Commit Graph

19769 Commits

Author SHA1 Message Date
Misko Hevery 47d9b6d72d fix(core): fix possible XSS attack in development through SSR. (#40136)
Escape the content of the strings so that it can be safely inserted into a comment node.
The issue is that HTML does not specify any way to escape comment end text inside the comment.
`<!-- The way you close a comment is with "-->". -->`. Above the `"-->"` is meant to be text
not an end to the comment. This can be created programmatically through DOM APIs.

```
div.innerHTML = div.innerHTML
```
One would expect that the above code would be safe to do, but it turns out that because comment
text is not escaped, the comment may contain text which will prematurely close the comment
opening up the application for XSS attack. (In SSR we programmatically create comment nodes which
may contain such text and expect them to be safe.)
This function escapes the comment text by looking for the closing char sequence `-->` and replace
it with `-_-_>` where the `_` is a zero width space `\u200B`. The result is that if a comment
contains `-->` text it will render normally but it will not cause the HTML parser to close the
comment.

PR Close #40136
2020-12-16 09:38:08 -08:00
Stepan Suvorov 2e7727c209 docs(docs-infra): link to angular-pro screencasit (#39472)
PR Close #39472
2020-12-15 14:37:56 -08:00
Andrew Kushnir caa4666335 fix(compiler): avoid duplicate i18n blocks for i18n attrs on elements with structural directives (#40077)
Currently when `ɵɵtemplate` and `ɵɵelement` instructions are generated by compiler, all static attributes are
duplicated for both instructions. As a part of this duplication, i18n translation blocks for static i18n attributes
are generated twice as well, causing duplicate entries in extracted translation files (when Ivy extraction mechanisms
are used). This commit fixes this issue by introducing a cache for i18n translation blocks (for static attributes
only).

Also this commit further aligns `ɵɵtemplate` and `ɵɵelement` instruction attributes, which should help implement
more effective attributes deduplication logic.

Closes #39942.

PR Close #40077
2020-12-15 13:40:09 -08:00
Joey Perrott 245dccc478 build: update config flags for snapshot builds (#40095)
Update the config flags used for snapshot builds and release builds.

PR Close #40095
2020-12-15 13:36:56 -08:00
Joey Perrott c44baa4c5c feat(dev-infra): support --mode flag for building environment stamp (#40095)
When building the environment stamp, support two modes: release and snapshot

The release mode will always stamp using the current version of in the root package.json
and in snapshot mode will use a version stamp expressing a version based on the tag and
the number of commits from the tag.

PR Close #40095
2020-12-15 13:36:56 -08:00
Alan Agius dcb3d176a6 docs: update optimization and source map section (#40037)
With this change we split the optimization and source map
configuration section section into two, improve it overall by adding
theoptions a table and add the new options
(`inlineCritical` and `minify`) that have been introduced in
CLI version 11.1

PR Close #40037
2020-12-15 13:32:28 -08:00
Zach Arend db97453ca0 refactor(compiler-cli): move template parse errors to TemplateData (#40026)
Durring analysis we find template parse errors. This commit changes
where the type checking context stores the parse errors. Previously, we
stored them on the AnalysisOutput this commit changes the errors to be
stored on the TemplateData (which is a property on the shim). That way,
the template parse errors can be grouped by template.

Previously, if a template had a parse error, we poisoned the module and
would not procede to find typecheck errors. This change does not poison
modules whose template have typecheck errors, so that ngtsc can emit
typecheck errors for templates with parse errors.

Additionally, all template diagnostics are produced in the same place.
This allows requesting just the template template diagnostics or just
other types of errors.

PR Close #40026
2020-12-15 13:30:52 -08:00
Zach Arend 9dedb62494 test(compiler-cli): fix i18n error tests (#40026)
Refactors the i18n error tests to be unit tests in ngtsc_spec.ts. There
is two reasons for doing this.

First is that the tests in compliace_old expected an expection to be be
thrown but did not fail the test if no exception was thrown. That means
that this test could miss catching a bug. It is also a big hacky to call
compile directly and expect an exception to be thrown for diagnostics.

Also, this can easily be unit tested and an end-to-end test is not
necessary since we are not making use of the goldfiles for these tests.

It is easier to maintain and less hacky to validate that we get helpful
error messages when nesting i18n sections by calling getDiagnostics
directly.

PR Close #40026
2020-12-15 13:30:52 -08:00
Alex Rickabaugh 973bb403a5 fix(compiler-cli): remove classes in .d.ts files from provider checks (#40118)
This commit temporarily excludes classes declared in .d.ts files from checks
regarding whether providers are actually injectable.

Such classes used to be ignored (on accident) because the
`TypeScriptReflectionHost.getConstructorParameters()` method did not return
constructor parameters from d.ts files, mostly as an oversight. This was
recently fixed, but caused more providers to be exposed to this check, which
created a breakage in g3.

This commit temporarily fixes the breakage by continuing to exclude such
providers from the check, until g3 can be patched.

PR Close #40118
2020-12-14 16:14:25 -08:00
Alex Rickabaugh 2a7443117b feat(language-service): completions for structural directives (#40032)
This comit adds support for autocompletion of attributes that create
structural directives. Such completions differ from those of normal
attributes, as the structural directive syntax creates a synthetic
<ng-template> node which has different attributes from the main element.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh c55bf4a4a3 refactor(compiler-cli): identify structural directives (#40032)
This commit introduces an `isStructural` flag on directive metadata, which
is `true` if the directive injects `TemplateRef` (and thus is at least
theoretically usable as a structural directive). The flag is not used for
anything currently, but will be utilized by the Language Service to offer
better autocompletion results for structural directives.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh cbb6eae4a9 feat(language-service): autocomplete pipe binding expressions (#40032)
This commit adds autocompletion for pipe expressions, built on existing APIs
for checking which pipes are in scope.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh 66378ed0ef feat(language-service): complete attributes on elements (#40032)
This commit adds attribute completion to the Language Service. It completes
from 3 sources:

1. inputs/outputs of directives currently present on the element
2. inputs/outputs/attributes of directives in scope for the element, that
   would become present if the input/output/attribute was added
3. DOM properties and attributes

We distinguish between completion of a property binding (`[foo|]`) and a
completion in an attribute context (`foo|`). For the latter, bindings to
the attribute are offered, as well as a property binding which adds the
square bracket notation.

To determine hypothetical matches (directives which would become present if
a binding is added), directives in scope are scanned and matched against a
hypothetical version of the element which has the attribute.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh c0ab43f3c8 refactor(compiler-cli): introduce APIs to support directive autocompletion (#40032)
This commit adds two new APIs to the `TemplateTypeChecker`:
`getPotentialDomBindings` and `getDirectiveMetadata`. Together, these will
support the Language Service in performing autocompletion of directive
inputs/outputs.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh a543e69497 refactor(compiler-cli): make `TypeCheckingScopeRegistry` a general utility (#40032)
The `annotations` package in the compiler previously contained a registry
which tracks NgModule scopes for template type-checking, including unifying
all type-checking metadata across class inheritance lines.

This commit generalizes this utility and prepares it for use in the
`TemplateTypeChecker` as well, to back APIs used by the language service.

PR Close #40032
2020-12-14 12:08:41 -08:00
Alex Rickabaugh e42250f139 feat(language-service): autocompletion of element tags (#40032)
This commit expands the autocompletion capabilities of the language service
to include element tag names. It presents both DOM elements from the Angular
DOM schema as well as any components (or directives with element selectors)
that are in scope within the template as options for completion.

PR Close #40032
2020-12-14 12:08:40 -08:00
Alex Rickabaugh ccaf48de8f refactor(language-service): add context to template target system (#40032)
This commit extends the template targeting system, which determines the node
being referenced given a template position, to return additional context if
needed about the particular aspect of the node to which the position refers.
For example, a position pointing to an element node may be pointing either
to its tag name or to somewhere in the node body. This is the difference
between `<div|>` and `<div foo | bar>`.

PR Close #40032
2020-12-14 12:08:40 -08:00
Alexey Elin 524d581dfd docs: fix typo (#40106)
PR Close #40106
2020-12-14 11:51:25 -08:00
Zach Arend 19d43af627 fix(dev-infra): add vim .swp files to gitignore (#40094)
The vim editor produces temporarily files that can end in both .swo and
.swp. This commits add .swp to the .gitignore so we don't accidentaly
commit temporary files.

PR Close #40094
2020-12-14 11:39:41 -08:00
George Kalpakas c18a9d5c79 ci: reduce flakiness of docs-infra `deploy-to-firebase.js` tests (#40088)
The `deploy-to-firebase.js` tests rely on git info retrieved from the
`angular/angular` repository (via `git ls-remote ...`).

Previously, different calls to `git ls-remote ...` could return
different values if a new commit was pushed or a new branch was created
during test execution, resulting in errors ([example CI failure][1]).

This commit makes the tests more stable by memoizing the result of
`git ls-remote ...` and returning the same result for subsequent calls
with the same arguments (even if meanwhile the remote has been updated).

[1]: https://circleci.com/gh/angular/angular/877626

PR Close #40088
2020-12-14 11:38:32 -08:00
Alexey Elin 4f4f318d28 docs: remove prefixed animation related CSS properties (#40084)
Angular has stopped to support browser that requires these CSS properties.
All supported browsers support standard CSS properties:
* @keyframes rule
* animation

PR Close #40084
2020-12-14 11:36:48 -08:00
Alexey Elin 1e05109f17 docs: remove unused CSS rule (#40080)
Removed rule don't affect their component views.
The reason - the templates don't contain elements to which that rule is applied.
See https://angular.io/guide/view-encapsulation for more details

PR Close #40080
2020-12-14 11:35:36 -08:00
Andrew Kushnir c977e1b629 test(compiler): use `yarn bazel` instead of `bazel` in error message (#40078)
This commit replaces `bazel` with `yarn bazel` in the error message (that instructs to regenerate golden file)
thrown while executing compliance tests. We use `yarn bazel` in other places (so we use the local version of bazel,
not the global one).

PR Close #40078
2020-12-14 11:34:41 -08:00
Alan Agius 044cd52996 docs: update CLI MAN page format (#40038)
With this change we update the CLI docs template to seperate
the following the default and value types from the argument field.

This should make it clearer and more understandable

PR Close #40038
2020-12-14 11:31:07 -08:00
David Shevitz 3b02e4e26a docs: Rename Main concepts to Understanding Angular, Built-in Features to Developer Guides (#39930)
PR Close #39930
2020-12-14 11:30:21 -08:00
JiaLiPassion 35a1975697 build: update to use npm_package.pack rule (#39636)
Remove the work around solution for the `npm pack`, we can now
use `npm_package.pack` rule of bazel, since the windows os issue
has been fixed here https://github.com/bazelbuild/rules_nodejs/commit/bc36519

PR Close #39636
2020-12-14 11:29:33 -08:00
JiaLiPassion 68cf012f7a build: update bazel rules_nodejs to version 2.3.1 (#39636)
Update the version `rules_nodejs` to 2.3.1, so the `npm_package.pack` rule
can now work on windows os.

PR Close #39636
2020-12-14 11:29:33 -08:00
Alex Rickabaugh 028e4f7f6d fix(language-service): force compileNonExportedClasses: false in LS (#40092)
Projects opened in the LS are often larger in scope than the compilation
units seen by the compiler when actually building. For example, in the LS
it's not uncommon for the project to include both application as well as
test files. This can create issues when the combination of files results
in errors that are not otherwise present - for example, if test files
have inline NgModules that re-declare components (a common Angular pattern).
Such code is valid when compiling the app only (test files are excluded, so
only one declaration is seen by the compiler) or when compiling tests only
(since tests run in JIT mode and are not seen by the AOT compiler), but when
both sets of files are mixed into a single compilation unit, the compiler
sees the double declaration as an error.

This commit attempts to mitigate the problem by forcing the compiler flag
`compileNonExportedClasses` to `false` in a LS context. When tests contain
duplicate declarations, often such declarations are inline in specs and not
exported from the top level, so this flag can be used to greatly improve the
IDE experience.

PR Close #40092
2020-12-14 10:09:21 -08:00
Andrew Scott 2b74a05a65 refactor(compiler-cli): Enable pipe information when checkTypeOfPipes=false (#39555)
When `checkTypeOfPipes` is set to `false`, the configuration is meant to
ignore the signature of the pipe's `transform` method for diagnostics.
However, we still should produce some information about the pipe for the
`TemplateTypeChecker`. This change refactors the returned symbol for
pipes so that it also includes information about the pipe's class
instance as it appears in the TCB.

PR Close #39555
2020-12-11 16:19:15 -08:00
Andrew Scott 6e4e68cb30 refactor(compiler-cli): Add flag to TCB for non-diagnostic requests (#40071)
The TCB utility functions used to find nodes in the TCB are currently
configured to ignore results when an ignore marker is found. However,
these ignore markers are only meant to affect diagnostics requests. The
Language Service may have a need to find nodes with diagnostic ignore
markers. The most common example of this would be finding references for
generic directives. The reference appears to the generic directive's
class appears on the type ctor in the TCB, which is ignored for
diagnostic purposes.
These functions should only skip results when the request is in the
context of a larger request for _diagnostics_. In all other cases, we
should get matches, even if a diagnostic ignore marker is encountered.

PR Close #40071
2020-12-11 13:56:35 -08:00
Andrew Scott 81718769c4 refactor(compiler-cli): rename ignore marker and helpers to be more clear (#40071)
The ignore marker is only used to ignore certain nodes in the TCB for
the purposes of diagnostics. The marker itself has been renamed as well
as the helper function to see if the marker is present. Both now
indicate that the marker is specifically for diagnostics.

PR Close #40071
2020-12-11 13:56:35 -08:00
Alexey Elin b08fd0c18c docs: remove unused CSS rules (#40069)
Removed rules don't affect their component views.
The reason - the templates don't contain elements to which that rules are applied.
See https://angular.io/guide/view-encapsulation for more details

PR Close #40069
2020-12-10 14:30:17 -08:00
Alexey Elin 91fb830c86 docs: remove prefixed border-radius related properties (#40066)
Angular has stopped to support browser that requires these CSS properties.
All supported browsers support standard CSS properties:
* border-radius
* border-bottom-left-radius
* border-bottom-right-radius

PR Close #40066
2020-12-10 14:29:39 -08:00
George Kalpakas fea95059d5 build(docs-infra): upgrade cli command docs sources to f6f0cde41 (#40064)
Updating [angular#master](https://github.com/angular/angular/tree/master) from
[cli-builds#master](https://github.com/angular/cli-builds/tree/master).

##
Relevant changes in
[commit range](416dff296...f6f0cde41):

**Modified**
- help/build.json
- help/e2e.json
- help/extract-i18n.json
- help/serve.json
- help/test.json

PR Close #40064
2020-12-10 14:19:29 -08:00
Amadou Sall 79a42d951e docs: update the link to the TypeScript documentation for strict mode (#40063)
PR Close #40063
2020-12-10 14:16:23 -08:00
Miloš Lapiš 19b9ec8e4b docs(router): Correct equivalent for 'enabled' initial navigation (#40061)
With regard to the code in `router_module.ts`, the correct equivalent for `enabled`
should be` enabledBlocking` and not `enabledNonBlocking`.

PR Close #40061
2020-12-10 14:07:42 -08:00
Jessica Janiuk 3e68b79106 Revert "Revert "ci: update pullapprove config to add comp labels"" (#40059)
This reverts commit c88e8141abb411bd955e29f2670b9e2c204cce1a.

This reverts the revert that undid the doing of the pull approve
approval.

PR Close #40059
2020-12-10 13:51:09 -08:00
Keen Yee Liau 2a386415ce build(language-service): install @angular/language-service in root node_modules (#40058)
https://github.com/angular/vscode-ng-language-service/pull/994 changed the
structure of the vscode-ng-language-service repository to be a monorepo,
so @angular/language-service should be installed in root node_modules.

PR Close #40058
2020-12-10 13:48:04 -08:00
Pete Bacon Darwin 0817758b6a feat(docs-infra): add no upcoming events message (#40055)
This commit adds a message that is displayed instead
of the events table if there are no upcoming events.

Fixes #40052

PR Close #40055
2020-12-10 13:46:32 -08:00
Andrew Scott 973f797ad5 feat(language-service): enable get references for directive and component from template (#40054)
This commit adds the ability to find references for a directive or component
from within a component template. That is, you can find component references
from the element tag `<my-c|omp></my-comp>` (where `|` is the cursor position)
as well as find references for directives that match a given attribute
`<div d|ir></div>`.

PR Close #40054
2020-12-10 13:45:40 -08:00
Andrew Scott 1bf1b685d6 fix(language-service): Prevent matching nodes after finding a keySpan (#40047)
If we've already identified that we are within a `keySpan` of a node, we
exit the visitor logic early. It can be the case that we have two nodes
which technically match a given location when the end span of one node
touches the start of the keySpan for the candidate node. Because
our `isWithin` logic is inclusive on both ends, we can match both nodes.
This change exits the visitor logic once we've identified a node where
the position is within its `keySpan`.

PR Close #40047
2020-12-10 13:44:18 -08:00
Andrew Scott 371a2c82ea refactor(language-service): adjust hybrid visitor to not throw away valid results (#40047)
The visitor has a check in it with the goal of preventing the structural directive
parent elements from matching when we have already found the candidate we want.
However, this code did not check to ensure that it was looking at the correct
type of node for this case and was evaluating this logic in places it shouldn't.
This special check can be more easily done by simply not traversing the
template children if we've already found a candidate on the template
node itself.

PR Close #40047
2020-12-10 13:44:18 -08:00
George Kalpakas b4b21bdff4 fix(upgrade): fix HMR for hybrid applications (#40045)
Previously, trying to apply a change via Hot Module Replacement (HMR) in
a hybrid app would result in an error. This was caused by not having the
AngularJS app destroyed and thus trying to bootstrap an AngularJS app on
the same element twice.

This commit fixes HMR for hybrid apps by ensuring the AngularJS app is
destroyed when the Angular `PlatformRef` is [destroyed][1] in the
[`module.hot.dispose()` callback][2].

NOTE:
For "ngUpgradeLite" apps (i.e. those using `downgradeModule()`), HMR
will only work if the downgraded module has been bootstrapped and there
is at least one Angular component present on the page. The is due to a
combination of two facts:
- The logic for setting up the listener that destroys the AngularJS app
  depends on the downgraded module's `NgModuleRef`, which is only
  available after the module has been bootstrapped.
- The [HMR dispose logic][3] depends on having an Angular element
  (identified by the auto-geenrated `ng-version` attribute) present in
  the DOM in order to retrieve the Angular `PlatformRef`.

[1]:
https://github.com/angular/angular-cli/blob/205ea2b638f154291993bfd9e065cd66ff20503/packages/angular_devkit/build_angular/src/webpack/plugins/hmr/hmr-accept.ts#L75
[2]:
205ea2b638/packages/angular_devkit/build_angular/src/webpack/plugins/hmr/hmr-accept.ts (L31)
[3]:
205ea2b638/packages/angular_devkit/build_angular/src/webpack/plugins/hmr/hmr-accept.ts (L116)

Fixes #39935

PR Close #40045
2020-12-10 13:40:53 -08:00
George Kalpakas d08222157c refactor(upgrade): create a helper for cleaning jqLite/jQuery data (#40045)
This commit moves the code for cleaning jqLite/jQuery data on an element
to a re-usable helper function. This way it is easier to keep the code
consistent across all places where we need to clean data (now and in the
future).

PR Close #40045
2020-12-10 13:40:53 -08:00
George Kalpakas 61376d5a6e refactor(upgrade): remove unused variables (#40045)
This commit removes a couple of unused variables.

PR Close #40045
2020-12-10 13:40:53 -08:00
Alexey Elin 76e3de253c docs: remove -webkit-box-sizing and -moz-box-sizing (#40039)
Angular has stopped to support browser that requires these CSS properties.
All supported browsers support standard box-sizing CSS property

PR Close #40039
2020-12-10 13:38:19 -08:00
JoostK 1f73af77a7 refactor(compiler-cli): use `ngDevMode` guard for `setClassMetadata` call (#39987)
Prior to this change, the `setClassMetadata` call would be invoked
inside of an IIFE that was marked as pure. This allows the call to be
tree-shaken away in production builds, as the `setClassMetadata` call
is only present to make the original class metadata available to the
testing infrastructure. The pure marker is problematic, though, as the
`setClassMetadata` call does in fact have the side-effect of assigning
the metadata into class properties. This has worked under the assumption
that only build optimization tools perform tree-shaking, however modern
bundlers are also able to elide calls that have been marked pure so this
assumption does no longer hold. Instead, an `ngDevMode` guard is used
which still allows the call to be elided but only by tooling that is
configured to consider `ngDevMode` as constant `false` value.

PR Close #39987
2020-12-10 13:23:13 -08:00
Teri Glover 85b07adc67 docs: add Teri Glover to contributor file (#39830)
PR Close #39830
2020-12-10 13:22:16 -08:00
Andrew Scott 112324a614 feat(router): add `relativeTo` as an input to `routerLink` (#39720)
Allow configuration of `relativeTo` in the `routerLink` directive. This
is related to the clearing of auxiliary routes, where you need to use
`relativeTo: route.parent` in order to clear it from the activated
auxiliary component itself. This is because `relativeTo: route` will
consume the segment that we're trying to clear, so there is really no
way to do this with routerLink at the moment.

Related issue: #13523
Related (internal link): https://yaqs.corp.google.com/eng/q/5999443644645376

PR Close #39720
2020-12-10 11:21:00 -08:00
Kristiyan Kostadinov dc6d40e5bc fix(compiler): handle strings inside bindings that contain binding characters (#39826)
Currently the compiler treats something like `{{  '{{a}}' }}` as a nested
binding and throws an error, because it doesn't account for quotes
when it looks for binding characters. These changes add a bit of
logic to skip over text inside quotes when parsing.

Fixes #39601.

PR Close #39826
2020-12-10 11:11:21 -08:00