Support sass-embedded as alternative implementation #124
Conversation
|
@ntkme Thanks for opening this WIP PR. |
|
@ntkme For future reference, you need not rebase unless there are merge conflicts, especially in a draft PR. We always squash all commits while merging a pull request. |
|
Appveyor with ruby 2.7 and 3.0 is having some issue that I don't quite understand.
So, it should work in windows with the right setup, not sure what's wrong with Appveyor. Shall we try debug Appveyor or maybe we can move windows tests to use GitHub actions? |
@ntkme I've pushed a commit to migrate tests for Windows to GH Actions (just for this branch). While the installation succeeds, the test suite fails anyways since the expected output is not the same for sourcemaps for Linux and Windows for the two implementations. In the meantime, I'll think of another way to run the specs for two implementations without indenting the existing spec (to improve maintainability, ease running a single failing spec and to reduce the overall diff on this pull request.) |
|
The source map issue has to do with dart-sass converting |
|
I fixed the the source map issue on windows. Tests now passes for ruby 2.7/3.0 on windows. However, Ruby 2.6 on windows would get stuck during dependencies installation. |
|
@ntkme that looks like a classic "rerun and succeed" CI issue... |
|
Attempted to run |
|
@ntkme I don't know what the issue is with Ruby 2.6 and Windows. Currently, the loading is within the Now that the CI has passed (I removed Windows-Ruby2.6 from the matrix), let us focus on the documentation aspect. |
|
@ashmaroli Sure. Let's do that for now. I opened ruby/setup-ruby#218, hope we can get some help. |
|
@ashmaroli Manged to get access to a windows machine and fixed ruby 2.6 on windows. Test now passes. Details is here if anyone is interested: ruby/setup-ruby#218 (comment) |
|
That is wonderful investigative work @ntkme. 🎉 |
|
@ntkme I tested this on an old system running on Windows 7 SP1. Latest versions of Ruby and Jekyll installs and runs fine on that system but it doesn't have a newer version of Powershell. (Windows 7 ships with just PS 2.0; PS 5+ is needed for running Therefore, in the interest of Jekyll users still on Windows 7, I suggest not having |
|
Never mind. Forgot that I looked at how sass/embedded-host-node handles this problem and it runs out they have added a dependency just to handle zip files. So, we can do the same here. |
|
@ntkme I have decided to not include Slowly, as the ecosystem stabilizes, we'll probably phase out |
|
@ashmaroli That's fine with me. Please feel free to push changes to do that. |
|
@ashmaroli By the way, excluding it from runtime dependencies means that we can have this feature released even with |
Yes, that is the plan. |
|
Windows 7 now works with some VBS magic to do the unzip work: sass-contrib/sass-embedded-host-ruby@73a66b2 Manually tested with Windows 7 VM from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/ and rubyinstaller2 (2.6.8-1) |
Whoa! That was a wrong move, @ntkme Using gems with native extensions are always a security concern. In the current scope, the gem already downloads third-party archives from the internet without user intervention during the installation, installs a native executable ( Agreed, that everything is open-source and verifiable.
Nevertheless, the default behavior has a negative impact on trustworthiness. |
|
The bundled VBS script is very explicit that it can only be used to unzip, nothing else, and it is only used if user does not have powershell 5.0+. I don’t see any problem just because the common misconceptions of VBS being associated with malware. I think this is a fair use case since there is no other solution out of box. Compile the dart code would require the whole dart tool chain. In addition, it will need git or unzip or otherwise bundle whole source code with the project that can introduce a whole lot more errors. Ask user to install powershell 5.0 might be something fair, but the user experience is not as good as this. |
|
Regardless of using VBS or not, users have to decide what gems they trust. I mean, even if a malicious gem does not have any extension it can still do harm at runtime as soon as a user requires it. If people are so paranoid about VBS I can definitely revert it and just call it a day saying Windows 7 is not supported, as it is already end of support. If it wasn’t pointed out here that it wouldn’t work with windows 7, I won’t even bother try supporting an end of support system. |
It wasn't about VBS but having a custom script silently run as part of the installation. IMO, reverting the support would be best. Also, I apologize for wasting your time by mentioning Windows 7. |
Overall the problem is that native dependencies which are not native language binding libraries does not really work with native extension build system ( On the other hand, use a custom script to handle installation of a native dependency that is not a native language binding library is actually pretty common nowadays. For example, in nodejs world, the "postinstall" hook can be used to run any script to handle additional setup or configuration to provide out of box user experience, and many projects use this feature to run custom script. In the official nodejs equivalent project You do have a good point about "silently run", but that's a design of By design ruby's Finally, I understand people have concerns because the custom script "download" artifacts from internet. An alternative that does not involve downloading or unzipping would be building platform native gem for each platform and embedding the uncompressed platform native dependencies directly in the gem itself. However, in the end that's less transparent (need to verify a 8.7MB binary from non-official distribution channel), therefore make it even worse than downloading from official release channel. |
|
@ashmaroli I did a rebase because merging conflict is getting crazy. Also, I changed the way that test works so that now this PR does not indent the test cases, so the changes would be much easier to review. Now test script would run twice in the CI with the environment variable |
No issues, it was inevitable.
Glad that fog has been cleared.
This is less than ideal, but an acceptable trade-off. I'll see if we can get the best of both methods (former and current) after this PR gets merged. |
Co-authored-by: Ashwin Maroli <[email protected]>
Co-authored-by: Ashwin Maroli <[email protected]>
Co-authored-by: Ashwin Maroli <[email protected]>
Co-authored-by: Ashwin Maroli <[email protected]>
|
@parkr PTAL when you get a chance. Thanks! |
| * **`style`** | ||
|
|
||
| Sets the style of the CSS-output. | ||
| Can be `nested`, `compact`, `compressed`, or `expanded`. | ||
| See the [SASS_REFERENCE](https://sass-lang.com/documentation/cli/dart-sass#style) | ||
| for details. | ||
|
|
||
| Defaults to `compact`. | ||
| Defaults to `compact` for `sassc`. | ||
| Defaults to `expanded` for `sass-embedded`. |
There was a problem hiding this comment.
Why would we have two different defaults for the implementation? That seems counter to what I'd expect.
There was a problem hiding this comment.
See https://sass-lang.com/documentation/js-api/interfaces/LegacySharedOptions#outputStyle
The output style of the compiled CSS. There are four possible output styles:
- "expanded" (the default for Dart Sass) writes each selector and declaration on its own line.
- "compressed" removes as many extra characters as possible, and writes the entire stylesheet on a single line.
- "nested" (the default for Node Sass, not supported by Dart Sass) indents CSS rules to match the nesting of the Sass source.
- "compact" (not supported by Dart Sass) puts each CSS rule on its own single line.
The reason is that dart-sass has dropped support for compact and nested, and we don't want to change the default for sassc.
There was a problem hiding this comment.
Gotcha. What happens if I specify an unsupported output style? Do I see an error? What does that error look like?
There was a problem hiding this comment.
But in this PR we check for the input and fallback to the respective default value so user won’t see any error.
| @@ -113,9 +114,15 @@ def sass_dir | |||
| jekyll_sass_configuration["sass_dir"] | |||
| end | |||
|
|
|||
| def sass_implementation | |||
| implementation = jekyll_sass_configuration["implementation"] | |||
| ALLOWED_IMPLEMENTATIONS.include?(implementation) ? implementation : "sassc" | |||
There was a problem hiding this comment.
Should we send a warn if the implementation is not allowed so the user can fix their config?
There was a problem hiding this comment.
This is aligned with the style option that it fallbacks to default value without warning. Shall we add warning for both?
There was a problem hiding this comment.
It makes sense to warn the user that we don't support the value they asked for. Maybe in another PR if you like.
| def file_path | ||
| return nil if associate_page_failed? | ||
|
|
||
| File.join(site_source_relative_from_pwd, sass_page.path) |
There was a problem hiding this comment.
This might need to use Jekyll.sanitized_path, I think.
There was a problem hiding this comment.
This should be safe as:
File.joinis simply: base + '/' + path. It is concatenated as is without any expansion.sass_page.pathis the path to sass page e.g.css/main.scss- this is provided by jekyll. Since jekyll only process files inside current project, this should be safe to use.
There was a problem hiding this comment.
@parkr I just tested and Jekyll.sanitized_path does not do anything different for symlinks. If file is a symlink, sass_page.path still returns the original unresolved path.
In the end when Jekyll process "pages" collection, it does not seem to care if a "page" is a symlink to a file outside of the project or not. I would say that is a problem of Jekyll pages collection, not something we should deal with here.
|
Thank you @ntkme, for all the work put into this. |
|
Thanks @ashmaroli @mattr- @parkr for your help! |
This PR add support for dart based sass implementation.
I have enabled edit access for maintainers so please free feel to make changes.
New
implementationthat can be eithersasscorsass-embedded. Default tosasscfor compatibility.Limitations
sass-embeddedgem will not be added as a runtime dependency for now asdart-sass-embeddedstill beta. Meaning user who wish to use this will have to manually addsass-embeddedtoGemfile.