Sanitize pomodoro descriptions and cleanup CI#34
Conversation
|
@codex review |
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: b89aa7e7c5
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
|
|
||
| # Insert the 4 arguments into the table | ||
| # Escape single quotes for SQL (replace ' with '') | ||
| SAFE_MESSAGE="${4//\'/\'\'}" |
There was a problem hiding this comment.
The pattern in SAFE_MESSAGE="${4//\'/\'\'}" only matches the two-character sequence \' (backslash + quote) because the backslash is preserved inside double quotes. Messages like Maxime's contain a bare single quote, so this replacement is a no-op and the SQL literal still breaks (or can be exploited) when the message includes ' without a preceding backslash. Consider matching the literal ' (e.g., ${4//"'"/"''"}) or using sqlite parameters to avoid relying on manual escaping.
Useful? React with 👍 / 👎.
Add AGENTS.md with build commands and architecture overview for coding agents. Add CLAUDE.md that references AGENTS.md. Update .gitignore to exclude Claude Code local settings. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Prevents SQL syntax errors when pomodoro messages contain apostrophes (e.g., "Ed's questions") by escaping single quotes before insertion. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
dirtyhenry
force-pushed
the
sanitize-description
branch
from
5404c77 to
7cdad0a
Compare
|
@codex review |
|
Codex Review: Didn't find any major issues. 🚀 ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
The previous escaping pattern `${4//\'/\'\'}` doesn't work inside double
quotes because `\'` is not a valid escape sequence - bash preserves the
backslash literally. Using a variable to hold the single quote character
ensures proper matching and replacement.
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
dirtyhenry
force-pushed
the
sanitize-description
branch
from
7cdad0a to
67de3f5
Compare
The maintenance overhead outweighs the benefits for this project. Existing make lint/format commands provide sufficient linting. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Use tabs for indentation and remove trailing whitespace. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
dirtyhenry
changed the title
|
@codex review |
|
Codex Review: Didn't find any major issues. Chef's kiss. ℹ️ About Codex in GitHubYour team has set up Codex to review pull requests in this repo. Reviews are triggered when you
If Codex has suggestions, it will comment; otherwise it will react with 👍. Codex can also answer questions or update the PR. Try commenting "@codex address that feedback". |
1 participant
Summary
🤖 Generated with Claude Code