Disable goldmark unsafe HTML renderer

HeyItsGilbert · claude · HeyItsGilbert · commit 85969eb7f6b4 · 2026-05-26T07:42:52.000-07:00
No content files use raw HTML that requires the unsafe renderer —
the one exception (a 2008 podcast post with &lt;p&gt; and &lt;br /&gt;) is
converted to plain markdown. Disabling unsafe prevents raw HTML/JS
in any markdown file from rendering, which limits the blast radius
of future content injection vulnerabilities.

Co-Authored-By: Claude Sonnet 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/content/podcast/2008-03-16-one-liner-countdown-timer-in-powershell.md b/content/podcast/2008-03-16-one-liner-countdown-timer-in-powershell.md
@@ -13,10 +13,10 @@ Here's a quick one for ya. Perfect kitchen timer. Who doesn't have a laptop with
 
 
 start-sleep (60*9); write-host ("`a"*4)</pre>
-<p>Start-Sleep works in seconds, so you see where I've done some quick<br />
-math to get nine minutes. Not sure if the ()'s were required, but they<br />
-don't hurt. I didn't know the precedence of parameter parsing versus<br />
-multiplication off the top of my head. Next is Write-Host with some<br />
+Start-Sleep works in seconds, so you see where I've done some quick
+math to get nine minutes. Not sure if the ()'s were required, but they
+don't hurt. I didn't know the precedence of parameter parsing versus
+multiplication off the top of my head. Next is Write-Host with some
 more multiplication. This one uses "`a" which is the special character
 
 which emits a beep (old schoolers know this as the ASCII code for
diff --git a/hugo.yaml b/hugo.yaml
@@ -16,7 +16,7 @@ pagination:
 markup:
   goldmark:
     renderer:
-      unsafe: true
+      unsafe: false
   highlight:
     style: github
     lineNos: true
