yuzutech/kroki v0.5.0

on GitHub

Changelog

This release contains the latest available versions of:

• Bytefield,
• Nomnoml,
• Mermaid,
• PlantUML,
• Vega
• and Vega-Lite!

We've also introduced a new feature to configure the PlantUML !include directive using environment variables:

• KROKI_PLANTUML_INCLUDE_PATH: The include path to set for PlantUML.
• KROKI_PLANTUML_INCLUDE_WHITELIST: The name of a file that consists of a list of Java regular expressions for valid includes.
• KROKI_PLANTUML_INCLUDE_WHITELIST_0, KROKI_PLANTUML_INCLUDE_WHITELIST_1...: One regex to add to the include whitelist per environment variable. Search will stop at the first empty or undefined integer number.
• KROKI_PLANTUML_ALLOW_INCLUDE: Either false (default) or true.
  Determines if PlantUML will fetch !include directives that reference external URLs. For example, PlantUML allows the !import directive to pull fragments from the filesystem or a remote URL or the standard library.

In addition, we've added a new safe mode SAFE:

• SECURE (default) - Paranoid sanitization of requests before passing to the diagram library.
• SAFE - Assume the diagram libraries secure mode request sanitization is sufficient
• UNSAFE - Run the diagram libraries without request sanitization.

We encourage anyone running their own Kroki server to review PlantUML code and select the security mode appropriate for their use case.

We would like to thank @stephenc for these great contributions! 🎉

Improvements

• Introduce a new safe mode SAFE - thanks Stephen
• Allow configuration of PlantUML includes - thanks Stephen
• Upgrade Mermaid from 8.5.0 to 8.5.1
• Upgrade Vega from 5.11.1 to 5.12.1
• Upgrade Bytefield from 1.4.1 to 1.4.3
• Upgrade PlantUML from 1.2020.8 to 1.2020.10
• Upgrade Nomnoml from 0.7.1 to 0.7.2
• Upgrade Vega-Lite from 4.11.0 to 4.12.2

Infrastructure

• Upgrade dependencies
  • Bump python from 3.8.2-alpine3.11 to 3.8.3-alpine3.11 in /blockdiag
  • Bump node from 12.16.2-alpine3.11 to 12.16.3-alpine3.11 in /bpmn
  • Bump node from 12.16.2-alpine to 12.16.3-alpine in /bytefield
  • Bump node from 10.20.0-alpine3.11 to 10.20.1-alpine3.11 in /vega
  • Bump node from 12.16.2-alpine3.11 to 12.16.3-alpine3.11 in /mermaid
  • Bump node from 12.16.2-alpine3.11 to 12.16.3-alpine3.11 in /nomnoml
  • Bump puppeteer from 3.0.2 to 3.1.0 in /mermaid
  • Bump puppeteer from 3.0.2 to 3.1.0 in /bpmn
  • Bump vertx from 3.9.0 to 3.9.1
• Upgrade development dependencies
  • Bump standard from 14.3.3 to 14.3.4 in /mermaid
  • Bump standard from 14.3.3 to 14.3.4 in /vega
  • Bump standard from 14.3.3 to 14.3.4 in /bpmn
  • Bump standard from 14.3.3 to 14.3.4 in /nomnoml
  • Bump standard from 14.3.3 to 14.3.4 in /bytefield
  • Bump assertj-core from 3.15.0 to 3.16.1

📄 Full diff
📖 Documentation