Bundled types are not as well typed as DT types #713
Comments
|
For what purpose is this project supplying types anyway? They aren't close to accurate with reality, so instead of having wrong type support, it's better to have no type support and have the users supply their own types ( |
|
It's better to have the types maintained within the package otherwise when updates happen there can be a delay before the DT types pick up on the changes. |
|
Hey all, we bundle types because another project had problems without, they are auto-generated here: https://github.com/cure53/DOMPurify/blob/main/package.json#L19 If anyone has an idea how to generate more precise type definitions so we satisfy both the needs of the other projects and the ones that seem to have issues with 2.3.12, I'd be more than happy to update our code. However, currently it's a bit of a game of whack-a-mole, so unsure how to address this current issue. |
|
Options:
|
Thanks, this one sounds most practical. So, to address the issue, we would essentially add the following to /**
* [...]
*
* @returns { TrustedHTML | string | DocumentFragment | HTMLElement}
**/ |
|
This will still break most code, arguably more than // Previously inferred as string because we're not passing any cfg
const sanitized = dompurify.sanitize('my input');
// "TrustedHTML has no child 'split'"
sanitized.split(' ');Of course the workaround is to specify that it will be string manually, but this still means breakage on a patch version. |
|
Also ran into this issue this morning as well as the From experience, converting to TS is best though it's not without initial investment. You could cut down the time by only defining types initially for public APIs and use |
|
Then I am frankly clueless how to fix this issue without stepping on anyone's foot. I won't take any further action here unless getting some input on a viable path forward. |
|
@swensorm, this was what I was suggesting as option 3. It's what I would do to. Just declare proper types for function arguments and return values at the start. But I think you can accomplish the same thing with the jsdocs approach. I haven't tried it myself. |
|
Hm, I think it makes more sense to remove the auto-generated files again and simply direct folks to DefinitelyTyped right away. This appears to cause too much hassle overall and cannot easily be automated as far as I tell for now. |
|
Closing this for now, latest release (2.4.0 as this might break for people who worked around the types issue) no longer uses bundled types. |
|
If the issue is not being able to use the JSDoc approach, I think the key thing is that you need to provide function overloads: https://austingil.com/typescript-function-overloads-with-jsdoc/ As a note WRT verifying types if you really want to use jsdoc and not typescript, typescript does let you do incremental type checking with jsdoc annotations: https://www.typescriptlang.org/docs/handbook/intro-to-js-ts.html |
Background & Context
The
@types/dompurifytypes has multiple signatures forsanitize()so that it can ensure what type the function returns. The new bundled type makessanitize()only returnsany, which can cause type issues when you're trying to avoid implicit any.Bug
Updating to 2.3.12 causes errors because variables that was previously inferred to be
string, because of the@types/dompurifysignatures.Input
N/a
Given output
N/a
Expected output
N/a
Feature
The bundled types should also specify multiple signatures to help typescript figure out what type the returned value is.
It seems like having multiple signatures with JSDoc is somewhat complicated.
This is related to #712 but is a separate issue and is not fixed by the .12 patch
The text was updated successfully, but these errors were encountered: