1.5.2

What's Changed

• chore(*) fixing typos by @deining in #30
• chore(readme): fix badges by @Tieske in #36
• chore(ci): add version 2.6.2 of LibExpat to the CI matrix by @Tieske in #37
• fix(threat) tolerate empty namespace URI in namespace declaration by @hanshuebner in #38
• test(lxp): add test for empty namespace by @Tieske in #39
• release 1.5.2 by @hanshuebner in #40

New Contributors

• @deining made their first contribution in #30
• @hanshuebner made their first contribution in #38

Full Changelog: 1.5.1...1.5.2

1.5.1

What's Changed

• chore(test) add BLA test by @Tieske in #27
• chore(lxp) use $(INSTALL_DATA) for *.lua by @robert-scheck in #28
• chore(makefile) honor $RPM_OPT_FLAGS and $RPM_LD_FLAGS by @robert-scheck in #29

New Contributors

• @robert-scheck made their first contribution in #28

Full Changelog: 1.5.0...1.5.1

LuaExpat 1.5.0

• warning: this update requires a minimum libExpat version of 2.4.0. Though at the time of writing a minimum version of 2.4.6 is recommended due to CVE's fixed in the intermediate versions.
• Added option "allowDTD" to the threat protection parser.
• Add configuration for Billion Laughs Attack prevention. This includes adding #include "expat_config.h", since these functions are conditionally included in the exposed API of Expat. This means that LuaExpat will now be compiled using the same options used to compile Expat itself.
• Expose Expat compile time constants (lxp._EXPAT_FEATURES), see Expat documentation.

LuaExpat 1.4.1

• Fix bad buffer size calculation in threat parser

LuaExpat 1.4.0

• Improved Lua version support (5.1 - 5.4)
• Fix memory leak when callbacks reference a parser object
• Expose Expat library version (lxp._EXPAT_VERSION)
• Added lxp.totable module (thanks Tomás Guisasola Gorham)
• Fix integers being returned as floats on Lua 5.3+ (thanks Kim Alvefur)
• Fix XmlDecl callback can also return nil for standalone
• Many documentation updates
• Added triplet namespace setting (returnnstriplet)
• Added EntityDecl handler
• Added AttlistDecl handler
• Added ElementDecl handler
• Added SkippedEntity handler
• Added EndDoctypeDecl handler
• More tests and new test setup; Busted, LuaCheck, Github actions
• Improved finishing, multiple nil-calls no longer throw errors
• Fix lxp.lom to properly handle input as function, table, or file
• Added option for namespace aware parsing to the lxp.lom module
• Repository moved to lunarmodules
• Added threat protection parser (protects against excessivly large inputs), with options for the lxp.lom and lxp.totable to use it.

LuaExpat 1.3.0

• Lua 5.2 support (thanks Tomás Guisasola Gorham)
• support for the XmlDecl handler
• add parser:getcurrentbytecount() (XML_GetCurrentByteCount)
• ability to disable CharacterData merging
• Makefile improvements (thanks Vadim Misbakh-Soloviov)

Note: this is an older release, recreated in the lunarmodules/luaexpat repository

LuaExpat 1.2.0

• support for the StartDoctypeDecl handler
• add parser:stop() to abort parsing inside a callback

Note: this is an older release, recreated in the lunarmodules/luaexpat repository