Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

markup: Allow arbitrary Asciidoc extension in unsafe mode #8131

Merged
merged 1 commit into from Feb 22, 2021
Merged

markup: Allow arbitrary Asciidoc extension in unsafe mode #8131

merged 1 commit into from Feb 22, 2021

Conversation

gzagatti
Copy link
Contributor

This PR implements proposal #7698 which allows for arbitrary Asciidoc extensions in unsafe mode expanding the range of possibilities when using this markup language.

The proposal allows for arbitrary extension when SafeMode option is set to unsafe. Any stricter mode would prevent arbitrary extensions and only those listed in the configuration would be allowed.

@CLAassistant
Copy link

CLAassistant commented Jan 11, 2021
edited

CLA assistant check
All committers have signed the CLA.

@bep
Copy link
Member

bep commented Jan 11, 2021
edited

How is this PR making untrusted sites safer to build?

@gzagatti gzagatti mentioned this pull request Jan 24, 2021
Closed
@gzagatti
Fixes gohugoio#7698.
d7bc1a7 
markup: Allow installed arbitrary Asciidoc extension via path validation.
@bep bep requested a review from moorereason February 22, 2021 11:36
@bep
Copy link
Member

bep commented Feb 22, 2021

Looks good to me, agree, @moorereason ?

moorereason
moorereason approved these changes Feb 22, 2021
View reviewed changes
Copy link
Contributor

@moorereason moorereason left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@bep bep merged commit 01dd7c1 into gohugoio:master Feb 22, 2021
freebsd-git pushed a commit to freebsd/freebsd-doc that referenced this pull request Mar 31, 2021
@sergio-carlavilla
Allow building the documentation and the website with upstream hugo
284030c 
When we build our documentation and website we use a hacked version
of www/gohugo that allows for arbitrary asciidoc extensions.
This was added as a patch in r562416.

The suggested pull request[1] this patch was based on was not
accepted "as is" and only allows the execution of extensions in
Ruby's $LOAD_PATH.

With these changes, we add our <docroot>shared/lib directory to
Ruby's library directory so we can load our custom extensions. This
also allows building the docs and website outsite FreeBSD using
upstream and unmodified tools.

Tested with the upcoming vanilla gohugo-0.82 provided by
gohugo's maintainer.

[1] gohugoio/hugo#8131

Patch by:               fernape@
Differential Revision:  https://reviews.freebsd.org/D29410
@github-actions
Copy link

This pull request has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@moorereason moorereason moorereason approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@gzagatti @CLAassistant @bep @moorereason