chore(deps): update dependency gohugoio/hugo/hugo-extended to v0.121.2

[renovate]

This PR contains the following updates:

Package	Update	Change
gohugoio/hugo/hugo-extended	minor	v0.120.4 -> v0.121.2

---

Release Notes

gohugoio/hugo (gohugoio/hugo/hugo-extended)

v0.121.2

Compare Source

The main motivation behind this release is a security fix in the upstream golang.org/x/crypto library. We don't see how that CVE could be exploited via Hugo, but we do appreciate that many want to have a clean security report.

There's also some new features in this release:

• AutoOrient image filter
• math.Rand

What's Changed

• build(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 1ccd314 @​dependabot[bot]
• tpl/math: Add math.Rand template function e40b9fb @​jmooring #​11833
• resources/images: Create AutoOrient image filter 648d00c @​jmooring #​11717
• all: Remove unused code 8adba64 @​bep

v0.121.1

Compare Source

The only change in this release is that the release binaries are compiled with Go 1.21.5 which contains some security fixes that are relevant for Hugo.

• Upgrade to Go 1.21.5 eb9f1eb @​bep #​11786

v0.121.0

Compare Source

There are some minor new features in this release, but it's mostly a release with bug fixes and dependency updates. One notable dependency update is libweb v1.3.2 which comes with a security fix for the Webp decoder (chromium: #​1479274, CVE-2023-4863). Hugo only uses the encoder (we use Go's native Webp decoder) so we're not affected by this, but we have been contacted by some corporate Hugo users who's eager to have a clean security report.

Notes

• kin-openapi v0.122.0 has some minor breaking API changes which, from Hugo's side of it, can be adapted by using the new .Map accessors if you get an error.

Bug fixes and enhancements

• github: Fix CI build on Windows 6d4b012 @​bep
• Fix handling of dropped error in test 26a8ec2 @​alrs
• resources/resource: Fix GroupByParamDate with raw TOML dates dd6cd62 @​jmooring #​11563
• helpers: Fix TrimShortHTML used by markdownify and RenderString 0bde693 @​jmooring #​11698
• Pull in the latest code from Go's template packages (#​11771) 9f978d3 @​bep #​10707 #​11507
• tpl: Allow using page resources on the images page parameter for opengraph, schema and twitter_cards templates 14d85ec @​razonyang
• hugolib: Apply titleCaseStyle to automatic section pages 171836c @​jmooring #​11547
• tpl/urls: Retain query and fragment with absURL and absLangURL 9ea7103 @​jmooring #​11772
• markup: Add Level to Heading struct 3fc42da @​jmooring #​10776
• tpl/fmt: Print suppression help with erroridf d24da17 @​jmooring #​11506
• tpl/transform: Display Chroma highlighting errors 4583b41 @​jmooring #​9642
• common/para: Skip flaky test on CI e2a624d @​bep
• watcher: Skip flaky test for now 30a18e8 @​bep
• tpl/transform: Add transform.XMLEscape template function b4c5df4 @​jmooring #​3268
• tpl/tplimpl: Remove superfluous type attr on script elements 8d32ca2 @​jmooring #​6379
• common/para: Skip flaky tests on Windows 27620da @​bep
• navigation: Unexport menu entry methods 80d2fdb @​jmooring #​11670
• markup/goldmark: Sync image render hook code with Goldmark 805cc17 @​jmooring #​11681

Dependency Updates

• build(deps): bump github.com/alecthomas/chroma/v2 from 2.11.1 to 2.12.0 558f325 @​dependabot[bot]
• build(deps): bump github.com/tdewolff/minify/v2 from 2.20.8 to 2.20.9 507f4e3 @​dependabot[bot]
• build(deps): bump github.com/spf13/cast from 1.5.1 to 1.6.0 a7e721e @​dependabot[bot]
• build(deps): bump github.com/getkin/kin-openapi from 0.121.0 to 0.122.0 2627b91 @​dependabot[bot]
• build(deps): bump golang.org/x/image from 0.13.0 to 0.14.0 e536d46 @​dependabot[bot]
• deps: Update github.com/tdewolff/minify/v2 v2.20.7 => v2.20.8 bfc325f @​jmooring #​5748
• build(deps): bump github.com/spf13/afero from 1.10.0 to 1.11.0 36a60f6 @​dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.19.7 to 0.19.8 de2fcc5 @​dependabot[bot]
• build(deps): bump google.golang.org/api from 0.151.0 to 0.152.0 9ca889b @​dependabot[bot]
• deps: Upgrade to libwebp 1.3.2 4fb40ee @​bep #​11746
• build(deps): bump github.com/aws/aws-sdk-go from 1.48.4 to 1.48.6 bc93a36 @​dependabot[bot]
• build(deps): bump golang.org/x/tools from 0.15.0 to 0.16.0 3e5bc6f @​dependabot[bot]
• build(deps): bump github.com/getkin/kin-openapi from 0.120.0 to 0.121.0 7c47036 @​dependabot[bot]
• build(deps): bump github.com/bep/logg from 0.3.0 to 0.4.0 4d07e1f @​dependabot[bot]
• deps: Upgrade to github.com/bep/simplecobra v0.4.0 1c41232 @​bep
• build(deps): bump github.com/aws/aws-sdk-go from 1.48.2 to 1.48.4 f11ca0f @​dependabot[bot]
• build(deps): bump golang.org/x/tools from 0.14.0 to 0.15.0 d7a2f3f @​dependabot[bot]
• build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 ef12d16 @​dependabot[bot]
• build(deps): bump github.com/fatih/color from 1.15.0 to 1.16.0 a62bbfa @​dependabot[bot]
• build(deps): bump golang.org/x/net from 0.17.0 to 0.18.0 5887230 @​dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.19.5 to 0.19.7 a4a66b8 @​dependabot[bot]
• build(deps): bump github.com/alecthomas/chroma/v2 from 2.10.0 to 2.11.1 813390b @​dependabot[bot]
• build(deps): bump github.com/tdewolff/minify/v2 from 2.20.5 to 2.20.7 d528bbd @​dependabot[bot]
• build(deps): bump google.golang.org/api from 0.138.0 to 0.151.0 af7f6c8 @​dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go from 1.45.14 to 1.48.2 (#​11724) e70849e @​dependabot[bot] #​11723

Documentation

• docs: Regen docshelper 255e0a9 @​bep
• docs: Adjust last merge from docs repository 6580cd3 @​jmooring
• docs: Regen docs helper 7617de8 @​bep

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.