summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--gnu/local.mk3
-rw-r--r--gnu/packages/patches/ruby-sanitize-system-libxml.patch38
-rw-r--r--gnu/packages/ruby.scm11
3 files changed, 5 insertions, 47 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 325bdd570a..eba4fc2d01 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -19,7 +19,7 @@
 # Copyright © 2018 Amirouche Boubekki <amirouche@hypermove.net>
 # Copyright © 2018, 2019, 2020, 2021, 2022 Oleg Pykhalov <go.wigust@gmail.com>
 # Copyright © 2018 Stefan Stefanović <stefanx2ovic@gmail.com>
-# Copyright © 2018, 2020, 2021, 2022 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+# Copyright © 2018, 2020, 2021, 2022, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
 # Copyright © 2019, 2020, 2021, 2022 Guillaume Le Vaillant <glv@posteo.net>
 # Copyright © 2019, 2020 John Soo <jsoo1@asu.edu>
 # Copyright © 2019 Jonathan Brielmaier <jonathan.brielmaier@web.de>
@@ -1813,7 +1813,6 @@ dist_patch_DATA =						\
   %D%/packages/patches/ruby-anystyle-fix-dictionary-populate.patch	\
   %D%/packages/patches/ruby-latex-decode-fix-test.patch		\
   %D%/packages/patches/ruby-mustache-1.1.1-fix-race-condition-tests.patch \
-  %D%/packages/patches/ruby-sanitize-system-libxml.patch	\
   %D%/packages/patches/rustc-1.54.0-src.patch			\
   %D%/packages/patches/rust-1.64-fix-riscv64-bootstrap.patch	\
   %D%/packages/patches/rust-adblock-ignore-live-tests.patch		\
diff --git a/gnu/packages/patches/ruby-sanitize-system-libxml.patch b/gnu/packages/patches/ruby-sanitize-system-libxml.patch
deleted file mode 100644
index d19eb07294..0000000000
--- a/gnu/packages/patches/ruby-sanitize-system-libxml.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-Fix test failures that occur when nokogiri is using system libxml:
-
-  https://github.com/rgrove/sanitize/issues/198
-
-Taken from upstream:
-https://github.com/rgrove/sanitize/commit/21da9b62baf9ea659811d92e6b574130aee57eba
-
-diff --git a/test/test_malicious_html.rb b/test/test_malicious_html.rb
-index 2c23074..0756de0 100644
---- a/test/test_malicious_html.rb
-+++ b/test/test_malicious_html.rb
-@@ -135,6 +135,8 @@
-   # The relevant libxml2 code is here:
-   # <https://github.com/GNOME/libxml2/commit/960f0e275616cadc29671a218d7fb9b69eb35588>
-   describe 'unsafe libxml2 server-side includes in attributes' do
-+    using_unpatched_libxml2 = Nokogiri::VersionInfo.instance.libxml2_using_system?
-+
-     tag_configs = [
-       {
-         tag_name: 'a',
-@@ -166,6 +168,8 @@
-         input = %[<#{tag_name} #{attr_name}='examp<!--" onmouseover=alert(1)>-->le.com'>foo</#{tag_name}>]
- 
-         it 'should escape unsafe characters in attributes' do
-+          skip "behavior should only exist in nokogiri's patched libxml" if using_unpatched_libxml2
-+
-           # This uses Nokogumbo's HTML-compliant serializer rather than
-           # libxml2's.
-           @s.fragment(input).
-@@ -191,6 +195,8 @@
-         input = %[<#{tag_name} #{attr_name}='examp<!--" onmouseover=alert(1)>-->le.com'>foo</#{tag_name}>]
- 
-         it 'should not escape characters unnecessarily' do
-+          skip "behavior should only exist in nokogiri's patched libxml" if using_unpatched_libxml2
-+
-           # This uses Nokogumbo's HTML-compliant serializer rather than
-           # libxml2's.
-           @s.fragment(input).
diff --git a/gnu/packages/ruby.scm b/gnu/packages/ruby.scm
index f52503f70e..540aab23af 100644
--- a/gnu/packages/ruby.scm
+++ b/gnu/packages/ruby.scm
@@ -6365,7 +6365,7 @@ multibyte strings, internationalization, time zones, and testing.")
 (define-public ruby-sanitize
   (package
     (name "ruby-sanitize")
-    (version "5.1.0")
+    (version "6.0.0")
     (home-page "https://github.com/rgrove/sanitize")
     (source (origin
               (method git-fetch)
@@ -6375,15 +6375,12 @@ multibyte strings, internationalization, time zones, and testing.")
                     (url home-page)
                     (commit (string-append "v" version))))
               (file-name (git-file-name name version))
-              (patches (search-patches "ruby-sanitize-system-libxml.patch"))
               (sha256
                (base32
-                "0lj0q9yhjp0q0in5majkshnki07mw8m2vxgndx4m5na6232aszl0"))))
+                "0p1a28vx95vscy9xzzyyddzgb9496x42a5i2ka39cpxbl5f3gkl0"))))
     (build-system ruby-build-system)
-    (propagated-inputs
-     (list ruby-crass ruby-nokogiri ruby-nokogumbo))
-    (native-inputs
-     (list ruby-minitest))
+    (propagated-inputs (list ruby-crass ruby-nokogiri))
+    (native-inputs (list ruby-minitest))
     (synopsis "Whitelist-based HTML and CSS sanitizer")
     (description
      "Sanitize is a whitelist-based HTML and CSS sanitizer.  Given a list of
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-25 22:41:11 +0000