v1.2 Features Guide
Tables, modular documents, and enterprise-grade security in OmniScript v1.2.0.
@table Blocks
NEWCreate beautiful tables using familiar Markdown syntax with advanced features.
Basic Table
@table {
| Product | Price | Stock |
| --- | --- | --- |
| Widget | $99 | 45 |
| Gadget | $149 | 23 |
| Doohickey | $79 | 67 |
}With Caption and Styling
@table {
caption: "Q4 Sales Report";
style: "bordered";
| Region | Revenue | Growth |
| --- | --- | --- |
| North | $1.2M | +18% |
| South | $880K | +17% |
| East | $1.5M | +24% |
}With Column Alignment
@table {
caption: "Product Inventory";
style: "striped";
alignment: ["left", "right", "center"];
| Product | Price | Status |
| --- | --- | --- |
| Widget Pro | $129 | ✓ In Stock |
| Gadget Max | $199 | ⚠ Low |
| Thing Mini | $49 | ✓ In Stock |
}Table Properties
- caption: Optional table title displayed above the table
- style:
"bordered","striped", or"minimal" - alignment: Array of
"left","center", or"right"
✨ Features
- ✅ Markdown pipe syntax (familiar and easy)
- ✅ Optional captions for context
- ✅ Three built-in styles
- ✅ Per-column alignment
- ✅ XSS protection (automatic HTML escaping)
- ✅ Round-trip serialization
@include Directive
NEWBuild modular documents by composing sections from multiple files.
Basic Include
@meta {
title: "Annual Report";
date: "2025-10-16";
}
@include { path: "./sections/executive-summary.osf"; }
@include { path: "./sections/financial-data.osf"; }
@include { path: "./sections/recommendations.osf"; }Nested Includes
Included files can themselves contain @include directives (up to 10 levels deep).
// sections/executive-summary.osf
@doc {
# Executive Summary
Our Q4 performance exceeded expectations.
}
@include { path: "./subsections/highlights.osf"; }Include Properties
- path: Relative path to the .osf file to include
- Depth limit: Maximum 10 levels of nesting
- Circular detection: Prevents infinite loops
🔒 Security Features
- ✅ Path traversal protection (blocks ../../../etc/passwd)
- ✅ Circular reference detection
- ✅ Depth limit prevents stack overflow
- ✅ Only allows relative paths within base directory
Security Grade A+
ENTERPRISEComprehensive security improvements achieve enterprise-grade protection.
Path Traversal Protection
Prevents directory escape attacks:
// ❌ BLOCKED
@include {
path: "../../../../etc/passwd";
}
// ✅ ALLOWED
@include {
path: "./sections/intro.osf";
}ReDoS Prevention
Bounded regex quantifiers prevent catastrophic backtracking.
- ✅ Uses
\s{0,20}instead of\s* - ✅ Prevents exponential runtime attacks
- ✅ All regexes audited and secured
Input Validation
Strict validation at every layer:
- ✅ Table column count consistency
- ✅ Alignment array validation
- ✅ Number parsing edge cases
- ✅ Helpful error messages
Defense-in-Depth
Multi-layer security architecture:
- ✅ Parser-level validation
- ✅ Renderer-level sanitization
- ✅ Runtime input validation
- ✅ XSS protection in HTML output
19 Security Tests
Comprehensive test suite verifies all security protections:
- • Path traversal (5 tests)
- • Table validation (6 tests)
- • ReDoS prevention (3 tests)
- • Number parsing (3 tests)
- • Base path validation (2 tests)
- • All passing ✅
Testing & Quality
Test Breakdown
- Parser: 83 tests (parsing, serialization, validation)
- CLI: 47 tests (commands, rendering, formatting)
- Converters: 73 tests (PDF, DOCX, PPTX, XLSX)
- Security: 19 tests (path traversal, ReDoS, validation)
Migration from v1.1
✅ Zero Breaking Changes
v1.2.0 is 100% backward compatible with v1.1. All existing documents work without modification.
New Features (Optional)
Start using new features at your own pace:
// Your existing v1.1 documents work as-is
@doc {
# My Document
Content here...
}
// Add @table when you need tables
@table {
| A | B |
| --- | --- |
| 1 | 2 |
}
// Add @include when you want modular docs
@include { path: "./sections/extra.osf"; }Stricter Validation
v1.2.0 includes stricter validation that may catch errors in malformed documents:
- • Table column counts must match header
- • Alignment values must be "left", "center", or "right"
- • Number parsing is more strict
These changes improve robustness but may require fixing previously-ignored errors.