🌐 UIBUILDER Bug-fix release: v7.6.2 (Bonus: Improved docs layout)

Hi all, an undeniably speedy follow-up to the last feature release (and its bug-fix).

Squashed a number of annoying edge-case bugs, especially in Markweb.

But, as you can see from the changelog below, I also snuck in a nice update to the documentation. I've moved the page table-of-contents into the navigation sidebar with a similar layout to Markweb. I've also made the sidebar resizable. So now you have a lot more room to be reading the documentation, especially if you have to use zoomed in web-pages.

Enjoy!

You can see the updated docs layout here:

Code commits since last release.

This is a bug-fix release.

However, there is an update to the UIBUILDER Documentation! The page table-of-contents now sits in the sidebar (similar to Markweb) which gives a lot more room for the main text. In addition, the sidebar is now resizable.

• A number of fixes have been made to Markweb, nothing major. Includes making the copyright footer dynamically update on changes to the page front-matter.
• Removed ws: and wss: from the default Content Security Policy (CSP) connect-src as they are not needed and can interfere with other settings.
• Added uibuilder.asyncSend() function to the client docs.

I still had to add + "connect-src 'self' https://cdn.jsdelivr.net; " and activate uibMiddleware.js to stop a connect-src error. Using "'self' https" also works, but being more specific maybe safer?

Current setup in uibMiddleware.js

// Define your policy string
let csp =
    "default-src 'self' 'unsafe-inline' data: blob: https:; "
    + "connect-src 'self' https:; "
    + "img-src 'self' data: blob: https:; "
    + "font-src 'self' data: https: ; "
    + "style-src 'self' 'unsafe-inline' data: blob: https:; "
    + "script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https:; "

PS Many thanks for the improved documentation

Yes, specific is safer for sure.

Installing the libraries locally also more secure since you control the updates and won't need the extra.