Closed Bug 760744 Opened 12 years ago Closed 12 years ago

upgrade to bleach 1.1.2 or latest

Categories

(support.mozilla.org :: Code Quality, task, P3)

Product:
support.mozilla.org
Component:
Code Quality
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED
Milestone:
2012.14

People

(Reporter: willkg, Assigned: mythmon)

Details

(Whiteboard: c=general p=1 u=dev) 

We should upgrade to bleach 1.1.2. From James' email:

    It fixes a hang in a regex with extremely long or
    complex inline styles. If you're on 1.1.x, you should
    upgrade.

I checked vendor and it looks like we're using bleach 1.0.1.
Summary: upgrade to bleach 1.1.2 → upgrade to bleach 1.1.2 or latest
I think I got this working, but it needs changes in py-wikimarkup. I'll work with upstream.
Assignee: nobody → mcooper
What changes does it require?
The changes needed are that it needs to specify an alternate tokenizer when calling bleach.linkify, since bleach.linkify by default sanitizes it's input, causing tags we add to the output to get printed as < and > characters. The changes are fairly minor.
Whiteboard: c=general p=1 u=dev
Target Milestone: --- → 2012.14
Kadir said anything in the 2012.14 sprint that wasn't IA related should be a P3. Making it so.
Priority: -- → P3
Landed in fa21009
Status: NEW → RESOLVED
Closed: 12 years ago
Priority: -- → P3
Resolution: --- → FIXED
Mike: We usually provide the github url for the commit sha because then it shows fancy things with bugzilljs. So the url for your commit is this one:

https://github.com/mozilla/kitsune/commit/fa2100902e4e539018c1865136a9ae8b16b9b4be

Additionally, we don't mark the bug as resolved until after it's been pushed to production. That reduces the likelihood that someone who's cc:d on the bug sees it closed, checks production, sees it still broken, reopens the bug, and then we have to explain the confusion. That's too much work. Easier to just mark it resolved after it's pushed to production.
You need to log in before you can comment on or make changes to this bug.