Update dependency mkdocs-include-markdown-plugin to v7 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
mkdocs-include-markdown-plugin (changelog)	==4.0.3 → ==7.1.8

GitHub Vulnerability Alerts

CVE-2025-59940

Impact

CWE-20: Improper Input Validation
Low impact

Patches

Patched in v7.1.8 (commit mondeja/mkdocs-include-markdown-plugin@7466d67)

Workarounds

No

---

Release Notes

mondeja/mkdocs-include-markdown-plugin (mkdocs-include-markdown-plugin)

v7.1.8

Compare Source

Bug fixes

• Escape substitution placeholders to prevent malformed output in edge cases.

v7.1.7

Compare Source

Bug fixes

• Fix passing negative values to heading-offset argument of include-markdown directive.

v7.1.6

Compare Source

Bug fixes

• Fix internal anchor in included file incorrectly rewritten.

v7.1.5

Compare Source

Bug fixes

• Fix bug when warning about some invalid directive arguments.
• Fix bug trying to use punctuations inside custom include directive names.

v7.1.4

Compare Source

Bug fixes

• Fix internal anchors in included files not rewritten correctly.

v7.1.3

Compare Source

Enhancements

• Add HTML support for relative URL rewrites.

v7.1.2

Compare Source

Enhancements

• Add cache_dir global setting to configure the path to the cache directory. When setted avoids the requirement to install platformdirs to use HTTP caching.

v7.1.1

Compare Source

New features

• Add a new directives global setting to customize directive names.

Enhancements

• Some performance optimizations.

v7.0.1

Compare Source

Enhancements

• Performance optimization up to 25% faster.

v7.0.0

Compare Source

Breaking changes

No longer installable on Python v3.8

Minimum Python version for installation is v3.9. Python v3.8 reached his end of life at 2024-10-07.

Comments are turned off by default

Before this release, the default value for comments argument of include-markdown directive was true. Now has been switched to false. This prevents some inconvenients, for example, trying to include one-line texts on table cells and list items.

If you want the previous behaviour, configure comments as true in the global configuration:

plugins:
  - include-markdown:
      comments: true

Indented code blocks must be surrounded by newlines

Now mkdocs-include-markdown-plugin will only detect indented code blocks if are surrounded by newlines, conforming to CommonMark specification.

In the practice this means that you must surround indented code blocks with newlines or possible link targets URLs will be rewritten to work in relative files. For example, the next code is not treated as an indented code block any more and will break:

Foo
    const auto lambda = []() { .... };

v6.2.2

Compare Source

Enhancements

• Add official support for Python v3.13.
• Relax wcmatch dependency.

v6.2.1

Compare Source

Bug fixes

• Improve performance of inclusion regex processing. Prevents to take a lot of time parsing long lines looking for inclusions.

v6.2.0

Compare Source

New features

• Add recursive argument to include-markdown directive.

Enhancements

• Apply substitutions from all directives at once. Improves performance in all includes and prevents big performance degradations including large contents in the same files of other includes.
• Warn when passing invalid arguments to directives. It could catches bad syntax, like trying to turning off comments in include directives (include does not provides a comments argument).

v6.1.1

Compare Source

Enhancements

• Change substitions order of directives. Prevents performance degradations when including long files with include directive in the same file with other include-markdown directive.

v6.1.0

Compare Source

New features

• Add a new recursive argument to the include directive that allows to stop recursively processing includes in included files.

v6.0.7

Compare Source

Bug fixes

• Fix error message on Windows when a file that is not inside the same drive of the docs_dir directory is not found.

v6.0.6

Compare Source

Bug fixes

• Fixed errors when using Mkdocs>=1.6.0 generated files (#​205). Now if you try to include using a relative path from a generated file, an error will be raised.

v6.0.5

Compare Source

Bug fixes

• Fixed default setting heading_offset not being applied.

v6.0.4

Compare Source

Bug fixes

• Fixed logging variables not included formatting messages (regression from v6.0.2).

v6.0.3

Compare Source

Enhancements

• Add mkdocs>=1.4 as dependency.

v6.0.2

Compare Source

Enhancements

• Dropped Python upper version requirement bound.

v6.0.1

Compare Source

Bug fixes

• Fixed some warnings not shown when missing start and end delimiters in some contexts (regression from v6.0.0).

v6.0.0

Compare Source

⚠️ Breaking changes

• Inclusion and exclusion relative paths and globs must start with ./ or ../. Non-explicit relative paths (like foo/bar.md) will be treated as relative to docs_dir (typically the docs/ directory). To migrate just prepend ./ in all your implicit relative paths and globs.

  - {% include-markdown "foo/bar.md" %}
  + {% include-markdown "./foo/bar.md" %}
  
  - {% include-markdown "foo/*.md" %}
  + {% include-markdown "./foo/*.md" %}

• exclude configuration setting added in v5.1.0 is not treated more as a default value for the exclude argument. Now accepts an array that defines multiple global exclusion patterns that will extend the exclude argument pattern matches. Relative paths used by the exclude global setting will be treated as relatives to docs_dir.

New features

• Includer and excluder globs now accept Bash-style wildcard patterns, allowing more flexible inclusions and exclusions, for example:

  {% include-markdown "**" exclude="./{index,LICENSE}.md" %}

• Allow to define paths and globs relative to docs/ directory for inclusions and exclusions with implicit relative paths like foo/bar.md or index.md.

Enhancements

• Raise PluginErrors instead of BuildErrors as recommended by Mkdocs.

v5.1.0

Compare Source

New features

The next default values for arguments can be defined as settings:

• start
• end
• exclude
• heading_offset
• rewrite_relative_urls

Bug fixes

• Fixed error getting content from cache.
• Fixed detection of invalid heading-offset values.

Improvements

• Improved invalid values detection of boolean and integer arguments.

v5.0.0

Compare Source

⚠️ Breaking changes

• Drop Python 3.7 support.
• Drop Mkdocs < 1.4.0 support.

Enhancements

• Add support for Python 3.12.

New features

• Files to include can be now be URLs to include remote content.
• Added cache extra and setting to control HTTP requests persistent file caching.

Bug fixes

• Fix errors not producing a non zero exitcode when building.

v4.0.4

Compare Source

Bug fixes:

• Fixed error using livereload server with Mkdocs < 1.4.0

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

❌ Deploy Preview for profound-shortbread-97ca2d failed.

Name	Link
🔨 Latest commit	a9355ee
🔍 Latest deploy log	https://app.netlify.com/projects/profound-shortbread-97ca2d/deploys/68dabb7011da570008900fe1