Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update wins.html file to use liquid in this file #5258

Open
wants to merge 3 commits into
base: gh-pages
Choose a base branch
from

Conversation

ronaldpaek
Copy link
Member

@ronaldpaek ronaldpaek commented Aug 19, 2023

Part of #1442 (this pr should not close that issue)

Changes Made:

  • I adjusted the wins.html file to handle the liquid logic internally rather than within the JS file. This involved creating two divs set to "display none" and leveraging the data property to store data using the liquid attribute.
  • In the wins.js file, the primary modifications were renaming some variables and using document.querySelector to select the DOM node.

Reason for Changes:

The primary motivation behind these changes was our future intention to incorporate eslint. My objective was to rectify numerous syntax errors and red underlines appearing in VS Code. Eslint had issues with the liquid syntax within a JS file. To avoid manually excluding specific files, the logical solution was to segregate liquid and JS.

Overview:

  • The main JS files in question are located in asset > js and include wins.js, toolkit.js, project.js, hamburger-nav.js, current-projects.js, and current-projects-check.js, totaling six files.
  • The task was to refactor a JS file using liquid into two distinct files. I successfully transformed a file to ensure its functionality.

Implementation Plan:

Initially, I addressed this by introducing a global variable. While eslint didn't object to the absence of liquid syntax, it wasn't a best practice. Eslint still raised issues since I was referencing uninitialized variables. Additionally, eslint doesn't support front matter, so I ensured no exposure of front matter or template syntax. The goal was to avoid global variables and maintain best practices.

Post file separation, I locally installed eslint to verify the efficacy of the separation in preparation for our eslint adoption. I tested eslint with a preset of enlist:recommended to gauge its utility in detecting JS file issues. I also cleaned up the entire JS file, noting its ability to identify space/tab inconsistencies, unused variables, and potentially fragile code.

While working with eslint, I also integrated htmlhint, an HTML linter, to pre-scan all HTML files in the project. I've observed some actionable issues based on this and have compiled a list, which I'll share via a Google link.

Acknowledgments: 🙇‍♂️

  • A special thank you to @roslynwythe for patiently addressing all my queries.
  • Kudos to @Tomomi-K1 for assisting in bug testing and collaboratively researching liquid with me.

Screenshots of Proposed Changes Of The Website (if any, please do not screen shot code changes)

Visuals before changes are applied CleanShot 2023-08-19 at 02 24 27@2x
Visuals after changes are applied CleanShot 2023-08-19 at 02 25 05@2x

@github-actions
Copy link

Want to review this pull request? Take a look at this documentation for a step by step guide!

From your project repository, check out a new branch and test the changes.

git checkout -b ronaldpaek-refactor-liquid-js-1442 gh-pages
git pull https://github.com/ronaldpaek/website.git refactor-liquid-js-1442

@github-actions github-actions bot added role: back end/devOps Tasks for back-end developers Complexity: Large Feature: Board/GitHub Maintenance Project board maintenance that we have to do repeatedly size: 2pt Can be done in 7-12 hours labels Aug 19, 2023
const overlayOverview = document.querySelector('#overlay-overview');
overlayOverview.innerHTML = data[i][overview];

insertIcons('#overlay-info', data[i][win], 'overlay')

Check notice

Code scanning / CodeQL

Semicolon insertion

Avoid automated semicolon insertion (96% of all statements in [the enclosing function](1) have an explicit semicolon).
`https://avatars1.githubusercontent.com/u/${ghId}?v=4` :
AVATAR_DEFAULT_PATH;

cloneCardTemplate.querySelector('.wins-card-profile-img').src = profileImgSrc;

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML

[DOM text](1) is reinterpreted as HTML without escaping meta-characters.
let teamInURL = filterParams.team.split(',');
let roleIntersection = rolesInCard.filter(x => roleInURL.includes(x));
let teamIntersection = teamsInCard.filter(x => teamInURL.includes(x));
((roleIntersection.length == 0) || (teamIntersection.length == 0)) ? card.style.display = 'none' : card.style.display = 'flex'

Check notice

Code scanning / CodeQL

Semicolon insertion

Avoid automated semicolon insertion (93% of all statements in [the enclosing function](1) have an explicit semicolon).


function hideOverlay(e) {
window.event || e.key == 'Escape';

Check warning

Code scanning / CodeQL

Expression has no effect

This expression has no effect.


function hideOverlay(e) {
window.event || e.key == 'Escape';

Check warning

Code scanning / CodeQL

Expression has no effect

This expression has no effect.
@ronaldpaek
Copy link
Member Author

I tried to not changed the previous code as much as possible, but I did feel like there were a lot of unused variables and deprecated things, I didn't want my issue and commit to be about that, but CodeQL be bringing these things up loud and clear 😅

@roslynwythe roslynwythe added the Draft Issue is still in the process of being created label Aug 20, 2023
@t-will-gillis t-will-gillis requested a review from mademarc August 23, 2023 02:27
@mademarc
Copy link
Member

Review ETA: 8/24/2023
Availability: 7PM

Copy link
Member

@mademarc mademarc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @ronaldpaek the changes on the assets/js/wins.js file is done well.

@ronaldpaek
Copy link
Member Author

Hey @ronaldpaek the changes on the assets/js/wins.js file is done well.

Thank you @mademarc

@jaasonw jaasonw self-requested a review October 2, 2023 02:54
@jaasonw
Copy link
Member

jaasonw commented Oct 2, 2023

Review ETA: 10/1/2023
Availability: 12PM-6PM

Copy link
Member

@jaasonw jaasonw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Functionally, it looks good on my end. I've some random nitpicks that I'm not sure should be in the scope of this PR as much of it isn't your code


{% include wins-page/wins-filter-template.html %}
{% include wins-page/wins-card-template.html %}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: why did the indentation get changed here (as well as everywhere else)?

const teamArr = [];
const responses = document.querySelector("#responses");
responses.querySelectorAll('.wins-card-team:not([style*="display:none"]):not([style*="display: none"]').forEach(item => {
let value = item.textContent.replace("Team(s):", "").trim();
Copy link
Member

@jaasonw jaasonw Oct 2, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: a lot of these lets don't actually need to be lets because they're never reassigned and should be const instead. The eslint rule for this is prefer-const

const roleDropDown = document.getElementById("role-dropdown");
const teamDropDown = document.getElementById("team-dropdown");

for(const [key] of Object.entries(roleHash)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: using Object.keys() avoids having to destructure an array like this

teamsInCard = teamsInCard.split(",").map(x => x.trim());
let rolesInCard = (card.querySelector('.wins-card-role').textContent.replace("Role(s):", "")).trim();
rolesInCard = rolesInCard.split(",").map(x => x.trim());
// let cardUnion = [...rolesInCard, ...teamsInCard];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: commented code could be removed

const LINKEDIN_ICON = '/assets/images/wins-page/icon-linkedin-small.svg'
const winsCardContainer = document.querySelector('#responses');
cards.forEach((card, index) => {
// if (card[display] != true) return;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: commented code could be removed

cloneCardTemplate.querySelector('.wins-card-github-icon').setAttribute('hidden', 'true')
}

cloneCardTemplate.querySelector('.project-inner.wins-card-team').innerHTML = `<span class="wins-team-role-color">Team(s): </span> ${card[team]}`;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using innerHTML like this is a potential XSS vulnerability here if the data source is compromised or not properly sanitized

}

const overlayName = document.querySelector('#overlay-name');
overlayName.innerHTML = data[i][name];
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to my other comment about XSS

@ExperimentsInHonesty
Copy link
Member

I made a change to your text above to remove fixes, since we don't want it to close the related issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Complexity: Large Draft Issue is still in the process of being created Feature: Board/GitHub Maintenance Project board maintenance that we have to do repeatedly role: back end/devOps Tasks for back-end developers size: 2pt Can be done in 7-12 hours
Projects
Status: PRs being reviewed
Development

Successfully merging this pull request may close these issues.

5 participants