-
Notifications
You must be signed in to change notification settings - Fork 2.4k
[PE-193] feat: flat lists (ordered and unordered) #6316
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: preview
Are you sure you want to change the base?
Conversation
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the WalkthroughThe pull request introduces a comprehensive enhancement to the list functionality in the Plane editor. It adds a new flat list extension with advanced features like indentation, dedenting, splitting, and various list types (bullet, ordered, task, and toggle). The changes span multiple files, introducing new commands, utilities, and plugins to manage list interactions more effectively. The implementation focuses on improving the user experience by providing more intuitive list management and better handling of list-related operations. Changes
Sequence DiagramsequenceDiagram
participant User
participant Editor
participant ListExtension
participant ListCommands
User->>Editor: Interact with list
Editor->>ListExtension: Detect list interaction
ListExtension->>ListCommands: Trigger appropriate command
alt Indent List
ListCommands->>Editor: Increase list item depth
else Dedent List
ListCommands->>Editor: Decrease list item depth
else Toggle List Type
ListCommands->>Editor: Change list type
else Split List
ListCommands->>Editor: Split current list item
end
ListExtension->>Editor: Update document state
Poem
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
Pull Request Linked with Plane Issues
Comment Automatically Generated by Plane |
…ipboard into core extensions
|
||
// Reconstruct the element with processed children | ||
const clone = element.cloneNode(false) as HTMLElement; | ||
clone.innerHTML = childResults; |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
DOM text
DOM text
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix
AI 14 days ago
To fix the issue, we need to ensure that any DOM text reinterpreted as HTML is properly escaped to prevent XSS. The best approach is to escape meta-characters in childResults
before assigning it to clone.innerHTML
. This can be achieved using a utility function that encodes special HTML characters (<
, >
, &
, "
, '
) into their corresponding HTML entities. This ensures that the text content is treated as plain text rather than executable HTML.
Steps to implement the fix:
- Add a utility function
escapeHTML
to encode special HTML characters. - Use
escapeHTML
to sanitizechildResults
before assigning it toclone.innerHTML
on line 140.
-
Copy modified lines R59-R67 -
Copy modified line R149
@@ -58,2 +58,11 @@ | ||
|
||
function escapeHTML(text: string): string { | ||
return text | ||
.replace(/&/g, "&") | ||
.replace(/</g, "<") | ||
.replace(/>/g, ">") | ||
.replace(/"/g, """) | ||
.replace(/'/g, "'"); | ||
} | ||
|
||
function parseHTMLToMarkdown(html: string): string { | ||
@@ -139,3 +148,3 @@ | ||
const clone = element.cloneNode(false) as HTMLElement; | ||
clone.innerHTML = childResults; | ||
clone.innerHTML = escapeHTML(childResults); | ||
return clone.outerHTML; |
Description
This PR adds flat lists to our schema, a migration script that aims to safely convert old lists to new ones and a ton of new improvements to lists
Detailed description
TODO
Summary by CodeRabbit
Release Notes
New Features
Improvements
Bug Fixes
Performance