Phase 2: convert primitives to nodes via a whitelist element factory

Generic leaf builders (Div, Span, Td, Tr, Th, Ul, Li, Strong, Label,
Template, P) are now generated from one _html_element factory over the
single Element class — the tag name is data, not a per-tag body. Only
elements that add classes/behaviour (Button, Pill, Checkbox, Radio,
Input, A, SearchField, H1, Modal, AddForm, tables) stay hand-written.
All primitives now return Node objects; string-built widgets (Icon,
SimpleTable, YearPicker) return Safe, and YearPicker declares its
datepicker media. Raw concatenation (_popover_html, Popover slot) uses
Fragment.

Node.__str__/__html__ now return a SafeString: a node's rendered output
is safe HTML by construction, so str(node) stays safe when fed back into
a child list or template (matching the old SafeText behaviour and
preventing double-escaping).

Consumers adapted: the form widgets (SearchSelectWidget,
PrimitiveCheckboxWidget) return render(component) so Django gets a safe
string; the session form's manual field markup joins via str(row).
Component tests render nodes to HTML before asserting.

https://claude.ai/code/session_01BKurBhE3Qj25p7Bfsg7EeK

This commit is contained in:

Claude

2026-06-13 07:16:59 +00:00

parent f673f3ac80

commit 4031657bb5

6 changed files with 217 additions and 205 deletions

									
										common/components/__init__.py
									
		+6
		
												View File
												
				@@ -73,6 +73,7 @@ from common.components.primitives import (

				    TableTd,

				    Td,

				    Template,

				    Th,

				    Tr,

				    Ul,

				    YearPicker,

				@@ -131,6 +132,11 @@ __all__ = [

				    "Span",

				    "StaticScript",

				    "Label",

				    "Li",

				    "Td",

				    "Th",

				    "Tr",

				    "Ul",

				    "TableHeader",

				    "TableRow",

				    "TableTd",