What's Changed

• Fix "image: unknown format" error a8c5d0d @bep #14295
• modules: Remove extended edition check a94a941 @bep #14284
• misc: Update edition comparison and guidance in README.md 385d1a1 @jmooring

• Handle PNG named *.webp 4085ee9 @bep #14288
• Revert deprecation logging for contentDir per language 168bf17 @bep #14287
• Fix panic when 404 is backed by a content file f740d7c @bep #14283
• internal/warpc: Increase WebP memory limit to 256 MiB 5f46da6 @jmooring #14282

This is a good one! Hugo v0.153.0 comes with a powerful new multidimensional content model (languages, versions and roles) and completely overhauls WebP image support, and much more:

• For the new multidimensional content model, start reading sites matrix and sites complements. The matrix is what gets written to disk, complements allows e.g. a site in Swedish to fill in missing gaps in the site in Norwegian's page and resource collections. Also see the new Rotate method, that allows you to rotate the content tree in a given dimension.
• For WebP we now build a WASM version of libwebp (v1.6.0) and run it in the Wazero runtime. We use this for both encoding and decoding. This solves an old and annoying issue with Go's stdlib's decoder, with loss of contrast and muted colors in some photos, but it also means that you don't need the extended version of Hugo to handle WebP images. And, drum roll, we now also support animated WebP, including converting to and from animated GIFs.
• For MacOS, we now build signed and notarised pkg installers.

Also:

• The Asciidoctor integration is greatly improved.
• New template funcs urls.PathUnescape and urls.PathEscape.
• openapi3.Unmarshal now support external refs (including remote refs).

Notes

• tpl/css: Deprecate libsass in favor of dartsass (note) 9937a5d @bep #14261
• Build Order: Hugo builds sites based on the sorted dimensions (see below). In earlier versions, we built the sites starting with the default content language. This change is also reflected in the sort order of .Site.Sites to make it consistent with .Site.Languages.
• Sort Order: The dimensions are sorted as follows, which affects build order and complement selection:
  • languages: By weight, then by name.
  • versions: By weight, then by semantic versioning (descending).
  • roles: By weight, then by name.
• Deprecations:
  • The lang option on mounts (https://gohugo.io/configuration/module/#mounts) and segments
    (https://gohugo.io/configuration/segments/#segment-definition) is deprecated in favor of the more powerful sites.matrix
    option.
  • File mount includeFiles and excludeFiles are deprecated in favour of the new files filter, which supports negation.
• Logging: We no longer log warnings about potential duplicate content paths, as this becomes impractical to reason about with a
  complex sites matrix.

Bug fixes

• Fix some outdated front matter b82e496 @bep #14271
• Fix server rebuilds on editing content with Chinese terms e2e64ae @bep #14240
• Fix slow server startup of very big content trees 7a43b92 @bep #14211
• github: Fix "no space left on device" issue in CI b037b93 @bep
• docs: Fix link to CGO wiki page 5af3112 @jordelver
• Fix grammatical error in styleguide.md 62c4740 @bep
• hugolib: Fix recently introduced data race 94a6233 @bep #14140
• docshelper: Fix some YAML serialization issues with sites matrix configuration 22d0c17 @bep #14132
• resources/page: Fix slugorcontentbasename for section pages 25c7c18 @dvdksn #14104
• all: Fix some benchmarks broken by modernize 91eac9e @bep #14107
• all: Run modernize -fix ./... 04650ce @bep #14107

Improvements

• resources/images: Don't trust the file extension when decoding JPEG and PNG images 65d43e1 @bep
• Add full filename to image processing error messages if possible 65a7666 @bep #14278
• tailwindcss: Add referece to skipInlineImportsNotFound when import not found in assets da5b1fc @bep #14273
• Improve error messages for template failures 0637adb @bep
• Improve error handling/messages in Hugo Pipes 0bf6135 @bep #14257 #14270
• images: Add a webp test with bg color 573ecb5 @bep
• Encode and Decode using the libwebp library via WASM with animation support 1b4514e @bep #10030 #8500 #12843 #8879 #12842
• config/allconfig: Correct error message 429e572 @jmooring #14259
• tpl: Add missing functions to init files fa7d37f @jmooring #14249
• github: Add some known humans to the AI whitelist fae49a2 @bep
• langs/i18n: Prefer languageCode when picking translation file 6be463b @bep #14204 #14217
• Add entitlements for WebAssembly for macOS Tahoe 9e24b56 @bep #14220
• testscripts: Move layouts file to new structure 45b67f6 @bep
• resources: Skip integration test if Dart Sass is not installed 5e649eb @jmooring
• testing: Replace legacy config.toml with hugo.toml in most tests 3073fd5 @bep
• testing: Port integration tests to new templates structure b9b304a @bep
• github: Correct dependabot => dependabot[bot] 8be30ef @bep
• config/privacy: Change GoogleAnalytics.RespectDoNotTrack default to true 565a10c @jmooring #13307
• Add signed and notarized MacOS pkg builds 438f113 @bep #14135
• Upgrade to Go 1.25.4 dab5405 @bep
• tpl/urls: Add PathEscape and PathUnescape functions 1a1b062 @jmooring #14209
• Speedup and simplify page assembly for deeper content trees 555dfa2 @bep
• gemini: Remove styleguide.md (for now) 34b0c15 @bep
• github: Reenable Gemini, but no auto code review 9dc38e9 @bep
• github: Partition tests by their root b592d34 @bep
• github: Make the clean commands work 18a2afa @bep
• github: Also test the root package (left out in previous commit) 0b0c827 @bep
• github: More disk space saving optimizations 30dc75e @bep
• github: Add PR Template 6bc8e6f @jmooring
• Adjust benchmark cda4d75 @bep
• tpl/openapi: Add support for OpenAPI external file references 84950ed @bep #8067
• github: Skip dependabot for AI Watchdog workflow a8ed613 @bep
• github: Remove the 386 test step in GitHub test workflow b971b7f @bep #14201
• github: Remove test binaries after CI test runs 24210dc @bep
• github: Adjust watchdog run logic (now with correct spelling) 0f94274 @bep
• github: Adjust watchdog run logic (again) 5f9c3a3 @bep
• github: Adjust watchdog run logic 51d77a6 @bep
• github: Only run AI Watchdog when the PR is ready for review d25b619 @bep
• Update aiwatchdog.yml 4a76d8c @bep
• Update aiwatchdog.yml d837eff @bep
• Update aiwatchdog.yml 323e306 @bep
• github: Add label to AI suspects and do not fail when confident 2047638 @bep
• github: Adjust AI Watchdog workflow to make it run PRs from forks 38efb70 @bep
• github: Adjust workflow permissions bdf8b1a @bep
• performance: Misc allocation improvements f33c1a3 @bep
• github: Add ai-watchdog workflow and update other workflows' versions 56d7925 @bep #14147
• tpl/collections: Improve collections.D c6b6910 @jmooring #14143
• Optimize memory allocations for sites matrix vector stores ca40254 @bep
• gemini: Disable auto PR codereviews for now 44b5f13 @bep
• Update styleguide.md 2c6574e @bep
• Add gemini setup files 60c4245 @bep
• static: Preserve .gitignore and .gitattributes in --cleanDestinationDir 5e6b269 @Ahamed1846 #14097
• hugolib: Improve performance of content trees with many sections 26f31ff @bep
• Add a site assembly benchmark test for a deeper site structure with more sections and pages 606415e @bep
• sitesmatrix: Clary default dimension values dc2f6ae @bep
• Run go mod tidy to clean up go.mod and go.sum a0944ac @bep
• testing: Rewrite all the old style integration tests to txtar style tests a2469d5 @bep
• hugolib: Delete some old integration tests e24b604 @bep
• testing: Revise usage of b.N and b.Loop() in benchmarks 4c7a78f @bep
• Add roles and versions as new dimensions (in addition to language) 264022a @bep #519 #13680 #13663 #13776 #13855 #13648 #13996 #14001 #14031 #13818 #13196
• Update CONTRIBUTING.md ff0f67e @bep
• hreflect: Cache reflect method lookups used in collections.Where and others e9bda21 @bep
• all: Simplify the reflect usage 3893e70 @bep

Dependency Updates

• build(deps): bump github.com/goccy/go-yaml from 1.19.0 to 1.19.1 39649dc @dependabot[bot]
• build(deps): bump github.com/alecthomas/chroma/v2 from 2.21.0 to 2.21.1 614fb16 @dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/cloudfront 33542d3 @dependabot[bot]
• deps: Upgrade github.com/alecthomas/chroma/v2 v2.20.0 => v2.21.0 588d20b @bep #14266
• build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.40.1 to 1.41.0 b337302 @dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.27.1 to 0.27.2 e6a3f1d @dependabot[bot]
• build(deps): bump golang.org/x/image from 0.33.0 to 0.34.0 364d237 @dependabot[bot]
• build(deps): bump golang.org/x/tools from 0.39.0 to 0.40.0 079f3eb @dependabot[bot]
• build(deps): bump github.com/tdewolff/minify/v2 from 2.24.7 to 2.24.8 4e6f2b6 @dependabot[bot]
• build(deps): bump gocloud.dev from 0.43.0 to 0.44.0 dff5e16 @dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/cloudfront c82a035 @dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.27.0 to 0.27.1 86b01ed @dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.40.0 to 1.40.1 9e7182e @dependabot[bot]
• build(deps): bump github.com/spf13/cobra from 1.9.1 to 1.10.2 cf3ad62 @dependabot[bot]
• build(deps): bump github.com/goccy/go-yaml from 1.18.0 to 1.19.0 bf42138 @dependabot[bot]
• build(deps): bump github.com/olekukonko/tablewriter from 1.1.1 to 1.1.2 57fecb6 @dependabot[bot]
• build(deps): bump github.com/JohannesKaufmann/html-to-markdown/v2 6d0ab6a @dependabot[bot]
• b...

In v0.152.0 we tightened the source validation for file mounts. We always said that project mounts can mount with absolute file/directorynames, modules/themes are restricted to relative. In v0.152.0 we narrowed module/themes mounts to be local, which made the setup in the bug report listed below fail:

[[module.mounts]]
source = '../../node_modules/bootstrap'
target = 'assets/vendor/bootstrap'

One part of this is security. But the construct above is usually very odd (the project uses files in a theme/module, not the other way around) and not very portable. But the example above demonstrates a valid exception, that we now have added support for in a portable way. The above example now works as it did before v0.152.0, but going forward you can also write:

[[module.mounts]]
source = 'node_modules/bootstrap'
target = 'assets/vendor/bootstrap'

We now have the node_modules as a special case: For themes/modules we first check if the mounted source exists locally, if not we try relative to the project root.

What's Changed

• deps: Update github.com/tdewolff/minify v2.24.4 => v2.24.5 1c8c21e @jmooring #14086
• hugofs: Make node_modules a "special case" mount 809ebe0 @bep #14089
• github: Fix typo in stale PR message 08a0679 @jordelver

These fixes are are all related to the YAML library upgrade in v0.152.0.

• Expand the numeric conversions to template funcs/methods e08278d @bep #14079
• Fix where with uint64 df4f80d @bep #14081
• Fix it so YAML integer types can be used where Go int types are expected d4c7888 @bep #14079
• tpl/compare: Fix compare/sort of uint64s 29e2c2f @bep #14078
• Fix "assignment to entry in nil map" on empty YAML config files 0579afc @bep #14074

The big new thing and the motivation behind this release is the upgrade to a more modern YAML library in @goccy 's github.com/goccy/go-yaml. It's been a surprisingly long and winding road to get here. Note that this upgrade comes with some minor breaking changes, most notably that the old YAML 1.1 spec listed a set of strings that, when unquoted, were treated as boolean true or false. So if you're using any of the values in the table below as booleans, you need to adjust your YAML, but I suspect that fixing this very surprising behavior will fix more issues than it introduces. A big new thing with this new YAML library is the support for YAML anchors and aliases which helps to reduce duplication in e.g. your configuration. There are some examples in Hugo's release build configuration and in the Hugo's CI release setup.

Note

• Replace to gopkg.in/yaml with github.com/goccy/go-yaml (note) a3d9548 @bep #8822 #13043 #14053

Improvements

• config: Clone language map entries before modifying them a130770 @bep #14072
• Skip flaky test for now 9425b93 @bep #14072
• Misc YAML adjustments bd50c9c @bep #14067
• hugofs: Make sure that non-project module mounts are local paths a8e0ca9 @bep #14069
• langs/i18n: Improve reserved key error message 559a029 @jmooring #14061
• langs: Add test case using a "reserved" i18n code 5bad0d5 @bep #14061

Dependency Updates

• deps: Upgrade github.com/gohugoio/go-i18n/v2 184b10e @bep
• build(deps): bump github.com/tdewolff/minify/v2 from 2.24.3 to 2.24.4 9e344bb @dependabot[bot]

Build Setup

• Merge branch 'release-0.151.2' d51adca @bep

What's Changed

• parser/pageparser: Add a testcase for nested shortcodes of the same name 989454a @bep #14054
• parser/pageparser: Fix shortcode nesting regression 1e91e46 @bep #14054

This release is mostly motivated by some upstream security fixes:

• Upgrade from Go 1.25.1 to Go 1.25.3 which comes with 10 security fixes.
• Go's net/html package also has one security patch

I, @bep, have inspected the above issues, and none of them seem to be relevant for Hugo, but we understand that many want to have a clean security report.

Bug fixes

• tpl: Fix strings/truncate CJK handling 88aea56 @oishikazuo #14039
• parser/pagerparser: Fix closing shortcode error handling when repeated a133393 @bep

Improvements

• Upgrade Go to 1.25.3 e2fb0b0 @bep
• create/skeletons: Wrap section and home lists with section tags 29cf874 @imomaliev
• markup/goldmark: Align blockquote default output with Goldmark 1b4dd43 @jmooring #14046
• parser/pageparser: Store shortcode names as unique.Handle[string] to save memory allocations 4414ef7 @bep
• testscripts: Make test assertion less specific 9197deb @bep

Dependency Updates

• build(deps): bump github.com/gohugoio/hashstructure from 0.5.0 to 0.6.0 f4c1157 @dependabot[bot]
• build(deps): bump golang.org/x/image from 0.30.0 to 0.32.0 54075ac @dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.25.10 to 0.25.11 8b52303 @dependabot[bot]
• build(deps): bump golang.org/x/tools from 0.37.0 to 0.38.0 3d45d30 @dependabot[bot]
• build(deps): bump golang.org/x/mod from 0.28.0 to 0.29.0 095157c @dependabot[bot]

Some notable new features in Hugo v0.151.0 are:

• New transform.HTMLToMarkdown template function. One possible use case would be to provide LLM friendly content.
• Hugo now reports OSC 9;4 progress when building; progress bars/indicators are supported by terminals such as Ghostty on Macos and Linux, Windows terminal.
• Several new config options for Markdown foot notes.

Note

• transform/livereloadinject: Skip livereload.js injection if no tags found (note) 7fd6762 @AndrewChubatiuk

Improvements and bug fixes

• Fix file caching for 404 responses in resources.GetRemote 03b33ec @bep #14019
• markup/goldmark: Enhance footnote extension with backlinkHTML option b462980 @jmooring #11434
• markup/goldmark: Enhance footnote extension with auto-prefixing option 47678d8 @jmooring #8045
• Adjust the terminal progress reporter a little 510d98b @bep
• Add transform.HTMLToMarkdown c5dca3b @bep #13946
• Report OSC 9;4 progress when building ec463c0 @bep
• tpl: Workaround s390x precision of Atan and Tan 105d3bc @toddy15
• cache/httpcache: Add respectCacheControlNoStoreInResponse and respectCacheControlNoStoreInRequest options 3e46ba5 @bep #13990
• common/hreflect: Speed up IsTrutfulValue 4d13035 @bep

Dependency Updates

• build(deps): bump google.golang.org/api from 0.248.0 to 0.251.0 584f052 @dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/cloudfront b76d717 @dependabot[bot]
• build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.38.1 to 1.39.2 4d2743e @dependabot[bot]
• build(deps): bump golang.org/x/tools from 0.36.0 to 0.37.0 c20f70d @dependabot[bot]
• build(deps): bump github.com/spf13/afero from 1.14.0 to 1.15.0 1b55621 @dependabot[bot]
• build(deps): bump github.com/tdewolff/minify/v2 from 2.24.2 to 2.24.3 106c8e6 @dependabot[bot]
• build(deps): bump github.com/evanw/esbuild from 0.25.9 to 0.25.10 9928122 @dependabot[bot]
• build(deps): bump golang.org/x/text from 0.28.0 to 0.29.0 9943c1b @dependabot[bot]
• build(deps): bump github.com/olekukonko/tablewriter from 1.0.9 to 1.1.0 7667573 @dependabot[bot]
• build(deps): bump github.com/spf13/cast from 1.9.2 to 1.10.0 d71c07c @dependabot[bot]

What's Changed

• hugolib: Change duplicate content path warning to an info log 64f4073 @jmooring
• hugolib: Restore integration test 1140314 @jmooring #13991
• commands: Map --minify CLI flag to the correct configuration key 404fd9e @jmooring #13988
• snap: Add desktop plug b1b0cde @maxkapur
• test(deps): Update setup-ruby action to v1.257.0 3eea082 @maxkapur