search

turkdevops / flight-manual.atom.io

📖 Documentation for Atom, generated by nanoc, hosted by GitHub Pages
https://flight-manual.atom.io
Other
1 stars 0 forks source link

build(deps): bump asciidoctor from 1.5.7.1 to 1.5.8 #172

Open dependabot[bot] opened 1 year ago

dependabot[bot] commented 1 year ago

Bumps asciidoctor from 1.5.7.1 to 1.5.8.

Release notes

Sourced from asciidoctor's releases.

v1.5.8

Summary

This release was made possible by support from our Change Maker sponsor, Okta.

According to the release notes for 1.5.7, there wasn't supposed be another releases in the 1.5.x line. However, due to scheduling conflicts, the 2.0.0 release got pushed back. So this semi-major release was cut to get us back on track.

This release consists of over 50 enhancements and fixes that accumulated in the meantime, as well as a response to a CVE and several updates needed for Asciidoctor.js. Although unintentional, this release also includes a 10% boost in performance.

A huge thanks to @​zelivans for throwing curveballs at the processor and uncovering numerous hard-to-catch bugs, including one which became CVE-2018-18385. Fixes for all those issues have been included in this release.

The most significant change in this release is that unordered and ordered lists can be nested to any depth. Also related to lists, it's now possible to specify auto-numbered callout numbers using <.>. And guard comments in front of callouts are preserved if font-based icons are not enabled. You can now set a starting line number for numbered source blocks when using Pygments or CodeRay for source highlighting in HTML or when converting to DocBook. Attribute references in the target of a custom block macro or the attrlist of an include directive are now replaced automatically. If the part-signifier and/or chapter-signifier attributes are set, the values of these attributes are prepended to the part and chapter title, respectively.

If you're using the API, there are several nice enhancements as well. It's now possible to short-circuit the AbstractBlock#find_by method once a match is found or you want to abort the search. The authors of the document can be retrieved neatly as an array. The imagesdir that was set at the location of an image is now recorded on the image node as well as in the catalog.

Thanks to @​jwehmschulte for translating the README into German, to @​mogztter for syncing the French translation, @​jonasbjork for adding Swedish translations for the built-in attributes, @​BojanStipic for updating the Serbian translations for the built-in attributes, and @​stoeps13 for improving the Windows installation instructions. Also thanks to @​junaruga for replacing the deprecated thread_safe gem integration with concurrent-ruby.

Following this release, the master branch will transition to 2.0.0 and semantic versioning (really, this time). Work will continue on the new documentation site for Asciidoctor that's based on Antora.

Distributions

Asciidoctor is also packaged for Fedora, Debian, Ubuntu, Alpine Linux, OpenSUSE, and Homebrew. Please use the system's package manager to install the package named asciidoctor.

Release meta

Released on: 2018-10-28 Released by: @​mojavelinux Release beer: Trappistes Rochefort 10

Logs: resolved issues | full diff

Credits

This release cycle welcomed in our first Change Maker sponsor, Okta. We want to thank Okta and our other generous sponsors, without whose support Asciidoctor would not be possible. Thank you to all our sponsors for your dedication to improving the state of technical documentation!

Thanks to the following people who contributed to this release:

@​zelivans, @​mogztter, @​graphitefriction, @​jwehmschulte, @​jonasbjork, @​junaruga, @​owenh000, @​BojanStipic, @​aerostitch, @​ds26gte, @​diguage, @​kikijiki, @​ztmr, @​gilgamaze, @​ecki, @​sometimesfood, @​mperktold, @​ilvetz, @​pdmayoSFI, and @​stoeps13.

A very special thanks to all our awesome supporters on BountySource (Salt) and OpenCollective. Their support provided critical funding for the development of this release and the ongoing development of the project.

You can support this project by becoming a sponsor on OpenCollective. For those still contributing via BountySource, we kindly ask that you switch your donations over to OpenCollective because it's a nicer system and better aligns with our values.

Changelog

Enhancements

  • if set, add value of part-signifier and chapter-signifier attributes to part and chapter titles (#2738)

... (truncated)

Changelog

Sourced from asciidoctor's changelog.

== 1.5.8 (2018-10-28) - @​mojavelinux

Enhancements::

  • if set, add value of part-signifier and chapter-signifier attributes to part and chapter titles (#2738)
  • allow position (float) and alignment (align) to be set on video block (#2425)
  • substitute attribute references in attrlist of include directive (#2761)
  • add Document#set_header_attribute method for adding method directly to document header during parsing (#2820)
  • add helper method to extension processor classes to create lists and list items
  • allow ordered and unordered lists to be nested to an arbitrary / unlimited depth (#2854)
  • add prefer DSL method to extension registry and document processor to flag extension as preferred (#2848)
  • allow manname and manpurpose to be set using document attributes; don't look for NAME section in this case (#2810)
  • substitute attribute references in target of custom block macro (honoring attribute-missing setting) (#2839)
  • interpret <.> as an auto-numbered callout in verbatim blocks and callout lists (#2871)
  • require marker for items in callout list to have circumfix brackets (e.g., <1> instead of 1>) (#2871)
  • preserve comment guard in front of callout number in verbatim block if icons is not enabled (#1360)
  • add more conventional styles to quote block when it has the excerpt role (#2092)
  • colspecs can be separated by semi-colon instead of comma (#2798)
  • change AbstractBlock#find_by to respond to StopIteration exception; stop traversal after matching ID (#2900)
  • change AbstractBlock#find_by to honor return values :skip and :skip_children from filter block to skip node and its descendants or just its descendants, respectively (#2067)
  • add API to retrieve authors as array; use API in converters (#1042) (@​mogztter)
  • add support for start attribute on source block to set starting line number when converting to DocBook (#2915)
  • track imagesdir for image on node and in catalog (#2779)
  • allow starting line number to be set using start attribute when highighting source block with Pygments or CodeRay (#1742)
  • add intrinsic attribute named pp that effectively resolves to ++ (#2807)
  • upgrade highlight.js to 9.13.1

Bug Fixes::

  • don't hang on description list item that begins with /// (#2888)
  • don't crash when using AsciiDoc table cell style on column in CSV table (#2817)
  • show friendly error if CSV data for table contains unclosed quote (#2878) (@​zelivans)
  • don't crash when attribute entry continuation is used on last line of file (#2880) (@​zelivans)
  • treat empty/missing value of named block attribute followed by other attributes (e.g., caption=,cols=2*) as empty string
  • AbstractNode#set_option does nothing if option is already set (PR #2778)
  • allow revnumber to be an attribute reference in revision info line (#2785)
  • use ::File.open instead of ::IO.binread in Reader for Asciidoctor.js compatibility
  • add fallback for timezone when setting doctime
  • preserve UNC path that begins with a double backslash (Windows) (#2869)
  • fix formatting of quote block (indentation) in manpage output (#2792)
  • catalog inline anchors in ordered list items (#2812)
  • detect closing tag on last line with no trailing newline (#2830)
  • process !name@ attribute syntax property; follow-up to #642
  • change document extension processor DSL methods to return registered extension instance instead of array of instances
  • use fallback value for manname-title to prevent crash in manpage converter
  • consolidate inner whitespace in prose in manpage output (#2890)
  • only apply subs to node attribute value if enclosed in single quotes (#2905)
  • don't hide URI scheme if target of link macro is a bare URI scheme
  • fix crash when child section of part is out of sequence and section numbering is enabled (#2931)
  • fix crash when restoring passthroughs if passthrough role is enclosed in single quotes (#2882, #2883)

... (truncated)

Commits
  • d7aeb75 Release 1.5.8
  • f7fcb9b cache document attributes in Parser.parse_header_metadata
  • bfa01fa resolves #669 allow authorinitials for single author to be overridden (PR #2943)
  • edf971a resolves #1706 configure nested pre in pre.wrap to inherit [skip ci]
  • c6be3d4 resolves #1639 generate manpage even if input is non-conforming or malformed ...
  • 4f89c4d upgrade linked version of highlight.js to 9.13.1
  • 3d8f480 resolves #2769 report correct line number for inline anchor with id already i...
  • d5b9fb7 resolves #1742 add support for starting line number on source block (PR #2941)
  • 8997c37 resolves #2779 track imagesdir on image node and in catalog (PR #2897)
  • 845322c resolves #2738 use part-signifier and chapter-signifier, if set (PR #2763)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/turkdevops/flight-manual.atom.io/network/alerts).
guardrails[bot] commented 1 year ago

:warning: We detected 1 security issue in this pull request:

Mode: paranoid | Total findings: 1 | Considered vulnerability: 1

Vulnerable Libraries (1)
Severity | Details ----- | -------- Medium | [pkg:gem/asciidoctor@1.5.7.1@1.5.7.1](https://github.com/turkdevops/flight-manual.atom.io/blob/eda3bed18bf45587f7d8d551657dd840bc86ba82/Gemfile.lock#L11) - **no patch available** More info on how to fix Vulnerable Libraries in [Ruby](https://docs.guardrails.io/docs/en/vulnerabilities/ruby/using_vulnerable_libraries.html?utm_source=ghpr#).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information