[analyzer] ignore: unsafe_html does not work

Description

This screenshot should explain it 🙂

image

Essentially, even though I am inserting an ignore: unsafe_html comment, the analyzer reports an info-level lint anyway:

Analyzing wakelock_web...

   info - Avoid unsafe HTML APIs (assigning "src" attribute) - lib\src\import_js_library.dart:35:5 - unsafe_html

1 issue found. (ran in 1.3s)

If the setup is important, check https://github.com/creativecreatorormaybenot/wakelock/blob/b8b2f13cfedc5544c0311bf5172712a97b7ce5fc/wakelock_web/lib/src/import_js_library.dart#L34 for the full source code.


Tools • Dart 2.12.0

1 possible answer(s) on “[analyzer] ignore: unsafe_html does not work

  1. I think that a better solution would be to make the security rules ignorable again and to introduce a more general solution for users that want to make a diagnostic un-ignorable (implemented in the opposite order). For example, I could imagine enhancing the analysis options file to allow a diagnostic to be marked as un-ignorable. Perhaps something like

    analyzer:
      errors:
        unsafe_html: error, cannotIgnore
    

    or

    analyzer:
      cannotIgnore:
      - unsafe_html