A Twitter Spaces discussion hosted by Unleash about open-source maintainership, the PHP League, platform engineering, and 3D printing.
After 96 releases, 368 pull requests, and over 48 million downloads, I'm pleased to share that the next major version of league/commonmark 2.0.0 stable is now generally available! 🎉🎉
You can install the latest version via Composer:
composer require league/commonmark:^2.0
What's new in 2.0?
There's so much to cover, but here are the key improvements and changes:
Version 1.5.0 of the league/commonmark Markdown library has just been released!
This will likely be the last minor release of
1.x as we focus efforts on developing 2.0. This post breaks down some of the new features and changes you should know about 1.5.0.
After 2,086 days, 1,632 commits, and 75 releases I'm pleased to share that league/commonmark has been downloaded over 10 million times! 🎉🎉🎉
With the recent release of version 1.3.0, league/commonmark now offers full support for Github-Flavored Markdown!
This weekend I've tagged the first pre-releases of the 1.x branch! I strongly encourage everyone to test their applications and extensions against this beta and provide any feedback. (Helpful information can be found in the upgrading guide.) Unless there are any major issues we'll plan on releasing a stable 1.0.0 version in the coming weeks!
A cross-site scripting (XSS) vulnerability was found in the PHP League's CommonMark library (
league/commonmark) versions 0.15.6 through 0.18.x before 0.18.1. It allows remote attackers to insert unsafe URLs into
<a> tags (even if
false) by adding an encoded newline character in the middle (e.g., writing
This month I released updates for a few of my open-source projects including league/commonmark, league/html-to-markdown, and colinodell/json5.