From f362b53c40b166b6e1fae1c38b00023d88e0cedd Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Fri, 29 May 2020 14:31:29 +0200 Subject: gnu: ruby-sanitize: Update to 5.1.0. * gnu/packages/patches/ruby-sanitize-system-libxml.patch: New file. * gnu/local.mk (dist_patch_DATA): Adjust accordingly. * gnu/packages/ruby.scm (ruby-sanitize): Update to 5.1.0. [source]: Change to GIT-FETCH. Add patch. [native-inputs]: Remove BUNDLER, RUBY-REDCARPET, and RUBY-YARD. --- .../patches/ruby-sanitize-system-libxml.patch | 38 ++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 gnu/packages/patches/ruby-sanitize-system-libxml.patch (limited to 'gnu/packages/patches') diff --git a/gnu/packages/patches/ruby-sanitize-system-libxml.patch b/gnu/packages/patches/ruby-sanitize-system-libxml.patch new file mode 100644 index 0000000000..d19eb07294 --- /dev/null +++ b/gnu/packages/patches/ruby-sanitize-system-libxml.patch @@ -0,0 +1,38 @@ +Fix test failures that occur when nokogiri is using system libxml: + + https://github.com/rgrove/sanitize/issues/198 + +Taken from upstream: +https://github.com/rgrove/sanitize/commit/21da9b62baf9ea659811d92e6b574130aee57eba + +diff --git a/test/test_malicious_html.rb b/test/test_malicious_html.rb +index 2c23074..0756de0 100644 +--- a/test/test_malicious_html.rb ++++ b/test/test_malicious_html.rb +@@ -135,6 +135,8 @@ + # The relevant libxml2 code is here: + # + describe 'unsafe libxml2 server-side includes in attributes' do ++ using_unpatched_libxml2 = Nokogiri::VersionInfo.instance.libxml2_using_system? ++ + tag_configs = [ + { + tag_name: 'a', +@@ -166,6 +168,8 @@ + input = %[<#{tag_name} #{attr_name}='example.com'>foo] + + it 'should escape unsafe characters in attributes' do ++ skip "behavior should only exist in nokogiri's patched libxml" if using_unpatched_libxml2 ++ + # This uses Nokogumbo's HTML-compliant serializer rather than + # libxml2's. + @s.fragment(input). +@@ -191,6 +195,8 @@ + input = %[<#{tag_name} #{attr_name}='example.com'>foo] + + it 'should not escape characters unnecessarily' do ++ skip "behavior should only exist in nokogiri's patched libxml" if using_unpatched_libxml2 ++ + # This uses Nokogumbo's HTML-compliant serializer rather than + # libxml2's. + @s.fragment(input). -- cgit v1.2.3