Python-hugo

The main new thing in this release is that we now support both major versions of the Dart Sass Embedded protocol, which means that you now can use the regular [Dart Sass](https://github.com/sass/dart-sass/releases) binary. We measured the new protocol to be [faster with high concurrency](https://github.com/bep/godartsass/pull/17):


name old time/op new time/op delta
Transpiler/SCSS-10 114µs ± 0% 145µs ± 1% +26.40% (p=0.029 n=4+4)
Transpiler/Start_and_Execute-10 25.6ms ± 2% 26.0ms ± 3% ~ (p=0.486 n=4+4)
Transpiler/SCSS_Parallel-10 89.0µs ± 2% 44.4µs ± 3% -50.12% (p=0.029 n=4+4)

name old alloc/op new alloc/op delta
Transpiler/SCSS-10 1.33kB ± 1% 1.33kB ± 0% ~ (p=1.000 n=4+4)
Transpiler/Start_and_Execute-10 22.4kB ± 1% 22.4kB ± 1% ~ (p=0.886 n=4+4)
Transpiler/SCSS_Parallel-10 1.34kB ± 3% 1.33kB ± 1% ~ (p=1.000 n=4+4)

name old allocs/op new allocs/op delta
Transpiler/SCSS-10 18.0 ± 0% 18.0 ± 0% ~ (all equal)
Transpiler/Start_and_Execute-10 144 ± 1% 150 ± 0% +4.16% (p=0.029 n=4+4)
Transpiler/SCSS_Parallel-10 18.0 ± 0% 18.0 ± 0% ~ (all equal)


We have also moved to a new log library and added some new [math functions](https://gohugo.io/functions/math/) and also revised the existing set to work better with a mix of scalars and slices.

Notes

* We have removed the flags `--log`, `--verboseLog`, added the new flag `--logLevel` and deprecated `--verbose` and `--debug` See 11088
* This release contains a security fix in the upstream Go HTML template library disallowing JavaScript inside backticks by default. See https://github.com/golang/go/issues/59234 If you really need this and are sure this isn't a security risk in your case, you can revert to the old behaviour:

toml
[security]
[security.gotemplates]
allowActionJSTmpl = true


Bug fixes

* common/loggers: Drop the bold INFO etc. prefixes 6dfbd247 bep
* all: Fix some typos 68d9d3eb deining
* all: Fix typos in function names and comments 9009c8cd alexandear
* deploy: Fix deploy defaults for non-zero flag values (e.g. maxDeletes, invalidateCDN) 12dc9a6e bep 11127
* Fix upstream Go templates bug with reversed key/value assignment ee359df1 bep 11112
* tpl/collections: Fix append when appending a slice to a slice of slices d178fe94 bep 11093
* Fix .Width and .Height for animated gifs 21d17566 bep 11079
* Fix config merge regression with root slices (e.g. disableKinds) 60a2cdf7 bep 11089
* Fix handling of aliases (e.g. hugo serve) 0541a1b5 bep 11090
* commands,config: Fix typo in log and error messages b8526f32 alexandear
* Fix indented SASS imports for Dart Sass c782ebd8 bep 11074

Improvements

* Add empty Environ when loading test config 3ab84651 bep
* loggers: Avoid using Logf for the LevelLoggerToWriter f59c3c02 bep
* tocss/dartsas: Avoid using Logf for the internal Dart Sass logging 3ca29b15 bep
* helpers: Remove superflous formatting flag in deprecation warnings fdb0b7fb bep
* common/loggers: Re-add trailing newline in logger.Printf 1b85303a bep 11130
* Replace the old log setup, with structured logging etc. 7c9fada7 bep 11124
* common/collections: Always make a copy of the input slice in Append f73c5675 bep 10458
* Re-add site.RSSLink (and deprecate it) 90b2674d bep 11110
* tpl/math: Allow variadic math functions to take slice args, add math.Product, math.Sum 2ba2271e bep 11030
* commands: Remove flags log, verboseLog, add flag logLevel, deprecate flags verbose and debug ef147f4e bep 9648 11071
* cache: Set default cache path based on $USER 258884f4 Sircular 7391
* resources: Remove failing and superflous test assertion 69f0e88a bep
* helpers: Avoid url.Parse in RelURL and AbsURL if we can ed7e2500 bep
* Adjust benchmarks 6a09e7f2 bep
* Adjust benchmark 29e5cbb6 bep
* Add BenchmarkAbsURL ded68660 bep
* helpers: Improve schema detection when creating relative URLs e1d43021 jmooring 11080
* helpers: Add a basic benchmark for RelURL 5db215d4 bep
* config: Remove unexpected _merge keys introduced in author and social maps b7dc93ca bep 11083
* Upgrade to v2 of the Dart Sass Embedded Protocol f210188d bep 11059

Dependency Updates

* Revert "build(deps): bump gocloud.dev from 0.24.0 to 0.29.0" 59300faa bep
* Revert "deps: Update github.com/tdewolff/minify/v2 v2.12.5 => v2.12.6" 49dd53a4 bep 11132
* build(deps): bump github.com/evanw/esbuild from 0.18.3 to 0.18.4 8a04d47a dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.18.2 to 0.18.3 aaf2e969 dependabot[bot]
* build(deps): bump golang.org/x/sync from 0.2.0 to 0.3.0 0f989d5e dependabot[bot]
* build(deps): bump google.golang.org/api from 0.123.0 to 0.127.0 732dcb84 dependabot[bot]
* build(deps): bump golang.org/x/tools from 0.9.1 to 0.9.3 944859f1 dependabot[bot]
* build(deps): bump github.com/kyokomi/emoji/v2 from 2.2.11 to 2.2.12 bb9377b5 dependabot[bot]
* build(deps): bump github.com/getkin/kin-openapi from 0.117.0 to 0.118.0 e88f1b80 dependabot[bot]
* build(deps): bump golang.org/x/net from 0.10.0 to 0.11.0 516f0cb6 dependabot[bot]
* build(deps): bump gocloud.dev from 0.24.0 to 0.29.0 7bed16c3 dependabot[bot]
* build(deps): bump golang.org/x/image from 0.7.0 to 0.8.0 e08cfc8c dependabot[bot]
* build(deps): bump github.com/magefile/mage from 1.14.0 to 1.15.0 48951956 dependabot[bot]
* build(deps): bump github.com/pelletier/go-toml/v2 from 2.0.6 to 2.0.8 91c0b0f7 dependabot[bot]
* build(deps): bump github.com/evanw/esbuild from 0.17.19 to 0.18.2 baef235d dependabot[bot]
* build(deps): bump go.uber.org/atomic from 1.10.0 to 1.11.0 254c2b32 dependabot[bot]
* build(deps): bump github.com/hairyhenderson/go-codeowners 84f71ba8 dependabot[bot]
* build(deps): bump github.com/frankban/quicktest from 1.14.4 to 1.14.5 82adc972 dependabot[bot]
* build(deps): bump github.com/mattn/go-isatty from 0.0.17 to 0.0.19 60533fdc dependabot[bot]
* build(deps): bump github.com/spf13/afero from 1.9.3 to 1.9.5 261143bb dependabot[bot]

Documentation

* docs: Regen docshelper 9f98b3e7 bep
* docs: Regen CLI docs 7241b5fd bep

Build Setup

* Revert "snap: Transition base snap from core20 to core22 (11101)" (11125) 0e794465 jmooring 11116
* snap: Transition base snap from core20 to core22 (11101) 35e9b3ed jmooring

This release adds TLS/HTTPS support to `hugo server` (see cf38c73f and 11064 for details) entirely backed by [mkcert](https://github.com/FiloSottile/mkcert). We still default to `http` which is recommended and good enough for 99% of the Hugo use, but there are [some situations](https://web.dev/when-to-use-local-https/) where you really need it.

We have added a new sub command and some new flags to `hugo server` to enable this:


Installs a local CA in the system root store. You only need to do this once.
hugo server trust

Generates locally-trusted certificates (if not already created) and starts the server with TLS/HTTPS enabled.
hugo server --tlsAuto


Note that we just delegate to [mkcert](https://github.com/FiloSottile/mkcert) using its default settings, so all of their documentation is relevant.

Also note that this is currently only supported for Linux, MacOS and Windows. And if you install on Linux using Snap, you will currently get an access denied error when running `hugo server trust`. A workaround for that, or if you need to use some of mkcert's advanced options, is to use mkcert directly to install the local CA:


go install filippo.io/mkcertlatest
mkcert -install


You can then start the server with `hugo server --tlsAuto`.

If you have obtained the TLS certificate and key file by other means, you can use the `--tlsCertFile` and `--tlsKeyFile` flags. When `--tlsAuto` or `--tlsCertFile` and `--tlsKeyFile` is set and no `--baseURL` is provided as a flag, the server is started with TLS and `https` as the protocol.

What's Changed

* Fix menuItem.URL when pageRef is not set 5e5ce00d bep 11062
* Don't inject livereload script on hugo -w a191b38a bep 11061
* markup: Fix typo in function and struct names 382c726e alexandear
* all: Replace deprecated ioutil with io and os 4c46f940 alexandear

* github: Fix Windows build 06faee5b bep 11052
* Fix potential deadlock in ByParam 32585696 bep 11039
* commands: Add --lang to hugo config 0ef29528 bep 11057
* Make sure any default mounts show up in "hugo config" e3ae8f02 bep 11040
* tpl/tplimpl: Use .Language.LanguageCode in built-in templates ff77a927 jmooring
* Fail on invalid defaultContentLanguage 9cdca1f9 bep 11044
* Avoid panic in invalid language config 6462eecf bep 11046
* Don't panic on empty yaml config params a7d6b141 bep 11047
* Prevent double escaping of image alt-text in Goldmar typographer 3f497d49 bep 11045
* deps: Update github.com/tdewolff/minify/v2 v2.12.5 => v2.12.6 409c6c3f jmooring

What's Changed

* Fix it so languageCode on top level config still works e3dfc76f bep 11037

* Fix Processed images count regression for multiple languages fd099331 bep 11002
* Fix --renderStaticToDisk regression 8f293a18 bep 11026
* commands: Add the common build flags to the config commands 51d0a0ab bep 11018
* commands: Reinstate some of the removed build flags (e.g. --theme) to new and mod 43f1282e bep 11018
* Don't create the public folder unless needed e96cdfe9 bep 11031
* commands: Fail the build when no config file or config dir 273d9f69 bep 11019
* langs: Remove the Language.Params deprecation message for now a6257d8a bep 11025
* Add language.LanguageCode 6c2db0df bep 11027
* commands: Re-introduce the -f shorthand for hugo new site 901cd970 bep 11015
* commands: Move the --format flag to only the commands that support it f86b5f70 bep 11022

Documentation

* docs: Regenerate CLI docs 20ea2e0c bep
* docs: Regen CLI docs ffdbce57 bep