diff options
| author | Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> | 2022-03-24 17:16:13 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-24 17:16:13 +0000 |
| commit | 8810c93e828a9ed1dcb008d08be8aa9fcb4d28c3 (patch) | |
| tree | 37b629af1cc68d95c94b3ed68e34ac8682d131f1 | |
| parent | Changelog: sso -> Single Sign-On (diff) | |
| download | synapse-8810c93e828a9ed1dcb008d08be8aa9fcb4d28c3.tar.xz | |
Replace instances of deprecated `Jinja2.Markup` with `markupsafe.Markup` (#12289)
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| -rw-r--r-- | changelog.d/12289.misc | 1 | ||||
| -rw-r--r-- | synapse/push/mailer.py | 9 | ||||
| -rw-r--r-- | synapse/python_dependencies.py | 1 |
3 files changed, 7 insertions, 4 deletions
diff --git a/changelog.d/12289.misc b/changelog.d/12289.misc new file mode 100644 index 0000000000..f80ccf3284 --- /dev/null +++ b/changelog.d/12289.misc @@ -0,0 +1 @@ +Remove uses of the long-deprecated `Jinja2.Markup` which would prevent Synapse from starting with Jinja2 3.1.0 or above installed. This does not affect deployments of Synapse using our Docker images or Debian packages. \ No newline at end of file diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py index 649a4f49d0..5ccdd88364 100644 --- a/synapse/push/mailer.py +++ b/synapse/push/mailer.py @@ -18,6 +18,7 @@ from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, TypeVar import bleach import jinja2 +from markupsafe import Markup from synapse.api.constants import EventTypes, Membership, RoomTypes from synapse.api.errors import StoreError @@ -867,7 +868,7 @@ class Mailer: ) -def safe_markup(raw_html: str) -> jinja2.Markup: +def safe_markup(raw_html: str) -> Markup: """ Sanitise a raw HTML string to a set of allowed tags and attributes, and linkify any bare URLs. @@ -877,7 +878,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify( bleach.clean( raw_html, @@ -891,7 +892,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: ) -def safe_text(raw_text: str) -> jinja2.Markup: +def safe_text(raw_text: str) -> Markup: """ Sanitise text (escape any HTML tags), and then linkify any bare URLs. @@ -901,7 +902,7 @@ def safe_text(raw_text: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify(bleach.clean(raw_text, tags=[], attributes=[], strip=False)) ) diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index 1dd39f06cf..232f9a9595 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -75,6 +75,7 @@ REQUIREMENTS = [ "attrs>=19.2.0,!=21.1.0", "netaddr>=0.7.18", "Jinja2>=2.9", + "MarkupSafe>=2.0", "bleach>=1.4.3", # We use `ParamSpec`, which was added in `typing-extensions` 3.10.0.0. "typing-extensions>=3.10.0", |