Changelog History
Page 1
-
v3.5.1 Changes
- 🛠 Fix a security vulnerability using
:quote
in combination with the:escape_html
option.
Reported by Johan Smits.
- 🛠 Fix a security vulnerability using
-
v3.5.0 Changes
July 29, 2019🚀 This release mostly ships with bug fixes and tiny improvements.
👌 Improvements
👀 Avoid mutating the options hash passed to a render object (See #663).
Automatically enable the
fenced_code_blocks
option passing aHTML_TOC
object to theMarkdown
object's constructor since some languages rely on the sharp to comment code (See #451).✂ Remove the
rel
andrev
attributes from the output generated for footnotes as they don't pass the HTML 5 validation (See #536).👍 Allow passing
Range
objects to thenesting_level
option to have a higher level of customization for table of contents (See #519):Redcarpet::Render::HTML\_TOC.new(nesting\_level: 2..5)
🐛 Bug fixes
🛠 Fix a segfault rendering quotes using
StripDown
and the:quote
option.🛠 Fix SmartyPants single quotes right after a link. For example:
[John](http://john.doe)'s cat
Will now properly converts
'
to a right single quote (i.e.’
). -
v3.4.0 Changes
December 25, 2016Redcarpet v3.4.0
🚀 This new release ships with a bunch of bug fixes especially regarding anchor generation.
👌 Improvements to anchor generation
The anchor generation now relies on a djb2 hashing algorithm whenever the generated anchor is empty as non alpha-numeric chars. This is specifically interesting for CJK contents as Redcarpet used to generate empty anchors dealing with titles in these locales.
Special thanks to Alexey Kopytko and namusyaka for their work on that !
🚚 Also now, the html-escaped entities are removed from anchors generated with the
HTML
render in order to be consistent with theHTML_TOC
render and as it is more expected.Other improvements
- Table headers don't require a minimum of three dashes anymore; a single one can be used for each row.
- The Markdown and rendering options are now exposed through a
Hash
inside the@options
instance variable inside your custom render objects.
🐛 Bug fixes
- 📜 Multiple single quote pairs are parsed correctly with SmartyPants.
- ✂ Remove periods at the end of URLs when autolinking to make sure
that links at the end of a sentence get properly generated. - Avoid escaping ampersands in href links.
Checkout the CHANGELOG for further information and changes.
-
v3.3.4 Changes
December 25, 2015- 🛠 Fix
bufprintf
to correctly work on Windows MinGW-w64 so strings are properly written to the buffer.
Kenichi Saita
- 🛠 Fix the header anchor normalization by skipping non-ASCII chars and not calling tolower because this leads to invalid UTF-8 byte sequences in the HTML output. (tolower is not locale-aware)
Clemens Gruber
- 🛠 Fix
-
v3.3.3 Changes
September 24, 2015- 🛠 Fix a memory leak instantiating a
Redcarpet::Render::Base
object.
Oleg Dashevskii
- 🛠 Fix the
StripDown
renderer to handle the:highlight
option.
Itay Grudev
- The
StripDown
renderer handles tables if thetables
extension is enabled.
amnesia7
- 🛠 Fix Smarty Pants to avoid fraction conversions when there are several numbers separated with slashes (e.g. for a date).
Sam Saffron
- 🛠 Fix a memory leak instantiating a
-
v3.3.2 Changes
June 22, 2015- 🛠 Fix a potential security issue in the HTML renderer (Thanks to Giancarlo Canales Barreto for the heads up)
-
v3.3.1 Changes
June 07, 2015🛠 As of version 3.3.0, the provided
redcarpet
executable no longer worked since it relies on a newRedcarpet::CLI
class that wasn't available because its file wasn't included in the gemspec. This version fixes this. -
v3.3.0 Changes
June 05, 2015Redcarpet v3.3.0
🚀 This new release ships with a bunch of bug fixes and improvements especially regarding anchor generation.
👌 Improvements to anchors
👍 The anchor generation algorithm has been improved. It now correctly strips out non-alphanumeric chars from the generated string ; it tries as much as possible to match the behavior of the Active Support's
#parameterize
method.Moreover, Redcarpet used to HTML-escape anchors rendered through the
HTMl_TOC
render. This is no longer the case but if you want this behavior back for any reason, you can now pass the:escape_html
option instantiating the object.💻 Redcarpet's command line interface
📜 The plain old Ruby file that was provided as a bin script now relies on a brand new API that you can use and that uses Ruby's OptionParser.
📚 This allows you to create custom scripts for your needs. You can handle the provided files as you want and add new options or fall-backs (e.g. an option to use Pygments). Read the documentation of the
Redcarpet::CLI
class for further information.🗄 Undeprecate the RedCloth API compatibility layer
🚀 This release actually un-deprecates the RedCloth API compatibility layer. Since Redcarpet provides a different API than most processors, it turned out that this layer is used in libraries that provide support for different Markdown parsers.
🐛 Bug fixes
🛠 As usual, some bugs have been fixed:
- 🔗 Avoid parsing images when the given URL isn't safe and the
:safe_links_only
option is enabled. - Add the
lang-
prefix in front of the language's name when using:prettify
along with:fenced_code_blocks
.
Check out the CHANGELOG for further information.
- 🔗 Avoid parsing images when the given URL isn't safe and the
-
v3.2.3 Changes
April 07, 2015🔒 This release of Redcarpet fixes a security issue relying on auto-linking by preventing any rewinding of a previous inline like an emphasis when auto-linking another one like an e-mail address.
🚀 Also this release ships with a fix when escaping forward slashes with the
Safe
render object (there was a missing semi-colon). -
v3.2.2 Changes
December 12, 2014🚀 This release of Redcarpet is another patch release for the 3.2 series that addresses a regression that would wrap
<script>
tags inside paragraphs. See #440 for further details.