search

10up / safe-svg

Enable SVG uploads and sanitize them to stop XML/SVG vulnerabilities in your WordPress website.
https://wordpress.org/plugins/safe-svg/
GNU General Public License v2.0
266 stars 31 forks source link

Installing via composer issue #153

Closed BBTJohn closed 3 months ago

BBTJohn commented 12 months ago

Describe the bug

When installing via composer through wpackagist.org, there im getting an error.

Notice: Function register_block_script_handle was called incorrectly. The asset file (/var/www/[PROJECTNAME]/web/app/plugins/safe-svg/includes/blocks/safe-svg/../../../dist/safe-svg-block.asset.php) for the "editorScript" defined in "safe-svg/svg-icon" block definition is missing. Please see [Debugging in WordPress](https://wordpress.org/documentation/article/debugging-in-wordpress/) for more information. (This message was added in version 5.5.0.) in /var/www/expedite/web/wp/wp-includes/functions.php on line 5905

Upon checking the file structure, it looks like the directory dist is missing. I also checked the gitignore file and it looks like the plugin is ignoring the dist directory.

Steps to Reproduce

install safe-svg via composer. https://wpackagist.org/search?q=safe-svg&type=any&search=

Screenshots, screen recording, code snippet

No response

Environment information

No response

WordPress information

No response

Code of Conduct

thaddeusm commented 12 months ago

Having the same issue.

JacobDB commented 7 months ago

Also experiencing this issue. Since this appears to be related to the block editor, I tried to just remove the block registration, but there doesn't seem to be a good way to do that because of the way it's hooked in...

add_action( 'init', array( $this, 'setup_blocks' ) );

Any chance we could just get a getInstance() function so that we can dequeue this if we don't need the block? Something like this would then allow us to dequeue it...

remove_action( 'init', array( SafeSvg\safe_svg::getInstance(), 'setup_blocks' ) );
dkotter commented 5 months ago

Curious on your setup for installing this via composer? I just tried a fairly basic composer.json (pasted below) and it did install things correctly, including the dist directory, when I ran composer install:

{
    "name": "10up/test",
    "description": "Test",
    "repositories":[
        {
            "type":"composer",
            "url":"https://wpackagist.org",
            "only": [
                "wpackagist-plugin/*"
            ]
        }
    ],
    "require": {
        "wpackagist-plugin/safe-svg":"2.2.4"
    },
    "config": {
        "allow-plugins": {
            "composer/installers": true
        }
    },
     "extra": {
        "installer-paths": {
            "plugins/{$name}/": [
                "type:wordpress-plugin"
            ]
        }
    }
}
JacobDB commented 5 months ago

I honestly don't remember what I did, sorry. I just tried this again, and it seems to be working just fine, even when I require it directly (i.e. require "vendor/darylldoyle/safe-svg/safe-svg.php";). No idea what was causing the error before, but I'll report back if I find it again.

Quick side note – I'd love this as a library instead of a WordPress plugin; I develop bespoke WordPress themes for clients, and with our workflow, sometimes it's more preferential to require plugins like this within our theme rather than having them installed directly.

jeffpaul commented 3 months ago

@JacobDB if you've looking for the root functionality, that could be built on top of in your besoke projects with https://github.com/darylldoyle/svg-sanitizer