From 94145f4d0982bd7dd1011a735eb39c8bcd3cd88a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Javi=20Mart=C3=ADn?= Date: Fri, 17 May 2024 01:00:59 +0200 Subject: [PATCH] Don't check ERB Lint ErbSafety in files using `raw` We're excluding these files because they use `raw` to render content than only administrators can edit, and we trust administrators not to provide unsafe HTML. We should definitely sanitize them at some point but, at the same time, we should also try to keep compatibility in installations taking advantage of `raw`. Also note that ERB Lint does not allow customizing the severity of a linter; if it ever does, we'll use the severity rule instead of excluding files. --- .erb-lint.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.erb-lint.yml b/.erb-lint.yml index 07676c3fc..105042f03 100644 --- a/.erb-lint.yml +++ b/.erb-lint.yml @@ -9,6 +9,16 @@ linters: enabled: true ErbSafety: enabled: true + exclude: + - app/components/budgets/investments/content_blocks_component.html.erb + - app/components/layout/footer_component.html.erb + - app/components/layout/social_component.html.erb + - app/components/layout/subnavigation_component.html.erb + - app/components/layout/top_links_component.html.erb + - app/views/admin/site_customization/content_blocks/index.html.erb + - app/views/layouts/application.html.erb + - app/views/layouts/dashboard.html.erb + - app/views/layouts/devise.html.erb ExtraNewline: enabled: true FinalNewline: