open-code-review/cmd
kite a37bee50fb fix: sanitize terminal control characters in text output to prevent escape-sequence injection (#143)
Strip C0/C1 control characters and DEL from model/diff-derived strings
before printing to the terminal, preventing OSC 52 clipboard hijack,
screen erasure spoofing, and other ANSI injection attacks (CWE-150).
JSON output is unaffected as encoding/json already escapes control chars.
2026-06-16 14:48:56 +08:00
..
opencodereview fix: sanitize terminal control characters in text output to prevent escape-sequence injection (#143) 2026-06-16 14:48:56 +08:00
testdiff feat(tool): add global git subprocess concurrency limiter and propagate context.Context to diff layer 2026-06-06 20:20:34 +08:00