Skip to content

Refactor string helpers to have less monkey patching#227

Open
mvz wants to merge 8 commits into
masterfrom
refactor-string-helpers
Open

Refactor string helpers to have less monkey patching#227
mvz wants to merge 8 commits into
masterfrom
refactor-string-helpers

Deprecate String#strip_html monkey-patch and replace calls to it

5f2198c
Select commit
Loading
Failed to load commit list.
GitHub Advanced Security / CodeQL failed May 16, 2026 in 2s

2 new alerts including 2 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 2 high

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 21 in lib/publify_core/text_transformer.rb

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
that depends on a
library input
may run slow on strings starting with '<' and with many repetitions of '<'.

Check failure on line 21 in lib/publify_core/text_transformer.rb

See this annotation in the file changed.

Code scanning / CodeQL

Incomplete multi-character sanitization High

This string may still contain
<script
, which may cause an HTML element injection vulnerability.