profile
viewpoint
Greg Hurrell wincent Liferay Madrid, Spain https://wincent.com/ Frontend at Liferay, Ex-Facebook, Coke Zero Endorser, Aspiring Curmudgeon

wincent/command-t 2440

⌨️ Fast file navigation for VIM

wincent/clipper 399

✂️ Clipboard access for local and remote tmux sessions

wincent/corpus 36

📝 A note-management application for macOS

wincent/cv 4

📜 Curriculum vitae

wincent/atosym 3

dSYM-compatible replacement for atos

wincent/bansshee 2

Anti-SSH-attack tool

wincent/automatic-octo-barnacle-theme 1

Empty Liferay 7.1 theme created for testing purposes

wincent/clipper-lightning-talk 1

Lightning talk on Clipper (clipboard access for local and remote tmux sessions)

wincent/converter 1

⚛️ Simple demo app for React workshop

release liferay/liferay-npm-tools

liferay-npm-scripts/v32.3.0

released time in 2 minutes

PR opened liferay/liferay-npm-tools

docs(scripts): fix version numbers in CHANGELOG.md documentation liferay-npm-scripts

Caused because I thought the next version was going to be v33.3.0 but then when I actually updated/published (with yarn version --minor) I saw that it's actually v32.3.0.

+2 -2

0 comment

1 changed file

pr created time in 4 minutes

create barnchliferay/liferay-npm-tools

branch : wincent/changelog-fix

created branch time in 4 minutes

push eventliferay/liferay-npm-tools

Greg Hurrell

commit sha 5a0e9cfe044667929e069e742ba459a098d06339

feat(scripts): add additional webpack plugins As requested here: https://github.com/liferay/liferay-frontend-guidelines/issues/156 Added: - html-webpack-plugin to create/modify html files: https://www.npmjs.com/package/html-webpack-plugin - mini-css-extract-plugin to extract CSS: https://www.npmjs.com/package/mini-css-extract-plugin - script-ext-html-webpack-plugin to inline scripts: https://www.npmjs.com/package/script-ext-html-webpack-plugin - style-ext-html-webpack-plugin to inline CSS: https://www.npmjs.com/package/style-ext-html-webpack-plugin We gathered some basic data about the proposed plugins to evaluate their risk (from least to most sketchy): - https://github.com/webpack-contrib/mini-css-extract-plugin - 7.8m weekly downloads - 3.9k GitHub stars - 59 open issues - 26 open (non-bot) PRs - Last commit: Dec 2019 - Last release: Dec 2019 - 4 top-level items in dependency graph. - https://github.com/jantimon/html-webpack-plugin - 2.2m weekly downloads - 8.8k GitHub stars - 33 open issues - 6 open (non-bot) PRs - Last commit: May 2020 - Last release: Apr 2020 - 9 top-level items in dependency graph. - https://github.com/numical/script-ext-html-webpack-plugin - 123k weekly downloads - 497 GitHub stars - 15 open issues - 1 open (non-bot) PR - Last commit: July 2019 - Last tagged release: Nov 2018; last non-tagged release: July 2019; issue: https://github.com/numical/script-ext-html-webpack-plugin/issues/76 - 1 top-level item in dependency graph. - https://github.com/numical/style-ext-html-webpack-plugin - 33k weekly downloads - 120 GitHub stars - 6 open issues - 0 open (non-bot) PRs - Last commit: July 2019 - Last tagged release: Jan 2018; last non-tagged release: July 2019; issue: https://github.com/numical/style-ext-html-webpack-plugin/issues/51 - 2 top-level items in dependency graph. No glaring red flags there, and only really a yellow flag to note the lack of tags for the numical plugins (and the non-response to the issues that I opened about this over the last 20 days)). All in all though, we left the request open for a few weeks to give people a chance to comment on it and nobody did, and these dependencies are relatively self contained (in the sense that they are webpack-only, and internal-only, so we can change our mind about them in the future), so we're going to merge them in. Done with: yarn add \ html-webpack-plugin@4.3.0 \ script-ext-html-webpack-plugin@2.1.4 \ mini-css-extract-plugin@0.9.0 \ style-ext-html-webpack-plugin@4.1.2 Note that the original request mentioned v2.1.1 of the script-ext-html-webpack-plugin, but looking at the changes from there up to v2.1.4, I believe the newer version should be compatible. `yarn audit` before: 3391 vulnerabilities found - Packages audited: 2469 Severity: 3340 Low | 38 Moderate | 13 High `yarn audit` after: 3393 vulnerabilities found - Packages audited: 2486 Severity: 3342 Low | 38 Moderate | 13 High `yarn audit` diff: ``` diff --git a/tmp/before b/tmp/after index 557a697..2ca1bc6 100644 --- a/tmp/before +++ b/tmp/after @@ -38704,6 +38704,20 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ liferay-npm-scripts │ ├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Path │ liferay-npm-scripts > html-webpack-plugin > loader-utils > │ +│ │ json5 > minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ More info │ https://www.npmjs.com/advisories/1179 │ +└───────────────┴──────────────────────────────────────────────────────────────┘ +┌───────────────┬──────────────────────────────────────────────────────────────┐ +│ low │ Prototype Pollution │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Package │ minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Dependency of │ liferay-npm-scripts │ +├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ liferay-npm-scripts > liferay-lang-key-dev-loader > │ │ │ loader-utils > json5 > minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ @@ -38718,6 +38732,20 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ liferay-npm-scripts │ ├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Path │ liferay-npm-scripts > mini-css-extract-plugin > loader-utils │ +│ │ > json5 > minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ More info │ https://www.npmjs.com/advisories/1179 │ +└───────────────┴──────────────────────────────────────────────────────────────┘ +┌───────────────┬──────────────────────────────────────────────────────────────┐ +│ low │ Prototype Pollution │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Package │ minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Dependency of │ liferay-npm-scripts │ +├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ liferay-npm-scripts > sass-loader > loader-utils > json5 > │ │ │ minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ @@ -53988,6 +54016,6 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://www.npmjs.com/advisories/1500 │ └───────────────┴──────────────────────────────────────────────────────────────┘ -3391 vulnerabilities found - Packages audited: 2469 -Severity: 3340 Low | 38 Moderate | 13 High -Done in 5.20s. +3393 vulnerabilities found - Packages audited: 2486 +Severity: 3342 Low | 38 Moderate | 13 High +Done in 4.46s. ``` In short, I don't seen anything too concerning there.

view details

Greg Hurrell

commit sha f970ec5ab521a367fb5d09bcd2ff67bf8837c060

chore: deduplicate yarn.lock With `npx yarn-deduplicate yarn.lock`.

view details

Greg Hurrell

commit sha 77fbb7aca7abae6f32876c175b47603852c14cd6

Merge pull request #457 from liferay/wincent/webpack-deps feat(scripts): add additional webpack plugins

view details

Greg Hurrell

commit sha 29dbc3965874632a18192992be61224993fd06d8

chore: prepare liferay-npm-scripts/v32.3.0

view details

push time in 8 minutes

push eventliferay/liferay-npm-tools

Greg Hurrell

commit sha 29dbc3965874632a18192992be61224993fd06d8

chore: prepare liferay-npm-scripts/v32.3.0

view details

push time in 8 minutes

created tagliferay/liferay-npm-tools

tagliferay-npm-scripts/v32.3.0

Collection of tools for using npm in Liferay

created time in 8 minutes

push eventliferay/liferay-npm-tools

Greg Hurrell

commit sha 5a0e9cfe044667929e069e742ba459a098d06339

feat(scripts): add additional webpack plugins As requested here: https://github.com/liferay/liferay-frontend-guidelines/issues/156 Added: - html-webpack-plugin to create/modify html files: https://www.npmjs.com/package/html-webpack-plugin - mini-css-extract-plugin to extract CSS: https://www.npmjs.com/package/mini-css-extract-plugin - script-ext-html-webpack-plugin to inline scripts: https://www.npmjs.com/package/script-ext-html-webpack-plugin - style-ext-html-webpack-plugin to inline CSS: https://www.npmjs.com/package/style-ext-html-webpack-plugin We gathered some basic data about the proposed plugins to evaluate their risk (from least to most sketchy): - https://github.com/webpack-contrib/mini-css-extract-plugin - 7.8m weekly downloads - 3.9k GitHub stars - 59 open issues - 26 open (non-bot) PRs - Last commit: Dec 2019 - Last release: Dec 2019 - 4 top-level items in dependency graph. - https://github.com/jantimon/html-webpack-plugin - 2.2m weekly downloads - 8.8k GitHub stars - 33 open issues - 6 open (non-bot) PRs - Last commit: May 2020 - Last release: Apr 2020 - 9 top-level items in dependency graph. - https://github.com/numical/script-ext-html-webpack-plugin - 123k weekly downloads - 497 GitHub stars - 15 open issues - 1 open (non-bot) PR - Last commit: July 2019 - Last tagged release: Nov 2018; last non-tagged release: July 2019; issue: https://github.com/numical/script-ext-html-webpack-plugin/issues/76 - 1 top-level item in dependency graph. - https://github.com/numical/style-ext-html-webpack-plugin - 33k weekly downloads - 120 GitHub stars - 6 open issues - 0 open (non-bot) PRs - Last commit: July 2019 - Last tagged release: Jan 2018; last non-tagged release: July 2019; issue: https://github.com/numical/style-ext-html-webpack-plugin/issues/51 - 2 top-level items in dependency graph. No glaring red flags there, and only really a yellow flag to note the lack of tags for the numical plugins (and the non-response to the issues that I opened about this over the last 20 days)). All in all though, we left the request open for a few weeks to give people a chance to comment on it and nobody did, and these dependencies are relatively self contained (in the sense that they are webpack-only, and internal-only, so we can change our mind about them in the future), so we're going to merge them in. Done with: yarn add \ html-webpack-plugin@4.3.0 \ script-ext-html-webpack-plugin@2.1.4 \ mini-css-extract-plugin@0.9.0 \ style-ext-html-webpack-plugin@4.1.2 Note that the original request mentioned v2.1.1 of the script-ext-html-webpack-plugin, but looking at the changes from there up to v2.1.4, I believe the newer version should be compatible. `yarn audit` before: 3391 vulnerabilities found - Packages audited: 2469 Severity: 3340 Low | 38 Moderate | 13 High `yarn audit` after: 3393 vulnerabilities found - Packages audited: 2486 Severity: 3342 Low | 38 Moderate | 13 High `yarn audit` diff: ``` diff --git a/tmp/before b/tmp/after index 557a697..2ca1bc6 100644 --- a/tmp/before +++ b/tmp/after @@ -38704,6 +38704,20 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ liferay-npm-scripts │ ├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Path │ liferay-npm-scripts > html-webpack-plugin > loader-utils > │ +│ │ json5 > minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ More info │ https://www.npmjs.com/advisories/1179 │ +└───────────────┴──────────────────────────────────────────────────────────────┘ +┌───────────────┬──────────────────────────────────────────────────────────────┐ +│ low │ Prototype Pollution │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Package │ minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Dependency of │ liferay-npm-scripts │ +├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ liferay-npm-scripts > liferay-lang-key-dev-loader > │ │ │ loader-utils > json5 > minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ @@ -38718,6 +38732,20 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ Dependency of │ liferay-npm-scripts │ ├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Path │ liferay-npm-scripts > mini-css-extract-plugin > loader-utils │ +│ │ > json5 > minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ More info │ https://www.npmjs.com/advisories/1179 │ +└───────────────┴──────────────────────────────────────────────────────────────┘ +┌───────────────┬──────────────────────────────────────────────────────────────┐ +│ low │ Prototype Pollution │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Package │ minimist │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Patched in │ >=0.2.1 <1.0.0 || >=1.2.3 │ +├───────────────┼──────────────────────────────────────────────────────────────┤ +│ Dependency of │ liferay-npm-scripts │ +├───────────────┼──────────────────────────────────────────────────────────────┤ │ Path │ liferay-npm-scripts > sass-loader > loader-utils > json5 > │ │ │ minimist │ ├───────────────┼──────────────────────────────────────────────────────────────┤ @@ -53988,6 +54016,6 @@ yarn audit v1.22.4 ├───────────────┼──────────────────────────────────────────────────────────────┤ │ More info │ https://www.npmjs.com/advisories/1500 │ └───────────────┴──────────────────────────────────────────────────────────────┘ -3391 vulnerabilities found - Packages audited: 2469 -Severity: 3340 Low | 38 Moderate | 13 High -Done in 5.20s. +3393 vulnerabilities found - Packages audited: 2486 +Severity: 3342 Low | 38 Moderate | 13 High +Done in 4.46s. ``` In short, I don't seen anything too concerning there.

view details

Greg Hurrell

commit sha f970ec5ab521a367fb5d09bcd2ff67bf8837c060

chore: deduplicate yarn.lock With `npx yarn-deduplicate yarn.lock`.

view details

Greg Hurrell

commit sha 77fbb7aca7abae6f32876c175b47603852c14cd6

Merge pull request #457 from liferay/wincent/webpack-deps feat(scripts): add additional webpack plugins

view details

push time in 11 minutes

delete branch liferay/liferay-npm-tools

delete branch : wincent/webpack-deps

delete time in 11 minutes

PR merged liferay/liferay-npm-tools

feat(scripts): add additional webpack plugins feature liferay-npm-scripts

As requested in https://github.com/liferay/liferay-frontend-guidelines/issues/156.

Added:

We gathered some basic data about the proposed plugins to evaluate their risk (from least to most sketchy):

  • https://github.com/webpack-contrib/mini-css-extract-plugin
    • 7.8m weekly downloads
    • 3.9k GitHub stars
    • 59 open issues
    • 26 open (non-bot) PRs
    • Last commit: Dec 2019
    • Last release: Dec 2019
    • 4 top-level items in dependency graph.
  • https://github.com/jantimon/html-webpack-plugin
    • 2.2m weekly downloads
    • 8.8k GitHub stars
    • 33 open issues
    • 6 open (non-bot) PRs
    • Last commit: May 2020
    • Last release: Apr 2020
    • 9 top-level items in dependency graph.
  • https://github.com/numical/script-ext-html-webpack-plugin
    • 123k weekly downloads
    • 497 GitHub stars
    • 15 open issues
    • 1 open (non-bot) PR
    • Last commit: July 2019
    • Last tagged release: Nov 2018; last non-tagged release: July 2019 (issue)
    • 1 top-level item in dependency graph.
  • https://github.com/numical/style-ext-html-webpack-plugin
    • 33k weekly downloads
    • 120 GitHub stars
    • 6 open issues
    • 0 open (non-bot) PRs
    • Last commit: July 2019
    • Last tagged release: Jan 2018; last non-tagged release: July 2019 (issue)
    • 2 top-level items in dependency graph.

No glaring red flags there, and only really a yellow flag to note the lack of tags for the numical plugins (and the non-response to the issues that I opened about this over the last 20 days). All in all though, we left the request open for a few weeks to give people a chance to comment on it and nobody did, and these dependencies are relatively self contained (in the sense that they are webpack-only, and internal-only, so we can change our mind about them in the future), so we're going to merge them in.

Done with:

yarn add \
  html-webpack-plugin@4.3.0 \
  script-ext-html-webpack-plugin@2.1.4 \
  mini-css-extract-plugin@0.9.0 \
  style-ext-html-webpack-plugin@4.1.2

Note that the original request mentioned v2.1.1 of the script-ext-html-webpack-plugin, but looking at the changes from there up to v2.1.4, I believe the newer version should be compatible.

yarn audit before:

3391 vulnerabilities found - Packages audited: 2469
Severity: 3340 Low | 38 Moderate | 13 High

yarn audit after:

3393 vulnerabilities found - Packages audited: 2486
Severity: 3342 Low | 38 Moderate | 13 High

yarn audit diff:

diff --git a/tmp/before b/tmp/after
index 557a697..2ca1bc6 100644
--- a/tmp/before
+++ b/tmp/after
@@ -38704,6 +38704,20 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Dependency of │ liferay-npm-scripts                                          │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Path          │ liferay-npm-scripts > html-webpack-plugin > loader-utils >   │
+│               │ json5 > minimist                                             │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ More info     │ https://www.npmjs.com/advisories/1179                        │
+└───────────────┴──────────────────────────────────────────────────────────────┘
+┌───────────────┬──────────────────────────────────────────────────────────────┐
+│ low           │ Prototype Pollution                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Package       │ minimist                                                     │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Dependency of │ liferay-npm-scripts                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Path          │ liferay-npm-scripts > liferay-lang-key-dev-loader >          │
 │               │ loader-utils > json5 > minimist                              │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
@@ -38718,6 +38732,20 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Dependency of │ liferay-npm-scripts                                          │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Path          │ liferay-npm-scripts > mini-css-extract-plugin > loader-utils │
+│               │ > json5 > minimist                                           │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ More info     │ https://www.npmjs.com/advisories/1179                        │
+└───────────────┴──────────────────────────────────────────────────────────────┘
+┌───────────────┬──────────────────────────────────────────────────────────────┐
+│ low           │ Prototype Pollution                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Package       │ minimist                                                     │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Dependency of │ liferay-npm-scripts                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Path          │ liferay-npm-scripts > sass-loader > loader-utils > json5 >   │
 │               │ minimist                                                     │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
@@ -53988,6 +54016,6 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ More info     │ https://www.npmjs.com/advisories/1500                        │
 └───────────────┴──────────────────────────────────────────────────────────────┘
-3391 vulnerabilities found - Packages audited: 2469
-Severity: 3340 Low | 38 Moderate | 13 High
-Done in 5.20s.
+3393 vulnerabilities found - Packages audited: 2486
+Severity: 3342 Low | 38 Moderate | 13 High
+Done in 4.46s.

In short, I don't seen anything too concerning there.

+85 -13

1 comment

2 changed files

wincent

pr closed time in 12 minutes

pull request commentliferay/liferay-npm-tools

feat(scripts): add additional webpack plugins

For some reason GitHub isn't showing this as green, but it is:

Screenshot 2020-06-02 -131221-iBV25WkM@2x

So I'm going to merge it.

wincent

comment created time in 12 minutes

pull request commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

@wincent concerning security, I'm all for it; so maybe we can talk over Slack to see who we can /cc when everything is ready to be merged.

And FWIW, I think async/retrospective review is fine as well, if we can't get a timely review from anybody else (we just released the last GA, so even if we found a problem after merging, we theoretically have time to fast-follow with a fix before the next GA). I'm just flagging this out of caution.

wincent

comment created time in 42 minutes

PR opened liferay/liferay-npm-tools

feat(scripts): add additional webpack plugins feature liferay-npm-scripts

As requested in https://github.com/liferay/liferay-frontend-guidelines/issues/156.

Added:

We gathered some basic data about the proposed plugins to evaluate their risk (from least to most sketchy):

  • https://github.com/webpack-contrib/mini-css-extract-plugin
    • 7.8m weekly downloads
    • 3.9k GitHub stars
    • 59 open issues
    • 26 open (non-bot) PRs
    • Last commit: Dec 2019
    • Last release: Dec 2019
    • 4 top-level items in dependency graph.
  • https://github.com/jantimon/html-webpack-plugin
    • 2.2m weekly downloads
    • 8.8k GitHub stars
    • 33 open issues
    • 6 open (non-bot) PRs
    • Last commit: May 2020
    • Last release: Apr 2020
    • 9 top-level items in dependency graph.
  • https://github.com/numical/script-ext-html-webpack-plugin
    • 123k weekly downloads
    • 497 GitHub stars
    • 15 open issues
    • 1 open (non-bot) PR
    • Last commit: July 2019
    • Last tagged release: Nov 2018; last non-tagged release: July 2019 (issue)
    • 1 top-level item in dependency graph.
  • https://github.com/numical/style-ext-html-webpack-plugin
    • 33k weekly downloads
    • 120 GitHub stars
    • 6 open issues
    • 0 open (non-bot) PRs
    • Last commit: July 2019
    • Last tagged release: Jan 2018; last non-tagged release: July 2019 (issue)
    • 2 top-level items in dependency graph.

No glaring red flags there, and only really a yellow flag to note the lack of tags for the numical plugins (and the non-response to the issues that I opened about this over the last 20 days). All in all though, we left the request open for a few weeks to give people a chance to comment on it and nobody did, and these dependencies are relatively self contained (in the sense that they are webpack-only, and internal-only, so we can change our mind about them in the future), so we're going to merge them in.

Done with:

yarn add \
  html-webpack-plugin@4.3.0 \
  script-ext-html-webpack-plugin@2.1.4 \
  mini-css-extract-plugin@0.9.0 \
  style-ext-html-webpack-plugin@4.1.2

Note that the original request mentioned v2.1.1 of the script-ext-html-webpack-plugin, but looking at the changes from there up to v2.1.4, I believe the newer version should be compatible.

yarn audit before:

3391 vulnerabilities found - Packages audited: 2469
Severity: 3340 Low | 38 Moderate | 13 High

yarn audit after:

3393 vulnerabilities found - Packages audited: 2486
Severity: 3342 Low | 38 Moderate | 13 High

yarn audit diff:

diff --git a/tmp/before b/tmp/after
index 557a697..2ca1bc6 100644
--- a/tmp/before
+++ b/tmp/after
@@ -38704,6 +38704,20 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Dependency of │ liferay-npm-scripts                                          │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Path          │ liferay-npm-scripts > html-webpack-plugin > loader-utils >   │
+│               │ json5 > minimist                                             │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ More info     │ https://www.npmjs.com/advisories/1179                        │
+└───────────────┴──────────────────────────────────────────────────────────────┘
+┌───────────────┬──────────────────────────────────────────────────────────────┐
+│ low           │ Prototype Pollution                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Package       │ minimist                                                     │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Dependency of │ liferay-npm-scripts                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Path          │ liferay-npm-scripts > liferay-lang-key-dev-loader >          │
 │               │ loader-utils > json5 > minimist                              │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
@@ -38718,6 +38732,20 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Dependency of │ liferay-npm-scripts                                          │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Path          │ liferay-npm-scripts > mini-css-extract-plugin > loader-utils │
+│               │ > json5 > minimist                                           │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ More info     │ https://www.npmjs.com/advisories/1179                        │
+└───────────────┴──────────────────────────────────────────────────────────────┘
+┌───────────────┬──────────────────────────────────────────────────────────────┐
+│ low           │ Prototype Pollution                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Package       │ minimist                                                     │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Patched in    │ >=0.2.1 <1.0.0 || >=1.2.3                                    │
+├───────────────┼──────────────────────────────────────────────────────────────┤
+│ Dependency of │ liferay-npm-scripts                                          │
+├───────────────┼──────────────────────────────────────────────────────────────┤
 │ Path          │ liferay-npm-scripts > sass-loader > loader-utils > json5 >   │
 │               │ minimist                                                     │
 ├───────────────┼──────────────────────────────────────────────────────────────┤
@@ -53988,6 +54016,6 @@ yarn audit v1.22.4
 ├───────────────┼──────────────────────────────────────────────────────────────┤
 │ More info     │ https://www.npmjs.com/advisories/1500                        │
 └───────────────┴──────────────────────────────────────────────────────────────┘
-3391 vulnerabilities found - Packages audited: 2469
-Severity: 3340 Low | 38 Moderate | 13 High
-Done in 5.20s.
+3393 vulnerabilities found - Packages audited: 2486
+Severity: 3342 Low | 38 Moderate | 13 High
+Done in 4.46s.

In short, I don't seen anything too concerning there.

+85 -13

0 comment

2 changed files

pr created time in an hour

create barnchliferay/liferay-npm-tools

branch : wincent/webpack-deps

created branch time in an hour

issue commentautozimu/LanguageClient-neovim

Add support for calling LSP completionItem/resolve implementation when completion items are selected

@take I made a short screencast on it a few weeks ago. Since then I tweaked a few things (mostly color related) to make it look nicer, but you can get a sense of the basics behavior from that.

wincent

comment created time in 2 hours

pull request commentjbalsas/liferay-portal

LPS-114143 Update modal usages in document library

Task history:

task-history

markocikos

comment created time in 2 hours

Pull request review commentwincent/liferay-portal

LPS-114143 Update modal usages in document library

 else { 	</div> </div> -<aui:script use="liferay-util-window">-	var webdavAction = A.one('.<%= randomNamespace %>-webdav-action');--	if (webdavAction) {-		webdavAction.on('click', function (event) {-			event.preventDefault();--			var webdavDialog = Liferay.Util.Window.getWindow({-				dialog: {-					bodyContent: A.one('#<%= randomNamespace %>webDav').html(),-					destroyOnHide: true,-				},-				title:-					'<%= UnicodeLanguageUtil.get(request, "access-from-desktop") %>',+<aui:script>

You're the one that usually prefers simple rules. "Always use aui:script" seems easier than "Use aui:script if X or if Y but <script> otherwise"... 😉

Yes! That's exactly right. But in the spirit of Wayne Gretzky (and skating to where the puck is going, not where it is now), I was thinking about a future where there is no X or Y.

My take-away from all this: I'll stop commenting on aui:script vs script in PRs (I already did), and I hope people will stop asking about it too 😂 — in the future, I agree with you about having more (or less) usages being unlikely to cause us any harm in the event of a migration.

markocikos

comment created time in 2 hours

pull request commentliferay/clay

fix: bad diff args

🤦

It's not that bad, is it? From man git-diff:

       --quiet
           Disable all output of the program. Implies --exit-code.

I would have thought that --quiet was fine (and actually better) for this.

bryceosterhaus

comment created time in 3 hours

issue commentliferay/clay

@clayui/toolbar package?

If we go with the deprecate + create path, does that bother anyone if we did that in v3.x?

Sounds totally fair.

bryceosterhaus

comment created time in 3 hours

Pull request review commentwincent/liferay-portal

LPS-113583 Replaces the usages of `Liferay.Notification` with `Liferay.Util.openToast`

 String samlSubjectScreenName = (String)request.getAttribute(SamlWebKeys.SAML_SUB 	<a href="<%= themeDisplay.getURLSignIn() %>"><liferay-ui:message arguments='<%= "<strong>" + HtmlUtil.escapeAttribute(samlSubjectScreenName) + "</strong>" %>' key="not-x" /></a> </liferay-util:buffer> -<script type="text/javascript">

When you asked this the last time, I told you:

If there is no dependency on AUI, there is no benefit to using aui:script, AFAIK. At least, that was my conclusion when I looked at the difference in the generated output; eg. in this commit, I wrote:

In terms of generated output, the only difference is that the aui:script tag makes an IIFE that sets up some local variables that the scripts don't use:

var $ = AUI.$;var _ = AUI._;

So, that's at least how I understand things work.

But, clouding the issue, when I said the same thing to @markocikos here, he pointed out that @jbalsas had indicated the exact opposite a while back:

We hardly ever use script directly since it prevents us from applying further optimizations... I'd say we might want to use aui:script require="..." and rely on the loader to do its work

I asked for clarification:

I do remember thinking at the time when I read that comment that I wondered whether the optimizations referred to are actually implemented ones, or just things we could do hypothetically. If the latter, then it smacks of a (currently) unnecessary layer of indirection that simply obfuscates what's actually happening, and removing it wouldn't stop us from moving towards newer/different abstractions which implement optimizations.

@jbalsas: I've been telling people on multiple pulls not to use aui:script unless needed, because it seems like yet another thing we'll end up having to get rid of or migrate away from in the move away from AUI. Should I stop doing that? And if these optimizations exist, any pointers to where I could learn more about them?

In the absence of a reply there, I'd say you should do what the boss says.

diegonvs

comment created time in 3 hours

Pull request review commentwincent/liferay-portal

LPS-113583 Replaces the usages of `Liferay.Notification` with `Liferay.Util.openToast`

 AUI.add( 					return time; 				}, -				_getBanner() {+				_onHostSessionStateChange(event) { 					var instance = this; -					var banner = instance._banner;--					if (!banner) {-						banner = new Liferay.Notification({-							closeable: true,-							delay: {-								hide: 0,-								show: 0,-							},-							duration: 500,-							message: instance._warningText,-							on: {-								click(event) {-									if (-										event.domEvent.target.test(-											'.alert-link'-										)-									) {-										event.domEvent.preventDefault();-										instance._host.extend();-									}-									else if (-										event.domEvent.target.test('.close')-									) {-										instance._destroyBanner();-										instance._alertClosed = true;-									}-								},-								focus(event) {-									if (instance._alert) {-										var notificationContainer = A.one(-											'.lfr-notification-container'-										);--										if (-											!notificationContainer.contains(-												event.domEvent.relatedTarget-											)-										) {-											instance._alert.setAttribute(-												'role',-												'alert'-											);-										}-									}-								},-							},-							title: Liferay.Language.get('warning'),-							type: 'warning',-						}).render('body');--						instance._banner = banner;+					if (event.newVal == 'warned') {+						instance._beforeHostWarned(event); 					}--					return banner; 				}, -				_onHostSessionStateChange(event) {+				_renderBanner(config) { 					var instance = this; -					if (event.newVal == 'warned') {-						instance._beforeHostWarned(event);-					}+					var remainingTimeFormatted = instance._formatTime(+						config.remainingTime+					);++					instance._updateRemainingTimeTitle(remainingTimeFormatted);++					return Liferay.Util.openToast(

I'll hold off on testing this for now because we have overlapping PRs and it seems like we could test them more efficiently together.

diegonvs

comment created time in 3 hours

pull request commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

Be aware that there's also https://github.com/wincent/liferay-portal/pull/307 which is a partial duplicate of this (contains a couple commits from here, but under different hashes presumably due to rebasing — I haven't compared their actual contents).

wincent

comment created time in 3 hours

pull request commentwincent/liferay-portal

LPS-113583 Replaces the usages of `Liferay.Notification` with `Liferay.Util.openToast`

I'm not really sure how to proceed here (other than replying to your comments):

Warning Due to c52328f and 08a7a95, this PR depends on #297.

If this depends on #297 (which got closed and moved to https://github.com/jbalsas/liferay-portal/pull/2179), maybe we should update that one instead and have them go in together?

Needs some review from product teams.

Are you planning on mentioning the relevant folks? Or forwarding to them?

diegonvs

comment created time in 3 hours

pull request commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

Ideally, as we endorse an API, we should add some tests to understand what are we actually supporting and what our own API does.

Another thing that occurred to me is that, the bigger this change, the more likely we should cc someone from security (I get nervous about anything to do with escaping/unescaping).

wincent

comment created time in 4 hours

pull request commentliferay-lima/liferay-portal

LPS-114764 Use common usePrevious

Thanks for point this @wincent

Just think of all the bytes saved!

Possibly dozens!

dozens-of-us

boton

comment created time in 4 hours

pull request commentliferay/clay

fix(@clayui/date-picker): remove moment in favor of luxon

Additionally, I want to see if it'd be possible to just use native APIs instead of luxon, so I will continue on that and see what it requires.

Glad you mention this as a possibility. If it could be made to work, that would clearly be a win in terms of size, isolation from the vagaries of third party stuff, and extracting maximum value from the platform.

bryceosterhaus

comment created time in 4 hours

issue commentliferay/liferay-frontend-guidelines

(Placeholder) Update to react-dnd v11.0.0

For reference, I updated to v11.1.1 on the liferay-portal-ee 7.1.x branch over in https://github.com/wincent/liferay-portal-ee/pull/10. I think it wouldn't be too disruptive to do the same on master, but the looks of it.

wincent

comment created time in 5 hours

push eventwincent/liferay-portal

Liferay Translation

commit sha 845593ae0118a5578e82f561a56ebe247c393393

LPS-77699 Update Translations

view details

jpince

commit sha fc13c9c879488f3709d885455fa545538a7ab8c8

LPS-113856 Auto SF

view details

Yang Cao

commit sha 5fe0c3d03bb8581e070488e3c8eed3737aa7900d

LRQA-59052 Reinitialize LiferayEvent for modal iframe

view details

Yang Cao

commit sha 86a84f7837108a890636740e113b499d26f0d797

LRQA-59052 Use selectFrameNoLoading for old iframe

view details

Yang Cao

commit sha 1aad1788127068105a3ca2eb556c5a8c38453ea4

LRQA-59055 Modify locator for section container restriction visual feedback

view details

Yang Cao

commit sha 3c4f83b952d03f56a20a0aa231873e19e875732c

LRQA-59055 Run smoke cases on acceptance

view details

Yang Cao

commit sha 1a6a0624b9591228d8496a7656041087968fa627

LRQA-59060 Remove abandoned steps

view details

Joyce Wang

commit sha 95887481c42de8bfd10f7956a14a4dad2bcd998d

LRQA-59056 Reinitialize liferay event in macros

view details

Joyce Wang

commit sha b767e3d6d446100364580c5ce354dbdbacb63582

LRQA-59053 Quarantine Staging failing tests due to LPS-114570

view details

Della Wang

commit sha 1883e5918470f015447cf86182477eed62a14cc6

LRQA-59050 Update configure title txt for MFA test

view details

Della Wang

commit sha 09954643433f670d611e8aea7a75556324a1e8d6

LRQA-59057 Update resource name for MFA test

view details

Beck Liu

commit sha c8860ecc124ad8636bab7f0ca4265dc031370bb7

LRQA-59049 Fix share tests by select iframe no loading

view details

Beck Liu

commit sha ad4d3254b9cb285cbe5cff0ba14e3f87d378d558

LRQA-59049 Fix KB tests by select iframe no loading

view details

Della Wang

commit sha c4363d9bd560c4cde702d9a0b3ea51711a4335e0

LRQA-59005 Remove assert configure descriptions under System level

view details

Antonio Ortega

commit sha 652f3e08fc5a78a42c7942faaacf76a5df984a0f

LPS-114587 Update jQuery to v3.5.1

view details

oliveiraaraujo

commit sha 3a6c5fd2d8f2323645b77b4355e60f3678913886

LPS-114196 Regen.

view details

oliveiraaraujo

commit sha d7cdd808f833cf43fe8467b4b48c9b3ead2bce66

LPS-114196 Setup frontend test config.

view details

oliveiraaraujo

commit sha b72bdc8c647116bf8dfb4788351b1bcd0d0f6c06

LPS-114196 Increase component frontend test.

view details

Carolina

commit sha 4927ace37a91425c9647e932d7778f16f5848960

LPS-113718 Remove ShareFormPopover component

view details

Carolina

commit sha 51bb9ca52b7e46257950773d4baaecab669710a7

LPS-113718 Include share option into form instance dropdown actions

view details

push time in 5 hours

issue commentautozimu/LanguageClient-neovim

Add support for calling LSP completionItem/resolve implementation when completion items are selected

Yeah it works fine, although I haven't found a way to get it to show previews like this yet.

wincent

comment created time in 11 hours

issue commentliferay/clay

@clayui/toolbar package?

this is a breaking change

One of the consequences of splitting Clay into individual packages is that it limits options for moving things around, because moving anything across package boundaries is likely to cause breakage (at least in the nominal sense, even if we can migrate all the call sites because we control them).

just-sayin

Of course, if this were all bundled together in one package it doesn't mean that we could move stuff around willy nilly without breaking things, but there would at least be some kinds of internal reorganization that we could do without breakage.

bryceosterhaus

comment created time in 20 hours

Pull request review commentliferay/clay

fix(@clayui/list): add dev warning to ensure child elements

 const ClayList: React.FunctionComponent<IProps> & { 				'show-quick-actions-on-hover': showQuickActionsOnHover, 			})} 		>-			{children}+			{children &&+				React.Children.map(children, (child) => {+					warning(+						typeof child.type === 'string' ||+							// @ts-ignore+							(child.type.displayName !== 'ClayListItem' &&+								// @ts-ignore+								child.type.displayName !== 'ClayListHeader'),+						'ClayList: Direct descendant of ClayList must be either ClayList.Item or ClayList.Header.'

This is why I said:

Makes me wonder whether there should be a check (only when process.env.NODE_ENV === 'development') that looks at the children and makes sure there are no non-list children... (or at least no children that are definitely the wrong type of Clay component).

(Emphasis added). That is to say, we can warn if you use the wrong Clay component (ie. displayName is ClaySomething but not ClayListItem or ClayListHeader), so it would catch obvious errors, and remain silent about non-obvious ones. ie. some protection being better than none.

add a note in the docs instead

Never a bad idea.

I'm fine with doing the check or not doing it.

bryceosterhaus

comment created time in a day

push eventwincent/liferay-portal

Liferay Translation

commit sha 690d94bf57783fbde52cefd319ea705addbd6d1d

LPS-77699 Update Translations

view details

Sharry Shi

commit sha 4a7efccc9e7bde70e0f0e0eaa781a7f922b19bce

LRQA-59012 Update the status value

view details

Della Wang

commit sha 8dee1bb24cbd215d3d027a6d201cec80f89bfbd9

LRQA-58986 Update MFA test since LPS-86514

view details

Joyce Wang

commit sha 422486946542fb971ab50d5291533eb332414769

LRQA-58965 Add condition to disable inherit changes when adding site template page

view details

Joyce Wang

commit sha 2779f626ec069a228bb3f8ad90e750a6008fc9d6

LRQA-58965 Add case to view global templates page copy from sites template

view details

shuyangzhou

commit sha 9c92479cb7b3e5177c51e283d22a442abcb4d97c

LPS-113776 Fix unit test, ci:test:relevant failed to detect it from https://github.com/shuyangzhou/liferay-portal/pull/9115

view details

shuyangzhou

commit sha 835f36924c5dc752f4755fcd4be2e9792a471e54

LPS-113776 We are allowing chaining like this now? From 74f0d0c3fdacf28868499daa229471d1a397e6ca

view details

Rodrigo Cunha

commit sha bb14f1c90feabf7881704ee17302a905e53a7189

LPS-113131 - Ignore test until it's fixed

view details

Rodrigo Cunha

commit sha 6a25037f0fa76e9448f8841fc78d5d1c1a195fbc

LPS-114165 - Quarantine failing tests with flakiness

view details

Victor Galan

commit sha 010c41b9c475c0ee9abf7411c8306fb785696ba7

LPS-114349 Do not fail if editableValue does not exist

view details

Cristina González Castellano

commit sha 306be625d81c5c069988477f8a78e911dd739fd0

LPS-114383 Better name

view details

Hugo Huijser

commit sha 16053e6699e21489e5eb7f2a1bc4b46992a4dddd

LPS-114565 Parameterize generic type for AssetRenderer and AssetRendererFactory

view details

Hugo Huijser

commit sha 6af743dbafab90390e892a7eb89546e19f95b4b3

LPS-114565 Parameterize generic type for CTDisplayRenderer

view details

Hugo Huijser

commit sha 7b9241630f8727353fe385129d698e77ec61aead

LPS-114565 Parameterize generic type for FormNavigatorEntry

view details

Hugo Huijser

commit sha 7f454cdd33cc75e30cb9586e22ec8fd720f90bd5

LPS-114565 Parameterize generic type for ScreenNavigationEntry

view details

Aline Éllida D'Oleron Vasconcelos Cantarelli

commit sha 9e83c498188c182dcff8ae78e290c67ee2c84b86

LPS-114211 Fix navbars position

view details

Alejandro Tardín

commit sha aa69b2179381c6085af59020d883c0554ca16637

LPS-114408 Rewording

view details

Alejandro Tardín

commit sha 0ea7d5d4e28760709ad7937814d97ccd21da1dfb

LPS-114408 buildLang

view details

mwilliams2014

commit sha b50ef4ac3211737c744a324e93f260040e0cac70

LRDOCS-7915 Review Breaking Changes

view details

almonwork

commit sha 802b4e43eccc14a7840f39b46653fb294cd3450a

LPS-114421 Wrong string representation of RangeTermFilter

view details

push time in a day

push eventwincent/masochist

Greg Hurrell

commit sha f4c9b261eddd631152b0634285a0b5d0e5ae4def

docs(blog): add a link

view details

push time in 2 days

push eventwincent/masochist

Greg Hurrell

commit sha 592cd15272b4a10af8a7bd21a62888af8b0acdb9

docs(blog): add "Everything is fucked"

view details

push time in 2 days

push eventwincent/wincent

Greg Hurrell

commit sha 166ac6d4c9998eb36d5bb62220b8351c30412070

chore(brew): don't use iTerm2 nightly any more Not because of stability concerns (it's generally super stable), but rather because I tire of the frequent update dialogs.

view details

push time in 2 days

push eventwincent/wincent

Greg Hurrell

commit sha 06e9e1cf80b5c8d1d20e2a69a221871f0a851794

chore(homebrew): temporarily deactivate iStat Menus cask Because it installs for all users by default and I want to do a manual single-user install instead.

view details

push time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha 8b9c96042c05da1e9e4746af3fbf86fd258a5e44

style: format

view details

push time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha 77a8ef9166497eb43ddfabc1b47c5652361bc973

feat(lf): add skim-based "goto" shortcut Because as pretty as "broot" is, it doesn't cut it for very big hierarchies (too slow). So I am going to make "gt" (the "default", because it is easier to type) invoke skim, and "gT" (the "special" mode) invoke broot.

view details

Greg Hurrell

commit sha af7f58f1bd2866b34cacab9b742a6e495e47f34c

feat(lf): implement fake jump list No stack functionality actually exists in `lf`, but we can pretend that it almost does (as a size-limited stack with capacity 1...) via this trick: https://github.com/gokcehan/lf/issues/212

view details

push time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha 524e28d1b4372a037ec51525e67882efaa98a53d

feat(portool): make non-project-local deploy work in commerce etc - Move location detection from `nuke` into `.common.sh` - Use it in `deploy` so that we can use it outside of project directories in the non-main repo; eg. in "modules" of "commerce", `deploy frontend-js-react-web commerce-frontend-js` works (previously you could only use it inside the individual project directories).

view details

Greg Hurrell

commit sha 11fefc51806ac3889247676709f47b056d8e583c

fix(iterm): make Option-Enter work in Broot As described here: https://github.com/Canop/broot/issues/86#issuecomment-635963436 We don't want to treat Option as Escape across the board (because it breaks typing things like "é" and so on), but we can special case it just for Option + Enter.

view details

Greg Hurrell

commit sha 44f0d19ede8568fa39d8263996ca4f7df54bfe07

chore(vim): add "IDE" to spell file

view details

Greg Hurrell

commit sha afe253fa99ee8ad40b7f5720d44f46cd38ee810b

chore(lf): add a copy of the vanilla broot conf.toml file Will customize this for use from inside `lf`, but for now, this is just what you get on first run of broot on macOS (it installs this to ~/Library/Preferences/org.dystroy.broot/conf.toml).

view details

Greg Hurrell

commit sha e8f2ab856dd524c55903e2f1d5843df5fab6b00e

feat(lf): set up custom broot bindings

view details

push time in 4 days

issue commentCanop/broot

MacOs: alt-enter doesn't work for everybody (define another combination?)

option + enter on MacOS Terminal and iTerm need to be set up by users to work properly. Setting it to output Esc+Enter worked for me on iTerm2.

image

This is a good workaround, but only as long as you don't need to use the option key to type "special" characters such as é, ñ, ü, or etc. I'm afraid that makes it a bit of a deal-breaker for me; I'm going to look into using Karabiner-Elements to remap just option+enter and nothing else, and only in the terminal, but that is a pretty invasive/complex workaround — ideally, it would be possible to map another combination for doing what alt+enter does.

Canop

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});++const LEFT_SQUARE_BRACKET = '[';+const RIGHT_SQUARE_BRACKET = ']';

It seems ridiculous to have named constants for these characters.

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});++const LEFT_SQUARE_BRACKET = '[';+const RIGHT_SQUARE_BRACKET = ']';++const HTML_ESCAPE = new RegExp(+	LEFT_SQUARE_BRACKET + htmlUnescapedValues.join('') + RIGHT_SQUARE_BRACKET,+	'g'+);++function _escapeHTML(preventDoubleEscape, entities, entitiesValues, match) {+	let result;++	if (preventDoubleEscape) {+		const argumentsArray = Array.from(arguments);+		const length = argumentsArray.length;++		const offset = argumentsArray[length - 2];+		const string = argumentsArray[length - 1];

I find this a bit obfuscated. We know the regex is going to look something like /["&'\/<>`]/, and the call to String.prototype.replace callback function (ie. this function) is going to get called with the following args, thanks to the bind "magic":

(
    preventDoubleEscape,
    entities,
    entitiesValues,
    match, // matched substring
    // p1, p2 etc -- capturing subgroups
    offset, // index of match
    string, // whole string being search
)

but there will never be any capturing subgroups because of the way we construct the regex pattern (ie. with no parens).

So we could skip all this stuff and change the signature to:

function _escapeHTML(preventDoubleEscape, entities, entitiesValues, match, offset, string) {

and just delete these lines:

const argumentsArray = Array.from(arguments);
const length = argumentsArray.length;

const offset = argumentsArray[length - 2];
const string = argumentsArray[length - 1];

(Note: in the above I didn't change the name of the function or get rid of the bind, but I would do that too.)

I might be tired though, so please double-check this analysis.

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});++const LEFT_SQUARE_BRACKET = '[';+const RIGHT_SQUARE_BRACKET = ']';++const HTML_ESCAPE = new RegExp(+	LEFT_SQUARE_BRACKET + htmlUnescapedValues.join('') + RIGHT_SQUARE_BRACKET,+	'g'+);++function _escapeHTML(preventDoubleEscape, entities, entitiesValues, match) {+	let result;++	if (preventDoubleEscape) {+		const argumentsArray = Array.from(arguments);+		const length = argumentsArray.length;++		const offset = argumentsArray[length - 2];+		const string = argumentsArray[length - 1];++		const nextSemicolonIndex = string.indexOf(';', offset);++		if (nextSemicolonIndex >= 0) {+			const entity = string.substring(offset, nextSemicolonIndex + 1);++			if (entitiesValues.indexOf(entity) >= 0) {+				result = match;+			}+		}+	}++	if (!result) {+		result = entities[match];+	}++	return result;+}++export default function escapeHTML(string, preventDoubleEscape, entities) {+	let regex = HTML_ESCAPE;++	const entitiesList = [];+	let entitiesValues;++	if (entities && typeof entities === 'object') {+		entitiesValues = [];++		Object.keys(entities).forEach((entry) => {

Another instance where you could use destructuring to improve readability.

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});++const LEFT_SQUARE_BRACKET = '[';+const RIGHT_SQUARE_BRACKET = ']';++const HTML_ESCAPE = new RegExp(+	LEFT_SQUARE_BRACKET + htmlUnescapedValues.join('') + RIGHT_SQUARE_BRACKET,+	'g'+);++function _escapeHTML(preventDoubleEscape, entities, entitiesValues, match) {+	let result;++	if (preventDoubleEscape) {+		const argumentsArray = Array.from(arguments);+		const length = argumentsArray.length;++		const offset = argumentsArray[length - 2];+		const string = argumentsArray[length - 1];++		const nextSemicolonIndex = string.indexOf(';', offset);++		if (nextSemicolonIndex >= 0) {+			const entity = string.substring(offset, nextSemicolonIndex + 1);++			if (entitiesValues.indexOf(entity) >= 0) {+				result = match;+			}+		}+	}++	if (!result) {+		result = entities[match];+	}++	return result;+}++export default function escapeHTML(string, preventDoubleEscape, entities) {+	let regex = HTML_ESCAPE;++	const entitiesList = [];+	let entitiesValues;++	if (entities && typeof entities === 'object') {+		entitiesValues = [];++		Object.keys(entities).forEach((entry) => {+			entitiesList.push(entry[1]);++			entitiesValues.push(entry[0]);+		});++		regex = new RegExp(+			LEFT_SQUARE_BRACKET ++				escapeRegEx(entitiesList.join('')) ++				RIGHT_SQUARE_BRACKET,+			'g'+		);+	}+	else {+		entities = MAP_HTML_CHARS_ESCAPED;++		entitiesValues = htmlEscapedValues;+	}++	return string.replace(+		regex,+		_escapeHTML.bind(null, !!preventDoubleEscape, entities, entitiesValues)

This bind seems unnecessarily "clever" 🤷‍♂️

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});

Although as they are "constants", I'd go with all-caps names.

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});

Instead of doing this hand-written slicing and dicing, it seems you could just do:

const htmlEscapedValues = Object.values(MAP_HTML_CHARS_ESCAPED);
const htmlUnescapedValues = Object.keys(MAP_HTML_CHARS_ESCAPED);
wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {

For readability, instead of accessing entry[0] and entry[1], you could use destructuring:

Object.entries(MAP_HTML_CHARS_ESCAPED).forEach(([char, escapedChar]) => {

or similar.

wincent

comment created time in 4 days

Pull request review commentjbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const ESCAPE_REGEX = /([.*+?^$(){}|[\]/\\])/g;++// See: https://github.com/liferay/alloy-ui/blob/835547dd7302c7cd7f5d0c329230f9dd15b93d62/src/aui-base/js/aui-lang.js#L216-L219++function escapeRegEx(str) {+	return str.replace(ESCAPE_REGEX, '\\$1');+}++const MAP_HTML_CHARS_ESCAPED = {+	'"': '&#034;',+	'&': '&amp;',+	"'": '&#039;',+	'/': '&#047;',+	'<': '&lt;',+	'>': '&gt;',+	'`': '&#096;',+};++export {MAP_HTML_CHARS_ESCAPED};++const MAP_HTML_CHARS_UNESCAPED = {};++const htmlEscapedValues = [];++const htmlUnescapedValues = [];++Object.entries(MAP_HTML_CHARS_ESCAPED).forEach((entry) => {+	MAP_HTML_CHARS_UNESCAPED[entry[1]] = entry[0];++	htmlEscapedValues.push(entry[1]);+	htmlUnescapedValues.push(entry[0]);+});++const LEFT_SQUARE_BRACKET = '[';+const RIGHT_SQUARE_BRACKET = ']';++const HTML_ESCAPE = new RegExp(+	LEFT_SQUARE_BRACKET + htmlUnescapedValues.join('') + RIGHT_SQUARE_BRACKET,+	'g'+);++function _escapeHTML(preventDoubleEscape, entities, entitiesValues, match) {

This function is private (it is not exported from the module), so naming it with a leading underscore is a smell that I think we should avoid. Either it should be inline at the one place it is called (that would be my preferred solution), or it should be given a name of its own (along with a justification for why it can't be inlined — and I can't think of only weak or misguided justifications, personally).

wincent

comment created time in 4 days

pull request commentwincent/liferay-portal

LPS-113562 Deprecate `deprecated.js`

@julien: I forwarded a copy to @jbalsas here because I am failing to keep up with my code review responsibilities and I don't want you to end up waiting too long for a review.

julien

comment created time in 4 days

PR opened jbalsas/liferay-portal

LPS-113562 Deprecate `deprecated.js`

Just forwarding a copy of this here from https://github.com/wincent/liferay-portal/pull/306 because there is a chance you might get to it before I do. (I have been looking into IFI-1716 and not finished yet.)


deprecated.js has a comment which mentions LPS-2155, in which it is said that deprecated.js was added to portal.properties in order to allow deprecating JavaScript.

There's no mention of deprecated.js in this portal.properties file, or at least not anymore because it was removed in 60256e30d160. (Found with: git log -G'\bdeprecated\.js\b' -p)

Searching for usages of this file, with:

git grep -G "\b\/deprecated\.js\b"

shows this result:

modules/apps/frontend-js/frontend-js-aui-web/src/main/java/com/liferay/frontend/js/aui/web/internal/servlet/AUITopHeadResources.java: "/liferay/deprecated.js"

Here's a list of the usages of the constants and functions declared in deprecated.js

  • Liferay.Util.MAP_HTML_CHARS_ESCAPED: 2 usages

modules/apps/frontend-editor/frontend-editor-ckeditor-web/src/main/resources/META-INF/resources/_diffs/plugins/bbcode/bbcode_parser.js: var entities = A.merge(Liferay.Util.MAP_HTML_CHARS_ESCAPED, { modules/apps/frontend-editor/frontend-editor-ckeditor-web/src/main/resources/META-INF/resources/_diffs/plugins/bbcode/bbcode_utils.js: var entities = A.merge(Liferay.Util.MAP_HTML_CHARS_ESCAPED, {

  • Liferay.Util.actsAsAspect: 0 usages

  • Liferay.Util.addInputFocus: 0 usages

  • Liferay.Util.addInputType: 0 usages

  • Liferay.Util.camelize: 0 usages

  • Liferay.Util.clamp: 0 usages

  • Liferay.Util.escapeHTML: 8 usages

modules/apps/asset/asset-taglib/src/main/resources/META-INF/resources/input_asset_links/page.jsp: Liferay.Util.escapeHTML( modules/apps/asset/asset-taglib/src/main/resources/META-INF/resources/input_asset_links/page.jsp: Liferay.Util.escapeHTML( modules/apps/asset/asset-taglib/src/main/resources/META-INF/resources/input_asset_links/page.jsp: Liferay.Util.escapeHTML( modules/apps/frontend-js/frontend-js-aui-web/src/main/resources/META-INF/resources/liferay/input_localized.js: helpMessage = Liferay.Util.escapeHTML(helpMessage); modules/apps/sharing/sharing-web/src/main/resources/META-INF/resources/dynamic_include/bottom.jsp: title: Liferay.Util.escapeHTML(title), modules/dxp/apps/portal-workflow/portal-workflow-kaleo-forms-web/src/main/resources/META-INF/resources/admin/js/main.js: currentName = Liferay.Util.escapeHTML(currentName); modules/dxp/apps/portal-workflow/portal-workflow-kaleo-forms-web/src/main/resources/META-INF/resources/admin/process/fields.jsp: Liferay.Util.escapeHTML(ddmStructureName) modules/dxp/apps/portal-workflow/portal-workflow-kaleo-forms-web/src/main/resources/META-INF/resources/admin/process/workflow.jsp: title: Liferay.Util.escapeHTML(event.title),

  • Liferay.Util.isEditorPresent: 0 usages
  • Liferay.Util.randomMinMax: 0 usages
  • Liferay.Util.randomMinMax: 0 usages
  • Liferay.Util.selectAndCopy: 0 usages
  • Liferay.Util.setBox: 0 usages
  • Liferay.Util.startsWith: 0 usages
  • Liferay.Util.textareaTabs: 0 usages
  • Liferay.Util.uncamelize: 0 usages
  • Liferay.Util.unescapeHTML: 0 usages
  • Liferay.Util._escapeHTML: 0 usages
  • Liferay.Util._unescapeHTML: 0 usages

Some other functions, are defined via Liferay.provide on the Liferay.Util global object.

  • Liferay.Util.check: 0 Usages
  • Liferay.Util.disableSelectBoxes: 0 usages
  • Liferay.Util.disableTextareaTabs: 0 usages
  • Liferay.Util.enableTextareaTabs: 0 usages
  • Liferay.Util.removeItem: 0 usages
  • Liferay.Util.resizeTextarea: 0 usages
  • Liferay.Util.setSelectedValue: 0 usages
  • Liferay.Util.switchEditor: 0 usages

Both Liferay.Util.MAP_HTML_CHARS_ESCAPED and Liferay.Util.escapeHTML have been moved to the frontend-js-web module and deprecated.js has been marked as deprecated.

+123 -88

0 comment

3 changed files

pr created time in 4 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

If it's not too hard, and because you have this neat tool to dump the output, would now be the right time to stress test this a little bit with a challenging example (like the layout-content-page-editor-web example that I mentioned earlier)?

izaera

comment created time in 4 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

despair

Well, that just sucks.

izaera

comment created time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha fb4354e9a8aa0abf724a094cd1d767f33854c9ab

fix(tampermonkey): make rendered font size match more closely Monospace font is bigger, which makes it harder to see hard linebreaks (ie. they tend to line up with right edge of text area). So tweak the font size to roughly match the non-monospace version's size.

view details

Greg Hurrell

commit sha 8c84c609d1fbcfec0802707fbb1a117d78f34da4

fix(tampermonkey): fix bad UserScripts links These were preventing auto-updates.

view details

Greg Hurrell

commit sha 0c0e6b14ad8218fb50bb1c287f1c26e01ae18864

test(tampermonkey): show that update mechanism works Just a version number bump to show that it actually works (it does).

view details

push time in 4 days

delete branch liferay/liferay-frontend-guidelines

delete branch : wincent/link-docs

delete time in 4 days

push eventliferay/liferay-frontend-guidelines

Greg Hurrell

commit sha 06c402d04c1d5d4ef89a527d184f84d11b8f4abd

docs: add links to Liferay-specific editor integration info As pointed out here: https://github.com/markocikos/liferay-portal/pull/188#issuecomment-635818859 The info here was stale and did not reflect the latest editor integration guidelines: https://github.com/liferay/liferay-npm-tools/tree/master/packages/liferay-npm-scripts#editor-integrations Rather than copy them here (and risk them getting out of sync), I just linked to them.

view details

Greg Hurrell

commit sha 42070384cdd2377bfbfa813b70cf2114f6133457

Merge pull request #163 from liferay/wincent/link-docs docs: add links to Liferay-specific editor integration info

view details

push time in 4 days

PR merged liferay/liferay-frontend-guidelines

docs: add links to Liferay-specific editor integration info documentation

As pointed out here, the info here was stale and did not reflect the latest editor integration guidelines.

Rather than copy them here (and risk them getting out of sync), I just linked to them.

Note: CI is going to fail on this because CloudFlare has decided to 503 the link verification requests (again). I'll fix that in a separate pull.

+5 -1

1 comment

2 changed files

wincent

pr closed time in 4 days

pull request commentliferay/liferay-frontend-guidelines

docs: add links to Liferay-specific editor integration info

Too trivial to warrant review.

wincent

comment created time in 4 days

push eventliferay/liferay-frontend-guidelines

Greg Hurrell

commit sha 276be685423ea88ee48a33a89828d43a90bf26e1

fix: give up on trying to check codepen.io links Since: https://github.com/liferay/liferay-frontend-guidelines/pull/161 Cloudflare has been 503-ing these links. They used to 403 them, and we got around that in: https://github.com/liferay/liferay-frontend-guidelines/pull/134 But it looks like the party is over now, and I don't think it is worth trying to keep up with them on this one. Another example of a PR with a spurious failure due to these links: https://github.com/liferay/liferay-frontend-guidelines/pull/163

view details

Greg Hurrell

commit sha 8ecf7275f194653e310f788f51993ca42f86e4a7

Merge pull request #164 from liferay/wincent/cloudflare-sigh fix: give up on trying to check codepen.io links

view details

push time in 4 days

delete branch liferay/liferay-frontend-guidelines

delete branch : wincent/cloudflare-sigh

delete time in 4 days

PR merged liferay/liferay-frontend-guidelines

fix: give up on trying to check codepen.io links fix ready

Since https://github.com/liferay/liferay-frontend-guidelines/pull/161 Cloudflare has been 503-ing these links.

They used to 403 them, and we got around that in https://github.com/liferay/liferay-frontend-guidelines/pull/134, but it looks like the party is over now, and I don't think it is worth trying to keep up with them on this one. Another example of a PR with a spurious failure due to these links.

+17 -10

1 comment

1 changed file

wincent

pr closed time in 4 days

pull request commentliferay/liferay-frontend-guidelines

fix: give up on trying to check codepen.io links

Too trivial to warrant review.

wincent

comment created time in 4 days

Pull request review commentliferay/liferay-frontend-guidelines

fix: give up on trying to check codepen.io links

 const statAsync = promisify(fs.stat); const FILTER_PATTERN = /\.md$/;  /**- * Need not-robot-like headers to prevent Cloudflare from rejecting our- * external link checks with 403s.+ * Use not-robot-like headers to attempt to prevent Cloudflare from+ * rejecting our external link checks with 403 or 503 status.

Just to clarify why I'm not deleting this outright. There is still a chance that these headers might allow some Cloudflare-hosted links to be checked, because it seems the security levels are configurable on a per-site basis. For example, see the responses here:

  • https://stackoverflow.com/a/18523671/2103996
  • https://community.cloudflare.com/t/trying-to-curl-to-a-site-protected-by-cloudflare/32918

In short, depends on whether IPs are whitelisted, protections are turned on or off etc.

wincent

comment created time in 4 days

PR opened liferay/liferay-frontend-guidelines

fix: give up on trying to check codepen.io links fix ready

Since https://github.com/liferay/liferay-frontend-guidelines/pull/161 Cloudflare has been 503-ing these links.

They used to 403 them, and we got around that in https://github.com/liferay/liferay-frontend-guidelines/pull/134, but it looks like the party is over now, and I don't think it is worth trying to keep up with them on this one. Another example of a PR with a spurious failure due to these links.

+17 -10

0 comment

1 changed file

pr created time in 4 days

create barnchliferay/liferay-frontend-guidelines

branch : wincent/cloudflare-sigh

created branch time in 4 days

PR opened liferay/liferay-frontend-guidelines

docs: add links to Liferay-specific editor integration info documentation

As pointed out here, the info here was stale and did not reflect the latest editor integration guidelines.

Rather than copy them here (and risk them getting out of sync), I just linked to them.

Note: CI is going to fail on this because CloudFlare has decided to 503 the link verification requests (again). I'll fix that in a separate pull.

+5 -1

0 comment

2 changed files

pr created time in 4 days

push eventliferay/liferay-frontend-guidelines

Greg Hurrell

commit sha 06c402d04c1d5d4ef89a527d184f84d11b8f4abd

docs: add links to Liferay-specific editor integration info As pointed out here: https://github.com/markocikos/liferay-portal/pull/188#issuecomment-635818859 The info here was stale and did not reflect the latest editor integration guidelines: https://github.com/liferay/liferay-npm-tools/tree/master/packages/liferay-npm-scripts#editor-integrations Rather than copy them here (and risk them getting out of sync), I just linked to them.

view details

push time in 4 days

create barnchliferay/liferay-frontend-guidelines

branch : wincent/link-docs

created branch time in 4 days

Pull request review commentliferay/clay

fix(@clayui/list): add dev warning to ensure child elements

 const ClayList: React.FunctionComponent<IProps> & { 				'show-quick-actions-on-hover': showQuickActionsOnHover, 			})} 		>-			{children}+			{children &&+				React.Children.map(children, (child) => {+					warning(

So warning has an if (__DEV__) check inside it (great), but it would be nice to skip the entire React.Children.map call when process.env.NODE_ENV !== 'development.

bryceosterhaus

comment created time in 4 days

pull request commentmarkocikos/liferay-portal

LPS-114143 Passes id and title attributes to iframe

Yes: https://github.com/liferay/liferay-npm-tools/tree/master/packages/liferay-npm-scripts#editor-integrations

I think we need to update the other docs.

jbalsas

comment created time in 4 days

Pull request review commentliferay/clay

chore: only run stats if packages have changed

 jobs:         runs-on: ubuntu-latest         steps:             - uses: actions/setup-node@v1+            - uses: actions/checkout@v2+            - name: Fetch and Diff+              id: diff+              run: |+                  git fetch --no-tags --depth=1 origin ${{ github.event.pull_request.base.sha }}+                  echo "##[set-output name=packages;]$(git diff --quiet ${{ github.event.pull_request.base.sha }} '**/packages*')"

Clever trick! Didn't know about this syntax.

bryceosterhaus

comment created time in 4 days

Pull request review commentliferay/clay

chore: only run stats if packages have changed

 jobs:         steps:             - uses: actions/checkout@v2             - uses: actions/setup-node@v1-            - name: Install yarn & Dependencies-              run: |-                  npm install -g yarn-                  yarn install+            - name: Install Dependencies+              run: yarn install             - name: Check Formatting-              run: |-                  yarn lint-                  yarn format:check+              run: yarn lint && yarn format:check

I don't know whether these steps abort on first failure, but if they don't, it wouldn't hurt for these to be two separate steps (otherwise a lint failure will hide formatting errors).

bryceosterhaus

comment created time in 4 days

pull request commentmarkocikos/liferay-portal

LPS-114143 Passes id and title attributes to iframe

Something fishy going on with SF in https://github.com/markocikos/liferay-portal/pull/188/commits/04c9735342a07886bab541d4c3365b972e2a11d2 on your machine — I suggest we fire the author of https://github.com/liferay/liferay-npm-tools/pull/365

jbalsas

comment created time in 4 days

push eventwincent/liferay-portal

Liferay Translation

commit sha 743d3fbfb8e36c4a09a7c3f175501cb43d453ed0

LPS-77699 Update Translations

view details

Yvonne Han

commit sha 7a3986eb214c68428996f9d2717715e8644157bc

LRQA-58868 Enable tests

view details

Hugo Huijser

commit sha 38db3b904f30ee13fa2bf54b419bba4cefe3a205

LPS-114477 Class that implements TemplateContextContributor should be in package *.template

view details

Hugo Huijser

commit sha 3bcd968e6c4069b55c6de0c748543b0cc75d9e21

LPS-114477 Apply

view details

Hugo Huijser

commit sha cd042ca6d59f5128adaa9c9d7919326bad29e4f8

LPS-114477 Also move HTMLTitleTemplateContextContributorTest

view details

Sharry Shi

commit sha eb3a37db48c4308d9e903440863b4f38ef130bad

LRQA-58984 Update the component name

view details

Rodrigo Cunha

commit sha 40e4a620d0e2f83948b13c7aa63fdbe538813211

LRQA-58951 | master

view details

Hugo Huijser

commit sha d23bfe2af37a761d38f5c230aad2570424829f92

LPS-105380 Parameterize generic type for SearchContainer

view details

Hugo Huijser

commit sha 26d3963eb7be8fcb3c6553135755a27bebab98b2

LPS-105380 Parameterize generic type for ItemSelectorView and ItemSelectorViewDescriptor

view details

Chema Balsas

commit sha 8423412f51fb29d043ecd2633f64bd57a3372d9b

LPS-112464 Allows passing specific containerElements on overriden container classes

view details

Chema Balsas

commit sha 86021c5f2f22e53ed6dd611707a9ddcb905fd7ad

LPS-112464 Implements common deprecated clay tags legacy methods.

view details

Chema Balsas

commit sha 9fb766dd5496017a2262d2cc7eee85c540757589

LPS-112464 Creates new IconTag to replace the legacy, soy-based one

view details

Chema Balsas

commit sha d791d6ddc6a45d646ef14e42119fa5e655875899

LPS-112464 Removes unnecessary CSS class

view details

Chema Balsas

commit sha 188d3379b18b814d16a7dcbf1db96823235f4a4a

LPS-112457 Creates new BadgeTag to replace the legacy soy-based one

view details

Chema Balsas

commit sha e85328106b45849983ad04a7dcdfd3ee0b1d68f7

LPS-112457 Uses clay:badge to replace raw html badge instances

view details

Chema Balsas

commit sha 4ec4c6b9d4a6c5f8232782dd861ce9348226411c

LPS-112466 Creates new LabelTag to replace the legacy soy-based one This also creates a set of new LabelItem*Tag to control how to generate content inside the label

view details

Chema Balsas

commit sha 48d379865242e1f9c68ab88f02ebb91708a32987

LPS-112466 Updates usage of deprecated clay:label attributes

view details

Chema Balsas

commit sha e06bfd1ff84094535e27370144298311ae368e1f

LPS-112466 Uses clay:label to replace raw html badge instances and updates existing clay:label usages

view details

Chema Balsas

commit sha 2916d58cacbf50199843365282bc2815a6369373

LPS-112474 Creates new StickerTag to replace the legacy soy-based one

view details

Chema Balsas

commit sha d7b086b1619ab01b9f16f0fa689615351bab2acb

LPS-112474 Uses clay:sticker to replace raw html sticker instances

view details

push time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha 108971deea4b3db78b1bb7216882927d649267c4

feat(lf): use broot to jump to directories Mapping "gt" (mnemonic, "go to"). Alt-Enter cds to the selected item; needs tweak in iTerm as noted here: https://github.com/Canop/broot/issues/86#issuecomment-572641935

view details

push time in 4 days

startedCanop/broot

started time in 4 days

push eventwincent/wincent

Greg Hurrell

commit sha de9d89879af78c7358c823a54d9c948b8a835c09

feat(lf): select file in Finder instead of just opening containing folder Obviously, only works on macOS at this point.

view details

push time in 4 days

pull request commentwincent/liferay-portal

LPS-113200 prove Management Toolbar Creation Menu "More" button behavior

Mid-air collision, as they say.

markocikos

comment created time in 5 days

PR closed wincent/liferay-portal

LPS-113200 prove Management Toolbar Creation Menu "More" button behavior

Hey @wincent ,

This is a followup on https://github.com/jbalsas/liferay-portal/pull/2172. We are updating remaining modals in journal-web and document-library-web.

The problem with the 'more' modal is explained in detail in https://issues.liferay.com/browse/LPS-113200. The goal in this PR is to ensure the default menu behavior, extension, happens only if modal is not implemented:

  1. We are wrapping default behavior in setTimeout(extendMenu, 0), ensuring that handler defined in modules executes first.
  2. This is enough for journal-web, but in document-library-web we are opening Liferay.Util.openModal from AUI module, meaning it opens asynchronously. That is why we are adding Liferay.creationMenuMoreModal and synchronizing over it.

So, the order of execution is:

  1. Handler in frontend-taglib-clay. We do nothing, delay its execution.
  2. Handler in document-library-web. We set Liferay.creationMenuMoreModal
  3. Delayed execution in frontend-taglib-clay. If Liferay.creationMenuMoreModal was set, we prevent default behavior.
  4. Modal opens.

Test in document library:

  1. Documents and Media > Doyument Types tab > Create 10 document types
  2. Documents and Media tab > (+) > More
  3. Close modal.
  4. Documents and Media tab > (+) > More
  5. Select a type. This opens a new input page.

Test in journal:

  1. Web Content > Structures > Create 7 structures
  2. Web Content tab > (+) > More
  3. Close modal.
  4. Web Content tab > (+) > More
  5. Select a structure. This opens a new input page.

Test of default behavior:

  1. Site Builder > Widget Templates > (+) > More

Please review the code.

Thank you!

/cc @jbalsas @carloslancha

+59 -72

4 comments

5 changed files

markocikos

pr closed time in 5 days

pull request commentwincent/liferay-portal

LPS-113200 prove Management Toolbar Creation Menu "More" button behavior

Going to move this over to https://github.com/jbalsas/liferay-portal/pull/2190 instead because I am unlikely to be able to look at this soon enough to give you useful or meaningful feedback. I would have looked at this tonight before knocking off work but I'm afraid I ran out of time.

markocikos

comment created time in 5 days

PR opened jbalsas/liferay-portal

LPS-113200 prove Management Toolbar Creation Menu "More" button behavior

Forwarding you a copy of this from https://github.com/wincent/liferay-portal/pull/305 because I am still battling with Commerce issues in https://github.com/wincent/liferay-portal-ee/pull/9 and it is possible you will be able to look at it before I get to it, and in any case, my capacity to usefully review is pretty eroded at this point.

Original message follows.


Hey @wincent ,

This is a followup on https://github.com/jbalsas/liferay-portal/pull/2172. We are updating remaining modals in journal-web and document-library-web.

The problem with the 'more' modal is explained in detail in https://issues.liferay.com/browse/LPS-113200. The goal in this PR is to ensure the default menu behavior, extension, happens only if modal is not implemented:

  1. We are wrapping default behavior in setTimeout(extendMenu, 0), ensuring that handler defined in modules executes first.
  2. This is enough for journal-web, but in document-library-web we are opening Liferay.Util.openModal from AUI module, meaning it opens asynchronously. That is why we are adding Liferay.creationMenuMoreModal and synchronizing over it.

So, the order of execution is:

  1. Handler in frontend-taglib-clay. We do nothing, delay its execution.
  2. Handler in document-library-web. We set Liferay.creationMenuMoreModal
  3. Delayed execution in frontend-taglib-clay. If Liferay.creationMenuMoreModal was set, we prevent default behavior.
  4. Modal opens.

Test in document library:

  1. Documents and Media > Doyument Types tab > Create 10 document types
  2. Documents and Media tab > (+) > More
  3. Close modal.
  4. Documents and Media tab > (+) > More
  5. Select a type. This opens a new input page.

Test in journal:

  1. Web Content > Structures > Create 7 structures
  2. Web Content tab > (+) > More
  3. Close modal.
  4. Web Content tab > (+) > More
  5. Select a structure. This opens a new input page.

Test of default behavior:

  1. Site Builder > Widget Templates > (+) > More

Please review the code.

Thank you!

/cc @jbalsas @carloslancha

+59 -72

0 comment

5 changed files

pr created time in 5 days

issue openedjustinmk/vim-dirvish

Dirvish gets confused inside folders containing "$"

To reproduce

mkdir 'x$y'
touch 'x$y/z'
vim 'x$y/z'

Then hit - to bring up Dirvish.

Expected result

  • See Dirvish listing containing file, "z".

Actual result

  • See empty dirvish listing.
  • Bufname is x$y/.

If you hit - again, you will see the directory that contains the problem folder, and x$y/ is present in the list.

Observations

Problem is that the glob() call here is returning an empty list.

  • glob('/private/var/folders/yc/1x2y2qld1g95tvtjpd89hdrm0000gp/T/tmp.5UImj1z0/x$y/*', 1, 1) produces an empty list.
  • glob('/private/var/folders/yc/1x2y2qld1g95tvtjpd89hdrm0000gp/T/tmp.5UImj1z0/x$y/*', 0, 1) produces an empty list also (ie. behavior is independent of suffix argument, and in any case, my 'wildignore' is *.o,*.rej).
  • glob('/private/var/folders/yc/1x2y2qld1g95tvtjpd89hdrm0000gp/T/tmp.5UImj1z0/x\$y/*', 1, 1) produces a non-empty list.

ie. If I backslash-escape the $ then everything works fine. In other words, an fnameescape() would fix this, but that might also escape too much. 🤷‍♂️

created time in 5 days

issue commentliferay/liferay-frontend-guidelines

Form validations for React components

This "The ultimate roundup of React form validation solutions" turned up in the latest edition of the React Status newsletter.

Haven't read it, just skimmed it, but it looks like a nice overivew. Formik is the first-mentioned library in it.

ambrinchaudhary

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

But it may not be so catastrophic as we think. Or at least not as catastrophic as it would be configuring all the JS files in react or angular as entry points.

Pick something like layout-content-page-editor-web and see if it scales:

src
└── main
    └── resources
        └── META-INF
            └── resources
                └── page_editor
                    ├── app
                    │   ├── actions
                    │   │   ├── addFragmentComposition.js
                    │   │   ├── addFragmentEntryLinkComment.js
                    │   │   ├── addFragmentEntryLinks.js
                    │   │   ├── addItem.js
                    │   │   ├── addMappedInfoItem.js
                    │   │   ├── addUsedWidgets.js
                    │   │   ├── deleteFragmentEntryLinkComment.js
                    │   │   ├── deleteItem.js
                    │   │   ├── deleteWidgets.js
                    │   │   ├── duplicateItem.js
                    │   │   ├── editFragmentEntryLinkComment.js
                    │   │   ├── index.js
                    │   │   ├── loadReducer.js
                    │   │   ├── moveItem.js
                    │   │   ├── switchSidebarPanel.js
                    │   │   ├── switchViewportSize.js
                    │   │   ├── togglePermission.js
                    │   │   ├── toggleShowResolvedComments.js
                    │   │   ├── types.js
                    │   │   ├── unloadReducer.js
                    │   │   ├── updateColSize.js
                    │   │   ├── updateEditableValues.js
                    │   │   ├── updateFragmentEntryLinkConfiguration.js
                    │   │   ├── updateFragmentEntryLinkContent.js
                    │   │   ├── updateItemConfig.js
                    │   │   ├── updateLanguageId.js
                    │   │   ├── updateLayoutData.js
                    │   │   ├── updateNetwork.js
                    │   │   └── updatePageContents.js
                    │   ├── components
                    │   │   ├── AllowedFragmentSelector.js
                    │   │   ├── AllowedFragmentTreeNode.js
                    │   │   ├── App.js
                    │   │   ├── CollectionItemContext.js
                    │   │   ├── Controls.js
                    │   │   ├── DisabledArea.js
                    │   │   ├── DragPreview.js
                    │   │   ├── ExperimentsLabel.js
                    │   │   ├── Frame.js
                    │   │   ├── Layout.js
                    │   │   ├── LayoutViewport.js
                    │   │   ├── ManageAllowedFragmentButton.js
                    │   │   ├── ManageAllowedFragmentModal.js
                    │   │   ├── MasterLayout.js
                    │   │   ├── NetworkStatusBar.js
                    │   │   ├── Sidebar.js
                    │   │   ├── Toolbar.js
                    │   │   ├── Topper.js
                    │   │   ├── TopperEmpty.js
                    │   │   ├── Translation.js
                    │   │   ├── UnsafeHTML.js
                    │   │   ├── ViewportSizeSelector.js
                    │   │   ├── floating-toolbar
                    │   │   │   ├── CollectionConfigurationPanel.js
                    │   │   │   ├── ContainerConfigurationPanel.js
                    │   │   │   ├── FloatingToolbar.js
                    │   │   │   ├── FragmentConfigurationPanel.js
                    │   │   │   ├── ImagePropertiesPanel.js
                    │   │   │   ├── LinkPanel.js
                    │   │   │   ├── MappingPanel.js
                    │   │   │   ├── RowConfigurationPanel.js
                    │   │   │   ├── SaveFragmentCompositionModal.js
                    │   │   │   └── SectionConfigurationPanel.js
                    │   │   ├── fragment-configuration-fields
                    │   │   │   ├── CheckboxField.js
                    │   │   │   ├── CollectionSelectorField.js
                    │   │   │   ├── ColorPaletteField.js
                    │   │   │   ├── ItemSelectorField.js
                    │   │   │   ├── SelectField.js
                    │   │   │   ├── TextField.js
                    │   │   │   └── index.js
                    │   │   ├── fragment-content
                    │   │   │   ├── EditableProcessorContext.js
                    │   │   │   ├── FragmentContent.js
                    │   │   │   ├── FragmentContentFloatingToolbar.js
                    │   │   │   ├── FragmentContentInteractionsFilter.js
                    │   │   │   ├── FragmentContentProcessor.js
                    │   │   │   ├── getAllEditables.js
                    │   │   │   ├── getEditableElement.js
                    │   │   │   ├── getEditableElementId.js
                    │   │   │   ├── getEditableUniqueId.js
                    │   │   │   ├── isMapped.js
                    │   │   │   └── resolveEditableValue.js
                    │   │   ├── layout-data-items
                    │   │   │   ├── Collection.js
                    │   │   │   ├── CollectionItemWithControls.js
                    │   │   │   ├── CollectionWithControls.js
                    │   │   │   ├── Column.js
                    │   │   │   ├── ColumnOverlayGrid.js
                    │   │   │   ├── ColumnWithControls.js
                    │   │   │   ├── Container.js
                    │   │   │   ├── ContainerWithControls.js
                    │   │   │   ├── DropZoneWithControls.js
                    │   │   │   ├── FragmentWithControls.js
                    │   │   │   ├── FragmentsEditorShim.js
                    │   │   │   ├── Root.js
                    │   │   │   ├── Row.js
                    │   │   │   ├── RowWithControls.js
                    │   │   │   ├── Section.js
                    │   │   │   ├── SectionWithControls.js
                    │   │   │   ├── hasDropZoneChild.js
                    │   │   │   └── index.js
                    │   │   └── undo
                    │   │       ├── Undo.js
                    │   │       ├── UndoHistory.js
                    │   │       ├── getActionLabel.js
                    │   │       ├── undoActions.js
                    │   │       ├── undoDelete.js
                    │   │       ├── undoDuplicateItem.js
                    │   │       ├── undoEditableValuesAction.js
                    │   │       ├── undoFragmentConfiguration.js
                    │   │       ├── undoFragmentEntryLinks.js
                    │   │       ├── undoLayoutDataAction.js
                    │   │       ├── undoSelectExperience.js
                    │   │       ├── undoUpdateLanguage.js
                    │   │       └── useUndo.js
                    │   ├── config
                    │   │   ├── constants
                    │   │   │   ├── backgroundImageFragmentEntryProcessor.js
                    │   │   │   ├── compatibleTypes.js
                    │   │   │   ├── editableFloatingToolbarButtons.js
                    │   │   │   ├── editableFloatingToolbarClassNames.js
                    │   │   │   ├── editableFragmentEntryProcessor.js
                    │   │   │   ├── editableTypes.js
                    │   │   │   ├── floatingToolbarConfigurations.js
                    │   │   │   ├── fragmentTypes.js
                    │   │   │   ├── freemarkerFragmentEntryProcessor.js
                    │   │   │   ├── highlightedCommentIdKey.js
                    │   │   │   ├── itemActivationOrigins.js
                    │   │   │   ├── itemTypes.js
                    │   │   │   ├── keycodes.js
                    │   │   │   ├── layoutDataFloatingToolbarButtons.js
                    │   │   │   ├── layoutDataItemTypeLabels.js
                    │   │   │   ├── layoutDataItemTypes.js
                    │   │   │   ├── moveItemDirections.js
                    │   │   │   ├── pageTypes.js
                    │   │   │   ├── serviceNetworkStatusTypes.js
                    │   │   │   ├── translationStatusType.js
                    │   │   │   └── viewportSizes.js
                    │   │   └── index.js
                    │   ├── index.js
                    │   ├── processors
                    │   │   ├── BackgroundImageProcessor.js
                    │   │   ├── FallbackProcessor.js
                    │   │   ├── HTMLProcessor.js
                    │   │   ├── ImageProcessor.js
                    │   │   ├── LinkProcessor.js
                    │   │   ├── RichTextProcessor.js
                    │   │   ├── TextProcessor.js
                    │   │   ├── getAlloyEditorProcessor.js
                    │   │   ├── getLinkableEditableEditorWrapper.js
                    │   │   └── index.js
                    │   ├── reducers
                    │   │   ├── baseReducer.js
                    │   │   ├── collectionsReducer.js
                    │   │   ├── fragmentEntryLinksReducer.js
                    │   │   ├── fragmentsReducer.js
                    │   │   ├── index.js
                    │   │   ├── languageIdReducer.js
                    │   │   ├── languageReducer.js
                    │   │   ├── layoutDataReducer.js
                    │   │   ├── mappedInfoItemsReducer.js
                    │   │   ├── networkReducer.js
                    │   │   ├── pageContentsReducer.js
                    │   │   ├── permissionsReducer.js
                    │   │   ├── selectedViewportSizeReducer.js
                    │   │   ├── showResolvedCommentsReducer.js
                    │   │   ├── sidebarReducer.js
                    │   │   ├── undoReducer.js
                    │   │   └── widgetsReducer.js
                    │   ├── selectors
                    │   │   ├── selectAvailablePanels.js
                    │   │   ├── selectAvailableSidebarPanels.js
                    │   │   ├── selectCanUpdate.js
                    │   │   ├── selectCanUpdateLayoutContent.js
                    │   │   ├── selectEditableValue.js
                    │   │   ├── selectEditableValueConfig.js
                    │   │   ├── selectEditableValueContent.js
                    │   │   └── selectSegmentsExperienceId.js
                    │   ├── services
                    │   │   ├── CollectionService.js
                    │   │   ├── ExperienceService.js
                    │   │   ├── FragmentService.js
                    │   │   ├── InfoItemService.js
                    │   │   ├── LayoutService.js
                    │   │   ├── WidgetService.js
                    │   │   └── serviceFetch.js
                    │   ├── store
                    │   │   └── index.js
                    │   ├── thunks
                    │   │   ├── addFragment.js
                    │   │   ├── addFragmentComment.js
                    │   │   ├── addFragmentComposition.js
                    │   │   ├── addItem.js
                    │   │   ├── addWidget.js
                    │   │   ├── deleteFragmentComment.js
                    │   │   ├── deleteItem.js
                    │   │   ├── duplicateItem.js
                    │   │   ├── editFragmentComment.js
                    │   │   ├── moveItem.js
                    │   │   ├── multipleUndo.js
                    │   │   ├── resizeColumns.js
                    │   │   ├── undo.js
                    │   │   ├── updateEditableValues.js
                    │   │   ├── updateFragmentConfiguration.js
                    │   │   ├── updateItemConfig.js
                    │   │   └── updateRowColumns.js
                    │   └── utils
                    │       ├── getLayoutDataItemLabel.js
                    │       ├── getResponsiveConfig.js
                    │       ├── getWidgetPath.js
                    │       ├── setWidgetUsage.js
                    │       ├── useDragAndDrop.js
                    │       ├── useId.js
                    │       └── useParseURL.js
                    ├── common
                    │   ├── components
                    │   │   ├── Button.js
                    │   │   ├── Collapse.js
                    │   │   ├── CollectionSelector.js
                    │   │   ├── ColorPalette.js
                    │   │   ├── Editor.js
                    │   │   ├── FormRow.js
                    │   │   ├── ImageSelector.js
                    │   │   ├── InlineConfirm.js
                    │   │   ├── InvisibleFieldset.js
                    │   │   ├── ItemSelector.js
                    │   │   ├── Loader.js
                    │   │   ├── MappingSelector.js
                    │   │   ├── SearchForm.js
                    │   │   ├── SidebarPanelContent.js
                    │   │   ├── SidebarPanelHeader.js
                    │   │   ├── Textarea.js
                    │   │   └── UserIcon.js
                    │   └── index.js
                    ├── core
                    │   ├── AppContext.js
                    │   ├── createDNDBackend.js
                    │   ├── debounceRAF.js
                    │   ├── hooks
                    │   │   ├── useLazy.js
                    │   │   ├── useLoad.js
                    │   │   ├── usePlugins.js
                    │   │   ├── useSetRef.js
                    │   │   ├── useStateSafe.js
                    │   │   └── useThunk.js
                    │   ├── openImageSelector.js
                    │   └── openInfoItemSelector.js
                    ├── plugins
                    │   ├── comments
                    │   │   ├── components
                    │   │   │   ├── AddCommentForm.js
                    │   │   │   ├── CommentForm.js
                    │   │   │   ├── CommentsSidebar.js
                    │   │   │   ├── EditCommentForm.js
                    │   │   │   ├── FragmentComment.js
                    │   │   │   ├── FragmentComments.js
                    │   │   │   ├── FragmentEntryLinksWithComments.js
                    │   │   │   ├── NoCommentsMessage.js
                    │   │   │   ├── NoCommentsMessageIcon.js
                    │   │   │   ├── ReplyCommentForm.js
                    │   │   │   ├── ResolveButton.js
                    │   │   │   └── ResolvedCommentsToggle.js
                    │   │   └── index.js
                    │   ├── contents
                    │   │   ├── components
                    │   │   │   ├── ContentsSidebar.js
                    │   │   │   ├── NoPageContents.js
                    │   │   │   ├── PageContent.js
                    │   │   │   └── PageContents.js
                    │   │   └── index.js
                    │   ├── experience
                    │   │   ├── actions
                    │   │   │   ├── createExperience.js
                    │   │   │   ├── deleteExperience.js
                    │   │   │   ├── selectExperience.js
                    │   │   │   ├── types.js
                    │   │   │   ├── updateExperience.js
                    │   │   │   └── updateExperiencePriority.js
                    │   │   ├── actions.js
                    │   │   ├── components
                    │   │   │   ├── ExperienceItem.js
                    │   │   │   ├── ExperienceModal.js
                    │   │   │   ├── ExperienceSelector.js
                    │   │   │   ├── ExperienceToolbarSection.js
                    │   │   │   ├── ExperiencesList.js
                    │   │   │   ├── ExperimentLabel.js
                    │   │   │   └── Popover.js
                    │   │   ├── index.js
                    │   │   ├── reducers
                    │   │   │   ├── createExperience.js
                    │   │   │   ├── deleteExperience.js
                    │   │   │   ├── index.js
                    │   │   │   ├── selectExperience.js
                    │   │   │   ├── updateExperience.js
                    │   │   │   ├── updateExperiencePriority.js
                    │   │   │   └── utils.js
                    │   │   ├── statuses.js
                    │   │   ├── thunks
                    │   │   │   ├── createExperience.js
                    │   │   │   ├── removeExperience.js
                    │   │   │   ├── selectExperience.js
                    │   │   │   ├── updateExperience.js
                    │   │   │   └── updateExperiencePriority.js
                    │   │   ├── types.js
                    │   │   └── utils.js
                    │   ├── fragments
                    │   │   ├── components
                    │   │   │   ├── CollectionDisplay.js
                    │   │   │   ├── FragmentCard.js
                    │   │   │   ├── FragmentsSidebar.js
                    │   │   │   └── LayoutElements.js
                    │   │   └── index.js
                    │   ├── mapping
                    │   │   ├── components
                    │   │   │   └── MappingSidebar.js
                    │   │   └── index.js
                    │   ├── page-structure
                    │   │   ├── components
                    │   │   │   ├── PageStructureSidebar.js
                    │   │   │   └── StructureTreeNode.js
                    │   │   └── index.js
                    │   └── widgets
                    │       ├── components
                    │       │   ├── Widget.js
                    │       │   └── WidgetsSidebar.js
                    │       └── index.js
                    └── prop-types
                        ├── BackgroundImagePropTypes.js
                        ├── ConfigurationFieldPropTypes.js
                        ├── LayoutDataPropTypes.js
                        ├── getEditableItemPropTypes.js
                        ├── getLayoutDataItemPropTypes.js
                        └── index.js

45 directories, 296 files
izaera

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

we could:

  1. forbid
  2. warn about so that the user configures them by hand

So to know whether that is feasible, we'd need to know how many of them there are (not the exact number; just an ballpark figure), and I would also want to think through the implications for people using the bundler outside of liferay-portal repo.

izaera

comment created time in 5 days

Pull request review commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

 const DEFAULT_RENDER_DATA = {  const TOAST_AUTO_CLOSE_INTERVAL = 5000; +const HTML_REGEX = /<[^>]*>|&[^;]+;/;++const SanitizeText = ({string}) => {

I still think you should inline UnsafeHTML — it is used in one place, and it renders a single element. It is a pointless layer of indirection.

ie. Text could (should!) be:

const Text = ({allowHTML, string}) => {
	if (allowHTML) {
		return <div dangerouslySetInnerHTML={{__html: string}} />;
	}

	return string;
};
wincent

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

My intuition is that it is infeasible, even without trying it. I only mention seeing what webpack does out of curiosity.

skeptical

This feels like it's running into conflict with the original design motivation for the Liferay bundler/loader, and why we even have one. We have one because we can't know ahead of time what is going to be needed for a particular page, so we don't have the luxury of preparing prepacked, optimal bundles for each route on a site. So, we made this thing (v2) that has a build-time part (preparing individual modules for deliver) and a run-time part (the server-side registry the module resolver endpoint, and the combo servlet) which allow us to effectively make and deliver bundles on the fly.

v3 evolves that model a little bit by making these prebuilt bundles using webpack in the name of speeding up the build. But, what we're talking about in this PR goes waaaaay beyond that. It's right back in the territory of "we don't know ahead of time what's needed", but this time the answer isn't "figure it out just-in-time"; it's "prepare a bundle for every possible eventuality" — and my gut says that we're going to run afoul of quadratic growth if we try this.

I would say we need to keep the thinking cap on for a little bit on this one. 😬

izaera

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

Depending on the connectivity of the graph, the level of redundancy in the bundles could be tremendous (at a glance, I'm thinking total size could grow quadratically, which with a big library could quickly become untenable).

izaera

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

Yeah, you'd have to try it and see what webpack does. Thinking about a small example graph:

A--B--C---*
 \     \   \
  D-----E---F
   \       /
    G-----*
     \
      H

Where A is the main entry point, we'd need "bundles" for each of A through H. What does "perfect" tree-shaking mean in this scenario? ("one bundle per entry point with only the needed subgraph; obviously with lots of duplication" doesn't really sound perfect to me at all.)

izaera

comment created time in 5 days

push eventwincent/wincent

Greg Hurrell

commit sha be7918333b6e6a218be59286f75f9ba3dad74033

feat(tampermonkey): use monospace font in GitHub text areas Note that despite the class name which contains "comment-form", this also gives us a fixed width font in PR and issue descriptions.

view details

push time in 5 days

Pull request review commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

 const DEFAULT_RENDER_DATA = {  const TOAST_AUTO_CLOSE_INTERVAL = 5000; +const HTML_REGEX = /<[^>]*>|&[^;]+;/;++const SanitizeText = ({string}) => {

Well it's basically like the UnsafeHTML component but with a conditional inside it; and the conditional is what makes it hard to name because any function that does "a or b" is hard to name (you wind up with names like ConditionalFoo).

Elsewhere in this pull I mentioned the idea of making this explicit/activated via a prop instead of trying to infer it. That would suggest a naming scheme like:

<Text allowHTML={true} string={message} />
wincent

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

I was hoping maybe we could configure webpack common chunks to deal with this...

I can't see how that would work then. Because if anything can be an entry point, then the entire dependency graph is probably reachable in multiple ways. There will be no leaf nodes, even, that could be packed into a common bundle, because any of those could be an entry point (and via induction, the same is true for any other module).

izaera

comment created time in 5 days

issue commentliferay/liferay-js-toolkit

Implement internal exports

create internal webpack bundles + entry points which require each js module inside the project and reexports it

Would these be "bundles" in the sense that they include their transitive dependencies? How would we avoid redundantly bundling the same dependencies over and over? And are you proposing autodetecting with modules should be entry points (due to internal usage), or just assuming that any module could be consumed internally?

izaera

comment created time in 5 days

pull request commentwincent/liferay-portal

LPS-113897 Use bundler 3 from two more projects

Forwarded here https://github.com/jbalsas/liferay-portal/pull/2182 because @jbalsas will be more likely to provide input and feedback on this one faster than I will. Closing this in the meantime in order to avoid duplication.

izaera

comment created time in 5 days

PR closed wincent/liferay-portal

LPS-113897 Use bundler 3 from two more projects ci:test - failure ci:test:bundle - success ci:test:sf - success

Tested running the portal, accessing the home page and assessing there are not console errors regarding the loader.

+176 -83

18 comments

12 changed files

izaera

pr closed time in 5 days

PR opened jbalsas/liferay-portal

LPS-113897 Use bundler 3 from two more projects

Forwarded from: https://github.com/wincent/liferay-portal/pull/301

See discussion over there, and note that there is a bundle there in case you want to see it in action. But as discussed in Slack, we have some test failures that appear to stem from the difficulty of getting the exports/imports configuration right by hand.

Don't think there is anything to immediately look at here because @izaera is going to iterate further, but wanting to park this here because you will probably get to it before I do, @jbalsas.

Original message follows.


Tested running the portal, accessing the home page and assessing there are not console errors regarding the loader.

+176 -83

0 comment

12 changed files

pr created time in 5 days

Pull request review commentwincent/liferay-portal

LPS-113897 Use bundler 3 from two more projects

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++const defaults = require('liferay-npm-bundler/lib/liferay-npm-bundler.config.js');++module.exports = {+	...defaults,+	exports: {+		classnames: 'classnames',+		formik: 'formik',+		prop_types: 'prop-types',+		react: 'react',+		react_dnd: 'react-dnd',+		react_dnd_dist_cjs_index: 'react-dnd/dist/cjs/index.js',+		react_dnd_html5_backend: 'react-dnd-html5-backend',+		react_dnd_html5_backend_dist_cjs_index:+			'react-dnd-html5-backend/dist/cjs/index.js',+		react_dom: 'react-dom',

Also I would like to get rid of the one of the two entries, since react_dnd and react_dnd_dist_cjs_index are the same, but I don't know if it is possible. I have to investigate it carefully.

I'm glad you mentioned that because I wasn't sure why they were both there and I forgot to ask.

All I know now is that it doesn't work without the two entries. My best guesses are that the module is imported from different paths or that the server side need the two modules, but I don't know for sure (yet).

Well that is super interesting... 😱 Having looked at react-dnd a bit for the Commerce folks, I do know that we only ever import it as 'react-dnd', but that internally it has some import statements that reach up and grab the ../index from inside itself (that's why I opened https://github.com/react-dnd/react-dnd/issues/2441 and why they refactored in https://github.com/react-dnd/react-dnd/pull/2491), and that the "main" field points at that CJS file. But yeah, no idea whether any of that helps explain why there are two entries.

izaera

comment created time in 5 days

Pull request review commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

 const DEFAULT_RENDER_DATA = {  const TOAST_AUTO_CLOSE_INTERVAL = 5000; +const HTML_REGEX = /<[^>]*>|&[^;]+;/;

This scares the 💩 out of me. I can see at least two bugs:

  1. It will identify <> as HTML (and <<<<>).
  2. It will identify "Lunch with Bob & Jane; don't forget to bring wine" as an HTML entity.

I think we should go with an explicit prop for when we want to render HTML as-is.

wincent

comment created time in 5 days

Pull request review commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

 const DEFAULT_RENDER_DATA = {  const TOAST_AUTO_CLOSE_INTERVAL = 5000; +const HTML_REGEX = /<[^>]*>|&[^;]+;/;++const SanitizeText = ({string}) => {

SanitizeText is a terrible name for something that passes through HTML unescaped. It almost does the exact opposite of sanitizing (sanitizing is the process of escaping characters that have special meaning in HTML so that the browser doesn't treat them as HTML).

wincent

comment created time in 5 days

Pull request review commentjbalsas/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

+/**+ * Copyright (c) 2000-present Liferay, Inc. All rights reserved.+ *+ * This library is free software; you can redistribute it and/or modify it under+ * the terms of the GNU Lesser General Public License as published by the Free+ * Software Foundation; either version 2.1 of the License, or (at your option)+ * any later version.+ *+ * This library is distributed in the hope that it will be useful, but WITHOUT+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS+ * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more+ * details.+ */++import React from 'react';++export default function UnsafeHTML({markup}) {+	return <div dangerouslySetInnerHTML={{__html: markup}} />;+}

This is used in exactly one place. There's no way I would create a separate module for this.

In this case, especially so, because rendering unescaped HTML is supposed to be inconvenient. You've made an abstraction here which serves only to hide the ugliness of dangerouslySetInnerHTML, but the ugliness is a feature.

wincent

comment created time in 5 days

PR closed wincent/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast` ci:test:bundle - success ci:test:relevant - failure ci:test:sf - success ci:test:stable - success

I replaced all occurrences of Liferay.Notice with openToast utility, since the "Notice" component opens a Toast.

Originally: https://github.com/diegonvs/liferay-portal/pull/28

+139 -220

11 comments

19 changed files

diegonvs

pr closed time in 5 days

pull request commentwincent/liferay-portal

LPS-113582 Deprecate `liferay-notice` AUI component and replaces all occurrences with `openToast`

Forwarded this to @jbalsas in https://github.com/jbalsas/liferay-portal/pull/2179 because I don't want you to be blocked waiting for feedback @diegonvs (he is likely to get to it quicker than I will today). Closing this one in the meantime to avoid open duplicates.

diegonvs

comment created time in 5 days

more