Bump jekyll from 3.1.2 to 3.8.7

[dependabot[bot]]

Bumps jekyll from 3.1.2 to 3.8.7.

Release notes

Sourced from jekyll's releases.

v3.8.7

Fixes

• Prevent console warnings with Ruby 2.7 (#7948)

v3.8.6

Bug Fixes

• Update log output for an invalid theme directory (#7734)
• Memoize SiteDrop#documents to reduce allocations (#7722)
• Excerpt handling of custom and intermediate tags (#7467)
• Escape valid special chars in a site's path name (#7573)
• Revert memoizing Site#docs_to_write and refactor #documents (#7689)
• Fix broken include_relative usage in excerpt (#7690)
• Install platform-specific gems as required (3c06609406)

Security Fixes

• Theme gems: ensure directories aren't symlinks (#7424)

v3.8.5

Bug Fixes

• Re-implement handling Liquid blocks in excerpts (#7250)

v3.8.4

Bug Fixes

• security: fix include bypass of EntryFilter#filter symlink check (#7228)

v3.8.3

Bug Fixes

• Fix --unpublished not affecting collection documents (#7027)

v3.8.2

Development Fixes

• Update rubocop version (#7016)

Bug Fixes

• Add whitespace control to LIQUID_TAG_REGEX (#7015)

v3.8.1

Bug Fixes

• Fix rendering Liquid constructs in excerpts (#6945)

... (truncated)

Changelog

Sourced from jekyll's changelog.

3.8.7 / 2020-05-08

Bug Fixes

• Prevent console warnings with Ruby 2.7 (#8125)

4.0.0 / 2019-08-19

Major Enhancements

• Drop ruby 2.3 (#7454)
• Drop support for Ruby 2.1 and 2.2 (#6560)
• Drop support for older versions of Rouge (#6978)
• Drop support for pygments as syntax-highlighter (#7118)
• Drop support for Redcarpet (#6987)
• Drop support for rdiscount (#6988)
• Drop support for jekyll-watch-1.4.0 and older (#7287)
• Incorporate relative_url filter in link tag (#6727)
• Upgrade kramdown dependency to v2.x (#7492)
• Upgrade jekyll-sass-converter to v2.x - Sassc + sourcemaps (#7778)
• Upgrade i18n to v1.x (#6931)
• Add Jekyll::Cache class to handle caching on disk (#7169)
• Cache converted markdown (#7159)
• Cache: Do not dump undumpable objects (#7190)
• Cache matched defaults sets for given parameters (#6888)
• Ignore cache directory (#7184)
• Add Site#in_cache_dir helper method (#7160)
• Remove 'cache_dir' during jekyll clean (#7158)
• Cache parsed Liquid templates in memory (#7136)
• Only read layouts from source_dir or theme_dir (#6788)
• Allow custom sorting of collection documents (#7427)
• Always exclude certain paths from being processed (#7188)
• Remove Jekyll::Utils#strip_heredoc in favor of a Ruby > 2.3 built in (#7584)
• Incorporate relative_url within post_url tag (#7589)
• Remove patch to modify config for kramdown (#7699)

Minor Enhancements

• Enhance --blank scaffolding (#7310)
• Use jekyll-compose if installed (#6932)
• Disable Liquid via front matter (#6824)
• Configure cache_dir (#7232)
• ISO week date drops (#5981)
• Fix custom 404 page for GitHub pages (#7132)
• Load config file from within current theme-gem (#7304)
• Suggest re-running command with --trace on fail (#6551)
• Support for binary operators in where_exp filter (#6998)
• Automatically load _config.toml (#7299)
• Add vendor folder to a newly installed site's .gitignore (#6968)
• Output Jekyll Version while debugging (#7173)

... (truncated)

Commits

• e894f83 Release :gem: 3.8.7
• 51a6575 chore(release): v3.8.7 :gem:
• ce68268 Update history to reflect merge of #8125 [ci skip]
• 9e4b4f2 Backport #7948 for v3.8.x (#8125)
• 7ff9a88 Release :gem: 3.8.6
• 5c4e125 3.8.6: add release note for 3c06609406
• cc5c850 Fix year
• 72d8537 Update release date
• c945c48 Merge pull request #7735 from jekyll/3-8-6-release-notes
• 27e1433 Create 3.8.6 release notes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/18F/content-guide/network/alerts).

[afeld]

Blocked by https://github.com/18F/content-guide/issues/234.

[brentryanjohnson]

@afeld I'm actively working on this in another repo. I plan to port that over to this repo soon and merge, hopefully clearing this issue. Any support you can provide would be welcome.

[brentryanjohnson]

Issue resolved by #245

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.