulled in upstream patches from libxml2 that address CVE-2018-14404 and CVE-2018-14567. Full details are available in [#1785] (https://github.com/sparklemotion/nokogiri/issues/1785). Note that these patches are not yet (as of 2018-10-04) in an upstream release of libxml2. ## Bug fixes * [MRI] Fix regression in installation when building against system libraries, where some systems would not be able to find libxml2 or libxslt when present. (Regression introduced in v1.8.3.) [#1722] * [JRuby] Fix node reparenting when the destination doc is empty. [#1773]
Revision 1.29 / (download) - annotate - [select for diffs], Fri Jul 6 19:12:31 2018 UTC (5 years, 9 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3
Changes since 1.28: +5 -5
lines
Diff to previous 1.28 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.8.4. Upstream changes (from CHANGELOG.md): # 1.8.4 / 2018-07-03 ## Bug fixes * [MRI] Fix memory leak when creating nodes with namespaces. (Introduced in v1.5.7) [#1771]
Revision 1.28 / (download) - annotate - [select for diffs], Fri Jun 22 14:20:27 2018 UTC (5 years, 9 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.27: +5 -5
lines
Diff to previous 1.27 (colored) to selected 1.21 (colored)
nokogiri: update to 1.8.3. Upstream changes (from CHANGELOG.md): # 1.8.3 / 2018-06-16 ## Security Notes [MRI] Behavior in libxml2 has been reverted which caused CVE-2018-8048 (loofah gem), CVE-2018-3740 (sanitize gem), and CVE-2018-3741 (rails-html-sanitizer gem). The commit in question is here: > https://github.com/GNOME/libxml2/commit/960f0e2 and more information is available about this commit and its impact here: > https://github.com/flavorjones/loofah/issues/144 This release simply reverts the libxml2 commit in question to protect users of Nokogiri's vendored libraries from similar vulnerabilities. If you're offended by what happened here, I'd kindly ask that you comment on the upstream bug report here: > https://bugzilla.gnome.org/show_bug.cgi?id=769760 ## Dependencies * [MRI] libxml2 is updated from 2.9.7 to 2.9.8 ## Features * Node#classes, #add_class, #append_class, and #remove_class are added. * NodeSet#append_class is added. * NodeSet#remove_attribute is a new alias for NodeSet#remove_attr. * NodeSet#each now returns an Enumerator when no block is passed (Thanks, @park53kr!) * [JRuby] General improvements in JRuby implementation (Thanks, @kares!) ## Bug fixes * CSS attribute selectors now gracefully handle queries using integers. [#711] * Handle ASCII-8BIT encoding on fragment input [#553] * Handle non-string return values within `Reader` [#898] * [JRuby] Allow Node#replace to insert Comment and CDATA nodes. [#1666] * [JRuby] Stability and speed improvements to `Node`, `Sax::PushParser`, and the JRuby implementation [#1708, #1710, #1501]
Revision 1.27 / (download) - annotate - [select for diffs], Sun Feb 18 05:45:37 2018 UTC (6 years, 2 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.26: +5 -5
lines
Diff to previous 1.26 (colored) to selected 1.21 (colored)
ruby-nokogiri: update to 1.8.2. Upstream changelog (from CHANGELOG.md): # 1.8.2 / 2018-01-29 ## Security Notes [MRI] The update of vendored libxml2 from 2.9.5 to 2.9.7 addresses at least one published vulnerability, CVE-2017-15412. [#1714 has complete details] ## Dependencies * [MRI] libxml2 is updated from 2.9.5 to 2.9.7 * [MRI] libxslt is updated from 1.1.30 to 1.1.32 ## Features * [MRI] OpenBSD installation should be a bit easier now. [#1685] (Thanks, @jeremyevans!) * [MRI] Cross-built Windows gems now support Ruby 2.5 ## Bug fixes * Node#serialize once again returns UTF-8-encoded strings. [#1659] * [JRuby] made SAX parsing of characters consistent with C implementation [#1676] (Thanks, @andrew-aladev!) * [MRI] Predefined entities, when inspected, no longer cause a segfault. [#1238]
Revision 1.25.6.1 / (download) - annotate - [select for diffs], Mon Nov 20 19:35:32 2017 UTC (6 years, 4 months ago) by bsiegert
Branch: pkgsrc-2017Q3
Changes since 1.25: +5 -5
lines
Diff to previous 1.25 (colored) next main 1.26 (colored) to selected 1.21 (colored)
Pullup ticket #5644 - requested by taca textproc/ruby-nokogiri: bugfix Revisions pulled up: - textproc/ruby-nokogiri/Makefile 1.37 - textproc/ruby-nokogiri/PLIST 1.24 - textproc/ruby-nokogiri/distinfo 1.26 --- Module Name: pkgsrc Committed By: tsutsui Date: Fri Oct 20 15:56:58 UTC 2017 Modified Files: pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo Log Message: nokogiri: update to 1.8.1. This version is necessary for ruby-mini_portile2 2.3.0 in pkgsrc-2017Q3. pkgsrc changes: - strict dependency against ruby-mini_portile2 as defined in the Gemfile - take maintainership Upstream changes (from CHANGELOG.md): # 1.8.1 / 2017-09-19 ## Dependencies * [MRI] libxml2 is updated from 2.9.4 to 2.9.5. * [MRI] libxslt is updated from 1.1.29 to 1.1.30. * [MRI] optional dependency on the pkg-config gem has had its constraint loosened to `~> 1.1` (from `~> 1.1.7`). [#1660] * [MRI] Upgrade mini_portile2 dependency from `~> 2.2.0` to `~> 2.3.0`, which will validate checksums on the vendored libxml2 and libxslt tarballs before using them. ## Bugs * NodeSet#first with an integer argument longer than the length of the NodeSet now correctly clamps the length of the returned NodeSet to the original length. [#1650] (Thanks, @Derenge!) * [MRI] Ensure CData.new raises TypeError if the `content` argument is not implicitly convertible into a string. [#1669]
Revision 1.26 / (download) - annotate - [select for diffs], Fri Oct 20 15:56:58 2017 UTC (6 years, 6 months ago) by tsutsui
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.25: +5 -5
lines
Diff to previous 1.25 (colored) to selected 1.21 (colored)
nokogiri: update to 1.8.1. This version is necessary for ruby-mini_portile2 2.3.0 in pkgsrc-2017Q3. pkgsrc changes: - strict dependency against ruby-mini_portile2 as defined in the Gemfile - take maintainership Upstream changes (from CHANGELOG.md): # 1.8.1 / 2017-09-19 ## Dependencies * [MRI] libxml2 is updated from 2.9.4 to 2.9.5. * [MRI] libxslt is updated from 1.1.29 to 1.1.30. * [MRI] optional dependency on the pkg-config gem has had its constraint loosened to `~> 1.1` (from `~> 1.1.7`). [#1660] * [MRI] Upgrade mini_portile2 dependency from `~> 2.2.0` to `~> 2.3.0`, which will validate checksums on the vendored libxml2 and libxslt tarballs before using them. ## Bugs * NodeSet#first with an integer argument longer than the length of the NodeSet now correctly clamps the length of the returned NodeSet to the original length. [#1650] (Thanks, @Derenge!) * [MRI] Ensure CData.new raises TypeError if the `content` argument is not implicitly convertible into a string. [#1669]
Revision 1.25 / (download) - annotate - [select for diffs], Mon Jun 5 15:22:56 2017 UTC (6 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q2-base,
pkgsrc-2017Q2
Branch point for: pkgsrc-2017Q3
Changes since 1.24: +5 -5
lines
Diff to previous 1.24 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.8.0. # 1.8.0 / 2017-06-04 ## Backwards incompatibilities This release ends support for Ruby 2.1 on Windows in the `x86-mingw32` and `x64-mingw32` platform gems (containing pre-compiled DLLs). Official support ended for Ruby 2.1 on 2017-04-01. Please note that this deprecation note only applies to the precompiled Windows gems. Ruby 2.1 continues to be supported (for now) in the default gem when compiled on installation. ## Dependencies * [Windows] Upgrade iconv from 1.14 to 1.15 (unless --use-system-libraries) * [Windows] Upgrade zlib from 1.2.8 to 1.2.11 (unless --use-system-libraries) * [MRI] Upgrade rake-compiler dependency from 0.9.2 to 1.0.3 * [MRI] Upgrade mini-portile2 dependency from `~> 2.1.0` to `~> 2.2.0` ## Compatibility notes * [JRuby] Removed support for `jruby --1.8` code paths. [#1607] (Thanks, @kares!) * [MRI Windows] Retrieve zlib source from http://zlib.net/fossils to avoid deprecation issues going forward. See #1632 for details around this problem. ## Features * NodeSet#clone is not an alias for NodeSet#dup [#1503] (Thanks, @stephankaag!) * Allow Processing Instructions and Comments as children of a document root. [#1033] (Thanks, @windwiny!) * [MRI] PushParser#replace_entities and #replace_entities= will control whether entities are replaced or not. [#1017] (Thanks, @spraints!) * [MRI] SyntaxError#to_s now includes line number, column number, and log level if made available by the parser. [#1304, #1637] (Thanks, @spk and @ccarruitero!) * [MRI] Cross-built Windows gems now support Ruby 2.4 * [MRI] Support for frozen string literals. [#1413] * [MRI] Support for installing Nokogiri on a machine in FIPS-enabled mode [#1544] * [MRI] Vendored libraries are verified with SHA-256 hashes (formerly some MD5 hashes were used) [#1544] * [JRuby] (performance) remove unnecessary synchronization of class-cache [#1563] (Thanks, @kares!) * [JRuby] (performance) remove unnecessary cloning of objects in XPath searches [#1563] (Thanks, @kares!) * [JRuby] (performance) more performance improvements, particularly in XPath, Reader, XmlNode, and XmlNodeSet [#1597] (Thanks, @kares!) ## Bugs * HTML::SAX::Parser#parse_io now correctly parses HTML and not XML [#1577] (Thanks for the test case, @gregors!) * Support installation on systems with a `lib64` site config. [#1562] * [MRI] on OpenBSD, do not require gcc if using system libraries [#1515] (Thanks, @jeremyevans!) * [MRI] XML::Attr.new checks type of Document arg to prevent segfaults. [#1477] * [MRI] Prefer xmlCharStrdup (and friends) to strdup (and friends), which can cause problems on some platforms. [#1517] (Thanks, @jeremy!) * [JRuby] correctly append a text node before another text node [#1318] (Thanks, @jkraemer!) * [JRuby] custom xpath functions returning an integer now work correctly [#1595] (Thanks, @kares!) * [JRuby] serializing (`#to_html`, `#to_s`, et al) a document with explicit encoding now works correctly. [#1281, #1440] (Thanks, @kares!) * [JRuby] XML::Reader now returns parse errors [#1586] (Thanks, @kares!) * [JRuby] Empty NodeSets are now decorated properly. [#1319] (Thanks, @kares!) * [JRuby] Merged nodes no longer results in Java exceptions during XPath queries. [#1320] (Thanks, @kares!) # 1.7.2 / 2017-05-09 ## Security Notes [MRI] Upstream libxslt patches are applied to the vendored libxslt 1.1.29 which address CVE-2017-5029 and CVE-2016-4738. For more information: * https://github.com/sparklemotion/nokogiri/issues/1634 * http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-5029.html * http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4738.html
Revision 1.24 / (download) - annotate - [select for diffs], Mon Mar 20 15:36:43 2017 UTC (7 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2017Q1-base,
pkgsrc-2017Q1
Changes since 1.23: +5 -5
lines
Diff to previous 1.23 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.7.1. # 1.7.1 / unreleased ## Security Notes [MRI] Upstream libxml2 patches are applied to the vendored libxml 2.9.4 which address CVE-2016-4658 and CVE-2016-5131. For more information: * https://github.com/sparklemotion/nokogiri/issues/1615 * http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4658.html * http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5131.html ## Dependencies * [Windows] Upgrade zlib from 1.2.8 to 1.2.11 (unless --use-system-libraries)
Revision 1.23 / (download) - annotate - [select for diffs], Sat Jan 7 22:30:13 2017 UTC (7 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.22: +5 -5
lines
Diff to previous 1.22 (colored) to selected 1.21 (colored)
Updated ruby-nokogiri to 1.7.0.1. # 1.7.0.1 / 2017-01-04 ## Bugs * Fix OpenBSD support. (#1569) (related to #1543) # 1.7.0 / 2016-12-26 ## Features * Remove deprecation warnings in Ruby 2.4.0 (#1545) (Thanks, @matthewd!) * Support egcc compiler on OpenBSD (#1543) (Thanks, @frenkel and @knu!) ## Backwards incompatibilities. This release ends support for: * Ruby 1.9.2, for which official support ended on 2014-07-31 * Ruby 1.9.3, for which official support ended on 2015-02-23 * Ruby 2.0.0, for which official support ended on 2016-02-24 * MacRuby, which hasn't been actively supported since 2015-01-13 (see https://github.com/MacRuby/MacRuby/commit/f76b9d6e99c18236db617e8aceb12c27d593a483)
Revision 1.22 / (download) - annotate - [select for diffs], Tue Oct 18 14:41:15 2016 UTC (7 years, 6 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base,
pkgsrc-2016Q4
Changes since 1.21: +5 -5
lines
Diff to previous 1.21 (colored)
Update ruby-nokogiri to 1.6.8.1 === 1.6.8.1 / 2016-10-03 ==== Dependency License Notes Removes required dependency on the `pkg-config` gem. This dependency was introduced in v1.6.8 and, because it's distributed under LGPL, was objectionable to many Nokogiri users (#1488, #1496). This version makes `pkg-config` an optional dependency. If it's installed, it's used; but otherwise Nokogiri will attempt to work around its absence. === 1.6.8 / unreleased ==== Security Notes [MRI] Bundled libxml2 is upgraded to 2.9.4, which fixes many security issues. Many of these had previously been patched in the vendored libxml 2.9.2 in the 1.6.7.x branch, but some are newer. See these libxml2 email posts for more: * https://mail.gnome.org/archives/xml/2015-November/msg00012.html * https://mail.gnome.org/archives/xml/2016-May/msg00023.html For a more detailed analysis, you may care to read Canonical's take on these security issues: * http://www.ubuntu.com/usn/usn-2994-1 [MRI] Bundled libxslt is upgraded to 1.1.29, which fixes a security issue as well as many long-known outstanding bugs, some features, some portability improvements, and general cleanup. See this libxslt email post for more: * https://mail.gnome.org/archives/xslt/2016-May/msg00004.html ==== Features Several changes were made to improve performance: * [MRI] Simplify NodeSet#to_a with a minor speed-up. (#1397) * XML::Node#ancestors optimization. (#1297) (Thanks, Bruno Sutic!) * Use Symbol#to_proc where we weren't previously. (#1296) (Thanks, Bruno Sutic!) * XML::DTD#each uses implicit block calls. (Thanks, @glaucocustodio!) * Fall back to the `pkg-config` gem if we're having trouble finding the system libxml2. This should help many FreeBSD users. (#1417) * Set document encoding appropriately even on blank document. (#1043) (Thanks, @batter!) ==== Bug Fixes * [JRuby] fix slow add_child (#692) * [JRuby] fix load errors when deploying to JRuby/Torquebox (#1114) (Thanks, @atambo and @jvshahid!) * [JRuby] fix NPE when inspecting nodes returned by NodeSet#drop (#1042) (Thanks, @mkristian!) * [JRuby] fix nil attriubte node's namespace in reader (#1327) (Thanks, @codekitchen!) * [JRuby] fix Nokogiri munging unicode characters that require more than 2 bytes (#1113) (Thanks, @mkristian!) * [JRuby] allow unlinking an unparented node (#1112, #1152) (Thanks, @esse!) * [JRuby] allow Fragment parsing on a frozen string (#444, #1077) * [JRuby] HTML `style` tags are no longer encoded (#1316) (Thanks, @tbeauvais!) * [MRI] fix assertion failure while accessing attribute node's namespace in reader (#843) (Thanks, @2potatocakes!) * [MRI] fix issue with GCing namespace nodes returned in an xpath query. (#1155) * [MRI] Ensure C strings are null-terminated. (#1381) * [MRI] Ensure Rubygems is loaded before using mini_portile2 at installation. (#1393, #1411) (Thanks, @JonRowe!) * [MRI] Handling another edge case where the `libxml-ruby` gem's global callbacks were smashing the heap. (#1426). (Thanks to @bbergstrom for providing an isolated test case!) * [MRI] Ensure encodings are passed to Sax::Parser xmldecl callback. (#844) * [MRI] Ensure default ns prefix is applied correctly when reparenting nodes to another document. (#391) (Thanks, @ylecuyer!) * [MRI] Ensure Reader handles non-existent attributes as expected. (#1254) (Thanks, @ccutrer!) * [MRI] Cleanup around namespace handling when reparenting nodes. (#1332, #1333, #1444) (Thanks, @cuttrer and @bradleybeddoes!) * unescape special characters in CSS queries (#1303) (Thanks, @twalpole!) * consistently handle empty documents (#1349) * Update to mini_portile2 2.1.0 to address whitespace-handling during patching. (#1402) * Fix encoding of xml node namespaces. * Work around issue installing Nokogiri on overlayfs (commonly used in Docker containers). (#1370, #1405) ==== Other Notes * Removed legacy code remaining from Ruby 1.8.x support. * Removed legacy code remaining from REE support. * Removing hacky workarounds for bugs in some older versions of libxml2. * Handling C strings in a forward-compatible manner, see https://github.com/ruby/ruby/blob/v2_2_0/NEWS#L319
Revision 1.21 / (download) - annotate - [selected], Tue Mar 15 15:45:46 2016 UTC (8 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2,
pkgsrc-2016Q1-base,
pkgsrc-2016Q1
Changes since 1.20: +5 -5
lines
Diff to previous 1.20 (colored)
Update ruby-nokogiri to 1.6.7.2. Below security problem dose not affect to pkgsrc since we do not use bundlerd libxml2. === 1.6.7.2 / 2015-01-20 This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: CVE-2015-7499 Ubuntu classifies this as "Priority: Low", RedHat classifies this as "Impact: Moderate", and NIST classifies this as "Severity: 5.0 (MEDIUM)". MITRE record is https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7499
Revision 1.20 / (download) - annotate - [select for diffs], Sun Jan 10 11:55:44 2016 UTC (8 years, 3 months ago) by tsutsui
Branch: MAIN
Changes since 1.19: +5 -5
lines
Diff to previous 1.19 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.7.1.
pkgsrc changes:
* Fix DEPENDS on required ${RUBY_PKGPREFIX}-mini_portile2>=2.0.0
Upstream changes:
=== 1.6.7.1 / 2015-12-16
This version pulls in several upstream patches to the vendored libxml2 and libxslt to address:
CVE-2015-5312
CVE-2015-7497
CVE-2015-7498
CVE-2015-7499
CVE-2015-7500
CVE-2015-8241
CVE-2015-8242
CVE-2015-8317
See also http://www.ubuntu.com/usn/usn-2834-1/
Revision 1.19 / (download) - annotate - [select for diffs], Sun Dec 13 15:26:42 2015 UTC (8 years, 4 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.18: +5 -5
lines
Diff to previous 1.18 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.7. === 1.6.7 / 2015-11-29 ==== Notes This version supports native builds on Windows using the RubyInstaller DevKit. It also supports Ruby 2.2.x on Windows, as well as making several other improvements to the installation process on various platforms. This version also includes the security patches already applied in v1.6.6.3 and v1.6.6.4 to the vendored libxml2 and libxslt source. See #1374 and #1376 for details. ==== Features * Cross-built gems now have a proper ruby version requirement. (#1266) * Ruby 2.2.x is supported on Windows. * Native build is supported on Windows. * [MRI] libxml2 and libxslt `config.guess` files brought up to date. (#1326) (Thanks, @hernan-erasmo!) * [JRuby] fix error in validating files with jruby (#1355, #1361) (Thanks, @twalpole!) * [MRI, OSX] Patch to handle nonstandard location of `iconv.h`. (#1206, #1210, #1218, #1345) (Thanks, @neonichu!) ==== Bug Fixes * [JRuby] reset the namespace cache when replacing the document's innerHtml (#1265) (Thanks, @mkristian!) * [JRuby] Document#parse should support IO objects that respond to #read. (#1124) (Thanks, Jake Byman!) * [MRI] Duplicate-id errors when setting the `id` attribute on HTML documents are now silenced. (#1262) * [JRuby] SAX parser cuts texts in peices when quare brackets exist. (#1261) * [JRuby] Namespaced attributes aren't removed by remove_attribute. (#1299)
Revision 1.15.6.1 / (download) - annotate - [select for diffs], Tue Nov 24 20:10:28 2015 UTC (8 years, 4 months ago) by bsiegert
Branch: pkgsrc-2015Q3
Changes since 1.15: +6 -4
lines
Diff to previous 1.15 (colored) next main 1.16 (colored) to selected 1.21 (colored)
Pullup ticket #4863 - requested by taca textproc/ruby-nokogiri: security fix Revisions pulled up: - textproc/ruby-nokogiri/ALTERNATIVES 1.1 - textproc/ruby-nokogiri/Makefile 1.27-1.28 - textproc/ruby-nokogiri/PLIST 1.15-1.16 - textproc/ruby-nokogiri/distinfo 1.17-1.18 --- Module Name: pkgsrc Committed By: taca Date: Wed Nov 18 16:04:50 UTC 2015 Modified Files: pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo Added Files: pkgsrc/textproc/ruby-nokogiri: ALTERNATIVES Log Message: Update ruby-nokogiri to 1.6.6.3. pkgsrc change: Add pkg_alternatives support. === 1.6.6.3 / 2015-11-16 This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: * CVE-2015-1819 * CVE-2015-7941_1 * CVE-2015-7941_2 * CVE-2015-7942 * CVE-2015-7942-2 * CVE-2015-8035 * CVE-2015-7995 See #1374 for details. --- Module Name: pkgsrc Committed By: taca Date: Mon Nov 23 07:28:01 UTC 2015 Modified Files: pkgsrc/textproc/ruby-nokogiri: Makefile PLIST distinfo Log Message: Update ruby-nokogiri to 1.6.8.4. === 1.6.6.4 / 2015-11-19 This version pulls in an upstream patche to the vendored libxml2 to address: * unclosed comment uninitialized access issue (#1376) This issue does not have a CVE assigned to it as this time.
Revision 1.18 / (download) - annotate - [select for diffs], Mon Nov 23 07:28:01 2015 UTC (8 years, 4 months ago) by taca
Branch: MAIN
Changes since 1.17: +5 -5
lines
Diff to previous 1.17 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.8.4. === 1.6.6.4 / 2015-11-19 This version pulls in an upstream patche to the vendored libxml2 to address: * unclosed comment uninitialized access issue (#1376) This issue does not have a CVE assigned to it as this time.
Revision 1.17 / (download) - annotate - [select for diffs], Wed Nov 18 16:04:50 2015 UTC (8 years, 5 months ago) by taca
Branch: MAIN
Changes since 1.16: +5 -5
lines
Diff to previous 1.16 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.6.3. pkgsrc change: Add pkg_alternatives support. === 1.6.6.3 / 2015-11-16 This version pulls in several upstream patches to the vendored libxml2 and libxslt to address: * CVE-2015-1819 * CVE-2015-7941_1 * CVE-2015-7941_2 * CVE-2015-7942 * CVE-2015-7942-2 * CVE-2015-8035 * CVE-2015-7995 See #1374 for details.
Revision 1.16 / (download) - annotate - [select for diffs], Wed Nov 4 02:00:09 2015 UTC (8 years, 5 months ago) by agc
Branch: MAIN
Changes since 1.15: +2 -1
lines
Diff to previous 1.15 (colored) to selected 1.21 (colored)
Add SHA512 digests for distfiles for textproc category Problems found locating distfiles: Package cabocha: missing distfile cabocha-0.68.tar.bz2 Package convertlit: missing distfile clit18src.zip Package php-enchant: missing distfile php-enchant/enchant-1.1.0.tgz Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Revision 1.15 / (download) - annotate - [select for diffs], Thu Feb 5 15:11:35 2015 UTC (9 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q2-base,
pkgsrc-2015Q2,
pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Branch point for: pkgsrc-2015Q3
Changes since 1.14: +4 -4
lines
Diff to previous 1.14 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.6.2. === 1.6.6.2 / 2015-01-23 ==== Bug fixes * Fixed installation issue affecting compiler arguments. (#1230) === 1.6.6.1 / 2015-01-22 Note that 1.6.6.0 was not released. ==== Features * Unified Node and NodeSet implementations of #search, #xpath and #css. * Added Node#lang and Node#lang=. * bin/nokogiri passes the URI to parse() if an HTTP URL is given. * bin/nokogiri now loads ~/.nokogirirc so user can define helper methods, etc. * bin/nokogiri can be configured to use Pry instead of IRB by adding a couple of lines to ~/.nokogirirc. (#1198) * bin/nokogiri can better handle urls from STDIN (aiding use of xargs). (#1065) * JRuby 9K support. ==== Bug fixes * DocumentFragment#search now matches against root nodes. (#1205) * (MRI) More fixes related to handling libxml2 parse errors during DocumentFragment#dup. (#1196) * (JRuby) Builder now handles namespace hrefs properly when there is a default ns. (#1039) * (JRuby) Clear the XPath cache on attr removal. (#1109) * `XML::Comment.new` argument types are now consistent and safe (and documented) across MRI and JRuby. (#1224) * (MRI) Restoring support for Ruby 1.9.2 that was broken in v1.6.4.1 and v1.6.5. (#1207) * Check if `zlib` is available before building `libxml2`. (#1188) * (JRuby) HtmlSaxPushParser now exists. (#1147) (Thanks, Piotr Szmielew!) === 1.6.5 / 2014-11-26 ==== Features * Implement Slop#respond_to_missing?. (#1176) * Optimized the XPath query generated by an `an+b` CSS query. ==== Bug fixes * Capture non-parse errors from Document#dup in Document#errors. (#1196) * (JRuby) Document#canonicalize parameters are now consistent with MRI. (#1189) === 1.6.4.1 / 2014-11-05 ==== Bug fixes * (MRI) Fix a bug where CFLAGS passed in are dropped. (#1188) * Fix a bug where CSS selector :nth(n) did not work. (#1187) === 1.6.4 / 2014-11-04 ==== Features * (MRI) Bundled Libxml2 is upgraded to 2.9.2. * (MRI) `nokogiri --version` will include a list of applied patches. * (MRI) Nokogiri no longer prints messages directly to TTY while building the extension. * (MRI) Detect and help user fix a missing /usr/include/iconv.h on OS X. (#1111) * (MRI) Improve the iconv detection for building libxml2. ==== Bug fixes * (MRI) Fix DocumentFragment#element_children (#1138). * Fix a bug with CSS attribute selector without any prefix where "foo [bar]" was treated as "foo[bar]". (#1174) === 1.6.3.1 / 2014-07-21 ==== Bug fixes * Addressing an Apple Macintosh installation problem for GCC users. #1130 (Thanks, @zenspider!) === 1.6.3 / 2014-07-20 ==== Features * Added Node#document? and Node#processing_instruction? ==== Bug fixes * [JRuby] Fix Ruby memory exhaustion vulnerability. #1087 (Thanks, @ocher) * [MRI] Fix segfault during GC when using `libxml-ruby` and `nokogiri` together in multi-threaded environment. #895 (Thanks, @ender672!) * Building on OSX 10.9 stock ruby 2.0.0 now works. #1101 (Thanks, @zenspider!) * Node#parse now works again for HTML document nodes (broken in 1.6.2+). * Processing instructions can now be added via Node#add_next_sibling. === 1.6.2.1 / 2014-05-13 ==== Bug fixes * Fix statically-linked libxml2 installation when using universal builds of Ruby. #1104 * Patching `mini_portile` to address the git dependency detailed in #1102. * Library load fix to address segfault reported on some systems. #1097 === 1.6.2 / 2014-05-12 ==== Security Note A set of security and bugfix patches have been backported from the libxml2 and libxslt repositories onto the version of 2.8.0 packaged with Nokogiri, including these notable security fixes: * https://git.gnome.org/browse/libxml2/commit/?id=4629ee02ac649c27f9c0cf98ba017c6b5526070f * CVE-2013-2877 https://git.gnome.org/browse/libxml2/commit/?id=e50ba8164eee06461c73cd8abb9b46aa0be81869 * CVE-2014-0191 https://git.gnome.org/browse/libxml2/commit/?id=9cd1c3cfbd32655d60572c0a413e017260c854df It is recommended that you upgrade from 1.6.x to this version as soon as possible. ==== Compatibility Note Now requires libxml >= 2.6.21 (was previously >= 2.6.17). ==== Features * Add cross building of fat binary gems for 64-Bit Windows (x64-mingw32) and add support for native builds on Windows. #864, #989, #1072 * (MRI) Alias CP932 to Windows-31J if iconv does not support Windows-31J. * (MRI) Nokogiri now links packaged libraries statically. To disable static linking, pass --disable-static to extconf.rb. #923 * (MRI) Fix a library path (LIBPATH) precedence problem caused by CRuby bug #9760. * (MRI) Nokogiri automatically deletes directories of packaged libraries only used during build. To keep them for debugging purposes, pass --disable-clean to extconf.rb. #952 * (MRI) Nokogiri now builds libxml2 properly with iconv support on platforms where libiconv is installed outside the system default directories, such as FreeBSD. * Add support for an-b in nth selectors. #886 (Thanks, Magnus Bergmark!) * Add support for bare and multiple :not() functions in selectors. #887 (Thanks, Magnus Bergmark!) * (MRI) Add an extconf.rb option --use-system-libraries, alternative to setting the environment variable NOKOGIRI_USE_SYSTEM_LIBRARIES. * (MRI) Update packaged libraries: libxslt to 1.1.28, zlib to 1.2.8, and libiconv to 1.14, respectively. * Nokogiri::HTML::Document#title= and #meta_encoding= now always add an element if not present, trying hard to find the best place to put it. * Nokogiri::XML::DTD#html_dtd? and #html5_dtd? are added. * Nokogiri::XML::Node#prepend_child is added. #664 * Nokogiri::XML::SAX::ParserContext#recovery is added. #453 * Fix documentation for XML::Node#namespace. #803 #802 (Thanks, Hoylen Sue) * Allow Nokogiri::XML::Node#parse from unparented non-element nodes. #407 ==== Bugfixes * Ensure :only-child pseudo class works within :not pseudo class. #858 (Thanks, Yamagishi Kazutoshi!) * Don't call pkg_config when using bundled libraries in extconf.rb #931 (Thanks, Shota Fukumori!) * Nokogiri.parse() does not mistake a non-HTML document like a RSS document as HTML document. #932 (Thanks, Yamagishi Kazutoshi!) * (MRI) Perform a node type check before adding a child node to another. Previously adding a text node to another as a child could cause a SEGV. #1092 * (JRuby) XSD validation crashes in Java version. #373 * (JRuby) Document already has a root node error while using Builder. #646 * (JRuby) c14n tests are all passing on JRuby. #226 * Parsing empty documents raise SyntaxError in strict mode. #1005 * (JRuby) Make xpath faster by caching the xpath context. #741 * (JRuby) XML SAX push parser leaks memory on JRuby, but not on MRI. #998 * (JRuby) Inconsistent behavior aliasing the default namespace. #940 * (JRuby) Inconsistent behavior between parsing and adding namespaces. #943 * (JRuby) Xpath returns inconsistent result set on cloned document with namespaces and attributes. #1034 * (JRuby) Java-Implementation forgets element namespaces #902 * (JRuby) JRuby-Nokogiri does not recognise attributes inside namespaces #1081 * (JRuby) JRuby-Nokogiri has different comment node name #1080 * (JRuby) JAXPExtensionsProvider / Java 7 / Secure Processing #1070
Revision 1.14 / (download) - annotate - [select for diffs], Mon Apr 28 01:18:03 2014 UTC (9 years, 11 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4,
pkgsrc-2014Q3-base,
pkgsrc-2014Q3,
pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.13: +1 -2
lines
Diff to previous 1.13 (colored) to selected 1.21 (colored)
* Fix PLIST due to broken print-PLIST target. * Avoid to patch gemspec but use OVERRIDE_GEMSPEC.
Revision 1.13 / (download) - annotate - [select for diffs], Fri Apr 25 09:28:57 2014 UTC (9 years, 11 months ago) by jperkin
Branch: MAIN
Changes since 1.12: +5 -4
lines
Diff to previous 1.12 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.6.0. This is a new branch. Changes:
1.6.0 / 2013-06-08
This release was based on v1.5.10 and 1.6.0.rc1, and contains changes
mentioned in both.
Deprecations
Remove pre 1.9 monitoring from Travis.
1.6.0.rc1 / 2013-04-14
This release was based on v1.5.9, and so does not contain any fixes mentioned
in the notes for v1.5.10.
Notes
mini_portile is now a runtime dependency
Ruby 1.9.2 and higher now required
Features
(MRI) Source code for libxml 2.8.0 and libxslt 1.2.26 is packaged with the
gem. These libraries are compiled at gem install time unless the environment
variable NOKOGIRI_USE_SYSTEM_LIBRARIES is set. VERSION_INFO (also `nokogiri
-v`) exposes whether libxml was compiled from packaged source, or the system
library was used.
(Windows) libxml upgraded to 2.8.0
Deprecations
Support for Ruby 1.8.7 and prior has been dropped
Revision 1.12 / (download) - annotate - [select for diffs], Sun Dec 29 23:26:04 2013 UTC (10 years, 3 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1,
pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.11: +4 -4
lines
Diff to previous 1.11 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.11, fixing security problem of CVE-2013-6461. This problem is in JRuby only, but JRuby exists in pkgsrc-wip. === 1.5.11 / 2013-12-14 * Bugfixes * (JRuby) Fix out of memory bug when certain invalid documents are parsed. * (JRuby) Fix regression of billion-laughs vulnerability. #586
Revision 1.11 / (download) - annotate - [select for diffs], Sun Sep 15 16:20:51 2013 UTC (10 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base,
pkgsrc-2013Q3
Changes since 1.10: +4 -4
lines
Diff to previous 1.10 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.10. === 1.5.10 / 2013-06-07 * Bugfixes * (JRuby) Fix "null document" error when parsing an empty IO in jruby 1.7.3. #883 * (JRuby) Fix schema validation when XSD has DOCTYPE set to DTD. #861 (Thanks, Patrick Cheng!) * (MRI) Fix segfault when there is no default subelement for an HTML node. #917 * Notes * Use rb_ary_entry instead of RARRAY_PTR (you know, for Rubinius). #877 (Thanks, Dirkjan Bussink!) * Fix TypeError when running tests. #900 (Thanks, Cédric Boutillier!) === 1.5.9 / 2013-03-21 * Bugfixes * Ensure that prefixed attributes are properly namespaced when reparented. #869 * Fix for inconsistent namespaced attribute access for SVG nested in HTML. #861 * (MRI) Fixed a memory leak in fragment parsing if nodes are not all subsequently reparented. #856 === 1.5.8 / 2013-03-19 * Bugfixes * (JRuby) Fix EmptyStackException thrown by elements with xlink:href attributes and no base_uri #534, #805. (Thanks, Patrick Quinn and Brian Hoffman!) * Fixes duplicate attributes issue introduced in 1.5.7. #865 * Allow use of a prefixed namespace on a root node using Nokogiri::XML::Builder #868 === 1.5.7 / 2013-03-18 * Features * Windows support for Ruby 2.0. * Bugfixes * SAX::Parser.parse_io throw an error when used with lower case encoding. #828 * (JRuby) Java Nokogiri is finally green (passes all tests) under 1.8 and 1.9 mode. High five everyone. #798, #705 * (JRuby) Nokogiri::XML::Reader broken (as a pull parser) on jruby - reads the whole XML document. #831 * (JRuby) JRuby hangs parsing "&". #837 * (JRuby) JRuby NPE parsing an invalid XML instruction. #838 * (JRuby) Node#content= incompatibility. #839 * (JRuby) to_xhtml doesn't print the last slash for self-closing tags in JRuby. #834 * (JRuby) Adding an EntityReference after a Text node mangles the entity in JRuby. #835 * (JRuby) JRuby version inconsistency: nil for empty attributes. #818 * CSS queries for classes (e.g., ".foo") now treat all whitespace identically. #854 * Namespace behavior cleaned up and made consistent between JRuby and MRI. #846, #801 (Thanks, Michael Klein!) * (MRI) SAX parser handles empty processing instructions. #845
Revision 1.10 / (download) - annotate - [select for diffs], Mon Feb 11 02:44:26 2013 UTC (11 years, 2 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2,
pkgsrc-2013Q1-base,
pkgsrc-2013Q1
Changes since 1.9: +4 -4
lines
Diff to previous 1.9 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.6. == 1.5.6 / unreleased * Features * Improved performance of XML::Document#collect_namespaces. #761 (Thanks, Juergen Mangler!) * New callback SAX::Document#processing_instruction (Thanks, Kitaiti Makoto!) * Node#native_content= allows setting unescaped node contant. #768 * XPath lookup with namespaces supports symbol keys. #729 (Thanks, Ben Langfeld.) * XML::Node#[]= stringifies values. #729 (Thanks, Ben Langfeld.) * bin/nokogiri will process a document from $stdin * bin/nokogiri -e will execute a program from the command line * bin/nokogiri --version will print the Xerces and NekoHTML versions when ran with JRuby. * Bugfixes * Nokogiri now detects XSLT transform errors. #731 (Thanks, Justin Fitzsimmons!) * Don't throw an Error when trying to replace top-level text node in DocumentFragment. #775 * Raise an ArgumentError if an invalid encoding is passed to the SAX parser. #756 (Thanks, Bradley Schaefer!) * [JRuby] space prior to xml preamble causes nokogiri to fail parsing. (fixed along with #748) #790 * [JRuby] Fixed the bug Nokogiri::XML::Node#content inconsistency between Java and C. #794, #797 * [JRuby] raises INVALID_CHARACTER_ERR exception when EntityReference name starts with '#'. #719 * [JRuby] doesn't coerce namespaces out of strings on a direct subclass of Node. #715 * [JRuby] Node#content now renders newlines properly. #737 (Thanks, Piotr Szmielew!) * [JRuby] Unknown namespace are ignore when the recover option is used. #748 * [JRuby] XPath queries for namespaces should not throw exceptions when called twice in a row. #764 * [JRuby] More consistent (with libxml2) whitespace formatting when emitting XML. #771 * [JRuby] namespaced attributes broken when appending raw xml to builder. #770 * [JRuby] Nokogiri::XML::Document#wrap raises undefined method `length' for nil:NilClass when trying to << to a node. #781 * [JRuby] Fixed "bad file descriptor" bug when closing open file descriptors. #495 * [JRuby] JRuby/CRuby incompatibility for attribute decorators. #785 * [JRuby] Issues parsing valid XML with no internal subset in the DTD. #547, #811 * [JRuby] Issues parsing valid node content when it contains colons. #728 * [JRuby] Correctly parse the doc type of html documents. #733 * [JRuby] Include dtd in the xml output when a builder is used with create_internal_subset. #751 * [JRuby] builder requires textwrappers for valid utf8 in jruby, not in mri. #784
Revision 1.9 / (download) - annotate - [select for diffs], Sun Sep 16 11:30:22 2012 UTC (11 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base,
pkgsrc-2012Q4,
pkgsrc-2012Q3-base,
pkgsrc-2012Q3
Changes since 1.8: +4 -4
lines
Diff to previous 1.8 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.5.
== 1.5.5 / unreleased
* Features
* Much-improved support for JRuby in 1.9 mode! Yay!
* Bugfixes
* Regression in JRuby Nokogiri add_previous_sibling (1.5.0 -> 1.5.1) #691
(Thanks, John Shahid!)
* JRuby unable to create HTML doc if URL arg provided #674 (Thanks, John
Shahid!)
* JRuby raises NullPointerException when given HTML document is nil or empty
string. #699
* JRuby 1.9 error, uncaught throw 'encoding_found', has been fixed. #673
* Invalid encoding returned in JRuby with US-ASCII. #583
* XmlSaxPushParser raises IndexOutOfBoundsException when over 512 characters
are given. #567, #615
* When xpath evaluation returns empty NodeSet, decorating NodeSet's base
document raises exception. #514
* JRuby raises exception when xpath with namespace is specified. pull
request #681 (Thanks, Piotr Szmielew)
* JRuby renders nodes without their namespace when subclassing Node. #695
* JRuby raises NAMESPACE_ERR (org.w3c.dom.DOMException) while instantiating
RDF::RDFXML::Writer. #683
* JRuby is not able to use namespaces in xpath. #493
Revision 1.8 / (download) - annotate - [select for diffs], Wed Jun 13 14:42:40 2012 UTC (11 years, 10 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base,
pkgsrc-2012Q2
Changes since 1.7: +4 -4
lines
Diff to previous 1.7 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.4.
== 1.5.4 / unreleased
* Features
* The "nokogiri" script now has more verbose output when passed the `--rng` option. #675 (Thanks, Dan Radez!)
* Build support on hardened Debian systems that use `-Werror=format-security`. #680.
* Better build support for systems with pkg-config. #584
* Better build support for systems with multiple iconv installations.
* Bugfixes
* Segmentation fault when creating a comment node for a DocumentFragment. #677, #678.
* Treat '.' as xpath in at() and search(). #690
* [MRI, Security] Default parse options for XML documents were
changed to not make network connections during document parsing,
to avoid XXE vulnerability. #693
To re-enable this behavior, the configuration method `nononet` may
be called, like this:
Nokogiri::XML::Document.parse(xml) { |config| config.nononet }
Insert your own joke about double-negatives here.
Revision 1.7 / (download) - annotate - [select for diffs], Sat Jun 2 01:13:00 2012 UTC (11 years, 10 months ago) by taca
Branch: MAIN
Changes since 1.6: +4 -4
lines
Diff to previous 1.6 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.3.
== 1.5.3 / 2012-06-01
* Features
* Support for "prefixless" CSS selectors ~, > and + like jQuery
supports. #621, #623. (Thanks, David Lee!)
* Attempting to improve installation on homebrew 0.9 (with regards
to iconv). Isn't package management convenient?
* Bugfixes
* Custom xpath functions with empty nodeset arguments cause a
segfault. #634.
* Nokogiri::XML::Node#css now works for XML documents with default
namespaces when the rule contains attribute selector without
namespace.
* Fixed marshalling bugs around how arguments are passed to (and
returned from) XSLT custom xpath functions. #640.
* Nokogiri::XML::Reader#outer_xml is broken in JRuby #617
* Nokogiri::XML::Attribute on JRuby returns a nil namespace #647
* Nokogiri::XML::Node#namespace= cannot set a namespace without a
prefix on JRuby #648
* [JRuby] 1.9 mode causes dead lock while running rake #571
* HTML::Document#meta_encoding does not raise exception on docs with
malformed content-type. #655
* Fixing segfault related to unsupported encodings in in-context
parsing on 1.8.7. #643
* [JRuby] Concurrency issue in XPath parsing. #682
Revision 1.6 / (download) - annotate - [select for diffs], Sat Mar 17 16:51:05 2012 UTC (12 years, 1 month ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1
Changes since 1.5: +4 -4
lines
Diff to previous 1.5 (colored) to selected 1.21 (colored)
Update ruby-nokogiri to 1.5.2.
== 1.5.2 / 2012-03-09
Repackaging of 1.5.1 with a gemspec that is compatible with older Rubies. #631, #632.
== 1.5.1 / 2012-03-09
* Features
* XML::Builder#comment allows creation of comment nodes.
* CSS searches now support namespaced attributes. #593
* Java integration feature is added. Now, XML::Document.wrap
and XML::Document#to_java methods are available.
* RelaxNG validator support in the `nokogiri` cli utility. #591 (thanks, Dan Radez!)
* Bugfixes
* Fix many memory leaks and segfault opportunities. Thanks, Tim Elliott!
* extconf searches homebrew paths if homebrew is installed.
* Inconsistent behavior of Nokogiri 1.5.0 Java #620
* Inheriting from Nokogiri::XML::Node on JRuby (1.6.4/5) fails #560
* XML::Attr nodes are not allowed to be added as node children, so an
exception is raised. #558
* No longer defensively "pickle" adjacent text nodes on
Node#add_next_sibling and Node#add_previous_sibling calls. #595.
* Java version inconsistency: it returns nil for empty attributes #589
* to_xhtml incorrectly generates <p /></p> when tag is empty #557
* Document#add_child now accepts a Node, NodeSet, DocumentFragment,
or String. #546.
* Document#create_element now recognizes namespaces containing
non-word characters (like "SOAP-ENV"). This is mostly relevant to
users of Builder, which calls Document#create_element for nearly
everything. #531.
* File encoding broken in 1.5.0 / jruby / windows #529
* Java version does not return namespace defs as attrs for ::HTML #542
* Bad file descriptor with Nokogiri 1.5.0 #495
* remove_namespace! doesn't work in pure java version #492
* The Nokogiri Java native build throws a null pointer exception
when ActiveSupport's .blank? method is called directly on a parsed
object. #489
* 1.5.0 Not using correct character encoding #488
* Raw XML string in XML Builder broken on JRuby #486
* Nokogiri 1.5.0 XML generation broken on JRuby #484
* Do not allow multiple root nodes. #550
* Fixes for custom XPath functions. #605, #606 (thanks, Juan Wajnerman!)
* Node#to_xml does not override :save_with if it is provided. #505
* Node#set is a private method [JRuby]. #564 (thanks, Nick Sieger!)
* C14n cleanup and Node#canonicalize (thanks, Ivan Pirlik!) #563
Revision 1.5 / (download) - annotate - [select for diffs], Fri Jul 1 15:10:04 2011 UTC (12 years, 9 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Changes since 1.4: +4 -4
lines
Diff to previous 1.4 (colored) to selected 1.21 (colored)
Update ruby-nokogiri package to 1.5.0. (a leaf package)
* It fixes a critical bug in 1.4.6.
== 1.5.0 / 2011-07-01
* Notes
* See changelog from 1.4.7
* Features
* extracted sets of Node::SaveOptions into Node::SaveOptions::DEFAULT_{X,H,XH}TML (refactor)
* Bugfixes
* default output of XML on JRuby is no longer formatted due to
inconsistent whitespace handling. #415
* (JRuby) making empty NodeSets with null `nodes` member safe to operate on. #443
* Fix a bug in advanced encoding detection that leads to partially
duplicated document when parsing an HTML file with unknown
encoding.
* Add support for <meta charset="...">.
== 1.5.0 beta3 / 2010/12/02
* Notes
* JRuby performance tuning
* See changelog from 1.4.4
* Bugfixes
* Node#inner_text no longer returns nil. (JRuby) #264
== 1.5.0 beta2 / 2010/07/30
* Notes
* See changelog from 1.4.3
== 1.5.0 beta1 / 2010/05/22
* Notes
* JRuby support is provided by a new pure-java backend.
* Deprecations
* Ruby 1.8.6 is deprecated. Nokogiri will install, but official support is ended.
* LibXML 2.6.16 and earlier are deprecated. Nokogiri will refuse to install.
* FFI support is removed.
=== 1.4.7 / 2011-07-01
* Bugfixes
* Fix a bug in advanced encoding detection that leads to partially
duplicated document when parsing an HTML file with unknown
encoding. Thanks, Timothy Elliott (@ender672)! #478
=== 1.4.6 / 2011-06-19
* Notes
* This version is functionally identical to 1.4.5.
* Ruby 1.8.6 support has been restored.
Revision 1.4 / (download) - annotate - [select for diffs], Thu Jun 16 15:34:12 2011 UTC (12 years, 10 months ago) by taca
Branch: MAIN
Changes since 1.3: +4 -4
lines
Diff to previous 1.3 (colored) to selected 1.21 (colored)
Update ruby-nokogiri package to 1.4.5.
=== 1.4.5 / 2011-06-15
* New Features
* Nokogiri::HTML::Document#title accessor gets and sets the document title.
* extracted sets of Node::SaveOptions into
Node::SaveOptions::DEFAULT_{X,H,XH}TML (refactor)
* Raise an exception if a string is passed to Nokogiri::XML::Schema#validate.
#406
* Bugfixes
* Node#serialize-and-friends now accepts a SaveOption object as the, erm,
save object.
* Nokogiri::CSS::Parser has-a Nokogiri::CSS::Tokenizer
* [JRUBY+FFI only] Weak references are now threadsafe. #355
* Make direct start_element() callback (currently used for
HTML::SAX::Parser) pass attributes in assoc array, just as
emulated start_element() callback does. rel. #356
* HTML::SAX::Parser should call back a block given to parse*() if any, just
as XML::SAX::Parser does.
* Add further encoding detection to HTML parser that libxml2 does not do.
* Document#remove_namespaces! now handles attributes with namespaces. #396
* XSLT::Stylesheet#transform no longer segfaults when handed a
non-XML::Document. #452
* XML::Reader no longer segfaults when under GC pressure. #439
Revision 1.3 / (download) - annotate - [select for diffs], Tue Nov 30 15:39:56 2010 UTC (13 years, 4 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4
Changes since 1.2: +4 -4
lines
Diff to previous 1.2 (colored) to selected 1.21 (colored)
Update ruby-nokogiri package to 1.4.4.
=== 1.4.4 / Unreleased
* New Features
* XML::Node#children= sets the node's inner html (much like #inner_html=), but returns the reparent node(s).
* XSLT supports function extensions. #336
* XPath bind parameter substitution. #329
* XML::Reader node type constants. #369
* SAX Parser context provides line and column information
* Bugfixes
* XML::DTD#attributes returns an empty hash instead of nil when there are no attributes.
* XML::DTD#{keys,each} now work as expected. #324
* {XML,HTML}::DocumentFragment.{new,parse} no longer strip leading and trailing whitespace. #319
* XML::Node#{add_child,add_previous_sibling,add_next_sibling,replace} return a NodeSet when passed a string.
* Unclosed tags parsed more robustly in fragments. #315
* XML::Node#{replace,add_previous_sibling,add_next_sibling} edge cases fixed related to libxml's text node merging. #308
* Fixed a segfault when GC occurs during xpath handler argument marshalling. #345
* Added hack to Slop decorator to work with previously defined methods. #330
* Fix a memory leak when duplicating child nodes. #353
* Fixed off-by-one bug with nth-last-{child,of-type} CSS selectors when NOT using an+b notation. #354
* Fixed passing of non-namespace attributes to SAX::Document#start_element. #356
* Workaround for libxml2 in-context parsing bug. #362
* Fixed NodeSet#wrap on nodes within a fragment. #331
Revision 1.2 / (download) - annotate - [select for diffs], Fri Sep 10 08:29:06 2010 UTC (13 years, 7 months ago) by taca
Branch: MAIN
CVS Tags: pkgsrc-2010Q3-base,
pkgsrc-2010Q3
Changes since 1.1: +4 -4
lines
Diff to previous 1.1 (colored) to selected 1.21 (colored)
Update textproc/ruby-nokogiri to 1.4.3.1. * Use lang/ruby/gem.mk instead of misc/rubygems/rubygem.mk. * Update HOMEPAGE. * Add CONFLICTS since it will install the same name commands both ruby18 and ruby19 based packages. Changes are too many to write here, please refer CHANGELOG.rdoc.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Wed Dec 2 13:47:29 2009 UTC (14 years, 4 months ago) by fhajny
Branch: TNF
CVS Tags: pkgsrc-base,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored) to selected 1.21 (colored)
Import ruby18-nokogiri-1.4.0 as textproc/ruby-nokogiri. Nokogiri parses and searches XML/HTML very quickly, and also has correctly implemented CSS3 selector support as well as XPath support. Features: * XPath support for document searching * CSS3 selector support for document searching * XML/HTML builder * Drop in replacement for Hpricot (though not bug for bug)
Revision 1.1 / (download) - annotate - [select for diffs], Wed Dec 2 13:47:29 2009 UTC (14 years, 4 months ago) by fhajny
Branch: MAIN
Diff to selected 1.21 (colored)
Initial revision