This module overrides image templates and provides preprocessing to standardize use of the HTML <picture> tag, as opposed to standalone <img> tags. It steps into preprocessing late in the process, so that code and developers who assume/are used to having just an <img> tag still have standard markup to work with. Attributes are parceled out to either the <picture> or <img> tag using a configurable + partially hardcoded list of attributes that should go on the <img> tag, with everything left over going to the <picture>.

It also has some optional integrations with other modules such as WebP (automatic webp source for non-responsive images) and SVG Image Field (also wrapping those <img> tags as well).

Project link

https://www.drupal.org/project/picture_everywhere

Comments

bvoynick created an issue. See original summary.

avpaderno’s picture

Issue summary: View changes

Thank you for applying!

Please read Review process for security advisory coverage: What to expect for more details and Security advisory coverage application checklist to understand what reviewers look for. Tips for ensuring a smooth review gives some hints for a smother review.

The important notes are the following.

  • If you have not done it yet, you should run phpcs --standard=Drupal,DrupalPractice on the project, which alone fixes most of what reviewers would report.
  • For the time this application is open, only your commits are allowed.
  • The purpose of this application is giving you a new drupal.org role that allows you to opt projects into security advisory coverage, either projects you already created, or projects you will create. The project status won't be changed by this application and no other user will be able to opt projects into security advisory policy.
  • We only accept an application per user. If you change your mind about the project to use for this application, please update the issue summary to give the link to the correct project link and the issue title to contain that project name.

To the reviewers

Please read How to review security advisory coverage applications, What to cover in an application review, and Drupal.org security advisory coverage application workflow.
Reviewers only describe what needs to be changed; they don't provide patches to fix what reported in a review.

vishal.kadam’s picture

1. Fix PHPCS issues. You can use the PHPCS tool for checking and resolving issues.

phpcs --standard=Drupal,DrupalPractice --extensions=php,module,inc,install,test,profile,theme,css,info,txt,md,yml picture_everywhere/

FILE: picture_everywhere/picture_everywhere.module
--------------------------------------------------------------------------------
FOUND 3 ERRORS AFFECTING 3 LINES
--------------------------------------------------------------------------------
 32 | ERROR | The array declaration extends to column 98 (the limit is 80). The array content should be split up over multiple lines
 46 | ERROR | The array declaration extends to column 113 (the limit is 80). The array content should be split up over multiple lines
 56 | ERROR | The array declaration extends to column 82 (the limit is 80). The array content should be split up over multiple lines
--------------------------------------------------------------------------------


FILE: picture_everywhere/src/Form/SettingsForm.php
--------------------------------------------------------------------------------
FOUND 4 ERRORS AFFECTING 4 LINES
--------------------------------------------------------------------------------
  29 | ERROR | Missing @var tag in member variable comment
  34 | ERROR | Missing @var tag in member variable comment
 158 | ERROR | The array declaration extends to column 86 (the limit is 80). The array content should be split up over multiple lines
 232 | ERROR | The array declaration extends to column 86 (the limit is 80). The array content should be split up over multiple lines
--------------------------------------------------------------------------------


FILE: picture_everywhere/src/Preprocess.php
--------------------------------------------------------------------------------
FOUND 1 ERROR AND 1 WARNING AFFECTING 2 LINES
--------------------------------------------------------------------------------
  96 | WARNING | [ ] Line exceeds 80 characters; contains 85 characters
 119 | ERROR   | [x] TRUE, FALSE and NULL must be uppercase; expected "NULL" but found "null"
--------------------------------------------------------------------------------
PHPCBF CAN FIX THE 1 MARKED SNIFF VIOLATIONS AUTOMATICALLY
--------------------------------------------------------------------------------

2. FILE: picture_everywhere.info.yml
- remove commented code

# test_dependencies:
#   - webp:webp

- Drupal 10 requires at least PHP 8.1. PHP 8.1.6 is recommended. PHP version requirement needs to be updated accordingly.

php: 8.0

vishal.kadam’s picture

Status: Needs review » Needs work
bvoynick’s picture

Status: Needs work » Needs review

Changes are committed to the 1.0.x branch.

1. Lines over 80: Okay, I've disabled the custom line limits in the module's phpcs.xml.dist, and linted for the resulting column 80 issues.

I'm not seeing the other errors shown in #3. Make sure you're using the latest drupal/coder, version 8.3.17 or newer. For instance, #3123282 recently changed docblock standards so that an @var tag is not required if the property already has a type declaration in PHP itself.

2. Commented properties: okay, removed.

PHP requirement: the module supports Drupal 9.4.x or later. (This can be checked in the core_version_requirement property.) Drupal 9.x itself only outright requires PHP 7.3, though I think the messaging lately is that at least 8.0 is "strong recommended" for 9's latest minor versions. If and when the module drops Drupal 9 support the PHP version requirement could indeed be increased, or possibly removed.

vishal.kadam’s picture

@bvoynick,

I have reviewed the changes, and they look fine to me.

Let’s wait for other reviewers to take a look and if everything goes fine, you will get the role.

Thanks

avpaderno’s picture

Status: Needs review » Reviewed & tested by the community
    foreach ($allowed_img_tags as $allowed_img_tag) {
      if (!preg_match('/^[^\t\n\f \/<>"\'=]+$/', $allowed_img_tag)) {
        $form_state->setErrorByName('output][img_tag_attributes', '"' . $allowed_img_tag . '" is not a valid HTML attribute.');
      }
    }

The second parameter passed to setErrorByName() needs to be a translatable string.

avpaderno’s picture

Status: Reviewed & tested by the community » Fixed

Thank you for your contribution! I am going to update your account.

These are some recommended readings to help with excellent maintainership:

You can find more contributors chatting on the Slack #contribute channel. So, come hang out and stay involved.
Thank you, also, for your patience with the review process.
Anyone is welcome to participate in the review process. Please consider reviewing other projects that are pending review. I encourage you to learn more about that process and join the group of reviewers.

I thank all the reviewers.

bvoynick’s picture

Thanks folks!

And thanks for pointing out that untranslated string.

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

avpaderno’s picture

Assigned: Unassigned » avpaderno
avpaderno’s picture