Hugo

Latest version: v0.139.2

Safety actively analyzes 682471 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 10 of 52

0.121.2

This is the first release for `hugo`, a Python package that embeds binaries for the extended version of the static site generator Hugo written in Golang – allowing users to install it with `pip`, Python's primary package management tool. Please refer to the [README](https://github.com/agriyakhetarpal/hugo-python-distributions) document for: installation instructions and usage, a list of supported platforms and architectures, and a variety of use cases that include some limitations.

For more information on Hugo and its usage as a static site generator, please refer to the official Hugo documentation, available at: https://gohugo.io/documentation.

This project will be versioned alongside equivalent [Hugo releases](https://github.com/gohugoio/hugo/releases/), allowing users to access the same version of Hugo via these Python wheels as that of the official Hugo binaries.

Therefore, this release – in specific, corresponds to [Hugo v0.121.2](https://github.com/gohugoio/hugo/releases/tag/v0.121.2) and can be obtained from PyPI via the invocation of the command `pip install hugo` on a terminal on these platforms and architectures: Linux (amd64 or aarch64), macOS (Intel or Apple Silicon), and Windows (amd64).

<hr>

> [!NOTE]
> This is a re-release for `python-hugo`, which was earlier available with the name of `python-hugo` on PyPI, and was versioned separately according to a modified CalVer specification to match Hugo releases – these older binaries have been deleted. A special vote of thanks to nariman for granting access to the original PyPI name, i.e., `hugo`, in order to provide this release on PyPI.

Some PRs that brought this to fruition

* Add and debug workflows by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/1
* Debug and add Windows support by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/4
* Cache Hugo build files by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/9
* Add user manual – quickstart, use cases, known limitations, building from source, licensing by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/11
* Packaging revamp, introduce cleaner installation, add cross-compilation by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/12
* Refactor GitHub Actions workflows, get wheels ready, cross-compile macOS wheels by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/14
* Code quality and consistency checks by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/18
* Make Windows runner speedier by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/21
* Rename project from `python-hugo` to `hugo` by agriyakhetarpal in https://github.com/agriyakhetarpal/hugo-python-distributions/pull/22

**Full range of commits**: https://github.com/agriyakhetarpal/hugo-python-distributions/commits/v0.121.2

0.121.1

The only change in this release is that the release binaries are compiled with [Go 1.21.5](https://github.com/golang/go/issues?q=milestone%3AGo1.21.5+label%3ACherryPickApproved) which contains some [security fixes](https://groups.google.com/g/golang-announce/c/iLGK3x6yuNo) that are relevant for Hugo.

* Upgrade to Go 1.21.5 eb9f1eb65 bep 11786

0.121.0

There are some minor new features in this release, but it's mostly a release with bug fixes and dependency updates. One notable dependency update is [libweb v1.3.2](https://github.com/webmproject/libwebp/releases/tag/v1.3.2) which comes with a security fix for the Webp _decoder_ (chromium: #1479274, CVE-2023-4863). Hugo only uses the encoder (we use Go's native Webp decoder) so we're not affected by this, but we have been contacted by some corporate Hugo users who's eager to have a clean security report.

Notes

* [kin-openapi v0.122.0](https://github.com/getkin/kin-openapi#v01220) has some minor breaking API changes which, from Hugo's side of it, can be adapted by using the new `.Map` accessors if you get an error.

Bug fixes and enhancements

* github: Fix CI build on Windows 6d4b01241 bep
* Fix handling of dropped error in test 26a8ec207 alrs
* resources/resource: Fix GroupByParamDate with raw TOML dates dd6cd6268 jmooring 11563
* helpers: Fix TrimShortHTML used by markdownify and RenderString 0bde6931a jmooring 11698
* Pull in the latest code from Go's template packages (11771) 9f978d387 bep 10707 11507
* tpl: Allow using page resources on the images page parameter for `opengraph`, `schema` and `twitter_cards` templates 14d85ec13 razonyang
* hugolib: Apply titleCaseStyle to automatic section pages 171836cdf jmooring 11547
* tpl/urls: Retain query and fragment with absURL and absLangURL 9ea7103db jmooring 11772
* markup: Add Level to Heading struct 3fc42da3d jmooring 10776
* tpl/fmt: Print suppression help with erroridf d24da1712 jmooring 11506
* tpl/transform: Display Chroma highlighting errors 4583b4130 jmooring 9642
* common/para: Skip flaky test on CI e2a624dd6 bep
* watcher: Skip flaky test for now 30a18e882 bep
* tpl/transform: Add transform.XMLEscape template function b4c5df42f jmooring 3268
* tpl/tplimpl: Remove superfluous type attr on script elements 8d32ca223 jmooring 6379
* common/para: Skip flaky tests on Windows 27620daa2 bep
* navigation: Unexport menu entry methods 80d2fdbaa jmooring 11670
* markup/goldmark: Sync image render hook code with Goldmark 805cc1773 jmooring 11681

Dependency Updates

* build(deps): bump github.com/alecthomas/chroma/v2 from 2.11.1 to 2.12.0 558f3258a dependabot[bot]
* build(deps): bump github.com/tdewolff/minify/v2 from 2.20.8 to 2.20.9 507f4e356 dependabot[bot]
* build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 a7e721e02 dependabot[bot]
* build(deps): bump github.com/getkin/kin-openapi from 0.121.0 to 0.122.0 2627b91d3 dependabot[bot]
* build(deps): bump golang.org/x/image from 0.13.0 to 0.14.0 e536d461a dependabot[bot]
* deps: Update github.com/tdewolff/minify/v2 v2.20.7 => v2.20.8 bfc325f56 jmooring 5748
* build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 36a60f65d dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.19.7 to 0.19.8 de2fcc5e1 dependabot[bot]
* build(deps): bump google.golang.org/api from 0.151.0 to 0.152.0 9ca889ba4 dependabot[bot]
* deps: Upgrade to libwebp 1.3.2 4fb40ee87 bep 11746
* build(deps): bump github.com/aws/aws-sdk-go from 1.48.4 to 1.48.6 bc93a3613 dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.15.0 to 0.16.0 3e5bc6f3b dependabot[bot]
* build(deps): bump github.com/getkin/kin-openapi from 0.120.0 to 0.121.0 7c47036f1 dependabot[bot]
* build(deps): bump github.com/bep/logg from 0.3.0 to 0.4.0 4d07e1fe8 dependabot[bot]
* deps: Upgrade to github.com/bep/simplecobra v0.4.0 1c41232e6 bep
* build(deps): bump github.com/aws/aws-sdk-go from 1.48.2 to 1.48.4 f11ca0fad dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.14.0 to 0.15.0 d7a2f3f98 dependabot[bot]
* build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 ef12d169c dependabot[bot]
* build(deps): bump github.com/fatih/color from 1.15.0 to 1.16.0 a62bbfa9e dependabot[bot]
* build(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 5887230b7 dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.19.5 to 0.19.7 a4a66b821 dependabot[bot]
* build(deps): bump github.com/alecthomas/chroma/v2 from 2.10.0 to 2.11.1 813390b5a dependabot[bot]
* build(deps): bump github.com/tdewolff/minify/v2 from 2.20.5 to 2.20.7 d528bbd6d dependabot[bot]
* build(deps): bump google.golang.org/api from 0.138.0 to 0.151.0 af7f6c8b3 dependabot[bot]
* build(deps): bump github.com/aws/aws-sdk-go from 1.45.14 to 1.48.2 (11724) e70849ea7 dependabot[bot] 11723

Documentation

* docs: Regen docshelper 255e0a971 bep
* docs: Adjust last merge from docs repository 6580cd30a jmooring
* docs: Regen docs helper 7617de86c bep

0.120.4

The only change in this release is that the release binaries are compiled with Go 1.21.4 which comes with a security fix for Windows that may be relevant for Hugo. See:

* https://github.com/golang/go/issues?q=milestone%3AGo1.21.4+label%3ACherryPickApproved
* Especially golang/go63715

What's Changed

* Upgrade to go 1.21.4 9315a2d2c bep 11685

0.120.3

What's Changed

* tpl/tplimpl: Fix deprecation logic in embedded templates cb98e9061 jmooring 11658
* Remove some old and unused deprecation code 5fa97ee96 bep
* Add a field prefix to the deprecated log statements 4d38f4725 bep
* Avoid double printing INFO deprecation messages 80f793c38 bep 11645
* build(deps): bump github.com/tdewolff/parse/v2 from 2.7.1 to 2.7.3 a9079d7a6 dependabot[bot]
* build(deps): bump github.com/tdewolff/minify/v2 from 2.20.1 to 2.20.5 4914b7f18 dependabot[bot]

0.120.2

What's Changed

* Fix deprecation printing on info level ab2143368 bep 11638
* tpl/tplimpl: Fix deprecation logic in RSS template 23fcfb7f7 jmooring 11639

Page 10 of 52

Links

Releases

Has known vulnerabilities

© 2024 Safety CLI Cybersecurity Inc. All Rights Reserved.