hugo - Mirror of https://github.com/gohugoio/hugo

diff options

author	Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com>	2023-06-15 16:34:16 +0200
committer	Bjørn Erik Pedersen <bjorn.erik.pedersen@gmail.com>	2023-06-15 23:04:33 +0200
commit	ee359df172ece11989e9b1bf35c2d376f2608ac6 (patch)
tree	98513578d0ad8c2ced1c6aacf2ca5ba40a703b6a /hugofs
parent	0f989d5e21b200d848b45a4e305958636fd00779 (diff)

Fix upstream Go templates bug with reversed key/value assignment

The template packages are based on go1.20.5 with the patch in befec5ddbbfbd81ec84e74e15a38044d67f8785b added. This also includes a security fix that now disallows Go template actions in JS literals (inside backticks). This will throw an error saying "... appears in a JS template literal". If you're really sure this isn't a security risk in your case, you can revert to the old behaviour: ```toml [security] [security.gotemplates] allowActionJSTmpl = true ``` See https://github.com/golang/go/issues/59234 Fixes #11112

Diffstat (limited to 'hugofs')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: