msabramo/pypi_markdown-readme-1.patch

## pypi_markdown-readme-1.patch
exporting patches:
# HG changeset patch
# User Marc Abramowitz <marc@marc-abramowitz.com>
# Date 1418102744 28800
# Branch markdown-readme-1
# Node ID 1b4f37c1b9f6839c4c835cbe1a38f2017fa014ec
# Parent  58c3f40321becbbcb3ac2b28cd4995931bf2a332
Add tests for markdown rendering

diff --git a/tests/test_description_utils_markdown.py b/tests/test_description_utils_markdown.py
new file mode 100755
--- /dev/null
+++ b/tests/test_description_utils_markdown.py
@@ -0,0 +1,97 @@
+import textwrap
+
+from description_utils import processDescription
+
+
+def test_markdown_001():
+    markdown_markup = 'Hello'
+    out = processDescription(markdown_markup, format='markdown')
+    assert out == '<p>Hello</p>'
+
+
+def test_markdown_002():
+    markdown_markup = textwrap.dedent("""\
+        # Required packages
+        To run the PyPI software, you need Python 2.5+ and PostgreSQL
+        # Quick development setup
+        Make sure you ...""")
+    expected_html = textwrap.dedent("""\
+        <h1>Required packages</h1>
+        <p>To run the PyPI software, you need Python 2.5+ and PostgreSQL</p>
+        <h1>Quick development setup</h1>
+        <p>Make sure you ...</p>""")
+    out = processDescription(markdown_markup, format='markdown')
+    assert out == expected_html
+
+
+def test_markdown_003():
+    markdown_markup = """\
+        Then, you can create a *development environment* like this,
+        if you have **virtualenv** installed:
+
+            $ virtualenv --no-site-packages .
+            $ pip install -r requirements.txt
+
+        Then you can launch the server using the `pypi.wsgi` script:
+
+            $ python pypi.wsgi
+            Serving on port 8000...
+
+        PyPI will be available in your browser at http://localhost:8000
+    """.strip()
+    expected_html = '\n'.join([
+        '<p>Then, you can create a <em>development environment</em> '
+        'like this,',
+        'if you have <strong>virtualenv</strong> installed:</p>',
+        '<pre><code>$ virtualenv --no-site-packages .',
+        '$ pip install -r requirements.txt',
+        '</code></pre>',
+        '<p>Then you can launch the server using the '
+        '<code>pypi.wsgi</code> script:</p>',
+        '<pre><code>$ python pypi.wsgi',
+        'Serving on port 8000...',
+        '</code></pre>',
+        '<p>PyPI will be available in your browser at '
+        'http://localhost:8000</p>'])
+    out = processDescription(markdown_markup, format='markdown')
+    assert out == expected_html
+
+
+def test_markdown_004():
+    markdown_markup = 'http://mymalicioussite.com/'
+    out = processDescription(markdown_markup, format='markdown')
+    expected_html = '<p>http://mymalicioussite.com/</p>'
+    assert out == expected_html
+
+
+def test_markdown_005():
+    markdown_markup = '<a href="http://mymalicioussite.com/">Click here</a>'
+    out = processDescription(markdown_markup, format='markdown')
+    expected_html = ''.join([
+        '<p><a href="http://mymalicioussite.com/">',
+        'Click here</a></p>'])
+    assert out == expected_html
+
+
+def test_markdown_006():
+    markdown_markup = """\
+        <iframe src="http://mymalicioussite.com/">Click here</iframe>
+    """.strip()
+    out = processDescription(markdown_markup, format='markdown')
+    expected_html = ''.join([
+        '&lt;iframe src="http://mymalicioussite.com/"&gt;'
+        'Click here&lt;/iframe&gt;'])
+    assert out == expected_html
+
+
+def test_markdown_007():
+    markdown_markup = """\
+        <script>
+            alert("Hello");
+        </script>""".strip()
+    out = processDescription(markdown_markup, format='markdown')
+    expected_html = textwrap.dedent("""\
+        &lt;script&gt;
+            alert("Hello");
+        &lt;/script&gt;""")
+    assert out == expected_html
# HG changeset patch
# User Marc Abramowitz <marc@marc-abramowitz.com>
# Date 1418102831 28800
# Branch markdown-readme-1
# Node ID 84fb681787cff58c7c5fff79fa901ee48f6a2b0a
# Parent  1b4f37c1b9f6839c4c835cbe1a38f2017fa014ec
requirements.txt: bleach=1.4 => bleach==1.4

diff --git a/requirements.txt b/requirements.txt
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,7 @@
 Distutils2==1.0a4
 M2Crypto  # Unversioned because it might be satisfied by the OS
 Pygments==1.6
-bleach=1.4
+bleach==1.4
 defusedxml==0.4.1
 docutils==0.11
 itsdangerous==0.23
# HG changeset patch
# User Marc Abramowitz <marc@marc-abramowitz.com>
# Date 1418102907 28800
# Branch markdown-readme-1
# Node ID 7e42e08876b08a8cbfea282c52fab94b4a224cb9
# Parent  84fb681787cff58c7c5fff79fa901ee48f6a2b0a
markdown.html => markdown.markdown

diff --git a/description_utils.py b/description_utils.py
--- a/description_utils.py
+++ b/description_utils.py
@@ -131,7 +131,7 @@
     try:
         if format == "markdown":
             # sanitize html per https://pythonhosted.org/Markdown/release-2.5.html
-            return bleach.clean(markdown.html(source))
+            return bleach.clean(markdown.markdown(source))

         # Convert reStructuredText to HTML using Docutils.
         document = publish_doctree(source=source,
# HG changeset patch
# User Marc Abramowitz <marc@marc-abramowitz.com>
# Date 1418102961 28800
# Branch markdown-readme-1
# Node ID 76011665d72a8469f61ef17092d69c3a16c3d5d4
# Parent  7e42e08876b08a8cbfea282c52fab94b4a224cb9
Make bleach.clean allow some HTML tags

diff --git a/description_utils.py b/description_utils.py
--- a/description_utils.py
+++ b/description_utils.py
@@ -15,6 +15,23 @@
 from docutils.transforms import TransformError, Transform


+ALLOWED_TAGS = (
+    'a',
+    'code',
+    'div',
+    'em',
+    'h1',
+    'h2',
+    'h3',
+    'h4',
+    'h5',
+    'hr',
+    'p',
+    'pre',
+    'strong',
+)
+
+
 # BEGIN PYGMENTS SUPPORT BLOCK
 # <RJ> the following is included from pygments' external / rst-directive.py
 # because the docutils version on both testpypi and pypi prod does not include
@@ -131,7 +148,9 @@
     try:
         if format == "markdown":
             # sanitize html per https://pythonhosted.org/Markdown/release-2.5.html
-            return bleach.clean(markdown.markdown(source))
+            return bleach.clean(
+                markdown.markdown(source),
+                tags=ALLOWED_TAGS)

         # Convert reStructuredText to HTML using Docutils.
         document = publish_doctree(source=source,
	exporting patches:
	# HG changeset patch
	# User Marc Abramowitz <marc@marc-abramowitz.com>
	# Date 1418102744 28800
	# Branch markdown-readme-1
	# Node ID 1b4f37c1b9f6839c4c835cbe1a38f2017fa014ec
	# Parent 58c3f40321becbbcb3ac2b28cd4995931bf2a332
	Add tests for markdown rendering

	diff --git a/tests/test_description_utils_markdown.py b/tests/test_description_utils_markdown.py
	new file mode 100755
	--- /dev/null
	+++ b/tests/test_description_utils_markdown.py
	@@ -0,0 +1,97 @@
	+import textwrap
	+
	+from description_utils import processDescription
	+
	+
	+def test_markdown_001():
	+ markdown_markup = 'Hello'
	+ out = processDescription(markdown_markup, format='markdown')
	+ assert out == '<p>Hello</p>'
	+
	+
	+def test_markdown_002():
	+ markdown_markup = textwrap.dedent("""\
	+ # Required packages
	+ To run the PyPI software, you need Python 2.5+ and PostgreSQL
	+ # Quick development setup
	+ Make sure you ...""")
	+ expected_html = textwrap.dedent("""\
	+ <h1>Required packages</h1>
	+ <p>To run the PyPI software, you need Python 2.5+ and PostgreSQL</p>
	+ <h1>Quick development setup</h1>
	+ <p>Make sure you ...</p>""")
	+ out = processDescription(markdown_markup, format='markdown')
	+ assert out == expected_html
	+
	+
	+def test_markdown_003():
	+ markdown_markup = """\
	+ Then, you can create a development environment like this,
	+ if you have virtualenv installed:
	+
	+ $ virtualenv --no-site-packages .
	+ $ pip install -r requirements.txt
	+
	+ Then you can launch the server using the `pypi.wsgi` script:
	+
	+ $ python pypi.wsgi
	+ Serving on port 8000...
	+
	+ PyPI will be available in your browser at http://localhost:8000
	+ """.strip()
	+ expected_html = '\n'.join([
	+ '<p>Then, you can create a <em>development environment</em> '
	+ 'like this,',
	+ 'if you have <strong>virtualenv</strong> installed:</p>',
	+ '<pre><code>$ virtualenv --no-site-packages .',
	+ '$ pip install -r requirements.txt',
	+ '</code></pre>',
	+ '<p>Then you can launch the server using the '
	+ '<code>pypi.wsgi</code> script:</p>',
	+ '<pre><code>$ python pypi.wsgi',
	+ 'Serving on port 8000...',
	+ '</code></pre>',
	+ '<p>PyPI will be available in your browser at '
	+ 'http://localhost:8000</p>'])
	+ out = processDescription(markdown_markup, format='markdown')
	+ assert out == expected_html
	+
	+
	+def test_markdown_004():
	+ markdown_markup = 'http://mymalicioussite.com/'
	+ out = processDescription(markdown_markup, format='markdown')
	+ expected_html = '<p>http://mymalicioussite.com/</p>'
	+ assert out == expected_html
	+
	+
	+def test_markdown_005():
	+ markdown_markup = '<a href="http://mymalicioussite.com/">Click here</a>'
	+ out = processDescription(markdown_markup, format='markdown')
	+ expected_html = ''.join([
	+ '<p><a href="http://mymalicioussite.com/">',
	+ 'Click here</a></p>'])
	+ assert out == expected_html
	+
	+
	+def test_markdown_006():
	+ markdown_markup = """\
	+ <iframe src="http://mymalicioussite.com/">Click here</iframe>
	+ """.strip()
	+ out = processDescription(markdown_markup, format='markdown')
	+ expected_html = ''.join([
	+ '<iframe src="http://mymalicioussite.com/">'
	+ 'Click here</iframe>'])
	+ assert out == expected_html
	+
	+
	+def test_markdown_007():
	+ markdown_markup = """\
	+ <script>
	+ alert("Hello");
	+ </script>""".strip()
	+ out = processDescription(markdown_markup, format='markdown')
	+ expected_html = textwrap.dedent("""\
	+ <script>
	+ alert("Hello");
	+ </script>""")
	+ assert out == expected_html
	# HG changeset patch
	# User Marc Abramowitz <marc@marc-abramowitz.com>
	# Date 1418102831 28800
	# Branch markdown-readme-1
	# Node ID 84fb681787cff58c7c5fff79fa901ee48f6a2b0a
	# Parent 1b4f37c1b9f6839c4c835cbe1a38f2017fa014ec
	requirements.txt: bleach=1.4 => bleach==1.4

	diff --git a/requirements.txt b/requirements.txt
	--- a/requirements.txt
	+++ b/requirements.txt
	@@ -1,7 +1,7 @@
	Distutils2==1.0a4
	M2Crypto # Unversioned because it might be satisfied by the OS
	Pygments==1.6
	-bleach=1.4
	+bleach==1.4
	defusedxml==0.4.1
	docutils==0.11
	itsdangerous==0.23
	# HG changeset patch
	# User Marc Abramowitz <marc@marc-abramowitz.com>
	# Date 1418102907 28800
	# Branch markdown-readme-1
	# Node ID 7e42e08876b08a8cbfea282c52fab94b4a224cb9
	# Parent 84fb681787cff58c7c5fff79fa901ee48f6a2b0a
	markdown.html => markdown.markdown

	diff --git a/description_utils.py b/description_utils.py
	--- a/description_utils.py
	+++ b/description_utils.py
	@@ -131,7 +131,7 @@
	try:
	if format == "markdown":
	# sanitize html per https://pythonhosted.org/Markdown/release-2.5.html
	- return bleach.clean(markdown.html(source))
	+ return bleach.clean(markdown.markdown(source))

	# Convert reStructuredText to HTML using Docutils.
	document = publish_doctree(source=source,
	# HG changeset patch
	# User Marc Abramowitz <marc@marc-abramowitz.com>
	# Date 1418102961 28800
	# Branch markdown-readme-1
	# Node ID 76011665d72a8469f61ef17092d69c3a16c3d5d4
	# Parent 7e42e08876b08a8cbfea282c52fab94b4a224cb9
	Make bleach.clean allow some HTML tags

	diff --git a/description_utils.py b/description_utils.py
	--- a/description_utils.py
	+++ b/description_utils.py
	@@ -15,6 +15,23 @@
	from docutils.transforms import TransformError, Transform


	+ALLOWED_TAGS = (
	+ 'a',
	+ 'code',
	+ 'div',
	+ 'em',
	+ 'h1',
	+ 'h2',
	+ 'h3',
	+ 'h4',
	+ 'h5',
	+ 'hr',
	+ 'p',
	+ 'pre',
	+ 'strong',
	+)
	+
	+
	# BEGIN PYGMENTS SUPPORT BLOCK
	# <RJ> the following is included from pygments' external / rst-directive.py
	# because the docutils version on both testpypi and pypi prod does not include
	@@ -131,7 +148,9 @@
	try:
	if format == "markdown":
	# sanitize html per https://pythonhosted.org/Markdown/release-2.5.html
	- return bleach.clean(markdown.markdown(source))
	+ return bleach.clean(
	+ markdown.markdown(source),
	+ tags=ALLOWED_TAGS)

	# Convert reStructuredText to HTML using Docutils.
	document = publish_doctree(source=source,