feat(useRouter): 新增query参数

[xiaohe0601]

Description 描述

useRouter 新增query参数

router.navigate({ url: '/pages/topics/index', query: { a: 1, b: 2 } }); // => /pages/topics/index?a=1&b=2
router.navigate({ url: '/pages/topics/index?c=1', query: { a: 1, b: 2 } }); // => /pages/topics/index?c=1&a=1&b=2

Summary by CodeRabbit

• New Features

  • Enhanced navigation functionality now supports query parameters.
  • Improved URL construction with proper query serialization and encoding of special characters.

• Documentation

  • Updated guides with examples demonstrating how to include query parameters in navigation methods.

[coderabbitai]

Walkthrough

This pull request introduces a new dependency, "fast-querystring": "^1.1.2", to handle query string serialization. Updates in the router module enhance navigation functions by adding support for query parameters. The documentation is revised to explain the encoding of Chinese characters and string serialization. Additionally, new types and an interface are defined, and function signatures for navigation methods are updated to incorporate query parameters. A new buildUrl function leverages the qs.stringify method to generate URLs with query strings.

Changes

File(s)	Change Summary
package.json	Added dependency "fast-querystring": "^1.1.2" to the dependencies section.
src/useRouter/index.md	Updated documentation for navigate, redirect, and reLaunch methods, detailing query parameter support and URL encoding examples.
src/useRouter/index.ts	Imported qs from fast-querystring; added new types (LocationUrl, LocationQueryRaw) and interface (QueryOptions); updated navigation function signatures; introduced buildUrl to construct URLs with serialized query parameters.

Sequence Diagram(s)

sequenceDiagram
    participant U as User
    participant R as Router Module
    participant Q as fast-querystring

    U->>R: Call navigateTo(options with query)
    R->>R: Invoke buildUrl() function to process query
    R->>Q: qs.stringify(query)
    Q-->>R: Return serialized query string
    R->>R: Construct final URL with query parameters
    R-->>U: Execute navigation with updated URL

Loading

Poem

Hoppity hops, a fresh new route,
With queries sprouting, there’s no doubt.
I nibble on code with whiskered cheer,
Crafting URLs that shine so clear.
Through carrot trails in digital lands,
I celebrate changes with joyful hops!

✨ Finishing Touches

• 📝 Generate Docstrings (Beta)

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

src/useRouter/index.ts (1)

97-109: Add input validation for URL and query parameters.

While the function handles basic cases well, consider adding:

1. URL validation to prevent malformed URLs
2. Sanitization of query values to handle null/undefined

 function buildUrl(url: LocationUrl, query?: LocationQueryRaw) {
+  if (typeof url !== 'string' || !url.trim()) {
+    throw new Error('Invalid URL provided');
+  }
+
+  // Sanitize query values
+  const sanitizedQuery = query ? Object.fromEntries(
+    Object.entries(query).filter(([_, v]) => v != null)
+  ) : undefined;
+
-  if (!query) {
+  if (!sanitizedQuery) {
     return url;
   }
 
-  const serializedQuery = qs.stringify(query);
+  const serializedQuery = qs.stringify(sanitizedQuery);

src/useRouter/index.md (1)

43-47: Comprehensive documentation with clear examples!

The documentation effectively explains the query parameter feature and includes important notes about serialization and encoding. Consider adding examples for:

1. Complex object serialization behavior
2. URL encoding of special characters

Add these examples to better illustrate the behavior:

 router.navigate({ url: '/pages/topics/index?c=1', query: { a: 1, b: 2 } }); // => /pages/topics/index?c=1&a=1&b=2
+// Complex objects are serialized
+router.navigate({ url: '/page', query: { obj: { x: 1 } } }); // => /page?obj=%7B%22x%22%3A1%7D
+// Special characters are encoded
+router.navigate({ url: '/page', query: { text: '你好' } }); // => /page?text=%E4%BD%A0%E5%A5%BD

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 40b4fcc and 8dd621b.

⛔ Files ignored due to path filters (1)

• pnpm-lock.yaml is excluded by !**/pnpm-lock.yaml

📒 Files selected for processing (3)

• package.json (1 hunks)
• src/useRouter/index.md (1 hunks)
• src/useRouter/index.ts (3 hunks)

🔇 Additional comments (4)

src/useRouter/index.ts (3)

83-89: Well-structured type definitions!

The types and interface are well-defined, providing good type safety while maintaining flexibility with the Record type for query parameters.

---

111-118: Clean implementation of options builder!

The function follows the single responsibility principle and properly handles the separation of concerns.

---

127-144:

✅ Verification successful

Consistent implementation across navigation methods.

The navigation functions are well-implemented. However, let's verify that all navigation method calls in the codebase have been updated to handle the new query parameter support.

---

🏁 Script executed:

#!/bin/bash
# Search for direct calls to uni.navigateTo, uni.redirectTo, or uni.reLaunch
# to ensure they're using the router wrapper instead
rg "uni\.(navigateTo|redirectTo|reLaunch)\(" -A 2

Length of output: 526

---

Navigation methods uniformly updated and verified.

The navigation functions now consistently incorporate query parameter handling via the router wrapper. Our repository search confirms that all calls to uni.navigateTo, uni.redirectTo, and uni.reLaunch are encapsulated within src/useRouter/index.ts, with no stray calls bypassing this layer.

• Verified usage in src/useRouter/index.ts is consistent.
• No direct calls to uni.* functions are found elsewhere in the codebase.

Approved as-is.

package.json (1)

79-80:

✅ Verification successful

Verify the fast-querystring package version.

Let's check if version 1.1.2 is the latest stable version and review its security status.

---

🌐 Web query:

What is the latest version of fast-querystring npm package and are there any known security vulnerabilities?

💡 Result:

The latest version of the fast-querystring npm package is 1.1.2, last published on June 5, 2023[4][7][10]. This module serves as a faster alternative to Node.js's legacy querystring library for parsing and stringifying URL query parameters[4].

Regarding security vulnerabilities:

• No direct security advisories are documented in the provided search results for fast-querystring itself[4][10].
• A similar-sounding package (fast-string-search) had a critical Denial of Service vulnerability (CVE-2022-22138) due to improper handling of non-string inputs[2], but this is unrelated to fast-querystring.

Key considerations:

1. The package hasn't been updated since mid-2023[7], though this doesn't inherently indicate insecurity.
2. It's used by over 11,954 projects[7], suggesting community trust.
3. When handling untrusted input, validate data types before parsing to mitigate potential edge-case risks (general security practice)[5].

For verification:

• Check vulnerability databases like Snyk or GitHub Security Advisories for real-time updates[8].
• Use tools like npm audit to scan projects using this dependency[5].

Citations:

• 1: Replacing querystring with fast-querystring expressjs/express#4990
• 2: https://www.acunetix.com/vulnerabilities/sca/cve-2022-22138-vulnerability-in-npm-package-fast-string-search/
• 3: https://www.npmjs.com/package/axios
• 4: https://npmjs.com/package/fast-querystring
• 5: https://www.aquasec.com/cloud-native-academy/supply-chain-security/npm-vulnerabilities/
• 6: https://npm-compare.com/qs,query-string,querystring,url-parse
• 7: https://deps.dev/npm/fast-querystring/1.1.1/versions
• 8: https://www.nodejs-security.com/blog/where-to-find-npm-vulnerabilities
• 9: After updating npm packages. Error: Could not parse template expression: vue-styleguidist/vue-styleguidist#1299
• 10: https://debricked.com/select/package/npm-fast-querystring

---

Verified: The fast-querystring dependency is up-to-date and secure.

After checking the latest npm information, version 1.1.2 is confirmed as the most recent stable release with no reported security vulnerabilities. This dependency is therefore acceptable as-is.

• File: package.json (Lines 79-80)
• Dependency: fast-querystring version ^1.1.2

[xiaohe0601]

close, cause of #45 (comment) .