Changes for red carpet html rendering github compliance

Signed-off-by: smriti <sgarg@msystechnologies.com>

src/supermarket/Gemfile

@@ -8,6 +8,7 @@ gem "omniauth-chef-oauth2"
 gem "omniauth-github"
 gem "omniauth-oauth2", "~> 1.7.1"
 gem "omniauth-rails_csrf_protection"
+gem "coderay" #markdown doc - syntax highlighting
 
 gem "sidekiq", "~> 4.2"
 gem "sidekiq-cron"

src/supermarket/Gemfile.lock

@@ -790,6 +790,7 @@ DEPENDENCIES
   capybara-screenshot
   chef (~> 16.13)
   chefstyle
+  coderay
   compass-rails
   database_cleaner
   ddtrace

src/supermarket/app/helpers/markdown_helper.rb

@@ -2,16 +2,33 @@ module MarkdownHelper
   #
   # Make auto-links target=_blank
   #
+
   class SupermarketRenderer < Redcarpet::Render::Safe
     include ActionView::Helpers::TagHelper
 
     def initialize(extensions = {})
       super extensions.merge(
         link_attributes: { target: "_blank", rel: "noopener" },
-        with_toc_data: true
+        with_toc_data: true,
+        hard_wrap: true,
+        xhtml: true
       )
     end
 
+    #Syntax highlighting using CodeRay library
+    def block_code(code, language)
+      if language.present?
+        CodeRay.scan(code, language).div
+      else
+        "<pre><code>#{code}</code></pre>"
+      end
+    end
+
+    #process doc to remove markdown comments as the same is not supported by RedCarpet
+    def remove_comments(raw_html)
+      raw_html.gsub(/&lt;!--(.*?)--&gt;/, "")
+    end
+
     #
     # Last stop opportunity to transform the HTML Redcarpet has generated
     # from markdown input.
@@ -25,7 +42,7 @@ def postprocess(html_document)
       # should be considered
       doc = Nokogiri::HTML::DocumentFragment.parse(html_document)
       doc = make_img_src_urls_protocol_relative(doc)
-      doc.to_s
+      remove_comments(doc.to_s)
     end
 
     private
@@ -71,4 +88,4 @@ def render_markdown(text)
       text
     ).html_safe # rubocop:todo Rails/OutputSafety
   end
-end
+end

src/supermarket/spec/helpers/markdown_helper_spec.rb

@@ -13,7 +13,20 @@
         ```
       CODEBLOCK
 
-      expect(helper.render_markdown(codeblock)).to match(/<pre><code>/)
+      expect(helper.render_markdown(codeblock)).to include("<div class=\"CodeRay\">\n  "\
+                                                            "<div class=\"code\"><pre>"\
+                                                            "$ bundle exec rake spec:all\n</pre>")
+    end
+
+    it "renders code block with syntax highlighting" do
+      codeblock = <<-CODEBLOCK.strip_heredoc
+        ```ruby
+        require 'redcarpet'
+        ```
+      CODEBLOCK
+
+      expect(helper.render_markdown(codeblock)).to include("<div class=\"CodeRay\">\n  "\
+                                                            "<div class=\"code\"><pre>require")
     end
 
     it "auto renders links with target blank" do
@@ -33,13 +46,13 @@
     expect(helper.render_markdown(table)).to match(/<table>/)
   end
 
-  it "doesn't adds br tags on hard wraps" do
+  it "adds br tags on hard wraps" do
     markdown = <<-HARDWRAP.strip_heredoc
       There is no hard
       wrap.
     HARDWRAP
 
-    expect(helper.render_markdown(markdown)).to_not match(/<br>/)
+    expect(helper.render_markdown(markdown)).to match(/<br>/)
   end
 
   it "doesn't emphasize underscored words" do
@@ -58,6 +71,10 @@
     expect(helper.render_markdown("Supermarket^2")).to match(/<sup>/)
   end
 
+  it "removes escaped comments" do
+    expect(helper.render_markdown("<!-- Comment --><p>Hello</p>")).to_not include("&lt;!-- Comment --&gt;")
+  end
+
   context "protocol in URLs for images get converted" do
     it "HTTP -> protocol-relative" do
       html = helper.render_markdown("![](http://img.example.com)")
@@ -68,6 +85,7 @@
       html = helper.render_markdown("![](https://img.example.com)")
       expect(html).to include('<img src="//img.example.com" alt="">')
     end
+
   end
 
   describe "to prevent XSS attacks" do