-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace html-parse-stringify2 with html-parse-stringify #1283
Conversation
The upstream issue is fixed, but a bunch of tests for
Any thoughts? PS: If it’s easier to fix this than to explain me where to dig, happy for my commits to be recycled in another PR 🙂 |
Practically all Trans tests are failing... |
@adrai thanks for your alternative solution! To increase our chances for a fast resolution, do you know what I could change in this PR for the tests to pass? I haven’t used |
@kachkaev guess you have to write new snapshots -> and manually check first if received output still matches expected and the changes are pure formatting and not wrong html |
Hmmm here’s the catch. When we call: const ast = HTML.parse(`<0>${interpolatedString}</0>`); using const tagRE = /<[a-zA-Z\-\!\/](?:"[^"]*"|'[^']*'|[^'">])*>/g Thus, tags like If rayd/html-parse-stringify2#27 is merged as is, we’ll end up with the same problem in |
PR rayd/html-parse-stringify2#27 is adapted |
Two blockers on the path to |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
bump |
@HenrikJoreteg has just released Once HenrikJoreteg/html-parse-stringify#41 is merged and released, all tests should be passing and we’ll be able to switch from |
I went into my local Is this a regression or just an artifact in snapshots? 🤔 If it is a regression, is it something to fix here or upstream? Potentially, we might have a lost space between |
No errors on master is an expected thing, because in there we’ve got Where I’m going is that we might need to either submit an extra patch to rayd/html-parse-stringify2#27 is still a good alternative solution and I’m happy with any that can land first. The main goal here is to close #1275 🙂 |
Coverage remained the same at 96.205% when pulling c85d72a on kachkaev:cve-2021-23346 into 4c005be on i18next:master. |
Thanks to @HenrikJoreteg’s work on merging HenrikJoreteg/html-parse-stringify#41 and releasing of My gut feeling is that there’s another small bug in To confirm or deny the above hypotheses we’ll need to add some extra test cases upstream. I’m not sure when exactly I’ll be able to do this, so if anyone wants to help, feel free to 👍 We are much closer to publishing this PR than we were a couple of days ago, so thanks to everyone who is involved 🙌 |
If you could give me a sample of the failing input I might be able to look
into it.
…On Thu, Apr 1, 2021, 15:08 Alexander Kachkaev ***@***.***> wrote:
Thanks to @HenrikJoreteg <https://github.com/HenrikJoreteg>’s work on
merging HenrikJoreteg/html-parse-stringify#41
<HenrikJoreteg/html-parse-stringify#41> and
releasing of 2.1.1, we have CI passing now! However, for this to work I
had to remove extra new lines from the snapshots, which we’ll need to
investigate. My gut feeling is that there’s another small bug in
html-parse-stringify, in particular to do with treating </a> <b> as
</a><b>. The alternative cause could be to do with some AST handling here
(which would be easier to fix).
To confirm or deny the above hypotheses we’ll need to add some extra test
cases upstream. I’m not sure when exactly I’ll be able to do this, so if
anyone wants to help, feel free to 🙌
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#1283 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAAQSVLEMYATPANK6RHJYLDTGTVENANCNFSM4ZPLDDCA>
.
|
@HenrikJoreteg I had a quick look at the generated ast of this failing test: https://github.com/i18next/react-i18next/blob/master/test/trans.render.spec.js#L129 Just a simple The output of html-parse-stringify differs from html-parse-stringify2 in the following way: This text element is missing in html-parse-stringify before the br element: {
"type": "text",
"content": " "
} html-parse-stringify2: [
{
"type": "tag",
"name": "0",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "tag",
"name": "strong",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "text",
"content": "Go"
}
]
},
{
"type": "text",
"content": " "
},
{
"type": "tag",
"name": "br",
"voidElement": true,
"attrs": {},
"children": []
},
{
"type": "tag",
"name": "1",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "text",
"content": "there"
}
]
},
{
"type": "text",
"content": "."
}
]
}
] html-parse-stringify: [
{
"type": "tag",
"name": "0",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "tag",
"name": "strong",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "text",
"content": "Go"
}
]
},
{
"type": "tag",
"name": "br",
"voidElement": true,
"attrs": {},
"children": []
},
{
"type": "tag",
"name": "1",
"voidElement": false,
"attrs": {},
"children": [
{
"type": "text",
"content": "there"
}
]
},
{
"type": "text",
"content": "."
}
]
}
] |
Hi @pavanjava! The goal of this PR is to mitigate CVE-2021-23346 – you are right about it. The ETA for a new |
Tried to create a PR: HenrikJoreteg/html-parse-stringify#45 |
Great stuff, thanks @adrai!
I guess it might matter. If we have |
any news? |
I think I'm the hangup, i'm trying to sort out if it should be implemented as an option (as was done) in the PR or if it should just be the normal behavior to always preserve it. I'd rather not make it an option unless we can think of a reason why anyone would want to not have the whitespace. |
I second an option that avoids having options. If anyone wants to not have space between two tags, they can remove it in the source string 🙂 |
new major version of html-parse-stringify ;-) HenrikJoreteg/html-parse-stringify#45 (comment) |
@kachkaev you can choose:
|
Great news! 🎉 Happy to update the PR shortly 🙌 |
patch? |
🎉🎉🎉🎉🎉🎉 PUBLISHED v11.8.13 🎉🎉🎉🎉🎉🎉🎉 |
Closes #1275
Checklist
npm run test
tests are includeddocumentation is changed or added