search

chocolatey / package-validator

Windows service to validate packages conform to package standards
Apache License 2.0
31 stars 29 forks source link

Guideline: Use non-locale/language specific URLs for navigable links within nuspec #115

Open dtgm opened 8 years ago

dtgm commented 8 years ago

Internationalisation enhancement

Do not force language/locale specific URLs within nuspec if possible. Instead, if available, use non-locale/language specific URLs within nuspec so users aren't forced on any specific language when navigating links within nuspec. In this way the website may read the user's system locale and provide the appropriate content desired.

See https://wikipedia.org/wiki/Lcid

Examples

Root: https://www.microsoft.com/download/ Forced: https://www.microsoft.com/en-ca/download/details.aspx?id=10005 Fixed: https://www.microsoft.com/download/details.aspx?id=10005

Root: https://technet.microsoft.com/ Specific: https://technet.microsoft.com/en-us/sysinternals Fixed: https://technet.microsoft.com/sysinternals

Root: https://www.visualstudio.com/ Specific: https://www.visualstudio.com/es-es Fixed: https://www.visualstudio.com/

Root: https://wikipedia.org/wiki/ Specific: https://de.wikipedia.org/wiki/Freeware Fixed: https://wikipedia.org/wiki/Freeware

Root: https://www.mozilla.org/ Specific: https://www.mozilla.org/es-MX/privacy/firefox/ Fixed: https://www.mozilla.org/privacy/firefox/

Detection

Search for various language codes in URLs of nuspec file

regex to catch xx-XX in URL '(?<=http[:s]//).*?/[a-z]{2}-[a-z]{2}[^a-z]'

For popular websites like wikipedia or microsoft the search could be exact.

Scope of issue

probable total affected packages containing xx-XX LCID format within URLs of all chocolatey packages is 253

$ grep -iP '(?<=http[:s]//).*?/[a-z]{2}-[a-z]{2}[^a-z]' */*.nuspec -lh | sort -u | uniq -i | wc -l
253

only 27 root URLs containing en-us are affecting 219 packages out of total 3283 searched:

$  grep -iP '(?<=http[:s]//).+en-us' */*.nuspec -lh | sort -u | wc -l
219

root URLs containing en-us within all packages (3283 unique pkg IDs searched):

$  grep -iP '(?<=http[:s]//).*?en-us' */*.nuspec -ho | sort | uniq -i
c.s-microsoft.com/en-us
dev.windowsphone.com/en-us
download.autodesk.com/us/FY16/Suites/LSA/en-US
fontforge.github.io/en-US
i.msdn.microsoft.com/aa972637.SQLsvr_waffle(en-us
i.technet.microsoft.com/ee694644.Download_lg(en-us
i.technet.microsoft.com/ee694644.Download_sm(en-us
marketplace.xbox.com/en-US
msdn.microsoft.com/en-us
stackoverflow.com/questions/14307692/unknown-when-us
support.microsoft.com/en-us
technet.microsoft.com/en-us
windows.microsoft.com/en-us
www.avast.com/en-us
www.bingtoolbar.com/en-US
www.logitech.com/en-us
www.microsoft.com/en-us
www.microsoft.com/global/en-us
www.microsoft.com/privacystatement/en-us
www.microsoft.com/visualstudio/11/en-us
www.microsoft.comhttp://www.microsoft.com/en-us
www.mozilla.org/en-US
www.nvidia.com/Download/index.aspx?lang=en-us
www.skype.com/intl/en-us
www.synology.com/en-us
www.visualstudio.com/en-us
www.windowsazure.com/en-us

10 packages contain URLs with /en-GB/ 5 packages contain URLs with /de/