Releases: pugjs/pug
[email protected]
Bug Fixes
-
Update pug-code-gen with the following fix: (#3438)
Validate
templateName
andglobals
are valid JavaScript identifiers to prevent possible remote code execution if un-trusted user input is passed to the compilation options
[email protected]
Refactors
- Convert to TypeScript (#3355)
[email protected]
Bug Fixes
- Validate
templateName
andglobals
are valid JavaScript identifiers to prevent possible remote code execution if un-trusted user input is passed to the compilation options (#3438)
[email protected]
Bug Fixes
- Serialize Buffers to strings when storing sources for use with compileDebug: true (#3269)
[email protected]
[email protected]
Bug Fixes
- Properly handle non-string values when rethrowing errors (#3269)
[email protected]
Bug Fixes
-
Variables starting with keywords cause the regex to "drift" on capture groups, causing errors (#3274)
-
Lexer plugins are not dropped inside tag interpolation (#3296)
You can use tag interpolation to embed tags in long strings, e.g.
p. This is a #[strong long] string of text.
Previously, lexer plugins would not work within the
#[...]
interpolation. -
Handle escaped unsafe interpolation correctly (#3299)
If you want to put the literal text
#{
in your html, it needs to be escaped to indicate that it should not be treated as interpolation. The same is true of!{
You can escape them by prefixing them with\
, e.g.p These are some \#{ weird \!{ symbols
Previously this would have incorrectly converted both escaped sequences to
#{
, resulting in the html:<p>These are some #{ weird #{ symbols</p>
Now this correctly generates:
<p>These are some #{ weird !{ symbols</p>
[email protected]
[email protected]
Breaking Changes
-
read
plugins must now returnBuffer
if you want to support filters that userenderBuffer
(#3213)If you don't wish to support this advanced use case, you can continue returning
string
. If you did not provide aread
plugin, you do not need to do anything. -
The
minify
option on filters now requires you to install the relevant jstransformer (#3084)Currently we support:
- jstransformer-uglify-js for JavaScript
- jstransformer-clean-css for CSS
-
Drop support for node 6 and 8 (#3243)
New Features
-
Support filters that apply to Buffers (#3213)
e.g.
// options.js exports.filters = { png: { // instead of a function, specify an object with a "renderBuffer" property // whose value is a function that takes a Buffer instead of a string renderBuffer: function(buffer, options) { var data = Buffer.from(buffer).toString('base64'); return '<img src="data:image/png;base64, ' + data + '"/>'; } } };
You can then use the filter like:
// foo.pug include:png my-small-image.png
-
Add support for replacing code gen via a plugin with
generateCode
(#3230) -
Support
each ... of ...
loops (#3179)each value of iterable li= value
This requires an environment that supports the
for (const val of iterable)
syntax in JS. You can iterate over Maps, Sets etc. as well as arrays. There is also some destructuring of map keys:- const map = new Map([['a', 'x'], ['b', 'y']]); each [key, value] of map li strong= key = value