Grav: Inline twig function stops working after upgrade to 1.4

think this relates to an update in Parsedown to address XSS vulnerabilities: https://github.com/erusev/parsedown/releases/tag/1.7.0

This escapes & in markdown causing an error. twig_first: true doesn't help either as that will output the & which markdown then proceeds to escape again.

I think the only way around this new markdown security fix, is to explicity use the twig with HTML:

<strong><a href="mailto:{{"[email protected]"|safe_email}}">contact us</a></strong>

Interestingly if you render the variable first it doesn't render the markdown at all:

{% set safemail = "[email protected]"|safe_email %}

**[contact us](mailto:{{ safemail }})**

<strong><a href="mailto:{{ safemail }}">contact us</a></strong>

https://trilby.d.pr/TKeLSc

@rhukster After updating from 1.3.10 to 1.4.7 I get another error:

Unknown "safe_email" filter in "__string_template__
35c8104ef025a6fba0efdb87648d33021c0690da522173a2de55b1bee351a5b7" at line 1.

Screen:

I use this filter with process: twig: true in lines:

text: '{{''[email protected]''|safe_email}}'
icon: envelope-o
link: '{{''mailto:[email protected]''|safe_email}}'

try this:

text: '{{"[email protected]"|safe_email}}'

don't use single quotes, use double quotes...

Does this imply that it is now impossible to use twig with markdown?

Nope, they work just fine, you just need to use the correct syntax.

Apologies, I discovered that my problem is a result of an interaction with the smartypants plugin.

If it's still an issue, please file a bug report here: https://github.com/getgrav/grav-plugin-smartypants/issues