4.0.7

* patch(fix-89): fixes missing merge buttons

* 4.0.6

.gitignore

@@ -1,3 +1,4 @@
 /node_modules
 /lib
 mergely-*.tgz
+package-lock.json

CHANGES.md

@@ -1,5 +1,20 @@
 # Changes
 
+## 4.0.7
+* chore: updated documentation
+
+## 4.0.6
+
+* #89: fixes missing merge buttons
+
+## 4.0.5
+
+* #85: fixes XSS vulnerability with DOM id
+
+## 4.0.2
+
+* #83: fixes poor rendering performance
+
 ## 4.0.0
 
 ### Breaking changes

README.md

@@ -9,6 +9,9 @@ Mergely is a javascript component to diff/merge files interactively in a browser
 ### Installation via webpack
 The recommended way to install mergely is to use npm and [webpack](https://webpack.js.org/) to install mergely and its dependencies.  It is highly recommended that you start by cloning [mergely-webpack](https://github.com/wickedest/mergely-webpack).  It has everything that you need to get started.
 
+### Angular 6.1.1
+You can also use mergely within angular.  You can start by cloning [mergely-angular](https://github.com/wickedest/mergely-angular).
+
 ### Installation via .tgz
 
 Unpack mergely.tgz into a folder, e.g. `./lib`, and then add the following to the `<head>` of your target html source file.
@@ -46,9 +49,6 @@ The following example can be used to set the `lhs` and `rhs` editors synchronous
 
 ```js
 $(document).ready(function () {
-    // initialize mergely
-    $('#mergely').mergely();
-
     // set editor content
     $('#mergely').mergely({
         lhs: function(setValue) {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "mergely",
-  "version": "4.0.4",
+  "version": "4.0.7",
   "description": "A javascript UI for diff/merge",
   "directories": {
     "doc": "doc",

src/mergely.js

@@ -461,11 +461,11 @@ jQuery.extend(Mgly.CodeMirrorDiffView.prototype, {
 			lineNumbers: this.settings.line_numbers
 		};
 		var lhs_gutters = [];
-		if (this.lhs_cmsettings.line_numbers) {
+		if (this.lhs_cmsettings.lineNumbers) {
 			lhs_gutters = ['merge', 'CodeMirror-linenumbers']
 		}
 		var rhs_gutters = [];
-		if (this.rhs_cmsettings.line_numbers) {
+		if (this.rhs_cmsettings.lineNumbers) {
 			rhs_gutters = ['merge', 'CodeMirror-linenumbers']
 		}
 		jQuery.extend(true, this.lhs_cmsettings, this.settings.cmsettings, { gutters: lhs_gutters }, this.settings);
@@ -659,6 +659,13 @@ jQuery.extend(Mgly.CodeMirrorDiffView.prototype, {
 	bind: function(el) {
 		this.element.hide();
 		this.id = jQuery(el).attr('id');
+		try {
+			// ensure the id is valid for jQuery
+			jQuery(`#${this.id}`);
+		} catch (ex) {
+			console.error(`jQuery failed to find mergely: #${this.id}`);
+			return;
+		}
 		this.changed_timeout = null;
 		this.chfns = {};
 		this.chfns[this.id + '-lhs'] = [];
@@ -676,7 +683,7 @@ jQuery.extend(Mgly.CodeMirrorDiffView.prototype, {
 		}
 		else {
 			// homebrew
-			var style = 'opacity:0.4;width:10px;height:15px;background-color:#888;cursor:pointer;text-align:center;color:#eee;border:1px solid #222;margin-right:5px;margin-top: -2px;';
+			var style = 'opacity:0.6;height:16px;background-color:#bfbfbf;cursor:pointer;text-align:center;color:#eee;border:1px solid #848484;margin-right:5px;margin-top:-2px;';
 			merge_lhs_button = '<div style="' + style + '" title="Merge left">&lt;</div>';
 			merge_rhs_button = '<div style="' + style + '" title="Merge right">&gt;</div>';
 		}
@@ -749,32 +756,42 @@ jQuery.extend(Mgly.CodeMirrorDiffView.prototype, {
 			});
 		}
 
+		// check initialization
+		var rhstx;
+		try {
+			rhstx = this.element.find(`#${this.id}-rhs`).get(0);
+		} catch (ex) {
+		}
+		if (!rhstx) {
+			console.error('rhs textarea not defined - Mergely not initialized properly');
+			return;
+		}
+		var lhstx;
+		try {
+			lhstx = this.element.find(`#${this.id}-lhs`).get(0);
+		} catch (ex) {
+		}
+		if (!lhstx) {
+			console.error('lhs textarea not defined - Mergely not initialized properly');
+			return;
+		}
+
 		// get current diff border color
 		var color = jQuery('<div style="display:none" class="mergely current start" />').appendTo('body').css('border-top-color');
 		this.current_diff_color = color;
 
 		// codemirror
-		var cmstyle = '#' + this.id + ' .CodeMirror-gutter-text { padding: 5px 0 0 0; }' +
-			'#' + this.id + ' .CodeMirror-lines pre, ' + '#' + this.id + ' .CodeMirror-gutter-text pre { line-height: 18px; }' +
-			'.CodeMirror-linewidget { overflow: hidden; };';
+		var cmstyle = `#${this.id} .CodeMirror-gutter-text { padding: 5px 0 0 0; }
+			'#${this.id} .CodeMirror-lines pre, #${this.id} .CodeMirror-gutter-text pre { line-height: 18px; }
+			'.CodeMirror-linewidget { overflow: hidden; };`;
 		if (this.settings.autoresize) {
-			cmstyle += this.id + ' .CodeMirror-scroll { height: 100%; overflow: auto; }';
+			cmstyle += `${this.id} .CodeMirror-scroll { height: 100%; overflow: auto; }`;
 		}
 		// adjust the margin line height
 		cmstyle += '\n.CodeMirror { line-height: 18px; }';
-		jQuery('<style type="text/css">' + cmstyle + '</style>').appendTo('head');
+		jQuery(`<style type="text/css">${cmstyle}</style>`).appendTo('head');
 
-		//bind
-		var rhstx = this.element.find('#' + this.id + '-rhs').get(0);
-		if (!rhstx) {
-			console.error('rhs textarea not defined - Mergely not initialized properly');
-			return;
-		}
-		var lhstx = this.element.find('#' + this.id + '-lhs').get(0);
-		if (!rhstx) {
-			console.error('lhs textarea not defined - Mergely not initialized properly');
-			return;
-		}
+		// bind
 		var self = this;
 		this.editor = [];
 		this.editor[this.id + '-lhs'] = CodeMirror.fromTextArea(lhstx, this.lhs_cmsettings);

tests/mergely.spec.js

@@ -20,9 +20,10 @@ describe('mergely', function () {
 	};
 
 	afterEach(() => {
-		$('#mergely').mergely('unbind');
-		$('#mergely').mergelyUnregister();
-		$('#mergely').remove();
+		const mergely = $('#mergely');
+		mergely.mergely('unbind');
+		mergely.mergelyUnregister();
+		mergely.remove();
 	});
 
 	describe('initialization', () => {
@@ -401,6 +402,7 @@ describe('mergely', function () {
 						for (let i = 0; i < opt.next; ++i) {
 							$('#mergely').mergely('scrollToDiff', 'next');
 						}
+						expect($('.merge-button').length > 0).to.be.true;
 						$('#mergely').mergely('mergeCurrentChange', opt.dir);
 						if (opt.dir === 'lhs') {
 							expect($('#mergely').mergely('get', 'lhs')).to.equal(opt.expect || opt.rhs);
@@ -525,13 +527,11 @@ describe('mergely', function () {
 			});
 		});
 
-		it.only('should not be vulnerable to XSS', function (done) {
+		it('should not be vulnerable to XSS', function (done) {
 			function initXSS(options) {
-				// $('body').css({'margin': '0px'}).append("<div id='mergely<script>alert(123)</script>' />");
-
-				$('body').get(0).innerHTML = "<div id='mergely\"<script id='injected'>alert(123)</script>'></div>";
-
-				const editor = $('#mergely');
+				$('body').get(0).innerHTML = "<!DOCTYPE html><html lang=\"en\"><body><div id='mergely<script id=\"injected\">alert(123)</script>'></div></body></html>";
+				const divs = document.getElementsByTagName('div');
+				editor = $(divs[0]);
 				editor.mergely(options);
 				return editor;
 			};
@@ -544,14 +544,10 @@ describe('mergely', function () {
 					lhs: (setValue) => setValue(macbeth),
 					rhs: (setValue) => setValue(macbeth)
 				});
-				const { mergely } = $('#mergely');
-				// console.log('HERE', $('body').html());
-				// const { mergely } = $('#mergely&quot;<script>alert(123)</script>');
-				// expect($('#mergely<script>alert(123)</script>').mergely('_is_change_in_view', 'lhs', {from: 10, to: 20}, {
-				// 	'lhs-line-from': 0,
-				// 	'lhs-line-to': 25
-				// })).to.be.true;
-				expect($('body').find('#injected')).to.have.length(0);
+				expect($('body').find('#injected')).to.have.length(0, 'expected no div with id injected');
+				const divs = document.getElementsByTagName('div');
+				expect(divs).to.have.length(1);
+				expect(divs[0].id).to.equal('mergely<script id="injected">alert(123)</script>');
 				done();
 			});
 		});