GH#417: The test_feed_parser test could fail if lxml_html_clean was not installed.
It is now skipped in that case.
LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
"core2", without SSE 4.2.
If libxml2 uses iconv, the compile time version is available as etree.ICONV_COMPILED_VERSION.
5.2.1 (2024-04-02)
Bugs fixed
LP#2059910: The minimum CPU architecture for the Linux x86 binary wheels was set back to
"core2", but with SSE 4.2 enabled.
LP#2059977: Element.iterfind("//absolute_path") failed with a SyntaxError
where it should have issued a warning.
GH#416: The documentation build was using the non-standard which command.
Patch by Michał Górny.
5.2.0 (2024-03-30)
Other changes
LP#1958539: The lxml.html.clean implementation suffered from several (only if used)
security issues in the past and was now extracted into a separate library:
Projects that use lxml without "lxml.html.clean" will not notice any difference,
except that they won't have potentially vulnerable code installed.
The module is available as an "extra" setuptools dependency "lxml[html_clean]",
so that Projects that need "lxml.html.clean" will need to switch their requirements
from "lxml" to "lxml[html_clean]", or install the new library themselves.
The minimum CPU architecture for the Linux x86 binary wheels was upgraded to
"sandybridge" (launched 2011), and glibc 2.28 / gcc 12 (manylinux_2_28) wheels were added.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps lxml from 5.1.0 to 5.2.2.
Release notes
Sourced from lxml's releases.
Changelog
Sourced from lxml's changelog.
... (truncated)
Commits
8e4b14c
Prepare release of lxml 5.2.2.ddaa6ed
Provide compile time version of libiconv as "etree.ICONV_COMPILED_VERSION".1ab00bd
CI: Do not install lxml as dependency of "lxml_html_clean".b325054
CI: Stop building LTO wheels to avoid messing with the library build cache.81624c2
CI: Exclude now-unsupported Python versions 3.6/7 from macOS jobs.069fa36
Fix typo.e0df2ba
Fix typo.df55eaf
Update changelog.f3e77fa
Remove dependency on SSE4 instructions, reverting back to "core2" as a target...a22e83c
Update changelog.Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show