Bump github.com/gohugoio/hugo from 0.138.0 to 0.139.5

[dependabot]

Bumps github.com/gohugoio/hugo from 0.138.0 to 0.139.5.

Release notes

Sourced from github.com/gohugoio/hugo's releases.

v0.139.5

This is a release created for technical reasons, see gohugoio/hugo#13147

It's the same as https://github.com/gohugoio/hugo/releases/tag/v0.139.4 -- go there for release archives.

v0.139.4

This release contains a security fix. See this Security Advisory for details. Note that this is only relevant if you don't trust your content (e.g. Markdown) files.

What's Changed

• tpl/tplimpl: Escape Markdown attributes in render hooks and shortcodes 54398f8d5 @​jmooring
• deps: Upgrade github.com/bep/godartsass/v2 v2.3.1 => v2.3.2 b8c15f245 @​bep
• common/maps: Simplify TestScratchSetInMap/DeleteInMap d0dc51884 @​alexandear
• markup/tableofcontents: Cast Fragments.ToHTML args to int b52985900 @​jmooring #13107

v0.139.3

What's Changed

• Fix server edits of resources included in shortcode/hooks c1dc35dd7 @​bep #13093
• commands: Fix flaw in the livereload logic dea158c88 @​bep
• build(deps): bump github.com/bep/godartsass/v2 from 2.3.0 to 2.3.1 7e130e34f @​dependabot[bot]
• build(deps): bump github.com/tetratelabs/wazero from 1.8.1 to 1.8.2 88b7868fb @​dependabot[bot]
• Fix some typos fc3d1cbad @​thirdkeyword

v0.139.2

Note that this is the second patch release today. See v0.139.1. We had to do this release to get the Hugo Docs build running.

What's Changed

• modules: Skip empty lines in modules.txt 0ab81896d @​bep #13084

v0.139.1

What's Changed

• Revert "build(deps): bump github.com/tdewolff/minify/v2 from 2.20.37 to 2.21.1" aa3dd197f @​bep #13082
• minifiers: Add failing test for upstream bug 5a50eee9d @​bep #13082
• dartsass: Fix nilpointer on Close when Dart Sass isn't installed 8d017a60f @​bep #13076

v0.139.0

This release is mostly about removing code that has been deprecated for a long time. This has been shown as an ERROR in the build log and failed the build for at least the last 6 minor Hugo versions, in most cases much longer.

... (truncated)

Commits

• d0a5aa4 releaser: Bump versions for release of 0.139.5
• 54398f8 tpl/tplimpl: Escape Markdown attributes in render hooks and shortcodes
• b8c15f2 deps: Upgrade github.com/bep/godartsass/v2 v2.3.1 => v2.3.2
• d0dc518 common/maps: Simplify TestScratchSetInMap/DeleteInMap
• b529859 markup/tableofcontents: Cast Fragments.ToHTML args to int
• 487bb96 releaser: Prepare repository for 0.140.0-DEV
• 2f68643 releaser: Bump versions for release of 0.139.3
• c1dc35d Fix server edits of resources included in shortcode/hooks
• fc3d1cb Fix some typos
• 7e130e3 build(deps): bump github.com/bep/godartsass/v2 from 2.3.0 to 2.3.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #151.