Replace Bleach by NH3

[obi-081]

Since Bleach 6.0 will be the last release and we want the awesome Django Bleach to stay in alive...

Bleach could perhaps be replaced by HN3 ? https://github.com/messense/nh3

NH3 is the Python Binding for Ammonia. Ammonia is a whitelist-based HTML sanitization library. Ammonia is written in Rust and a little Benchmark showed 15x faster performance. https://github.com/rust-ammonia/ammonia

Looks like they were inspired by Bleach to do it, it could be our solution, what do you think ? ^_^

[marksweb]

@obi-jerome That sounds promising. I've not come across that library before.

I was going to update to bleach 6 recently, but not had time given the fact they changed all the kwargs from lists to sets. Bit of a bigger job that I was hoping for to support their last release.

It'd be a bit more work, but just considering a new app, like django-nh3 or something. Just to be explicit.

[obi-081]

Yeah, I was thinking about a new app too. It would be less risky because you can't know what to expect from NH3 and... well. it's called Django-Bleach. :) If the transition is simple for those who use Django Bleach right now, it's the best option indeed.

[baseplate-admin]

Hello guys,

In my opinion lets make a new app djagno-nh3 and point somewhere in the README that people should switch to django-nh3

[marksweb]

I'll setup a repo with some basics in it.

[marksweb]

Here we go;

https://github.com/marksweb/django-nh3

[baseplate-admin]

I will give you the first star!! ★

[obi-081]

Awesome ! I'll try this ASAP ! :)

[obi-081]

I wanted to test it, but there's no models.py in it, only the forms.py. I wanted to try the models.py. I'll try to make a pull request if I can when I have the time.

[marksweb]

@obi-jerome Yeah I've not had time to create the model field just yet.

I did start - but it's been a little while so I can't remember where I got to. Perhaps branch from here;

https://github.com/marksweb/django-nh3/tree/feat/model-field