Message ID | 20230118014510.19320-6-cox.katherine.e@gmail.com |
---|---|
State | New |
Headers | show |
Series | gnu: golang: Add gopls | expand |
* gnu/packages/golang.scm (go-github-com-google-safehtml): New variable. > --- a/gnu/packages/golang.scm > +++ b/gnu/packages/golang.scm > @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet > + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text))) Please use new-style inputs. > + (synopsis "Safe HTML for Go") (synopsis "Go type for storing HTML data") > + (description > + "Package safehtml provides immutable string-like types which represent values > +that are guaranteed to be safe, by construction or by escaping or sanitization, > +to use in various HTML contexts and with various DOM APIs.") (description "This package provides a Go library for storing HTML data as an immutable string-like value.") -- (
"( via Guix-patches" via <guix-patches@gnu.org> writes: > * gnu/packages/golang.scm (go-github-com-google-safehtml): New variable. > >> --- a/gnu/packages/golang.scm >> +++ b/gnu/packages/golang.scm > >> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet > >> + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text))) > > Please use new-style inputs. Ugh, +1, and sorry I missed this. I don't know why the importer doesn't do this by default yet. I suppose that's another patch that needs to happen. I also don't know why `guix style` and `guix lint` didn't catch this. >> + (synopsis "Safe HTML for Go") > > (synopsis "Go type for storing HTML data") (see other response, wondering if we should take upstream synopses or not) >> + (description >> + "Package safehtml provides immutable string-like types which represent values >> +that are guaranteed to be safe, by construction or by escaping or sanitization, >> +to use in various HTML contexts and with various DOM APIs.") > > (description > "This package provides a Go library for storing HTML data as an immutable string-like > value.") I disagree with this suggestion: the extra context about construction or escaping takes me from "why would I want to store HTML data in a struct", to, "oh this is a way to preclude passing around invalid/unsafe HTML around".
On Tue Feb 7, 2023 at 4:41 PM GMT, Katherine Cox-Buday wrote: > >> + (description > >> + "Package safehtml provides immutable string-like types which represent values > >> +that are guaranteed to be safe, by construction or by escaping or sanitization, > >> +to use in various HTML contexts and with various DOM APIs.") > > > > (description > > "This package provides a Go library for storing HTML data as an immutable string-like > > value.") > > I disagree with this suggestion: the extra context about construction or > escaping takes me from "why would I want to store HTML data in a > struct", to, "oh this is a way to preclude passing around invalid/unsafe > HTML around". That's true. There's no problem with incorporating it, but many upstream descriptions are a bit too focused on the internals for guix IMO. So I tried to construct a description that got the point across without being too detailed; I probably went too far. (Also, I know it's a Go convention, but I personally think we should remove the "package <name> is ..." phrasing where possible.) How about this instead: (description "This package provides a Go library for storing HTML data as an immutable string-like value that is guaranteed to be safe to use in various HTML- and DOM-related contexts.") -- (
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index 677d58d831..9f7a8160de 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet implementation.") (license license:asl2.0))) +(define-public go-github-com-google-safehtml + (package + (name "go-github-com-google-safehtml") + (version "0.1.0") + (source (origin + (method git-fetch) + (uri (git-reference + (url "https://github.com/google/safehtml") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "0j2xjy8xrk9y9k6bqpvimj84i6hg1wwsyvwsb0axhmp49cmnrp86")))) + (build-system go-build-system) + (arguments + '(#:import-path "github.com/google/safehtml")) + (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text))) + (home-page "https://github.com/google/safehtml") + (synopsis "Safe HTML for Go") + (description + "Package safehtml provides immutable string-like types which represent values +that are guaranteed to be safe, by construction or by escaping or sanitization, +to use in various HTML contexts and with various DOM APIs.") + (license license:bsd-3))) + (define-public go-github-com-google-shlex (package (name "go-github-com-google-shlex")