search

serenity-rs / poise

Discord bot command framework for serenity, with advanced features like edit tracking and flexible argument parsing
MIT License
597 stars 106 forks source link

ArgumentParse errors from poise::command are not sanitized #263

Closed getchoo closed 1 month ago

getchoo commented 2 months ago

https://github.com/serenity-rs/poise/blob/186897a2f4f18b59152c9e670db5cd328bb22ea7/src/builtins/mod.rs#L86-L90

this can easily lead to many side effects with not-very-specially formatted messages like

hello` <@746501080409702461> `world

jamesbt365 commented 2 months ago

Could be easily fixed by disabling all mentions.