Mistune 2.0 upgrading guide?

[mr-c]

Congratulations on your release!

Any advice for updating to Mistune 2.0 from 0.8.x?

AttributeError: module 'mistune' has no attribute 'Renderer'

[TimB87]

I get the same error, but about BockGrammar.

[rouilj]

Render I think is replaced with HTMLRenderer. Also I found escape_link is also missing.

I am more worried about how to disable the include directive. I am processing user supplied
text.

For the time being I am keeping Roundup pinned to 0.8.4 version of mistune.

[sheybey]

Render I think is replaced with HTMLRenderer. Also I found escape_link is also missing.

Instead of directly instantiating and using HTMLRenderer, you should instead use mistune.create_markdown.

escape_link functionality is now implemented directly by the html renderer: https://github.com/lepture/mistune/blob/v2.0.2/mistune/renderers.py#L116

If you were just using escape_link to filter urls by scheme, you can do this with python's built-in urllib.

from urllib.parse import urlparse
# python 2: from urlparse import urlparse

SAFE_SCHEMES = ['http', 'https', 'ftp']

def is_safe_url(url):
    scheme = urlparse(url)[0]
    return scheme in SAFE_SCHEMES

I am more worried about how to disable the include directive. I am processing user supplied text.

The include directive is only enabled if you explicitly enable it. You can check what plugins are enabled by default by reading the definition of html in __init__.py: https://github.com/lepture/mistune/blob/v2.0.2/mistune/__init__.py#L44

Or, you can just call create_markdown which won't add any plugins other than what you specify.

[rouilj]

Render I think is replaced with HTMLRenderer. Also I found escape_link is also missing.

Instead of directly instantiating and using HTMLRenderer, you should instead use mistune.create_markdown.

I generate my own renderer (see below), I assume my renderer class gets instantiated and passed in
as mistune.create_markdown(...,renderer=LinkRendererWithRel(...),)?

escape_link functionality is now implemented directly by the html renderer: https://github.com/lepture/mistune/blob/v2.0.2/mistune/renderers.py#L116

If you were just using escape_link to filter urls by scheme, you can do this with python's built-in urllib.

from urllib.parse import urlparse
# python 2: from urlparse import urlparse

SAFE_SCHEMES = ['http', 'https', 'ftp']

def is_safe_url(url):
    scheme = urlparse(url)[0]
    return scheme in SAFE_SCHEMES

Under 0.8.4 I was setting:

  mistune._scheme_blacklist = [ s + ':' for s in _disable_url_schemes ]

A safe scheme filter is safer though.

Note that I add the rel="nofollow noreferer" attribute to rendered links. So I have my own
renderer class:

  class LinkRendererWithRel(Renderer):

My class overrides autolink and link methods. The class is passed to markdown as:

  markdown = lambda s, c: mistune.markdown(s, {'renderer': LinkRendererWithRel(escape = True)})

I am more worried about how to disable the include directive. I am processing user supplied text.

The include directive is only enabled if you explicitly enable it. You can check what plugins are enabled by default by reading the definition of html in init.py: https://github.com/lepture/mistune/blob/v2.0.2/mistune/__init__.py#L44

Or, you can just call create_markdown which won't add any plugins other than what you specify.

Ok. I'll try to work with it sometime this week.

Thanks.

[mr-c]

Here is how @fmigneault upgraded to Mistune 2.0 common-workflow-language/schema_salad@4733227#diff-73bac5f09290fd54add4e5397028f1f1d02a787c8f445a92cb578ead12582953