This commit adds a .Data object (a map with `Body`, `StatusCode` etc.) to the .Err returned from `resources.GetRemote`, which means you can now do:
```
{{ with .Err }}
{{ range $k, $v := .Data }}
{{ end }}
{{ end }}
```
Fixes#9708
This commit prevents the most commons case of infinite recursion in link render hooks when the `linkify` option is enabled (see below). This is always a user error, but getting a `stack overflow` (the current stack limit in Go is 1 GB on 64-bit, 250 MB on 32-bit) error isn't very helpful. This fix will not prevent all such errors, though, but we may do better once #9570 is in place.
So, these will fail:
```
<a href="{{ .Destination | safeURL }}" >{{ .Text | markdownify }}</a>
<a href="{{ .Destination | safeURL }}" >{{ .Text | .Page.RenderString }}</a>
```
`.Text` is already rendered to `HTML`. The above needs to be rewritten to:
```
<a href="{{ .Destination | safeURL }}" >{{ .Text | safeHTML }}</a>
<a href="{{ .Destination | safeURL }}" >{{ .Text | safeHTML }}</a>
```
Fixes#8959
This is a rollback of 0927cf739f
We cannot do that change until we either completes #9570 or possibly also use the new TryLock in GO 1.18.
Fixes#9588
Opens #4086
You can now create custom hook templates for code blocks, either one for all (`render-codeblock.html`) or for a given code language (e.g. `render-codeblock-go.html`).
We also used this new hook to add support for diagrams in Hugo:
* Goat (Go ASCII Tool) is built-in and enabled by default; just create a fenced code block with the language `goat` and start draw your Ascii diagrams.
* Another popular alternative for diagrams in Markdown, Mermaid (supported by GitHub), can also be implemented with a simple template. See the Hugo documentation for more information.
Updates #7765Closes#9538Fixes#9553Fixes#8520Fixes#6702Fixes#9558
The change in lock logic for `partialCached` in 0927cf739f was naive as it didn't consider cached partials calling other cached partials.
This changeset may look on the large side for this particular issue, but it pulls in part of a working branch, introducing `context.Context` in the template execution.
Note that the context is only partially implemented in this PR, but the upcoming use cases will, as one example, include having access to the top "dot" (e.g. `Page`) all the way down into partials and shortcodes etc.
The earlier benchmarks rerun against master:
```bash
name old time/op new time/op delta
IncludeCached-10 13.6ms ± 2% 13.8ms ± 1% ~ (p=0.343 n=4+4)
name old alloc/op new alloc/op delta
IncludeCached-10 5.30MB ± 0% 5.35MB ± 0% +0.96% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
IncludeCached-10 74.7k ± 0% 75.3k ± 0% +0.77% (p=0.029 n=4+4)
```
Fixes#9519
This commit revises the locking strategy for `partialCached`. We have added a benchmark that may be a little artificial, but it should at least show that we're not losing any performance over this:
```bash
name old time/op new time/op delta
IncludeCached-10 12.2ms ± 2% 11.3ms ± 1% -7.36% (p=0.029 n=4+4)
name old alloc/op new alloc/op delta
IncludeCached-10 7.17MB ± 0% 5.09MB ± 0% -29.00% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
IncludeCached-10 128k ± 1% 70k ± 0% -45.42% (p=0.029 n=4+4)
```
This commit also revises the template metrics hints logic a little, and add a test for it, which output is currently this:
```bash
cumulative average maximum cache percent cached total
duration duration duration potential cached count count template
---------- -------- -------- --------- ------- ------ ----- --------
163.334µs 163.334µs 163.334µs 0 0 0 1 index.html
23.749µs 5.937µs 19.916µs 25 50 2 4 partials/dynamic1.html
9.625µs 4.812µs 6.75µs 100 50 1 2 partials/static1.html
7.625µs 7.625µs 7.625µs 100 0 0 1 partials/static2.html
```
Some notes:
* The duration now includes the cached invocations (which should be very short)
* A cached template gets executed once before it gets cached, so the "percent cached" will never be 100.
Fixes#4086Fixes#9506
We changed the signature to `func(...interface{}) (interface{}, error)` some time ago, but sadly we had no test for this for `apply`. Now we do.
Fixes#9393
This is a security hardening measure; don't trust the URL extension or any `Content-Type`/`Content-Disposition` header on its own, always look at the file content using Go's `http.DetectContentType`.
This commit also adds ttf and otf media type definitions to Hugo.
Fixes#9302Fixes#9301
In Hugo 0.89 we added remote support to `resources.Get`.
In hindsight that was not a great idea, as a poll from many Hugo users showed. See Issue #9285 for more details.
After this commit `resources.Get` only supports local resource lookups. If you want to support both, you need to use a construct similar to:
Also improve some option case handling.
```
{{ resource := "" }}
{{ if (urls.Parse $url).IsAbs }}
{{ $resource = resources.GetRemote $url }}
{{ else }}
{{ $resource = resources.Get $url }}
{{ end }}
```
Fixes#9285Fixes#9296
Partials with returns values are parsed, then inserted into a
partial return wrapper via wrapInPartialReturnWrapper in order
to assign the return value via *contextWrapper.Set. The
predefined wrapper template for partials inserts a partial's nodes
into a "with" template action in order to set dot to a
*contextWrapper within the partial. However, because "with" is
skipped if its argument is falsy, partials with falsy arguments
were not being evaluated.
This replaces the "with" action in the partial wrapper with a
"range" action that isn't skipped if .Arg is falsy.
Fixes#7528
This ommmit contains some security hardening measures for the Hugo build runtime.
There are some rarely used features in Hugo that would be good to have disabled by default. One example would be the "external helpers".
For `asciidoctor` and some others we use Go's `os/exec` package to start a new process.
These are a predefined set of binary names, all loaded from `PATH` and with a predefined set of arguments. Still, if you don't use `asciidoctor` in your project, you might as well have it turned off.
You can configure your own in the new `security` configuration section, but the defaults are configured to create a minimal amount of site breakage. And if that do happen, you will get clear instructions in the loa about what to do.
The default configuration is listed below. Note that almost all of these options are regular expression _whitelists_ (a string or a slice); the value `none` will block all.
```toml
[security]
enableInlineShortcodes = false
[security.exec]
allow = ['^dart-sass-embedded$', '^go$', '^npx$', '^postcss$']
osEnv = ['(?i)^(PATH|PATHEXT|APPDATA|TMP|TEMP|TERM)$']
[security.funcs]
getenv = ['^HUGO_']
[security.http]
methods = ['(?i)GET|POST']
urls = ['.*']
```
In Hugo 0.90.0 we introduced remote support in `resources.Get`.
But with remote resources comes with a higher chance of failing a build (network issues, remote server down etc.).
Before this commit we always failed the build on any unexpected error.
This commit allows the user to check for any error (and potentially fall back to a default local resource):
```htmlbars
{{ $result := resources.Get "https://gohugo.io/img/hugo-logo.png" }}
{{ with $result }}
{{ if .Err }}
{{/* log the error, insert a default image etc. *}}
{{ else }}
<img src="{{ .RelPermalink }}" width="{{ .Width }}" height="{{ .Height }}" alt="">
{{ end }}
{{ end }}
```
Note that the default behaviour is still to fail the build, but we will delay that error until you start using the `Resource`.
Fixes#9529
The existing endpoint will be retired and removed on November 23, 2021.
References:
- https://twittercommunity.com/t/consolidating-the-oembed-functionality/154690
- https://developer.twitter.com/en/docs/twitter-for-websites/oembed-api#Embedded
This is a backward compatible change.
The existing endpoint requires a single parameter: the id of the tweet.
The new endpoint requires two parameters: the id of the tweet, and the
user with whom it is associated. For the moment, if you supply the wrong
user, the request will be redirected (with a small delay) to the correct
user/id pair. This behavior is undocumented, but we will take advantage
of it as Hugo site authors transition to the new syntax.
{{< tweet 1453110110599868418 >}} --> works, throws warning, deprecate at some point
{{< tweet user="SanDiegoZoo" id="1453110110599868418" >}} --> new syntax
Fixes#8130
The documentation of the FormatAccounting and FormatCurrency
functions could be clearer in terms of how the precision param
works. This commit makes it more explicit that adding a precision
of < 2 will not format the return values to include fewer decimals.
Resolves#8858
We have been using `go-toml` for language files only. This commit makes it the only TOML library.
It's spec compliant and very fast.
A benchark building a site with 200 pages with TOML front matter:
```bash
name old time/op new time/op delta
SiteNew/Regular_TOML_front_matter-16 48.5ms ± 1% 47.1ms ± 1% -2.85% (p=0.029 n=4+4)
name old alloc/op new alloc/op delta
SiteNew/Regular_TOML_front_matter-16 16.9MB ± 0% 16.7MB ± 0% -1.56% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
SiteNew/Regular_TOML_front_matter-16 302k ± 0% 296k ± 0% -2.20% (p=0.029 n=4+4)
```
Note that the front matter unmarshaling is only a small part of building a site, so the above is very good.
Fixes#8801
This commit started out investigating a `concurrent map read write` issue, ending by replacing the map with a struct.
This is easier to reason about, and it's more effective:
```
name old time/op new time/op delta
SiteNew/Regular_Deep_content_tree-16 71.5ms ± 3% 69.4ms ± 5% ~ (p=0.200 n=4+4)
name old alloc/op new alloc/op delta
SiteNew/Regular_Deep_content_tree-16 29.7MB ± 0% 27.9MB ± 0% -5.82% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
SiteNew/Regular_Deep_content_tree-16 313k ± 0% 303k ± 0% -3.35% (p=0.029 n=4+4)
```
See #8749
The main motivation behind this is simplicity and correctnes, but the new small config library is also faster:
```
BenchmarkDefaultConfigProvider/Viper-16 252418 4546 ns/op 2720 B/op 30 allocs/op
BenchmarkDefaultConfigProvider/Custom-16 450756 2651 ns/op 1008 B/op 6 allocs/op
```
Fixes#8633Fixes#8618Fixes#8630
Updates #8591Closes#6680Closes#5192
Querify can now take a lone string/interface slice (with string
keys) as a parameter, or multiple string parameters, to build
URL queries.
Querify earlier used 'Dictionary' to add key/value pairs to a
map to build URL queries. Changed to dynamically generate ordered
key/value pairs. Cannot take string slice as key (earlier
possible due to Dictionary).
Added tests and benchmarks for querify.
Closes#6735
So we can use it and output.Format as map key etc.
This commit also fixes the media.Type implementation so it does not need to mutate itself to handle different suffixes for the same MIME type, e.g. jpg vs. jpeg.
This means that there are no Suffix or FullSuffix on media.Type anymore.
Fixes#8317Fixes#8324
* Fix: updated date logic in opengraph template
* Updated date logic in schema template
* Reformatted opengraph and schema
* Wrapped PublishDate and Lastmod in with
When tracking for cache hints, track the same template name as the call
to MeasureSince in Execute. When referencing a partial "foo", the value
of `n` does not match `templ.Name()` (`partials/foo` versus
`partials/foo.html`). This was causing hints to go untracked since
there was no existing metric to append the hint to.
Fixes#8125
Most other substr implementations don't error out in out-of-bounds cases
but simply return an empty string (or a value that's printed as an empty
string). We'll follow their lead and not exit template execution. Allow
the user decide what to do with the empty result.
Fixes#8113
When inside front matter you specified series with spaces,
then the opengraph template wouldn't detect other articles,
because in `.Site.Taxonomies.series` they are stored by
urlized key.
Example:
```yaml
# in front matter
series:
- My Series
```
```gohtml
{{/* in a template */}}
{{- $series := index .Site.Taxonomies.series$name }}
{{/* was resolved to */}}
{{- $series := index {'my-series': ...} "MySeries" }}
```
This change is mostly motivated to get a more stable CI build (we're building the Hugo site there, with Instagram and Twitter shortcodes sometimes failing).
Fixes#7866
Added a Vimeo EnableDNT privacy option to the Hugo config. This will enable the Vimeo 'Do Not Track' flag when either Vimeo shortcode tempalte options are used. When enabled, it will force the Vimeo player to be blocked from tracking any session data, including all cookies and stats.
Fixes#7700
* Fix change detection when .GetPage/site.GetPage is used from shortcode
* Fix stale content for GetPage results with short name lookups on server reloads
Fixes#7623Fixes#7624Fixes#7625
The rss templates had some tab characters mixed in with the spaces.
Additionally there would end up being trailing whitespace in output
rss feeds, which looks red in git diff.
.Lastmod is the time at which the website was most recently updated,
rather than .Date which is the time at which the website content file
was created.
Add a new pipe called TranspileJS which uses the Babel cli. This makes it possible for users to write ES6 JavaScript code and transpile it to ES5 during website generation so that the code still works with older browser versions.
Fixes#5764
This means that any HTML file inside /content will be treated as a regular file.
If you want it processes with shortcodes and a layout, add front matter.
The defintion of an HTML file here is:
* File with extension .htm or .html
* With first non-whitespace character "<" that isn't a HTML comment.
This is in line with the documentation.
Fixes#7030Fixes#7028
See #6789
This more or less completes the simplification of the template handling code in Hugo started in v0.62.
The main motivation was to fix a long lasting issue about a crash in HTML content files without front matter.
But this commit also comes with a big functional improvement.
As we now have moved the base template evaluation to the build stage we now use the same lookup rules for `baseof` as for `list` etc. type of templates.
This means that in this simple example you can have a `baseof` template for the `blog` section without having to duplicate the others:
```
layouts
├── _default
│ ├── baseof.html
│ ├── list.html
│ └── single.html
└── blog
└── baseof.html
```
Also, when simplifying code, you often get rid of some double work, as shown in the "site building" benchmarks below.
These benchmarks looks suspiciously good, but I have repeated the below with ca. the same result. Compared to master:
```
name old time/op new time/op delta
SiteNew/Bundle_with_image-16 13.1ms ± 1% 10.5ms ± 1% -19.34% (p=0.029 n=4+4)
SiteNew/Bundle_with_JSON_file-16 13.0ms ± 0% 10.7ms ± 1% -18.05% (p=0.029 n=4+4)
SiteNew/Tags_and_categories-16 46.4ms ± 2% 43.1ms ± 1% -7.15% (p=0.029 n=4+4)
SiteNew/Canonify_URLs-16 52.2ms ± 2% 47.8ms ± 1% -8.30% (p=0.029 n=4+4)
SiteNew/Deep_content_tree-16 77.9ms ± 1% 70.9ms ± 1% -9.01% (p=0.029 n=4+4)
SiteNew/Many_HTML_templates-16 43.0ms ± 0% 37.2ms ± 1% -13.54% (p=0.029 n=4+4)
SiteNew/Page_collections-16 58.2ms ± 1% 52.4ms ± 1% -9.95% (p=0.029 n=4+4)
name old alloc/op new alloc/op delta
SiteNew/Bundle_with_image-16 3.81MB ± 0% 2.22MB ± 0% -41.70% (p=0.029 n=4+4)
SiteNew/Bundle_with_JSON_file-16 3.60MB ± 0% 2.01MB ± 0% -44.20% (p=0.029 n=4+4)
SiteNew/Tags_and_categories-16 19.3MB ± 1% 14.1MB ± 0% -26.91% (p=0.029 n=4+4)
SiteNew/Canonify_URLs-16 70.7MB ± 0% 69.0MB ± 0% -2.40% (p=0.029 n=4+4)
SiteNew/Deep_content_tree-16 37.1MB ± 0% 31.2MB ± 0% -15.94% (p=0.029 n=4+4)
SiteNew/Many_HTML_templates-16 17.6MB ± 0% 10.6MB ± 0% -39.92% (p=0.029 n=4+4)
SiteNew/Page_collections-16 25.9MB ± 0% 21.2MB ± 0% -17.99% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
SiteNew/Bundle_with_image-16 52.3k ± 0% 26.1k ± 0% -50.18% (p=0.029 n=4+4)
SiteNew/Bundle_with_JSON_file-16 52.3k ± 0% 26.1k ± 0% -50.16% (p=0.029 n=4+4)
SiteNew/Tags_and_categories-16 336k ± 1% 269k ± 0% -19.90% (p=0.029 n=4+4)
SiteNew/Canonify_URLs-16 422k ± 0% 395k ± 0% -6.43% (p=0.029 n=4+4)
SiteNew/Deep_content_tree-16 401k ± 0% 313k ± 0% -21.79% (p=0.029 n=4+4)
SiteNew/Many_HTML_templates-16 247k ± 0% 143k ± 0% -42.17% (p=0.029 n=4+4)
SiteNew/Page_collections-16 282k ± 0% 207k ± 0% -26.55% (p=0.029 n=4+4)
```
Fixes#6716Fixes#6760Fixes#6768Fixes#6778
You can turn off this behaviour:
```toml
[markup]
[markup.goldmark]
[markup.goldmark.parser]
autoHeadingIDAsciiOnly = true
```
Note that the `anchorize` now adapts its behaviour depending on the default Markdown handler.
Fixes#6616
This commit also
* revises the change detection for templates used by content files in server mode.
* Adds a Page.RenderString method
Fixes#6545Fixes#4663Closes#6043
This is a big commit, but it deletes lots of code and simplifies a lot.
* Resolving the template funcs at execution time means we don't have to create template clones per site
* Having a custom map resolver means that we can remove the AST lower case transformation for the special lower case Params map
Not only is the above easier to reason about, it's also faster, especially if you have more than one language, as in the benchmark below:
```
name old time/op new time/op delta
SiteNew/Deep_content_tree-16 53.7ms ± 0% 48.1ms ± 2% -10.38% (p=0.029 n=4+4)
name old alloc/op new alloc/op delta
SiteNew/Deep_content_tree-16 41.0MB ± 0% 36.8MB ± 0% -10.26% (p=0.029 n=4+4)
name old allocs/op new allocs/op delta
SiteNew/Deep_content_tree-16 481k ± 0% 410k ± 0% -14.66% (p=0.029 n=4+4)
```
This should be even better if you also have lots of templates.
Closes#6594
This commit adds the fast and CommonMark compliant Goldmark as the new default markdown handler in Hugo.
If you want to continue using BlackFriday as the default for md/markdown extensions, you can use this configuration:
```toml
[markup]
defaultMarkdownHandler="blackfriday"
```
Fixes#5963Fixes#1778Fixes#6355
This commmit prepares for the addition of Goldmark as the new Markdown renderer in Hugo.
This introduces a new `markup` package with some common interfaces and each implementation in its own package.
See #5963
Add an optional "title" attribute to the iframe in the vimeo shortcode. If one is not given, the title attribute will default to "vimeo video". It is imperative for iframes to have a non-empty "title" attribute in order to meet WCAG2.0 accessibility guidelines https://www.w3.org/TR/WCAG20-TECHS/H64.
Modified the messages functions after, first, and last threw on being passed invalid parameters (index or limit) to be more standardised and resemble what Go compiler would throw.
Fixes#6415
Modified the if conditional because of which last threw an error if 0 was passed as limit. The function now returns an empty slice if it is called with 0 as limit. The behavior of first and last is now the same when 0 is passed as limit. Also added tests to test the new behavior.
Fixes#6419
Modified the if conditional because of which after threw an error if called with 0 as index. The function now returns the whole original slice if 0 is passed as an index. Also added tests to test the new behavior.
Fixes#6388
To add support for new emojis in Hugo, we need to upgrade our internal
dependency on the emoji package.
Note that we also need to update our tests, as the underlying emoji that
is rendered has changed.
Follow-up to #6391. (170f18d935 and
2df5d202c6)
This means that you now can do:
{{< vidur 9KvBeKu false true 32 3.14 >}}
And the boolean and numeric values will be converted to `bool`, `int` and `float64`.
If you want these to be strings, they must be quoted:
{{< vidur 9KvBeKu "false" "true" "32" "3.14" >}}
Fixes#6371
This commit pulls most of the image related logic into its own package, to make it easier to reason about and extend.
This is also a rewrite of the transformation logic used in Hugo Pipes, mostly to allow constructs like the one below:
{{ ($myimg | fingerprint ).Width }}
Fixes#5903Fixes#6234Fixes#6266
This is preparation for #6041.
For historic reasons, the code for bulding the section tree and the taxonomies were very much separate.
This works, but makes it hard to extend, maintain, and possibly not so fast as it could be.
This simplification also introduces 3 slightly breaking changes, which I suspect most people will be pleased about. See referenced issues:
This commit also switches the radix tree dependency to a mutable implementation: github.com/armon/go-radix.
Fixes#6154Fixes#6153Fixes#6152
This is in line with how it behaved before, but it was lifted a little for the project mount for Hugo Modules,
but that could create hard-to-detect loops.
This commit implements Hugo Modules.
This is a broad subject, but some keywords include:
* A new `module` configuration section where you can import almost anything. You can configure both your own file mounts nd the file mounts of the modules you import. This is the new recommended way of configuring what you earlier put in `configDir`, `staticDir` etc. And it also allows you to mount folders in non-Hugo-projects, e.g. the `SCSS` folder in the Bootstrap GitHub project.
* A module consists of a set of mounts to the standard 7 component types in Hugo: `static`, `content`, `layouts`, `data`, `assets`, `i18n`, and `archetypes`. Yes, Theme Components can now include content, which should be very useful, especially in bigger multilingual projects.
* Modules not in your local file cache will be downloaded automatically and even "hot replaced" while the server is running.
* Hugo Modules supports and encourages semver versioned modules, and uses the minimal version selection algorithm to resolve versions.
* A new set of CLI commands are provided to manage all of this: `hugo mod init`, `hugo mod get`, `hugo mod graph`, `hugo mod tidy`, and `hugo mod vendor`.
All of the above is backed by Go Modules.
Fixes#5973Fixes#5996Fixes#6010Fixes#5911Fixes#5940Fixes#6074Fixes#6082Fixes#6092
When using a html link checker with Hugo, this template consistently causes errors, as it renders `href=""` attributes when next/previous is disabled.
This change makes it so that the `href` attribute is not rendered at all if `HasNext` is false - which is better semantically, and makes link checking far easier.
Hugo `0.55.0` introduced some new interface types for `Page` etc.
This worked great in general, but there were cases where this would fail in `where` and `sort`.
One such example would be sorting by `MenuItem.Page.Date` where `Page` on `MenuItem` was a small subset of the bigger `page.Page` interface.
This commit fixes that by unwrapping such interface values.
Fixes#5989
The `safeHTMLAttr` function operates on a full attribute definition, not
just within the attribute value.
Docs: https://gohugo.io/functions/safehtmlattr/
For `opengraph.html`, run the whole `content` HTML attribute through
`safeHTMLAttr`. That will preserve `+` signs in formatted dates.
For `vimeo_simple.html`, `safeHTMLAttr` was in the context of an
attribute value, thus having no effect. In this case we could replace it
with `safeURL`, but since the code is coming from an API it is safer to
just let Go's template engine sanitize the value as it already does with
`provider_url`.
Fixes#5236 (no need to change Go upstream)
Related to #5246