Don't escape '<>&' symbols in JSON
What does this MR do?
This MR replaces json.Marshal
with json.NewEncoder
in order to set SetEscapeHTML(false)
. This is necessary because using json.Marshal
causes <>&
characters to be escaped, which means if we want to use the >
character, as in this example:
{ "value": "coveralls:3.0.0 > log-driver:1.2.6 > codecov.io:0.0.1 > request:2.42.0 > hawk:1.1.1" }
this will instead be escaped and show up in the JSON
report as:
{ "value": "coveralls:3.0.0 \u003e log-driver:1.2.6 \u003e codecov.io:0.0.1 \u003e request:2.42.0 \u003e hawk:1.1.1" }
As of go 1.18
, it's still not possible to override the escapeHTML
option, since it's hardcoded to true, so that's why we need to use json.NewEncoder
instead of json.Marshal
.
What are the relevant issue numbers?
Show one `shortest path` on the finding details... (gitlab-org/gitlab#348532 - closed)
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Ensure the report version matches the equivalent schema version -
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer