sanitize 4.4.0 → 4.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 56198b0f03aece3c1a19243dffa2436c927cf999
-  data.tar.gz: 2998dc900ea75523ee9b2f401b6cffbaf73b7aec
+  metadata.gz: 3d044396a7f8807c0907944b0bd4ac1ca7a04f42
+  data.tar.gz: cae7156d36f0a6a02ccf210d56ac43d763cdc4d5
 SHA512:
-  metadata.gz: a77e3b50f6f6a8a2c154e530e7c48d34ddbf6986be72ef706bcef320b1f3cbb74d4eb6843326770e4fe395345efe210aa0bcfdf747b8bd07189af8bc62619cb3
-  data.tar.gz: ca92ad3e4be9f88f79b526e256eb52a8c49acc59291fd533ce6ea9821251800509b8b1cda5bb9c54d8f03852cd2477829e62981a287849b75fb76df2b416d735
+  metadata.gz: 294784d899e87313c865d14f5ff9eaacb09d1face94616d2c3725ba96a8cfcd62e820853f2cd3de9ea6a542cee4ad1ea49e111e03e5bd3d253b9c20ddefe1923
+  data.tar.gz: 4d889afacbe678b20e477a683cd2252773d5658e103822f1d3717c1b5d31ad3163cfb3c21d892f3e36450ecc0e8207feec821844f7cedaab438c2d6dd053b765

data/HISTORY.md

@@ -1,5 +1,16 @@
 # Sanitize History
 
+## 4.5.0 (2017-06-04)
+
+* Added SVG-related CSS properties to the relaxed config. See [the diff][161]
+  for the full list of added properties. [@louim - #161][161]
+
+* Fixed: Sanitize now strips null bytes (`\u0000`) before passing input to
+  Nokogumbo, since they can cause recent versions to crash with a failed
+  assertion in the Gumbo parser.
+
+[161]:https://github.com/rgrove/sanitize/pull/161
+
 ## 4.4.0 (2016-09-29)
 
 * Added `srcset` to the attribute whitelist for `img` elements in the relaxed

data/lib/sanitize.rb

@@ -30,7 +30,7 @@ class Sanitize
   # it to the parser.
   #
   # http://www.w3.org/TR/unicode-xml/#Charlist
-  REGEX_UNSUITABLE_CHARS = /[\u0340\u0341\u17a3\u17d3\u2028\u2029\u202a-\u202e\u206a-\u206f\ufff9-\ufffb\ufeff\ufffc\u{1d173}-\u{1d17a}\u{e0000}-\u{e007f}]/u
+  REGEX_UNSUITABLE_CHARS = /[\u0000\u0340\u0341\u17a3\u17d3\u2028\u2029\u202a-\u202e\u206a-\u206f\ufff9-\ufffb\ufeff\ufffc\u{1d173}-\u{1d17a}\u{e0000}-\u{e007f}]/u
 
   #--
   # Class Methods

data/lib/sanitize/config/relaxed.rb

@@ -431,7 +431,10 @@ class Sanitize
           clip-path
           clip-rule
           color
+          color-interpolation
           color-interpolation-filters
+          color-profile
+          color-rendering
           column-count
           column-fill
           column-gap
@@ -460,6 +463,10 @@ class Sanitize
           dominant-baseline
           elevation
           empty-cells
+          enable-background
+          fill
+          fill-opacity
+          fill-rule
           filter
           flex
           flex-basis
@@ -492,6 +499,8 @@ class Sanitize
           font-variant-numeric
           font-variant-position
           font-weight
+          glyph-orientation-horizontal
+          glyph-orientation-vertical
           grid
           grid-area
           grid-auto-columns
@@ -520,6 +529,7 @@ class Sanitize
           justify-content
           justify-items
           justify-self
+          kerning
           left
           letter-spacing
           lighting-color
@@ -541,8 +551,12 @@ class Sanitize
           margin-left
           margin-right
           margin-top
+          marker
+          marker-end
+          marker-mid
           marker-offset
           marker-side
+          marker-start
           marks
           mask
           mask-box
@@ -602,6 +616,7 @@ class Sanitize
           pitch
           pitch-range
           play-during
+          pointer-events
           position
           presentation-level
           quotes
@@ -620,6 +635,7 @@ class Sanitize
           shape-image-threshold
           shape-margin
           shape-outside
+          shape-rendering
           size
           speak
           speak-as
@@ -627,12 +643,23 @@ class Sanitize
           speak-numeral
           speak-punctuation
           speech-rate
+          stop-color
+          stop-opacity
           stress
           string-set
+          stroke
+          stroke-dasharray
+          stroke-dashoffset
+          stroke-linecap
+          stroke-linejoin
+          stroke-miterlimit
+          stroke-opacity
+          stroke-width
           tab-size
           table-layout
           text-align
           text-align-last
+          text-anchor
           text-combine-horizontal
           text-combine-upright
           text-decoration

data/lib/sanitize/version.rb

@@ -1,5 +1,5 @@
 # encoding: utf-8
 
 class Sanitize
-  VERSION = '4.4.0'
+  VERSION = '4.5.0'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: sanitize
 version: !ruby/object:Gem::Version
-  version: 4.4.0
+  version: 4.5.0
 platform: ruby
 authors:
 - Ryan Grove
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-09-30 00:00:00.000000000 Z
+date: 2017-06-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: crass
@@ -58,28 +58,28 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.6.0
+        version: 5.10.2
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.6.0
+        version: 5.10.2
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.4.2
+        version: 12.0.0
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 10.4.2
+        version: 12.0.0
 - !ruby/object:Gem::Dependency
   name: redcarpet
   requirement: !ruby/object:Gem::Requirement