search

urvanov-ru / crayon-syntax-highlighter

Syntax Highlighter supporting multiple languages, themes, fonts, highlighting from a URL, local file or post text.
https://wordpress.org/plugins/urvanov-syntax-highlighter/
GNU General Public License v3.0
60 stars 11 forks source link

Question #29

Open kprovance opened 3 years ago

kprovance commented 3 years ago

First, thanks for picking up this project and continuing to work on it. Crayon Highlighter has been something I've used for years. I forked it so I could fix all the jQuery deprecation issues, as who knows when WordPress will drop the migrate library. While I was tidying up, I ran the project through PHP CodeSniffer using the WordPress Coding Standards. Needless to say, the age of this project shows. In terms of type-safe comparisons, escaping, sanitizing, and literally NO nonce verifications with AJAX, it is, not to put too fine a point on it, a mess. This is something I did for Redux Framework, bringing it up to standards. I'd like to do the same here.

It's a HUGE undertaking, to which I am five days in now, and all I've been working on. Frankly, I'd prefer to have a safer version on my website. You can see the work on my fork: https://github.com/svl-studios/crayon-syntax-highlighter

Would you be interested in a pull request for all these changes? The are...many and might require a short period of testing (if you wanted to create a wpcs branch for me to submit to, that might be a safer way to go, until it's ready). If not, I understand. I can maintain a separate fork. I thought I'd ask and give folks an option for a safe product.

Thanks!

urvanov-ru commented 3 years ago

@kprovance Make a pull request. It would be a great help. I will try to review, and we will merge it when it will be ready.

Fixing jQuery deprecation issues will be good too. Also, I think we should try to exclude jQuery from the plugin. Modern JavaScript has most of it features. What do you think?

kprovance commented 3 years ago

I should have something for you in the next few days.

The jQuery argument is tough. A lot of what jQuery does would take a bit of work to do in straight JavaScript, up to basically writing jQuery lite. Having gone through much of the JavaScript in the last few days, I can see ways to replace some of it, but all? I'm not sure. My JavaScript skills aren't quite that advanced to recreate what jQuery does. All that said, jQuery is in the WordPress core. It gets loaded anyways. It's almost like reinventing the wheel. When I'm done with this project, I'll see where there might be places to optimize performance with jQueryless code. :)

urvanov-ru commented 3 years ago

Ok, Let the plugin be with jQuery as it was from the beginning.