php@8.1: Fix incomplete string escaping or encoding #232433
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
autosquash
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
Potential fix for code scanning alert no. 173: Incomplete string escaping or encoding Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: Patrick Linnane <patrick@linnane.io>
p-linnane
force-pushed
the
alert-autofix-173
branch
from
632f672 to
2d8aa5d
Compare
github-actions
bot
removed
the
autosquash
p-linnane
changed the title
carlocab
added
CI-no-bottles
SMillerDev
approved these changes
Aug 6, 2025
Contributor
|
🤖 An automated task has requested bottles to be published to this PR. Caution Please do not push to this PR branch before the bottle commits have been pushed, as this results in a state that is difficult to recover from. If you need to resolve a merge conflict, please use a merge commit. Do not force-push to this PR branch. |
github-actions
bot
added
the
CI-published-bottle-commits
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Potential fix for https://github.com/Homebrew/homebrew-core/security/code-scanning/173
To fix the problem, we should ensure that both backslashes and
@characters are properly escaped in the string interpolation. This means replacing every backslash (\) with a double backslash (\\), and every@with\@. The best way to do this is to usegsubtwice: first to escape backslashes, then to escape@. This should be done in the string interpolation on line 94, within thes.gsub!call. No additional imports or dependencies are needed, as this is standard Ruby string manipulation.Suggested fixes powered by Copilot Autofix. Review carefully before merging.