Python-comrak

Latest version: v0.9.0

Safety actively analyzes 681812 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 1 of 9

0.21.0

* Add a multiline blockquote extension by digitalmoksha in https://github.com/kivikakk/comrak/pull/359

0.20.0

* build(deps): bump rustix from 0.36.11 to 0.36.16 in /fuzz by dependabot in https://github.com/kivikakk/comrak/pull/346
* Use Nix for CI. by charlottia in https://github.com/kivikakk/comrak/pull/338
* Allow for Syntect to simply generate CSS classes by gjtorikian in https://github.com/kivikakk/comrak/pull/347

0.19.0

* Simplify anchorize() by kornelski in https://github.com/kivikakk/comrak/pull/297
* Use footnote name for reference id by digitalmoksha in https://github.com/kivikakk/comrak/pull/300
* Escape footnote name by digitalmoksha in https://github.com/kivikakk/comrak/pull/308
* Add in-doc labels for public facing features by CosmicHorrorDev in https://github.com/kivikakk/comrak/pull/304
* build(deps): bump xml-rs from 0.8.4 to 0.8.14 by dependabot in https://github.com/kivikakk/comrak/pull/312
* Handle footnote names that have been parsed into multiple nodes by digitalmoksha in https://github.com/kivikakk/comrak/pull/311
* Sync with cmark-gfm-0.29.0.gfm.3 by digitalmoksha in https://github.com/kivikakk/comrak/pull/313
* Sync with cmark-gfm-0.29.0.gfm.4 by digitalmoksha in https://github.com/kivikakk/comrak/pull/314
* Sync with cmark-gfm-0.29.0.gfm.5 by digitalmoksha in https://github.com/kivikakk/comrak/pull/315
* Fix backslash in a link issue by vpetrigo in https://github.com/kivikakk/comrak/pull/317
* Sync with cmark-gfm-0.29.0.gfm.7 by digitalmoksha in https://github.com/kivikakk/comrak/pull/318
* Rename `ComrakFoo` types to just `Foo` for easier usage by tgross35 in https://github.com/kivikakk/comrak/pull/320
* Make `ComrakExtensionOptions` non-exhaustive by CosmicHorrorDev in https://github.com/kivikakk/comrak/pull/305
* Add builder derive and non_exhaustive for option structs by YJDoc2 in https://github.com/kivikakk/comrak/pull/292
* add PartialEq and Eq derive for Ast and its components by YJDoc2 in https://github.com/kivikakk/comrak/pull/322
* Sync with cmark-gfm-0.29.0.gfm.11 by digitalmoksha in https://github.com/kivikakk/comrak/pull/319
* Fix autolink detection inside wiki style link brackets by digitalmoksha in https://github.com/kivikakk/comrak/pull/325
* Add CI for running benchmarks by YJDoc2 in https://github.com/kivikakk/comrak/pull/326
* Make adapters Send + Sync by lucperkins in https://github.com/kivikakk/comrak/pull/337
* docs: fix-up broken docs.rs link by silverjam in https://github.com/kivikakk/comrak/pull/341
* Use github/cmark-gfm submodule by digitalmoksha in https://github.com/kivikakk/comrak/pull/344
* Sync with cmark-gfm-0.29.0.gfm.12 by digitalmoksha in https://github.com/kivikakk/comrak/pull/343
* Sync with cmark-gfm-0.29.0.gfm.13 by digitalmoksha in https://github.com/kivikakk/comrak/pull/345

0.18.0

* Improve performance of bundled plugins, and streaming I/O by kivikakk in https://github.com/kivikakk/comrak/pull/288
* Implement Default for enums without using [default] attribute by silverpill in https://github.com/kivikakk/comrak/pull/293
* XML and sourcepos support by kivikakk in https://github.com/kivikakk/comrak/pull/232
* Add a quadratic fuzzer by philipturnbull in https://github.com/kivikakk/comrak/pull/295

0.17.1

* Fix some panics found by trivial fuzzing.

Missed from the 0.17.0 changelog:

* Add footnote attributes that mirror cmark-gfm by digitalmoksha in https://github.com/kivikakk/comrak/pull/273
* Add support for full_info_string render option by digitalmoksha in https://github.com/kivikakk/comrak/pull/276
* chore: improve debug performance by conradludgate in https://github.com/kivikakk/comrak/pull/283

0.17.0

This contains some breaking changes from an API point of view, but output is
largely unchanged. Spec compliance is improved, and benchmark runtime is over
20% faster.

* SECURITY: GHSA-8hqf-xjwp-p67v / Quadratic runtime when parsing Markdown (GHSL-2023-047)
* <https://github.com/kivikakk/comrak/security/advisories/GHSA-8hqf-xjwp-p67v>
* A variety of quadratic runtime issues that could lead to DoS were reported
and addressed.
* We replaced pest with an re2c-based scanner.
* SECURITY: GHSA-xxmq-4vph-956w / Excessive output when parsing Markdown (GHSL-2023-048)
* <https://github.com/kivikakk/comrak/security/advisories/GHSA-xxmq-4vph-956w>
* Reference output is limited to 100Kb.
* SECURITY: GHSA-5r3x-p7xx-x6q5 / Attacker controlled data in AST nodes is not validated (GHSL-2023-049)
* <https://github.com/kivikakk/comrak/security/advisories/GHSA-5r3x-p7xx-x6q5>
* AST nodes no longer store raw `Vec<u8>`s, and instead store `String`s.
* Various API points were cleaned up.
* Comrak now targets Rust 2018.

Many thanks to philipturnbull and darakian of the GitHub Security Lab for
bringing these issues to my attention and detailing the reproduction steps for
each case.

Page 1 of 9

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.