diff --git a/Gopkg.toml b/Gopkg.toml index d4dbbe955..28c1ea0b8 100644 --- a/Gopkg.toml +++ b/Gopkg.toml @@ -1,4 +1,125 @@ -required = ["github.com/russross/blackfriday"] +# Gopkg.toml example +# +# Refer to https://golang.github.io/dep/docs/Gopkg.toml.html +# for detailed Gopkg.toml documentation. +# +# required = ["github.com/user/thing/cmd/thing"] +# ignored = ["github.com/user/project/pkgX", "bitbucket.org/user/project/pkgA/pkgY"] +# +# [[constraint]] +# name = "github.com/user/project" +# version = "1.0.0" +# +# [[constraint]] +# name = "github.com/user/project2" +# branch = "dev" +# source = "github.com/myfork/project2" +# +# [[override]] +# name = "github.com/x/y" +# version = "2.4.0" +# +# [prune] +# non-go = false +# go-tests = true +# unused-packages = true + + +[[constraint]] + name = "github.com/dgrijalva/jwt-go" + version = "3.2.0" + +[[constraint]] + branch = "master" + name = "github.com/dustin/go-humanize" + +[[constraint]] + name = "github.com/fatih/color" + version = "1.7.0" + +[[constraint]] + name = "github.com/gobuffalo/envy" + version = "1.6.3" + +[[constraint]] + name = "github.com/gobuffalo/makr" + version = "1.1.0" + +[[constraint]] + name = "github.com/gobuffalo/packr" + version = "1.11.1" + +[[constraint]] + name = "github.com/gobuffalo/plush" + version = "3.7.5" + +[[constraint]] + name = "github.com/gobuffalo/pop" + version = "4.5.9" + +[[constraint]] + name = "github.com/gobuffalo/tags" + version = "2.0.5" + +[[constraint]] + name = "github.com/gobuffalo/uuid" + version = "2.0.0" + +[[constraint]] + branch = "master" + name = "github.com/gobuffalo/x" + +[[constraint]] + name = "github.com/gorilla/context" + version = "1.1.1" + +[[constraint]] + name = "github.com/gorilla/mux" + version = "1.6.2" + +[[constraint]] + name = "github.com/gorilla/sessions" + version = "1.1.1" + +[[constraint]] + name = "github.com/markbates/deplist" + version = "1.0.0" + +[[constraint]] + name = "github.com/markbates/going" + version = "1.0.0" + +[[constraint]] + name = "github.com/markbates/grift" + version = "1.0.0" + +[[constraint]] + name = "github.com/markbates/inflect" + version = "1.0.0" + +[[constraint]] + name = "github.com/markbates/refresh" + version = "1.4.0" + +[[constraint]] + name = "github.com/markbates/sigtx" + version = "1.0.0" + +[[constraint]] + name = "github.com/markbates/willie" + version = "1.0.0" + +[[constraint]] + name = "github.com/monoculum/formam" + version = "3.0.0" + +[[constraint]] + name = "github.com/nicksnyder/go-i18n" + version = "1.10.0" + +[[constraint]] + name = "github.com/pkg/errors" + version = "0.8.0" [[constraint]] branch = "master" @@ -8,3 +129,34 @@ required = ["github.com/russross/blackfriday"] branch = "master" name = "github.com/shurcooL/github_flavored_markdown" +[[constraint]] + name = "github.com/sirupsen/logrus" + version = "1.0.5" + +[[constraint]] + name = "github.com/spf13/cobra" + version = "0.0.3" + +[[constraint]] + name = "github.com/stretchr/testify" + version = "1.2.2" + +[[constraint]] + branch = "master" + name = "github.com/unrolled/secure" + +[[constraint]] + branch = "master" + name = "golang.org/x/crypto" + +[[constraint]] + branch = "master" + name = "golang.org/x/sync" + +[[constraint]] + name = "gopkg.in/mail.v2" + version = "2.2.0" + +[prune] + go-tests = true + unused-packages = true diff --git a/go.mod b/go.mod index 91e971b86..6da9f1452 100644 --- a/go.mod +++ b/go.mod @@ -1,57 +1,42 @@ module github.com/gobuffalo/buffalo require ( + github.com/ajg/form v0.0.0-20160802194845-cc2954064ec9 github.com/dgrijalva/jwt-go v0.0.0-20180308231308-06ea1031745c github.com/dustin/go-humanize v0.0.0-20180421182945-02af3965c54e github.com/fatih/color v1.7.0 - github.com/fatih/structs v1.0.0 github.com/fsnotify/fsnotify v1.4.7 github.com/go-sql-driver/mysql v1.4.0 - github.com/gobuffalo/envy v1.6.2 + github.com/gobuffalo/envy v1.6.3 github.com/gobuffalo/packr v1.11.1 - github.com/gobuffalo/plush v1.0.0 - github.com/gobuffalo/pop v0.0.0-20180524161724-d5d017d59cf2 - github.com/gobuffalo/tags v1.9.6 - github.com/gobuffalo/validate v1.0.0 + github.com/gobuffalo/plush v0.0.0-20180611194646-6cd5bf0d0c9b + github.com/gobuffalo/pop v0.0.0-20180521154020-9985012f32f5 github.com/gobuffalo/x v0.0.0-20180117215853-11ca13c05abd github.com/gorilla/mux v1.6.2 github.com/gorilla/sessions v1.1.1 - github.com/gorilla/websocket v1.2.0 - github.com/jmoiron/sqlx v0.0.0-20180406164412-2aeb6a910c2b + github.com/jmoiron/sqlx v0.0.0-20180614180643-0dae4fefe7c0 github.com/lib/pq v0.0.0-20180523175426-90697d60dd84 - github.com/markbates/deplist v0.0.0-20170926152145-5ae023fef618 - github.com/markbates/grift v0.0.0-20180319170132-76f93617a788 - github.com/markbates/inflect v0.0.0-20180514174915-dd7de90c06bc + github.com/markbates/deplist v1.0.0 + github.com/markbates/going v1.0.0 + github.com/markbates/grift v1.0.0 + github.com/markbates/hmax v1.0.0 + github.com/markbates/inflect v1.0.0 github.com/markbates/refresh v1.4.0 github.com/markbates/sigtx v1.0.0 - github.com/markbates/validate v1.0.0 - github.com/mattn/go-sqlite3 v1.7.0 - github.com/microcosm-cc/bluemonday v0.0.0-20180327211928-995366fdf961 + github.com/markbates/willie v1.0.0 + github.com/mattn/anko v0.0.5 + github.com/mattn/go-sqlite3 v1.9.0 github.com/mitchellh/go-homedir v0.0.0-20180523094522-3864e76763d9 - github.com/monoculum/formam v0.0.0-20170814190438-f25191ae7744 + github.com/monoculum/formam v0.0.0-20170619223434-99ca9dcbaca6 github.com/nicksnyder/go-i18n v1.10.0 github.com/pelletier/go-toml v1.2.0 - github.com/russross/blackfriday v1.5.1 - github.com/satori/go.uuid v1.2.0 - github.com/sergi/go-diff v1.0.0 - github.com/shurcooL/github_flavored_markdown v0.0.0-20180602233135-8913699a52e3 - github.com/shurcooL/highlight_diff v0.0.0-20170515013008-09bb4053de1b - github.com/shurcooL/highlight_go v0.0.0-20170515013102-78fb10f4a5f8 - github.com/shurcooL/octicon v0.0.0-20180602230221-c42b0e3b24d9 - github.com/shurcooL/sanitized_anchor_name v0.0.0-20170918181015-86672fcb3f95 github.com/sirupsen/logrus v1.0.5 - github.com/sourcegraph/annotate v0.0.0-20160123013949-f4cad6c6324d - github.com/sourcegraph/syntaxhighlight v0.0.0-20170531221838-bd320f5d308e - github.com/spf13/cobra v0.0.3 - github.com/spf13/pflag v1.0.1 - github.com/stretchr/objx v0.1.1 - github.com/stretchr/testify v1.2.2 github.com/unrolled/secure v0.0.0-20180416205222-a1cf62cc2159 - golang.org/x/crypto v0.0.0-20180608092829-8ac0e0d97ce4 - golang.org/x/net v0.0.0-20180530234432-1e491301e022 - golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f - golang.org/x/sys v0.0.0-20180610122900-7c1e4f34a39c - gopkg.in/check.v1 v1.0.0-20161208181325-20d25e280405 - gopkg.in/mail.v2 v2.0.0-20180609202316-c55e3fbae0e2 + golang.org/x/crypto v0.0.0-20180614221331-a8fb68e7206f + golang.org/x/net v0.0.0-20180611182652-db08ff08e862 + golang.org/x/sys v0.0.0-20180616030259-6c888cc515d3 + google.golang.org/appengine v1.1.0 + gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc + gopkg.in/mail.v2 v2.0.0-20180301192024-63235f23494b gopkg.in/yaml.v2 v2.2.1 ) diff --git a/vendor/github.com/russross/blackfriday/README.md b/vendor/github.com/russross/blackfriday/README.md index 0d1ac9a73..e0066b0fc 100644 --- a/vendor/github.com/russross/blackfriday/README.md +++ b/vendor/github.com/russross/blackfriday/README.md @@ -1,4 +1,6 @@ -Blackfriday [![Build Status](https://travis-ci.org/russross/blackfriday.svg?branch=master)](https://travis-ci.org/russross/blackfriday) [![GoDoc](https://godoc.org/github.com/russross/blackfriday?status.svg)](https://godoc.org/github.com/russross/blackfriday) +Blackfriday +[![Build Status][BuildSVG]][BuildURL] +[![Godoc][GodocV2SVG]][GodocV2URL] =========== Blackfriday is a [Markdown][1] processor implemented in [Go][2]. It @@ -8,7 +10,7 @@ punctuation substitutions, etc.), and it is safe for all utf-8 (unicode) input. HTML output is currently supported, along with Smartypants -extensions. An experimental LaTeX output engine is also included. +extensions. It started as a translation from C of [Sundown][3]. @@ -16,26 +18,71 @@ It started as a translation from C of [Sundown][3]. Installation ------------ -Blackfriday is compatible with Go 1. If you are using an older -release of Go, consider using v1.1 of blackfriday, which was based -on the last stable release of Go prior to Go 1. You can find it as a -tagged commit on github. +Blackfriday is compatible with any modern Go release. With Go and git installed: -With Go 1 and git installed: + go get -u gopkg.in/russross/blackfriday.v2 - go get github.com/russross/blackfriday +will download, compile, and install the package into your `$GOPATH` directory +hierarchy. -will download, compile, and install the package into your `$GOPATH` -directory hierarchy. Alternatively, you can achieve the same if you -import it into a project: - import "github.com/russross/blackfriday" +Versions +-------- + +Currently maintained and recommended version of Blackfriday is `v2`. It's being +developed on its own branch: https://github.com/russross/blackfriday/tree/v2 and the +documentation is available at +https://godoc.org/gopkg.in/russross/blackfriday.v2. + +It is `go get`-able via [gopkg.in][6] at `gopkg.in/russross/blackfriday.v2`, +but we highly recommend using package management tool like [dep][7] or +[Glide][8] and make use of semantic versioning. With package management you +should import `github.com/russross/blackfriday` and specify that you're using +version 2.0.0. + +Version 2 offers a number of improvements over v1: + +* Cleaned up API +* A separate call to [`Parse`][4], which produces an abstract syntax tree for + the document +* Latest bug fixes +* Flexibility to easily add your own rendering extensions + +Potential drawbacks: + +* Our benchmarks show v2 to be slightly slower than v1. Currently in the + ballpark of around 15%. +* API breakage. If you can't afford modifying your code to adhere to the new API + and don't care too much about the new features, v2 is probably not for you. +* Several bug fixes are trailing behind and still need to be forward-ported to + v2. See issue [#348](https://github.com/russross/blackfriday/issues/348) for + tracking. + +If you are still interested in the legacy `v1`, you can import it from +`github.com/russross/blackfriday`. Documentation for the legacy v1 can be found +here: https://godoc.org/github.com/russross/blackfriday + +### Known issue with `dep` + +There is a known problem with using Blackfriday v1 _transitively_ and `dep`. +Currently `dep` prioritizes semver versions over anything else, and picks the +latest one, plus it does not apply a `[[constraint]]` specifier to transitively +pulled in packages. So if you're using something that uses Blackfriday v1, but +that something does not use `dep` yet, you will get Blackfriday v2 pulled in and +your first dependency will fail to build. + +There are couple of fixes for it, documented here: +https://github.com/golang/dep/blob/master/docs/FAQ.md#how-do-i-constrain-a-transitive-dependencys-version + +Meanwhile, `dep` team is working on a more general solution to the constraints +on transitive dependencies problem: https://github.com/golang/dep/issues/1124. -and `go get` without parameters. Usage ----- +### v1 + For basic usage, it is as simple as getting your input into a byte slice and calling: @@ -46,34 +93,57 @@ feature set, use this instead: output := blackfriday.MarkdownCommon(input) +### v2 + +For the most sensible markdown processing, it is as simple as getting your input +into a byte slice and calling: + +```go +output := blackfriday.Run(input) +``` + +Your input will be parsed and the output rendered with a set of most popular +extensions enabled. If you want the most basic feature set, corresponding with +the bare Markdown specification, use: + +```go +output := blackfriday.Run(input, blackfriday.WithNoExtensions()) +``` + ### Sanitize untrusted content Blackfriday itself does nothing to protect against malicious content. If you are -dealing with user-supplied markdown, we recommend running blackfriday's output -through HTML sanitizer such as -[Bluemonday](https://github.com/microcosm-cc/bluemonday). +dealing with user-supplied markdown, we recommend running Blackfriday's output +through HTML sanitizer such as [Bluemonday][5]. -Here's an example of simple usage of blackfriday together with bluemonday: +Here's an example of simple usage of Blackfriday together with Bluemonday: -``` go +```go import ( "github.com/microcosm-cc/bluemonday" - "github.com/russross/blackfriday" + "gopkg.in/russross/blackfriday.v2" ) // ... -unsafe := blackfriday.MarkdownCommon(input) +unsafe := blackfriday.Run(input) html := bluemonday.UGCPolicy().SanitizeBytes(unsafe) ``` -### Custom options +### Custom options, v1 If you want to customize the set of options, first get a renderer -(currently either the HTML or LaTeX output engines), then use it to +(currently only the HTML output engine), then use it to call the more general `Markdown` function. For examples, see the implementations of `MarkdownBasic` and `MarkdownCommon` in `markdown.go`. +### Custom options, v2 + +If you want to customize the set of options, use `blackfriday.WithExtensions`, +`blackfriday.WithRenderer` and `blackfriday.WithRefOverride`. + +### `blackfriday-tool` + You can also check out `blackfriday-tool` for a more complete example of how to use it. Download and install it using: @@ -249,7 +319,7 @@ are a few of note: * [github_flavored_markdown](https://godoc.org/github.com/shurcooL/github_flavored_markdown): provides a GitHub Flavored Markdown renderer with fenced code block - highlighting, clickable header anchor links. + highlighting, clickable heading anchor links. It's not customizable, and its goal is to produce HTML output equivalent to the [GitHub Markdown API endpoint](https://developer.github.com/v3/markdown/#render-a-markdown-document-in-raw-mode), @@ -258,27 +328,18 @@ are a few of note: * [markdownfmt](https://github.com/shurcooL/markdownfmt): like gofmt, but for markdown. -* LaTeX output: renders output as LaTeX. This is currently part of the - main Blackfriday repository, but may be split into its own project - in the future. If you are interested in owning and maintaining the - LaTeX output component, please be in touch. - - It renders some basic documents, but is only experimental at this - point. In particular, it does not do any inline escaping, so input - that happens to look like LaTeX code will be passed through without - modification. - -* [Md2Vim](https://github.com/FooSoft/md2vim): transforms markdown files into vimdoc format. +* [LaTeX output](https://bitbucket.org/ambrevar/blackfriday-latex): + renders output as LaTeX. -Todo +TODO ---- * More unit testing -* Improve unicode support. It does not understand all unicode +* Improve Unicode support. It does not understand all Unicode rules (about what constitutes a letter, a punctuation symbol, etc.), so it may fail to detect word boundaries correctly in - some instances. It is safe on all utf-8 input. + some instances. It is safe on all UTF-8 input. License @@ -287,6 +348,16 @@ License [Blackfriday is distributed under the Simplified BSD License](LICENSE.txt) - [1]: http://daringfireball.net/projects/markdown/ "Markdown" - [2]: http://golang.org/ "Go Language" + [1]: https://daringfireball.net/projects/markdown/ "Markdown" + [2]: https://golang.org/ "Go Language" [3]: https://github.com/vmg/sundown "Sundown" + [4]: https://godoc.org/gopkg.in/russross/blackfriday.v2#Parse "Parse func" + [5]: https://github.com/microcosm-cc/bluemonday "Bluemonday" + [6]: https://labix.org/gopkg.in "gopkg.in" + [7]: https://github.com/golang/dep/ "dep" + [8]: https://github.com/Masterminds/glide "Glide" + + [BuildSVG]: https://travis-ci.org/russross/blackfriday.svg?branch=master + [BuildURL]: https://travis-ci.org/russross/blackfriday + [GodocV2SVG]: https://godoc.org/gopkg.in/russross/blackfriday.v2?status.svg + [GodocV2URL]: https://godoc.org/gopkg.in/russross/blackfriday.v2 diff --git a/vendor/github.com/russross/blackfriday/block.go b/vendor/github.com/russross/blackfriday/block.go index 7fc731d54..929638aa4 100644 --- a/vendor/github.com/russross/blackfriday/block.go +++ b/vendor/github.com/russross/blackfriday/block.go @@ -15,6 +15,7 @@ package blackfriday import ( "bytes" + "strings" "unicode" ) @@ -92,7 +93,7 @@ func (p *parser) block(out *bytes.Buffer, data []byte) { // fenced code block: // - // ``` go + // ``` go info string here // func fact(n int) int { // if n <= 1 { // return n @@ -562,7 +563,7 @@ func (*parser) isHRule(data []byte) bool { // and returns the end index if so, or 0 otherwise. It also returns the marker found. // If syntax is not nil, it gets set to the syntax specified in the fence line. // A final newline is mandatory to recognize the fence line, unless newlineOptional is true. -func isFenceLine(data []byte, syntax *string, oldmarker string, newlineOptional bool) (end int, marker string) { +func isFenceLine(data []byte, info *string, oldmarker string, newlineOptional bool) (end int, marker string) { i, size := 0, 0 // skip up to three spaces @@ -598,9 +599,9 @@ func isFenceLine(data []byte, syntax *string, oldmarker string, newlineOptional } // TODO(shurcooL): It's probably a good idea to simplify the 2 code paths here - // into one, always get the syntax, and discard it if the caller doesn't care. - if syntax != nil { - syn := 0 + // into one, always get the info string, and discard it if the caller doesn't care. + if info != nil { + infoLength := 0 i = skipChar(data, i, ' ') if i >= len(data) { @@ -610,14 +611,14 @@ func isFenceLine(data []byte, syntax *string, oldmarker string, newlineOptional return 0, "" } - syntaxStart := i + infoStart := i if data[i] == '{' { i++ - syntaxStart++ + infoStart++ for i < len(data) && data[i] != '}' && data[i] != '\n' { - syn++ + infoLength++ i++ } @@ -627,24 +628,24 @@ func isFenceLine(data []byte, syntax *string, oldmarker string, newlineOptional // strip all whitespace at the beginning and the end // of the {} block - for syn > 0 && isspace(data[syntaxStart]) { - syntaxStart++ - syn-- + for infoLength > 0 && isspace(data[infoStart]) { + infoStart++ + infoLength-- } - for syn > 0 && isspace(data[syntaxStart+syn-1]) { - syn-- + for infoLength > 0 && isspace(data[infoStart+infoLength-1]) { + infoLength-- } i++ } else { - for i < len(data) && !isspace(data[i]) { - syn++ + for i < len(data) && !isverticalspace(data[i]) { + infoLength++ i++ } } - *syntax = string(data[syntaxStart : syntaxStart+syn]) + *info = strings.TrimSpace(string(data[infoStart : infoStart+infoLength])) } i = skipChar(data, i, ' ') @@ -662,8 +663,8 @@ func isFenceLine(data []byte, syntax *string, oldmarker string, newlineOptional // or 0 otherwise. It writes to out if doRender is true, otherwise it has no side effects. // If doRender is true, a final newline is mandatory to recognize the fenced code block. func (p *parser) fencedCodeBlock(out *bytes.Buffer, data []byte, doRender bool) int { - var syntax string - beg, marker := isFenceLine(data, &syntax, "", false) + var infoString string + beg, marker := isFenceLine(data, &infoString, "", false) if beg == 0 || beg >= len(data) { return 0 } @@ -697,7 +698,7 @@ func (p *parser) fencedCodeBlock(out *bytes.Buffer, data []byte, doRender bool) } if doRender { - p.r.BlockCode(out, work.Bytes(), syntax) + p.r.BlockCode(out, work.Bytes(), infoString) } return beg diff --git a/vendor/github.com/russross/blackfriday/html.go b/vendor/github.com/russross/blackfriday/html.go index 2f0ad3b1e..e0a6c69c9 100644 --- a/vendor/github.com/russross/blackfriday/html.go +++ b/vendor/github.com/russross/blackfriday/html.go @@ -255,33 +255,21 @@ func (options *Html) HRule(out *bytes.Buffer) { out.WriteByte('\n') } -func (options *Html) BlockCode(out *bytes.Buffer, text []byte, lang string) { +func (options *Html) BlockCode(out *bytes.Buffer, text []byte, info string) { doubleSpace(out) - // parse out the language names/classes - count := 0 - for _, elt := range strings.Fields(lang) { - if elt[0] == '.' { - elt = elt[1:] - } - if len(elt) == 0 { - continue - } - if count == 0 { - out.WriteString("
")
 	} else {
+		out.WriteString("
")
 	}
-
 	attrEscape(out, text)
 	out.WriteString("
\n")
 }
@@ -620,7 +608,7 @@ func (options *Html) FootnoteRef(out *bytes.Buffer, ref []byte, id int) {
 	out.WriteString(`fnref:`)
 	out.WriteString(options.parameters.FootnoteAnchorPrefix)
 	out.Write(slug)
-	out.WriteString(`">