Vendorize prism instead of a gem

The prism-rails gem is sparsley updated and includes a version of prism from 2017; prism has been updated a number of times since then. Additionally and more importantly, it locks the rails version at "< 6", which is not good if you're trying to upgrade to Rails 6 Vendorizing rather than using from CDN helps us avoid potential for exfiltrating cookie data if we were to (see https://www.troyhunt.com/the-javascript-supply-chain-paradox-sri-csp-and-trust-in-third-party-libraries/). Also allows for offline development. also: change block languages from 'language-ruby' to 'language-erb' to make the syntax highlighting more correct Fixes #106 Signed-off-by: Christa Hartsock <[email protected]> Co-authored-by: Christa Hartsock <[email protected]>
codeforamerica · Nov 4, 2019 · 0594705 · 0594705
1 parent 88567a8
commit 0594705
Show file tree

Hide file tree

Showing 6 changed files with 155 additions and 9 deletions.
diff --git a/Gemfile.lock b/Gemfile.lock
@@ -6,7 +6,6 @@ PATH
       bourbon
       jquery-rails
       neat (~> 1.8.0)
-      prism-rails
 
 GEM
   remote: https://rubygems.org/
@@ -144,8 +143,6 @@ GEM
       ast (~> 2.4.0)
     percy-capybara (4.0.0.pre.beta2)
     powerpack (0.1.2)
-    prism-rails (1.6.0.3)
-      railties (>= 4.2, < 6)
     pry (0.11.3)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)

diff --git a/app/helpers/cfa/styleguide/pages_helper.rb b/app/helpers/cfa/styleguide/pages_helper.rb
@@ -16,8 +16,8 @@ def styleguide_example_code(partial_path)
         partial_contents = File.open(filepath, "r", &:read)
 
         content_tag(:div, class: "pattern__code") do
-          content_tag(:pre, class: "language-ruby language-markup") do
-            content_tag(:code, class: "language-ruby") do
+          content_tag(:pre) do
+            content_tag(:code, class: "language-erb") do
               partial_contents
             end
           end

diff --git a/cfa-styleguide.gemspec b/cfa-styleguide.gemspec
@@ -36,7 +36,6 @@ Gem::Specification.new do |spec|
   spec.add_runtime_dependency "bourbon"
   spec.add_runtime_dependency "jquery-rails"
   spec.add_runtime_dependency "neat", "~> 1.8.0"
-  spec.add_runtime_dependency "prism-rails"
   spec.add_development_dependency "axe-matchers", "~> 2.2"
   spec.add_development_dependency "bundler", "~> 1.16"
   spec.add_development_dependency "capybara"

diff --git a/lib/cfa/styleguide/engine.rb b/lib/cfa/styleguide/engine.rb
@@ -1,16 +1,14 @@
 module Cfa
   module Styleguide
     class Engine < ::Rails::Engine
-      require "prism-rails"
-
       isolate_namespace Cfa::Styleguide
 
       initializer "cfa-styleguide.assets.precompile" do |app|
         app.config.assets.precompile += %w(
           cfa_styleguide_main.css
           cfa_styleguide_main.js
-          prism.js
           prism.css
+          prism.js
         )
       end
 

diff --git a/vendor/assets/javascripts/prism.js b/vendor/assets/javascripts/prism.js