feat: make pagefind the new default search engine #96
Conversation
![semgrep-code-juliacomputing-new[bot]](https://avatars.githubusercontent.com/u/10258468?s=60&v=4){kind=small}
src/search/flexsearch.jl
Outdated
| @@ -1,5 +1,6 @@ | |||
| module FlexSearch | |||
| import Gumbo, JSON, AbstractTrees, NodeJS | |||
| import Gumbo, JSON, AbstractTrees | |||
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Loading an entire module instead of only the necessary identifiers might clutter the namespace unnecessarily.
To resolve this comment:
✨ Commit Assistant fix suggestion
| import Gumbo, JSON, AbstractTrees | |
| import Gumbo: parsehtml | |
| import JSON: parse | |
| import AbstractTrees: children |
View step-by-step instructions
- Update the import statement to only import the specific functions, types, or identifiers you need from each module. For example, replace
import Gumbo, JSON, AbstractTreeswith something likeimport Gumbo: parsehtml, JSON: parse, AbstractTrees: children, depending on what you use in this file. - Scan the current file and note down which functions or types are referenced from Gumbo, JSON, or AbstractTrees.
- Replace each module in the import statement with only the identifiers you actually use, using the syntax
import Module: identifier1, identifier2. - Save the updated import line and remove the general
import Moduleform.
This helps keep the namespace clean and makes it clear which parts of each module your code depends on.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022405) to ignore the finding created by unspecific-using-or-import.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022405) in the Semgrep AppSec Platform.
| pushfirst!(custom_scripts, joinpath("pagefind", "pagefind.js")) | ||
| pushfirst!( | ||
| custom_scripts, | ||
| Docs.HTML("window.MULTIDOCUMENTER_ROOT_PATH = '$(rootpath)'"), |
There was a problem hiding this comment.
Semgrep identified an issue, but thinks it may be safe to ignore.
Keyword arguments should be preceded by a semicolon.
Why this might be safe to ignore:
The code is simply passing a string containing an '=' and is not misusing keyword arguments. The semgrep rule's regex incorrectly matches the string literal content, so there's no meaningful code quality issue here.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022408) to ignore the finding created by semicolon-before-keyword-arguments.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022408) in the Semgrep AppSec Platform.
src/search/pagefind.jl
Outdated
| function build_search_index(root, docs, config, rootpath) | ||
| if !success(Cmd(`$(npx) pagefind -V`; dir=root)) | ||
| @info "Installing pagefind into $root." | ||
| if !success(Cmd(`$(npm) install pagefind`; dir=root)) |
There was a problem hiding this comment.
Semgrep identified an issue, but thinks it may be safe to ignore.
Detected execution of OS commands.
Executing untrusted programs might result in a command injection vulnerability.
While Julia avoids some pitfalls around quoting and shemetacharacters,
when possible, you should use libraries with safe wrappers instead.
Why this might be safe to ignore:
This finding is detecting OS command execution that is part of an internal dependency management/build routine without untrusted input, so it is not currently introducing a command injection risk.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022410) to ignore the finding created by cmd-execution.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022410) in the Semgrep AppSec Platform.
There was a problem hiding this comment.
Please leave a comment to ignore this finding, for example:
/ar this is an acceptable risk because it's low business impact
| Docs.HTML("window.MULTIDOCUMENTER_ROOT_PATH = '$(rootpath)'"), | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue, but thinks it may be safe to ignore.
Avoid unnecessary whitespace padding inside brackets.
Why this might be safe to ignore:
The Semgrep rule was intended to catch extra whitespace padding inside parentheses, but in this context the code does not exhibit unnecessary whitespace inside the brackets as described in the rule's examples. Hence, fixing this false positive would not meaningfully improve the code.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022409) to ignore the finding created by no-whitespace-padding.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186022409) in the Semgrep AppSec Platform.
| function inject_styles_and_global_navigation( | ||
| dir, | ||
| docs::Vector, | ||
| brand_image, | ||
| custom_stylesheets, | ||
| custom_scripts, | ||
| search_engine, | ||
| prettyurls, | ||
| rootpath, | ||
| ) | ||
| dir, | ||
| docs::Vector, | ||
| brand_image, | ||
| custom_stylesheets, | ||
| custom_scripts, | ||
| search_engine, | ||
| prettyurls, | ||
| rootpath, | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Functions signatures that span multiple lines should indent each parameter line by one level.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054885) to ignore the finding created by indent-multiline-signature-params.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054885) in the Semgrep AppSec Platform.
| function make_global_nav( | ||
| dir, | ||
| docs::Vector, | ||
| thispagepath, | ||
| brand_image, | ||
| search_engine, | ||
| prettyurls, | ||
| ) | ||
| dir, | ||
| docs::Vector, | ||
| thispagepath, | ||
| brand_image, | ||
| search_engine, | ||
| prettyurls, | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Functions signatures that span multiple lines should indent each parameter line by one level.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054886) to ignore the finding created by indent-multiline-signature-params.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054886) in the Semgrep AppSec Platform.
| function make( | ||
| outdir, | ||
| docs::Vector; | ||
| assets_dir = nothing, | ||
| brand_image::Union{Nothing,BrandImage} = nothing, | ||
| custom_stylesheets = [], | ||
| custom_scripts = [], | ||
| search_engine = DEFAULT_ENGINE, | ||
| prettyurls = true, | ||
| rootpath = "/", | ||
| hide_previews = true, | ||
| canonical_domain::Union{AbstractString,Nothing} = nothing, | ||
| sitemap::Bool = false, | ||
| sitemap_filename::AbstractString = "sitemap.xml", | ||
| # This keyword is for internal test use only: | ||
| _override_windows_isinteractive_check::Bool = false, | ||
| ) | ||
| outdir, | ||
| docs::Vector; | ||
| assets_dir = nothing, | ||
| brand_image::Union{Nothing, BrandImage} = nothing, | ||
| custom_stylesheets = [], | ||
| custom_scripts = [], | ||
| search_engine = DEFAULT_ENGINE, | ||
| prettyurls = true, | ||
| rootpath = "/", | ||
| hide_previews = true, | ||
| canonical_domain::Union{AbstractString, Nothing} = nothing, | ||
| sitemap::Bool = false, | ||
| sitemap_filename::AbstractString = "sitemap.xml", | ||
| # This keyword is for internal test use only: | ||
| _override_windows_isinteractive_check::Bool = false, | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Functions signatures that span multiple lines should indent each parameter line by one level.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054888) to ignore the finding created by indent-multiline-signature-params.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054888) in the Semgrep AppSec Platform.
| function update_canonical_links_for_version( | ||
| docs_directory::AbstractString; | ||
| canonical::AbstractString, | ||
| ) | ||
| docs_directory::AbstractString; | ||
| canonical::AbstractString, | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Functions signatures that span multiple lines should indent each parameter line by one level.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054884) to ignore the finding created by indent-multiline-signature-params.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054884) in the Semgrep AppSec Platform.
| Gumbo.hasattr(el, "id") && ( | ||
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | ||
| Gumbo.tag(el) == :a && | ||
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Avoid unnecessary whitespace padding inside brackets.
To resolve this comment:
✨ Commit Assistant fix suggestion
| Gumbo.hasattr(el, "id") && ( | |
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | |
| Gumbo.tag(el) == :a && | |
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | |
| Gumbo.hasattr(el, "id") && ( | |
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | |
| Gumbo.tag(el) == :a && | |
| Gumbo.hasattr(el, "href") && | |
| Gumbo.getattr(el, "class", "") == "docstring-binding" | |
| ) | |
| ) |
View step-by-step instructions
-
Remove any unnecessary whitespace immediately after opening parentheses
(and before closing parentheses)in your code to comply with the rule. -
For the code snippet provided, change:
Gumbo.hasattr(el, "id") && ( Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( Gumbo.tag(el) == :a && Gumbo.hasattr(el, "href") && Gumbo.getattr(el, "class", "") == "docstring-binding" ) )to:
Gumbo.hasattr(el, "id") && ( Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( Gumbo.tag(el) == :a && Gumbo.hasattr(el, "href") && Gumbo.getattr(el, "class", "") == "docstring-binding" ) )Ensure that there are no leading or trailing spaces directly inside the parentheses for all function calls and expressions.
-
Check the remaining code for other places where there is whitespace padding directly inside parentheses and remove them. For example, change
( 1, 2 )to(1, 2)and( value )to(value )or(value)as needed.
Whitespace inside brackets does not impact execution but can cause style and linting errors.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054857) to ignore the finding created by no-whitespace-padding.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054857) in the Semgrep AppSec Platform.
| $(versions_js_content)""" | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue, but thinks it may be safe to ignore.
Avoid unnecessary whitespace padding inside brackets.
Why this might be safe to ignore:
The matched code is inside a multi-line string/argument where the extra whitespace is part of formatting rather than a logic error. The Semgrep rule's intent is to catch unnecessary padding in simple bracket use, and this instance does not warrant a fix.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054858) to ignore the finding created by no-whitespace-padding.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054858) in the Semgrep AppSec Platform.
| $(versions_js_content)""" | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue, but thinks it may be safe to ignore.
Avoid unnecessary whitespace padding inside brackets.
Why this might be safe to ignore:
The matched code is part of string interpolation and formatting in a multi-line error message, so the extra whitespace is intentional and does not impact code quality. The regex match was a false positive.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054859) to ignore the finding created by no-whitespace-padding.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054859) in the Semgrep AppSec Platform.
| Gumbo.hasattr(el, "id") && ( | ||
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | ||
| Gumbo.tag(el) == :a && | ||
| Gumbo.tag(el) in (:h1, :h2, :h3, :h4, :h5, :h6, :h7, :h8) || ( | ||
| Gumbo.tag(el) == :a && | ||
| Gumbo.hasattr(el, "href") && | ||
| Gumbo.getattr(el, "class", "") == "docstring-binding" | ||
| ) | ||
| ) | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Always include a trailing comma when working with arrays, tuples or
functions arguments that span multiple lines. This allows future edits to
easily move around or add additional elements.
The trailing comma shouldn't be written when the collection is in a single line.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054883) to ignore the finding created by trailing-comma.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054883) in the Semgrep AppSec Platform.
| function make_output_structure( | ||
| docs::Vector{DropdownComponent}, | ||
| prettyurls, | ||
| hide_previews; | ||
| canonical::Union{AbstractString,Nothing}, | ||
| ) | ||
| docs::Vector{DropdownComponent}, | ||
| prettyurls, | ||
| hide_previews; | ||
| canonical::Union{AbstractString, Nothing}, | ||
| ) |
There was a problem hiding this comment.
Semgrep identified an issue in your code:
Functions signatures that span multiple lines should indent each parameter line by one level.
To resolve this comment:
🔧 No guidance has been designated for this issue. Fix according to your organization's approved methods.
💬 Ignore this finding
Reply with Semgrep commands to ignore this finding.
/fp <comment>for false positive/ar <comment>for acceptable risk/other <comment>for all other reasons
Alternatively, triage in [Semgrep AppSec Platform](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054887) to ignore the finding created by indent-multiline-signature-params.
You can view more details about [this finding](https://semgrep.dev/orgs/JuliaHub, Inc/findings/186054887) in the Semgrep AppSec Platform.
|
Semgrep found 22
When using the |
Fixes #17. Fixes #73.