Potential fix for code scanning alert no. 45: Incomplete string escaping or encoding#791
Merged
alienx5499 merged 3 commits intomainfrom Mar 30, 2026
Merged
Potential fix for code scanning alert no. 45: Incomplete string escaping or encoding#791alienx5499 merged 3 commits intomainfrom
alienx5499 merged 3 commits intomainfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
alienx5499
force-pushed
the
alert-autofix-45
branch
from
7eb811a to
59351bc
Compare
QA suite report
Result: passed. |
alienx5499
force-pushed
the
alert-autofix-45
branch
from
59351bc to
2dac491
Compare
alienx5499
force-pushed
the
alert-autofix-45
branch
from
2dac491 to
1d7e1dd
Compare
…ing or encoding Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
alienx5499
force-pushed
the
alert-autofix-45
branch
from
1d7e1dd to
49709bf
Compare
alienx5499
force-pushed
the
alert-autofix-45
branch
from
a36e579 to
569ab68
Compare
alienx5499
force-pushed
the
alert-autofix-45
branch
from
569ab68 to
f9335eb
Compare
Lighthouse (CI)Lighthouse (mobile)
Lighthouse (desktop)
|
alienx5499
force-pushed
the
alert-autofix-45
branch
from
4b401fe to
168be85
Compare
…, enhance Lighthouse reporting with matrix strategy for mobile and desktop, and improve summary handling in CI workflows
alienx5499
force-pushed
the
alert-autofix-45
branch
from
168be85 to
7ad5900
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Potential fix for https://github.com/alienx5499/SortVision/security/code-scanning/45
In general, when escaping characters for a specific output format (here, Markdown tables), you should escape the escape character itself (backslash) before escaping other metacharacters like
|. This ensures that an existing backslash in the input cannot neutralize or otherwise interfere with the escaping you apply later.The best minimal fix here is to update the construction of
safeNameandsafeDetailsso they escape backslashes first, then escape pipes. That avoids any change in intended content beyond making Markdown parsing more predictable, and keeps all other logic (slicing to 200 chars, etc.) unchanged. Concretely, inSortVision/tests/quality-assurance.mjsaround lines 139–141, change:to perform two replacements each: first
\\to\\\\, then|to\|. No new imports or helper functions are required; we can chainreplacecalls with regular expressions using the globalgflag.Suggested fixes powered by Copilot Autofix. Review carefully before merging.