feat: refactor the HTML to use html/template and to inject styling for other IDEs [IDE-326] #564
Conversation
teodora-sandu
changed the title
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
0ec4893 to
cfd2bac
Compare
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
cfd2bac to
760d766
Compare
| return `` | ||
| } | ||
| } | ||
|
|
||
| func getGitHubIconSvg() template.HTML { |
There was a problem hiding this comment.
Wondering, if caching/memory will become an issue with 1000s of issues if we embed the svg like that. Do you know how Chrome handles this?
There was a problem hiding this comment.
Do you mean we might run into trouble ebecause we would be using a lot of memory if we cache the same SVG multiple times?
There was a problem hiding this comment.
I've been thinking about this and at the very beginning of this migration, when we were just supporting IntelliJ and writing the HTML and CSS from scratch, we embedded everything in one single HTML file, trading DRY for velocity.
Now that the project has grown and VSCode and IntelliJ are loading CSS rules anyway, I think we could start considering removing the CSS and SVGs from the Language Server and moving them to the IDEs as separate assets.
Benefits:
- Reduced Redundancy: Each vulnerability doesn't need to embed the same CSS and SVGs.
- Improved Performance: Smaller HTML payloads and better caching of static assets.
| "IssueOverview": html.MarkdownToHTML(string(overview)), | ||
| "CVEs": additionalData.Identifiers.CVE, | ||
| "CWEs": additionalData.Identifiers.CWE, | ||
| "CvssScore": fmt.Sprintf("%.1f", additionalData.CvssScore), |
There was a problem hiding this comment.
As we're at it - should we just update it to CVSSv4? ;)
There was a problem hiding this comment.
Done! But I didn't change it in the LS message type, since that would affect our IDEs being able to read this value
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
517d986 to
08def53
Compare
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
08def53 to
15c7ad4
Compare
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
15c7ad4 to
08def53
Compare
teodora-sandu
force-pushed
the
feat/html-oss-intellij
branch
from
08def53 to
69bbd23
Compare
|
snyk/vscode-extension#482 should be merged first before this. |
| func getExploitMaturity(issue snyk.OssIssueData) string { | ||
| if len(issue.Exploit) > 0 { | ||
| return fmt.Sprintf("<div class='summary-item maturity'><div class='label font-light'>Exploit maturity</div>"+ | ||
| "<div class='content'>%s</div></div>", issue.Exploit) | ||
| return issue.Exploit | ||
| } else { | ||
| return "" | ||
| } | ||
| } |
There was a problem hiding this comment.
Maybe we can remove the else?
func getExploitMaturity(issue snyk.OssIssueData) string {
if len(issue.Exploit) > 0 {
return issue.Exploit
}
return ""
}
…r other IDEs [IDE-326] (#564)
Description
This PR refactors the HTML template used for the OSS Sugestion Panel so that it's more secure and uses the
html/templatelibrary. This also refactors the template so that it injects icons directly in LS and so other IDEs don't need to know what icons to inject. It adds a${ideStyle}variable so that in both VSCode and IntelliJ we can inject the IDE specific styling, like we do for Snyk Code.To test this, need to use snyk/vscode-extension#482.
Checklist
🚨After having merged, please update the CLI go.mod to pull in latest language server.