Commit graph

139 commits

Author SHA1 Message Date
Bjørn Erik Pedersen
4a0b55330c
docs: Regenerate docshelper 2022-01-04 17:11:17 +01:00
Bjørn Erik Pedersen
623dda7174 Revert "config/security: Add HOME to default exec env var whitelist"
There have been one report in the wild suggesting that this needs to be tested better before doing:

https://discourse.gohugo.io/t/hugo-mod-failing-in-v0-91-1-but-works-in-v0-91-0/36180/5

This reverts commit fca266ebbb.
2021-12-23 16:23:15 +01:00
Bjørn Erik Pedersen
fca266ebbb config/security: Add HOME to default exec env var whitelist
See #9309
2021-12-22 11:33:59 +01:00
Bjørn Erik Pedersen
6df2f080c9
docs: Regen docs helper 2021-12-17 10:31:08 +01:00
Bjørn Erik Pedersen
f4389e48ce
Add some basic security policies with sensible defaults
This ommmit contains some security hardening measures for the Hugo build runtime.

There are some rarely used features in Hugo that would be good to have disabled by default. One example would be the "external helpers".

For `asciidoctor` and some others we use Go's `os/exec` package to start a new process.

These are a predefined set of binary names, all loaded from `PATH` and with a predefined set of arguments. Still, if you don't use `asciidoctor` in your project, you might as well have it turned off.

You can configure your own in the new `security` configuration section, but the defaults are configured to create a minimal amount of site breakage. And if that do happen, you will get clear instructions in the loa about what to do.

The default configuration is listed below. Note that almost all of these options are regular expression _whitelists_ (a string or a slice); the value `none` will block all.

```toml
[security]
  enableInlineShortcodes = false
  [security.exec]
    allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$']
    osEnv = ['(?i)^(PATH|PATHEXT|APPDATA|TMP|TEMP|TERM)$']

  [security.funcs]
    getenv = ['^HUGO_']

  [security.http]
    methods = ['(?i)GET|POST']
    urls = ['.*']
```
2021-12-16 09:40:22 +01:00
Bjørn Erik Pedersen
e86b331138
docs: Regenerate docs helper 2021-12-08 08:56:16 +01:00
Joe Mooring
04a3b45db4 Fix description of lang.FormatNumberCustom
It currently refers to itself as a simple alternative, when it should
refer to lang.FormatNumber.
2021-11-01 18:54:43 +01:00
Bjørn Erik Pedersen
4b36498a85
Merge commit 'aa5ac36a3eb68b86c803caec703869efefc8447e' 2021-10-31 13:53:55 +01:00
Bjørn Erik Pedersen
8d19850e2d
docs: Regen docs helper 2021-08-03 11:53:34 +02:00
Bjørn Erik Pedersen
7907d24ba1
tpl/lang: Add new localized versions of lang.FormatNumber etc.
Fixes #8820
2021-07-29 16:40:06 +02:00
Bjørn Erik Pedersen
be6b901cf7
docs: Regenerate docs helper 2021-06-18 13:21:10 +02:00
Bjørn Erik Pedersen
402da3f8f3
docs: Regenerate docshelper 2021-06-18 12:58:07 +02:00
Bjørn Erik Pedersen
d392893cd7
Misc config loading fixes
The main motivation behind this is simplicity and correctnes, but the new small config library is also faster:

```
BenchmarkDefaultConfigProvider/Viper-16         	  252418	      4546 ns/op	    2720 B/op	      30 allocs/op
BenchmarkDefaultConfigProvider/Custom-16        	  450756	      2651 ns/op	    1008 B/op	       6 allocs/op
```

Fixes #8633
Fixes #8618
Fixes #8630
Updates #8591
Closes #6680
Closes #5192
2021-06-14 17:00:32 +02:00
Bjørn Erik Pedersen
a91cd7652f
docs: Regenerate docs helper 2021-06-08 18:52:38 +02:00
Bjørn Erik Pedersen
a9b52b4175
docs: Regenerate docs helper 2021-05-01 12:06:24 +02:00
Bjørn Erik Pedersen
fd96f65a3d
docs: Regen docs helper 2021-04-20 20:23:36 +02:00
Bjørn Erik Pedersen
8f7891e70c
Merge commit '07b8d9466dfb59c429c1b470a0443337bc0aeefe' 2021-04-20 20:22:53 +02:00
Bjørn Erik Pedersen
86b4fd35e7
docs: Regenerate docs helper 2021-03-21 13:33:26 +01:00
Bjørn Erik Pedersen
1b364b003f
docs: Regen docs helper 2021-02-18 17:54:25 +01:00
Bjørn Erik Pedersen
2681633db8 markup/goldmark: Add attributes support for blocks (tables etc.)
E.g.:

```
> foo
> bar
{.myclass}
```

There are some current limitations: For tables you can currently only apply it to the full table, and for lists the ul/ol-nodes only, e.g.:

```
* Fruit
  * Apple
  * Orange
  * Banana
  {.fruits}
* Dairy
  * Milk
  * Cheese
  {.dairies}
{.list}
```

Fixes #7548
2021-02-08 19:52:55 +01:00
Bjørn Erik Pedersen
fd70bdafe7
docs: Regen docshelper 2020-11-24 13:49:01 +01:00
Bjørn Erik Pedersen
20a35374a3
Revert "docs: Regenerate docshelper"
This reverts commit caf16c2085.

Closes #7972
2020-11-21 12:48:48 +01:00
Bjørn Erik Pedersen
caf16c2085
docs: Regenerate docshelper 2020-11-20 09:32:16 +01:00
Bjørn Erik Pedersen
332b65e4cc
docs: Regen docs helper 2020-10-30 09:52:32 +01:00
Bjørn Erik Pedersen
b9318e4315
docs: Regen docshelper 2020-10-06 16:25:23 +02:00
Helder Pereira
8e553dcdef markup/asciidocext: Add preserveTOC option 2020-09-17 10:50:25 +02:00
Bjørn Erik Pedersen
be2404c8b1
docs: Regen docs helper 2020-09-13 21:58:38 +02:00
Bjørn Erik Pedersen
e6cd9da42d
docs: Regen docs helper 2020-09-07 21:45:16 +02:00
Bjørn Erik Pedersen
25e3da3343
docs: Regenerate docs helper 2020-07-13 11:01:38 +02:00
Bjørn Erik Pedersen
fc045e12a9 Rename taxonomy kinds from taxonomy to term, taxonomyTerm to taxonomy
And we have taken great measures to limit potential site breakage:

* For `disableKinds` and `outputs` we try to map from old to new values if possible, if not we print an ERROR that can be toggled off if not relevant.
* The layout lookup is mostly compatible with more options for the new `term` kind.

That leaves:

* Where queries in site.Pages using taxonomy/taxonomyTerm Kind values as filter.
* Other places where these kind value are used in the templates (classes etc.)

Fixes #6911
Fixes #7395
2020-06-18 09:09:56 +02:00
Bjørn Erik Pedersen
0a9172672a
Merge commit 'efa74c5c6e6ff1daddeb5834ea7c69bed2acf171' 2020-06-16 14:19:31 +02:00
Edouard
7eeebe1e5a
tpl/crypto: Add hmac 2020-06-05 20:04:11 +02:00
Bjørn Erik Pedersen
b7ff4dc23e
docs: Regen docs helper 2020-04-10 09:07:41 +02:00
Bjørn Erik Pedersen
7204b354a9 Some minify configuration adjustments 2020-03-20 20:35:57 +01:00
SatowTakeshi
574c2959b8 Add minify config
Fixes #6750
Updates #6892
2020-03-20 20:35:57 +01:00
Bjørn Erik Pedersen
cafb1d53c0
docs, output: Add base template lookup variant to docs.json 2020-01-23 11:59:52 +01:00
Bjørn Erik Pedersen
4f466db666
docs: Regen docs helper 2020-01-23 11:55:08 +01:00
Bjørn Erik Pedersen
81b7e48a55
docs: Regenerate docshelper
See #6707
See #6616
2020-01-05 11:57:49 +01:00
Bjørn Erik Pedersen
1773d71d5b tpl: Add a warnf template func
Fixes #6628
2019-12-21 10:23:00 +01:00
Bjørn Erik Pedersen
55c29d4de3
docs: Regen docshelper 2019-12-19 23:48:01 +01:00
John Zaitseff
158e7ec204 Fix incorrect MIME type from image/jpg to image/jpeg
According to multiple sources, both official ([IANA] and [RFC2046]) and
otherwise (eg, [Mozilla] and [Wikipedia]), the official MIME type for
JPEG images is `image/jpeg`, not `image/jpg`.  Change Hugo to match.

[IANA]: https://www.iana.org/assignments/media-types/media-types.xhtml#image
[RFC2046]: https://tools.ietf.org/html/rfc2046
[Mozilla]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types
[Wikipedia]: https://en.wikipedia.org/wiki/JPEG
2019-12-19 18:02:11 +01:00
Bjørn Erik Pedersen
67f3aa72cf
Merge commit '2e711a28c71e8667258e5ab824f9b9a71c261b0a' 2019-12-15 10:37:36 +01:00
Gavin D. Howard
4c804319f6 markup/tableofcontents: Add config option for ordered list 2019-12-12 07:48:40 +01:00
Bjørn Erik Pedersen
bfb9613a14
Add Goldmark as the new default markdown handler
This commit adds the fast and CommonMark compliant Goldmark as the new default markdown handler in Hugo.

If you want to continue using BlackFriday as the default for md/markdown extensions, you can use this configuration:

```toml
[markup]
defaultMarkdownHandler="blackfriday"
```

Fixes #5963
Fixes #1778
Fixes #6355
2019-11-23 14:12:24 +01:00
Bjørn Erik Pedersen
79355043e8
Merge commit 'efc0b1bb6c6564f54d596467dbc6a18cb206954e' 2019-11-11 11:46:22 +01:00
Bjørn Erik Pedersen
27aef3f1fb Merge commit 'b9bd35d72e14932fb6588ff62b90cddef0a060fc' as 'docs' 2019-10-21 10:22:28 +02:00
Bjørn Erik Pedersen
39121de4d9
docs: Replace /docs 2019-10-21 10:21:51 +02:00
Jamie Tanna
c466b88c99 deps: Upgrade to latest version of emoji dependency
To add support for new emojis in Hugo, we need to upgrade our internal
dependency on the emoji package.

Note that we also need to update our tests, as the underlying emoji that
is rendered has changed.

Follow-up to #6391. (170f18d935 and
2df5d202c6)
2019-10-05 22:58:53 +02:00
Bjørn Erik Pedersen
23adc0c2d9
docs: Regenerate data helpers 2019-07-24 09:39:12 +02:00
Bjørn Erik Pedersen
cee181c3a6
docs: Regenerate docs helper 2019-05-02 14:26:02 +02:00
Bjørn Erik Pedersen
75b16e30ec
docs: Regenerate docs helper 2019-04-20 15:20:08 +02:00
Bjørn Erik Pedersen
b6a60f718e
output: Add missing JSON tag 2019-03-28 20:59:09 +01:00
Bjørn Erik Pedersen
bfdc44964a
docs: Regenerate docshelper data
Closes #5799
2019-03-28 09:49:54 +01:00
Bjørn Erik Pedersen
ddc15ed41b
Merge commit '5e078383a787e8b5ec3ba73f05ea4130840afbe2' 2019-02-01 09:01:04 +01:00
Bjørn Erik Pedersen
486bc46a52 docs: Regenerate the docs helper 2018-11-02 13:36:09 +01:00
Bjørn Erik Pedersen
bc57f5c36e
Merge commit '807c551922707fc5ae0eb26e8f01638c0c63fdb3' 2018-09-23 23:48:53 +02:00
Bjørn Erik Pedersen
b7ca3e1b3a
Merge commit '13e64d72763bf8d6d92d4cdfc15ed45ee9debfab' 2018-09-14 08:35:23 +02:00
Yang Li
3cea2932e1 Fix typos 2018-07-07 12:29:56 +02:00
Bjørn Erik Pedersen
c74b0f8f9b
docs: Update theme documentation
See #4460
2018-06-12 07:38:41 +02:00
David E. Wheeler
019bd5576b tpl/strings: strings.RuneCount 2018-06-04 20:47:03 +03:00
David E. Wheeler
13435a6f60 tpl: Add strings.Repeat 2018-06-03 09:55:37 +03:00
Bjørn Erik Pedersen
1b9dc52ef5
Merge commit 'd2ec1a06df8ab6b17ad05cb008d5701b40327d47' 2018-04-21 23:02:48 +02:00
Bjørn Erik Pedersen
10c33c17cd
docs: Generate docshelper data
And fix build ...
2018-04-02 08:52:42 +02:00
Bjørn Erik Pedersen
95d62004a0
Merge commit 'c0290655825e7bb36e13fb39f89d85b392cf1adc' 2018-03-11 20:40:26 +01:00
Bjørn Erik Pedersen
158e1151cd
Merge commit '337d0c5f516ee085205e8abefdb7f87e6d33ca05' 2018-01-31 11:08:08 +01:00
Bjørn Erik Pedersen
b3eeb97642
Merge commit '3cf4300097610bb8b5bd0686d96d1df5db641895' 2018-01-17 22:33:07 +01:00
Bjørn Erik Pedersen
5c31e0c341
Merge commit 'ecf5e081b5540e69f4af330233f39a07baf53846' 2017-10-15 10:20:55 +02:00
Bjørn Erik Pedersen
932ae52709 Merge commit '61c27b58b353c73772aae572c7d822fdfdf7791b' 2017-09-25 09:02:42 +02:00
Bjørn Erik Pedersen
a1900826b9 Merge commit 'ec4e6f9df2ab9ffdc62a3f59675369096e0d3f77' as 'docs' 2017-08-10 17:18:22 +02:00
Bjørn Erik Pedersen
d384c661fe docs: Re-integrate 2017-08-10 17:17:07 +02:00
Bjørn Erik Pedersen
22b213b1a4 Merge commit 'e81208265bb3cdb7606d051a23d83aeebcb7d34d' 2017-08-06 17:24:51 +02:00
Bjørn Erik Pedersen
1c18f3fc49 Merge commit '50ec65fbe1a48475d3320775dab2c47389c02114' 2017-07-31 09:21:24 +02:00
Bjørn Erik Pedersen
4c220c4ac2 Merge commit '6dbde8d731f221b027c0c60b772ba82dad759943'
Fixes #3709
2017-07-18 10:33:58 +02:00
Bjørn Erik Pedersen
a358b33f26 docs: Regenerate the docs helpers 2017-07-06 10:36:13 +02:00
Bjørn Erik Pedersen
a7765bb3c1 Merge commit 'dd78d5b23fe597f4461aa4199401b4e07c0612e2' as 'docs' 2017-06-26 20:46:06 +02:00
Bjørn Erik Pedersen
8be3934b59 docs: Remove
Docs site is moved to https://github.com/gohugoio/hugoDocs

Will be re-added here as a Git submodule.
2017-06-14 10:32:16 +02:00
Bjørn Erik Pedersen
a119ef693f tpl/time: Re-add the time example 2017-05-20 11:41:43 +03:00
Bjørn Erik Pedersen
42fbded105 docs: Regenerate docs helper 2017-05-18 21:38:16 +03:00
James
e92ce83d5e docs: Update references to JSON
Looks like this was a bad copy/paste where CSV should've been JSON
2017-05-18 07:55:15 +02:00
Bjørn Erik Pedersen
cff2f31334 tpl: Add some GoDoc info to template func docs
Closes #3418
2017-05-04 10:46:19 +02:00
Cameron Moore
f604076de1 tpl/images: Fix embedded sync.Mutex 2017-05-02 09:17:14 +02:00
Bjørn Erik Pedersen
690b0f8ff5 tpl: Add docshelper for template funcs
And fix some other minor related issues.

Updates #3418
2017-05-01 21:44:15 +02:00
Bjørn Erik Pedersen
9ebbf1b054 docs: Add docs about output format linking
Fixes #3301
Fixes #3302
2017-04-08 16:33:20 +02:00
Bjørn Erik Pedersen
3c405f5172 all: Document the Output Formats feature
This commit also adds a new command, docshelper, with some utility funcs that adds a JSON datafiles to /docs/data that would be a pain to create and maintain by hand.

Fixes #3242
2017-04-07 10:52:16 +02:00
Bjørn Erik Pedersen
1279ca201a docs: Add some more quotes 2017-03-01 18:37:44 +01:00
Bjørn Erik Pedersen
1873826651 docs: Add one more quote 2016-04-08 00:06:39 +02:00
Bjørn Erik Pedersen
ef933e4a7f docs: Limit the quotes on front page to the last two years
We should get some new ones in there.

Also shuffle the order. This also means no merging into 0.15-docs ...

Which also means we should get a release out there ... soon!

See #2055

Also See https://github.com/BurntSushi/toml/issues/129 for an explanation to the little bit ugly dates.
2016-04-07 23:46:46 +02:00
Robert Basic
40f62a863c docs: Use data folder for website carousel
Fixes #2055
2016-04-07 22:50:38 +02:00
Anthony Fok
acd720df92 Add docs/data/titles.toml to set title "Site Showcase"
Idea from https://discuss.gohugo.io/t/how-to-name-list-templates/949
2015-11-16 06:48:20 -07:00