Some numeric sequences, such as social security numbers, phone numbers with no formatting, postal codes, etc. Should be rendered as strings, so they can keep leading zeroes for example and do not risk overflowing JavaScript Number.MAX_SAFE_INTEGER value.

I am not exactly sure why (package conflict perhaps?), but the blade directive suddenly stopped working for me in an existing project. It would render the @javascript as raw html from the blade file.

After a bit of searching around, it seems Ziggy had a similar issue recently https://github.com/tightenco/ziggy/issues/115. The solution I propose below is the same as they just implemented for their package; and it seems to resolve the issue without breaking backwards compatibility

Thoughts?

Just started using this library and I noticed that the scripts are being added in an invalid manner. That's to say, when using this library the HTML output from Laravel now contains invalid HTML markup.

For illustration purpose I've created a simple/empty template file. You can see this here:

<script>window['key'] = 'value';</script>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Test</title>
</head>
</html>

When you attempt to validate this with an HTML validator it throws some errors. In total this creates 4 errors in the W3 HTML validator.

• Start tag seen without seeing a doctype first. Expected .
• Stray doctype.
• Stray start tag html.
• Cannot recover after last error. Any further errors will be ignored.

At the moment there is no CSP support by default - which is a bit strange cause you guys have also a laravel csp package.

Refused to execute inline script because it violates the following Content Security Policy directive: "script-src ...". Either the 'unsafe-inline' keyword, a hash ('...'), or a nonce ('nonce-...') is required to enable inline execution.

I don't want to allow inline scripts - so I have to set something on the script tag itself. Atm I've overriden the \Spatie\BladeJavaScript\Renderer class but this isn't optimal - there would be several ways to fix this.

laravel-csp package related

1. add the hash of the inline script to the policy https://github.com/spatie/laravel-csp/issues/33
2. use the csp_nonce() function on the script

general 3) use a blade file for the script tag that could be overriden

which one do you like the most?

This is an automated pull request from Shift to update your package code and dependencies to be compatible with Laravel 8.x.

Before merging, you need to:

• Checkout the l8-compatibility branch
• Review all comments for additional changes
• Thoroughly test your package

If you do find an issue, please report it by commenting on this PR to help improve future automation.

Hi! In some situations, to keep consistency, there is a need to use the same window namespace for custom solutions as we might use for assigning data via @javascript(). Current implementation of the module overrides data that have been declared before @javascript(). What do you think about appending data to the namespace if such already exists (and maybe even make it configurable?) instead of just clearing that?

When passing an array of variables to the rendering the method getAllTransformers instantiates the transformers for each variable.

This commit adds a $cachedTransformers to the Renderer so it instantiates the underlying transformers just once.

When the value has line breaks, such as user input from a textarea, the directive did not escape the line breaks properly leading to JavaScript errors.

Unless I'm missing it, I would like to suggest the feature to assign multiple key/value pairs at once to minimize the excess <script> tags.

Something like this perhaps?

@javascript(['key' => 'value', 'key2' => 'value2'])

<script>window['key'] = 'value';window['key2'] = 'value2';</script>

Whenever I use the @javascript tag in my blade templates I get the following Vue.js error:

- Templates should only be responsible for mapping the state to the UI. Avoid placing tags with side-effects in your templates, such as <script>, as they will not be parsed.

Removing the tags from the template fixes the issue. Should I be using Vuex instead of this package? I very much prefer the simplicity of this package.

This Pull-Requests help you to prepare your Package for Laravel 5.5. I've tested it automated and this was the PHPUnit Result: PHPUnit 6.3-dev by Sebastian Bergmann and contributors.

Runtime: PHP 7.1.7 with Xdebug 2.5.5 Configuration: /Users/lukaskammerling/Code/OSS/spatieLaravelphp5.5/storage/spatie.laravel-blade-javascript/phpunit.xml.dist

............ 12 / 12 (100%)

Time: 4.23 seconds, Memory: 14.00MB

OK (12 tests, 13 assertions)

Generating code coverage report in Clover XML format ... done

Generating code coverage report in HTML format ... done

Nice looks really good! There are no Errors so it might work in Laravel 5.5 without any adjustments