platformos-check 0.4.8 → 0.4.10

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 579d15b95d0e00e65eb562778f0870bc28698bfe2f6c97ca66e7ca81a18b855c
-  data.tar.gz: 2f6afe88f067cccc169d62a9744399b5b11294537dd8c7653ca9d5ed9165f1f3
+  metadata.gz: 269921738309c4cc1a1d7afef16318af6a75f050fad261530d008f53c464ce62
+  data.tar.gz: 0a3c1b2704f40a8244a4608ff6d9f26b0cb7757f7e93182e875edb55344c6fd9
 SHA512:
-  metadata.gz: 2fa86abf31229208eaff48e7f95b212977682bd560234d99d2fa9b3162a33ca7139b8faad2960152951295b056ef41b834e9faa756b0627f02a14034f6d4e468
-  data.tar.gz: 18fa38e2613faf4e31dfdf0a432e4fbe3a8ced0b18f8f194698bf73606affd770cf2589dadb852c26c19f5ec31146535e95e863d7c31ab9c8977feb67fa99a07
+  metadata.gz: 6de2d63705409c6b3d818f48799c5c65809c26304b64d675248c21a170562098af119d954c4d5ea77f0a09559c571e64ea10a8f3417fd406c7644999048e8916
+  data.tar.gz: bc35549e8dc86f7f924937a9abc7306dfb6629c05311e38b092219432b9984a855b5d1bbeda8e23503cbe903fbebeff2fb4e4538a012ec4a0dd2697a8bc6f183

data/CHANGELOG.md

@@ -1,3 +1,30 @@
+v0.4.10 / 2024-02-19
+==================
+
+  * Add documentLink for translations (both for `| t` and `| l` filters)
+  * Add TranslationKeyExists, TranslationFilesMatch offenses to warn about issues with missing translation or inconsistency between multiple language translation files
+
+v0.4.9 / 2024-01-10
+==================
+
+  * Skip FormAuthenticityToken check for GET forms
+  * Skip FormAuthenticityToken for action which is not relative path
+  * Fix FormAction to not report offenses on valid scenarios
+  * UnusedAssign will not automatically remove assign if it might change the business logic (which is a scenario when filters modifying objects are used)
+  * UnusedAssign will automatically rename result of background tag if variable not used
+  * Fix reporting UndefinedObject's missing argument offenses when the same partial is used multiple times (previously offenses where displayed only for the last render)
+  * Add autocorrector for UndefinedObject's missing argument error (explicitly provide null)
+  * Add autocorrector for ImgLazyLoading
+  * ConvertIncludeToRender will not report offense as autocorrect
+  * Improve inline GraphQL syntax check to raise error if result variable not provided
+  * Add autocorrector for UndefinedObject (Unused Argument offense) (FIXME: for N unused arguments in the same line it needs to be invoked N times)
+  * Add autocorrector for InvalidArgs - remove duplicates arguments
+  * Do not report ConvertIncludeToRender offenses for valid use cases (using `break` and using variable as a template name)
+  * Add IncludeInRender check
+  * Improve autocorrector for UndefinedObject's missing argument error - if variable is defined, it will be passed instead of hardcoding null
+  * Re-enable autocorrector for ConvertIncludeToRender
+  * Make UndefinedObject more clever - it will report undefined object if variable is used before declaration
+
 v0.4.8 / 2023-12-20
 ==================
 

data/README.md

@@ -8,29 +8,29 @@ PlatformOS Check is a tool that helps you follow platformOS recommendations & be
 
 PlatformOS Check currently checks for the following:
 
-✅ Liquid syntax errors
-✅ JSON syntax errors
-✅ Missing partials and graphqls
-✅ Unused `{% assign ... %}`
-✅ Unused partials
-✅ Template length
-✅ Deprecated tags
-✅ Unknown tags
-✅ Unknown filters
-✅ Missing or extra spaces inside `{% ... %}` and `{{ ... }}`
-✅ Using several `{% ... %}` instead of `{% liquid ... %}`
-✅ Undefined objects
-✅ Deprecated filters
-✅ Missing `platformos-check-enable` comment
-✅ Invalid arguments provided to `{% graphql %}` tags
+✅ Liquid syntax errors  
+✅ JSON syntax errors  
+✅ Missing partials and graphqls  
+✅ Unused variables (via `{% assign var = ... %}`, {% function var = ... %} etc.)  
+✅ Unused partials  
+✅ Template length  
+✅ Deprecated tags  
+✅ Unknown tags  
+✅ Unknown filters  
+✅ Missing or extra spaces inside `{% ... %}` and `{{ ... }}`  
+✅ Using several `{% ... %}` instead of `{% liquid ... %}`  
+✅ Undefined objects  
+✅ Deprecated filters  
+✅ Missing `platformos-check-enable` comment  
+✅ Invalid arguments provided to `{% graphql %}` tags  
+✅ Missing `authenticity_token` in `<form>`  
+✅ Unreachable code
 
 As well as checks that prevent easy to spot performance problems:
 
-✅ Use of [parser-blocking](/docs/checks/parser_blocking_javascript.md) JavaScript
-✅ [Use of non-platformOS domains for assets](/docs/checks/remote_asset.md)
+✅ [GraphQL in for loop](/docs/checks/graphql_in_for_loop.md)  
+✅ Use of [parser-blocking](/docs/checks/parser_blocking_javascript.md) JavaScript  
 ✅ [Missing width and height attributes on `img` tags](/docs/checks/img_width_and_height.md)
-✅ [Too much JavaScript](/docs/checks/asset_size_javascript.md)
-✅ [Too much CSS](/docs/checks/asset_size_css.md)
 
 For detailed descriptions and configuration options, [take a look at the complete list.](/docs/checks/)
 
@@ -52,12 +52,21 @@ With more to come! Suggestions welcome ([create an issue](https://github.com/Pla
 ### Install ruby and platform-check gem
 
 1. Download the latest version of Ruby - https://www.ruby-lang.org/en/documentation/installation/
+
+Verify that you've installed at least version 3.2:
+
+`ruby -v`
+
+⚠️ **Note:**  You might need to restart  the terminal after installing.
+⚠️ **Note:*** Please make sure you install ruby for your user, not the root
+
 2. Install platformos-check gem
 
 `gem install platformos-check`
 
 You can verify the installation was successful by invoking `platformos-check --version`. If you chose this method, use `platformos-check-language-server` as a path to your language server instead of `/Users/<username/platformos-check-language-server`
 
+⚠️ **Note:*** Please make sure you  install the gem for your user, not the root - i.e. without `sudo`
 
 ### Using Docker
 

data/config/default.yml

@@ -15,6 +15,10 @@ ConvertIncludeToRender:
   enabled: true
   ignore: []
 
+IncludeInRender:
+  enabled: true
+  ignore: []
+
 LiquidTag:
   enabled: true
   ignore: []
@@ -69,7 +73,6 @@ ValidYaml:
 UndefinedObject:
   enabled: true
   ignore: []
-  config_type: :default
 
 DeprecatedFilter:
   enabled: true
@@ -107,7 +110,16 @@ HtmlParsingError:
   enabled: true
   ignore: []
 
+TranslationKeyExists:
+  enabled: true
+  ignore: []
+
+TranslationFilesMatch:
+  enabled: true
+  ignore: []
+
 ParseJsonFormat:
   enabled: false
   start_level: 0
   indent: '  '
+

data/docs/checks/form_action.md

@@ -30,6 +30,12 @@ This check is aimed at ensuring you have not forgotten to start the path with /.
 </form>
 ```
 
+```liquid
+<form action="https://example.com/external">
+ ...
+</form>
+```
+
 ## Check Options
 
 The default configuration for this check is the following:

data/docs/checks/form_authenticity_token.md

@@ -3,7 +3,7 @@
 In platformOS all POST/PATCH/PUT/DELETE requests are protected from [CSRF Attacks][csrf-attack] through [authenticity_token][page-csrf]
 Form action defines the endpoint to which browser will make a request after submitting it.
 
-As a general rule you should include hidden input `<input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">` in every form. Missing it will result in session invalidation and any logged in user will be automatically logged out.
+As a general rule you should include hidden input `<input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">` in every form. Missing it will result in session invalidation and the logged in user will be automatically logged out.
 
 ## Check Details
 
@@ -12,18 +12,37 @@ This check is aimed at ensuring you have not forgotten to include authenticity_t
 :-1: Examples of **incorrect** code for this check:
 
 ```liquid
-<form action="dummy/create">
+<form action="/dummy/create" method="post">
 </form>
 ```
 
 :+1: Examples of **correct** code for this check:
 
+With token:
 ```liquid
-<form action="/dummy/create">
+<form action="/dummy/create" method="post">
   <input type="hidden" name="authenticity_token" value="{{ context.authenticity_token }}">
 </form>
 ```
 
+For GET request:
+```liquid
+<form action="/dummy/create">
+</form>
+```
+
+For external request:
+```liquid
+<form action="https://example.com/dummy/create" method="post">
+</form>
+```
+
+For parameterized request:
+```liquid
+<form action="{{ context.constants.MY_REQUEST_URL }}" method="post">
+</form>
+```
+
 ## Check Options
 
 The default configuration for this check is the following:

data/docs/checks/include_in_render.md

@@ -0,0 +1,62 @@
+# Reports usage of `include` tag inside `render` (`IncludeInRender`)
+
+Runtime error is used when `include` tag is used inside `render` tag.
+
+## Check Details
+
+This check is aimed at eliminating the use of `include` tags `render` tag.
+
+:-1: Examples of **incorrect** code for this check:
+
+```liquid
+{% liquid
+  # app/views/pages/index.liquid
+  render 'foo'
+%}
+```liquid
+{% liquid
+  # app/views/partials/foo.liquid
+  include 'bar'
+%}
+```
+
+:+1: Examples of **correct** code for this check:
+
+```liquid
+{% liquid
+  # app/views/pages/index.liquid
+  render 'foo'
+%}
+```liquid
+{% liquid
+  # app/views/partials/foo.liquid
+  render 'bar'
+%}
+```
+
+## Check Options
+
+The default configuration for this check is the following:
+
+```yaml
+IncludeInRender:
+  enabled: true
+```
+
+## When Not To Use It
+
+It is discouraged to disable this rule.
+
+## Version
+
+This check has been introduced in PlatformOS Check 0.4.9.
+
+## Resources
+
+- [Deprecated Tags Reference][deprecated]
+- [Rule Source][codesource]
+- [Documentation Source][docsource]
+
+[deprecated]: https://documentation.platformos.com/api-reference/liquid/include
+[codesource]: /lib/platformos_check/checks/convert_include_to_render.rb
+[docsource]: /docs/checks/convert_include_to_render.md

data/docs/checks/translation_files_match.md

@@ -0,0 +1,70 @@
+# Translation Files Match (`TranslationFilesMatch`)
+
+Checks if translation files for different language have the same keys.
+
+## Check Details
+
+This check is aimed at avoiding inconsistences between translation files to avoid errors hard to spot and make maintenance easier.
+
+:-1: Examples of **incorrect** code for this check:
+
+```yaml
+# app/translations/en/item.yml
+  en:
+    app:
+      item:
+        title: "Item"
+        description: "Description"
+
+# app/translations/de/item.yml
+  en:
+    app:
+      item:
+        description: "Beschreibung"
+```
+
+Missing "title" in de/item.yml
+
+:+1: Examples of **correct** code for this check:
+
+```yaml
+# app/translations/en/item.yml
+  en:
+    app:
+      item:
+        title: "Item"
+        description: "Description"
+
+# app/translations/de/item.yml
+  en:
+    app:
+      item:
+        title: "Artikel"
+        description: "Beschreibung"
+```
+
+## Check Options
+
+The default configuration for this check is the following:
+
+```yaml
+TranslationFilesMatch:
+  enabled: true
+```
+
+## When Not To Use It
+
+There should be no cases where disabling this rule is needed. For keys that are set via UI, and hence should not be part of the codebase,
+use proper configuration option in [app/config.yml](https://documentation.platformos.com/developer-guide/platformos-workflow/codebase/config)
+
+## Version
+
+This check has been introduced in PlatformOS Check 0.4.10.
+
+## Resources
+
+- [Rule Source][codesource]
+- [Documentation Source][docsource]
+
+[codesource]: /lib/platformos_check/checks/translation_files_match.rb
+[docsource]: /docs/checks/translation_files_match.md

data/docs/checks/translation_key_exists.md

@@ -0,0 +1,44 @@
+# Translation Key Exists (`TranslationKeyExists`)
+
+Checks if translation key is defined in the default language
+
+## Check Details
+
+This check is aimed at avoiding missing translation error.
+
+:-1: Examples of **incorrect** code for this check:
+
+```liquid
+{{ 'undefined.key' | t }}
+```
+
+:+1: Examples of **correct** code for this check:
+
+```liquid
+{{ 'defined.key' | t }}
+
+## Check Options
+
+The default configuration for this check is the following:
+
+```yaml
+TranslationKeyExists:
+  enabled: true
+```
+
+## When Not To Use It
+
+There should be no cases where disabling this rule is needed. For keys that are set via UI, and hence should not be part of the codebase,
+use proper configuration option in [app/config.yml](https://documentation.platformos.com/developer-guide/platformos-workflow/codebase/config)
+
+## Version
+
+This check has been introduced in PlatformOS Check 0.4.10.
+
+## Resources
+
+- [Rule Source][codesource]
+- [Documentation Source][docsource]
+
+[codesource]: /lib/platformos_check/checks/translation_key_exists.rb
+[docsource]: /docs/checks/translation_key_exists.md

data/lib/platformos_check/app.rb

@@ -39,6 +39,8 @@ module PlatformosCheck
       CONFIG_REGEX => ConfigFile
     }
 
+    DEFAULT_LANGUAGE = 'en'
+
     attr_reader :storage, :grouped_files
 
     def initialize(storage)
@@ -139,5 +141,16 @@ module PlatformosCheck
         all.find { |t| t.relative_path.to_s == name_or_relative_path }
       end
     end
+
+    def default_language
+      DEFAULT_LANGUAGE
+    end
+
+    def translations_hash
+      @translations_hash ||= translations.each_with_object({}) do |translation_file, hash|
+        hash.deep_merge!(translation_file.content)
+        hash
+      end
+    end
   end
 end

data/lib/platformos_check/app_file.rb

@@ -34,16 +34,19 @@ module PlatformosCheck
       n = remove_extension(relative_path.sub(dir_prefix, '')).to_s
       return n if module_name.nil?
 
-      prefix = "modules#{File::SEPARATOR}#{module_name}#{File::SEPARATOR}"
-      return n if n.start_with?(prefix)
+      return n if n.start_with?(module_prefix)
 
-      "#{prefix}#{n}"
+      "#{module_prefix}#{n}"
     end
 
     def dir_prefix
       nil
     end
 
+    def module_prefix
+      @module_prefix ||= "modules#{File::SEPARATOR}#{module_name}#{File::SEPARATOR}"
+    end
+
     def module_name
       @module_name ||= begin
         dir_names = @relative_path.split(File::SEPARATOR).reject(&:empty?)
@@ -85,6 +88,10 @@ module PlatformosCheck
       false
     end
 
+    def translation?
+      false
+    end
+
     def ==(other)
       other.is_a?(self.class) && relative_path == other.relative_path
     end

data/lib/platformos_check/checks/convert_include_to_render.rb

@@ -3,15 +3,54 @@
 module PlatformosCheck
   # Recommends replacing `include` for `render`
   class ConvertIncludeToRender < LiquidCheck
+    RENDER_INCOMPATIBLE_TAGS = %w[break include].freeze
+
     severity :suggestion
     category :liquid
     doc docs_url(__FILE__)
 
+    def initialize
+      @processed_files = {}
+    end
+
     def on_include(node)
+      return if allowed_usecase?(node)
+
       add_offense("`include` is deprecated - convert it to `render`", node:) do |corrector|
-        # We need to fix #445 and pass the variables from the context or don't replace at all.
-        # corrector.replace(node, "render \'#{node.value.template_name_expr}\' ")
+        match = node.markup.match(/(?<include>include\s*)/)
+        corrector.replace(node, node.markup.sub(match[:include], 'render '), node.start_index...node.end_index)
+      end
+    end
+
+    protected
+
+    def allowed_usecase?(node)
+      return true if name_is_variable?(node)
+      return true if include_node_contains_render_incompatible_tag?(root_node_from_include(node.value.template_name_expr))
+
+      false
+    end
+
+    def name_is_variable?(node)
+      !node.value.template_name_expr.is_a?(String)
+    end
+
+    def include_node_contains_render_incompatible_tag?(node)
+      return false if node.nil?
+
+      node.nodelist.any? do |n|
+        if RENDER_INCOMPATIBLE_TAGS.include?(n.respond_to?(:tag_name) && n.tag_name)
+          true
+        elsif n.respond_to?(:nodelist) && n.nodelist
+          include_node_contains_render_incompatible_tag?(n)
+        else
+          false
+        end
       end
     end
+
+    def root_node_from_include(path)
+      @platformos_app.grouped_files[PlatformosCheck::PartialFile][path]&.parse&.root
+    end
   end
 end

data/lib/platformos_check/checks/form_action.rb

@@ -6,11 +6,13 @@ module PlatformosCheck
     categories :html
     doc docs_url(__FILE__)
 
+    VALID_ACTION_START = ['/', '{%', '{{', '#', 'http'].freeze
+
     def on_form(node)
       action = node.attributes["action"]&.strip
       return if action.nil?
       return if action.empty?
-      return if action.start_with?('/', '{{')
+      return if action.start_with?(*VALID_ACTION_START)
 
       add_offense("Use action=\"/#{action}\" (start with /) to ensure the form can be submitted multiple times in case of validation errors", node:)
     end

data/lib/platformos_check/checks/form_authenticity_token.rb

@@ -9,6 +9,9 @@ module PlatformosCheck
     AUTHENTICITY_TOKEN_VALUE = /\A\s*{{\s*context\.authenticity_token\s*}}\s*\z/
 
     def on_form(node)
+      return if method_is_get(node.attributes['method'])
+      return unless action_is_relative_url(node.attributes['action'])
+
       authenticity_toke_inputs = node.children.select { |c| c.name == 'input' && c.attributes['name'] == 'authenticity_token' && c.attributes['value']&.match?(AUTHENTICITY_TOKEN_VALUE) }
       return if authenticity_toke_inputs.size == 1
       return add_offense('Duplicated authenticity_token inputs', node:) if authenticity_toke_inputs.size > 1
@@ -17,5 +20,22 @@ module PlatformosCheck
         corrector.insert_after(node, "\n<input type=\"hidden\" name=\"authenticity_token\" value=\"{{ context.authenticity_token }}\">")
       end
     end
+
+    protected
+
+    def method_is_get(method)
+      return true if method.nil?
+
+      method = method.downcase.strip
+      return true if method == ''
+
+      method == 'get'
+    end
+
+    def action_is_relative_url(action)
+      return true if action.nil?
+
+      action.lstrip[0] == '/'
+    end
   end
 end

data/lib/platformos_check/checks/img_lazy_loading.rb

@@ -6,13 +6,17 @@ module PlatformosCheck
     categories :html, :performance
     doc docs_url(__FILE__)
 
-    ACCEPTED_LOADING_VALUES = %w[lazy eager]
+    ACCEPTED_LOADING_VALUES = Set.new(%w[lazy eager]).freeze
+    LOADING_DEFAULT_ATTRIBUTE = ' loading="eager"'
 
     def on_img(node)
       loading = node.attributes["loading"]&.downcase
       return if ACCEPTED_LOADING_VALUES.include?(loading)
 
-      add_offense("Use loading=\"eager\" for images visible in the viewport on load and loading=\"lazy\" for others", node:)
+      add_offense("Use loading=\"eager\" for images visible in the viewport on load and loading=\"lazy\" for others", node:) do |corrector|
+        start_pos = node.start_index + node.markup.index('>')
+        corrector.insert_after(node, LOADING_DEFAULT_ATTRIBUTE, start_pos...start_pos)
+      end
     end
   end
 end

data/lib/platformos_check/checks/include_in_render.rb

@@ -0,0 +1,45 @@
+# frozen_string_literal: true
+
+module PlatformosCheck
+  # Recommends replacing `include` for `render`
+  class IncludeInRender < LiquidCheck
+    severity :error
+    category :liquid
+    doc docs_url(__FILE__)
+
+    def initialize
+      @processed_files = {}
+    end
+
+    def on_render(node)
+      path = node.value.template_name_expr
+      return unless include_tag_in_render?(root_node_for_render(path))
+
+      add_offense("`render` context does not allow to use `include`, either remove all includes from `#{app_file_for_path(path).relative_path}` or change `render` to `include`", node:)
+    end
+
+    protected
+
+    def include_tag_in_render?(node)
+      return false if node.nil?
+
+      node.nodelist.any? do |n|
+        if n.respond_to?(:tag_name) && n.tag_name == 'include'
+          true
+        elsif n.respond_to?(:nodelist) && n.nodelist
+          include_tag_in_render?(n)
+        else
+          false
+        end
+      end
+    end
+
+    def root_node_for_render(path)
+      app_file_for_path(path)&.parse&.root
+    end
+
+    def app_file_for_path(path)
+      @platformos_app.grouped_files[PlatformosCheck::PartialFile][path]
+    end
+  end
+end

data/lib/platformos_check/checks/invalid_args.rb

@@ -42,7 +42,10 @@ module PlatformosCheck
 
     def add_duplicated_key_offense(node)
       node.value.duplicated_attrs.each do |duplicated_arg|
-        add_offense("Duplicated argument `#{duplicated_arg}`", node:)
+        add_offense("Duplicated argument `#{duplicated_arg}`", node:) do |corrector|
+          match = node.markup.match(/(?<attribute>,?\s*#{duplicated_arg}\s*:\s*#{Liquid::QuotedFragment})\s*/)
+          corrector.replace(node, node.markup.sub(match[:attribute], ''), node.start_index...node.end_index)
+        end
       end
     end
   end