Highly-extensible PHP Markdown parser which fully supports the CommonMark spec and GitHub-Flavored Markdown (GFM)
- dev-main / 2.5.x-dev
This package is auto-updated.
Last update: 2023-11-30 00:07:04 UTC
league/commonmark is a highly-extensible PHP Markdown parser created by Colin O'Dell which supports the full CommonMark spec and GitHub-Flavored Markdown. It is based on the CommonMark JS reference implementation by John MacFarlane (@jgm).
This project requires PHP 7.4 or higher with the
mbstring extension. To install it via Composer simply run:
$ composer require league/commonmark
CommonMarkConverter class provides a simple wrapper for converting CommonMark to HTML:
use League\CommonMark\CommonMarkConverter; $converter = new CommonMarkConverter([ 'html_input' => 'strip', 'allow_unsafe_links' => false, ]); echo $converter->convert('# Hello World!'); // <h1>Hello World!</h1>
Or if you want GitHub-Flavored Markdown, use the
GithubFlavoredMarkdownConverter class instead:
use League\CommonMark\GithubFlavoredMarkdownConverter; $converter = new GithubFlavoredMarkdownConverter([ 'html_input' => 'strip', 'allow_unsafe_links' => false, ]); echo $converter->convert('# Hello World!'); // <h1>Hello World!</h1>
Please note that only UTF-8 and ASCII encodings are supported. If your Markdown uses a different encoding please convert it to UTF-8 before running it through this library.
🔒 If you will be parsing untrusted input from users, please consider setting the
allow_unsafe_links options per the example above. See https://commonmark.thephpleague.com/security/ for more details. If you also do choose to allow raw HTML input from untrusted users, consider using a library (like HTML Purifier) to provide additional HTML filtering.
Full documentation on advanced usage, configuration, and customization can be found at commonmark.thephpleague.com.
Information on how to upgrade to newer versions of this library can be found at https://commonmark.thephpleague.com/releases.
GithubFlavoredMarkdownConverter shown earlier is a drop-in replacement for the
CommonMarkConverter which adds additional features found in the GFM spec:
- Disallowed raw HTML
- Task Lists
See the Extensions documentation for more details on how to include only certain GFM features if you don't want them all.
- CakePHP 3
- Laravel 4+
- Symfony 2 & 3
- Symfony 4
- Twig Markdown extension
- Twig filter and tag
- Laravel CommonMark Blog
See our extension documentation for a full list of extensions bundled with this library.
Custom parsers/renderers can be bundled into extensions which extend CommonMark. Here are some that you may find interesting:
- Alt Three Emoji An emoji parser for CommonMark.
- Sup Sub extensions - Adds support of superscript and subscript (
- YouTube iframe extension - Replaces youtube link with iframe.
- Lazy Image extension - Adds various options for lazy loading of images.
- Marker Extension - Adds support of highlighted text (
Others can be found on Packagist under the
commonmark-extension package type.
If you build your own, feel free to submit a PR to add it to this list!
Check out the other cool things people are doing with
SemVer is followed closely. Minor and patch releases should not introduce breaking changes to the codebase; however, they might change the resulting AST or HTML output of parsed Markdown (due to bug fixes, spec changes, etc.) As a result, you might get slightly different HTML, but any custom code built onto this library should still function correctly.
Any classes or methods marked
@internal are not intended for use outside of this library and are subject to breaking changes at any time, so please avoid using them.
When a new minor version (e.g.
2.1) is released, the previous one (
2.0) will continue to receive security and critical bug fixes for at least 3 months.
When a new major version is released (e.g.
2.0), the previous one (
1.6) will receive critical bug fixes for at least 3 months and security updates for 6 months after that new release comes out.
(This policy may change in the future and exceptions may be made on a case-by-case basis.)
Professional support, including notification of new releases and security updates, is available through a Tidelift Subscription.
To report a security vulnerability, please use the Tidelift security contact. Tidelift will coordinate the fix and disclosure with us.
If you encounter a bug in the spec, please report it to the CommonMark project. Any resulting fix will eventually be implemented in this project as well.
Contributions to this library are welcome, especially ones that:
- Improve usability or flexibility without compromising our ability to adhere to the CommonMark spec
- Mirror fixes made to the reference implementation
- Optimize performance
- Fix issues with adhering to the CommonMark spec
Major refactoring to core parsing logic should be avoided if possible so that we can easily follow updates made to the reference implementation. That being said, we will absolutely consider changes which don't deviate too far from the reference spec or which are favored by other popular CommonMark implementations.
Please see CONTRIBUTING for additional details.
$ composer test
This will also test league/commonmark against the latest supported spec.
You can compare the performance of league/commonmark to other popular parsers by running the included benchmark tool:
We'd also like to extend our sincere thanks the following sponsors who support ongoing development of this project:
- Tidelift for offering support to both the maintainers and end-users through their professional support program
- Blackfire for providing an Open-Source Profiler subscription
- JetBrains for supporting this project with complimentary PhpStorm licenses
- Taylor Otwell for sponsoring this project through GitHub sponsors
Are you interested in sponsoring development of this project? See https://www.colinodell.com/sponsor for a list of ways to contribute.
league/commonmark is licensed under the BSD-3 license. See the
LICENSE file for more details.
Tidelift helps make open source sustainable for maintainers while giving companies
assurances about security, maintenance, and licensing for their dependencies.