Update wins.html file to use liquid in this file#5258
Update wins.html file to use liquid in this file#5258ronaldpaek wants to merge 3 commits intohackforla:gh-pagesfrom
Conversation
|
Want to review this pull request? Take a look at this documentation for a step by step guide! From your project repository, check out a new branch and test the changes. |
github-actions
bot
added
role: back end/devOps
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| const overlayOverview = document.querySelector('#overlay-overview'); | ||
| overlayOverview.innerHTML = data[i][overview]; | ||
|
|
||
| insertIcons('#overlay-info', data[i][win], 'overlay') |
Check notice
Code scanning / CodeQL
Semicolon insertion
| `https://avatars1.githubusercontent.com/u/${ghId}?v=4` : | ||
| AVATAR_DEFAULT_PATH; | ||
|
|
||
| cloneCardTemplate.querySelector('.wins-card-profile-img').src = profileImgSrc; |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML
| let teamInURL = filterParams.team.split(','); | ||
| let roleIntersection = rolesInCard.filter(x => roleInURL.includes(x)); | ||
| let teamIntersection = teamsInCard.filter(x => teamInURL.includes(x)); | ||
| ((roleIntersection.length == 0) || (teamIntersection.length == 0)) ? card.style.display = 'none' : card.style.display = 'flex' |
Check notice
Code scanning / CodeQL
Semicolon insertion
|
|
||
|
|
||
| function hideOverlay(e) { | ||
| window.event || e.key == 'Escape'; |
Check warning
Code scanning / CodeQL
Expression has no effect
|
|
||
|
|
||
| function hideOverlay(e) { | ||
| window.event || e.key == 'Escape'; |
Check warning
Code scanning / CodeQL
Expression has no effect
|
I tried to not changed the previous code as much as possible, but I did feel like there were a lot of unused variables and deprecated things, I didn't want my issue and commit to be about that, but CodeQL be bringing these things up loud and clear 😅 |
|
Review ETA: 8/24/2023 |
mademarc
left a comment
mademarc
left a comment
There was a problem hiding this comment.
Hey @ronaldpaek the changes on the assets/js/wins.js file is done well.
Thank you @mademarc |
|
Review ETA: 10/1/2023 |
| <div class="wins-page-contain projects-inner"> | ||
|
|
||
| {% include wins-page/wins-filter-template.html %} | ||
| {% include wins-page/wins-card-template.html %} |
There was a problem hiding this comment.
nit: why did the indentation get changed here (as well as everywhere else)?
| const teamArr = []; | ||
| const responses = document.querySelector("#responses"); | ||
| responses.querySelectorAll('.wins-card-team:not([style*="display:none"]):not([style*="display: none"]').forEach(item => { | ||
| let value = item.textContent.replace("Team(s):", "").trim(); |
There was a problem hiding this comment.
nit: a lot of these lets don't actually need to be lets because they're never reassigned and should be const instead. The eslint rule for this is prefer-const
| const roleDropDown = document.getElementById("role-dropdown"); | ||
| const teamDropDown = document.getElementById("team-dropdown"); | ||
|
|
||
| for(const [key] of Object.entries(roleHash)) { |
There was a problem hiding this comment.
nit: using Object.keys() avoids having to destructure an array like this
| teamsInCard = teamsInCard.split(",").map(x => x.trim()); | ||
| let rolesInCard = (card.querySelector('.wins-card-role').textContent.replace("Role(s):", "")).trim(); | ||
| rolesInCard = rolesInCard.split(",").map(x => x.trim()); | ||
| // let cardUnion = [...rolesInCard, ...teamsInCard]; |
There was a problem hiding this comment.
nit: commented code could be removed
| const LINKEDIN_ICON = '/assets/images/wins-page/icon-linkedin-small.svg' | ||
| const winsCardContainer = document.querySelector('#responses'); | ||
| cards.forEach((card, index) => { | ||
| // if (card[display] != true) return; |
There was a problem hiding this comment.
nit: commented code could be removed
| cloneCardTemplate.querySelector('.wins-card-github-icon').setAttribute('hidden', 'true') | ||
| } | ||
|
|
||
| cloneCardTemplate.querySelector('.project-inner.wins-card-team').innerHTML = `<span class="wins-team-role-color">Team(s): </span> ${card[team]}`; |
There was a problem hiding this comment.
Using innerHTML like this is a potential XSS vulnerability here if the data source is compromised or not properly sanitized
| } | ||
|
|
||
| const overlayName = document.querySelector('#overlay-name'); | ||
| overlayName.innerHTML = data[i][name]; |
There was a problem hiding this comment.
Similar to my other comment about XSS
|
I made a change to your text above to remove fixes, since we don't want it to close the related issue |
|
Hi @ronaldpaek. Just checking in with you on the requested changes and the status of this PR. Let us know if you need help with anything! |
|
Nice looking out in this @DDVVPP and also i got one suggestion @ronaldpaek i was looking into this issue was to try using As that would probably helps with ESLint compatibility and avoids global variables. Which i think it would be a great step toward better linting and maintainability. |
6 participants
Part of #1442 (this pr should not close that issue)
Changes Made:
Reason for Changes:
The primary motivation behind these changes was our future intention to incorporate eslint. My objective was to rectify numerous syntax errors and red underlines appearing in VS Code. Eslint had issues with the liquid syntax within a JS file. To avoid manually excluding specific files, the logical solution was to segregate liquid and JS.
Overview:
Implementation Plan:
Initially, I addressed this by introducing a global variable. While eslint didn't object to the absence of liquid syntax, it wasn't a best practice. Eslint still raised issues since I was referencing uninitialized variables. Additionally, eslint doesn't support front matter, so I ensured no exposure of front matter or template syntax. The goal was to avoid global variables and maintain best practices.
Post file separation, I locally installed eslint to verify the efficacy of the separation in preparation for our eslint adoption. I tested eslint with a preset of enlist:recommended to gauge its utility in detecting JS file issues. I also cleaned up the entire JS file, noting its ability to identify space/tab inconsistencies, unused variables, and potentially fragile code.
While working with eslint, I also integrated htmlhint, an HTML linter, to pre-scan all HTML files in the project. I've observed some actionable issues based on this and have compiled a list, which I'll share via a Google link.
Acknowledgments: 🙇♂️
Screenshots of Proposed Changes Of The Website (if any, please do not screen shot code changes)
Visuals before changes are applied
Visuals after changes are applied