UNCLASSIFIED - NO CUI

Skip to content

Update dependency gohugoio/hugo to v0.125.3

Ghost User requested to merge renovate/gohugoio-hugo-0.x into development

This MR contains the following updates:

Package Update Change
gohugoio/hugo patch v0.125.2 -> v0.125.3

Release Notes

gohugoio/hugo (gohugoio/hugo)

v0.125.3

Compare Source

This release fixes a security issue reported by @​ejona86 (see #​12411) that could allow XSS injection from Markdown content files if one of the internal link or image render hook templates added in Hugo 0.123.0 are enabled. You typically control and trust the content files, but according to Hugo's security model, we state that "template and configuration authors (you) are trusted, but the data you send in is not."


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.


  • If you want to rebase/retry this MR, check this box

This MR has been generated by Renovate Bot.

Merge request reports