bito-code-review[bot] commented on PR #40612:
URL: https://github.com/apache/superset/pull/40612#issuecomment-4610986859
<!-- Bito Reply -->
The flagged issue is correct. The test `removes script tags injected via the
series key` (lines 44–56 of the diff) is redundant because the existing test
suite already covers `<script>`-stripping for `generateMultiLineTooltipContent`
elsewhere in the file. To resolve this, you can remove the redundant test block
and rely on the existing coverage, or consolidate the payloads into a single
test case to maintain coverage while reducing maintenance overhead.
Would you like me to fetch all other comments on this PR to validate them
and implement a minimal fix for all identified issues?
**superset-frontend/plugins/legacy-preset-chart-nvd3/test/utils.test.ts**
```
test('removes script tags injected via the series key', () => {
const tooltip = generateMultiLineTooltipContent(
{
value: 'x-value',
series: [
{ key: '<script>alert(1)</script>', color: '#fff', value: 1 },
],
},
identity,
[identity],
);
expect(tooltip).not.toContain('<script>');
});
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
