Skip to content

Migration to Lit Element #886

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 31 commits into
base: main
Choose a base branch
from
Draft

Migration to Lit Element #886

wants to merge 31 commits into from

Conversation

@nd0ut
Copy link
Member

@nd0ut nd0ut commented Nov 13, 2025

Description

Checklist

@coderabbitai
Copy link
Contributor

coderabbitai bot commented Nov 13, 2025
edited
Loading

Important

Review skipped

Draft detected.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch feat/lit-element

Comment @coderabbitai help to get the list of available commands and usage tips.

@nd0ut nd0ut force-pushed the feat/lit-element branch 4 times, most recently from 86c7992 to b8d08f8 Compare December 1, 2025 22:55
@nd0ut nd0ut force-pushed the feat/lit-element branch 2 times, most recently from bb4bcc6 to 35d0ec5 Compare December 3, 2025 23:25
@nd0ut nd0ut changed the title WIP Migration to Lit Element Dec 3, 2025
@nd0ut nd0ut changed the base branch from feat/symbiote-v2-again to main December 3, 2025 23:38
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 3, 2025
View reviewed changes
src/blocks/SourceList/SourceList.ts
if (srcName === 'instagram') {
console.error(
"Instagram source was removed because the Instagram Basic Display API hasn't been available since December 4, 2024. " +
'Official statement, see here:' +

Check warning

Code scanning / CodeQL

Missing space in string concatenation Warning

This string appears to be missing a space after 'here:'.

Copilot Autofix

AI 1 day ago

To fix the problem, we need to ensure that there is a space between "Official statement, see here:" and the URL that follows. This can be done by appending a space at the end of the string literal on line 45 ('Official statement, see here: '), or, less commonly, at the beginning of the next line. The most idiomatic way is to add the space at the end of the line that completes the phrase before the URL, which is line 45.

No other code changes, imports, or definition changes are needed.

Suggested changeset 1
src/blocks/SourceList/SourceList.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/blocks/SourceList/SourceList.ts b/src/blocks/SourceList/SourceList.ts
--- a/src/blocks/SourceList/SourceList.ts
+++ b/src/blocks/SourceList/SourceList.ts
@@ -42,7 +42,7 @@
       if (srcName === 'instagram') {
         console.error(
           "Instagram source was removed because the Instagram Basic Display API hasn't been available since December 4, 2024. " +
-            'Official statement, see here:' +
+            'Official statement, see here: ' +
             'https://developers.facebook.com/blog/post/2024/09/04/update-on-instagram-basic-display-api/?locale=en_US',
         );
         continue;
EOF
@@ -42,7 +42,7 @@
if (srcName === 'instagram') {
console.error(
"Instagram source was removed because the Instagram Basic Display API hasn't been available since December 4, 2024. " +
'Official statement, see here:' +
'Official statement, see here: ' +
'https://developers.facebook.com/blog/post/2024/09/04/update-on-instagram-basic-display-api/?locale=en_US',
);
continue;
Copilot is powered by AI and may make mistakes. Always verify output.
nd0ut added 17 commits December 4, 2025 17:52
@nd0ut
feat(lit): add core Lit infrastructure and compatibility mixins
7f3993c 
- Add SymbioteCompatMixin for Symbiote.js compatibility layer
- Add LightDomMixin for light DOM rendering support
- Add CssDataMixin for CSS custom properties support
- Add RegisterableElementMixin for custom element registration
- Add parseCssPropertyValue utility for CSS property parsing
- Add Constructor type helper
@nd0ut
feat(lit): add LitBlock, LitActivityBlock, and LitUploaderBlock base …
6a08b82 
…classes

- Add LitBlock as the base class for all Lit-based blocks
- Add LitActivityBlock for activity-based UI components
- Add LitUploaderBlock with file upload management capabilities
- Add LitSolutionBlock for solution wrapper components
- Add TestModeController for test mode handling
@nd0ut
chore: remove deprecated Block.ts and old processors
3a1de48 
- Remove Block.ts (replaced by LitBlock)
- Remove ActivityBlock.ts (replaced by LitActivityBlock)
- Remove UploaderBlock.ts (replaced by LitUploaderBlock)
- Remove SolutionBlock.ts (replaced by LitSolutionBlock)
- Remove l10nProcessor.ts (l10n now handled in Lit templates)
- Remove testModeProcessor.ts (replaced by TestModeController)
- Remove bindCompatibilityFallbackProcessor.ts
- Remove Range component (unused)
@nd0ut
refactor(blocks): migrate core uploader blocks to Lit
02dd5f5 
- Migrate CameraSource to Lit with reactive properties
- Migrate ExternalSource to Lit
- Migrate FileItem to Lit with improved rendering
- Migrate UploadList to Lit
- Migrate Modal to Lit
- Migrate DropArea to Lit
- Migrate SimpleBtn, SourceBtn, SourceList to Lit
- Migrate Thumb to Lit with async image loading
- Migrate ProgressBar, ProgressBarCommon to Lit
- Migrate UrlSource to Lit
- Migrate Select, Spinner, ActivityHeader, Config
- Migrate StartFrom, Copyright, Icon, FormInput
- Migrate UploadCtxProvider and EventEmitter
@nd0ut
refactor(cloud-image-editor): migrate editor components to Lit
5dfb7b5 
- Migrate CloudImageEditorBlock to Lit
- Migrate EditorToolbar with Lit templating
- Migrate EditorFilterControl, EditorOperationControl
- Migrate EditorSlider, EditorImageCropper, EditorImageFader
- Migrate CropFrame with reactive properties
- Migrate UI elements: BtnUi, SliderUi, LineLoaderUi, PresenceToggle
- Migrate EditorAspectRatioButtonControl, EditorCropButtonControl
- Migrate EditorButtonControl, EditorScroller
- Remove deprecated template.ts
@nd0ut
refactor(cloud-image-editor): migrate CloudImageEditorActivity to Lit
f1e671f
@nd0ut
refactor(solutions): migrate file uploader solutions to Lit
78a53ad 
- Migrate FileUploaderInline to Lit
- Migrate FileUploaderMinimal to Lit
- Migrate FileUploaderRegular to Lit
@nd0ut
refactor(img): rewrite uc-img components to TypeScript
f8fda71 
- Convert Img.js to Img.ts
- Convert ImgBase.js to ImgBase.ts with proper typing
- Convert ImgConfig.js to ImgConfig.ts
- Add demo/img.html demo page
@nd0ut
chore(locales): convert locale files from JS to TS
5942e62 
- Rename all locale files from .js to .ts
@nd0ut
refactor(abstract): update managers and utilities for Lit compatibility
fb9edc4 
- Update CTX for Lit integration
- Update TypedData change detection
- Update UploaderPublicApi for Lit components
- Update LocaleManager for Lit template binding
- Update ModalManager, SecureUploadsManager, TelemetryManager
- Update ValidationManager
- Update a11y utilities
- Update WindowHeightTracker
@nd0ut
refactor: update exports and imports for Lit migration
f9c7b88 
- Update src/index.ts with new Lit-based exports
- Update adaptive-image solution imports
@nd0ut
chore: update dependencies and build config for Lit
9ec4799 
- Add Lit dependencies to package.json
- Update biome.json configuration
- Update tsconfig files for TypeScript locale files
- Update vite.config.js
@nd0ut
test: update test files for Lit migration
53c6dc7 
- Update e2e tests for Lit-based components
- Update test utilities
- Update test-locales script for .ts locale files
@nd0ut
chore(demo): update demo files for Lit migration
74f1718 
- Update cloud-image-editor.html demo
- Update locales.html demo
- Update raw-regular.html demo
- Update validators.html demo
@nd0ut
chore: fix missed dep while rebasing
26edd3d
@nd0ut
chore: remove lit bundle
d1e95f6
@nd0ut
chore(modal): expose dialog ref to ancestors
78403ab
nd0ut added 3 commits December 4, 2025 18:12
@nd0ut
chore(demo): replace real public key with demopublickey
faf9669
@nd0ut
chore: apply linting fixes and remove unused imports
3e0db58 
- Update biome.json schema version and add unused import/variable rules
- Remove unused imports from Config.ts, computed-properties.ts, Select.ts
- Fix unused catch variable in ImgBase.ts
- Fix CSS grid-gap to gap in camera-source.css
- Apply formatting fixes to demo HTML files
@nd0ut
chore(demo): reorganize demo pages and add bundle demos
a463157 
- Reorganize demos into folders: solutions/, bundles/, features/, external-sources/
- Add new bundle demos that import from pre-built web/ directory
- Add Lit Element based demo index with search and folder navigation
- Add debug, quality-insights=false, and test-mode to all demo configs
- Rename files to be more descriptive (e.g. raw-regular -> regular)
github-advanced-security[bot]
github-advanced-security bot found potential problems Dec 4, 2025
View reviewed changes
demo/features/locales.html
Comment on lines +68 to +72
document.querySelector('#container').innerHTML = /* html */ `
<uc-file-uploader-${mode}
ctx-name="my-uploader"
></uc-file-uploader-${mode}>
`;

Check failure

Code scanning / CodeQL

DOM text reinterpreted as HTML High

DOM text
Loading
is reinterpreted as HTML without escaping meta-characters.

Copilot Autofix

AI about 21 hours ago

To fix the vulnerability, we need to prevent untrusted values (such as mode) from being interpreted as HTML – especially interpolated directly into tag names as in <uc-file-uploader-${mode}>. The safest approach is to validate the incoming value against an allowlist of expected options before using it. In this case, accept only known good values: 'regular', 'inline', and 'minimal'. If the value is not one of these expected modes, do not update the DOM, or fall back to a safe default.

Changes:

  • In the event listener for input[name=mode], before invoking setMode(mode), check whether mode matches one of the accepted strings.
  • Only call setMode(mode) if it's valid; otherwise, ignore the action.

No external libraries are necessary; a simple check within the code block suffices.

Suggested changeset 1
demo/features/locales.html

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/demo/features/locales.html b/demo/features/locales.html
--- a/demo/features/locales.html
+++ b/demo/features/locales.html
@@ -89,7 +89,10 @@
       el.addEventListener('change', (e) => {
         if (e.target.checked) {
           const mode = e.target.value;
-          setMode(mode);
+          // Only allow known safe modes to prevent XSS attacks
+          if (['regular', 'inline', 'minimal'].includes(mode)) {
+            setMode(mode);
+          }
         }
       });
     });
EOF
@@ -89,7 +89,10 @@
el.addEventListener('change', (e) => {
if (e.target.checked) {
const mode = e.target.value;
setMode(mode);
// Only allow known safe modes to prevent XSS attacks
if (['regular', 'inline', 'minimal'].includes(mode)) {
setMode(mode);
}
}
});
});
Copilot is powered by AI and may make mistakes. Always verify output.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Awaiting requested review from Copilot Copilot will automatically review once the pull request is marked ready for review

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@nd0ut