`github.com/gohugoio/hugo`

Ecosystem:
go

Package URL:
pkg:golang/github.com/gohugoio/hugo

Total PRs:
250 Dependabot PRs

Latest PR:
14 days ago

Unique Repositories:
46 repositories

Unique Repos (30 days):
3 repositories

Security Advisories

Hugo's Node tool execution allows file system access outside the project directory

GHSA-x597-9fr4-5857 CVE-2026-44301 MODERATE published about 1 month ago • updated 10 days ago

## Impact When building a Hugo site that uses Node-based asset pipelines (PostCSS, Babel, TailwindCSS), Hugo invoked the configured Node tools wit...

Recent PRs

RSS Feed

chore(deps): bump github.com/gohugoio/hugo from 0.149.1 to 0.161.0 in the go_modules group across 1 directory

Icehunter/dune-admin #8

0.149.1 → 0.161.0 Minor PR

Closed 14 days ago 1 comment

Bump github.com/gohugoio/hugo from 0.160.1 to 0.161.0 in /hack/tools in the go_modules group across 1 directory

umairsiddiquie/kueue #2

0.160.1 → 0.161.0 Minor PR

Closed about 1 month ago 1 comment

Bump github.com/gohugoio/hugo from 0.160.1 to 0.161.0 in /hack/tools

kubernetes-sigs/kueue #11042

0.160.1 → 0.161.0 Minor PR

Open about 1 month ago 11 comments

Bump github.com/gohugoio/hugo from 0.159.2 to 0.160.1 in /hack/tools

kubernetes-sigs/kueue #10374

0.159.2 → 0.160.1 Minor PR

Open 2 months ago 5 comments

Chore(deps): Bump the go_modules group across 25 directories with 6 updates

RalphHightower/grafana #48

0.147.6 → 0.159.2 Minor PR

Closed 2 months ago 1 comment

build(deps): bump github.com/gohugoio/hugo from 0.101.0 to 0.159.2 in /scripts in the go_modules group across 1 directory

AKJUS/prometheus-operator #239

0.101.0 → 0.159.2 Minor PR

Open 2 months ago 1 comment

chore(deps): bump github.com/gohugoio/hugo from 0.82.0 to 0.159.2 in /bertytech in the go_modules group across 1 directory

loveyou001/www.berty.tech #1

0.82.0 → 0.159.2 Minor PR

Open 2 months ago 4 comments

Chore(deps): Bump the go_modules group across 14 directories with 3 updates

RalphHightower/grafana #45

0.147.6 → 0.159.2 Minor PR

Closed 2 months ago 1 comment

chore(deps): bump github.com/gohugoio/hugo from 0.149.1 to 0.159.2 in /service

jamesread/Japella #70

0.149.1 → 0.159.2 Minor PR

Closed 2 months ago 1 comment

build(deps): bump github.com/gohugoio/hugo from 0.149.1 to 0.159.2

dev-hato/hato-atama #5851

0.149.1 → 0.159.2 Minor PR

Open 2 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.149.1 to 0.159.2

spwg/personal-website #51

0.149.1 → 0.159.2 Minor PR

Closed 2 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.149.1 to 0.159.2 in /apps/api in the go_modules group across 1 directory

harusame0616/jukubox #28

0.149.1 → 0.159.2 Minor PR

Closed 2 months ago 1 comment

chore(deps): bump github.com/gohugoio/hugo from 0.139.4 to 0.159.2

jonesrussell/gimbal #25

0.139.4 → 0.159.2 Minor PR

Open 2 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.158.0 to 0.159.1

coder/coder #23785

0.158.0 → 0.159.1 Minor PR

Closed 2 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.155.3 to 0.157.0 in /hack/tools

kubernetes-sigs/kueue #9563

0.155.3 → 0.157.0 Minor PR

Closed 3 months ago 7 comments

chore: bump github.com/gohugoio/hugo from 0.152.2 to 0.156.0

Ahmadjamil888/pipeline-ai #81

0.152.2 → 0.156.0 Minor PR

Closed 4 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.110.0 to 0.156.0 in /scripts/PyHugo/go

cmahnke/projektemacher-base #526

0.110.0 → 0.156.0 Minor PR

Closed 4 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.155.2 to 0.155.3 in /hack/tools

kubernetes-sigs/kueue #9216

0.155.2 → 0.155.3 Patch PR

Open 4 months ago 6 comments

chore: bump github.com/gohugoio/hugo from 0.131.0 to 0.155.3

kehanzhang/athens-coder #773

0.131.0 → 0.155.3 Minor PR

Closed 4 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.124.0 to 0.155.3

Txim0520/https-github.com-coder-coder #855

0.124.0 → 0.155.3 Minor PR

Closed 4 months ago 1 comment

chore(deps): Bump github.com/gohugoio/hugo from 0.154.5 to 0.155.1

zerok/zerokspot.com #1082

0.154.5 → 0.155.1 Minor PR

Closed 4 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.110.0 to 0.155.0 in /scripts/PyHugo/go

cmahnke/projektemacher-base #499

0.110.0 → 0.155.0 Minor PR

Closed 4 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.154.2 to 0.154.5 in /hack/internal/tools

kubernetes-sigs/kueue #8536

0.154.2 → 0.154.5 Patch PR

Open 5 months ago 8 comments

chore(deps): bump github.com/gohugoio/hugo from 0.154.1 to 0.154.2

golanglib/dependabot_botherer #8466

0.154.1 → 0.154.2 Patch PR

Open 5 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.143.0 to 0.154.2

klosraf/coder #147

0.143.0 → 0.154.2 Minor PR

Closed 5 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.153.0 to 0.154.2 in /hack/internal/tools

sgl-project/ome #486

0.153.0 → 0.154.2 Minor PR

Open 5 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.152.2 to 0.154.2

Ahmadjamil888/pipeline-ai #24

0.152.2 → 0.154.2 Minor PR

Closed 5 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.110.0 to 0.154.1 in /scripts/PyHugo/go

cmahnke/projektemacher-base #473

0.110.0 → 0.154.1 Minor PR

Closed 5 months ago 1 comment

chore(deps): Bump github.com/gohugoio/hugo from 0.152.2 to 0.153.5

zerok/zerokspot.com #1061

0.152.2 → 0.153.5 Minor PR

Closed 5 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.147.0 to 0.153.4

officialmofabs/codeserver #562

0.147.0 → 0.153.4 Minor PR

Open 5 months ago 2 comments

Bump github.com/gohugoio/hugo from 0.125.5 to 0.139.4

kmodules/codespan-schema-checker #73

0.125.5 → 0.139.4 Minor PR

Closed 6 months ago 2 comments

chore(deps): bump github.com/gohugoio/hugo from 0.153.1 to 0.153.2

golanglib/dependabot_botherer #8313

0.153.1 → 0.153.2 Patch PR

Closed 6 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.147.0 to 0.153.1

officialmofabs/codeserver #550

0.147.0 → 0.153.1 Minor PR

Open 6 months ago 2 comments

chore: bump github.com/gohugoio/hugo from 0.131.0 to 0.153.1

kehanzhang/athens-coder #735

0.131.0 → 0.153.1 Minor PR

Closed 6 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.152.2 to 0.153.0

Ahmadjamil888/pipeline-ai #5

0.152.2 → 0.153.0 Minor PR

Closed 6 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.147.7 to 0.153.0 in /hack/internal/tools

sgl-project/ome #465

0.147.7 → 0.153.0 Minor PR

Open 6 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.147.7 to 0.152.2 in /hack/internal/tools

sgl-project/ome #366

0.147.7 → 0.152.2 Minor PR

Closed 6 months ago 2 comments

chore: bump github.com/gohugoio/hugo from 0.139.2 to 0.152.2

onchainengineering/hmi-wirtual #358

0.139.2 → 0.152.2 Minor PR

Closed 7 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.139.2 to 0.152.2

onchainengineering/hmi-computer #349

0.139.2 → 0.152.2 Minor PR

Closed 7 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.150.0 to 0.152.2

ongood/coder #1210

0.150.0 → 0.152.2 Minor PR

Closed 7 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.147.7 to 0.152.2 in /hack/internal/tools

kubernetes-sigs/kueue #7396

0.147.7 → 0.152.2 Minor PR

Open 8 months ago 3 comments

Bump github.com/gohugoio/hugo from 0.110.0 to 0.152.0 in /scripts/PyHugo/go

cmahnke/projektemacher-base #417

0.110.0 → 0.152.0 Minor PR

Closed 8 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.147.0 to 0.151.2

officialmofabs/coder #459

0.147.0 → 0.151.2 Minor PR

Closed 8 months ago 3 comments

go(deps): bump github.com/gohugoio/hugo from 0.148.2 to 0.151.2

NordGus/financo #724

0.148.2 → 0.151.2 Minor PR

Closed 8 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.110.0 to 0.151.1 in /scripts/PyHugo/go

cmahnke/projektemacher-base #411

0.110.0 → 0.151.1 Minor PR

Closed 8 months ago 1 comment

Bump github.com/gohugoio/hugo from 0.147.7 to 0.151.0 in /hack/internal/tools

kubernetes-sigs/kueue #7235

0.147.7 → 0.151.0 Minor PR

Open 8 months ago 4 comments

chore: bump github.com/gohugoio/hugo from 0.143.0 to 0.151.0

klosraf/coder #52

0.143.0 → 0.151.0 Minor PR

Closed 8 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.131.0 to 0.151.0

kehanzhang/athens-coder #655

0.131.0 → 0.151.0 Minor PR

Closed 8 months ago 1 comment

chore: bump github.com/gohugoio/hugo from 0.147.0 to 0.151.0

officialmofabs/coder #443

0.147.0 → 0.151.0 Minor PR

Open 8 months ago

chore: bump github.com/gohugoio/hugo from 0.124.0 to 0.151.0

Txim0520/https-github.com-coder-coder #714

0.124.0 → 0.151.0 Minor PR

Open 8 months ago

Package Details

Name:	`github.com/gohugoio/hugo`
Ecosystem:	go
PURL Type:	golang
Package URL:	`pkg:golang/github.com/gohugoio/hugo`
JSON API:	View JSON

Security Advisories

5

Active advisories

HIGH 1

MODERATE 4

View All golang Advisories

Package Information

Description:

Repository:	https://github.com/gohugoio/hugo
Homepage:	https://github.com/gohugoio/hugo
Latest Release:	`v0.147.7` about 1 year ago
Dependent Repos:	210
Dependent Packages:	232
Ranking:	Top 0.4395% by dependent repos Top 0.3199% by dependent pkgs

PR Status

Open 77 (30.8%)

Merged 31 (12.4%)

Closed 102 (40.8%)

PR Types

Minor 169 (67.6%)

Patch 41 (16.4%)

github.com/gohugoio/hugo

Security Advisories

Hugo can execute a binary from the current directory on Windows

Hugo: Certain markdown links are not properly escaped

Hugo Markdown titles do not escaped in internal render hooks

Hugo does not escape some attributes in internal templates

Hugo's Node tool execution allows file system access outside the project directory

Recent PRs

Package Details

Security Advisories

5

Package Information

PR Status

PR Types

`github.com/gohugoio/hugo`