[PATCH 05/25] gnu: Add go-github-com-google-safehtml.

  • Done
  • quality assurance status badge
Details
3 participants
  • Katherine Cox-Buday
  • Tobias Geerinckx-Rice
  • (
Owner
unassigned
Submitted by
Katherine Cox-Buday
Severity
normal
Merged with
K
K
Katherine Cox-Buday wrote on 18 Jan 2023 02:44
(address . guix-patches@gnu.org)(name . Katherine Cox-Buday)(address . cox.katherine.e@gmail.com)
20230118014510.19320-6-cox.katherine.e@gmail.com
* gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)

Toggle diff (38 lines)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 677d58d831..9f7a8160de 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
implementation.")
(license license:asl2.0)))
+(define-public go-github-com-google-safehtml
+ (package
+ (name "go-github-com-google-safehtml")
+ (version "0.1.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/google/safehtml")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0j2xjy8xrk9y9k6bqpvimj84i6hg1wwsyvwsb0axhmp49cmnrp86"))))
+ (build-system go-build-system)
+ (arguments
+ '(#:import-path "github.com/google/safehtml"))
+ (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
+ (home-page "https://github.com/google/safehtml")
+ (synopsis "Safe HTML for Go")
+ (description
+ "Package safehtml provides immutable string-like types which represent values
+that are guaranteed to be safe, by construction or by escaping or sanitization,
+to use in various HTML contexts and with various DOM APIs.")
+ (license license:bsd-3)))
+
(define-public go-github-com-google-shlex
(package
(name "go-github-com-google-shlex")
--
2.38.1
T
T
Tobias Geerinckx-Rice wrote on 18 Jan 2023 11:56
(no subject)
(address . control@debbugs.gnu.org)
542e82bcc0f385c117ba662c7dcf1dbf@tobias.gr
merge 60898 60899 60900 60901 60902
merge 60898 60903 60904 60905 60906
merge 60898 60907 60908 60909 60910
merge 60898 60911 60912 60913 60914
merge 60898 60915 60916 60917 60918
merge 60898 60919 60920
T
T
Tobias Geerinckx-Rice wrote on 18 Jan 2023 12:43
(address . control@debbugs.gnu.org)
37de5823441633151229c783f2acfca3@tobias.gr
merge 60898 60921 60922
thanks

Weird: I got ‘Unknown command or malformed arguments to command.’ for
this obviously correct line.

Let's try again.
K
K
Katherine Cox-Buday wrote on 18 Jan 2023 18:07
Merging erroneously opened bugs
(address . control@debbugs.gnu.org)
87zgafrct9.fsf@gmail.com
merge 60899 60904 60907 60908 60917 60920 60921 60919 60910 60903 60915 60914 60922 60909 60918 60913 60900 60899 60905 60901 60912 60898 60906 60902 60916 60911
--
Katherine
(
(
( wrote on 6 Feb 2023 23:04
Re: [bug#60904] [PATCH 05/25] gnu: Add go-github-com-google-safehtml.
CQBTJTRMRG5R.20060XG920YPB@guix-framework
* gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.

Toggle quote (7 lines)
> --- a/gnu/packages/golang.scm
> +++ b/gnu/packages/golang.scm

> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet

> + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))

Please use new-style inputs.

Toggle quote (2 lines)
> + (synopsis "Safe HTML for Go")

(synopsis "Go type for storing HTML data")

Toggle quote (5 lines)
> + (description
> + "Package safehtml provides immutable string-like types which represent values
> +that are guaranteed to be safe, by construction or by escaping or sanitization,
> +to use in various HTML contexts and with various DOM APIs.")

(description
"This package provides a Go library for storing HTML data as an immutable string-like
value.")

-- (
-----BEGIN PGP SIGNATURE-----

iQGzBAABCgAdFiEE6Vh10NblKE5doNlW7ImHg/nqI20FAmPheYMACgkQ7ImHg/nq
I23ZvQv/TU73KJQzjUeRCuWlMLHeft/P8ZRO1V6ydaUxovN5ipavilaDgxNWBmi6
S9x45ffNI/K4euRw6vpsaWCpZB18CwClBihkJUgsIR9sM3u2DTYDH6A2Tmkmeay2
ov4AaeL4277uvLkDEPxEO7BO0vuBKqBb9HacnPfHL91B16QPx6aOzFUD2QyYEhV7
7VntiRffHeFGxqw5NNAV0rZTCMV1txEWBofPhmp1PgEnj7rBiVWmbVudxE5LIRiz
P7iTkSH7Wt3o0vn3ogs7jupxQMuxP5NwmWmvlx/LGPM0GHawZm9T4jCLe8sbm+tj
h7YI0OPgmfQd+ZVyYF0MhEgC/Eqk8plOSa9dFMGG/UgHge5WsgOInk+o6aevVvsU
M+By+EvD2+TRQf9kqU9ds2Ea2GzZcHSXy83zb9w7hpOQNcRIXLTeHGT0Llr7oG1i
vEDe/hLm0uMgqPBhuZYs7JavySOuXSjAvD8Zsjp//gLhB9yJ0wsA9b9xwXqscxCf
dsjzOTFm
=T5VN
-----END PGP SIGNATURE-----


K
K
Katherine Cox-Buday wrote on 7 Feb 2023 17:41
(name . ( via Guix-patches via)(address . guix-patches@gnu.org)
87r0v1xwbf.fsf@gmail.com
"( via Guix-patches" via <guix-patches@gnu.org> writes:

Toggle quote (11 lines)
> * gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
>
>> --- a/gnu/packages/golang.scm
>> +++ b/gnu/packages/golang.scm
>
>> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
>
>> + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
>
> Please use new-style inputs.

Ugh, +1, and sorry I missed this. I don't know why the importer doesn't
do this by default yet. I suppose that's another patch that needs to
happen.

I also don't know why `guix style` and `guix lint` didn't catch this.

Toggle quote (4 lines)
>> + (synopsis "Safe HTML for Go")
>
> (synopsis "Go type for storing HTML data")

(see other response, wondering if we should take upstream synopses or
not)

Toggle quote (9 lines)
>> + (description
>> + "Package safehtml provides immutable string-like types which represent values
>> +that are guaranteed to be safe, by construction or by escaping or sanitization,
>> +to use in various HTML contexts and with various DOM APIs.")
>
> (description
> "This package provides a Go library for storing HTML data as an immutable string-like
> value.")

I disagree with this suggestion: the extra context about construction or
escaping takes me from "why would I want to store HTML data in a
struct", to, "oh this is a way to preclude passing around invalid/unsafe
HTML around".

--
Katherine
(
(
( wrote on 7 Feb 2023 18:45
(address . 60904@debbugs.gnu.org)
CQCINMAS43DZ.15T4QOTKZ1MGN@guix-framework
On Tue Feb 7, 2023 at 4:41 PM GMT, Katherine Cox-Buday wrote:
Toggle quote (14 lines)
> >> + (description
> >> + "Package safehtml provides immutable string-like types which represent values
> >> +that are guaranteed to be safe, by construction or by escaping or sanitization,
> >> +to use in various HTML contexts and with various DOM APIs.")
> >
> > (description
> > "This package provides a Go library for storing HTML data as an immutable string-like
> > value.")
>
> I disagree with this suggestion: the extra context about construction or
> escaping takes me from "why would I want to store HTML data in a
> struct", to, "oh this is a way to preclude passing around invalid/unsafe
> HTML around".

That's true. There's no problem with incorporating it, but many upstream descriptions
are a bit too focused on the internals for guix IMO. So I tried to construct a
description that got the point across without being too detailed; I probably went
too far. (Also, I know it's a Go convention, but I personally think we should
remove the "package <name> is ..." phrasing where possible.)

How about this instead:

(description
"This package provides a Go library for storing HTML data as an immutable string-like
value that is guaranteed to be safe to use in various HTML- and DOM-related contexts.")

-- (
-----BEGIN PGP SIGNATURE-----

iQGzBAABCgAdFiEE6Vh10NblKE5doNlW7ImHg/nqI20FAmPijiwACgkQ7ImHg/nq
I230igwArlIweRk9pePamip+V3DNQgiSPL+9VIxurkHTeEOiq8NP34UZ9N6TMwmv
9qhSutMoeaJcZ9cMc71xiVuKS1mjaUG5YKVNuzMbojX3N9hcTW26D1v9NXI4MKGv
JofrWYtZ9EmqQxwq5jPqEzOcYBpH+YCRtNomMOQHED3vqYdspyXOT5uGP/U0Sr1v
tbGxcLzoNxUUueyoFtQGY/mfaT9N5CMWnDYyG9GeFs+Zy4weA7Ou2wSDR7h+G9L8
IN92KR0fLA3/1M5Seoa9Z9AMJMKXo/ewBYX6ml+zr4Po5a7nSUa0mvZV+DNKah4/
N2224+8s5mJwJM/rr8Td5wVGXsGwU6MldzQuDnezGtvoleuRDVw3OkUPj5+MtmZ4
ATTlkhtb3iemjA3znnLLxVsB9R+gEtjTqgKhUonUkSeY7R1k6whtzcn8upfC8AdO
23dPz9xRSnDcDYoFtT7Vu6LfLIk2dOS70d3AtCpVomsQGKpqEEt97yVQATdaDfU7
RtNasDES
=bZJA
-----END PGP SIGNATURE-----


?