govspeak 6.5.9 → 6.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 948aced50c3d3842255ea4206a651229de59b2beef42e0c50e55e204354d9b5f
-  data.tar.gz: cc55abe4b54b112a3aa1cb350a94270b11b9f0c11a5ca71479f55bb0efbf657d
+  metadata.gz: 3b07175e22a88ddf687631c2a157d00f9649efc118ab3e535d95cbda00918d43
+  data.tar.gz: 430f7d18852c8fdd549812c0260b118108292f34f2767902217c9d57a80d1f8b
 SHA512:
-  metadata.gz: 1e0c1b0d6ca1fe4999e4135536328ecdc60bd34f368d986a808cee6de687f58198a080c19beffd47df6d80130edd2010eb1a09ccd840ea8adb9375c0b747e533
-  data.tar.gz: e47aeeabecc4ffccff7342d1a1ad2e1ddd6cd8aabf5850f740fa3bf5ecdd9395bbded84222d55a5c8998748d7491a649793c550ab49564cd098486623684b275
+  metadata.gz: 0fd6c1d0b6e8a416fdeb6d7aba99868dfb8e9ccf80191666dc771dcdf56a9bf396297569759c172608c31daf7bf75a891914e98713fc0e99b8458220b3dd7934
+  data.tar.gz: 8a04ab8364ea6ac989b4a1549ce8c4f152ad57988144183f7db00b5b256fce4b5823d79ac611a4078f75ccee5bd1d42f5a81344140979d2066916c2693a35dc4

data/CHANGELOG.md

@@ -1,3 +1,26 @@
+## Unreleased
+
+## 6.7.1
+
+* Update failing test [212](https://github.com/alphagov/govspeak/pull/212)
+* Fix stats headline HTML semantics [213](https://github.com/alphagov/govspeak/pull/213)
+
+## 6.7.0
+
+* Update heading & docs [#206](https://github.com/alphagov/govspeak/pull/206)
+
+## 6.6.0
+
+* Allow passed elements to be relaxed from sanitization [#203](https://github.com/alphagov/govspeak/pull/203)
+
+## 6.5.11
+
+* Fix issue rendering $CTA blocks before $C (PR#202)
+
+## 6.5.10
+
+* Be optimistic in versions of govuk_publishing_components and i18n allowed (PR#200)
+
 ## 6.5.9
 
 * Adjust footnote markup to accommodate multiple references (PR#198)

data/README.md

@@ -18,6 +18,23 @@ then create a new document
     doc = Govspeak::Document.new "^Test^"
     puts doc.to_html
 
+## Changes appearing across GOV.UK
+
+Some additional steps or considerations are needed to ensure changes to govspeak cascade across GOV.UK in a holistic way.
+
+Once govspeak has been updated and version incremented then: 
+- [`govuk_publishing_components` govspeak](https://components.publishing.service.gov.uk/component-guide/govspeak) will also need updating to reflect your most recent change.
+- [Publishing apps](https://docs.publishing.service.gov.uk/apps.html) (including but not limited to [content-publisher](https://github.com/alphagov/content-publisher) & [whitehall](https://github.com/alphagov/whitehall)) also use govspeak, these apps will need to be released with the new govspeak version present.
+
+Also, consider if:
+- [whitehall](https://github.com/alphagov/whitehall) needs updating (as custom govspeak changes are present)
+- [govuk-content-schema](https://github.com/alphagov/govuk-content-schemas) needs updating
+- [govpspeak-preview](https://github.com/alphagov/govspeak-preview) is worth updating
+
+Any pages that use govspeak to generate Content will need to *republished* in order for the new changes to be reflected.  
+
+- Data Labs can help identify which pages need updating by [submitting a request](https://gov-uk.atlassian.net/wiki/spaces/GOVUK/pages/1860075525/GOV.UK+Data+Labs#Submitting-a-data-science-request) and [#govuk-2ndline](https://docs.publishing.service.gov.uk/manual/2nd-line.html) can help with republishing
+  
 # Extensions
 
 In addition to the [standard Markdown syntax](http://daringfireball.net/projects/markdown/syntax "Markdown syntax"), we have added our own extensions.
@@ -65,7 +82,7 @@ creates an example box
 
 ## Highlights
 
-### Advisory
+### Advisory (DEPRECATED: marked for removal. Use 'Information callouts' instead.)
 
     @This is a very important message or warning@
 
@@ -77,7 +94,7 @@ highlights the enclosed text in yellow
 </h3>
 ```
 
-### Answer
+### Answer (DEPRECATED: marked for removal)
 
     {::highlight-answer}
     The VAT rate is *20%*
@@ -106,9 +123,9 @@ Statistic headlines highlight important numbers in content. Displays a statistic
 Creates the following:
 
 ```html
-<aside class="stat-headline">
+<div class="stat-headline">
   <p><em>13.8bn</em> years since the big bang</p>
-</aside>
+</div>
 ```
 
 ## Points of Contact
@@ -598,8 +615,8 @@ will output
 ```html
 <div id="contact_123" class="contact">
   <div class="content">
-    <h3>Government Digital Service</h3>
     <div class="vcard contact-inner">
+      <p>Government Digital Service</p>
       <div class="email-url-number">
         <p class="email">
           <span class="type">Email</span>
@@ -676,4 +693,4 @@ which outputs
   Start Now
   <svg class="govuk-button__start-icon" xmlns="http://www.w3.org/2000/svg" width="17.5" height="19" viewBox="0 0 33 40" role="presentation" focusable="false"><path fill="currentColor" d="M0 0h13l20 20-20 20H0l20-20z"></path></svg>
 </a>
-```
+```

data/lib/govspeak.rb

@@ -53,6 +53,7 @@ module Govspeak
       @source = source ? source.dup : ""
 
       @images = options.delete(:images) || []
+      @allowed_elements = options.delete(:allowed_elements) || []
       @attachments = Array.wrap(options.delete(:attachments))
       @links = Array.wrap(options.delete(:links))
       @contacts = Array.wrap(options.delete(:contacts))
@@ -66,7 +67,7 @@ module Govspeak
     def to_html
       @to_html ||= begin
                      html = if @options[:sanitize]
-                              HtmlSanitizer.new(kramdown_doc.to_html).sanitize
+                              HtmlSanitizer.new(kramdown_doc.to_html).sanitize(allowed_elements: @allowed_elements)
                             else
                               kramdown_doc.to_html
                             end
@@ -184,8 +185,8 @@ module Govspeak
     end
 
     extension("stat-headline", %r${stat-headline}(.*?){/stat-headline}$m) do |body|
-      %(\n\n<aside class="stat-headline">
-#{Govspeak::Document.new(body.strip).to_html}</aside>\n)
+      %(\n\n<div class="stat-headline">
+#{Govspeak::Document.new(body.strip).to_html}</div>\n)
     end
 
     # FIXME: these surrounded_by arguments look dodgy
@@ -272,6 +273,10 @@ module Govspeak
       lines.join
     end
 
+    # More specific tags must be defined first. Those defined earlier have a
+    # higher precedence for being matched. For example $CTA must be defined
+    # before $C otherwise the first ($C)TA fill be matched to a contact tag.
+    wrap_with_div("call-to-action", "$CTA", Govspeak::Document)
     wrap_with_div("summary", "$!")
     wrap_with_div("form-download", "$D")
     wrap_with_div("contact", "$C")
@@ -279,7 +284,6 @@ module Govspeak
     wrap_with_div("information", "$I", Govspeak::Document)
     wrap_with_div("additional-information", "$AI")
     wrap_with_div("example", "$E", Govspeak::Document)
-    wrap_with_div("call-to-action", "$CTA", Govspeak::Document)
 
     extension("address", surrounded_by("$A")) do |body|
       %(\n<div class="address"><div class="adr org fn"><p>\n#{body.sub("\n", '').gsub("\n", '<br />')}\n</p></div></div>\n)

data/lib/govspeak/html_sanitizer.rb

@@ -40,18 +40,19 @@ class Govspeak::HtmlSanitizer
     @allowed_image_hosts = options[:allowed_image_hosts]
   end
 
-  def sanitize
+  def sanitize(allowed_elements: [])
     transformers = [TableCellTextAlignWhitelister.new]
     if @allowed_image_hosts && @allowed_image_hosts.any?
       transformers << ImageSourceWhitelister.new(@allowed_image_hosts)
     end
-    Sanitize.clean(@dirty_html, Sanitize::Config.merge(sanitize_config, transformers: transformers))
+
+    Sanitize.clean(@dirty_html, Sanitize::Config.merge(sanitize_config(allowed_elements: allowed_elements), transformers: transformers))
   end
 
-  def sanitize_config
+  def sanitize_config(allowed_elements: [])
     Sanitize::Config.merge(
       Sanitize::Config::RELAXED,
-      elements: Sanitize::Config::RELAXED[:elements] + %w[govspeak-embed-attachment govspeak-embed-attachment-link svg path],
+      elements: Sanitize::Config::RELAXED[:elements] + %w[govspeak-embed-attachment govspeak-embed-attachment-link svg path].concat(allowed_elements),
       attributes: {
         :all => Sanitize::Config::RELAXED[:attributes][:all] + %w[role aria-label],
         "a" => Sanitize::Config::RELAXED[:attributes]["a"] + [:data],

data/lib/govspeak/version.rb

@@ -1,3 +1,3 @@
 module Govspeak
-  VERSION = "6.5.9".freeze
+  VERSION = "6.7.1".freeze
 end

data/lib/templates/contact.html.erb

@@ -4,8 +4,8 @@
 %>
 <div id="contact_<%= contact.content_id %>" class="<%= ['contact', extra_class].flatten.join(' ') %>">
   <div class="content">
-    <h3><%= contact.title %></h3>
     <div class="vcard contact-inner">
+    <p><%= contact.title %></p>
     <% contact.post_addresses.each do |address| %>
       <%= Govspeak::HCardPresenter.new(address).render %>
     <% end %>

data/test/govspeak_contacts_test.rb

@@ -62,8 +62,8 @@ class GovspeakContactsTest < Minitest::Test
     expected_html_output = %(
       <div id="contact_4f3383e4-48a2-4461-a41d-f85ea8b89ba0" class="contact postal-address">
         <div class="content">
-          <h3>Government Digital Service</h3>
           <div class="vcard contact-inner">
+            <p>Government Digital Service</p>
             <p class="adr">
               <span class="street-address">125 Kingsway</span><br>
               <span class="locality">Holborn</span><br>
@@ -106,8 +106,8 @@ class GovspeakContactsTest < Minitest::Test
     expected_html_output = %(
       <div id="contact_4f3383e4-48a2-4461-a41d-f85ea8b89ba0" class="contact">
         <div class="content">
-          <h3>Government Digital Service</h3>
           <div class="vcard contact-inner">
+            <p>Government Digital Service</p>
             <div class="email-url-number">
               <p class="email">
                 <span class="type">Email</span>

data/test/govspeak_footnote_test.rb

@@ -20,13 +20,13 @@ class GovspeakFootnoteTest < Minitest::Test
     [^3]: And then they both point here." do
     assert_html_output(
       %(
-      <p>Footnotes can be added<sup id="fnref:1" role="doc-noteref"><a href="#fn:1" class="footnote">[footnote 1]</a></sup>.</p>
+      <p>Footnotes can be added<sup id="fnref:1" role="doc-noteref"><a href="#fn:1" class="footnote" rel="footnote">[footnote 1]</a></sup>.</p>
 
-      <p>Footnotes can be added too<sup id="fnref:2" role="doc-noteref"><a href="#fn:2" class="footnote">[footnote 2]</a></sup>.</p>
+      <p>Footnotes can be added too<sup id="fnref:2" role="doc-noteref"><a href="#fn:2" class="footnote" rel="footnote">[footnote 2]</a></sup>.</p>
 
-      <p>This footnote has a reference number<sup id="fnref:3" role="doc-noteref"><a href="#fn:3" class="footnote">[footnote 3]</a></sup>.</p>
+      <p>This footnote has a reference number<sup id="fnref:3" role="doc-noteref"><a href="#fn:3" class="footnote" rel="footnote">[footnote 3]</a></sup>.</p>
 
-      <p>And this footnote has the same reference number<sup id="fnref:3:1" role="doc-noteref"><a href="#fn:3" class="footnote">[footnote 3]</a></sup>.</p>
+      <p>And this footnote has the same reference number<sup id="fnref:3:1" role="doc-noteref"><a href="#fn:3" class="footnote" rel="footnote">[footnote 3]</a></sup>.</p>
 
       <div class="footnotes" role="doc-endnotes">
         <ol>

data/test/govspeak_test.rb

@@ -30,7 +30,7 @@ class GovspeakTest < Minitest::Test
 
   test "stat-headline block extension" do
     rendered = Govspeak::Document.new("this \n{stat-headline}*13.8bn* Age of the universe in years{/stat-headline}").to_html
-    assert_equal %(<p>this</p>\n\n<aside class="stat-headline">\n<p><em>13.8bn</em> Age of the universe in years</p>\n</aside>\n), rendered
+    assert_equal %(<p>this</p>\n\n<div class="stat-headline">\n<p><em>13.8bn</em> Age of the universe in years</p>\n</div>\n), rendered
   end
 
   test "extracts headers with text, level and generated id" do
@@ -440,6 +440,25 @@ Teston
       </div>)
   end
 
+  test_given_govspeak "
+    $CTA
+    Click here to start the tool
+    $CTA
+
+    $C
+    Here is some text
+    $C
+    " do
+    assert_html_output %(
+      <div class="call-to-action">
+      <p>Click here to start the tool</p>
+      </div>
+
+      <div class="contact">
+      <p>Here is some text</p>
+      </div>)
+  end
+
   test_given_govspeak "
     [internal link](http://www.not-external.com)
 
@@ -647,6 +666,11 @@ Teston
     assert_equal "<script>doGoodThings();</script>", document.to_html.strip
   end
 
+  test "it can exclude stipulated elements from sanitization" do
+    document = Govspeak::Document.new("<uncommon-element>some content</uncommon-element>", allowed_elements: %w[uncommon-element])
+    assert_equal "<uncommon-element>some content</uncommon-element>", document.to_html.strip
+  end
+
   test "identifies a Govspeak document containing malicious HTML as invalid" do
     document = Govspeak::Document.new("<script>doBadThings();</script>")
     refute document.valid?

data/test/html_sanitizer_test.rb

@@ -96,4 +96,10 @@ class HtmlSanitizerTest < Minitest::Test
       assert_equal "<table><thead><tr><th>thing</th></tr></thead><tbody><tr><td>thing</td></tr></tbody></table>", Govspeak::HtmlSanitizer.new(html).sanitize
     end
   end
+
+  test "excludes specified elements from sanitization" do
+    html = "<custom-allowed-element><p>text</p></custom-allowed-element>"
+    assert_equal "<p>text</p>", Govspeak::HtmlSanitizer.new(html).sanitize
+    assert_equal html, Govspeak::HtmlSanitizer.new(html).sanitize(allowed_elements: %w[custom-allowed-element])
+  end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: govspeak
 version: !ruby/object:Gem::Version
-  version: 6.5.9
+  version: 6.7.1
 platform: ruby
 authors:
 - GOV.UK Dev
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-11-09 00:00:00.000000000 Z
+date: 2021-05-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: actionview
@@ -56,20 +56,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '23.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '23.4'
+        version: '23'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: '23.0'
-    - - "<"
-      - !ruby/object:Gem::Version
-        version: '23.4'
+        version: '23'
 - !ruby/object:Gem::Dependency
   name: htmlentities
   requirement: !ruby/object:Gem::Requirement
@@ -88,14 +82,14 @@ dependencies:
   name: i18n
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.7'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
         version: '0.7'
 - !ruby/object:Gem::Dependency
@@ -180,14 +174,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.1
+        version: '5.14'
   type: :development
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: 5.14.1
+        version: '5.14'
 - !ruby/object:Gem::Dependency
   name: pry-byebug
   requirement: !ruby/object:Gem::Requirement