Lxml

Latest version: v5.3.0

Safety actively analyzes 681812 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 28

5.3.0

==================

Features added
--------------

* GH421: Nested ``CDATA`` sections are no longer rejected but split on output
to represent ``]]>`` correctly.
Patch by Gertjan Klein.

Bugs fixed
----------

* LP2060160: Attribute values serialised differently in ``xmlfile.element()`` and ``xmlfile.write()``.

* LP2058177: The ISO-Schematron implementation could fail on unknown prefixes.
Patch by David Lakin.

Other changes
-------------

* LP2067707: The ``strip_cdata`` option in ``HTMLParser()`` turned out to be useless and is now deprecated.

* Binary wheels use the library versions libxml2 2.12.9 and libxslt 1.1.42.

* Windows binary wheels use the library versions libxml2 2.11.8 and libxslt 1.1.39.

* Built with Cython 3.0.11.

5.2.2

==================

Bugs fixed
----------

* GH417: The ``test_feed_parser`` test could fail if ``lxml_html_clean`` was not installed.
It is now skipped in that case.

* LP2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
"core2", without SSE 4.2.

* If libxml2 uses iconv, the compile time version is available as `etree.ICONV_COMPILED_VERSION`.

5.2.1

==================

Bugs fixed
----------

* LP2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
"core2", but with SSE 4.2 enabled.

* LP2059977: ``Element.iterfind("//absolute_path")`` failed with a ``SyntaxError``
where it should have issued a warning.

* GH416: The documentation build was using the non-standard ``which`` command.
Patch by Michał Górny.

5.2.0

==================

Other changes
-------------

* LP1958539: The ``lxml.html.clean`` implementation suffered from several (only if used)
security issues in the past and was now extracted into a separate library:

https://github.com/fedora-python/lxml_html_clean

Projects that use lxml without "lxml.html.clean" will not notice any difference,
except that they won't have potentially vulnerable code installed.
The module is available as an "extra" setuptools dependency "lxml[html_clean]",
so that Projects that need "lxml.html.clean" will need to switch their requirements
from "lxml" to "lxml[html_clean]", or install the new library themselves.

* The minimum CPU architecture for the Linux x86 binary wheels was upgraded to
"sandybridge" (launched 2011), and glibc 2.28 / gcc 12 (manylinux_2_28) wheels were added.

* Built with Cython 3.0.10.

5.1.2

==================

Bugs fixed
----------

* LP2059977: ``Element.iterfind("//absolute_path")`` failed with a ``SyntaxError``
where it should have issued a warning.

5.1.1

==================

Bugs fixed
----------

* LP2048920: ``iterlinks()`` in ``lxml.html`` rejected ``bytes`` input in 5.1.0.

* High source line numbers from the parser are no longer truncated
(up to a C ``long``) when using libxml2 2.11 or later.

Other changes
-------------

* GH407: A compatibility test was adapted to recent expat versions.
Patch by Miro Hrončok.

* Binary wheels use the library versions libxml2 2.12.6 and libxslt 1.1.39.

* Windows binary wheels use the library versions libxml2 2.11.7 and libxslt 1.1.39.

* Built with Cython 3.0.9.

Page 1 of 28

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.