Update wins.html file to use liquid in this file #5258
Conversation
|
Want to review this pull request? Take a look at this documentation for a step by step guide! From your project repository, check out a new branch and test the changes. |
github-actions
bot
added
role: back end/devOps
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| const overlayOverview = document.querySelector('#overlay-overview'); | ||
| overlayOverview.innerHTML = data[i][overview]; | ||
|
|
||
| insertIcons('#overlay-info', data[i][win], 'overlay') |
Check notice
Code scanning / CodeQL
Semicolon insertion Note
| `https://avatars1.githubusercontent.com/u/${ghId}?v=4` : | ||
| AVATAR_DEFAULT_PATH; | ||
|
|
||
| cloneCardTemplate.querySelector('.wins-card-profile-img').src = profileImgSrc; |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
| let teamInURL = filterParams.team.split(','); | ||
| let roleIntersection = rolesInCard.filter(x => roleInURL.includes(x)); | ||
| let teamIntersection = teamsInCard.filter(x => teamInURL.includes(x)); | ||
| ((roleIntersection.length == 0) || (teamIntersection.length == 0)) ? card.style.display = 'none' : card.style.display = 'flex' |
Check notice
Code scanning / CodeQL
Semicolon insertion Note
|
|
||
|
|
||
| function hideOverlay(e) { | ||
| window.event || e.key == 'Escape'; |
Check warning
Code scanning / CodeQL
Expression has no effect Warning
|
|
||
|
|
||
| function hideOverlay(e) { | ||
| window.event || e.key == 'Escape'; |
Check warning
Code scanning / CodeQL
Expression has no effect Warning
|
I tried to not changed the previous code as much as possible, but I did feel like there were a lot of unused variables and deprecated things, I didn't want my issue and commit to be about that, but CodeQL be bringing these things up loud and clear 😅 |
|
Review ETA: 8/24/2023 |
There was a problem hiding this comment.
Hey @ronaldpaek the changes on the assets/js/wins.js file is done well.
Thank you @mademarc |
|
Review ETA: 10/1/2023 |
|
|
||
| {% include wins-page/wins-filter-template.html %} | ||
| {% include wins-page/wins-card-template.html %} |
There was a problem hiding this comment.
nit: why did the indentation get changed here (as well as everywhere else)?
| const teamArr = []; | ||
| const responses = document.querySelector("#responses"); | ||
| responses.querySelectorAll('.wins-card-team:not([style*="display:none"]):not([style*="display: none"]').forEach(item => { | ||
| let value = item.textContent.replace("Team(s):", "").trim(); |
There was a problem hiding this comment.
nit: a lot of these lets don't actually need to be lets because they're never reassigned and should be const instead. The eslint rule for this is prefer-const
| const roleDropDown = document.getElementById("role-dropdown"); | ||
| const teamDropDown = document.getElementById("team-dropdown"); | ||
|
|
||
| for(const [key] of Object.entries(roleHash)) { |
There was a problem hiding this comment.
nit: using Object.keys() avoids having to destructure an array like this
| teamsInCard = teamsInCard.split(",").map(x => x.trim()); | ||
| let rolesInCard = (card.querySelector('.wins-card-role').textContent.replace("Role(s):", "")).trim(); | ||
| rolesInCard = rolesInCard.split(",").map(x => x.trim()); | ||
| // let cardUnion = [...rolesInCard, ...teamsInCard]; |
There was a problem hiding this comment.
nit: commented code could be removed
| const LINKEDIN_ICON = '/assets/images/wins-page/icon-linkedin-small.svg' | ||
| const winsCardContainer = document.querySelector('#responses'); | ||
| cards.forEach((card, index) => { | ||
| // if (card[display] != true) return; |
There was a problem hiding this comment.
nit: commented code could be removed
| cloneCardTemplate.querySelector('.wins-card-github-icon').setAttribute('hidden', 'true') | ||
| } | ||
|
|
||
| cloneCardTemplate.querySelector('.project-inner.wins-card-team').innerHTML = `<span class="wins-team-role-color">Team(s): </span> ${card[team]}`; |
There was a problem hiding this comment.
Using innerHTML like this is a potential XSS vulnerability here if the data source is compromised or not properly sanitized
| } | ||
|
|
||
| const overlayName = document.querySelector('#overlay-name'); | ||
| overlayName.innerHTML = data[i][name]; |
There was a problem hiding this comment.
Similar to my other comment about XSS
|
I made a change to your text above to remove fixes, since we don't want it to close the related issue |
Part of #1442 (this pr should not close that issue)
Changes Made:
Reason for Changes:
The primary motivation behind these changes was our future intention to incorporate eslint. My objective was to rectify numerous syntax errors and red underlines appearing in VS Code. Eslint had issues with the liquid syntax within a JS file. To avoid manually excluding specific files, the logical solution was to segregate liquid and JS.
Overview:
Implementation Plan:
Initially, I addressed this by introducing a global variable. While eslint didn't object to the absence of liquid syntax, it wasn't a best practice. Eslint still raised issues since I was referencing uninitialized variables. Additionally, eslint doesn't support front matter, so I ensured no exposure of front matter or template syntax. The goal was to avoid global variables and maintain best practices.
Post file separation, I locally installed eslint to verify the efficacy of the separation in preparation for our eslint adoption. I tested eslint with a preset of enlist:recommended to gauge its utility in detecting JS file issues. I also cleaned up the entire JS file, noting its ability to identify space/tab inconsistencies, unused variables, and potentially fragile code.
While working with eslint, I also integrated htmlhint, an HTML linter, to pre-scan all HTML files in the project. I've observed some actionable issues based on this and have compiled a list, which I'll share via a Google link.
Acknowledgments: 🙇♂️
Screenshots of Proposed Changes Of The Website (if any, please do not screen shot code changes)
Visuals before changes are applied
Visuals after changes are applied