ember-template-lint
Advanced tools
ember-template-lint - npm Package Compare versions
Comparing version 0.5.15 to 0.5.16
@@ -12,4 +12,6 @@ 'use strict'; | ||
| 'nested-interactive': require('./lint-nested-interactive'), | ||
| 'inline-link-to': require('./lint-inline-link-to'), | ||
| 'deprecated-each-syntax': require('./deprecations/lint-deprecated-each-syntax'), | ||
| 'invalid-interactive': require('./lint-invalid-interactive') | ||
| 'invalid-interactive': require('./lint-invalid-interactive'), | ||
| 'style-concatenation': require('./lint-style-concatenation') | ||
| }; |
@@ -68,3 +68,3 @@ 'use strict'; | ||
| case 'TextNode': | ||
| return relAttribute.value.chars === 'noopener'; | ||
| return relAttribute.value.chars.indexOf('noopener') !== -1; | ||
| default: | ||
@@ -71,0 +71,0 @@ return false; |
| { | ||
| "name": "ember-template-lint", | ||
| "version": "0.5.15", | ||
| "version": "0.5.16", | ||
| "description": "Lint your templates.", | ||
@@ -26,3 +26,3 @@ "scripts": { | ||
| "loader.js": "^4.0.1", | ||
| "mocha": "^2.4.5", | ||
| "mocha": "^3.0.0", | ||
| "mocha-eslint": "^2.0.2", | ||
@@ -29,0 +29,0 @@ "mocha-only-detector": "^0.1.0", |
@@ -28,2 +28,23 @@ # ember-template-lint | ||
| ## Usage | ||
| Run templates through the linter's `verify` method like so: | ||
| ```js | ||
| var TemplateLinter = require('ember-template-lint'); | ||
| var linter = new TemplateLinter(); | ||
| var template = fs.readFileSync('some/path/to/template.hbs', { encoding: 'utf8' }); | ||
| var results = linter.verify(template); | ||
| ``` | ||
| `results` will be an array of objects which have the following properties: | ||
| * `rule` - The name of the rule that triggered this warning/error. | ||
| * `message` - The message that should be output. | ||
| * `line` - The line on which the error occurred. | ||
| * `column` - The column on which the error occurred. | ||
| * `moduleId` - The module path for the file containing the error. | ||
| * `source` - The source that caused the error. | ||
| * `fix` - An object describing how to fix the error. | ||
| ## Configuration | ||
@@ -300,2 +321,48 @@ | ||
| #### inline-link-to | ||
| Ember's `link-to` component has both an inline form and a block form. This rule forbids the inline form. | ||
| Forbidden (inline form): | ||
| ```hbs | ||
| {{link-to 'Link text' 'routeName' prop1 prop2}} | ||
| ``` | ||
| Allowed (block form): | ||
| ```hbs | ||
| {{#link-to 'routeName' prop1 prop2}}Link text{{/link-to}} | ||
| ``` | ||
| The block form is a little longer but has advantages over the inline form: | ||
| * It maps closer to the use of HTML anchor tags which wrap their inner content. | ||
| * It provides an obvious way for developers to put nested markup and components inside of their link. | ||
| * The block form's argument order is more direct: "link to route". The inline form's argument order is somewhat ambiguous (link text then link target). This is opposite of the order in HTML (`href` then link text). | ||
| This rule is configured with one boolean value: | ||
| * boolean -- `true` for enabled / `false` for disabled | ||
| #### style-concatentation | ||
| Ember has a runtime warning that says "Binding style attributes may introduce cross-site scripting vulnerabilities." It can only be avoided by always marking the bound value with `Ember.String.htmlSafe`. While we can't detect statically if you're always providing a safe string, we can detect cases common where it's impossible that you're doing so. For example, | ||
| ```hbs | ||
| <div style="background-style: url({{url}})"> | ||
| ``` | ||
| is never safe because the implied string concatentation does not propagate `htmlSafe`. Any use of quotes is therefore forbidden. This is forbidden: | ||
| ```hbs | ||
| <div style="{{make-background url}}"> | ||
| ``` | ||
| whereas this is allowed: | ||
| ```hbs | ||
| <div style={{make-background url}}> | ||
| ``` | ||
| ### Deprecations | ||
@@ -311,3 +378,3 @@ | ||
| ```hbs | ||
| {{{#each post in posts}}} | ||
| {{#each post in posts}} | ||
| <li>{{post.name}}</li> | ||
@@ -314,0 +381,0 @@ {{/each}} |
@@ -13,3 +13,4 @@ 'use strict'; | ||
| '<a href="/some/where" target="_self"></a>', | ||
| '<a href="/some/where" target="_blank" rel="noopener"></a>' | ||
| '<a href="/some/where" target="_blank" rel="noopener"></a>', | ||
| '<a href="/some/where" target="_blank" rel="noopener noreferrer"></a>' | ||
| ], | ||
@@ -16,0 +17,0 @@ |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by4.64%
133828
- Number of package files
- increased by7.14%
60
- Lines of code
- increased by3.26%
3670
- Number of lines in readme file
- increased by19.65%
408
No dependency changes