Date: Wed, 1 Jan 2025 22:08:43 GMT From: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: fa73c670c2b2 - main - devel/py-lxml-html-clean: New port: HTML cleaner from lxml project Message-ID: <202501012208.501M8hkU078885@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by acm: URL: https://cgit.FreeBSD.org/ports/commit/?id=fa73c670c2b296be88b8dcc998d264959669c0cb commit fa73c670c2b296be88b8dcc998d264959669c0cb Author: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> AuthorDate: 2025-01-01 22:07:30 +0000 Commit: Jose Alonso Cardenas Marquez <acm@FreeBSD.org> CommitDate: 2025-01-01 22:07:30 +0000 devel/py-lxml-html-clean: New port: HTML cleaner from lxml project This project was initially a part of lxml. Because HTML cleaner is designed as blocklist-based, many reports about possible security vulnerabilities were filed for lxml and that make the project problematic for security-sensitive environments. Therefore we decided to extract the problematic part to a separate project. Important: the HTML Cleaner in lxml_html_clean is not considered appropriate for security sensitive environments. See e.g. bleach for an alternative. --- devel/Makefile | 1 + devel/py-lxml-html-clean/Makefile | 18 ++++++++++++++++++ devel/py-lxml-html-clean/distinfo | 3 +++ devel/py-lxml-html-clean/pkg-descr | 8 ++++++++ 4 files changed, 30 insertions(+) diff --git a/devel/Makefile b/devel/Makefile index d588d164261e..d21c9e61a8fc 100644 --- a/devel/Makefile +++ b/devel/Makefile @@ -5191,6 +5191,7 @@ SUBDIR += py-lsprotocol SUBDIR += py-lunardate SUBDIR += py-lxml + SUBDIR += py-lxml-html-clean SUBDIR += py-lxml-stubs SUBDIR += py-lxml5 SUBDIR += py-mac-vendor-lookup diff --git a/devel/py-lxml-html-clean/Makefile b/devel/py-lxml-html-clean/Makefile new file mode 100644 index 000000000000..c08fdf824640 --- /dev/null +++ b/devel/py-lxml-html-clean/Makefile @@ -0,0 +1,18 @@ +PORTNAME= lxml-html-clean +PORTVERSION= 0.4.1 +CATEGORIES= devel python +MASTER_SITES= PYPI +PKGNAMEPREFIX= ${PYTHON_PKGNAMEPREFIX} +DISTNAME= ${PORTNAME:S/-/_/g}-${PORTVERSION} + +MAINTAINER= acm@FreeBSD.org +COMMENT= HTML cleaner from lxml project +WWW= https://github.com/fedora-python/lxml_html_clean/ + +LICENSE= BSD3CLAUSE +LICENSE_FILE= ${WRKSRC}/LICENSE.txt + +USES= python +USE_PYTHON= autoplist distutils + +.include <bsd.port.mk> diff --git a/devel/py-lxml-html-clean/distinfo b/devel/py-lxml-html-clean/distinfo new file mode 100644 index 000000000000..31b97fbde7f6 --- /dev/null +++ b/devel/py-lxml-html-clean/distinfo @@ -0,0 +1,3 @@ +TIMESTAMP = 1735764422 +SHA256 (lxml_html_clean-0.4.1.tar.gz) = 40c838bbcf1fc72ba4ce811fbb3135913017b27820d7c16e8bc412ae1d8bc00b +SIZE (lxml_html_clean-0.4.1.tar.gz) = 21378 diff --git a/devel/py-lxml-html-clean/pkg-descr b/devel/py-lxml-html-clean/pkg-descr new file mode 100644 index 000000000000..6de7cc0cd0b1 --- /dev/null +++ b/devel/py-lxml-html-clean/pkg-descr @@ -0,0 +1,8 @@ +This project was initially a part of lxml. Because HTML cleaner is designed as +blocklist-based, many reports about possible security vulnerabilities were +filed for lxml and that make the project problematic for security-sensitive +environments. Therefore we decided to extract the problematic part to a +separate project. + +Important: the HTML Cleaner in lxml_html_clean is not considered appropriate +for security sensitive environments. See e.g. bleach for an alternative.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202501012208.501M8hkU078885>