Bump markdown from 3.5.2 to 3.6

Bumps markdown from 3.5.2 to 3.6.

Release notes

Sourced from markdown's releases.

Release 3.6

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

Changelog

Sourced from markdown's changelog.

[3.6] -- 2024-03-14

Changed

Refactor TOC Sanitation

• All postprocessors are now run on heading content.
• Footnote references are now stripped from heading content. Fixes #660.
• A more robust striptags is provided to convert headings to plain text. Unlike, the markupsafe implementation, HTML entities are not unescaped.
• The plain text name, rich html, and unescaped raw data-toc-label are saved to toc_tokens, allowing users to access the full rich text content of the headings directly from toc_tokens.
• The value of data-toc-label is sanitized separate from heading content before being written to name. This fixes a bug which allowed markup through in certain circumstances. To access the raw unsanitized data, retrieve the value from token['data-toc-label'] directly.
• An html.unescape call is made just prior to calling slugify so that slugify only operates on Unicode characters. Note that html.unescape is not run on name, html, or data-toc-label.
• The functions get_name and stashedHTML2text defined in the toc extension are both deprecated. Instead, third party extensions should use some combination of the new functions run_postprocessors, render_inner_html and striptags.

Fixed

• Include scripts/*.py in the generated source tarballs (#1430).
• Ensure lines after heading in loose list are properly detabbed (#1443).
• Give smarty tree processor higher priority than toc (#1440).
• Permit carets (^) and square brackets (]) but explicitly exclude backslashes (\) from abbreviations (#1444).
• In attribute lists (attr_list, fenced_code), quoted attribute values are now allowed to contain curly braces (}) (#1414).

Commits

• e524b8f Bump version to 3.6
• 3d8afc6 Allow attr_list quoted values to contain curly braces
• 9edba85 Refactor abbr escaping
• e4ab4a6 Refactor TOC sanitation
• a18765c Explicitly omit carot and backslash from abbr
• 421f1e8 Give smarty tree processor higher priority than toc
• c334a3e Ensure lines after heading in loose list are properly detabbed
• ea92856 Update the license template so GitHub can detect it
• a2effd6 Disable mkdocstrings show_symbol_type_toc option to work around searching iss...
• 91f9a12 Restore Attribute symbol type in mkdocstrings template
• Additional commits viewable in compare view