[netbeans] branch master updated: [NETBEANS-6315] Escape HTML entities in PHPStan report

junichi11 Sat, 18 Dec 2021 20:47:56 -0800

This is an automated email from the ASF dual-hosted git repository.

junichi11 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/netbeans.git



The following commit(s) were added to refs/heads/master by this push:
     new 8529892  [NETBEANS-6315] Escape HTML entities in PHPStan report
     new b4fb977  Merge pull request #3380 from 
KacerCZ/netbeans-6315-phpstan-message-fix
8529892 is described below

commit 852989292e99671a89ef1264cfefb89c843edbd7
Author: Tomas Prochazka <[email protected]>
AuthorDate: Sat Dec 18 11:03:02 2021 +0100

    [NETBEANS-6315] Escape HTML entities in PHPStan report
    
    https://issues.apache.org/jira/browse/NETBEANS-6315
    
    - Escapes HTML entities in message from PHPStan report
---
 php/php.code.analysis/manifest.mf                  |  2 +-
 php/php.code.analysis/nbproject/project.xml        |  9 ++++++++
 .../php/analysis/parsers/PHPStanReportParser.java  |  4 +++-
 .../data/phpstan/phpstan-log-html-entities.xml     | 26 ++++++++++++++++++++++
 .../analysis/parsers/PHPStanReportParserTest.java  | 14 ++++++++++++
 5 files changed, 53 insertions(+), 2 deletions(-)

diff --git a/php/php.code.analysis/manifest.mf 
b/php/php.code.analysis/manifest.mf
index ecc7226..0b3efb8 100644
--- a/php/php.code.analysis/manifest.mf
+++ b/php/php.code.analysis/manifest.mf
@@ -2,4 +2,4 @@ Manifest-Version: 1.0
 OpenIDE-Module: org.netbeans.modules.php.code.analysis
 OpenIDE-Module-Layer: org/netbeans/modules/php/analysis/resources/layer.xml
 OpenIDE-Module-Localizing-Bundle: 
org/netbeans/modules/php/analysis/resources/Bundle.properties
-OpenIDE-Module-Specification-Version: 0.28
+OpenIDE-Module-Specification-Version: 0.29
diff --git a/php/php.code.analysis/nbproject/project.xml 
b/php/php.code.analysis/nbproject/project.xml
index 812ab35..dad2ea0 100644
--- a/php/php.code.analysis/nbproject/project.xml
+++ b/php/php.code.analysis/nbproject/project.xml
@@ -44,6 +44,15 @@
                     </run-dependency>
                 </dependency>
                 <dependency>
+                    
<code-name-base>org.netbeans.modules.editor.util</code-name-base>
+                    <build-prerequisite/>
+                    <compile-dependency/>
+                    <run-dependency>
+                        <release-version>1</release-version>
+                        <specification-version>1.80</specification-version>
+                    </run-dependency>
+                </dependency>
+                <dependency>
                     
<code-name-base>org.netbeans.modules.extexecution</code-name-base>
                     <build-prerequisite/>
                     <compile-dependency/>
diff --git 
a/php/php.code.analysis/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParser.java
 
b/php/php.code.analysis/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParser.java
index 2ed5e47..5638a82 100644
--- 
a/php/php.code.analysis/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParser.java
+++ 
b/php/php.code.analysis/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParser.java
@@ -34,6 +34,7 @@ import java.util.logging.Level;
 import java.util.logging.Logger;
 import org.netbeans.api.annotations.common.CheckForNull;
 import org.netbeans.api.annotations.common.NullAllowed;
+import org.netbeans.lib.editor.util.StringEscapeUtils;
 import org.netbeans.modules.php.analysis.results.Result;
 import org.netbeans.modules.php.api.util.FileUtils;
 import org.openide.filesystems.FileObject;
@@ -165,7 +166,8 @@ public class PHPStanReportParser extends DefaultHandler {
         currentResult.setColumn(getInt(attributes, "column")); // NOI18N
         String message = attributes.getValue("message"); // NOI18N
         currentResult.setCategory(String.format("%s: %s", 
attributes.getValue("severity"), message)); // NOI18N
-        currentResult.setDescription(message);
+        // Message can contain types like "array<string>" and description is 
renderd as HTML so it has to be properly escaped.
+        currentResult.setDescription(StringEscapeUtils.escapeHtml(message));
     }
 
     private void processResultEnd() {
diff --git 
a/php/php.code.analysis/test/unit/data/phpstan/phpstan-log-html-entities.xml 
b/php/php.code.analysis/test/unit/data/phpstan/phpstan-log-html-entities.xml
new file mode 100644
index 0000000..ffe1f06
--- /dev/null
+++ b/php/php.code.analysis/test/unit/data/phpstan/phpstan-log-html-entities.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+    Licensed to the Apache Software Foundation (ASF) under one
+    or more contributor license agreements.  See the NOTICE file
+    distributed with this work for additional information
+    regarding copyright ownership.  The ASF licenses this file
+    to you under the Apache License, Version 2.0 (the
+    "License"); you may not use this file except in compliance
+    with the License.  You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing,
+    software distributed under the License is distributed on an
+    "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    KIND, either express or implied.  See the License for the
+    specific language governing permissions and limitations
+    under the License.
+
+-->
+<checkstyle>
+<file name="HelloWorld.php">
+  <error line="7" column="1" severity="error" message="Function count() should 
return int but returns array&lt;string&gt;." />
+</file>
+</checkstyle>
diff --git 
a/php/php.code.analysis/test/unit/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParserTest.java
 
b/php/php.code.analysis/test/unit/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParserTest.java
index 5c9bf57..42786d7 100644
--- 
a/php/php.code.analysis/test/unit/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParserTest.java
+++ 
b/php/php.code.analysis/test/unit/src/org/netbeans/modules/php/analysis/parsers/PHPStanReportParserTest.java
@@ -98,6 +98,20 @@ public class PHPStanReportParserTest extends NbTestCase {
         assertEquals(3, results.size());
     }
 
+    public void testParseWithHtmlEntities() throws Exception {
+        FileObject root = getDataDir("phpstan/PHPStanSupport");
+        FileObject workDir = root;
+        List<Result> results = 
PHPStanReportParser.parse(getLogFile("phpstan-log-html-entities.xml"), root, 
workDir);
+        assertNotNull(results);
+
+        assertEquals(1, results.size());
+        Result result = results.get(0);
+        
assertEquals(FileUtil.toFile(root.getFileObject("HelloWorld.php")).getAbsolutePath(),
 result.getFilePath());
+        assertEquals(7, result.getLine());
+        assertEquals("error: Function count() should return int but returns 
array<string>.", result.getCategory());
+        assertEquals("Function count() should return int but returns 
array&lt;string&gt;.", result.getDescription());
+    }
+
     private File getLogFile(String name) throws Exception {
         assertNotNull(name);
         File phpstan = new File(getDataDir(), "phpstan");

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

For further information about the NetBeans mailing lists, visit:
https://cwiki.apache.org/confluence/display/NETBEANS/Mailing+lists

[netbeans] branch master updated: [NETBEANS-6315] Escape HTML entities in PHPStan report

Reply via email to