News

3.4.0 - 2024-12-15 #version-3-4-0

Improvement

• Improved performance.

  • GH-216
  • Patch by NAITOH Jun

• JRuby: Improved parse performance.

  • GH-219
  • Patch by João Duarte

• Added support for reusing pull parser.

  • GH-214
  • GH-220
  • Patch by Dmitry Pogrebnoy

• Improved error handling when source is IO.

  • GH-221
  • Patch by NAITOH Jun

Thanks

• NAITOH Jun

• João Duarte

• Dmitry Pogrebnoy

3.3.9 - 2024-10-24 #version-3-3-9

Improvements

• Improved performance.
  • GH-210
  • Patch by NAITOH Jun.

Fixes

• Fixed a parse bug for text only invalid XML.

  • GH-215
  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks

• NAITOH Jun

3.3.8 - 2024-09-29 #version-3-3-8

Improvements

• SAX2: Improve parse performance.
  • GH-207
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.
  • GH-208
  • Patch by KITAITI Makoto

Thanks

• NAITOH Jun

• KITAITI Makoto

3.3.7 - 2024-09-04 #version-3-3-7

Improvements

• Added local entity expansion limit methods

  • GH-192
  • GH-202
  • Reported by takuya kodama.
  • Patch by NAITOH Jun.

• Removed explicit strscan dependency

  • GH-204
  • Patch by Bo Anderson.

Thanks

• takuya kodama

• NAITOH Jun

• Bo Anderson

3.3.6 - 2024-08-22 #version-3-3-6

Improvements

• Removed duplicated entity expansions for performance.

  • GH-194
  • Patch by Viktor Ivarsson.

• Improved namespace conflicted attribute check performance. It was too slow for deep elements.

  • Reported by l33thaxor.

Fixes

• Fixed a bug that default entity expansions are counted for security check. Default entity expansions should not be counted because they don't have a security risk.

  • GH-198
  • GH-199
  • Patch Viktor Ivarsson

• Fixed a parser bug that parameter entity references in internal subsets are expanded. It's not allowed in the XML specification.

  • GH-191
  • Patch by NAITOH Jun.

• Fixed a stream parser bug that user-defined entity references in text aren't expanded.

  • GH-200
  • Patch by NAITOH Jun.

Thanks

• Viktor Ivarsson

• NAITOH Jun

• l33thaxor

3.3.5 - 2024-08-12 #version-3-3-5

Fixes

• Fixed a bug that REXML::Security.entity_expansion_text_limit check has wrong text size calculation in SAX and pull parsers.
  • GH-193
  • GH-195
  • Reported by Viktor Ivarsson.
  • Patch by NAITOH Jun.

Thanks

• Viktor Ivarsson

• NAITOH Jun

3.3.4 - 2024-08-01 #version-3-3-4

Fixes

• Fixed a bug that ::REXML::Security isn't defined when ::REXML::Parsers::StreamParser is used and rexml/parsers/streamparser is only required.
  • GH-189
  • Patch by takuya kodama.

Thanks

• takuya kodama

3.3.3 - 2024-08-01 #version-3-3-3

Improvements

• Added support for detecting invalid XML that has unsupported content before root element

  • GH-184
  • Patch by NAITOH Jun.

• Added support for REXML::Security.entity_expansion_limit= and REXML::Security.entity_expansion_text_limit= in SAX2 and pull parsers

  • GH-187
  • Patch by NAITOH Jun.

• Added more tests for invalid XMLs.

  • GH-183
  • Patch by Watson.

• Added more performance tests.

  • Patch by Watson.

• Improved parse performance.

  • GH-186
  • Patch by tomoya ishida.

Thanks

• NAITOH Jun

• Watson

• tomoya ishida

3.3.2 - 2024-07-16 #version-3-3-2

Improvements

• Improved parse performance.

  • GH-160
  • Patch by NAITOH Jun.

• Improved parse performance.

  • GH-169
  • GH-170
  • GH-171
  • GH-172
  • GH-173
  • GH-174
  • GH-175
  • GH-176
  • GH-177
  • Patch by Watson.

• Added support for raising a parse exception when an XML has extra content after the root element.

  • GH-161
  • Patch by NAITOH Jun.

• Added support for raising a parse exception when an XML declaration exists in wrong position.

  • GH-162
  • Patch by NAITOH Jun.

• Removed needless a space after XML declaration in pretty print mode.

  • GH-164
  • Patch by NAITOH Jun.

• Stopped to emit :text event after the root element.

  • GH-167
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that SAX2 parser doesn't expand predefined entities for characters callback.
  • GH-168
  • Patch by NAITOH Jun.

Thanks

• NAITOH Jun

• Watson

3.3.1 - 2024-06-25 #version-3-3-1

Improvements

• Added support for detecting malformed top-level comments.

  • GH-145
  • Patch by Hiroya Fujinami.

• Improved REXML::Element#attribute performance.

  • GH-146
  • Patch by Hiroya Fujinami.

• Added support for detecting malformed <!--> comments.

  • GH-147
  • Patch by Hiroya Fujinami.

• Added support for detecting unclosed DOCTYPE.

  • GH-152
  • Patch by Hiroya Fujinami.

• Added changlog_uri metadata to gemspec.

  • GH-156
  • Patch by fynsta.

• Improved parse performance.

  • GH-157
  • GH-158
  • Patch by NAITOH Jun.

Fixes

• Fixed a bug that large XML can't be parsed.

  • GH-154
  • Patch by NAITOH Jun.

• Fixed a bug that private constants are visible.

  • GH-155
  • Patch by NAITOH Jun.

Thanks

• Hiroya Fujinami

• NAITOH Jun

• fynsta

3.3.0 - 2024-06-11 #version-3-3-0

Improvements

• Added support for strscan 0.7.0 installed with Ruby 2.6.
  • GH-142
  • Reported by Fernando Trigoso.

Thanks

• Fernando Trigoso

3.2.9 - 2024-06-09 #version-3-2-9

Improvements

• Added support for old strscan.

  • GH-132
  • Reported by Adam.

• Improved attribute value parse performance.

  • GH-135
  • Patch by NAITOH Jun.

• Improved REXML::Node#each_recursive performance.

  • GH-134
  • GH-139
  • Patch by Hiroya Fujinami.

• Improved text parse performance.

  • Reported by mprogrammer.

Thanks

• Adam
• NAITOH Jun
• Hiroya Fujinami
• mprogrammer

3.2.8 - 2024-05-16 #version-3-2-8

Fixes

• Suppressed a warning

3.2.7 - 2024-05-16 #version-3-2-7

Improvements

• Improve parse performance by using StringScanner.

  • GH-106
  • GH-107
  • GH-108
  • GH-109
  • GH-112
  • GH-113
  • GH-114
  • GH-115
  • GH-116
  • GH-117
  • GH-118
  • GH-119
  • GH-121
  • Patch by NAITOH Jun.

• Improved parse performance when an attribute has many <s.

  • GH-126

Fixes

• XPath: Fixed a bug of normalize_space(array).

  • GH-110
  • GH-111
  • Patch by flatisland.

• XPath: Fixed a bug that wrong position is used with nested path.

  • GH-110
  • GH-122
  • Reported by jcavalieri.
  • Patch by NAITOH Jun.

• Fixed a bug that an exception message can't be generated for invalid encoding XML.

  • GH-29
  • GH-123
  • Reported by DuKewu.
  • Patch by NAITOH Jun.

Thanks

• NAITOH Jun
• flatisland
• jcavalieri
• DuKewu

3.2.6 - 2023-07-27 #version-3-2-6

Improvements

• Required Ruby 2.5 or later explicitly. GH-69 [Patch by Ivo Anjo]

• Added documentation for maintenance cycle. GH-71 [Patch by Ivo Anjo]

• Added tutorial. GH-77 [GH-78][gh-78] [Patch by Burdette Lamar]

• Improved performance and memory usage. GH-94 [Patch by fatkodima]

• REXML::Parsers::XPathParser#abbreviate: Added support for function arguments. GH-95 [Reported by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added support for string literal that contains double-quote. GH-96 [Patch by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added missing / to :descendant_or_self/:self/:parent. GH-97 [Reported by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added support for more patterns. GH-97 [Reported by pulver]

Fixes

• Fixed a typo in NEWS. GH-72 [Patch by Spencer Goodman]

• Fixed a typo in NEWS. GH-75 [Patch by Andrew Bromwich]

• Fixed documents. GH-87 [Patch by Alexander Ilyin]

• Fixed a bug that Attriute convert ' and ' even when attribute_quote: :quote is used. GH-92 [Reported by Edouard Brière]

• Fixed links in tutorial. GH-99 [Patch by gemmaro]

Thanks

• Ivo Anjo

• Spencer Goodman

• Andrew Bromwich

• Burdette Lamar

• Alexander Ilyin

• Edouard Brière

• fatkodima

• pulver

• gemmaro

3.2.5 - 2021-04-05 #version-3-2-5

Improvements

• Add more validations to XPath parser.

• require "rexml/document" by default. [GitHub#36][Patch by Koichi ITO]

• Don't add #dclone method to core classes globally. [GitHub#37][Patch by Akira Matsuda]

• Add more documentations. [Patch by Burdette Lamar]

• Added REXML::Elements#parent. [GitHub#52][Patch by Burdette Lamar]

Fixes

• Fixed a bug that REXML::DocType#clone doesn't copy external ID information.

• Fixed round-trip vulnerability bugs. See also: https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ [HackerOne#1104077][CVE-2021-28965][Reported by Juho Nurminen]

Thanks

• Koichi ITO

• Akira Matsuda

• Burdette Lamar

• Juho Nurminen

3.2.4 - 2020-01-31 #version-3-2-4

Improvements

• Don't use taint with Ruby 2.7 or later. [GitHub#21][Patch by Jeremy Evans]

Fixes

• Fixed a elsif typo. [GitHub#22][Patch by Nobuyoshi Nakada]

Thanks

• Jeremy Evans

• Nobuyoshi Nakada

3.2.3 - 2019-10-12 #version-3-2-3

Fixes

• Fixed a bug that REXML::XMLDecl#close doesn't copy @writethis. [GitHub#20][Patch by hirura]

Thanks

• hirura

3.2.2 - 2019-06-03 #version-3-2-2

Fixes

• xpath: Fixed a bug for equality and relational expressions. [GitHub#17][Reported by Mirko Budszuhn]

• xpath: Fixed boolean() implementation.

• xpath: Fixed local_name() with nonexistent node.

• xpath: Fixed number() implementation with node set. [GitHub#18][Reported by Mirko Budszuhn]

Thanks

• Mirko Budszuhn

3.2.1 - 2019-05-04 #version-3-2-1

Improvements

• Improved error message. [GitHub#12][Patch by FUJI Goro]

• Improved error message. [GitHub#16][Patch by ujihisa]

• Improved documentation markup. [GitHub#14][Patch by Alyssa Ross]

Fixes

• Fixed a bug that nil variable value raises an unexpected exception. [GitHub#13][Patch by Alyssa Ross]

Thanks

• FUJI Goro

• Alyssa Ross

• ujihisa

3.2.0 - 2019-01-01 #version-3-2-0

Fixes

• Fixed a bug that no namespace attribute isn't matched with prefix.

  [ruby-list:50731][Reported by Yasuhiro KIMURA]

• Fixed a bug that the default namespace is applied to attribute names.

  NOTE: It's a backward incompatible change. If your program has any problem with this change, please report it. We may revert this fix.

  • REXML::Attribute#prefix returns "" for no namespace attribute.
  • REXML::Attribute#namespace returns "" for no namespace attribute.

Thanks

• Yasuhiro KIMURA

3.1.9 - 2018-12-20 #version-3-1-9

Improvements

• Improved backward compatibility.

  Restored REXML::Parsers::BaseParser::UNQME_STR because it's used by kramdown.

3.1.8 - 2018-12-20 #version-3-1-8

Improvements

• Added support for customizing quote character in prologue. [GitHub#8][Bug #9367][Reported by Takashi Oguma]

  • You can use " as quote character by specifying :quote to REXML::Document#context[:prologue_quote].
  • You can use ' as quote character by specifying :apostrophe to REXML::Document#context[:prologue_quote].

• Added processing instruction target check. The target must not nil. [GitHub#7][Reported by Ariel Zelivansky]

• Added name check for element and attribute. [GitHub#7][Reported by Ariel Zelivansky]

• Stopped to use Exception. [GitHub#9][Patch by Jean Boussier]

Fixes

• Fixed a bug that REXML::Text#clone escapes value twice. [ruby-dev:50626][Bug #15058][Reported by Ryosuke Nanba]

Thanks

• Takashi Oguma

• Ariel Zelivansky

• Jean Boussier

• Ryosuke Nanba