search

coderabbitai / ai-pr-reviewer

AI-based Pull Request Summarizer and Reviewer with Chat Capabilities.
https://coderabbit.ai
MIT License
1.42k stars 261 forks source link

sanitize entire response before parsing comments #416

Closed harjotgill closed 11 months ago

harjotgill commented 11 months ago

Summary by CodeRabbit

### Bug Fixes:
- Fixed a logic error in the `add` function in `prompts.ts`. The operation has been corrected from subtraction to addition.
- Enhanced security in `review.ts` by sanitizing the entire response before parsing comments. 

### Refactor:
- Renamed `sanitizeComment` function to `sanitizeResponse` in `review.ts`, and expanded its functionality to sanitize code blocks for suggestions and diffs.

### Removed:
- Removed single line comment functionality as it was deemed unnecessary.

🎉 Here's to bugs that are no more,
To logic errors shown the door.
With sanitized responses, we stand tall,
In the face of threats, big or small.
So here's to code that's clean and neat,
Making our victory oh so sweet! 🥳

github-actions[bot] commented 11 months ago

Image description CodeRabbit

Walkthrough: This update corrects a logic error in the add function and enhances security by sanitizing the entire response before parsing comments. The changes ensure accurate arithmetic operations and safer handling of responses, improving both functionality and security.

Changes:

Files Summary
src/prompts.ts Fixed a syntax error in the add function, changing z = x - y to z = x + y for correct addition operation.
src/review.ts Enhanced security by sanitizing the entire response before parsing comments. Renamed sanitizeComment to sanitizeResponse and updated its functionality to sanitize code blocks for suggestions and diffs. Removed single line comment functionality.