Cover remaining C1 controls in stdisplay tests

[assisted-by-ai]

Summary

• add regression cases for NEL, PAD/SS3, and status control bytes to ensure they are redacted

Testing

• NO_COLOR="" COLORTERM="" TERM="xterm-direct" PYTHONPATH=usr/lib/python3/dist-packages python3 -m pytest -o 'python_files=tests/*.py' usr/lib/python3/dist-packages/stdisplay/tests/stdisplay.py

---

Codex Task

[assisted-by-ai]

stdisplay builds an allowlist of safe characters: printable ASCII (0x20–0x7E), newline, tab, and allowed SGR escape sequences. Everything else—including other control characters, Unicode beyond ASCII, and any escape sequence that is not an allowed SGR—is replaced with underscores.

Conclusion
Based on the implementation, there isn’t a gap where control characters or Unicode that are meant to be sanitized slip through; anything outside the stated allowlist is converted to underscores.

Added a dedicated test case class covering hostile non-SGR escape sequences (OSC, DCS, kitty graphics, UTF-8 mode, and C1 CSI) to ensure they are neutralized by stdisplay.

Added coverage for APC, PM, SOS, and C1 APC control strings to verify stdisplay redacts them outside the SGR allowlist.

Added zero-width and right-to-left override examples to the shared escape-case corpus to verify they are reduced to safe placeholders.

Introduced coverage for single C1 control characters and 8-bit string commands to confirm stdisplay neutralizes them.

Added Unicode formatting controls (bidi overrides/isolates, zero-width joiner, BOM, and related markers) to the shared escape corpus to confirm they are reduced to safe placeholders.

Added coverage for additional C0/C1 controls and nested OSC/DCS clipboard payloads to ensure stdisplay neutralizes them with underscores.

Added regression coverage for additional C1 control bytes (NEL, PAD/SS3, and STS–EPA range) to confirm stdisplay replaces them with safe placeholders.

[ArrayBolt3]

These don't have to go in their own class.

[ArrayBolt3]

ESC % doesn't seem to be a C1 control sequence that I can tell.

[ArrayBolt3]

Added a dedicated test case class covering hostile non-SGR escape sequences (OSC, DCS, kitty graphics, UTF-8 mode, and C1 CSI) to ensure they are neutralized by stdisplay.

Added coverage for APC, PM, SOS, and C1 APC control strings to verify stdisplay redacts them outside the SGR allowlist.

Added zero-width and right-to-left override examples to the shared escape-case corpus to verify they are reduced to safe placeholders.

Introduced coverage for single C1 control characters and 8-bit string commands to confirm stdisplay neutralizes them.

Added Unicode formatting controls (bidi overrides/isolates, zero-width joiner, BOM, and related markers) to the shared escape corpus to confirm they are reduced to safe placeholders.

Added coverage for additional C0/C1 controls and nested OSC/DCS clipboard payloads to ensure stdisplay neutralizes them with underscores.

Added regression coverage for additional C1 control bytes (NEL, PAD/SS3, and STS–EPA range) to confirm stdisplay replaces them with safe placeholders.

All accepted. (I didn't audit to make sure all of the sequences in this PR are the sequences ChatGPT says it included, but really any weird Unicode and escape sequences should be caught by stdisplay, so I don't care too much about whether the commands being sanitized out are well-formed or even valid. We only cared about this for the CSI commands because stdisplay is supposed to semi-interpret and allow through some CSI commands.)

Added the test cases in ArrayBolt3@bb095e1. (Did not use the redundant code from this.) This PR can be closed.