rebber-plugins@4.3.3

Bugfix: Double backslashes were treated as two simple backslashes one after the other, causing the sanitizer to delete all backslashes in the math block.

zmarkdown@11.0.2

Includes fixes from rebber-plugins@4.3.2

rebber-plugins@4.3.2

• Fix footnotes inside titles by using \protect also for references

zmarkdown@11.0.1

• Includes fixes from rebber-plugins@4.3.1 and remark-ping@2.3.1
• Fixes Sentry error handling

remark-ping@2.3.1

• Do not take account of empty pings

rebber-plugins@4.3.1

• Fix math sanitation

zmarkdown@11.0.0

Security fixes

• Security (RCE) : forbid any \end{CodeBlock} command from inside CodeBlocks themselves (included in 10.1.3)
• Security (LFI) : replace invalid pathes with a default image (included in 10.1.3)
• Security (SSRF) : prevent images downloads from local IP ranges (included in 10.1.3)
• Security (RCE) : filter the authorized math commands to a given list
• Security (RCE) : escape the content of abbreviations

LaTeX

• Important : Align table headers left instead of centered
• Minor : Restore a correct behavior for footnotes, but remove linking
• Minor : Fix tables column width so that tables take the whole page

Miscellaneous

• Important : Switch the project to NPMv7. Should not break dependants
• Important : Uses details/summary HTML tags for spoilers
• Minor : Better parsing for pings, now only break on line break and spaces
• Minor : Allow calling LaTeX endpoint without options
• Minor : Do not add line numbers to one-line code blocks
• Minor : Drop Node 10 support

remark-ping@2.3.0

• Important : change the ping parser to allow Unicode characters in the simple syntax

remark-images-download@3.0.2

• Security (LFI) : replace invalid pathes with a default image (included in 10.1.3)
• Security (SSRF) : prevent images downloads from local IP ranges (included in 10.1.3)
• Meta : stop using legacy APIs

remark-custom-blocks@2.6.0

• Minor : Allow default block title