From b33894d2b0108565a6112795eff05e3636b7275f Mon Sep 17 00:00:00 2001
From: D-Sketon <2055272094@qq.com>
Date: Wed, 14 Jun 2023 17:26:43 +0800
Subject: [PATCH 1/5] chore: remove node 12.x tester (#321)

---
 .github/workflows/tester.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/tester.yml b/.github/workflows/tester.yml
index dd848c87..55f32f45 100644
--- a/.github/workflows/tester.yml
+++ b/.github/workflows/tester.yml
@@ -8,7 +8,7 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: ['12.x', '14.x']
+        node-version: ['14.x', '16.x', '18.x']
       fail-fast: false
     steps:
       - uses: actions/checkout@v2

From 5195be95b7682891f17c0f6e4b3b5061c15b1ae6 Mon Sep 17 00:00:00 2001
From: Mimi <1119186082@qq.com>
Date: Mon, 10 Jul 2023 16:09:19 +0800
Subject: [PATCH 2/5] fix(escape_html): avoid double escape (#328)

---
 lib/escape_html.ts       | 16 +++++++++-------
 test/escape_html.spec.js |  4 ++++
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/lib/escape_html.ts b/lib/escape_html.ts
index 387a08a6..404cf530 100644
--- a/lib/escape_html.ts
+++ b/lib/escape_html.ts
@@ -1,6 +1,6 @@
-import unescapeHTML from './unescape_html';
-
-const htmlEntityMap = {
+const escapeTestNoEncode = /[<>"'`/=]|&(?!(#\d{1,7}|#[Xx][a-fA-F0-9]{1,6}|\w+);)/;
+const escapeReplaceNoEncode = new RegExp(escapeTestNoEncode.source, 'g');
+const escapeReplacements = {
   '&': '&amp;',
   '<': '&lt;',
   '>': '&gt;',
@@ -10,14 +10,16 @@ const htmlEntityMap = {
   '/': '&#x2F;',
   '=': '&#x3D;'
 };
+const getEscapeReplacement = (ch: string) => escapeReplacements[ch];
 
 function escapeHTML(str: string) {
   if (typeof str !== 'string') throw new TypeError('str must be a string!');
 
-  str = unescapeHTML(str);
-
-  // http://stackoverflow.com/a/12034334
-  return str.replace(/[&<>"'`/=]/g, a => htmlEntityMap[a]);
+  // https://github.com/markedjs/marked/blob/master/src/helpers.js
+  if (escapeTestNoEncode.test(str)) {
+    return str.replace(escapeReplaceNoEncode, getEscapeReplacement);
+  }
+  return str;
 }
 
 export = escapeHTML;
diff --git a/test/escape_html.spec.js b/test/escape_html.spec.js
index c48d5063..cf2835cc 100644
--- a/test/escape_html.spec.js
+++ b/test/escape_html.spec.js
@@ -16,4 +16,8 @@ describe('escapeHTML', () => {
   it('avoid double escape', () => {
     escapeHTML('&lt;foo>bar</foo&gt;').should.eql('&lt;foo&gt;bar&lt;&#x2F;foo&gt;');
   });
+
+  it('avoid double escape https://github.com/hexojs/hexo/issues/4946', () => {
+    escapeHTML('&emsp;&nbsp;&ensp;').should.eql('&emsp;&nbsp;&ensp;');
+  });
 });

From 2b8b705b66f198ba8bf50a4d496f42f37dbc3fe7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Jul 2023 18:02:33 +0800
Subject: [PATCH 3/5] chore: bump htmlparser2 from 8.0.2 to 9.0.0 (#304)

Bumps [htmlparser2](https://github.com/fb55/htmlparser2) from 8.0.2 to 9.0.0.
- [Release notes](https://github.com/fb55/htmlparser2/releases)
- [Commits](https://github.com/fb55/htmlparser2/compare/v8.0.2...v9.0.0)

---
updated-dependencies:
- dependency-name: htmlparser2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 88c3b8ba..147f708e 100644
--- a/package.json
+++ b/package.json
@@ -56,7 +56,7 @@
     "cross-spawn": "^7.0.3",
     "deepmerge": "^4.2.2",
     "highlight.js": "^11.6.0",
-    "htmlparser2": "^8.0.1",
+    "htmlparser2": "^9.0.0",
     "prismjs": "^1.29.0",
     "strip-indent": "^3.0.0"
   },

From 022c4d7779065f09dfee56b3949cfbf97ecbe9f0 Mon Sep 17 00:00:00 2001
From: Mimi <1119186082@qq.com>
Date: Mon, 10 Jul 2023 23:05:57 +0800
Subject: [PATCH 4/5] release: v3.1.0 (#329)

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index 147f708e..348d396c 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "hexo-util",
-  "version": "3.0.1",
+  "version": "3.1.0",
   "description": "Utilities for Hexo.",
   "main": "dist/index",
   "types": "./dist/index.d.ts",

From 7dda4e5bf3f8391e3837d169d2164ab125d011cf Mon Sep 17 00:00:00 2001
From: Bryan Lee <38807139+liby@users.noreply.github.com>
Date: Tue, 22 Aug 2023 15:36:46 +0800
Subject: [PATCH 5/5] fix(is_external_link): correcting type annotation (#347)

---
 lib/is_external_link.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/is_external_link.ts b/lib/is_external_link.ts
index e3903dc9..6a526634 100644
--- a/lib/is_external_link.ts
+++ b/lib/is_external_link.ts
@@ -10,7 +10,7 @@ const cache = new Cache<boolean>();
  * @returns {Boolean} True if the link doesn't have protocol or link has same host with config.url
  */
 
-function isExternalLink(input: string, sitehost: string, exclude: string[]): boolean {
+function isExternalLink(input: string, sitehost: string, exclude?: string[]): boolean {
   return cache.apply(`${input}-${sitehost}-${exclude}`, () => {
     // Return false early for internal link
     if (!/^(\/\/|http(s)?:)/.test(input)) return false;