![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / www / ruby-mechanize
Request diff between arbitrary revisions
Keyword substitution: kv
Default branch: MAIN
www/ruby-mechanize: update to 2.14.0 2.14.0 (2025-01-05) * Mechanize exposes a write_timeout attribute, which is set on the connection if it's supported (e.g., Net::HTTP::Persistent.write_timeout). (#586) @maurycy
www/ruby-mechanize: update to 2.12.2 2.12.2 (2023-10-02) * Quash deprecation warnings from Mime::Type.new in mime-types v3.6.0. (#655) @avk New Contributors * @avk made their first contribution in #655
www/ruby-mechanize: update to 2.12.1 2.12.1 (2024-08-21) * Introduce experimental support for handling Zstd-compressed responses (CRuby only). (#652) @adrianodennanni
www/ruby-mechanize: update to 2.11.0 pkgsrc change: update dependency 2.11.0 (2024-07-18) * The accept-charset header is no longer sent. In early versions of Mechanize, circa 2007, this was a common header but now no modern browser sends it, and servers are instructed to ignore it. See #646 for an example of a server that is confused by its presence. (#647) @flavorjones
www/ruby-mechanize: update to 2.10.1 2.10.1 (2024-06-12) * Improve page encoding error recovery on pages with broken encoding when used with libxml2 >= 2.12.0. (#644) @flavorjones
www/ruby-mechanize: update to 2.10.0 2.10.0 (2024-01-22) * Add nkf and base64 as explicit dependencies, since they are being unbundled in Ruby 3.4. (#634) @flavorjones
www/ruby-mechanize: update to 2.9.1 2.9.0 (2023-04-07) Requirements * Mechanize now requires Ruby 2.6 or newer. Improvement * Mechanize can now parse frozen strings. (#610) 2.9.1 (2023-04-17) Update * Updated User-Agent strings to represent modern browser versions. (#612) Thank you, @takatea! Contributors * @takatea
www/ruby-mechanize: update to 2.85 2.8.4 (2022-01-17) Fix * Mechanize::CookieJar#load calls Psych.safe_load when using Psych >= 3.1 2.8.5 (2022-06-09) Security Fixes low-severity CVE-2022-31033, "Authorization header leak on port redirect." See GHSA-64qm-hrgp-pgr9 for more details.
www/ruby-mechanize: update to 2.8.3 2.8.3 (2021-11-11) Update * Update the "Linux Firefox" user agent string to rev94 (#587) Thank you, @ncs1!
www/ruby-mechanize: update to 2.8.2 2.8.2 (2021-08-06) Dependencies * Update dependency on Addressable from ~>2.7 to ~>2.8. (#584) @yidingww
www/ruby-mechanize: update to 2.8.1 2.8.1 (2021-05-09) Fix * Gracefully handle parsing errors that contain an invalid byte sequence. Previously, if libxml2 registered a parsing error that itself contained invalid encoding, an exception might be raised. (#553) 2.8.0 (2021-04-01) Requirements * Mechanize now requires Ruby 2.5 or newer. * Move from ntlm-http to rubyntlm gem. (#495, #574) New Features * Page::Link#uri now handles non-ASCII hrefs. (#569) @terryyin * FileConnection supports Windows drive letters (#483) * Credential headers 'Authorization' and 'Cookie' are deleted on cross-origin redirects. (#538) @kyoshidajp * ContentDispositionParser handles ISO8601 date headers, to be robust with websites that ignore RFC2183. (#554) @reitermarkus Bug fix * POST headers 'Content-Length', 'Content-MD5', and 'Content-Type' are deleted in a case-insensitive manner on redirects. Previously these headers were treated as case-sensitive.
www/ruby-mechanize: update to 2.7.7 pkgsrc change: add "USE_LANGUAGES= # empty" 2.7.7 / 2021-02-01 * Security fixes for CVE-2021-21289 Mechanize `>= v2.0`, `< v2.7.7` allows for OS commands to be injected into several classes' methods via implicit use of Ruby's `Kernel.open` method. Exploitation is possible only if untrusted input is used as a local filename and passed to any of these calls: - `Mechanize::CookieJar#load`: since v2.0 (see 208e3ed) - `Mechanize::CookieJar#save_as`: since v2.0 (see 5b776a4) - `Mechanize#download`: since v2.2 (see dc91667) - `Mechanize::Download#save` and `#save!` since v2.1 (see 98b2f51, bd62ff0) - `Mechanize::File#save` and `#save_as`: since v2.1 (see 2bf7519) - `Mechanize::FileResponse#read_body`: since v2.0 (see 01039f5) See github.com/sparklemotion/mechanize/security/advisories/GHSA-qrqm-fpv6-6r8g for more information. Also see #547, #548. Thank you, @kyoshidajp! New Features * Support for Ruby 3.0 by adding `webrick` as a runtime dependency. (#557) @pvalena Bug fix * Ignore input fields with blank names (#542, #536)
www/ruby-mechanize: update to 2.7.6 === 2.7.6 * New Features * Mechanize#set_proxy accepts an HTTP URL/URI. (#513) * Bug fix * Fix element(s)_with(search: selector) methods not working for forms, form fields and frames. (#444) * Improve the filename parser for the `Content-Disposition` header. (#496, #517) * Accept `Content-Encoding: identity`. (#515) * Mechanize::Page#title no longer picks a title in an embeded SVG/RDF element. (#503) * Make Mechanize::Form#has_field? boolean. (#501)
Update ruby-mechanize to 2.7.5. === 2.7.5 * New Features * All 4xx responses and RedirectLimitReachedError when fetching robots.txt are treated as full allow just like Googlebot does. * Enable support for mime-types > 3. * Bug fix * Don't cause infinite loop when `GET /robots.txt` redirects. (#457) * Fix basic authentication for a realm that contains uppercase characters. (#458, #459) * Fix encoding error when uploading a file which name is non-ASCII. (#333)
Update ruby-mechanize to 2.7.4.
=== 2.7.4
* New Features
* Accept array-like and hash-like values as query/parameter value.
A new utility method Mechanize::Util.each_parameter is added, and Mechanize::Util.build_query_string is enhanced
for this feature.
* Allow passing a `Form::FileUpload` instance to `#post`. #350 by Sam
Rawlins.
* Capture link when scheme is unsupported. #362 by Jon Rowe.
* Pre-defined User-Agent stings are updated to those of more recent versions, and new aliases for IE 10/11 and Edge are added.
* Support for mime-types 1.x is restored while keeping compatible with mime-types 2.x and adding support for 3.0.
* Mechanize::Page now responds to #xpath, #css, #at_xpath, #at_css, and #%.
* element(s)_with methods now accept :xpath and :css options for doing xpath/css
selector searching.
* Pass URI information to Nokogiri where applicable. #405 @lulalala
* Bug fix
* Don't raise an exception if a connection has set a {read,open}_timeout and
a `file://` request is made. (#397)
* Fix whitespace bug in WWW-Authenticate. #451, #450, by Rasmus Bergholdt
* Don't allow redirect from a non-file URL to a file URL for security reasons. (#455)
Switch depends on ruby-mime-types2 package. Bump PKGREVISION.
Update HOMEPAGE. Avoid using rubyforge.org since it stopped most of services.
Allow this package build on Ruby 2.2.
Update ruby-mechanize to 2.7.3.
=== 2.7.3
* New Features
* Allow net-http-persistent instance to be named. #324, John Weir.
* #save and #save! return filename #340
* Updated mime-types requirement to 2.x versions. #348 by Jeff Nyman.
* Bug fix
* Ensure Download#save! defaults back to original filename if
none is provided (#300)
Dependency closure of textproc/ruby-nokogiri
Update ruby-mechanize to 2.7.2. Changes are too many to write here, please refer CHANGELOG.rdoc file.
Drop superfluous PKG_DESTDIR_SUPPORT, "user-destdir" is default these days.
Update ruby-mechanize to 2.5.1.
=== 2.5.1
* Bug fix
* Mechanize no longer copies POST requests during a redirect which was
introduced by #215. Pull request #229 by Godfrey Chan.
=== 2.5
* Minor enhancement
* Added Mechanize#ignore_bad_chunking for working around servers that don't
terminate chunked transfer-encoding properly. Enabling this may cause
data loss. Issue #116
* Removed content-type check from Mechanize::Page allowing forced parsing
of incorrect or missing content-types. Issue #221 by GarthSnyder
* Bug fixes
* Fixed typos in EXAMPLES and GUIDES. Pull Request #213 by Erkan Yilmaz.
* Fixed handling of a quoted content-disposition size. Pull Request #220 by
Jason Rust
* Mechanize now ignores a missing gzip footer like browsers do. Issue #224
by afhbl
* Mechanize handles saving of files with the same name better now. Pull
Request #223 by Godfrey Chan, Issue #219 by Jon Hart
* Mechanize now sends headers across redirects. Issue #215 by Chris Gahan
* Mechanize now raises Mechanize::ResponseReadError when the server does not
terminate chunked transfer-encoding properly. Issue #116
* Mechanize no longer raises an exception when multiple identical
radiobuttons are checked. Issue #214 by Matthias Guenther
* Fixed documentation for pre_connect_hooks and post_connect_hooks. Issue
#226 by Robert Poor
* Worked around ruby 1.8 run with -Ku and ISO-8859-1 encoded characters in
URIs. Issue #228 by Stanislav O.Pogrebnyak
Update ruby-mechanize to 2.4.
=== 2.4
* Security fix:
Mechanize#auth and Mechanize#basic_auth allowed disclosure of passwords to
malicious servers and have been removed.
In prior versions of mechanize only one set of HTTP authentication
credentials were allowed for all connections. If a mechanize instance
connected to more than one server then a malicious server detecting
mechanize could ask for HTTP Basic authentication. This would expose the
username and password intended only for one server.
Mechanize#auth and Mechanize#basic_auth now warn when used.
To fix the warning switch to Mechanize#add_auth which requires at the URI
the credentials are intended for, the username and the password.
Optionally an HTTP authentication realm or NTLM domain may be provided.
* Minor enhancement
* Improved exception messages for 401 Unauthorized responses. Mechanize now
tells you if you were missing credentials, had an incorrect password, etc.
Update ruby-mechanize to 2.3.
Changes:
* Add support for the Max-Age attribute in the Set-Cookie header.
* Added Mechanize::Download#body for compatibility with Mechanize::File when
using Mechanize#get_file with Mechanize::Image or other Download-based
pluggable parser. Issue #202 by angas
* Mechanize#max_file_buffer may be set to nil to disable creation of
Tempfiles.
* MetaRefresh#href is not normalized to an absolute URL, but set to the
original value and resolved later. It is even set to nil when the
Refresh URL is unspecified or empty.
* Expose ssl_version from net-http-persistent. Patch by astera.
* SSL parameters and proxy may now be set at any time. Issue #194 by
dsisnero.
* Improved Mechanize::Page with #image_with and #images_with and
Mechanize::Page::Image various img element attribute accessors, #caption,
#extname, #mime_type and #fetch. Pull request #173 by kitamomonga
* Added MIME type parsing for content-types in Mechanize::PluggableParser
for fine-grained parser choices. Parsers will be chosen based on exact
match, simplified type or media type in that order. See
Mechanize::PluggableParser#[]=.
* Added Mechanize#download which downloads a response body to an IO-like or
filename.
* Added Mechanize::DirectorySaver which saves responses in a single
directory. Issue #187 by yoshie902a.
* Added Mechanize::Page::Link#noreferrer?
* The documentation for Mechanize::Page#search and #at now show that both
XPath and CSS expressions are allowed. Issue #199 by Shane Becker.
* Mechanize now depends on net-http-persistent 2.3+. This new version
brings idle timeouts to help with the dreaded "too many connection resets"
issue when POSTing to a closed connection. Issue #123
* SSL connections will be verified against the system certificate store by
default.
* Added Mechanize#retry_change_requests to allow mechanize to retry POST and
other non-idempotent requests when you know it is safe to do so. Issue
#123
* Mechanize can now stream files directly to disk without loading them into
memory first through Mechanize::Download, a pluggable parser for
downloading files.
* Bug fixes.
Relax dependency pattern to net/ruby-net-http-persistent. Bump PKGREVISION.
Update www/ruby-mechanize package to 2.0.1.
=== 2.0.1 / 2011-06-28
Mechanize now uses minitest to avoid 1.9 vs 1.8 assertion availability in
test/unit
* Bug Fixes
* Restored Mechanize#set_proxy. Issue #117, #118, #119
* Mechanize::CookieJar#load now lazy-loads YAML. Issue #118
* Mechanize#keep_alive_time no longer crashes but does nothing as
net-http-persistent does not support HTTP/1.0 keep-alive extensions.
=== 2.0 / 2011-06-27
Mechanize is now under the MIT license
* API changes
* WWW::Mechanize has been removed. Use Mechanize.
* Pre connect hooks are now called with the agent and the request. See
Mechanize#pre_connect_hooks.
* Post connect hooks are now called with the agent and the response. See
Mechanize#post_connect_hooks.
* Mechanize::Chain is gone, as an internal API this should cause no problems.
* Mechanize#fetch_page no longer accepts an options Hash.
* Mechanize#put now accepts headers instead of an options Hash as the last
argument
* Mechanize#delete now accepts headers instead of an options Hash as the
last argument
* Mechanize#request_with_entity now accepts headers instead of an options
Hash as the last argument
* Mechanize no longer raises RuntimeError directly, Mechanize::Error or
ArgumentError are raised instead.
* The User-Agent header has changed. It no longer includes the WWW- prefix
and now includes the ruby version. The URL has been updated as well.
* Mechanize now requires ruby 1.8.7 or newer.
* Hpricot support has been removed as webrobots requires nokogiri.
* Mechanize#get no longer accepts the referer as the second argument.
* Mechanize#get no longer allows the HTTP method to be changed (:verb
option).
* Mechanize::Page::Meta is now Mechanize::Page::MetaRefresh to accurately
depict its responsibilities.
* Mechanize::Page#meta is now Mechanize::Page#meta_refresh as it only
contains meta elements with http-equiv of "refresh"
* Mechanize::Page#charset is now Mechanize::Page::charset. GH #112, patch
by Godfrey Chan.
* Deprecations
* Mechanize#get with an options hash is deprecated and will be removed after
October, 2011.
* Mechanize::Util::to_native_charset is deprecated as it is no longer used
by Mechanize.
* New Features
* Add header reference methods to Mechanize::File so that a reponse
object gets compatible with Net::HTTPResponse.
* Mechanize#click accepts a regexp or string to click a button/link in the
current page. It works as expected when not passed a string or regexp.
* Provide a way to only follow permanent redirects (301)
automatically: <tt>agent.redirect_ok = :permanent</tt> GH #73
* Mechanize now supports HTML5 meta charset. GH #113
* Documented various Mechanize accessors. GH #66
* Mechanize now uses net-http-digest_auth. GH #31
* Mechanize now implements session cookies. GH #78
* Mechanize now implements deflate decoding. GH #40
* Mechanize now allows a certificate and key to be passed directly. GH #71
* Mechanize::Form::MultiSelectList now implements #option_with and
#options_with. GH #42
* Add Mechanize::Page::Link#rel and #rel?(kind) to read and test the rel
attribute.
* Add Mechanize::Page#canonical_uri to read a </tt><link
rel="canonical"></tt> tag.
* Add support for Robots Exclusion Protocol (i.e. robots.txt) and
nofollow/noindex in meta tags and the rel attribute. Automatic
exclusion can be turned on by setting:
agent.robots = true
* Manual robots.txt test can be performed with
Mechanize#robots_allowed? and #robots_disallowed?.
* Mechanize::Form now supports the accept-charset attribute. GH #96
* Mechanize::ResponseReadError is raised if there is an exception while
reading the response body. This allows recovery from broken HTTP servers
(or connections). GH #90
* Mechanize#follow_meta_refresh set to :anywhere will follow meta refresh
found outside of a document's head. GH #99
* Add support for HTML5's rel="noreferrer" attribute which indicates
no "Referer" information should be sent when following the link.
* A frame will now load its content when #content is called. GH #111
* Added Mechanize#default_encoding to provide a default for pages with no
encoding specified. GH #104
* Added Mechanize#force_default_encoding which only uses
Mechanize#default_encoding for parsing HTML. GH #104
* Bug Fixes:
* Fixed a bug where Referer is not sent when accessing a relative
URI starting with "http".
* Fix handling of Meta Refresh with relative paths. GH #39
* Mechanize::CookieJar now supports RFC 2109 correctly. GH #85
* Fixed typo in EXAMPLES.rdoc. GH #74
* The base element is now handled correctly for images. GH #72
* Image buttons with no name attribute are now included in the form's button
list. GH#56
* Improved handling of non ASCII-7bit compatible characters in links (only
an issue on ruby 1.8). GH #36, GH #75
* Loading cookies.txt is faster. GH #38
* Mechanize no longer sends cookies for a.b.example to axb.example. GH #41
* Mechanize no longer sends the button name as a form field for image
buttons. GH #45
* Blank cookie values are now skipped. GH #80
* Mechanize now adds a '.' to cookie domains if no '.' was sent. This is
not allowed by RFC 2109 but does appear in RFC 2965. GH #86
* file URIs are now read in binary mode. GH #83
* Content-Encoding: x-gzip is now treated like gzip per RFC 2616.
* Mechanize now unescapes URIs for meta refresh. GH #68
* Mechanize now has more robust HTML charset detection. GH #43
* Mechanize::Form::Textarea is now created from a textarea element. GH #94
* A meta content-type now overrides the HTTP content type. GH #114
* Mechanize::Page::Link#uri now handles both escaped and unescaped hrefs.
GH #107
Update www/mechanize to 1.0.0. * Use lang/ruby/gem.mk instead of misc/rubygems/rubygem.mk. * Remove default value of GEM_BUILD. * Ajust new ruby package's framework. = Mechanize CHANGELOG === 1.0.0 * New Features: * An optional verb may be passed to Mechanize#get GH #26 * The WWW constant is deprecated. Switch to the top level constant Mechanize * SelectList#option_with and options_with for finding options * Bug Fixes: * Rescue errors from bogus encodings * 7bit content-encoding support. Thanks sporkmonger! GH #2 * Fixed a bug with iconv conversion. Thanks awesomeman! GH #9 * meta redirects outside the head are not followed. GH #13 * Form submissions work with nil page encodings. GH #25 * Fixing default values with serialized cookies. GH #3 * Checkboxes and fields are sorted by page appearance before submitting. #11
Updated ruby-mechanize to 0.9.3. Deprecations: * WWW::Mechanize::List is gone! * Use Nokogiri as the default HTML parser (you may switch to Hpricot by using WWW::Mechanize.html_parser = Hpricot) See full list of changes since 0.7.5: http://mechanize.rubyforge.org/mechanize/CHANGELOG_rdoc.html
Update ruby-mechanize to version 0.7.5. Changes from version 0.6.8 include: + Install as a Ruby gem. * Fixed a bug when fetching files and not pages. * WWW::Mechanize#get now takes hash arguments for uri parameters. * Handling gzipped responses with no Content-Length header * Fixed a bug with EOF errors in net/http. [#17570] * Handling 0 length gzipped responses. [#17471] * Changed parser to lazily parse links * Lazily parsing document * Updating UTF-8 support for urls * Adding AREA tags to the links list. * WWW::Mechanize#follow_meta_refresh will allow you to automatically follow meta refresh tags. [#10032] * Adding x-gzip to accepted content-encoding. * Added Digest Authentication support. * Many bug fixes.
Import ruby-mechanize. The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, can follow links, and submit forms. Form fields can be populated and submitted. Mechanize also keeps track of the sites that you have visited as a history.
Initial revision