Workflow

Hugo

Latest version: v0.126.1

Safety actively analyzes 630704 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 6 of 47

0.120.0

This is a full dependency refresh and a couple of new cool features:

A new [Padding](https://gohugo.io/functions/images/#padding) image filter, and a new [debug.Timer](https://gohugo.io/functions/debug/timer/) template func. The new `debug.Timer` is useful for finding performance bottle necks in templates:

handlebars
{{ $timer := debug.Timer "slowTemplate" }}
// ...
{{ $timer.Stop }}


If you then run `hugo --logLevel info` you should see timer info logged at the end of the build. You can have as many timers as you want and if you don't stop them, they will be stopped at the end of build.

Hugo now also builds release binaries for Solaris now that a long-living issue in the upstream [ƒsnotify](https://github.com/fsnotify/fsnotify/pull/371) library has been fixed, thanks to nshalman.

Notes

* The `enableEmoji` flag now only works for Markdown content. This is unfortunate, but the old solution has some known issues and it was too hard to make it work properly as a general thing across all formats. See 11598
* `site.DisqusShortname is deprecated` 2eca1b3cc
* `site.GoogleAnalytics` is deprecated a692278bc
* `site.Author` is deprecated d4016dd5c
* `site.Social` is deprecated 4910312ee

Also, we have changed the string type for some of the fields and methods:

- [.Fragments.ToHTML](https://github.com/gohugoio/hugo/commit/1b5f78b6b7335b02b6207a637498c4c8817999d1) now returns `template.HTML`
- `$resource.Data.Integrity` now returns a `string` and not a `template.HTMLAttr`
- `delimit` now returns a `string` and not a `template.HTML` See 10876 11502.
- the URL functions now returns a `string`, see 11536
- The paginator `Pager` now returns a `string`.
- `site.BaseURL` now returns a `string`.

The above should both solve some issues and make the above types more useful and easer to reason about. But if you use the `delimit` function to process HTML and see some unexpected escaping after this release, e.g.:

handlebars
{{ $s := slice "<i>foo</i>" }}
{{ delimit $s "," }}


Then you need to mark the type with `safeHTML`:

handlebars
{{ $s := slice "<i>foo</i>" }}
{{ delimit $s "," | safeHTML }}


Bug fixes

* create/skeletons: Fix menu template acf01bfb7 jmooring 11519
* Fix so hugo get -u updates transitively de4e46603 razonyang
* tpl/tplimpl: Fix dropped error 625162674 alrs
* tpl/collections: Fix and deprecate echoParams 75f56b4ce jmooring 11498

Improvements

* Add Solaris build 7f8ab7468 bep 3500
* Make site.BaseURL and $pager.URL a string b6a756813 bep
* commands/new: Remove format flag from new content cmd 27b22cd87 jmooring 11462
* hugolib: Display correct markup identifier in error message a2488b1c9 jmooring 11538
* livereloadinject: Save some allocations 8f60c0c1e bep
* livereloadinject: Use more robust injection method 9dc608084 DominoPivot
* tpl/urls: Return strings from URL functions a349aafb7 jmooring 11511
* transform/livereloadinject: Add benchmark b8fbd4a57 bep
* Revert "modules: Throttle the "downloading modules …" log entries" 28d844642 bep
* Revert "modules: Adjust the log throttle logic a little" eb5fd3127 bep
* resources/images: Create padding image filter 3ed28e4bf jmooring 11599
* markup/goldmark: Update the CJK extension to allow specifying line break styles db14238ba henry0312
* modules: Adjust the log throttle logic a little 3f64b5a3d bep
* modules: Throttle the "downloading modules …" log entries 66904097e bep
* tpl/collections: Make delimit return a string e54139c85 bep 10876 11502
* Revise the deprecation logging 71fd79a3f bep
* Remove rest of the now unused emoji code c4a530f10 bep 11598
* markdown: Pass emoji codes to yuin/goldmark-emoji 272484f8b jmooring 7332 11587 11598
* watcher/filenotify: Remove redundant duplicated comments c23a0c4a0 alexandear
* tpl/debug: Add average and median to timer output 46bdc0388 bep
* tpl/debug: Add debug.Timer 5160c7efa bep 11580
* Add some convenient integration test helpers fd3817181 bep
* hugolib: Deprecate .Site.DisqusShortname 2eca1b3cc jmooring
* hugolib: Deprecate .Site.GoogleAnalytics a692278bc jmooring
* tpl/tplimpl: Deprecate .Site.Author usage in RSS template d4016dd5c jmooring
* tpl/tplimpl: Deprecate .Site.Social usage with internal templates 4910312ee jmooring
* markup/tableofcontents: Return template.HTML from .Fragments.ToHTML 1b5f78b6b jmooring 11545
* commands: Update message displayed when running CLI from GUI 5993afa4c jmooring 11525
* common/hugo: Add hugo.IsServer and hugo.IsDevelopment d1b445853 jmooring 11510
* all: Format files with gofmt 274852bcf alexandear
* magefile: Update isGoLatest to check for Go 1.21 37a2d5eb4 abdullah-alaadine
* resources/integrity: Return string instead of template.HTMLAttr 4c95389c2 jmooring 11513
* tpl/lang: Formally deprecate lang.NumFmt 46da0b7aa jmooring

Dependency Updates

* build(deps): bump github.com/fsnotify/fsnotify from 1.6.0 to 1.7.0 59bcc098c dependabot[bot]
* build(deps): bump github.com/google/go-cmp from 0.5.9 to 0.6.0 e26ba752d dependabot[bot]
* build(deps): bump github.com/alecthomas/chroma/v2 from 2.9.1 to 2.10.0 bcf07fa63 dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.13.0 to 0.14.0 e2b2092ce dependabot[bot]
* build(deps): bump github.com/tdewolff/minify/v2 from 2.12.9 to 2.20.0 f4df7b88b dependabot[bot]
* build(deps): bump github.com/mattn/go-isatty from 0.0.19 to 0.0.20 3d9bd404e dependabot[bot]
* build(deps): bump golang.org/x/image from 0.12.0 to 0.13.0 5f5e55aa8 dependabot[bot]
* build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 8c61fd254 dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.19.3 to 0.19.5 d3145e4e5 dependabot[bot]
* build(deps): bump github.com/spf13/afero from 1.9.5 to 1.10.0 743a1da3e dependabot[bot]
* build(deps): bump github.com/bep/logg from 0.2.0 to 0.3.0 123901b74 dependabot[bot]
* deps: Update github.com/tdewolff/minify/v2 v2.12.7 => v2.12.9 d5d0f420d jmooring 11533

Documentation

* docs: Regen docshelper 29b6e133a bep
* docs: Regenerate docshelper d3d4ab41a bep
* Update README.md 3af8bded2 bep

0.119.0

This version is built with Go 1.21.1 which contains some relevant security fixes for the `html/template` package, see [Issue 62196](https://github.com/golang/go/issues/62196) and [Issue 62197](https://github.com/golang/go/issues/62197). This is the main reason Hugo 0.119.0 is released sooner rather than later. But this release also comes with a dependency refresh and some useful image processing improvements:

* A new general-purpose [Process](https://gohugo.io/content-management/image-processing/#process) method and filter.
* A new [Opacity](https://gohugo.io/functions/images/#opacity) filter.

`Process` support all of the existing scaling operations, but it can also be used do simple format conversions (e.g. from JPG to PNG). A before/after example:

handlebars
{{ $watermark := resources.Get "logo.jpg" | images.Filter
(images.GaussianBlur 6)
(images.Opacity 0.5)
}}
{{ $watermark = $watermark.Resize (printf "%dx%d png" $watermark.Width $watermark.Height )


There are some issues with the above:

1. The source image does not support transparency, so the transparency pixels will be filled with the configured background colour.
2. The image will be decoded and encoded twice with a potential loss in quality.
3. It's clumsy.

With Hugo 0.119.0 the above can be written as:

handlebars
{{ $watermark := resources.Get "logo.jpg" | images.Filter
(images.GaussianBlur 6)
(images.Opacity 0.5)
(images.Process "png")
}}


Bug fixes

* Fix tests for Go 1.21.1 79a17d9e5 bep 11450
* Fix recently broken benchmark 18ce85462 bep

Improvements

* common: Remove unused constants 6b65b2fae alexandear
* Add images.Process filter 6a246d115 bep 8439
* Add $image.Process ef0e7149d bep 11483
* google_analytics_async.html: Add deprecation warning c32094ace carlmjohnson
* Add images.Opacity filter f9b3c0f48 bep 11471
* Upgrade to Go 1.21.1 1e9b87f76 bep 11474 11414
* create/skeletons: Improve viewport meta tag f9163155d jmooring
* commands/gen: Remove default highlight style 75c0f8828 jmooring 11445
* Adjust baseline benchmarks 69f5bad40 bep
* commands: Print language code after web server address info 525bed991 ilmari-lauhakangas

Dependency Updates

* build(deps): bump golang.org/x/tools from 0.12.0 to 0.13.0 a262fd4dd dependabot[bot]
* build(deps): bump github.com/alecthomas/chroma/v2 from 2.8.0 to 2.9.1 f0d32455d dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.19.2 to 0.19.3 e8bc8e6d0 dependabot[bot]
* build(deps): bump github.com/aws/aws-sdk-go from 1.44.314 to 1.45.14 11fcda971 dependabot[bot]
* build(deps): bump github.com/getkin/kin-openapi from 0.118.0 to 0.120.0 f31375d4c dependabot[bot]
* build(deps): bump golang.org/x/image from 0.11.0 to 0.12.0 6415b599b dependabot[bot]

Documentation

* docs: Even more about images.Process a9d19dbdd bep
* docs: More about images.Process 12d713176 bep
* docs: Regen docshelper 1768684d8 bep
* commands: Update CLI docs with the important -u flag in hugo mod get 275c0acbf bep

0.118.2

What's Changed

* release: Revert to building with Go 1.20 df5d76fed bep 11414

0.118.1

**Note:** There still seem to be an issue on [Vercel](https://github.com/gohugoio/hugo/issues/11414#issuecomment-1700749527).

----

This release only fixes a `GLIBC_xxx not found` issue with the Linux AMD64 binary when running on older Linux versions, which is the situation when building on Netlify/Vercel etc. 7e9092eee bep 11414

There's no functional changes in this release. See [v0.118.0](https://github.com/gohugoio/hugo/releases/tag/v0.118.0).

0.118.0

* Proper [CJK](https://en.wikipedia.org/wiki/CJK_characters) support in Markdown:

toml
[markup.goldmark]
[markup.goldmark.extensions]
[markup.goldmark.extensions.cjk]
Whether to enable CJK support.
enable = false
Whether softline breaks between east asian wide characters should be ignored.
eastAsianLineBreaks = false
Whether a '\' escaped half-space(0x20) should not be rendered.
escapedSpace = false


* A revamped implementation of `hugo new site` and `hugo new theme`. See [details](https://discourse.gohugo.io/t/creating-new-site-and-theme-skeletons-with-v0-118-0-and-later/46018).

Bug fixes

* Fix RegularPagesRecursive for the home page 15d3e48ce bep 11396
* Fix .RawContent for empty content pages (11407) 3a8aad6b1 bep 11406
* common/loggers: Fix typo in option name 65871d5cf alexandear
* Fix it so disable a module does not disable transitive dependency required by others dcf425c84 bep 11376

Improvements

* Delay the creation of cache directories until they're used 94fbab2a8 bep 11390
* deploy: Create AWS session for CloudFront invalidation via Go CDK c3f273b2d mattbnz
* markup/goldmark: Add CJK extension d7dcc76d2 henry0312 10472
* testscripts: Move hugo new tests to where they belong d2ae9e136 bep
* hugolib: Handle dropped error a7b93e656 alrs
* Make sure resources directory isn't created in hugo new theme ebaa733d4 bep 11382
* Go 1.21 Upgrade 24b1be45c bep 11351
* testscripts: Make mod vendor test stable 111f02db2 bep
* create/skeletons: Move theme's site config to top level 9a8c84d60 jmooring 11380
* modules: Make new cache directories read/write cdf0b3b7a jmooring 11369
* deploy: Update InvalidateCloudFront to use Go CDK helper d979831db alexandear
* Avoid escaping HTML chars inside hugo_stats.json bcf7421ea bep 11371
* commands/new: Embed site and theme skeletons b6538532f jmooring 11358
* cache: Hide IsResourceDir from the exported config a2f6400d6 bep
* commands: Handle floats without decimals in hugo config 7d74cd0cc bep 11345
* config: Add a type value for the tags related config entry b1b691241 bep
* Try to make test more stable 641390f8f bep

Dependency Updates

* build(deps): bump google.golang.org/api from 0.134.0 to 0.138.0 9bf76fd7e dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.11.1 to 0.12.0 b2a02c3c5 dependabot[bot]
* build(deps): bump gocloud.dev from 0.33.0 to 0.34.0 6821d6f15 dependabot[bot]
* build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.9 to 2.1.0 93c7ad12e dependabot[bot]
* build(deps): bump github.com/yuin/goldmark from 1.5.5 to 1.5.6 a19d03b0e dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.18.17 to 0.19.2 db7bc4969 dependabot[bot]

Documentation

* docs: Regen docs helper e847a98db bep
* Don't use the OS environment when creating config for docs 45c9bbc6c bep
* dockerfile: Update Docker images 8a08f91d5 michalbiesek
* docshelper: Improve template lookup order descriptions 90944aa26 jmooring

Build Setup

* misc: Change dart-sass labels in workflows and snapcraft 2e4bf89ec jmooring

0.117.0

This is a release on the small side, but. especially the new `Page.RenderShortcodes` method is so useful, especially for bigger sites, that we decided to get it out sooner rather than later. This method renders all the shortcodes in the content, preserving the surrounding markup (e.g. Markdown) as is. See the [Hugo Documentation](https://gohugo.io/variables/page/#rendershortcodes) for more information.

Improvements

* Add Page.RenderShortcodes ade7ec818 bep 7297
* testing: Write test caches to /tmp 16da1ade7 bep 11327
* Add retry in resources.GetRemote for temporary HTTP errors a3d42a277 bep 11312

Dependency Updates

* build(deps): bump golang.org/x/net from 0.13.0 to 0.14.0 0de81c643 dependabot[bot]
* build(deps): bump golang.org/x/image from 0.10.0 to 0.11.0 d4a6c16c1 dependabot[bot]
* deps: Sync go-i18n with upstream 2e6191b2e bep 11336
* build(deps): bump gocloud.dev from 0.24.0 to 0.33.0 2c20fd557 dependabot[bot]
* build(deps): bump golang.org/x/net from 0.11.0 to 0.13.0 243736e75 dependabot[bot]
* build(deps): bump github.com/marekm4/color-extractor from 1.2.0 to 1.2.1 bf891c225 dependabot[bot]
* build(deps): bump github.com/frankban/quicktest from 1.14.5 to 1.14.6 da0df0ada dependabot[bot]
* build(deps): bump golang.org/x/image from 0.9.0 to 0.10.0 0885f8ec2 dependabot[bot]
* build(deps): bump github.com/clbanning/mxj/v2 from 2.5.7 to 2.7.0 61be050a9 dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.9.3 to 0.11.1 65af75fb0 dependabot[bot]
* build(deps): bump go.uber.org/automaxprocs from 1.5.2 to 1.5.3 2d75f74b8 dependabot[bot]
* build(deps): bump github.com/hairyhenderson/go-codeowners 2ac3d6160 dependabot[bot]
* build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.8 to 2.0.9 9dce45c25 dependabot[bot]

Documentation

* Update GitHub issue template 8fa8ce3e4 jmooring
* Add all config to docshelper.json 851bf3515 bep 11328

Page 6 of 47

Links

Releases

Has known vulnerabilities

Previous Next

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.