chore(deps): update dependency lxml to v4.9.4#18
Open
renovate[bot] wants to merge 1 commit intodevfrom
Open
Conversation
|
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information |
renovate
bot
force-pushed
the
renovate/lxml-4.x-lockfile
branch
from
507137a to
fc9a61c
Compare
|
Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4.9.2→4.9.4Release Notes
lxml/lxml (lxml)
v4.9.4Compare Source
==================
Features added
Character escaping in
C14N2serialisation now uses a single pass over the textinstead of searching for each unescaped character separately.
Early support for Python 3.13a2 was added.
Bugs fixed
LP#1976304: The
Element.addnext()method previously inserted the new elementbefore existing tail text. The tail text of both sibling elements now stays on
the respective elements.
LP#1980767, GH#379:
TreeBuilder.close()could fail with aTypeErrorafterparsing incorrect input. Original patch by Enrico Minack.
Element.itertext(with_tail=False)returned the tail text of comments andprocessing instructions, despite the explicit option.
GH#370: A crash with recent libxml2 2.11.x versions was resolved.
Patch by Michael Schlenker.
A compile problem with recent libxml2 2.12.x versions was resolved.
The internal exception handling in C callbacks was improved for Cython 3.0.
The exception declarations of
xmlInputReadCallback,xmlInputCloseCallback,xmlOutputWriteCallbackandxmlOutputCloseCallbackintree.pxdwerecorrected to prevent running Python code or calling into the C-API with a live
exception set.
GH#385: The long deprecated
unittest.m̀akeSuite()function is no longer used.Patch by Miro Hrončok.
LP#1522052: A file-system specific test is now optional and should no longer fail
on systems that don't support it.
GH#392: Some tests were adapted for libxml2 2.13.
Patch by Nick Wellnhofer.
Contains all fixes from lxml 4.9.4.
Other changes
LP#1742885: lxml no longer expands external entities (XXE) by default to prevent
the security risk of loading arbitrary files and URLs. If this feature is needed,
it can be enabled in a backwards compatible way by using a parser with the option
resolve_entities=True. The new default isresolve_entities='internal'.With libxml2 2.10.4 and later (as provided by the lxml 5.0 binary wheels),
parsing HTML tags with "prefixes" no longer builds a namespace dictionary
in
nsmapbut considers theprefix:namestring the actual tag name.With older libxml2 versions, since 2.9.11, the prefix was removed. Before
that, the prefix was parsed as XML prefix.
lxml 5.0 does not try to hide this difference but now changes the ElementPath
implementation to let
element.find("part1:part2")search for the tagpart1:part2in documents parsed as HTML, instead of looking only forpart2.LP#2024343: The validation of the schema file itself is now optional in the
ISO-Schematron implementation. This was done because some lxml distributions
discard the RNG validation schema file due to licensing issues. The validation
can now always be disabled with
Schematron(..., validate_schema=False).It is enabled by default if available and disabled otherwise. The module
constant
lxml.isoschematron.schematron_schema_valid_supportedcan be usedto detect whether schema file validation is available.
Some redundant and long deprecated methods were removed:
parser.setElementClassLookup(),xslt_transform.apply(),xpath.evaluate().Some incorrect declarations were removed from
python.pxd. In general, this fileshould not be used by external Cython code. Use the C-API declarations provided by
Cython itself instead.
Binary wheels use the library versions libxml2 2.12.3 and libxslt 1.1.39.
Built with Cython 3.0.7, updated to follow recent changes in Cython 3.1-dev.
v4.9.3Compare Source
==================
Bugs fixed
LP#2008911:
lxml.objectifyaccepted non-decimal numbers like²²²as integers.A memory leak in
lxml.html.cleanwas resolved by switching to Cython 0.29.34+.GH#348: URL checking in the HTML cleaner was improved.
Patch by Tim McCormack.
GH#371, GH#373: Some regex strings were changed to raw strings to fix Python warnings.
Patches by Jakub Wilk and Anthony Sottile.
Other changes
Wheels include zlib 1.2.13, libxml2 2.10.3 and libxslt 1.1.38
(zlib 1.2.12, libxml2 2.10.3 and libxslt 1.1.37 on Windows).
Built with Cython 0.29.36 to adapt to changes in Python 3.12.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.