Allow setting escape option per parameter replacing.
For more security this should be used instead of disabling paramter escaping,
see [pull request #756](nextcloud-libraries/nextcloud-l10n#756)
// Example
t(
'my-app',
'{a}{userInput}{a_end}',
{
a: {
value: '<a>',
escape: false,
},
userInput: somePossiblyInsecureValue, // This will be escaped
a_end: {
value: '</a>',
escape: false,
}
},
)
Allow setting escape option per parameter replacing.
For more security this should be used instead of disabling paramter escaping,
see [pull request #756](nextcloud-libraries/nextcloud-l10n#756)
// Example
t(
'my-app',
'{a}{userInput}{a_end}',
{
a: {
value: '<a>',
escape: false,
},
userInput: somePossiblyInsecureValue, // This will be escaped
a_end: {
value: '</a>',
escape: false,
}
},
)
3.0.1 - 2024-05-04
Fixed
Ensure that built type definitions are bundled with the release and located in the correct directory
This will improve the performance if multiple placeholders are used and it allows this,
while the string is still sanitized:
t(
'See {linkstart}documentation{linkend}',
{
linkstart: '<a ...>',
linkend: '</a>',
},
// No number
undefined,
{
// Do not escape the result as we want the HTML anchor element
</tr></table>
... (truncated)
Commits
e0b16b5 Merge pull request #758 from nextcloud-libraries/chore/3-1-0
You can trigger a rebase of this PR by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
Bumps @nextcloud/l10n from 2.2.0 to 3.1.0.
Release notes
Sourced from
@nextcloud/l10n
's releases.... (truncated)
Changelog
Sourced from
@nextcloud/l10n
's changelog.... (truncated)
Commits
e0b16b5
Merge pull request #758 from nextcloud-libraries/chore/3-1-0a0e1f86
chore: Prepare 3.1.0 release558a387
Merge pull request #756 from nextcloud-libraries/feat/allow-per-replacement-e...5cf6b4b
Merge pull request #757 from nextcloud-libraries/chore/workflows5e96b8f
fix(ci): Update workflows from organization7775257
feat: Allow settingescape
option per parameter replacing91214fa
chore: Prepare release 3.0.184894b8
fix: Ensure types are generated in the correct output directory2bf8d09
Merge pull request #755 from nextcloud-libraries/dependabot/npm_and_yarn/domp...610bb86
Merge pull request #754 from nextcloud-libraries/dependabot/npm_and_yarn/vite...You can trigger a rebase of this PR by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show