[D8] Icon Select

There are some errors reported by automated review tools, did you already check them? See http://pareview.sh/pareview/httpsgitdrupalorgprojecticon_selectgit

We are currently quite busy with all the project applications and we prefer projects with a review bonus. Please help reviewing and put yourself on the high priority list, then we will take a look at your project right away :-)

Also, you should get your friends, colleagues or other community members involved to review this application. Let them go through the review checklist and post a comment that sets this issue to "needs work" (they found some problems with the project) or "reviewed & tested by the community" (they found no major flaws).

I'm a robot and this is an automated message from Project Applications Scraper.

Hi ayalon,

Kindly see the automated review of your project as its showing some errors.

Link: https://pareview.sh/node/1897

Hello,

there's one more little thing to do:

FILE: ...w_temp/src/Plugin/Field/FieldWidget/IconSelectFieldWidgetDefault.php
--------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
--------------------------------------------------------------------------
12 | ERROR | [x] There must be one blank line after the last USE
| | statement; 2 found;
--------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY

This was checked by Coder Sniffer.

Thank you

Hi ayalon,

Automated Review

[Best practice issues identified by pareview.sh]

Manual Review

Individual user account
[Yes: Follows] the guidelines for individual user accounts.

No duplication
[Yes: Does not cause] module duplication and/or fragmentation.

Master Branch
[Yes: Follows] the guidelines for master branch.

Licensing
[Yes: Follows] the licensing requirements.

3rd party assets/code
[Yes: Follows] the guidelines for 3rd party assets/code.

README.txt/README.md
[Yes: Follows] the guidelines for in-project documentation and/or the README Template.

Code long/complex enough for review
[Yes: Follows] the guidelines for project length and complexity.

Secure code
[No: List of security issues identified.]

If added, please don't remove the security tag, we keep that for statistics and to show examples of security problems.

Thank you for your contribution!

Please don't set the status to Reviewed & tested by the community. That is the task of the reviewers, not the users who do the application.

namespace Drupal\icon_select\Helper;

/**
 * Plugin implementation of the icon_select_widget default input widget.
 *
 * @FieldWidget(
 *   id = "icon_select_widget_default",
 *   module = "icon_select",
 *   label = @Translation("Icon Select"),
 *   field_types = {
 *     "entity_reference"
 *   }
 * )
 */
class SvgSpriteGenerator {
}

That is not a field widget implementation. The annotation is correct, but the class implementation is wrong. Field Widget API describes exactly how a field widget is implemented.

I take the document comment before the SvgSpriteGenerator class was copy-pasted from another class, so that is just a copy-paste error which should still be fixed. Annotating the wrong class is probably confusing Drupal.

I don't see any code that sanitizes the SVG file before outputting it. See the code used from the \enshrined\svgSanitize\Sanitizer class, for example. The module should use that class or a similar one.

(There have been already a similar issue with another module outputting a SVG file, where not sanitizing the SVG file before outputting was considered a security issue.)

Since the only issues I found have been fixed, this application is RTBC, for me.