Files
awesome-copilot/website
copilot-swe-agent[bot] fb5f22a6b2 fix(website): properly escape backslashes and quotes in file paths
The previous implementation only escaped single quotes, which could allow
backslashes in file paths to break out of the JavaScript string context.
Now we escape backslashes first (\ -> \\), then single quotes (' -> \'),
preventing potential security issues.

Fixes CodeQL alert #26 for incomplete string escaping.

Co-authored-by: aaronpowell <434140+aaronpowell@users.noreply.github.com>
2026-02-02 05:05:42 +00:00
..