fix(deps): bump the all group with 3 updates (#471)

* fix(deps): bump the all group with 3 updates

Bumps the all group with 3 updates: [github.com/evanw/esbuild](https://github.com/evanw/esbuild), [github.com/sashabaranov/go-openai](https://github.com/sashabaranov/go-openai) and [golang.org/x/text](https://github.com/golang/text).


Updates `github.com/evanw/esbuild` from 0.24.2 to 0.25.0
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG-2024.md)
- [Commits](evanw/esbuild@v0.24.2...v0.25.0)

Updates `github.com/sashabaranov/go-openai` from 1.36.1 to 1.37.0
- [Release notes](https://github.com/sashabaranov/go-openai/releases)
- [Commits](sashabaranov/go-openai@v1.36.1...v1.37.0)

Updates `golang.org/x/text` from 0.21.0 to 0.22.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.21.0...v0.22.0)

---
updated-dependencies:
- dependency-name: github.com/evanw/esbuild
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: github.com/sashabaranov/go-openai
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix: improve HTML parsing and URL handling in admin watch extension

* fix: update HTML rendering and improve URL validation in admin watch extension

* fix: restore and enhance URL handling in admin watch extension

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Soner Sayakci <[email protected]>

.golangci.yml

@@ -34,7 +34,7 @@ linters:
     - forbidigo
     - errname
     - nilnil
-    - tenv
+    - usetesting
     - bidichk
     - containedctx
     - decorder

cmd/extension/extension_admin_watch.go

@@ -13,9 +13,12 @@ import (
 	"time"
 
 	"github.com/shopware/shopware-cli/shop"
+	"golang.org/x/net/html"
 
 	"github.com/shopware/shopware-cli/internal/asset"
 
+	htmlprinter "github.com/shyim/go-htmlprinter"
+
 	"github.com/NYTimes/gziphandler"
 	"github.com/evanw/esbuild/pkg/api"
 	"github.com/spf13/cobra"
@@ -35,7 +38,6 @@ var (
 	schemeAndHttpHostRegExp = regexp.MustCompile(`(?m)schemeAndHttpHost:\s.*,`)
 	uriRegExp               = regexp.MustCompile(`(?m)uri:\s.*,`)
 	assetPathRegExp         = regexp.MustCompile(`(?m)assetPath:\s.*`)
-	assetRegExp             = regexp.MustCompile(`(?m)(src|href|content)="(https?.*\/bundles.*)"`)
 
 	extensionAssetRegExp   = regexp.MustCompile(`(?m)/bundles/([a-z0-9-]+)/static/(.*)$`)
 	extensionEsbuildRegExp = regexp.MustCompile(`(?m)/.shopware-cli/([a-z0-9-]+)/(.*)$`)
@@ -193,40 +195,53 @@ var extensionAdminWatchCmd = &cobra.Command{
 				bodyStr = uriRegExp.ReplaceAllString(bodyStr, "uri: '"+browserUrl.Scheme+schemeHostSeparator+browserUrl.Host+targetShopUrl.Path+"/admin',")
 				bodyStr = assetPathRegExp.ReplaceAllString(bodyStr, "assetPath: '"+browserUrl.Scheme+schemeHostSeparator+browserUrl.Host+targetShopUrl.Path+"'")
 
-				bodyStr = assetRegExp.ReplaceAllStringFunc(bodyStr, func(s string) string {
-					firstPart := ""
-
-					if strings.HasPrefix(s, "href=\"") {
-						firstPart = "href=\""
-					} else if strings.HasPrefix(s, "content=\"") {
-						firstPart = "content=\""
-					} else if strings.HasPrefix(s, "src=\"") {
-						firstPart = "src=\""
-					}
-
-					org := s
-					s = strings.TrimPrefix(s, firstPart)
-					s = strings.TrimSuffix(s, "\"")
+				parsed, err := html.Parse(strings.NewReader(bodyStr))
+				if err != nil {
+					logging.FromContext(cmd.Context()).Errorf("could not parse html %v", err)
+					w.WriteHeader(http.StatusInternalServerError)
+					return
+				}
 
-					parsedUrl, err := url.Parse(s)
-					if err != nil {
-						logging.FromContext(cmd.Context()).Infof("cannot parse url: %s, err: %s", s, err.Error())
-						return org
+				var f func(*html.Node)
+				f = func(n *html.Node) {
+					if n.Type == html.ElementNode && (n.Data == "script" || n.Data == "link" || n.Data == "meta") {
+						for i, attr := range n.Attr {
+							if attr.Key == "src" || attr.Key == "href" || attr.Key == "content" {
+								if !strings.HasPrefix(attr.Val, "http") {
+									continue
+								}
+
+								parsedUrl, err := url.Parse(attr.Val)
+								if err != nil {
+									logging.FromContext(cmd.Context()).Infof("cannot parse url: %s, err: %s", attr.Val, err.Error())
+									continue
+								}
+
+								if parsedUrl.Host == targetShopUrl.Host {
+									parsedUrl.Host = browserUrl.Host
+									parsedUrl.Scheme = browserUrl.Scheme
+								}
+
+								n.Attr[i].Val = parsedUrl.String()
+
+								break
+							}
+						}
 					}
 
-					if parsedUrl.Host != targetShopUrl.Host {
-						return org
+					for c := n.FirstChild; c != nil; c = c.NextSibling {
+						f(c)
 					}
+				}
 
-					parsedUrl.Host = browserUrl.Host
-					parsedUrl.Scheme = browserUrl.Scheme
-
-					return firstPart + parsedUrl.String() + "\""
-				})
+				f(parsed)
 
 				w.Header().Set("content-type", "text/html")
-				if _, err := w.Write([]byte(bodyStr)); err != nil {
-					logging.FromContext(cmd.Context()).Error(err)
+
+				if err := htmlprinter.Render(w, parsed); err != nil {
+					logging.FromContext(cmd.Context()).Errorf("could not render html %v", err)
+					w.WriteHeader(http.StatusInternalServerError)
+					return
 				}
 				logging.FromContext(cmd.Context()).Debugf("Served modified admin")
 				return
@@ -326,7 +341,7 @@ var extensionAdminWatchCmd = &cobra.Command{
 
 			if len(esbuildMatch) > 0 {
 				if ext, ok := esbuildInstances[esbuildMatch[1]]; ok {
-					req.URL = &url.URL{Scheme: "http", Host: fmt.Sprintf("%s:%d", ext.watchServer.Host, ext.watchServer.Port), Path: "/" + esbuildMatch[2]}
+					req.URL = &url.URL{Scheme: "http", Host: fmt.Sprintf("%s:%d", ext.watchServer.Hosts[0], ext.watchServer.Port), Path: "/" + esbuildMatch[2]}
 					req.Host = req.URL.Host
 					req.RequestURI = req.URL.Path
 
@@ -363,25 +378,26 @@ func init() {
 }
 
 type adminBundlesInfo struct {
-	Version         string `json:"version"`
-	VersionRevision string `json:"versionRevision"`
-	AdminWorker     struct {
-		EnableAdminWorker bool     `json:"enableAdminWorker"`
-		Transports        []string `json:"transports"`
-	} `json:"adminWorker"`
-	Bundles  map[string]adminBundlesInfoAsset `json:"bundles"`
-	Settings struct {
-		EnableUrlFeature  bool `json:"enableUrlFeature"`
-		AppUrlReachable   bool `json:"appUrlReachable"`
-		AppsRequireAppUrl bool `json:"appsRequireAppUrl"`
-	} `json:"settings"`
+	Version         string                           `json:"version"`
+	VersionRevision string                           `json:"versionRevision"`
+	AdminWorker     interface{}                      `json:"adminWorker"`
+	Bundles         map[string]adminBundlesInfoAsset `json:"bundles"`
+	Settings        interface{}                      `json:"settings"`
+	InAppPurchases  interface{}                      `json:"inAppPurchases"`
 }
 
 type adminBundlesInfoAsset struct {
 	Css        []string `json:"css"`
 	Js         []string `json:"js"`
 	LiveReload bool     `json:"liveReload"`
 	Name       string   `json:"name"`
+	// fields below are not used, but we need to decode/encode them
+	Type          string      `json:"type"`
+	BaseURL       interface{} `json:"baseUrl,omitempty"`
+	Active        interface{} `json:"active"`
+	IntegrationID interface{} `json:"integrationId"`
+	Version       interface{} `json:"version"`
+	Permissions   interface{} `json:"permissions"`
 }
 
 type adminWatchExtension struct {

cmd/extension/static/live-reload.js

@@ -1,4 +1,9 @@
-const bundles = Shopware.State.get('context').app.config.bundles;
+let bundles;
+if (Shopware.State !== undefined && Shopware.State.get('context') !== undefined) {
+    bundles = Shopware.State.get('context').app.config.bundles;
+} else {
+    bundles = Shopware.Store.get('context').app.config.bundles;
+}
 
 for (const bundleName of Object.keys(bundles)) {
     const bundle = bundles[bundleName];

go.mod

@@ -1,15 +1,16 @@
 module github.com/shopware/shopware-cli
 
-go 1.23
+go 1.23.6
 
 require (
 	dario.cat/mergo v1.0.1
 	github.com/NYTimes/gziphandler v1.1.1
 	github.com/bep/godartsass/v2 v2.3.2
 	github.com/caarlos0/env/v9 v9.0.0
 	github.com/doutorfinancas/go-mad v0.0.0-20240205120830-463c1e9760f0
-	github.com/evanw/esbuild v0.24.2
+	github.com/evanw/esbuild v0.25.0
 	github.com/friendsofshopware/go-shopware-admin-api-sdk v0.0.0-20231210091330-92f38f1ae77c
+	github.com/go-sql-driver/mysql v1.8.1
 	github.com/google/uuid v1.6.0
 	github.com/gorilla/schema v1.4.1
 	github.com/invopop/jsonschema v0.13.0
@@ -18,7 +19,7 @@ require (
 	github.com/microcosm-cc/bluemonday v1.0.27
 	github.com/olekukonko/tablewriter v0.0.5
 	github.com/otiai10/copy v1.14.1
-	github.com/sashabaranov/go-openai v1.36.1
+	github.com/sashabaranov/go-openai v1.37.0
 	github.com/spf13/cobra v1.8.1
 	github.com/stretchr/testify v1.10.0
 	github.com/tetratelabs/wazero v1.8.2
@@ -27,9 +28,8 @@ require (
 	github.com/wk8/go-ordered-map/v2 v2.1.8
 	github.com/yuin/goldmark v1.7.8
 	go.uber.org/zap v1.27.0
-	golang.org/x/text v0.21.0
+	golang.org/x/text v0.22.0
 	gopkg.in/yaml.v3 v3.0.1
-	github.com/go-sql-driver/mysql v1.8.1
 )
 
 require github.com/otiai10/mint v1.6.3 // indirect
@@ -53,15 +53,16 @@ require (
 	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/rivo/uniseg v0.4.7 // indirect
+	github.com/shyim/go-htmlprinter v0.0.0-20250212091723-cc11f7bf036d
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/tidwall/gjson v1.18.0 // indirect
 	github.com/tidwall/match v1.1.1 // indirect
 	github.com/tidwall/pretty v1.2.1 // indirect
 	github.com/tidwall/sjson v1.2.5 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/net v0.34.0
+	golang.org/x/net v0.35.0
 	golang.org/x/oauth2 v0.24.0 // indirect
-	golang.org/x/sync v0.10.0 // indirect
-	golang.org/x/sys v0.29.0 // indirect
+	golang.org/x/sync v0.11.0 // indirect
+	golang.org/x/sys v0.30.0 // indirect
 	google.golang.org/protobuf v1.35.2 // indirect
 )

go.sum

@@ -31,8 +31,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/evanw/esbuild v0.24.2 h1:PQExybVBrjHjN6/JJiShRGIXh1hWVm6NepVnhZhrt0A=
-github.com/evanw/esbuild v0.24.2/go.mod h1:D2vIQZqV/vIf/VRHtViaUtViZmG7o+kKmlBfVQuRi48=
+github.com/evanw/esbuild v0.25.0 h1:jRR9D1pfdb669VzdN4w0jwsDfrKE098nKMaDMKvMPyU=
+github.com/evanw/esbuild v0.25.0/go.mod h1:D2vIQZqV/vIf/VRHtViaUtViZmG7o+kKmlBfVQuRi48=
 github.com/frankban/quicktest v1.14.2 h1:SPb1KFFmM+ybpEjPUhCCkZOM5xlovT5UbrMvWnXyBns=
 github.com/frankban/quicktest v1.14.2/go.mod h1:mgiwOwqx65TmIk1wJ6Q7wvnVMocbUorkibMOrVTHZps=
 github.com/friendsofshopware/go-shopware-admin-api-sdk v0.0.0-20231210091330-92f38f1ae77c h1:nqb0JGvyGIZNLPzkwxKBWKlfYVB7f16Ie1OuDKBf1vg=
@@ -91,8 +91,10 @@ github.com/rivo/uniseg v0.4.7/go.mod h1:FN3SvrM+Zdj16jyLfmOkMNblXMcoc8DfTHruCPUc
 github.com/rogpeppe/go-internal v1.6.1 h1:/FiVV8dS/e+YqF2JvO3yXRFbBLTIuSDkuC7aBOAvL+k=
 github.com/rogpeppe/go-internal v1.6.1/go.mod h1:xXDCJY+GAPziupqXw64V24skbSoqbTEfhy4qGm1nDQc=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sashabaranov/go-openai v1.36.1 h1:EVfRXwIlW2rUzpx6vR+aeIKCK/xylSrVYAx1TMTSX3g=
-github.com/sashabaranov/go-openai v1.36.1/go.mod h1:lj5b/K+zjTSFxVLijLSTDZuP7adOgerWeFyZLUhAKRg=
+github.com/sashabaranov/go-openai v1.37.0 h1:hQQowgYm4OXJ1Z/wTrE+XZaO20BYsL0R3uRPSpfNZkY=
+github.com/sashabaranov/go-openai v1.37.0/go.mod h1:lj5b/K+zjTSFxVLijLSTDZuP7adOgerWeFyZLUhAKRg=
+github.com/shyim/go-htmlprinter v0.0.0-20250212091723-cc11f7bf036d h1:H4beXhaWS4edAoYRzbdszvIfL9bHt4jUbGgt5G+QdGY=
+github.com/shyim/go-htmlprinter v0.0.0-20250212091723-cc11f7bf036d/go.mod h1:7pOn8MeVA6hUnFkgkXpNFVjGtNnh2/AeZTDwXwWtNp8=
 github.com/shyim/go-mad v0.0.0-20241125132504-2377d2341711 h1:Q+bPtwUv/ONAB1Bq2d2aCHsui+/kv2lwahJuDjGr4is=
 github.com/shyim/go-mad v0.0.0-20241125132504-2377d2341711/go.mod h1:yfWKFJm6NisKuie2cdH5zUttu4gZYHa/CY7CHpA3tMU=
 github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
@@ -129,19 +131,19 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
-golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
-golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
+golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
+golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
 golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
 golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
-golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
+golang.org/x/sync v0.11.0 h1:GGz8+XQP4FvTTrjZPzNKTMFtSXH80RAzG+5ghFPgK9w=
+golang.org/x/sync v0.11.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20220310020820-b874c991c1a5/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU=
-golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
+golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
 google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
 google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=