Skip to content

Bump comrak from 0.47.0 to 0.48.0#409

Merged
kivikakk merged 3 commits intomainfrom
dependabot/cargo/comrak-0.48.0
Nov 14, 2025
Merged

Bump comrak from 0.47.0 to 0.48.0#409
kivikakk merged 3 commits intomainfrom
dependabot/cargo/comrak-0.48.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 13, 2025

Bumps comrak from 0.47.0 to 0.48.0.

Release notes

Sourced from comrak's releases.

v0.48.0

The breaking changes are listed right at the top! Please note that AST content now represents NUL bytes (codepoint number zero) as they were in the input; these used to be translated to the lovely � character at the very beginning of the input process, presumably so the rest of the reference C parser didn't have to deal with the possibility of strings containing NUL bytes. We can do better, though, so let's! The � character is now emitted by our formatters in place of NUL, but if you use custom or manual formatters and emit any part of the AST content directly (without using comrak::html::escape, context::html::escape_href, or the same-named functions on Context), you may need to do the same translation yourself.

We also no longer append a newline to the end of the file where there wasn't one originally, which meant a lot of places in the parser had to adapt to their strings not necessarily containing a newline before they ended. Careful review and extensive fuzzing should have squeaked out any unexpected overruns, but consider my eyes peeled for reports regarding this. (Ew.) We've cleaned up some sourcepos calculation which depended on this behaviour in odd ways, but there may yet be more to discover which our test suite didn't catch.

Did you know November is Trans Month? I didn't! I'm guessing it's because Trans Awareness Week falls within it, and we've been having a pretty bad time of it rights-wise around the world lately!

Happy Trans Month, and if you happen to typo it as Trans Moth, we can be happy about that too! 🏳️‍⚧️ ᖭི༏ᖫྀ

Parser changes:

  • No longer translate NUL bytes into U+FFFD REPLACEMENT CHARACTER in the parse stage; do it in formatters instead. (by @​kivikakk in kivikakk/comrak#681)
    • This means the AST now contains NUL bytes where they were present in input, preserving the difference between NUL and literally-entered characters.
  • No longer append a virtual newline at the end of the file where missing. (by @​kivikakk in kivikakk/comrak#682)
    • The spec allows a line to end with either a newline or EOF; the reference parser would assume any given input string will always have a terminating linefeed and forced that to be the case, and so Comrak used to. Comrak no longer does.
    • We also now handle line feed, carriage return, and carriage return plus line feed (as allow'd by the spec) without pretending they're all just a line feed, meaning e.g. sourcepos for softbreaks now correctly spans two bytes when it was produced by a carriage return plus line feed.

Changed APIs:

  • Remove mandatory space before fenced codeblock info string in CommonMark output. (by @​kivikakk in kivikakk/comrak#686)
  • Write out %25 in hrefs where not part of a percent-encode sequence. (by @​kivikakk in kivikakk/comrak#687)
    • We used to leave any % character alone, such that [link](https://github.com/kivikakk/comrak/blob/HEAD/%%20) would roundtrip without change. It now roundtrips to [link](https://github.com/kivikakk/comrak/blob/HEAD/%25%20).
  • Relaxed tasklist matching now supports a full Unicode scalar for the character between the […], and no longer turns single-byte UTF-8 characters into the Unicode codepoint numbered at the UTF-8 byte (!). (by @​kivikakk in kivikakk/comrak#689)

New APIs:

Bug fixes:

Performance:

  • Simplify internal feed function, no longer requiring any allocation before the block parser. (by @​kivikakk in kivikakk/comrak#679, kivikakk/comrak#681)
    • This is possible due to not translating NUL and not appending a virtual EOF newline; compare before and after.
  • Don't buffer CommonMark output unless necessary. (by @​kivikakk in kivikakk/comrak#684)
    • The full output was always buffered in a string before being written to the destination, which in many cases is going to be another string. Buffering is now done only to the extent required by output options, which often will be "not at all."
  • Use SIMD for core line feed process. (by @​kivikakk in kivikakk/comrak#688)

Build changes:

... (truncated)

Changelog

Sourced from comrak's changelog.

[v0.48.0] - 2025-11-13

The breaking changes are listed right at the top! Please note that AST content now represents NUL bytes (codepoint number zero) as they were in the input; these used to be translated to the lovely � character at the very beginning of the input process, presumably so the rest of the reference C parser didn't have to deal with the possibility of strings containing NUL bytes. We can do better, though, so let's! The � character is now emitted by our formatters in place of NUL, but if you use custom or manual formatters and emit any part of the AST content directly (without using comrak::html::escape, context::html::escape_href, or the same-named functions on Context), you may need to do the same translation yourself.

We also no longer append a newline to the end of the file where there wasn't one originally, which meant a lot of places in the parser had to adapt to their strings not necessarily containing a newline before they ended. Careful review and extensive fuzzing should have squeaked out any unexpected overruns, but consider my eyes peeled for reports regarding this. (Ew.) We've cleaned up some sourcepos calculation which depended on this behaviour in odd ways, but there may yet be more to discover which our test suite didn't catch.

Did you know November is Trans Month? I didn't! I'm guessing it's because Trans Awareness Week falls within it, and we've been having a pretty bad time of it rights-wise around the world lately!

Happy Trans Month, and if you happen to typo it as Trans Moth, we can be happy about that too! 🏳️‍⚧️ ᖭི༏ᖫྀ

Parser changes:

  • No longer translate NUL bytes into U+FFFD REPLACEMENT CHARACTER in the parse stage; do it in formatters instead. (by @​kivikakk in kivikakk/comrak#681)
    • This means the AST now contains NUL bytes where they were present in input, preserving the difference between NUL and literally-entered characters.
  • No longer append a virtual newline at the end of the file where missing. (by @​kivikakk in kivikakk/comrak#682)
    • The spec allows a line to end with either a newline or EOF; the reference parser would assume any given input string will always have a terminating linefeed and forced that to be the case, and so Comrak used to. Comrak no longer does.
    • We also now handle line feed, carriage return, and carriage return plus line feed (as allow'd by the spec) without pretending they're all just a line feed, meaning e.g. sourcepos for softbreaks now correctly spans two bytes when it was produced by a carriage return plus line feed.

Changed APIs:

  • Remove mandatory space before fenced codeblock info string in CommonMark output. (by @​kivikakk in kivikakk/comrak#686)
  • Write out %25 in hrefs where not part of a percent-encode sequence. (by @​kivikakk in kivikakk/comrak#687)
    • We used to leave any % character alone, such that [link](https://github.com/kivikakk/comrak/blob/main/%%20) would roundtrip without change. It now roundtrips to [link](https://github.com/kivikakk/comrak/blob/main/%25%20).
  • Relaxed tasklist matching now supports a full Unicode scalar for the character between the […], and no longer turns single-byte UTF-8 characters into the Unicode codepoint numbered at the UTF-8 byte (!). (by @​kivikakk in kivikakk/comrak#689)

New APIs:

Bug fixes:

Performance:

  • Simplify internal feed function, no longer requiring any allocation before the block parser. (by @​kivikakk in kivikakk/comrak#679, kivikakk/comrak#681)
    • This is possible due to not translating NUL and not appending a virtual EOF newline; compare before and after.
  • Don't buffer CommonMark output unless necessary. (by @​kivikakk in kivikakk/comrak#684)
    • The full output was always buffered in a string before being written to the destination, which in many cases is going to be another string. Buffering is now done only to the extent required by output options, which often will be "not at all."
  • Use SIMD for core line feed process. (by @​kivikakk in kivikakk/comrak#688)

Build changes:

  • We now build Linux release binaries against musl, making them actually useful for anyone not running my exact Nix build :') (by @​kivikakk in kivikakk/comrak#671)

... (truncated)

Commits
  • 6337099 Merge pull request #690 from kivikakk/release/v0.48.0
  • 69285ea CHANGELOG: finish 0.48.0.
  • 636cc0f CHANGELOG.md: add generated portion.
  • 95fc43b Cargo.toml: v0.48.0.
  • d149324 Merge pull request #689 from kivikakk/push-nnqpnowtsnom
  • c2509e5 tasklists: don't munge first byte into unicode codepoint.
  • 988ebcd Merge pull request #688 from kivikakk/push-ylwwmpzkwpkn
  • ae45268 jetscii for line searcher.
  • 1a38822 Merge pull request #687 from kivikakk/push-nzsmltxklmnr
  • 5cc8d40 write out %25 in hrefs where not part of a percent-encode sequence.
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump comrak from 0.47.0 to 0.48.0
565c5ed 
Bumps [comrak](https://github.com/kivikakk/comrak) from 0.47.0 to 0.48.0.
- [Release notes](https://github.com/kivikakk/comrak/releases)
- [Changelog](https://github.com/kivikakk/comrak/blob/main/CHANGELOG.md)
- [Commits](kivikakk/comrak@v0.47.0...v0.48.0)

---
updated-dependencies:
- dependency-name: comrak
  dependency-version: 0.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Nov 13, 2025
@kivikakk kivikakk force-pushed the dependabot/cargo/comrak-0.48.0 branch from a609893 to 6c98fea Compare November 14, 2025 03:50
@kivikakk kivikakk force-pushed the dependabot/cargo/comrak-0.48.0 branch from 6c98fea to 5655513 Compare November 14, 2025 03:53
@kivikakk
Copy link
Collaborator

kivikakk commented Nov 14, 2025

@gjtorikian Note that I've extended our supported Ruby versions to include 4.x, as that's looking to be the next release and HEAD builds are starting to fail everywhere because of it 😅 Please feel free to revert if you think this might cause issues.

@kivikakk kivikakk merged commit 441f0f4 into main Nov 14, 2025
9 checks passed
@kivikakk kivikakk deleted the dependabot/cargo/comrak-0.48.0 branch November 14, 2025 04:01
@gjtorikian
Copy link
Owner

gjtorikian commented Nov 14, 2025

Huh... do you happen to know if there are any actual language breaking changes, or is it just an arbitrary major bump? I can't find anything about why the jump.

Either way, thank you, as always!

@kivikakk
Copy link
Collaborator

kivikakk commented Nov 15, 2025

Huh... do you happen to know if there are any actual language breaking changes, or is it just an arbitrary major bump? I can't find anything about why the jump.

I have no idea! I had some of my own HEAD builds start to fail because a dependency-of-a-dependency-of-a-dependency was checking for RUBY_VERSION =~ /^[23]/ and aborting otherwise (which took a little bit of digging before I spotted …/ruby/4.0.0/gems/…).

The closest thing I can find to an authoritative discussion on this is https://bugs.ruby-lang.org/issues/21657, and there is no mention of breaking changes (and a few acks that Ruby itself doesn't really do semver).

@gjtorikian gjtorikian mentioned this pull request Nov 17, 2025
Merged
@Greg-Myers-SB Greg-Myers-SB mentioned this pull request Dec 3, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kivikakk @gjtorikian