Skip to content

fix(deps): update dependency bleach to v5

renovate requested to merge renovate/bleach-5.x into master

This MR contains the following updates:

Package Change Age Adoption Passing Confidence
bleach ^4.1.0 -> ^5.0.0 age adoption passing confidence

Release Notes

mozilla/bleach

v5.0.1

Bugs

  • Add missing comma to tinycss2 require. Thank you, @​shadchin!

  • Add url parse tests based on wpt url tests. (#​688)

  • Support scheme-less urls if "https" is in allow list. (#​662)

  • Handle escaping < in edge cases where it doesn't start a tag. (#​544)

  • Fix reference warnings in docs. (#​660)

  • Correctly urlencode email address parts. Thank you, @​larseggert! (#​659)

v5.0.0

Compare Source

Backwards incompatible changes

  • clean and linkify now preserve the order of HTML attributes. Thank you, @​askoretskly! (#​566)

  • Drop support for Python 3.6. Thank you, @​hugovk! (#​629)

  • CSS sanitization in style tags is completely different now. If you're using Bleach clean to sanitize css in style tags, you'll need to update your code and you'll need to install the css extras::

    pip install 'bleach[css]'

    See the documentation on sanitizing CSS for how to do it <https://bleach.readthedocs.io/en/latest/clean.html#sanitizing-css>_. (#​633)

Bug fixes

  • Rework dev dependencies. We no longer have requirements-dev.in/requirements-dev.txt. Instead, we're using dev extras.

    See development docs <https://bleach.readthedocs.io/en/latest/dev.html>_ for more details. (#​620)

  • Add newline when dropping block-level tags. Thank you, @​jvanasco! (#​369)


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, click this checkbox.

This MR has been generated by Renovate Bot.

Edited by renovate

Merge request reports

Loading