Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lexical editor integration #2940

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

lexical editor integration #2940

wants to merge 8 commits into from

Conversation

kukollu
Copy link

@kukollu kukollu commented Sep 24, 2024

Overview

PR Checklist

  • Related to designs:
  • Related to JIRA ticket: [ABC-123]
  • I have run this code to verify it works
  • This PR includes unit tests for the code change
  • This PR includes testing instructions tests for the code change
  • The alpha package of this PR is passing end-to-end tests in all relevant Codecademy repositories

Testing Instructions

Don't make me tap the sign.

PR Links and Envs

Repository PR Link PR Env
Monolith Monolith PR Monolith Env
Portal Portal Link Portal Env
Another Repo Another Link Another Env

@kukollu kukollu requested a review from a team as a code owner September 24, 2024 18:20
@CLAassistant
Copy link

CLAassistant commented Sep 24, 2024
edited
Loading

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you all sign our Contributor License Agreement before we can accept your contribution.
1 out of 2 committers have signed the CLA.

✅ dreamwasp
❌ kukollu
You have signed the CLA already but the status is still pending? Let us recheck it.

dreamwasp
dreamwasp reviewed Sep 24, 2024
View reviewed changes
package.json Outdated
@@ -8,6 +8,7 @@
"@babel/core": "7.20.12",
"@babel/preset-typescript": "^7.18.6",
"@codecademy/eslint-config": "8.0.0",
"@codecademy/gamut-kit": "^0.6.441",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

gamut-kit is what is produced by these packages, so shouldn't be a dependency here

github-advanced-security[bot]
github-advanced-security bot found potential problems Sep 30, 2024
View reviewed changes
packages/gamut/src/LexicalEditor/Settings.tsx
<Switch
onClick={() => {
if (isSplitScreen) {
window.parent.location.href = `/${search}`;

Check warning

Code scanning / CodeQL

Client-side URL redirect Medium

Untrusted URL redirection depends on a
user-provided value
Loading
.
packages/gamut/src/LexicalEditor/plugins/AutocompletePlugin/index.tsx
Comment on lines +39 to +42
export const uuid = Math.random()
.toString(36)
.replace(/[^a-z]+/g, '')
.substr(0, 5);

Check failure

Code scanning / CodeQL

Insecure randomness High

This uses a cryptographically insecure random number generated at
Math.random()
Loading
in a security context.
packages/gamut/src/LexicalEditor/plugins/MarkdownTransformers/index.ts

// Very primitive table setup
const TABLE_ROW_REG_EXP = /^(?:\|)(.+)(?:\|)\s?$/;
const TABLE_ROW_DIVIDER_REG_EXP = /^(\| ?:?-*:? ?)+\|\s?$/;

Check failure

Code scanning / CodeQL

Inefficient regular expression High

This part of the regular expression may cause exponential backtracking on strings starting with '|' and containing many repetitions of ':|'.
@dreamwasp dreamwasp requested a review from a team October 2, 2024 14:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dreamwasp dreamwasp dreamwasp left review comments

@timjenkins timjenkins Awaiting requested review from timjenkins timjenkins is a code owner automatically assigned from Codecademy/gamut

@BandanaKM BandanaKM Awaiting requested review from BandanaKM BandanaKM is a code owner automatically assigned from Codecademy/gamut

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kukollu @CLAassistant @dreamwasp