Google Git
Sign in
dart / markdown.git / refs/heads/master
commit7463999481212e8708b7ab7ff8429b8f552ad30c[log] [tgz]
authordependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Tue May 07 19:23:21 2024 +0000
committerGitHub <noreply@github.com>Tue May 07 19:23:21 2024 +0000
tree275d896e19aeaba2b8613792cfd0245b9444b63c
parenta2313a59b2f5c8ebaa161479e6ee6d0a487c82ef [diff]
Bump actions/checkout from 4.1.4 to 4.1.5 in the github-actions group (#610)

Bumps the github-actions group with 1 update: [actions/checkout](https://github.com/actions/checkout).

Updates `actions/checkout` from 4.1.4 to 4.1.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/actions/checkout/commit/44c2b7a8a4ea60a981eaca3cf939b5f4305c123b"><code>44c2b7a</code></a> README: Suggest <code>user.email</code> to be `41898282+github-actions[bot]<a href="https://github.com/users"><code>@​users</code></a>.norepl...</li>
<li><a href="https://github.com/actions/checkout/commit/8459bc0c7e3759cdf591f513d9f141a95fef0a8f"><code>8459bc0</code></a> Bump actions/upload-artifact from 2 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1695">#1695</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/3f603f6d5e9f40714f97b2f017aa0df2a443192a"><code>3f603f6</code></a> Bump actions/setup-node from 1 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1696">#1696</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/fd084cde189b7b76ec305d52e27be545a0172823"><code>fd084cd</code></a> Bump github/codeql-action from 2 to 3 (<a href="https://redirect.github.com/actions/checkout/issues/1694">#1694</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/9c1e94e0ad997d618b6113a2171b055037589028"><code>9c1e94e</code></a> Update NPM dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1703">#1703</a>)</li>
<li>See full diff in <a href="https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.4&new-version=4.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions

</details>
3 files changed
tree: 275d896e19aeaba2b8613792cfd0245b9444b63c
  1. .github/
  2. benchmark/
  3. bin/
  4. example/
  5. lib/
  6. test/
  7. tool/
  8. .gitignore
  9. analysis_options.yaml
  10. AUTHORS
  11. CHANGELOG.md
  12. dart_test.yaml
  13. LICENSE
  14. peanut.yaml
  15. pubspec.yaml
  16. README.md
README.md

Build Status Pub package publisher Coverage Status

A portable Markdown library written in Dart. It can parse Markdown into HTML on both the client and server.

Play with it at dart-lang.github.io/markdown.

Usage

import 'package:markdown/markdown.dart';

void main() {
  print(markdownToHtml('Hello *Markdown*'));
  //=> <p>Hello <em>Markdown</em></p>
}

Syntax extensions

A few Markdown extensions, beyond what was specified in the original Perl Markdown implementation, are supported. By default, the ones supported in CommonMark are enabled. Any individual extension can be enabled by specifying an Array of extension syntaxes in the blockSyntaxes or inlineSyntaxes argument of markdownToHtml.

The currently supported inline extension syntaxes are:

  • InlineHtmlSyntax() - approximately CommonMark's definition of “Raw HTML”.

The currently supported block extension syntaxes are:

  • const FencedCodeBlockSyntax() - Code blocks familiar to Pandoc and PHP Markdown Extra users.
  • const HeaderWithIdSyntax() - ATX-style headers have generated IDs, for link anchors (akin to Pandoc's auto_identifiers).
  • const SetextHeaderWithIdSyntax() - Setext-style headers have generated IDs for link anchors (akin to Pandoc's auto_identifiers).
  • const TableSyntax() - Table syntax familiar to GitHub, PHP Markdown Extra, and Pandoc users.

For example:

import 'package:markdown/markdown.dart';

void main() {
  print(markdownToHtml('Hello <span class="green">Markdown</span>',
      inlineSyntaxes: [InlineHtmlSyntax()]));
  //=> <p>Hello <span class="green">Markdown</span></p>
}

Extension sets

To make extension management easy, you can also just specify an extension set. Both markdownToHtml() and Document() accept an extensionSet named parameter. Currently, there are four pre-defined extension sets:

  • ExtensionSet.none includes no extensions. With no extensions, Markdown documents will be parsed with a default set of block and inline syntax parsers that closely match how the document might be parsed by the original Perl Markdown implementation.

  • ExtensionSet.commonMark includes two extensions in addition to the default parsers to bring the parsed output closer to the CommonMark specification:

    • Block Syntax Parser

      • const FencedCodeBlockSyntax()

    • Inline Syntax Parser

      • InlineHtmlSyntax()

  • ExtensionSet.gitHubFlavored includes five extensions in addition to the default parsers to bring the parsed output close to the GitHub Flavored Markdown specification:

    • Block Syntax Parser

      • const FencedCodeBlockSyntax()
      • const TableSyntax()

    • Inline Syntax Parser

      • InlineHtmlSyntax()
      • StrikethroughSyntax()
      • AutolinkExtensionSyntax()

  • ExtensionSet.gitHubWeb includes eight extensions. The same set of parsers use in the gitHubFlavored extension set with the addition of the block syntax parsers, HeaderWithIdSyntax and SetextHeaderWithIdSyntax, which add id attributes to headers and inline syntax parser, EmojiSyntax, for parsing GitHub style emoji characters:

    • Block Syntax Parser

      • const FencedCodeBlockSyntax()
      • const HeaderWithIdSyntax(), which adds id attributes to ATX-style headers, for easy intra-document linking.
      • const SetextHeaderWithIdSyntax(), which adds id attributes to Setext-style headers, for easy intra-document linking.
      • const TableSyntax()

    • Inline Syntax Parser

      • InlineHtmlSyntax()
      • StrikethroughSyntax()
      • EmojiSyntax()
      • AutolinkExtensionSyntax()

Custom syntax extensions

You can create and use your own syntaxes.

import 'package:markdown/markdown.dart';

void main() {
  var syntaxes = [TextSyntax('nyan', sub: '~=[,,_,,]:3')];
  print(markdownToHtml('nyan', inlineSyntaxes: syntaxes));
  //=> <p>~=[,,_,,]:3</p>
}

HTML sanitization

This package offers no features in the way of HTML sanitization. Read Estevão Soares dos Santos's great article, “Markdown's XSS Vulnerability (and how to mitigate it)”, to learn more.

The authors recommend that you perform any necessary sanitization on the resulting HTML, for example via dart:html's NodeValidator.

CommonMark compliance

This package contains a number of files in the tool directory for tracking compliance with CommonMark.

Updating CommonMark stats when changing the implementation

  1. Update the library and test code, making sure that tests still pass.
  2. Run dart run tool/stats.dart --update-files to update the per-test results tool/common_mark_stats.json and the test summary tool/common_mark_stats.txt.
  3. Verify that more tests now pass – or at least, no more tests fail.
  4. Make sure you include the updated stats files in your commit.

Updating the CommonMark test file for a spec update

  1. Check out the CommonMark source. Make sure you checkout a major release.

  2. Dump the test output overwriting the existing tests file.

    > cd /path/to/common_mark_dir
> python3 test/spec_tests.py --dump-tests > \
  /path/to/markdown.dart/tool/common_mark_tests.json

  3. Update the stats files as described above. Note any changes in the results.

  4. Update any references to the existing spec by search for https://spec.commonmark.org/0.30/ in the repository. (Including this one.) Verify the updated links are still valid.

  5. Commit changes, including a corresponding note in CHANGELOG.md.