diff --git a/CHANGELOG.md b/CHANGELOG.md index a7f89e4..dacd16d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,6 +3,15 @@ ### Fixed - wordpress.org tabbed theme now detects FAQ content even when the section is titled "Frequently Asked Questions" or appears out of the typical order. Sections are scanned globally and mapped to canonical tabs (description, installation, faq, changelog) irrespective of order. +## [0.1.8] - 2025-10-21 +### Fixed +- Auto-fix single-line fenced code now safely escapes backslashes before backticks preventing malformed inline code when content contains `\` and `` ` `` characters. +- Validator emphasis balancing logic now uses a robust regex escape preventing false positives on tokens with special regex metacharacters. +### Changed +- README cleaned: removed outdated 0.1.5 update banner to keep intro concise. +### Security +- Addresses code scanning warning related to incomplete string escaping for inline code conversion and emphasis token detection. + All notable changes to this project will be documented in this file. @@ -76,6 +85,7 @@ The format is based on Keep a Changelog (https://keepachangelog.com/en/1.0.0/) a [0.1.6]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.5...v0.1.6 [0.1.7]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.6...v0.1.7 +[0.1.8]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.7...v0.1.8 [0.1.4]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.3...v0.1.4 [0.1.5]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.4...v0.1.5 [0.1.3]: https://github.com/soderlind/wordpress-readme-preview/compare/v0.1.1...v0.1.3 diff --git a/package-lock.json b/package-lock.json index 1dd9578..7ba6b77 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "wordpress-readme-preview", - "version": "0.1.4", + "version": "0.1.7", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "wordpress-readme-preview", - "version": "0.1.4", + "version": "0.1.7", "license": "GPL-2.0-or-later", "dependencies": { "marked": "^4.2.5" diff --git a/package.json b/package.json index 8d4bafa..9ee7464 100644 --- a/package.json +++ b/package.json @@ -2,7 +2,7 @@ "name": "wordpress-readme-preview", "displayName": "WordPress Readme", "description": "Preview, validate, and edit WordPress readme.txt files with syntax highlighting, IntelliSense, and accurate rendering", - "version": "0.1.7", + "version": "0.1.8", "publisher": "persoderlind", "engines": { "vscode": "^1.74.0" diff --git a/src/autoFix.ts b/src/autoFix.ts index 80f2c2e..7b64176 100644 --- a/src/autoFix.ts +++ b/src/autoFix.ts @@ -74,7 +74,9 @@ export function autoFixReadme(raw: string, options?: { multiLineStyle?: 'indente } else if (block.length === 1) { // single line -> inline code const content = block[0].trim(); - const inline = '`' + content.replace(/`/g, '\\`') + '`'; + // Escape backslashes, then backticks + const escapedContent = content.replace(/\\/g, '\\\\').replace(/`/g, '\\`'); + const inline = '`' + escapedContent + '`'; output.push(inline); changes.push(`Converted single-line fenced block at line ${startIndex + 1} to inline code`); } else { diff --git a/src/parser/validator.ts b/src/parser/validator.ts index 765e501..82ebf14 100644 --- a/src/parser/validator.ts +++ b/src/parser/validator.ts @@ -461,7 +461,10 @@ export class ReadmeValidator { }); // 3. Unmatched emphasis markers (simple heuristic) - const countMatches = (text: string, token: string) => (text.match(new RegExp(token.replace(/([*~`])/g,'\\$1'),'g')) || []).length; + function escapeRegExp(s: string): string { + return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'); + } + const countMatches = (text: string, token: string) => (text.match(new RegExp(escapeRegExp(token),'g')) || []).length; const totalDoubleAsterisk = countMatches(readme.rawContent, '**'); if (totalDoubleAsterisk % 2 === 1) { warnings.push({