Use of eval is handy when we need to automatically reload a
template. However, in production, this is slow and unsafe. Moreover,
when using CSP, we have to use 'unsafe-eval' which brings shame to
most of us. It appears use of eval() is not needed because the
template has already been translated to Javascript. We just need to
bind "jade" to its local scope.
So, we add an additional wrapper function binding "jade" to the local
scope. Moreover, when compiling the template, we add a flag to the
function to know it has already been compiled. In this case, we
execute it with "jade" in its scope. Otherwise, we keep using eval.
Quickly tested in both situations. Seem to work.
Fix#274.
Replace Markup.js with Jade [1] for real templating (like expression
evaluation and sane syntax). Jade compiles directly to JavaScript which
makes it possible to only have Jade as build dependency with a tiny
runtime wrapper for the client (around 40% of Markup.js's size).
Templates are rewritten for Jade but do not use all features from Jade
(such as filters, mixins and includes) for now.
A simple requirejs-jade wrapper to compile Jade during runtime is
already included.
i18n
----
I also rewrote the i18n module and moved translation and pluralization
functions back into the module, thus decoupling it from the previous
markup language. The module now exposes:
* i18n.translate(msgid) -> string
* i18n.pluralize(msgid, n) -> string
I18n depends on app/config and thus has access to the user's prefered
language and exposes both function with `i18n.lang` already set. If the
msgid was not found, it returns "???" (like Markup.js).
The pluralization function replaces `{{ n }}` with the function argument
just like with Markup.js (to keep the diffs clean).
[1] http://jade-lang.com/
Vincent Bernat