Release v6.0.0: Version 6.0.0 (January 23rd, 2023) · mozilla/bleach

v6.0.0
324b03d
Verified

This tag was signed with the committer’s verified signature.

willkg Will Kahn-Greene

GPG key ID: 18BDD1A6F066EC11

Learn about vigilant mode
Compare

Choose a tag to compare

View all tags

v6.0.0: Version 6.0.0 (January 23rd, 2023)

v6.0.0
324b03d
Compare

Choose a tag to compare

View all tags
Verified

This tag was signed with the committer’s verified signature.

willkg Will Kahn-Greene

GPG key ID: 18BDD1A6F066EC11

Learn about vigilant mode

willkg tagged this 23 Jan 16:40

**Backwards incompatible changes**

* ``bleach.clean``, ``bleach.sanitizer.Cleaner``,
  ``bleach.html5lib_shim.BleachHTMLParser``: the ``tags`` and ``protocols``
  arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

     bleach.clean(
         "some text",
         tags=["a", "p", "img"],
         #    ^               ^ list
         protocols=["http", "https"],
         #         ^               ^ list
     )

  New 6.0.0 and later:

  .. code-block:: python

     bleach.clean(
         "some text",
         tags={"a", "p", "img"},
         #    ^               ^ set
         protocols={"http", "https"},
         #         ^               ^ set
     )

* ``bleach.linkify``, ``bleach.linkifier.Linker``: the ``skip_tags`` and
  ``recognized_tags`` arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

     bleach.linkify(
         "some text",
         skip_tags=["pre"],
         #         ^     ^ list
     )

     linker = Linker(
         skip_tags=["pre"],
         #         ^     ^ list
         recognized_tags=html5lib_shim.HTML_TAGS + ["custom-element"],
         #                                       ^ ^                ^ list
         #                                       |
         #                                       | list concatenation
     )

  New 6.0.0 and later:

  .. code-block:: python

     bleach.linkify(
         "some text",
         skip_tags={"pre"},
         #         ^     ^ set
     )

     linker = Linker(
         skip_tags={"pre"},
         #         ^     ^ set
         recognized_tags=html5lib_shim.HTML_TAGS | {"custom-element"},
         #                                       ^ ^                ^ set
         #                                       |
         #                                       | union operator
     )

* ``bleach.sanitizer.BleachSanitizerFilter``: ``strip_allowed_elements`` is now
  ``strip_allowed_tags``. We now use "tags" everywhere rather than a mishmash
  of "tags" in some places and "elements" in others.

**Security fixes**

None

**Bug fixes**

* Add support for Python 3.11. (#675)

* Fix API weirness in ``BleachSanitizerFilter``. (#649)

  We're using "tags" instead of "elements" everywhere--no more weird
  overloading of "elements" anymore.

  Also, it no longer calls the superclass constructor.

* Add warning when ``css_sanitizer`` isn't set, but the ``style``
  attribute is allowed. (#676)

* Fix linkify handling of character entities. (#501)

* Rework dev dependencies to use ``requirements-dev.txt`` and
  ``requirements-flake8.txt`` instead of extras.

* Fix project infrastructure to be tox-based so it's easier to have CI
  run the same things we're running in development and with flake8
  in an isolated environment.

* Update action versions in CI.

* Switch to f-strings where possible. Make tests parametrized to be
  easier to read/maintain.

Assets 2

Source code (zip)

2023-01-23T16:40:24Z
Source code (tar.gz)

2023-01-23T16:40:24Z

Provide feedback

Saved searches

Use saved searches to filter your results more quickly