All Versions
44
Latest Version
Avg Release Cycle
75 days
Latest Release
662 days ago

Changelog History
Page 1

  • v5.0.1 Changes

    June 27, 2022

    ๐Ÿ› Bugs

    • โž• Add missing comma to tinycss2 require. Thank you, @shadchin!

    • โž• Add url parse tests based on wpt url tests. (#688)

    • ๐Ÿ‘Œ Support scheme-less urls if "https" is in allow list. (#662)

    • ๐Ÿ– Handle escaping < in edge cases where it doesn't start a tag. (#544)

    • ๐Ÿ›  Fix reference warnings in docs. (#660)

    • Correctly urlencode email address parts. Thank you, @larseggert! (#659)

  • v5.0.0 Changes

    April 07, 2022

    Backwards incompatible changes

    • clean and linkify now preserve the order of HTML attributes. Thank you, @askoretskly! (#566)

    • โฌ‡๏ธ Drop support for Python 3.6. Thank you, @hugovk! (#629)

    • ๐Ÿ’… CSS sanitization in style tags is completely different now. If you're using Bleach clean to sanitize css in style tags, you'll need to update your code and you'll need to install the css extras::

      pip install 'bleach[css]'

    See the documentation on sanitizing CSS for how to do it <https://bleach.readthedocs.io/en/latest/clean.html#sanitizing-css>_. (#633)

    ๐Ÿ› Bug fixes

    • Rework dev dependencies. We no longer have requirements-dev.in/requirements-dev.txt. Instead, we're using dev extras.

    See development docs <https://bleach.readthedocs.io/en/latest/dev.html>_ for more details. (#620)

    • โž• Add newline when dropping block-level tags. Thank you, @jvanasco! (#369)

  • v4.1.0 Changes

    August 25, 2021

    ๐Ÿ”‹ Features

    • ๐Ÿ‘ Python 3.9 support

    ๐Ÿ› Bug fixes

    • โšก๏ธ Update sanitizer clean to use vendored 3.6.14 stdlib urllib.parse to fix test failures on Python 3.9. (#536)

  • v4.0.0 Changes

    August 03, 2021

    Backwards incompatible changes

    • โฌ‡๏ธ Drop support for unsupported Python versions <3.6. (#520)

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    • ๐Ÿ›  fix attribute name in the linkify docs (thanks @CheesyFeet!)

  • v3.3.1 Changes

    July 14, 2021

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    • โž• add more tests for CVE-2021-23980 / GHSA-vv2x-vrpj-qqpq
    • โฌ†๏ธ bump python version to 3.8 for tox doc, vendorverify, and lint targets
    • โšก๏ธ update bug report template tag
    • โšก๏ธ update vendorverify script to detect and fail when extra files are vendored
    • ๐Ÿš€ update release process docs to check vendorverify passes locally

    ๐Ÿ› Bug fixes

    • โœ‚ remove extra vendored django present in the v3.3.0 whl (#595)
    • duplicate h1 header doc fix (thanks Nguyแป…n Gia Phong / @McSinyx!)

  • v3.3.0 Changes

    February 01, 2021

    Backwards incompatible changes

    • clean escapes HTML comments even when strip_comments=False

    ๐Ÿ”’ Security fixes

    • ๐Ÿ›  Fix bug 1621692 / GHSA-m6xf-fq7q-8743. See the advisory for details.

    ๐Ÿ”‹ Features

    None

    ๐Ÿ› Bug fixes

    None

  • v3.2.3 Changes

    January 26, 2021

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    None

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  fix clean and linkify raising ValueErrors for certain inputs. Thank you @Google-Autofuzz.

  • v3.2.2 Changes

    January 20, 2021

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    • ๐Ÿ‘ท Migrate CI to Github Actions. Thank you @hugovk.

    ๐Ÿ› Bug fixes

    • ๐Ÿ›  fix linkify raising an IndexError on certain inputs. Thank you @Google-Autofuzz.

  • v3.2.1 Changes

    September 18, 2020

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    None

    ๐Ÿ› Bug fixes

    • ๐Ÿ”„ change linkifier to add rel="nofollow" as documented. Thank you @mitar.
    • ๐Ÿ—„ suppress html5lib sanitizer DeprecationWarnings (#557)

  • v3.2.0 Changes

    September 16, 2020

    ๐Ÿ”’ Security fixes

    None

    ๐Ÿ”‹ Features

    None

    ๐Ÿ› Bug fixes

    • html5lib dependency to version 1.1.0. Thank you Sam Sneddon.
    • โšก๏ธ update tests_website terminology. Thank you Thomas Grainger.