django-prose icon indicating copy to clipboard operation
django-prose copied to clipboard
verified publisher icon withlogicco

Bump Trix to v2.1.12

Open parisk opened this issue 1 year ago • 4 comments

https://github.com/basecamp/trix/releases/tag/v2.1.12

parisk avatar Aug 02 '24 08:08 parisk

Hi @parisk ,

I am starting using django-prose, it's awesome! One limitation I see is the use of CDN for getting Trix to the users browser, which is incompatible with my Content-Security-Policy. I just decided to vendor Trix into my Django project to work around that, but my question is: why not vendor it directly in this reusable app, like django-htmx does for htmx?

If you like it, I'd be able to open a PR that would:

  • Define a dependency to Trix in a package.json file, with the version set to ^2
  • Add a very small script that copies trix.css and trix.umd.js from node_modules into a static/prose/vendor folder
  • Initialize vendoring by running npm install and the small script locally, then adding both the vendored files and package-lock.json to Git
  • Setup Dependabot for npm dependencies, which would periodically try to bump Trix and open PRs if necessary
  • Add a Github workflow that performs npm install then runs the small script, on every PR opened on a branch that starts with dependabot/npm
  • Obviously, change the RichTextEditor widget's Media class to include vendored CSS and JS

I think this way, the following would be achieved:

  • As a maintainer you would never have to worry about bumping Trix again, you would just have to merge PRs opened by Dependabot and enriched by the Github workflow (and to publish releases accordingly)
  • Your users would always have the latest Trix, and they would not be worried about fetching it from an external source

What do you say?

David-Guillot avatar Jul 08 '25 15:07 David-Guillot

Hi @David-Guillot thanks for bringing this up! We have had quite a busy summer and believe it or not, just now I was able to catch up with Django Prose issues.

In principle this is a good idea. I am also leaning towards vendoring lately and packaging it in the CI would be much more convenient.

I am worried though that we might need to consider another editor, given the limitations of Trix at the moment, and that effort might be wasted.

parisk avatar Aug 13 '25 14:08 parisk

Hi @parisk , thanks for your answer! (and I am myself sorry for the late reply, I was on vacation 😎 )

What do you mean by the limitations of Trix? Do you have specific features in mind that Trix doesn't offer? If you do, indeed now is not a good time to make the changes I suggested.

David-Guillot avatar Sep 05 '25 07:09 David-Guillot

Please don't change trix. Make it a diffrent project

onno-timmerman avatar Nov 04 '25 13:11 onno-timmerman