forked from desmosinc/pontoon
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency Pygments to v2.15.0 #15
Open
mend-for-github-com
wants to merge
1
commit into
main
Choose a base branch
from
whitesource-remediate/pygments-2.x
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
from
May 7, 2024 12:04
bc13f6d
to
a7bdb83
Compare
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.7.4
Update dependency Pygments to v2.15.0
May 7, 2024
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0
Update dependency Pygments to v2.15.0 - autoclosed
May 10, 2024
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0 - autoclosed
Update dependency Pygments to v2.15.0
May 12, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
2 times, most recently
from
May 14, 2024 18:20
812ac9e
to
4f6525c
Compare
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0
Update dependency Pygments to v2.7.4
May 14, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
from
May 18, 2024 00:06
4f6525c
to
d9ba5e3
Compare
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.7.4
Update dependency Pygments to v2.15.0
May 18, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
from
May 19, 2024 00:02
d9ba5e3
to
238c2be
Compare
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0
Update dependency Pygments to v2.7.4
May 19, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
from
May 22, 2024 18:27
238c2be
to
c347011
Compare
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.7.4
Update dependency Pygments to v2.15.0
May 22, 2024
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0
Update dependency Pygments to v2.15.0 - autoclosed
May 23, 2024
mend-for-github-com
bot
changed the title
Update dependency Pygments to v2.15.0 - autoclosed
Update dependency Pygments to v2.15.0
May 24, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/pygments-2.x
branch
from
May 24, 2024 18:04
c347011
to
f62c647
Compare
1 similar comment
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==2.1
->==2.15.0
By merging this PR, the below vulnerabilities will be automatically resolved:
Release Notes
pygments/pygments (Pygments)
v2.15.0
Compare Source
(released April 10th, 2023)
Added lexers:
Updated lexers:
AMDGPU: Add support for
scratch_
instructions, theattr*.*
argument,as well as the
off
modifier (#2327).APDL: Miscellaneous improvements (#2314)
bash/tcsh:
break
to keywords (#2377)Chapel: Support attributes (#2376)
CMake: Implement bracket style comments (#2338, #2354)
CSS: Improve lexing of numbers inside function calls (#2382, #2383)
diff: Support normal diff syntax, as opposed to unified diff syntax (#2321)
GLSL, HLSL:
LilyPond: minor update of builtins
PHP: support attributes (#2055, #2347, #2360), fix anonymous classes without
parameters (#2359), improve lexing of variable variable syntax (#2358)
Python:
None
(#2406)Rebol/Red: Don't require script headers (#2348, #2349)
Spice: Update keywords (#2336)
SQL+Jinja (
analyse_text
method): Fix catastrophic backtracking (#2355)Terraform: Add
hcl
alias (#2375)Declare support for Python 3.11 and drop support for Python 3.6 (#2324).
Update
native
style to improve contrast (#2325).Update `github-dark`` style to match latest Primer style (#2401)
Revert a change that made guessing lexers based on file names slower
on Python 3.10 and older (#2328).
Fix some places where a locale-dependent encoding could unintentionally
be used instead of UTF-8 (#2326).
Fix Python traceback handling (#2226, #2329).
Groff formatter: sort color definitions for reproducibility (#2343)
Move project metadata to
pyproject.toml
, removesetup.py
and
setup.cfg
(#2342)The top-level
Makefile
has been removed. Instead, all shortcutsfor developing are now defined and run through tox. The
doc
folderstill contains a
Makefile
as an alternative totox -e doc
.v2.14.0
Compare Source
(released January 1st, 2023)
Added lexers:
Updated lexers:
Abap: Update keywords (#2281)
Alloy: Update for Alloy 6 (#1963)
C family (C, C++ and many others):
definition due to braces in comments (#2210)
C#: Fix number and operator recognition (#2256, #2257)
CSound: Updated builtins (#2268)
F#: Add
.fsx
file extension (#2282)gas (GNU assembler): recognize braces as punctuation (#2230)
HTTP: Add
CONNECT
keyword (#2242)Inform 6: Fix lexing of properties and doubles (#2214)
INI: Allow comments that are not their own line (#2217, #2161)
Java properties: Fix issue with whitespace-delimited keys, support
comments starting with
!
and escapes, no longer support undocumented;
and//
comments (#2241)LilyPond: Improve heuristics, add
\maxima
duration (#2283)LLVM: Add opaque pointer type (#2269)
Macaulay2: Update keywords (#2305)
Minecraft-related lexers (SNB and Minecraft function) moved to
pygments.lexers.minecraft
(#2276)Nim: General improvements (#1970)
Nix: Fix single quotes inside indented strings (#2289)
Objective J: Fix catastrophic backtracking (#2225)
NASM: Add support for SSE/AVX/AVX-512 registers as well as 'rel'
and 'abs' address operators (#2212)
Powershell:
local:
keyword (#2254)Solidity: Add boolean operators (#2292)
Spice: Add
enum
keyword and fix a bug regarding binary,hexadecimal and octal number tokens (#2227)
YAML: Accept colons in key names (#2277)
Fix
make mapfiles
when Pygments is not installed in editable mode(#2223)
Support more filetypes and compression types in
autopygmentize
(#2219)Merge consecutive tokens in Autohotkey, Clay (#2248)
Add
.nasm
as a recognized file type for NASM (#2280)Add
*Spec.hs
as a recognized file type forHSpec
(#2308)Add
*.pyi
(for typing stub files) as a recognized file type forPython (#2231)
The HTML lexer no longer emits empty spans for whitespace (#2304)
Fix
IRCFormatter
inserting linenumbers incorrectly (#2270)v2.13.0
Compare Source
(released August 15th, 2022)
Added lexers:
Updated lexers:
because it disturbs lexing of aspects (#2125)
elements of function headers, e.g. between the arguments and
the opening brace for the body (#1891)
Error
tokens (#2207, #2208)Set
and qualified identifiers (#2158)
(#2194)
value
modifier (#2142)appears in the output (#2166)
StarOffice Basic (#2170)
Name.Builtin
instead ofKeyword.Type
(#2136)\"$var\"
inside strings (#2105)\N
,\u
and\U
escape sequencesin string literals, but not in bytes literals where they are
not supported (#2204)
${name}
variables (#2145)<<
heredocdelimiters (#2162)
builtin functions and bin, oct, hex number formats (#2206)
Added styles:
nord
andnord-darker
; #2189, #1799, #1678)Pygments now tries to use the
importlib.metadata
module todiscover plugins instead of the slower
pkg_resources
(#2155). Inparticular, this largely speeds up the
pygmentize
script whenthe lexer is not specified.
importlib.metadata
is only available in the Python standardlibrary since Python 3.8. For older versions, there exists an
importlib_metadata
backport on PyPI. For this reason, Pygmentsnow defines a packaging extra
plugins
, which adds a requirementon
importlib_metadata
if the Python version is older than3.8. Thus, in order to install Pygments with optimal plugin
support even for old Python versions, you should do::
pip install pygments[plugins]
Pygments still falls back on
pkg_resources
if neitherimportlib.metadata
norimportlib_metadata
is found, but itwill be slower.
Silently ignore
BrokenPipeError
in the command-line interface(#2193).
The
HtmlFormatter
now uses thelinespans
attribute foranchorlinenos
if thelineanchors
attribute is unset (#2026).The
highlight
,lex
andformat
functions no longerwrongly report "argument must be a lexer/formatter instance, not a
class" in some cases where this is not the actual problem (#2123).
Fix warnings in doc build (#2124).
The
codetagify
filter now recognizesFIXME
tags by default (#2150).The
pygmentize
command now recognizes if theCOLORTERM
environment variable is set to a value indicating that true-color
support is available. In that case, it uses the
TerminalTrueColorFormatter
by default (#2160)
Remove redundant caches for filename patterns (#2153)
Use new non-deprecated Pillow API for text bounding box in
ImageFormatter
(#2198)
Remove
default_style
(#930, #2183)Stop treating
DeprecationWarnings
as errors in the unit tests (#2196)v2.12.0
Compare Source
(released April 24th, 2022)
Added lexers:
UnixConfigLexer
for "colon-separated" config files, like/etc/passwd
(#2112)Updated lexers:
Agda: Update keyword list (#2017)
C family: Fix identifiers after
case
statements (#2084)Clojure: Highlight ratios (#2042)
Csound: Update to 6.17 (#2064)
CSS: Update the list of properties (#2113)
Elpi:
->
(#2028)Futhark: Add missing tokens (#2118)
Gherkin: Add
But
(#2046)Inform6: Update to 6.36 (#2050)
Jinja2: add
.xxx.j2
and.xxx.jinja2
to relevant lexers(for
xxx
=html
,xml
, etc.) (#2103)JSON: Support C comments in JSON (#2049). Note: This doesn't mean the JSON parser now supports JSONC or JSON5 proper, just that it doesn't error out when seeing a
/* */
or//
style comment. If you need proper comment handling, consider using theJavaScript
lexer.LilyPond:
PHP: Update builtin function and keyword list (#2054, #2056)
Python: highlight
EncodingWarning
(#2106)Savi: fix highlighting for underscore/private identifiers,
add string interpolation (#2102); fix nested type name highlighting
(#2110)
Scheme: Various improvements (#2060)
Spice: Update the keyword list, add new types (#2063, #2067)
Terraform:
Add
plugins
argument toget_all_lexers()
.Bump minimal Python version to 3.6 (#2059)
Fix multiple lexers marking whitespace as
Text
(#2025)Remove various redundant uses of
re.UNICODE
(#2058)Associate
.resource
with the Robot framework (#2047)Associate
.cljc
with Clojure (#2043)Associate
.tpp
with C++ (#2031)Remove traces of Python 2 from the documentation (#2039)
The
native
style was updated to meet the WCAG AAA contrast guidelines (#2038)Fix various typos (#2030)
Fix
Groff
formatter not inheriting token styles correctly (#2024)Various improvements to the CI (#2036)
The Ada lexer has been moved to a separate file (#2117)
When
linenos=table
is used, the<table>
itself is now wrapped with a<div class="highlight">
tag instead of placing it inside the<td class="code">
cell (#632.) With this change, the output matches the documented behavior... note::
If you have subclassed
HtmlFormatter.wrap
, you may have to adjust the logic.v2.11.2
Compare Source
(released January 6th, 2022)
Updated lexers:
record
keywords result inError
tokens in some cases (#2016, #2018)Fix links to line numbers not working correctly (#2014)
Remove
underline
fromWhitespace
style in theTango
theme (#2020)Fix
IRC
andTerminal256
formatters not backtracking correctly for custom token types, resulting in some unstyled tokens (#1986)v2.11.1
Compare Source
(released December 31st, 2021)
Updated lexers:
unsigned int
) (#2008):
to result inError
tokens (#2010)v2.11.0
Compare Source
(released December 30th, 2021)
Added lexers:
.SRCINFO
(#1951)Updated lexers:
ABNF: Allow one-character rules (#1804)
Assembly: Fix incorrect token endings (#1895, #1961)
Bibtex: Distinguish between
comment
andcommentary
(#1899, #1806)C family: Support unicode identifiers (#1848)
CDDL: Fix slow lexing speed (#1959)
Debian control: Add missing fields (#1946)
Devicetree: Recognize hexadecimal addresses for nodes (#1949)
GDScript: Add
void
data type (#1948)GSQL
HTML, XML: Improve comment handling (#1896)
Java: Add
yield
(#1941) and sealed classes/record (#1902)Makefiles (#1860, #1898)
objdump-nasm: Improve handling of
--no-show-raw-insn
dumps (#1981)Prolog: Support escaped
\
inside quoted strings (#1479)Python:
~
in tracebacks (#2004)RobotFramework: Improve empty brace handling (#1921, #1922)
Terraform
Added styles:
LilyPond
language... note::
All of the new styles unfortunately do not conform to WCAG recommendations.
Text
(#1237, #1905, #1908, #1914, #1911, #1923, #1939, #1957, #1978)pygmentize
supports JSON output for the various list functions now, making it easier to consume them from scripts. (#1437, #1890)shell
lexer forkshrc
files (#1947)ruby
lexer forVagrantfile
files (#1936).xbm
and.xpm
files (#1802)groff
formatter (#1873)man
pagesHtmlFormatter
can now emit tooltips for each token to ease debugging of lexers (#1822)f90
as an alias forfortran
(#2000)v2.10.0
Compare Source
(released August 15th, 2021)
Added lexers:
Updated lexers:
C-family: Fix preprocessor token issues (#1830)
C# (#1573, #1869)
CSound (#1837)
Fennel (#1862)
JavaScript (#1741, #1814)
LLVM (#1824)
Python (#1852)
Rust
Scala: Add support for the
\
operator (#1857)Swift (#1767, #1842)
Tcl: Allow
,
and@
in strings (#1834, #1742)TOML (#1870, #1872)
Fix assert statements in TNT lexer.
Token types across all lexers have been unified (using the most common token
type name) (#1816, #1819)
Improve Jasmin min score analysis (#1619)
Add new alias for Go files (#1827)
Fix multi-line console highlighting (#1833)
Add a new trivial lexer which outputs everything as
Text.Generic.Output
(#1835, #1836)Use the
.ini
lexer forsystemd
files (#1849)Fix a
FutureWarning
related towords()
(#1854)pwsh
is now recognized as an alias for PowerShell (#1876)v2.9.0
Compare Source
(released May 3rd, 2021)
Added lexers:
Updated lexers:
:
(#1682, #1758)Add Pango formatter (#1727)
Autopygmentize uses
file
first instead ofpygments -N
(#1786)Fix links (#1716)
Fix issue with LaTeX formatter and
minted
(#1734, #1735, #1736, #1737)Improve alias order (#1780)
Improve line number colors (#1779, #1778)
Fix CTag related issue (#1724)
Recognize
.leex
as Elixir templatesFix incorrect variable being accessed (#1748)
Updated
filename
handling in HTML formatter iflinenos='table'
(#1757)<td>
holding thecode, but outside the
<pre>
. This would invariably break the alignmentwith line numbers.
filename
is specified, a separate<tr>
is emitted before thetable content which contains a single
<th>
withcolspan=2
so itspans both the line number and code columns. The filename is still
within
<span class="filename">...</span>
so any existing stylesshould still apply, although the CSS path may need to change.
table_cls_step_1_start_1_special_0_noanchor_filename.html
in the
tests/html_linenos_expected_output/
directory.https://github.com/pygments/pygments/issues/1757ues/1757
Added styles:
v2.8.1
Compare Source
minted
(#1734, #1735, #1736, #1737)v2.8.0
Compare Source
(released February 14, 2021)
Added lexers:
Updated lexers:
AutoIt: Support single quoted strings (#1667, #1663)
C/C++ & related: Fix mishandling
*/
(#1695)Cocoa: Add builtin types (#1703)
Console (#1672)
Eiffel: Fix performance issues (#1658)
Fortran: Improve combined keyword detection (#1677, #1188)
J: Fix operator
?
lexing (#1700, #1149)JavaScript/TypeScript: Fix escapes in backtick strings (#1679, #1686)
Kotlin: Improve string interpolation, modifier keyword handling, and various small issues (#1699)
LESS: Support single-line comments (#1046)
Matlab:
OpenEdge (#1696)
Python: Improve handling of raw f-strings (#1681, #1683)
Ruby: Better method name handling (#1531)
Stata: Updated keywords (#1470)
Added styles:
The
pygmentize
script now usesargparse
, all options should workas before
Add
pygmentize -C
option to guess a lexer from contentWith this release, Pygments moves to a new internal testing system (#1649.)
See
Contributing.md
for details. The main advantage of this new changeis a much better test coverage of all existing example lexers. It also makes
it much easier to add new test snippets.
Make guessing prefer Python 3 lexer
Do not guess MIME or SQL without reason
Changed setuptools to use a declarative config through
setup.cfg
.Building Pygments now requires setuptools 39.2+.
Add markdown to MarkdownLexer aliases (#1687)
Change line number handling
<table>
based output, thetd.linenos
element will have either anormal
orspecial
class attached. Previously, onlyspecial
linenumbers got a class. This prevents styles from getting applied twice -
once via
<pre>
, once via<span class="special">
. This also meansthat
td.linenos pre
is no longer styled, instead, usetd.linenos .normal
andtd.linenos .special
.is added first, then the line is wrapped is wrapped by the highlighter.
This fixes lines not being fully highlighted.
as well as class-based and inline styling is now consistent.
background-color: transparent
andcolor: inherit
by default. This works much better with dark styleswhich don't have colors set for line numbers.
Remove "raw" alias from RawTokenLexer, so that it cannot be
selected by alias.
Fix RawTokenLexer to work in Python 3 and handle exceptions.
Add prompt colors to the Solarized theme (#1529)
Image formatter supports background colors now (#1374)
Add support for anchors in conjunction with inline line numbers (#1591)
Modernize the codebase using
pyupgrade
(#1622)Add support for line numbers to the
terminal256
formatter (#1674, #1653)Improve
analyze_text
logic forECL
(#1610)Improve
analyze_text
logic forCBM Basic V2
(#1607)Improve LaTeX formatter (#1708, #1709)
v2.7.4
Compare Source
(released January 12, 2021)
Updated lexers:
Apache configurations: Improve handling of malformed tags (#1656)
CSS: Add support for variables (#1633, #1666)
Crystal (#1650, #1670)
Coq (#1648)
Fortran: Add missing keywords (#1635, #1665)
Ini (#1624)
JavaScript and variants (#1647 -- missing regex flags, #1651)
Markdown (#1623, #1617)
Shell
in
keyword (#1652)SQL - Fix keywords (#1668)
Typescript: Fix incorrect punctuation handling (#1510, #1511)
Fix infinite loop in SML lexer (#1625),
CVE-2021-20270 <https://nvd.nist.gov/vuln/detail/CVE-2021-20270>
_Fix backtracking string regexes in JavaScript/TypeScript, Modula2
and many other lexers (#1637)
CVE-2021-27291 <https://nvd.nist.gov/vuln/detail/CVE-2021-27291>
_Limit recursion with nesting Ruby heredocs (#1638)
Fix a few inefficient regexes for guessing lexers
Fix the raw token lexer handling of Unicode (#1616)
Revert a private API change in the HTML formatter (#1655) --
please note that private APIs remain subject to change!
Fix several exponential/cubic-complexity regexes found by
Ben Caller/Doyensec (#1675)
Fix incorrect MATLAB example (#1582)
Thanks to Google's OSS-Fuzz project for finding many of these bugs.
v2.7.3
Compare Source
(released December 6, 2020)
Updated lexers:
Deprecated JsonBareObjectLexer, which is now identical to JsonLexer (#1600)
The
ImgFormatter
now calculates the exact character width, which fixes some issues with overlapping text (#1213, #1611)Documentation fixes (#1609, #1599, #1598)
Fixed duplicated Juttle language alias (#1604, #1606)
Added support for Kotlin scripts (#1587)
Removed CSS rule which forced margin to 0
v2.7.2
Compare Source
(released October 24, 2020)
Updated lexers:
Fix Python console/traceback lexer problems with custom exceptions without messages (#1548)
Allow loading ttc fonts on Mac/image formatter (#1223)
Improve
analyze_text
across a variety of lexers (#1549)Remove CSS rule which forced the vertical padding to 0 for line numbers (#1583, #1579)
Fix
TNTLexer
crashing on unexpected EOL (#1568, #1570)regexlint
can be now run locally as part oftox
tests (#1557)Fix typos (#1550, #1562)
Add Python 3.9 as a supported version (#1554)
v2.7.1
Compare Source
(released September 16, 2020)
v2.7.0
Compare Source
(released September 12, 2020)