diff options
| author | Mike Rochefort <mroche@omenos.dev> | 2023-05-24 21:24:05 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-05-25 01:24:05 +0000 |
| commit | d7e669c3719f74340096c212a1228bb11c028652 (patch) | |
| tree | aa7d4624fb5c81ad72a3821daadab8fe5038c2b2 /.github | |
| parent | 69e73fdcff0e7fe9bd708c0a8dd70fdcb2de3135 (diff) | |
| download | gitea-d7e669c3719f74340096c212a1228bb11c028652.tar.gz gitea-d7e669c3719f74340096c212a1228bb11c028652.zip | |
Update Asciidoc markup example with safe defaults (#24920)
The cheat sheet uses the `asciidoc` markup language to demonstrate how
to set up third party markup renderers. The current example has the
following issues:
- It promotes a legacy tool that does not handle modern AsciiDoc
specifications
- It does not account for embedded preview renders
- It has no safety restrictions
By switching to `asciidoctor`, uses are suggested to utilize de
facto/standard tooling for AsciiDoc.
The `--embedded` parameter will strip out HTML tags that contain the
document (such as `<html></html>`) which aren't necessary for the
render, and actually end up as text in the document if left in.
The `--safe-mode` parameter (of which there are several profiles)
imposes [certain
policies](https://docs.asciidoctor.org/asciidoctor/latest/safe-modes/)
on the files it ingests and what the resulting output looks like. GitHub
itself uses the `secure` profile (the highest), which can be a good
starting point for those who are uncertain of what to do. By default, if
no mode is specified when `asciidoctor` runs it defaults to `unsafe`,
i.e. no safety guidelines at all.
Diffstat (limited to '.github')
0 files changed, 0 insertions, 0 deletions