Skip to content

Commit a546652

Browse files
crazy-maxcrazy-max
authored
Merge pull request #378 from crazy-max/summary-escape-html
github(summary): escape HTML when printing build error
2 parents c330895 + e0007fb commit a546652

File tree

3 files changed

+23
-2
lines changed

3 files changed

+23
-2
lines changed

package.json

+2
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@
6060
"csv-parse": "^5.5.6",
6161
"gunzip-maybe": "^1.4.2",
6262
"handlebars": "^4.7.8",
63+
"he": "^1.2.0",
6364
"js-yaml": "^4.1.0",
6465
"jwt-decode": "^4.0.0",
6566
"semver": "^7.6.2",
@@ -69,6 +70,7 @@
6970
"devDependencies": {
7071
"@types/csv-parse": "^1.2.2",
7172
"@types/gunzip-maybe": "^1.4.2",
73+
"@types/he": "^1.2.3",
7274
"@types/js-yaml": "^4.0.9",
7375
"@types/node": "^20.12.10",
7476
"@types/semver": "^7.5.8",

src/github.ts

+3-2
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@
1616

1717
import crypto from 'crypto';
1818
import fs from 'fs';
19+
import he from 'he';
1920
import jsyaml from 'js-yaml';
2021
import os from 'os';
2122
import path from 'path';
@@ -284,15 +285,15 @@ export class GitHub {
284285
// prettier-ignore
285286
sum
286287
.addRaw(`<details><summary><strong>Error</strong></summary>`)
287-
.addCodeBlock(buildError, 'text')
288+
.addCodeBlock(he.encode(buildError), 'text')
288289
.addRaw(`</details>`);
289290
} else {
290291
// prettier-ignore
291292
sum
292293
.addRaw(`<strong>Error</strong>`)
293294
.addBreak()
294295
.addRaw(`<p>`)
295-
.addCodeBlock(buildError, 'text')
296+
.addCodeBlock(he.encode(buildError), 'text')
296297
.addRaw(`</p>`);
297298
}
298299
sum.addRaw(`</blockquote>`);

yarn.lock

+18
Original file line numberDiff line numberDiff line change
@@ -1112,6 +1112,7 @@ __metadata:
11121112
"@octokit/plugin-rest-endpoint-methods": ^10.4.0
11131113
"@types/csv-parse": ^1.2.2
11141114
"@types/gunzip-maybe": ^1.4.2
1115+
"@types/he": ^1.2.3
11151116
"@types/js-yaml": ^4.0.9
11161117
"@types/node": ^20.12.10
11171118
"@types/semver": ^7.5.8
@@ -1129,6 +1130,7 @@ __metadata:
11291130
eslint-plugin-prettier: ^5.1.3
11301131
gunzip-maybe: ^1.4.2
11311132
handlebars: ^4.7.8
1133+
he: ^1.2.0
11321134
jest: ^29.7.0
11331135
js-yaml: ^4.1.0
11341136
jwt-decode: ^4.0.0
@@ -2175,6 +2177,13 @@ __metadata:
21752177
languageName: node
21762178
linkType: hard
21772179

2180+
"@types/he@npm:^1.2.3":
2181+
version: 1.2.3
2182+
resolution: "@types/he@npm:1.2.3"
2183+
checksum: e77851c73dd7b9902d92fe0118a26246a7f3676a3a1c6eb1408305187ef73b57c22550b1435946b983267f961d935554d5d0e1b458416932552f31e763e1aa41
2184+
languageName: node
2185+
linkType: hard
2186+
21782187
"@types/istanbul-lib-coverage@npm:*, @types/istanbul-lib-coverage@npm:^2.0.0, @types/istanbul-lib-coverage@npm:^2.0.1":
21792188
version: 2.0.3
21802189
resolution: "@types/istanbul-lib-coverage@npm:2.0.3"
@@ -4923,6 +4932,15 @@ __metadata:
49234932
languageName: node
49244933
linkType: hard
49254934

4935+
"he@npm:^1.2.0":
4936+
version: 1.2.0
4937+
resolution: "he@npm:1.2.0"
4938+
bin:
4939+
he: bin/he
4940+
checksum: 3d4d6babccccd79c5c5a3f929a68af33360d6445587d628087f39a965079d84f18ce9c3d3f917ee1e3978916fc833bb8b29377c3b403f919426f91bc6965e7a7
4941+
languageName: node
4942+
linkType: hard
4943+
49264944
"html-escaper@npm:^2.0.0":
49274945
version: 2.0.2
49284946
resolution: "html-escaper@npm:2.0.2"

0 commit comments

Comments
 (0)