A Twitter Spaces discussion hosted by Unleash about open-source maintainership, the PHP League, platform engineering, and 3D printing.
PHP League
After 96 releases, 368 pull requests, and over 48 million downloads, I'm pleased to share that the next major version of league/commonmark 2.0.0 stable is now generally available! 🎉🎉
You can install the latest version via Composer:
composer require league/commonmark:^2.0
What's new in 2.0?
There's so much to cover, but here are the key improvements and changes:
With the 2.0.0 stable release of league/commonmark scheduled for next month, I'm pleased to share that the first 2.0 beta releases are now available! Current users of this library are highly encouraged to test this new branch and provide feedback.
You can install the beta release via Composer:
Version 1.5.0 of the league/commonmark Markdown library has just been released!
This will likely be the last minor release of 1.x as we focus efforts on developing 2.0. This post breaks down some of the new features and changes you should know about 1.5.0.
After 2,086 days, 1,632 commits, and 75 releases I'm pleased to share that league/commonmark has been downloaded over 10 million times! 🎉🎉🎉
With the recent release of version 1.3.0, league/commonmark now offers full support for Github-Flavored Markdown!
After 5 years of development, 3,000,000 downloads, and 58 releases, I'm extremely pleased to announce that league/commonmark version 1.0.0 has been released!
This weekend I've tagged the first pre-releases of the 1.x branch! I strongly encourage everyone to test their applications and extensions against this beta and provide any feedback. (Helpful information can be found in the upgrading guide.) Unless there are any major issues we'll plan on releasing a stable 1.0.0 version in the coming weeks!
A cross-site scripting (XSS) vulnerability was found in the PHP League's CommonMark library (league/commonmark) versions 0.15.6 through 0.18.x before 0.18.1. It allows remote attackers to insert unsafe URLs into <a> tags (even if allow_unsafe_links is false) by adding an encoded newline character in the middle (e.g., writing javascript as javascri%0Apt).
This month I released updates for a few of my open-source projects including league/commonmark, league/html-to-markdown, and colinodell/json5.