You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
* LP#1958539: The ``lxml.html.clean`` implementation suffered from several (only if used)
security issues in the past and was now extracted into a separate library:
https://github.com/fedora-python/lxml_html_clean
Projects that use lxml without "lxml.html.clean" will not notice any difference,
except that they won't have potentially vulnerable code installed.
The module is available as an "extra" setuptools dependency "lxml[html_clean]",
so that Projects that need "lxml.html.clean" will need to switch their requirements
from "lxml" to "lxml[html_clean]", or install the new library themselves.
As mentionned in the release note, the quick fix would be to install lxml[html_clean].
The text was updated successfully, but these errors were encountered:
waldeck-dev
added a commit
to waldeck-dev/html-sanitizer
that referenced
this issue
Mar 31, 2024
Fixesmatthiask#38
New verion of `lxml` (5.2.0) extracted the `lxml.html.clean` implementation into a separate library.
This commit switches dependency from `lxml` to `lxml[html_clean]`.
Signed-off-by: Valentin <valentin@waldeck.dev>
* Use dependency `lxml[html_clean]`
Fixes#38
New verion of `lxml` (5.2.0) extracted the `lxml.html.clean` implementation into a separate library.
This commit switches dependency from `lxml` to `lxml[html_clean]`.
Signed-off-by: Valentin <valentin@waldeck.dev>
* Update pyproject.toml
---------
Signed-off-by: Valentin <valentin@waldeck.dev>
Co-authored-by: Matthias Kestenholz <mk@feinheit.ch>
Hello there,
The
lxml
dependency recently introduced a breaking change wit new release 5.2.0 (https://github.com/lxml/lxml/releases/tag/lxml-5.2.0)As mentionned in the release note, the quick fix would be to install
lxml[html_clean]
.The text was updated successfully, but these errors were encountered: