• anton@lemmy.blahaj.zone
    link
    fedilink
    arrow-up
    1
    ·
    9 months ago

    I looked at the diff, it’s around 100 lines of new code and a few hundred lines of comments and tests.
    I couldn’t have written it, but there are many smarter people that fixed it after they learned of the problem.

    What also made it easier to fix is that they (sensibly) chose to error on certain strings that can’t be escaped safely.

    • bizdelnick
      link
      fedilink
      arrow-up
      1
      ·
      9 months ago

      It’s not a proper fix, there are still cases when correct escaping is impossible and the function simply returns a error. I don"t know if if this possible at all to escape any string or if it is just because of lack of documentation, but anyway i wouldn’t call this a thing that is easy to fix.