From 4fea780b9be13218c94e92d37bebfdfcb36d1116 Mon Sep 17 00:00:00 2001
From: "Hussam.lawen" <hussam789@gmail.com>
Date: Wed, 14 Aug 2024 12:13:51 +0300
Subject: [PATCH] fix html escaping

---
 pr_agent/algo/utils.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/pr_agent/algo/utils.py b/pr_agent/algo/utils.py
index 513f3853..b7b5eb2c 100644
--- a/pr_agent/algo/utils.py
+++ b/pr_agent/algo/utils.py
@@ -1,5 +1,6 @@
 from __future__ import annotations
 
+import html
 import copy
 import difflib
 import json
@@ -770,6 +771,7 @@ def replace_code_tags(text):
     """
     Replace odd instances of ` with <code> and even instances of ` with </code>
     """
+    text = html.escape(text)
     parts = text.split('`')
     for i in range(1, len(parts), 2):
         parts[i] = '<code>' + parts[i] + '</code>'