Update lxml to 4.3.5

[pyup-bot]

This PR updates lxml from 3.7.2 to 4.3.5.

Changelog

### 4.3.5 ``` ================== * Rebuilt with Cython 0.29.13 to support Python 3.8. ``` ### 4.3.4 ``` ================== * Rebuilt with Cython 0.29.10 to support Python 3.8. ``` ### 4.3.3 ``` ================== Bugs fixed ---------- * Fix leak of output buffer and unclosed files in ``_XSLTResultTree.write_output()``. ``` ### 4.3.2 ``` ================== Bugs fixed ---------- * Crash in 4.3.1 when appending a child subtree with certain text nodes. Other changes ------------- * Built with Cython 0.29.6. ``` ### 4.3.1 ``` ================== Bugs fixed ---------- * LP1814522: Crash when appending a child subtree that contains unsubstituted entity references. Other changes ------------- * Built with Cython 0.29.5. ``` ### 4.3.0 ``` ================== Features added -------------- * The module ``lxml.sax`` is compiled using Cython in order to speed it up. * GH267: ``lxml.sax.ElementTreeProducer`` now preserves the namespace prefixes. If two prefixes point to the same URI, the first prefix in alphabetical order is used. Patch by Lennart Regebro. * Updated ISO-Schematron implementation to 2013 version (now MIT licensed) and the corresponding schema to the 2016 version (with optional "properties"). Other changes ------------- * GH270, GH271: Support for Python 2.6 and 3.3 was removed. Patch by hugovk. * The minimum dependency versions were raised to libxml2 2.9.2 and libxslt 1.1.27, which were released in 2014 and 2012 respectively. * Built with Cython 0.29.2. ``` ### 4.2.6 ``` ================== Bugs fixed ---------- * LP1799755: Fix a DeprecationWarning in Py3.7+. * Import warnings in Python 3.6+ were resolved. ``` ### 4.2.5 ``` ================== Bugs fixed ---------- * Javascript URLs that used URL escaping were not removed by the HTML cleaner. Security problem found by Omar Eissa. (CVE-2018-19787) ``` ### 4.2.4 ``` ================== Features added -------------- * GH259: Allow using ``pkg-config`` for build configuration. Patch by Patrick Griffis. Bugs fixed ---------- * LP1773749, GH268: Crash when moving an element to another document with ``Element.insert()``. Patch by Alexander Weggerle. ``` ### 4.2.3 ``` ================== Bugs fixed ---------- * Reverted GH265: lxml links against zlib as a shared library again. ``` ### 4.2.2 ``` ================== Bugs fixed ---------- * GH266: Fix sporadic crash during GC when parse-time schema validation is used and the parser participates in a reference cycle. Original patch by Julien Greard. * GH265: lxml no longer links against zlib as a shared library, only on static builds. Patch by Nehal J Wani. ``` ### 4.2.1 ``` ================== Bugs fixed ---------- * LP1755825: ``iterwalk()`` failed to return the 'start' event for the initial element if a tag selector is used. * LP1756314: Failure to import 4.2.0 into PyPy due to a missing library symbol. * LP1727864, GH258: Add "-isysroot" linker option on MacOS as needed by XCode 9. ``` ### 4.2.0 ``` ================== Features added -------------- * GH255: ``SelectElement.value`` returns more standard-compliant and browser-like defaults for non-multi-selects. If no option is selected, the value of the first option is returned (instead of None). If multiple options are selected, the value of the last one is returned (instead of that of the first one). If no options are present (not standard-compliant) ``SelectElement.value`` still returns ``None``. * GH261: The ``HTMLParser()`` now supports the ``huge_tree`` option. Patch by stranac. Bugs fixed ---------- * LP1551797: Some XSLT messages were not captured by the transform error log. * LP1737825: Crash at shutdown after an interrupted iterparse run with XMLSchema validation. Other changes ------------- ``` ### 4.1.1 ``` ================== * Rebuild with Cython 0.27.3 to improve support for Py3.7. ``` ### 4.1.0 ``` ================== Features added -------------- * ElementPath supports text predicates for current node, like "[.='text']". * ElementPath allows spaces in predicates. * Custom Element classes and XPath functions can now be registered with a decorator rather than explicit dict assignments. * Static Linux wheels are now built with link time optimisation (LTO) enabled. This should have a beneficial impact on the overall performance by providing a tighter compiler integration between lxml and libxml2/libxslt. Bugs fixed ---------- * LP1722776: Requesting non-Element objects like comments from a document with ``PythonElementClassLookup`` could fail with a TypeError. ``` ### 4.0.0 ``` ================== Features added -------------- * The ElementPath implementation is now compiled using Cython, which speeds up the ``.find*()`` methods quite significantly. * The modules ``lxml.builder``, ``lxml.html.diff`` and ``lxml.html.clean`` are also compiled using Cython in order to speed them up. * ``xmlfile()`` supports async coroutines using ``async with`` and ``await``. * ``iterwalk()`` has a new method ``skip_subtree()`` that prevents walking into the descendants of the current element. * ``RelaxNG.from_rnc_string()`` accepts a ``base_url`` argument to allow relative resource lookups. * The XSLT result object has a new method ``.write_output(file)`` that serialises output data into a file according to the ``<xsl:output>`` configuration. Bugs fixed ---------- * GH251: HTML comments were handled incorrectly by the soupparser. Patch by mozbugbox. * LP1654544: The html5parser no longer passes the ``useChardet`` option if the input is a Unicode string, unless explicitly requested. When parsing files, the default is to enable it when a URL or file path is passed (because the file is then opened in binary mode), and to disable it when reading from a file(-like) object. Note: This is a backwards incompatible change of the default configuration. If your code parses byte strings/streams and depends on character detection, please pass the option ``guess_charset=True`` explicitly, which already worked in older lxml versions. * LP1703810: ``etree.fromstring()`` failed to parse UTF-32 data with BOM. * LP1526522: Some RelaxNG errors were not reported in the error log. * LP1567526: Empty and plain text input raised a TypeError in soupparser. * LP1710429: Uninitialised variable usage in HTML diff. * LP1415643: The closing tags context manager in ``xmlfile()`` could continue to output end tags even after writing failed with an exception. * LP1465357: ``xmlfile.write()`` now accepts and ignores None as input argument. * Compilation under Py3.7-pre failed due to a modified function signature. Other changes ------------- * The main module source files were renamed from ``lxml.*.pyx`` to plain ``*.pyx`` (e.g. ``etree.pyx``) to simplify their handling in the build process. Care was taken to keep the old header files as fallbacks for code that compiles against the public C-API of lxml, but it might still be worth validating that third-party code does not notice this change. ``` ### 3.8.0 ``` ================== Features added -------------- * ``ElementTree.write()`` has a new option ``doctype`` that writes out a doctype string before the serialisation, in the same way as ``tostring()``. * GH220: ``xmlfile`` allows switching output methods at an element level. Patch by Burak Arslan. * LP1595781, GH240: added a PyCapsule Python API and C-level API for passing externally generated libxml2 documents into lxml. * GH244: error log entries have a new property ``path`` with an XPath expression (if known, None otherwise) that points to the tree element responsible for the error. Patch by Bob Kline. * The namespace prefix mapping that can be used in ElementPath now injects a default namespace when passing a None prefix. Bugs fixed ---------- * GH238: Character escapes were not hex-encoded in the ``xmlfile`` serialiser. Patch by matejcik. * GH229: fix for externally created XML documents. Patch by Theodore Dubois. * LP1665241, GH228: Form data handling in lxml.html no longer strips the option values specified in form attributes but only the text values. Patch by Ashish Kulkarni. * LP1551797: revert previous fix for XSLT error logging as it breaks multi-threaded XSLT processing. * LP1673355, GH233: ``fromstring()`` html5parser failed to parse byte strings. Other changes ------------- * The previously undocumented ``docstring`` option in ``ElementTree.write()`` produces a deprecation warning and will eventually be removed. ``` ### 3.7.4 ``` ================== Bugs fixed ---------- * LP1551797: revert previous fix for XSLT error logging as it breaks multi-threaded XSLT processing. * LP1673355, GH233: ``fromstring()`` html5parser failed to parse byte strings. ``` ### 3.7.3 ``` ================== Bugs fixed ---------- * GH218 was ineffective in Python 3. * GH222: ``lxml.html.submit_form()`` failed in Python 3. Patch by Jakub Wilk. ```

Links

- PyPI: https://pypi.org/project/lxml - Changelog: https://pyup.io/changelogs/lxml/ - Homepage: http://lxml.de/

[ghost]

DeepCode Report (#a83f5f)

DeepCode analyzed this pull request. There are no new issues.

[scrutinizer-notifier]

The inspection completed: ****

[pyup-bot]

Closing this in favor of #282