Refrain from using terms such as blacklist and whitelist in the codebase #7147
Comments
|
Hi @abenettt, totally agreed and thanks for pointing these out! I did a quick check:
> rg -i blacklist
app/assets/javascripts/base.js.erb:60: function isBlacklisted(elem) {
app/assets/javascripts/base.js.erb:84: || isBlacklisted(a)this can be easily changed, yay!
> rg -i whitelist
config/routes.rb:18: use Rack::Protection, origin_whitelist: ["https://dev.to"] # resolve Rack Protection HttpOrigin
app/uploaders/base_uploader.rb:12: def extension_whitelist
app/uploaders/badge_uploader.rb:2: def extension_whitelist
spec/uploaders/profile_image_uploader_spec.rb:53: expect(uploader.extension_whitelist).to eq(%w[jpg jpeg jpe gif png ico bmp dng])
spec/uploaders/article_image_uploader_spec.rb:44: expect(uploader.extension_whitelist).to eq(%w[jpg jpeg jpe gif png ico bmp dng])
spec/uploaders/cover_image_uploader_spec.rb:35: expect(uploader.extension_whitelist).to eq(%w[jpg jpeg jpe gif png ico bmp dng])
spec/uploaders/badge_uploader_spec.rb:35: expect(uploader.extension_whitelist).to eq(%w[jpg jpeg gif png])
config/locales/en.yml:36: extension_whitelist_error: 'must be one of the following extensions: .jpg, .jpeg, .jpe, .gif, .png, .ico, .bmp, .dng, or .svg'
config/environments/test.rb:68: Bullet.add_whitelist(type: :unused_eager_loading, class_name: "ApiSecret", association: :user)
config/environments/test.rb:70: Bullet.add_whitelist(type: :n_plus_one_query, class_name: "ActsAsTaggableOn::Tagging", association: :tag)
config/environments/development.rb:126: Bullet.add_whitelist(type: :unused_eager_loading, class_name: "ApiSecret", association: :user)
config/environments/development.rb:128: Bullet.add_whitelist(type: :n_plus_one_query, class_name: "ActsAsTaggableOn::Tagging", association: :tag)
config/initializers/doorkeeper.rb:262: # Any redirect URI is whitelisted by default.
config/initializers/docker.rb:6: logger.info "Whitelisting #{host_ip} for BetterErrors and Web Console"
config/initializers/docker.rb:12: Rails.application.config.web_console.whitelisted_ips << host_ip
app/assets/javascripts/lib/xss.js:9:var getDefaultCSSWhiteList = require('cssfilter').getDefaultWhiteList;
... plus a bunch more in app/assets/javascripts/lib/xss.jsSome of these can't be unfortunately changed as they come from external gems or libraries, like We'll check if there are quick wins in there! Thanks again |
|
I agree with this. @rhymes had done a prior sweep for this term but it made its way back in because we didn't really enforce this in follow-up code additions since. I propose we also codify this in our docs and contribution guidelines in general so that we stick to it. I think we've done a good job of restricting some of the more heinous terms, but haven't specifically addressed this as a principle for contribution. |
|
Whipped up a doc update to make this expectation more explicit. I didn't include any specific example language because I felt like that might be triggering or distasteful but happy to adjust the language as needed if anyone has thoughts. This is in addition to the code refactoring to remove blacklist from code. |
|
I'm currently working on a PR to fix this, waiting for another PR to merge so I can do a single cleanup |
Describe the bug
In some parts of the codebase some fields can still be found that use the term
blacklistorwhitelist, DEV is a very open and diverse community and I think the codebase should reflect that.To Reproduce
Expected behavior
Screenshots
Desktop (please complete the following information):
Smartphone (please complete the following information):
Additional context
I wrote this using the bug template as I don't think this should be a feature and also because I do not think that this meant discriminatory by any means by any of the DEV staff or community.
The text was updated successfully, but these errors were encountered: