GNU bug report logs - #60904
[PATCH 05/25] gnu: Add go-github-com-google-safehtml.

Previous Next

Full log

View this message in rfc822 format

From: Katherine Cox-Buday <cox.katherine.e <at> gmail.com>
To: 60904 <at> debbugs.gnu.org
Cc: paren <at> disroot.org
Subject: [bug#60904] [PATCH 05/25] gnu: Add go-github-com-google-safehtml.
Date: Tue, 07 Feb 2023 09:41:08 -0700

"( via Guix-patches" via <guix-patches <at> gnu.org> writes:

> * gnu/packages/golang.scm (go-github-com-google-safehtml): New variable.
>
>> --- a/gnu/packages/golang.scm
>> +++ b/gnu/packages/golang.scm
>
>> @@ -10921,6 +10921,31 @@ (define-public go-github-com-google-go-jsonnet
>
>> +    (propagated-inputs `(("go-golang-org-x-text" ,go-golang-org-x-text)))
>
> Please use new-style inputs.

Ugh, +1, and sorry I missed this. I don't know why the importer doesn't
do this by default yet. I suppose that's another patch that needs to
happen.

I also don't know why `guix style` and `guix lint` didn't catch this.

>> +    (synopsis "Safe HTML for Go")
>
>   (synopsis "Go type for storing HTML data")

(see other response, wondering if we should take upstream synopses or
not)

>> +    (description
>> +     "Package safehtml provides immutable string-like types which represent values
>> +that are guaranteed to be safe, by construction or by escaping or sanitization,
>> +to use in various HTML contexts and with various DOM APIs.")
>
>   (description
>    "This package provides a Go library for storing HTML data as an immutable string-like
>   value.")

I disagree with this suggestion: the extra context about construction or
escaping takes me from "why would I want to store HTML data in a
struct", to, "oh this is a way to preclude passing around invalid/unsafe
HTML around".

-- 
Katherine

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.