GNU bug report logs -
#60904
[PATCH 05/25] gnu: Add go-github-com-google-safehtml.
Previous Next
Reported by: Katherine Cox-Buday <cox.katherine.e <at> gmail.com>
Date: Wed, 18 Jan 2023 01:46:05 UTC
Severity: normal
Tags: patch
Merged with 60898,
60899,
60900,
60901,
60902,
60903,
60905,
60906,
60907,
60908,
60909,
60910,
60911,
60912,
60913,
60914,
60915,
60916,
60917,
60918,
60919,
60920,
60921,
60922
Done: Christopher Baines <mail <at> cbaines.net>
Bug is archived. No further changes may be made.
To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 60904 in the body.
You can then email your comments to 60904 AT debbugs.gnu.org in the normal way.
Toggle the display of automated, internal messages from the tracker.
Report forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Wed, 18 Jan 2023 01:46:06 GMT)
Full text and
rfc822 format available.
Acknowledgement sent
to
Katherine Cox-Buday <cox.katherine.e <at> gmail.com>:
New bug report received and forwarded. Copy sent to
guix-patches <at> gnu.org.
(Wed, 18 Jan 2023 01:46:06 GMT)
Full text and
rfc822 format available.
Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):
* gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
---
gnu/packages/golang.scm | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index 677d58d831..9f7a8160de 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
implementation.")
(license license:asl2.0)))
+(define-public go-github-com-google-safehtml
+ (package
+ (name "go-github-com-google-safehtml")
+ (version "0.1.0")
+ (source (origin
+ (method git-fetch)
+ (uri (git-reference
+ (url "https://github.com/google/safehtml")
+ (commit (string-append "v" version))))
+ (file-name (git-file-name name version))
+ (sha256
+ (base32
+ "0j2xjy8xrk9y9k6bqpvimj84i6hg1wwsyvwsb0axhmp49cmnrp86"))))
+ (build-system go-build-system)
+ (arguments
+ '(#:import-path "github.com/google/safehtml"))
+ (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
+ (home-page "https://github.com/google/safehtml")
+ (synopsis "Safe HTML for Go")
+ (description
+ "Package safehtml provides immutable string-like types which represent values
+that are guaranteed to be safe, by construction or by escaping or sanitization,
+to use in various HTML contexts and with various DOM APIs.")
+ (license license:bsd-3)))
+
(define-public go-github-com-google-shlex
(package
(name "go-github-com-google-shlex")
--
2.38.1
Information forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Mon, 06 Feb 2023 22:06:01 GMT)
Full text and
rfc822 format available.
Message #22 received at 60904 <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
* gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
> --- a/gnu/packages/golang.scm
> +++ b/gnu/packages/golang.scm
> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
> + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
Please use new-style inputs.
> + (synopsis "Safe HTML for Go")
(synopsis "Go type for storing HTML data")
> + (description
> + "Package safehtml provides immutable string-like types which represent values
> +that are guaranteed to be safe, by construction or by escaping or sanitization,
> +to use in various HTML contexts and with various DOM APIs.")
(description
"This package provides a Go library for storing HTML data as an immutable string-like
value.")
-- (
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Tue, 07 Feb 2023 16:42:02 GMT)
Full text and
rfc822 format available.
Message #25 received at submit <at> debbugs.gnu.org (full text, mbox):
"( via Guix-patches" via <guix-patches <at> gnu.org> writes:
> * gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
>
>> --- a/gnu/packages/golang.scm
>> +++ b/gnu/packages/golang.scm
>
>> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
>
>> + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
>
> Please use new-style inputs.
Ugh, +1, and sorry I missed this. I don't know why the importer doesn't
do this by default yet. I suppose that's another patch that needs to
happen.
I also don't know why `guix style` and `guix lint` didn't catch this.
>> + (synopsis "Safe HTML for Go")
>
> (synopsis "Go type for storing HTML data")
(see other response, wondering if we should take upstream synopses or
not)
>> + (description
>> + "Package safehtml provides immutable string-like types which represent values
>> +that are guaranteed to be safe, by construction or by escaping or sanitization,
>> +to use in various HTML contexts and with various DOM APIs.")
>
> (description
> "This package provides a Go library for storing HTML data as an immutable string-like
> value.")
I disagree with this suggestion: the extra context about construction or
escaping takes me from "why would I want to store HTML data in a
struct", to, "oh this is a way to preclude passing around invalid/unsafe
HTML around".
--
Katherine
Information forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Tue, 07 Feb 2023 16:42:02 GMT)
Full text and
rfc822 format available.
Information forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Tue, 07 Feb 2023 17:46:02 GMT)
Full text and
rfc822 format available.
Message #31 received at submit <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Tue Feb 7, 2023 at 4:41 PM GMT, Katherine Cox-Buday wrote:
> >> + (description
> >> + "Package safehtml provides immutable string-like types which represent values
> >> +that are guaranteed to be safe, by construction or by escaping or sanitization,
> >> +to use in various HTML contexts and with various DOM APIs.")
> >
> > (description
> > "This package provides a Go library for storing HTML data as an immutable string-like
> > value.")
>
> I disagree with this suggestion: the extra context about construction or
> escaping takes me from "why would I want to store HTML data in a
> struct", to, "oh this is a way to preclude passing around invalid/unsafe
> HTML around".
That's true. There's no problem with incorporating it, but many upstream descriptions
are a bit too focused on the internals for guix IMO. So I tried to construct a
description that got the point across without being too detailed; I probably went
too far. (Also, I know it's a Go convention, but I personally think we should
remove the "package <name> is ..." phrasing where possible.)
How about this instead:
(description
"This package provides a Go library for storing HTML data as an immutable string-like
value that is guaranteed to be safe to use in various HTML- and DOM-related contexts.")
-- (
[signature.asc (application/pgp-signature, inline)]
Information forwarded
to
guix-patches <at> gnu.org:
bug#60904; Package
guix-patches.
(Tue, 07 Feb 2023 17:46:02 GMT)
Full text and
rfc822 format available.
bug archived.
Request was from
Debbugs Internal Request <help-debbugs <at> gnu.org>
to
internal_control <at> debbugs.gnu.org.
(Wed, 08 Mar 2023 12:24:04 GMT)
Full text and
rfc822 format available.
This bug report was last modified 1 year and 42 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.