Also fix various variable names to consistently indicate which strings
contain HTML.
Some of these changes close cross-site scripting vulnerabilities, and
others are for consistency. It’s important to be meticulously
consistent about escaping so that changes that would introduce
vulnerabilities stand out as obviously wrong.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
And enable the import/unambiguous ESLint rule as a check on our
partition between scripts and modules. After this commit, if you add
a new file and get this error:
✖ 1:1 This module could be parsed as a valid script. import/unambiguous
* For a module, add an `import` or `export` declaration to make the
file unambiguously a module (the empty `export {};` declaration
suffices).
* For a script, add the file to the xo overrides section of
package.json that marks it "sourceType": "script", and add a 'use
strict' declaration.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
The changes are mostly done via `xo --fix`; the other changes are
either trivial or disabling new linter rules that we plan to address
in future commits.
Using `import * as` import syntax causes some problem if the
module exports a class or function. Because the whole point of
star import is to import every property the module exports. It turns
out we have been using it incorrectly in many places which this commit
fixes.
Then we fix a linting error by adding a eslint disable rule to solve
it along with a TODO because the way we currently do it is wrong.
Finally, to conclude this cleanup, we merge all the .gitignore paths
into once now that we can.
