News¶ ↑

3.3.9 - 2024-10-24 {#version-3-3-9}¶ ↑

Improvements¶ ↑

• Improved performance.

  • GH-210

  • Patch by NAITOH Jun.

Fixes¶ ↑

• Fixed a parse bug for text only invalid XML.

  • GH-215

  • Patch by NAITOH Jun.

  • GH-215

  • Patch by NAITOH Jun.

• Fixed a parse bug that &#0x...; is accepted as a character reference.

Thanks¶ ↑

• NAITOH Jun

3.3.8 - 2024-09-29 {#version-3-3-8}¶ ↑

Improvements¶ ↑

• SAX2: Improve parse performance.

  • GH-207

  • Patch by NAITOH Jun.

Fixes¶ ↑

• Fixed a bug that unexpected attribute namespace conflict error for the predefined "xml" namespace is reported.

  • GH-208

  • Patch by KITAITI Makoto

Thanks¶ ↑

• NAITOH Jun

• KITAITI Makoto

3.3.7 - 2024-09-04 {#version-3-3-7}¶ ↑

Improvements¶ ↑

• Added local entity expansion limit methods

  • GH-192

  • GH-202

  • Reported by takuya kodama.

  • Patch by NAITOH Jun.

  • GH-192

  • GH-202

  • Reported by takuya kodama.

  • Patch by NAITOH Jun.

• Removed explicit strscan dependency

  • GH-204

  • Patch by Bo Anderson.

Thanks¶ ↑

• takuya kodama

• NAITOH Jun

• Bo Anderson

3.3.6 - 2024-08-22 {#version-3-3-6}¶ ↑

Improvements¶ ↑

• Removed duplicated entity expansions for performance.

  • GH-194

  • Patch by Viktor Ivarsson.

  • GH-194

  • Patch by Viktor Ivarsson.

• Improved namespace conflicted attribute check performance. It was too slow for deep elements.

  • Reported by l33thaxor.

Fixes¶ ↑

• Fixed a bug that default entity expansions are counted for security check. Default entity expansions should not be counted because they don't have a security risk.

  • GH-198

  • GH-199

  • Patch Viktor Ivarsson

  • GH-198

  • GH-199

  • Patch Viktor Ivarsson

• Fixed a parser bug that parameter entity references in internal subsets are expanded. It's not allowed in the XML specification.

  • GH-191

  • Patch by NAITOH Jun.

• Fixed a stream parser bug that user-defined entity references in text aren't expanded.

  • GH-200

  • Patch by NAITOH Jun.

Thanks¶ ↑

• Viktor Ivarsson

• NAITOH Jun

• l33thaxor

3.3.5 - 2024-08-12 {#version-3-3-5}¶ ↑

Fixes¶ ↑

• Fixed a bug that REXML::Security.entity_expansion_text_limit check has wrong text size calculation in SAX and pull parsers.

  • GH-193

  • GH-195

  • Reported by Viktor Ivarsson.

  • Patch by NAITOH Jun.

Thanks¶ ↑

• Viktor Ivarsson

• NAITOH Jun

3.3.4 - 2024-08-01 {#version-3-3-4}¶ ↑

Fixes¶ ↑

• Fixed a bug that REXML::Security isn't defined when REXML::Parsers::StreamParser is used and rexml/parsers/streamparser is only required.

  • GH-189

  • Patch by takuya kodama.

Thanks¶ ↑

• takuya kodama

3.3.3 - 2024-08-01 {#version-3-3-3}¶ ↑

Improvements¶ ↑

• Added support for detecting invalid XML that has unsupported content before root element

  • GH-184

  • Patch by NAITOH Jun.

  • GH-184

  • Patch by NAITOH Jun.

• Added support for REXML::Security.entity_expansion_limit= and REXML::Security.entity_expansion_text_limit= in SAX2 and pull parsers

  • GH-187

  • Patch by NAITOH Jun.

• Added more tests for invalid XMLs.

  • GH-183

  • Patch by Watson.

• Added more performance tests.

  • Patch by Watson.

• Improved parse performance.

  • GH-186

  • Patch by tomoya ishida.

Thanks¶ ↑

• NAITOH Jun

• Watson

• tomoya ishida

3.3.2 - 2024-07-16 {#version-3-3-2}¶ ↑

Improvements¶ ↑

• Improved parse performance.

  • GH-160

  • Patch by NAITOH Jun.

  • GH-160

  • Patch by NAITOH Jun.

• Improved parse performance.

  • GH-169

  • GH-170

  • GH-171

  • GH-172

  • GH-173

  • GH-174

  • GH-175

  • GH-176

  • GH-177

  • Patch by Watson.

• Added support for raising a parse exception when an XML has extra content after the root element.

  • GH-161

  • Patch by NAITOH Jun.

• Added support for raising a parse exception when an XML declaration exists in wrong position.

  • GH-162

  • Patch by NAITOH Jun.

• Removed needless a space after XML declaration in pretty print mode.

  • GH-164

  • Patch by NAITOH Jun.

• Stopped to emit :text event after the root element.

  • GH-167

  • Patch by NAITOH Jun.

Fixes¶ ↑

• Fixed a bug that SAX2 parser doesn't expand predefined entities for characters callback.

  • GH-168

  • Patch by NAITOH Jun.

Thanks¶ ↑

• NAITOH Jun

• Watson

3.3.1 - 2024-06-25 {#version-3-3-1}¶ ↑

Improvements¶ ↑

• Added support for detecting malformed top-level comments.

  • GH-145

  • Patch by Hiroya Fujinami.

  • GH-145

  • Patch by Hiroya Fujinami.

• Improved REXML::Element#attribute performance.

  • GH-146

  • Patch by Hiroya Fujinami.

• Added support for detecting malformed <!--> comments.

  • GH-147

  • Patch by Hiroya Fujinami.

• Added support for detecting unclosed DOCTYPE.

  • GH-152

  • Patch by Hiroya Fujinami.

• Added changlog_uri metadata to gemspec.

  • GH-156

  • Patch by fynsta.

• Improved parse performance.

  • GH-157

  • GH-158

  • Patch by NAITOH Jun.

Fixes¶ ↑

• Fixed a bug that large XML can't be parsed.

  • GH-154

  • Patch by NAITOH Jun.

  • GH-154

  • Patch by NAITOH Jun.

• Fixed a bug that private constants are visible.

  • GH-155

  • Patch by NAITOH Jun.

Thanks¶ ↑

• Hiroya Fujinami

• NAITOH Jun

• fynsta

3.3.0 - 2024-06-11 {#version-3-3-0}¶ ↑

Improvements¶ ↑

• Added support for strscan 0.7.0 installed with Ruby 2.6.

  • GH-142

  • Reported by Fernando Trigoso.

Thanks¶ ↑

• Fernando Trigoso

3.2.9 - 2024-06-09 {#version-3-2-9}¶ ↑

Improvements¶ ↑

• Added support for old strscan.

  • GH-132

  • Reported by Adam.

  • GH-132

  • Reported by Adam.

• Improved attribute value parse performance.

  • GH-135

  • Patch by NAITOH Jun.

• Improved REXML::Node#each_recursive performance.

  • GH-134

  • GH-139

  • Patch by Hiroya Fujinami.

• Improved text parse performance.

  • Reported by mprogrammer.

Thanks¶ ↑

• Adam

• NAITOH Jun

• Hiroya Fujinami

• mprogrammer

3.2.8 - 2024-05-16 {#version-3-2-8}¶ ↑

Fixes¶ ↑

• Suppressed a warning

3.2.7 - 2024-05-16 {#version-3-2-7}¶ ↑

Improvements¶ ↑

• Improve parse performance by using StringScanner.

  • GH-106

  • GH-107

  • GH-108

  • GH-109

  • GH-112

  • GH-113

  • GH-114

  • GH-115

  • GH-116

  • GH-117

  • GH-118

  • GH-119

  • GH-121

  • Patch by NAITOH Jun.

• Improved parse performance when an attribute has many <s.

  • GH-126

Fixes¶ ↑

• XPath: Fixed a bug of normalize_space(array).

  • GH-110

  • GH-111

  • Patch by flatisland.

• XPath: Fixed a bug that wrong position is used with nested path.

  • GH-110

  • GH-122

  • Reported by jcavalieri.

  • Patch by NAITOH Jun.

• Fixed a bug that an exception message can't be generated for invalid encoding XML.

  • GH-29

  • GH-123

  • Reported by DuKewu.

  • Patch by NAITOH Jun.

Thanks¶ ↑

• NAITOH Jun

• flatisland

• jcavalieri

• DuKewu

3.2.6 - 2023-07-27 {#version-3-2-6}¶ ↑

Improvements¶ ↑

• Required Ruby 2.5 or later explicitly. GH-69 [Patch by Ivo Anjo]

• Added documentation for maintenance cycle. GH-71 [Patch by Ivo Anjo]

• Added tutorial. GH-77 [GH-78] [Patch by Burdette Lamar]

• Improved performance and memory usage. GH-94 [Patch by fatkodima]

• REXML::Parsers::XPathParser#abbreviate: Added support for function arguments. GH-95 [Reported by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added support for string literal that contains double-quote. GH-96 [Patch by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added missing / to :descendant_or_self/:self/:parent. GH-97 [Reported by pulver]

• REXML::Parsers::XPathParser#abbreviate: Added support for more patterns. GH-97 [Reported by pulver]

Fixes¶ ↑

• Fixed a typo in NEWS. GH-72 [Patch by Spencer Goodman]

• Fixed a typo in NEWS. GH-75 [Patch by Andrew Bromwich]

• Fixed documents. GH-87 [Patch by Alexander Ilyin]

• Fixed a bug that Attriute convert ' and ' even when attribute_quote: :quote is used. GH-92 [Reported by Edouard Brière]

• Fixed links in tutorial. GH-99 [Patch by gemmaro]

Thanks¶ ↑

• Ivo Anjo

• Spencer Goodman

• Andrew Bromwich

• Burdette Lamar

• Alexander Ilyin

• Edouard Brière

• fatkodima

• pulver

• gemmaro

3.2.5 - 2021-04-05 {#version-3-2-5}¶ ↑

Improvements¶ ↑

• Add more validations to XPath parser.

• require "rexml/document" by default. [GitHub#36][Patch by Koichi ITO]

• Don't add #dclone method to core classes globally. [GitHub#37][Patch by Akira Matsuda]

• Add more documentations. [Patch by Burdette Lamar]

• Added REXML::Elements#parent. [GitHub#52][Patch by Burdette Lamar]

Fixes¶ ↑

• Fixed a bug that REXML::DocType#clone doesn't copy external ID information.

• Fixed round-trip vulnerability bugs. See also: www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/ [HackerOne#1104077][Reported by Juho Nurminen]

Thanks¶ ↑

• Koichi ITO

• Akira Matsuda

• Burdette Lamar

• Juho Nurminen

3.2.4 - 2020-01-31 {#version-3-2-4}¶ ↑

Improvements¶ ↑

• Don’t use taint with Ruby 2.7 or later. [GitHub#21][Patch by Jeremy Evans]

Fixes¶ ↑

• Fixed a elsif typo. [GitHub#22][Patch by Nobuyoshi Nakada]

Thanks¶ ↑

• Jeremy Evans

• Nobuyoshi Nakada

3.2.3 - 2019-10-12 {#version-3-2-3}¶ ↑

Fixes¶ ↑

• Fixed a bug that REXML::XMLDecl#close doesn't copy @writethis. [GitHub#20][Patch by hirura]

Thanks¶ ↑

• hirura

3.2.2 - 2019-06-03 {#version-3-2-2}¶ ↑

Fixes¶ ↑

• xpath: Fixed a bug for equality and relational expressions. [GitHub#17][Reported by Mirko Budszuhn]

• xpath: Fixed boolean() implementation.

• xpath: Fixed local_name() with nonexistent node.

• xpath: Fixed number() implementation with node set. [GitHub#18][Reported by Mirko Budszuhn]

Thanks¶ ↑

• Mirko Budszuhn

3.2.1 - 2019-05-04 {#version-3-2-1}¶ ↑

Improvements¶ ↑

• Improved error message. [GitHub#12][Patch by FUJI Goro]

• Improved error message. [GitHub#16][Patch by ujihisa]

• Improved documentation markup. [GitHub#14][Patch by Alyssa Ross]

Fixes¶ ↑

• Fixed a bug that nil variable value raises an unexpected exception. [GitHub#13][Patch by Alyssa Ross]

Thanks¶ ↑

• FUJI Goro

• Alyssa Ross

• ujihisa

3.2.0 - 2019-01-01 {#version-3-2-0}¶ ↑

Fixes¶ ↑

• Fixed a bug that no namespace attribute isn't matched with prefix.

  [ruby-list:50731][Reported by Yasuhiro KIMURA]

• Fixed a bug that the default namespace is applied to attribute names.

  NOTE: It's a backward incompatible change. If your program has any problem with this change, please report it. We may revert this fix.

  • REXML::Attribute#prefix returns "" for no namespace attribute.

  • REXML::Attribute#namespace returns "" for no namespace attribute.

Thanks¶ ↑

• Yasuhiro KIMURA

3.1.9 - 2018-12-20 {#version-3-1-9}¶ ↑

Improvements¶ ↑

• Improved backward compatibility.

  Restored REXML::Parsers::BaseParser::UNQME_STR because it's used by kramdown.

3.1.8 - 2018-12-20 {#version-3-1-8}¶ ↑

Improvements¶ ↑

• Added support for customizing quote character in prologue. [GitHub#8][Bug #9367][Reported by Takashi Oguma]

  • You can use " as quote character by specifying :quote to REXML::Document#context[:prologue_quote].

  • You can use ' as quote character by specifying :apostrophe to REXML::Document#context[:prologue_quote].

• Added processing instruction target check. The target must not nil. [GitHub#7][Reported by Ariel Zelivansky]

• Added name check for element and attribute. [GitHub#7][Reported by Ariel Zelivansky]

• Stopped to use Exception. [GitHub#9][Patch by Jean Boussier]

Fixes¶ ↑

• Fixed a bug that REXML::Text#clone escapes value twice. [ruby-dev:50626][Bug #15058][Reported by Ryosuke Nanba]

Thanks¶ ↑

• Takashi Oguma

• Ariel Zelivansky

• Jean Boussier

• Ryosuke Nanba