chore(deps): update dependency hugo-extended to v0.162.1 #19
Reference in New Issue
Block a user
Delete Branch "renovate/hugo-extended-0.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
0.161.1→0.162.1Release Notes
gohugoio/hugo (hugo-extended)
v0.162.1Compare Source
What's Changed
59f35cd@jmooring #14959c270975@bep #14958ea8b48a@jmooring #14948v0.162.0Compare Source
The notable new feature in this release is support for AVIF images (both encoder and decoder). There's a demo site set up that demonstrates the difference between HDR AVIF and SDR JPEG images. Note that that demo is only really interesting if viewed on an HDR capable screen (e.g. Apple Retina).
Security fixes
There are some notable security fixes in this release.
Security fixes in Go
This release upgrades from Go 1.26.1 to 126.3, which brings a set of security fixes. Some relevant for Hugo are:
Security fixes and hardening in Hugo
The following changes either fix a concrete issue or reduce the default attack surface of
hugobuilds.text/htmlcontent files by default (e41a064). A newsecurity.allowContentpolicy gates which content media types may be used for pages under/content.text/htmlis denied by default; sites that rely on hand-authored or adapter-emitted HTML content can opt back in withsecurity.allowContent = ['.*'].security.http.urlson every redirect hop inresources.GetRemote(86fbb0f).resources.Get(f8b5fa0).We will update this section later with links to CVEs where applicable.
All changes
df54219@bep #149424bc7cae@bep5d51b82@jmooring #1492181d7762@jmooring #14795 #14906f8b5fa0@bep88d838a@xndvaz #14831e41a064@bep90d9f81@bep #783780e6084@jmooring #14944aeb9a5c@bep #14939c4bbc28@bepd8c7021@jmooring #14932ee4f1ac@bep #14855b613365@bep #11872d2c821b@bep4ed7600@bepcbe4339@bep #149126475d30@bep #14912 #1491767aede4@bep87f194b@bep #14897d81e3c2@bep #148977c65a4d@bepd31a927@bepc36608c@jmooring #149092f361a8@xndvaz #148865559263@jmooring #13869656fc04@bep #14062a20cb5b@bep #148984d775cb@bep #13492ae7bf74@bep #13987ba5d812@bep #12899 #14882be4a0df@bepe4cf565@bep9e64953@xndvaz #13737f0cfc28@xndvaz #1368816e854a@bep86fbb0f@bep #148717d4af7a@xndvaz #712828147cb@bep #14862e51e761@bep #148497011239@bep #14848694906f@cyphercodes #14820d27b9c0@ogulcanaydogan #1406262cef36@bep #14837ff22c62@jmooring #148174f444c8@dependabot[bot]fe6c726@dependabot[bot]6a2a038@dependabot[bot]cf1de59@dependabot[bot]97f990c@dependabot[bot]b99634e@dependabot[bot]fdd977e@dependabot[bot]123018d@dependabot[bot]b88fa8c@bep #14839Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate.
chore(deps): update dependency hugo-extended to v0.162.0to chore(deps): update dependency hugo-extended to v0.162.1c1391be176to6762d6338b