581a233020
Changelog:
kramdown 2.3.0 released
Although this is a minor version bump there is one breaking change:
Parsing of XML processing instructions was removed because they
are invalid for HTML5 documents.
This change should only affect a negligible amount of existing
kramdown documents since XML processing instructions were never
something a normal user would use.
Additionally, CVE-2020-14001 is addressed to avoid problems when
using the {::options /} extension together with the ‘template’
option. This means updating is highly recommended!
Changes
2 major changes:
New option ‘forbidden_inline_options’ to restrict the
options allowed with the {::options /} extension. This also
addresses the security issue described in CVE-2020-14001.
Parsing of XML processing instructions is not done anymore
for kramdown documents because they are invalid for HTML5
(fixes issue #660 by Samuel Williams)
1 minor change:
Several internal changes with respect to memory usage and
performance (PRs #654, #655, #665 by Ashwin Maroli)
2 bug fixes:
Extend allowed characters in IDs set with headers to all
characters allowed by XML (fixes #658 by Samuel Williams)
Fix thread safety issue by moving global state into an
instance variable (fixes #663 by Samuel Williams)
1 other change:
Documentation fixes and updates (issue #662 by Samuel
Williams, PR #656 by Noah Doersing)
|
||
|---|---|---|
| .. | ||
| ALTERNATIVES | ||
| DESCR | ||
| distinfo | ||
| Makefile | ||
| PLIST | ||