Skip to content

Releases: streetsidesoftware/cspell

CSpell5 v5.21.2-alpha.0

20 May 19:16
@github-actions github-actions
v5.21.2-alpha.0
7612e2b
Compare
Choose a tag to compare
CSpell5 v5.21.2-alpha.0 Pre-release
Pre-release

Changes

Maintenance

ci: Workflow Bot -- Update ALL Dependencies (cspell5) (#2883)

ci: Workflow Bot -- Update ALL Dependencies (cspell5) (#2883)

website/package-lock.json | 545 +++++++++++++++++++++++++++++++++++-----------
1 file changed, 423 insertions(+), 122 deletions(-)

ci: Prepare v5 for maintenance mode (#2875)

ci: Prepare v5 for maintenance mode (#2875)

Assets 2
Loading

v5.21.1

20 May 14:13
@github-actions github-actions
v5.21.1
952246f
Compare
Choose a tag to compare
v5.21.1

Changes

Fixes

dev: Start implementing cspell-config reader/writer (#2859)

dev: Start implementing cspell-config reader/writer (#2859)

Dictionary Updates

ci: Workflow Bot -- Update Dictionaries (main) (#2863)

ci: Workflow Bot -- Update Dictionaries (main) (#2863)

.../googleapis/google-cloud-cpp/report.yaml | 22 +++-------------------
.../googleapis/google-cloud-cpp/snapshot.txt | 18 +-----------------
.../snapshots/php/php-src/report.yaml | 15 ++-------------
.../snapshots/php/php-src/snapshot.txt | 15 ++-------------
packages/cspell-bundled-dicts/package-lock.json | 14 +++++++-------
packages/cspell-bundled-dicts/package.json | 2 +-
6 files changed, 16 insertions(+), 70 deletions(-)

Documentation

docs: add version info to README.md (#2866)

docs: add version info to README.md (#2866)

docs: Update version support EOL (#2865)

docs: Update version support EOL (#2865)

docs: Update supported versions (#2864)

docs: Update supported versions (#2864)

doc: Update README.md (#2857)

doc: Update README.md (#2857)

docs: Update README.md (#2856)

docs: Update README.md (#2856)

build(deps): bump nokogiri from 1.13.4 to 1.13.6 in /docs (#2855)

build(deps): bump nokogiri from 1.13.4 to 1.13.6 in /docs (#2855)

Bumps nokogiri from 1.13.4 to 1.13.6.

Release notes

Sourced from nokogiri's releases.

1.13.6 / 2022-05-08

Security

  • [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

Improvements

  • {HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise TypeError instead of segfaulting when an incorrect type is passed.

sha256:

58417c7c10f78cd1c0e1984f81538300d4ea98962cfd3f46f725efee48f9757a  nokogiri-1.13.6-aarch64-linux.gem
a2b04ec3b1b73ecc6fac619b41e9fdc70808b7a653b96ec97d04b7a23f158dbc  nokogiri-1.13.6-arm64-darwin.gem
4437f2d03bc7da8854f4aaae89e24a98cf5c8b0212ae2bc003af7e65c7ee8e27  nokogiri-1.13.6-java.gem
99d3e212bbd5e80aa602a1f52d583e4f6e917ec594e6aa580f6aacc253eff984  nokogiri-1.13.6-x64-mingw-ucrt.gem
a04f6154a75b6ed4fe2d0d0ff3ac02f094b54e150b50330448f834fa5726fbba  nokogiri-1.13.6-x64-mingw32.gem
a13f30c2863ef9e5e11240dd6d69ef114229d471018b44f2ff60bab28327de4d  nokogiri-1.13.6-x86-linux.gem
63a2ca2f7a4f6bd9126e1695037f66c8eb72ed1e1740ef162b4480c57cc17dc6  nokogiri-1.13.6-x86-mingw32.gem
2b266e0eb18030763277b30dc3d64337f440191e2bd157027441ac56a59d9dfe  nokogiri-1.13.6-x86_64-darwin.gem
3fa37b0c3b5744af45f9da3e4ae9cbd89480b35e12ae36b5e87a0452e0b38335  nokogiri-1.13.6-x86_64-linux.gem
b1512fdc0aba446e1ee30de3e0671518eb363e75fab53486e99e8891d44b8587  nokogiri-1.13.6.gem

1.13.5 / 2022-05-04

Security

Dependencies

  • [CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

  • [CRuby] The libxml2 HTML4 parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare < characters.

Changed

  • [CRuby] The libxml2 HTML4 parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and incorrectly-opened comments will result in HTML text nodes starting with &lt;! instead of skipping the invalid tag. This behavior is a direct result of the quadratic-behavior fix noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in test/html4/test_comments.rb.

... (truncated)

Changelog

Sourced from nokogiri's changelog.

1.13.6 / 2022-05-08

Security

  • [CRuby] Address CVE-2022-29181, improper handling of unexpected data types, related to untrusted inputs to the SAX parsers. See GHSA-xh29-r2w5-wx8m for more information.

Improvements

  • {HTML4,XML}::SAX::{Parser,ParserContext} constructor methods now raise TypeError instead of segfaulting when an incorrect type is passed.

1.13.5 / 2022-05-04

Security

Dependencies

  • [CRuby] Vendored libxml2 is updated from v2.9.13 to v2.9.14.

Improvements

  • [CRuby] The libxml2 HTML parser no longer exhibits quadratic behavior when recovering some broken markup related to start-of-tag and bare < characters.

Changed

  • [CRuby] The libxml2 HTML parser in v2.9.14 recovers from some broken markup differently. Notably, the XML CDATA escape sequence <![CDATA[ and incorrectly-opened comments will result in HTML text nodes starting with &lt;! instead of skipping the invalid tag. This behavior is a direct result of the quadratic-behavior fix noted above. The behavior of downstream sanitizers relying on this behavior will also change. Some tests describing the changed behavior are in test/html4/test_comments.rb.
Commits
  • b7817b6 version bump to v1.13.6
  • 61b1a39 Merge pull request #2530 from sparklemotion/flavorjones-check-parse-memory-ty...
  • 83cc451 fix: {HTML4,XML}::SAX::{Parser,ParserContext} check arg types
  • 22c9e5b version bump to v1.13.5
  • 6155881 doc: update CHANGELOG for v1.13.5
  • c519a47 Merge pull request #2527 from sparklemotion/2525-update-libxml-2_9_14-v1_13_x
  • 66c2886 dep: update libxml2 to v2.9.14
  • b7c4cc3 test: unpend the LIBXML_LOADED_VERSION test on freebsd
  • eac7934 dev: require yaml
  • f3521ba style(rubocop): pend Style/FetchEnvVar for now
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=nokogiri&package-manager=bundler&previous-version=1.13.4&new-ve...

Read more
Assets 2
Loading

v5.21.0

17 May 06:17
@github-actions github-actions
v5.21.0
d0758cb
Compare
Choose a tag to compare
v5.21.0

Changes

Semi-Breaking change

The updated Python, C++, GO, and CSharp dictionaries no longer set allowCompoundWords to true. If you want the old behavior, add the following to your cspell.json file:

cspell.json

{
    "languageSettings": [
        {
            "languageId": "python,go,cpp,c,csharp",
            "allowCompoundWords": true
        }
    ]
}

Note: setting allowCompoundWords to true hides many misspellings.

See:

chore(deps): Included dependency review (#2833)

chore(deps): Included dependency review (#2833)

Dependency Review GitHub Action in your repository to enforce dependency
reviews on your pull requests.
The action scans for vulnerable versions of dependencies introduced by package version
changes in pull requests,
and warns you about the associated security vulnerabilities.
This gives you better visibility of what's changing in a pull request,
and helps prevent vulnerabilities being added to your repository.

https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveensrinivasan [email protected]

new CSpellSettingsDef.ts (#2819)

new CSpellSettingsDef.ts (#2819)

build(deps-dev): bump mocha from 9.2.2 to 10.0.0 (#2774)

build(deps-dev): bump mocha from 9.2.2 to 10.0.0 (#2774)

Bumps mocha from 9.2.2 to 10.0.0.

Release notes

Sourced from mocha's releases.

v10.0.0

10.0.0 / 2022-05-01

💥 Breaking Changes

🔩 Other

Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

Changelog

Sourced from mocha's changelog.

10.0.0 / 2022-05-01

💥 Breaking Changes

🔩 Other

Also thanks to @​ea2305 and @​SukkaW for improvements to our documentation.

Commits
Read more
Assets 2
Loading

v5.20.0

02 May 11:54
@github-actions github-actions
v5.20.0
626dd90
Compare
Choose a tag to compare
v5.20.0

Changes

Semi-Breaking change

The updated python dictionary no longer sets allowCompoundWords to true. If you want the old behavior, add the following to your cspell.json file:

cspell.json

{
    "languageSettings": [
        {
            "languageId": "python",
            "allowCompoundWords": true
        }
    ]
}

Note: setting allowCompoundWords to true hides many misspellings.

See:

Features

feat: Upgrade python dictionary (#2763)

feat: Upgrade python dictionary (#2763)

Semi-Breaking change

The updated python dictionary no longer sets allowCompoundWords to true. If you want the old behavior, add the following to your cspell.json file:

cspell.json

{
    "languageSettings": [
        {
            "languageId": "python",
            "allowCompoundWords": true
        }
    ]
}

Note: setting allowCompoundWords to true hides many misspellings.

See:

Fixes

dev: Work towards parsing and transforming documents (#2731)

dev: Work towards parsing and transforming documents (#2731)

fix: Update to glob 8 (#2707)

fix: Update to glob 8 (#2707)

This reverts commit b42bbdd.

fix: Roll back glob to 7.2.0 to fix Windows (#2706)

fix: Roll back glob to 7.2.0 to fix Windows (#2706)

Documentation

dev: Work towards parsing and transforming documents (#2731)

dev: Work towards parsing and transforming documents (#2731)

doc: Update Gemfile.lock (#2711)

doc: Update Gemfile.lock (#2711)

dev: Update RFC (#2685)

dev: Update RFC (#2685)

doc: Document Parsing RFC (#2682)

doc: Document Parsing RFC (#2682)

Maintenance

ci: Use node 18 in tests (#2764)

ci: Use node 18 in tests (#2764)

ci: only run coverage if code has changed. (#2686)

ci: only run coverage if code has changed. (#2686)

ci: Only run integration tests if code has changed (#2683)

ci: Only run integration tests if code has changed (#2683)

Assets 2
Loading

v5.19.7

09 Apr 06:16
@github-actions github-actions
v5.19.7
1d33cd1
Compare
Choose a tag to compare
v5.19.7

Changes

Fixes

fix: Ignore directories when checking files (#2680)

fix: Ignore directories when checking files (#2680)

The following would cause an error when there was a subdirectory.

ls -1 | cspell "**" --cache --file-list=stdin
Assets 2
Loading

v5.19.6

08 Apr 14:54
@github-actions github-actions
v5.19.6
288584a
Compare
Choose a tag to compare
v5.19.6

Changes

  • Improved caching
    • Improved detection of stale dependencies (ensures that a file is checked if a related dictionary is changed).
    • Reduce the size of the cache file by consolidating results.
  • Added --cache-reset option to the cli

Fixes

Pin actions to a full length commit SHA (#2670)

Pin actions to a full length commit SHA (#2670)

Pin actions to a full length commit SHA

Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions

How do I validate these pinned actions?

Also, dependabot supports upgrading based on SHA. ossf/scorecard#1700

GitHub's own repository pin's their checkout actions by SHA and doesn't use the version tag
https://github.com/github/docs/blob/ea7f218c91ecbae9a700a8702b51a7d2736e0d2c/.github/workflows/docs-review-collect.yml#L23

Signed-off-by: naveensrinivasan [email protected]

fix: add --cache-reset option (#2677)

fix: add --cache-reset option (#2677)

fix: relative path name (#2675)

fix: relative path name (#2675)

Fix relative path names when reading the file list from stdin.

fix: add configuration for git commit messages (#2674)

fix: add configuration for git commit messages (#2674)

fix: fix issue with stale cache entries (#2673)

fix: fix issue with stale cache entries (#2673)

fix: fix minor typo. (#2647)

fix: fix minor typo. (#2647)

Documentation

doc: Create git.md (#2671)

doc: Create git.md (#2671)

Maintenance

ci: Set permissions for GitHub actions (#2662)

ci: Set permissions for GitHub actions (#2662)

Based upon #2661

Signed-off-by: naveensrinivasan [email protected]

Assets 2
Loading

v5.19.5

01 Apr 17:18
@github-actions github-actions
v5.19.5
0d113f0
Compare
Choose a tag to compare
v5.19.5

Changes

Fixes

fix: Be able to disable the default configuration (#2643)

fix: Be able to disable the default configuration (#2643)

Assets 2
Loading

v5.19.4

01 Apr 08:23
@github-actions github-actions
v5.19.4
9f7e77c
Compare
Choose a tag to compare
v5.19.4

Changes

Fixes

fix: Performance - only serialize config if in debug mode (#2640)

fix: Performance - only serialize config if in debug mode (#2640)

Documentation

doc: Document imports (#2638)

doc: Document imports (#2638)

Assets 2
Loading

v5.19.3

24 Mar 07:06
@github-actions github-actions
v5.19.3
df43735
Compare
Choose a tag to compare
v5.19.3

Changes

Fixes

fix: prepare to publish eslint-plugin (#2620)

fix: prepare to publish eslint-plugin (#2620)

fix: eslint-plugin improve performance (#2616)

fix: eslint-plugin improve performance (#2616)

fix: Update US English dictionary to remove British words (#2612)

fix: Update US English dictionary to remove British words (#2612)

dev: eslint-plugin improve suggestion speed (#2590)

dev: eslint-plugin improve suggestion speed (#2590)

dev: Do not output the progress twice (#2582)

dev: Do not output the progress twice (#2582)

fix: Invalidate the cache if cspell version has changed. (#2580)

fix: Invalidate the cache if cspell version has changed. (#2580)

Invalidate the cspell cache whenever the major or minor version of cspell has changed.

Assets 2
Loading

v5.19.2

15 Mar 15:25
@github-actions github-actions
v5.19.2
6540cb9
Compare
Choose a tag to compare
v5.19.2

Changes

Fixes

dev: eslint-plugin improve suggestion speed (#2590)

dev: eslint-plugin improve suggestion speed (#2590)

dev: Do not output the progress twice (#2582)

dev: Do not output the progress twice (#2582)

fix: Invalidate the cache if cspell version has changed. (#2580)

fix: Invalidate the cache if cspell version has changed. (#2580)

Invalidate the cspell cache whenever the major or minor version of cspell has changed.

fix: eslint-plugin - fix issue with document directives (#2576)

fix: eslint-plugin - fix issue with document directives (#2576)

Ignore Regexp were not being honored.

Documentation

fix: eslint-plugin - fix issue with document directives (#2576)

fix: eslint-plugin - fix issue with document directives (#2576)

Ignore Regexp were not being honored.

Assets 2
Loading