Implement consistent event dispatching across Noty, Notyf, Toastr adapters and
themes, following the existing SweetAlert pattern. This enables Livewire
integration for all notification types.
JavaScript Events:
- Noty: flasher:noty:show, flasher:noty:click, flasher:noty:close, flasher:noty:hover
- Notyf: flasher:notyf:click, flasher:notyf:dismiss
- Toastr: flasher:toastr:show, flasher:toastr:click, flasher:toastr:close, flasher:toastr:hidden
- Themes: flasher:theme:click (generic), flasher:theme:{name}:click (specific)
PHP Livewire Listeners:
- LivewireListener for each adapter (Noty, Notyf, Toastr)
- ThemeLivewireListener for theme click events
- Registered in service providers when Livewire is bound
This allows Livewire users to listen for notification events and react
accordingly (e.g., noty:click, theme:flasher:click).
Update tests that were using invalid values for HopsStamp (0 is now
invalid, must be >= 1) and update expected output format for
mainScript (now uses json_encode which produces double quotes).
clipboard_controller.js:
- Check if clipboard API is available before using
- Handle clipboard write promise rejection
- Show error icon on failure
prev-next_controller.js:
- Guard against missing navigation element
- Guard against missing span element in links
anchor_controller.js:
- Guard against missing ul element
- Remove DOMContentLoaded listener after it fires to prevent memory leak
- Clean up timer interval and event listeners when notification is removed
- Add null check in stringToHTML to throw clear error for invalid templates
- Store cleanup function on notification element for proper disposal
Added tests for memory leak prevention and error handling.
The parameter \$type was being reassigned to the session value, which
shadows the original parameter and causes confusion for static analysis
tools and maintainers.
Renamed the session value variable to \$value for clarity.
HopsStamp:
- Validate hops amount must be >= 1 (positive integer)
- Negative or zero hops don't make logical sense
DelayStamp:
- Validate delay must be >= 0 (non-negative integer)
- Negative delays don't make logical sense
Both now throw InvalidArgumentException for invalid values, making
configuration errors fail fast with clear messages.
Previously, negative limits caused array_slice() to return unexpected
results (all except last N elements) and zero returned an empty array
without clear intent.
Now throws InvalidArgumentException for values < 1, making invalid
configurations fail fast with a clear error message.
Add validation to ensure services tagged with 'flasher.presenter' have
the required 'alias' attribute. Previously, accessing $attributes['alias']
without checking would throw an "Undefined array key" error.
Now throws a clear InvalidArgumentException with a helpful message.
The json_decode() with JSON_THROW_ON_ERROR throws an exception before
the ?: operator can provide a fallback value. This caused page crashes
when invalid JSON was passed to the Blade component attributes.
Now using a helper method with try-catch to safely decode JSON and
return an empty array on failure, preventing page crashes.
Laravel's event dispatcher expects listener classes to be invokable
(have __invoke method) when registered as a class name string.
The OctaneListener was using a handle() method which caused the
listener to never be invoked, resulting in notification state leaking
between Octane requests.
Renamed handle() to __invoke() to fix the issue.
The getPublicDir() method can return null, but the code was directly
concatenating it with a string, which could cause unexpected behavior.
Now the command properly checks for null and returns a failure with
a clear error message instead of proceeding with an invalid path.
The HtmlPresenter was interpolating user-controlled values directly into
HTML attributes and JavaScript code without proper escaping, creating
XSS vulnerabilities.
Changes:
- Escape nonce with htmlspecialchars() for HTML attribute context
- Escape nonce with json_encode() for JavaScript string context
- Escape mainScript with json_encode() for JavaScript string context
Added tests to verify XSS payloads are properly escaped.
The condition in registerLivewire() was inverted, causing the Livewire
listener to never be registered when Livewire was actually available.
Before: returned early when Livewire class exists AND is NOT bound
After: returns early when Livewire class does NOT exist OR is NOT bound
This fixes Livewire notifications not being displayed in Livewire components.
- Removed emerald-colored icons from table of contents navigation
- Removed gradient backgrounds from section headers
- Simplified version requirement cards
- Updated all callout boxes to use slate-50 background
- Updated tabs to use indigo colors instead of emerald
- Removed Additional Features section from Advanced section
- Simplify table of contents navigation (remove colored icons)
- Remove gradient backgrounds from section headers
- Simplify version requirement cards (remove gradients and accent lines)
- Update callout boxes to use consistent slate-50 background
- Simplify notification type cards (remove gradient backgrounds)
- Use uniform slate/indigo color scheme throughout
- Simplify table of contents navigation (remove colored icons)
- Remove gradient backgrounds from section headers
- Simplify version requirement cards (remove gradients and accent lines)
- Update callout boxes to use consistent slate-50 background
- Simplify notification type cards (remove gradient backgrounds)
- Use uniform slate/indigo color scheme throughout
- Fix malformed HTML in code blocks
- Update notification example to match callout style
- Remove gradient background and decorative SVG wave
- Use consistent slate-900/400/500 color palette
- Remove animated elements and decorative bars
- Simplify social links and documentation navigation
- Reduce author image size for cleaner layout
Younes ENNAJI