From 0c4ed0045a2adb611f83054ad29d68f46b0611c5 Mon Sep 17 00:00:00 2001 From: John MacFarlane Date: Sun, 20 Jun 2021 19:25:43 -0700 Subject: Bump to 2.14.0.3, update changelog, require latest skylighting. --- MANUAL.txt | 2 +- changelog.md | 12 ++++++++++++ man/pandoc.1 | 4 ++-- pandoc.cabal | 6 +++--- stack.yaml | 2 ++ 5 files changed, 20 insertions(+), 6 deletions(-) diff --git a/MANUAL.txt b/MANUAL.txt index c5dba29f3..52563a8fa 100644 --- a/MANUAL.txt +++ b/MANUAL.txt @@ -1,7 +1,7 @@ --- title: Pandoc User's Guide author: John MacFarlane -date: June 11, 2021 +date: June 20, 2021 --- # Synopsis diff --git a/changelog.md b/changelog.md index 34615b948..049d1db57 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,17 @@ # Revision history for pandoc +## pandoc 2.14.0.3 (2021-06-20) + + * Text.Pandoc.MediaBag `insertMediaBag`: ensure we get a sane mediaPath + for URLs (#7391). In earlier 2.14.x versions, we'd get + incorrect paths for resources downloaded from URLs when the + media are extracted (including in PDF production). + * Use lts-18.0 stack resolver. + * Require skylighting 0.10.5.2 (adding support for Swift). + * Require commonmark 0.2.1. + * Rephrase section on unsafe HTML in manual. + * Create SECURITY.md + ## pandoc 2.14.0.2 (2021-06-13) * Fix MediaBag regressions (#7345). iIn the 2.14 release `--extract-media` diff --git a/man/pandoc.1 b/man/pandoc.1 index de2133cf2..c77ab93bd 100644 --- a/man/pandoc.1 +++ b/man/pandoc.1 @@ -1,7 +1,7 @@ '\" t .\" Automatically generated by Pandoc 2.14.0.1 .\" -.TH "Pandoc User\[cq]s Guide" "" "June 11, 2021" "pandoc 2.14.0.2" "" +.TH "Pandoc User\[cq]s Guide" "" "June 20, 2021" "pandoc 2.14.0.3" "" .hy .SH NAME pandoc - general markup converter @@ -7708,7 +7708,7 @@ The HTML generated by pandoc is not guaranteed to be safe. If \f[C]raw_html\f[R] is enabled for the Markdown input, users can inject arbitrary HTML. Even if \f[C]raw_html\f[R] is disabled, users can include dangerous -content in attributes for headings, spans, and code blocks. +content in URLs and attributes. To be safe, you should run all the generated HTML through an HTML sanitizer. .SH AUTHORS diff --git a/pandoc.cabal b/pandoc.cabal index 8fa28d426..eb9633bd0 100644 --- a/pandoc.cabal +++ b/pandoc.cabal @@ -1,6 +1,6 @@ cabal-version: 2.2 name: pandoc -version: 2.14.0.2 +version: 2.14.0.3 build-type: Simple license: GPL-2.0-or-later license-file: COPYING.md @@ -484,8 +484,8 @@ library random >= 1 && < 1.3, safe >= 0.3.18 && < 0.4, scientific >= 0.3 && < 0.4, - skylighting >= 0.10.5.1 && < 0.10.6, - skylighting-core >= 0.10.5.1 && < 0.10.6, + skylighting >= 0.10.5.2 && < 0.10.6, + skylighting-core >= 0.10.5.2 && < 0.10.6, split >= 0.2 && < 0.3, syb >= 0.1 && < 0.8, tagsoup >= 0.14.6 && < 0.15, diff --git a/stack.yaml b/stack.yaml index 427de892a..80d0707e7 100644 --- a/stack.yaml +++ b/stack.yaml @@ -8,6 +8,8 @@ packages: - '.' extra-deps: - commonmark-0.2.1 +- skylighting-core-0.10.5.2 +- skylighting-0.10.5.2 ghc-options: "$locals": -fhide-source-paths -Wno-missing-home-modules resolver: lts-18.0 -- cgit v1.2.3