markdown-it - npm Package Compare versions

Comparing version 12.0.2 to 12.0.3

CHANGELOG.md

@@ -9,2 +9,13 @@ # Changelog
 
+## [12.0.3] - 2020-12-07
+### Fixed
+- `[](<foo<bar>)` is no longer a valid link.
+- `[](url (xxx())` is no longer a valid link.
+- `[](url\ xxx)` is no longer a valid link.
+- Fix performance issues when parsing links (#732, #734), backticks, (#733, #736),
+  emphases (#735), and autolinks (#737).
+- Allow newline in `<? ... ?>` in an inline context.
+- Allow `<meta>` html tag to appear in an inline context.
+
+
 ## [12.0.2] - 2020-10-23
@@ -538,2 +549,3 @@ ### Fixed
 
+[12.0.3]: https://github.com/markdown-it/markdown-it/compare/12.0.2...12.0.3
 [12.0.2]: https://github.com/markdown-it/markdown-it/compare/12.0.1...12.0.2
@@ -540,0 +552,0 @@ [12.0.1]: https://github.com/markdown-it/markdown-it/compare/12.0.0...12.0.1

lib/common/html_blocks.js

@@ -50,3 +50,2 @@ // List of valid html blocks names, accorting to commonmark spec
   'menuitem',
-  'meta',
   'nav',
@@ -53,0 +52,0 @@ 'noframes',

lib/common/html_re.js

@@ -19,3 +19,3 @@ // Regexps to match html elements
 var comment     = '<!---->|<!--(?:-?[^>-])(?:-?[^-])*-->';
-var processing  = '<[?].*?[?]>';
+var processing  = '<[?][\\s\\S]*?[?]>';
 var declaration = '<![A-Z]+\\s+[^>]*>';
@@ -22,0 +22,0 @@ var cdata       = '<!\\[CDATA\\[[\\s\\S]*?\\]\\]>';

lib/helpers/parse_link_destination.js

@@ -25,2 +25,3 @@ // Parse link destination
       if (code === 0x0A /* \n */) { return result; }
+      if (code === 0x3C /* < */) { return result; }
       if (code === 0x3E /* > */) {
@@ -56,2 +57,3 @@ result.pos = pos + 1;
     if (code === 0x5C /* \ */ && pos + 1 < max) {
+      if (str.charCodeAt(pos + 1) === 0x20) { break; }
       pos += 2;
@@ -63,2 +65,3 @@ continue;
       level++;
+      if (level > 32) { return result; }
     }
@@ -65,0 +68,0 @@

lib/helpers/parse_link_title.js

@@ -40,2 +40,4 @@ // Parse link title
       return result;
+    } else if (code === 0x28 /* ( */ && marker === 0x29 /* ) */) {
+      return result;
     } else if (code === 0x0A) {
@@ -42,0 +44,0 @@ lines++;

lib/rules_inline/autolink.js

@@ -7,8 +7,8 @@ // Process autolinks '<protocol:...>'
 /*eslint max-len:0*/
-var EMAIL_RE    = /^<([a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*)>/;
-var AUTOLINK_RE = /^<([a-zA-Z][a-zA-Z0-9+.\-]{1,31}):([^<>\x00-\x20]*)>/;
+var EMAIL_RE    = /^([a-zA-Z0-9.!#$%&'*+\/=?^_`{|}~-]+@[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?(?:\.[a-zA-Z0-9](?:[a-zA-Z0-9-]{0,61}[a-zA-Z0-9])?)*)$/;
+var AUTOLINK_RE = /^([a-zA-Z][a-zA-Z0-9+.\-]{1,31}):([^<>\x00-\x20]*)$/;
 
 
 module.exports = function autolink(state, silent) {
-  var tail, linkMatch, emailMatch, url, fullUrl, token,
+  var url, fullUrl, token, ch, start, max,
       pos = state.pos;
@@ -18,10 +18,17 @@
 
-  tail = state.src.slice(pos);
+  start = state.pos;
+  max = state.posMax;
 
-  if (tail.indexOf('>') < 0) { return false; }
+  for (;;) {
+    if (++pos >= max) return false;
 
-  if (AUTOLINK_RE.test(tail)) {
-    linkMatch = tail.match(AUTOLINK_RE);
+    ch = state.src.charCodeAt(pos);
 
-    url = linkMatch[0].slice(1, -1);
+    if (ch === 0x3C /* < */) return false;
+    if (ch === 0x3E /* > */) break;
+  }
+
+  url = state.src.slice(start + 1, pos);
+
+  if (AUTOLINK_RE.test(url)) {
     fullUrl = state.md.normalizeLink(url);
@@ -44,10 +51,7 @@ if (!state.md.validateLink(fullUrl)) { return false; }
 
-    state.pos += linkMatch[0].length;
+    state.pos += url.length + 2;
     return true;
   }
 
-  if (EMAIL_RE.test(tail)) {
-    emailMatch = tail.match(EMAIL_RE);
-
-    url = emailMatch[0].slice(1, -1);
+  if (EMAIL_RE.test(url)) {
     fullUrl = state.md.normalizeLink('mailto:' + url);
@@ -70,3 +74,3 @@ if (!state.md.validateLink(fullUrl)) { return false; }
 
-    state.pos += emailMatch[0].length;
+    state.pos += url.length + 2;
     return true;
@@ -73,0 +77,0 @@ }

lib/rules_inline/backticks.js

@@ -5,4 +5,5 @@ // Parse backticks
 
+
 module.exports = function backtick(state, silent) {
-  var start, max, marker, matchStart, matchEnd, token,
+  var start, max, marker, token, matchStart, matchEnd, openerLength, closerLength,
       pos = state.pos,
@@ -17,16 +18,29 @@ ch = state.src.charCodeAt(pos);
 
+  // scan marker length
   while (pos < max && state.src.charCodeAt(pos) === 0x60/* ` */) { pos++; }
 
   marker = state.src.slice(start, pos);
+  openerLength = marker.length;
 
+  if (state.backticksScanned && (state.backticks[openerLength] || 0) <= start) {
+    if (!silent) state.pending += marker;
+    state.pos += openerLength;
+    return true;
+  }
+
   matchStart = matchEnd = pos;
 
+  // Nothing found in the cache, scan until the end of the line (or until marker is found)
   while ((matchStart = state.src.indexOf('`', matchEnd)) !== -1) {
     matchEnd = matchStart + 1;
 
+    // scan marker length
     while (matchEnd < max && state.src.charCodeAt(matchEnd) === 0x60/* ` */) { matchEnd++; }
 
-    if (matchEnd - matchStart === marker.length) {
+    closerLength = matchEnd - matchStart;
+
+    if (closerLength === openerLength) {
+      // Found matching closer length.
       if (!silent) {
-        token         = state.push('code_inline', 'code', 0);
+        token     = state.push('code_inline', 'code', 0);
         token.markup  = marker;
@@ -40,7 +54,13 @@ token.content = state.src.slice(pos, matchStart)
     }
+
+    // Some different length found, put it in cache as upper limit of where closer can be found
+    state.backticks[closerLength] = matchStart;
   }
 
-  if (!silent) { state.pending += marker; }
-  state.pos += marker.length;
+  // Scanned through the end, didn't find anything
+  state.backticksScanned = true;
+
+  if (!silent) state.pending += marker;
+  state.pos += openerLength;
   return true;
 };

lib/rules_inline/balance_pairs.js

@@ -30,5 +30,5 @@ // For each opening emphasis-like marker find a matching closing one
     minOpenerIdx = openersBottom[closer.marker][closer.length % 3];
-    newMinOpenerIdx = -1;
 
     openerIdx = closerIdx - closer.jump - 1;
+    newMinOpenerIdx = openerIdx;
 
@@ -40,4 +40,2 @@ for (; openerIdx > minOpenerIdx; openerIdx -= opener.jump + 1) {
 
-      if (newMinOpenerIdx === -1) newMinOpenerIdx = openerIdx;
-
       if (opener.open && opener.end < 0) {
@@ -44,0 +42,0 @@

lib/rules_inline/link.js

@@ -18,5 +18,5 @@ // Process [link](<to> "stuff")
       ref,
-      title,
       token,
       href = '',
+      title = '',
       oldPos = state.pos,
@@ -64,21 +64,6 @@ max = state.posMax,
       }
-    }
 
-    // [link](  <href>  "title"  )
-    //                ^^ skipping these spaces
-    start = pos;
-    for (; pos < max; pos++) {
-      code = state.src.charCodeAt(pos);
-      if (!isSpace(code) && code !== 0x0A) { break; }
-    }
-
-    // [link](  <href>  "title"  )
-    //                  ^^^^^^^ parsing link title
-    res = state.md.helpers.parseLinkTitle(state.src, pos, state.posMax);
-    if (pos < max && start !== pos && res.ok) {
-      title = res.str;
-      pos = res.pos;
-
       // [link](  <href>  "title"  )
-      //                         ^^ skipping these spaces
+      //                ^^ skipping these spaces
+      start = pos;
       for (; pos < max; pos++) {
@@ -88,4 +73,17 @@ code = state.src.charCodeAt(pos);
       }
-    } else {
-      title = '';
+
+      // [link](  <href>  "title"  )
+      //                  ^^^^^^^ parsing link title
+      res = state.md.helpers.parseLinkTitle(state.src, pos, state.posMax);
+      if (pos < max && start !== pos && res.ok) {
+        title = res.str;
+        pos = res.pos;
+
+        // [link](  <href>  "title"  )
+        //                         ^^ skipping these spaces
+        for (; pos < max; pos++) {
+          code = state.src.charCodeAt(pos);
+          if (!isSpace(code) && code !== 0x0A) { break; }
+        }
+      }
     }
@@ -92,0 +90,0 @@

lib/rules_inline/state_inline.js

@@ -34,2 +34,6 @@ // Inline parser state
   this._prev_delimiters = [];
+
+  // backtick length => last seen position
+  this.backticks = {};
+  this.backticksScanned = false;
 }
@@ -36,0 +40,0 @@

package.json

 {
   "name": "markdown-it",
-  "version": "12.0.2",
+  "version": "12.0.3",
   "description": "Markdown-it - modern pluggable markdown parser.",
@@ -22,3 +22,3 @@ "keywords": [
     "coverage": "npm run test && nyc report --reporter html",
-    "report-coveralls": "nyc report --reporter=text-lcov | coveralls",
+    "report-coveralls": "nyc --reporter=lcov mocha",
     "doc": "node support/build_doc.js",
@@ -42,3 +42,3 @@ "gh-doc": "npm run doc && gh-pages -d apidoc -f",
     "argparse": "^2.0.1",
-    "entities": "~2.0.0",
+    "entities": "~2.1.0",
     "linkify-it": "^3.0.1",
@@ -49,5 +49,5 @@ "mdurl": "^1.0.1",
   "devDependencies": {
-    "@rollup/plugin-commonjs": "^15.1.0",
+    "@rollup/plugin-commonjs": "^16.0.0",
     "@rollup/plugin-json": "^4.1.0",
-    "@rollup/plugin-node-resolve": "^9.0.0",
+    "@rollup/plugin-node-resolve": "^10.0.0",
     "ansi": "^0.3.0",
@@ -62,6 +62,7 @@ "autoprefixer-stylus": "^1.0.0",
     "highlight.js": "^10.0.3",
+    "jest-worker": "^26.6.2",
     "markdown-it-abbr": "^1.0.4",
     "markdown-it-container": "^3.0.0",
     "markdown-it-deflist": "^2.0.0",
-    "markdown-it-emoji": "^1.1.1",
+    "markdown-it-emoji": "^2.0.0",
     "markdown-it-footnote": "^3.0.1",
@@ -75,3 +76,4 @@ "markdown-it-for-inline": "^0.1.0",
     "mocha": "^8.0.1",
-    "ndoc": "^5.0.0",
+    "ndoc": "^6.0.0",
+    "needle": "^2.5.2",
     "nyc": "^15.0.1",
@@ -84,3 +86,3 @@ "pug-cli": "^1.0.0-alpha6",
     "stylus": "^0.54.5",
-    "supertest": "^5.0.0"
+    "supertest": "^6.0.1"
   },
@@ -87,0 +89,0 @@ "mocha": {

README.md

 # markdown-it <!-- omit in toc -->
 
-[![Build Status](https://img.shields.io/travis/markdown-it/markdown-it/master.svg?style=flat)](https://travis-ci.org/markdown-it/markdown-it)
+[![CI](https://github.com/markdown-it/markdown-it/workflows/CI/badge.svg)](https://github.com/markdown-it/markdown-it/actions)
 [![NPM version](https://img.shields.io/npm/v/markdown-it.svg?style=flat)](https://www.npmjs.org/package/markdown-it)
@@ -116,2 +116,3 @@ [![Coverage Status](https://coveralls.io/repos/markdown-it/markdown-it/badge.svg?branch=master&service=github)](https://coveralls.io/github/markdown-it/markdown-it?branch=master)
   // Enable some language-neutral replacement + quotes beautification
+  // For the full list of replacements, see https://github.com/markdown-it/markdown-it/blob/master/lib/rules_core/replacements.js
   typographer:  false,
@@ -191,3 +192,3 @@
 ```js
-md.linkify.tlds('.py', false);  // disables .py as top level domain
+md.linkify.set({ fuzzyEmail: false });  // disables converting email to link
 ```
@@ -194,0 +195,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

568548

increased by0.52%

Lines of code

13659

increased by0.35%

Number of lines in readme file

308

increased by0.33%

Worsened metrics

Dev dependency count

35

increased by6.06%

Dependency changes

• + Addedentities@2.1.0(transitive)

• - Removedentities@2.0.3(transitive)

• Updatedentities@~2.1.0