From 556d525dd88cb0db7ee6acdf54a771881b7f9dcc Mon Sep 17 00:00:00 2001 From: shivanagendrak Date: Wed, 28 Jan 2026 22:00:56 -0700 Subject: [PATCH] fix(test): use '&' for XML escaping test to support Windows CI --- src/media-understanding/apply.test.ts | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/src/media-understanding/apply.test.ts b/src/media-understanding/apply.test.ts index e06adbc24..be08f933e 100644 --- a/src/media-understanding/apply.test.ts +++ b/src/media-understanding/apply.test.ts @@ -551,9 +551,8 @@ describe("applyMediaUnderstanding", () => { const { applyMediaUnderstanding } = await loadApply(); const dir = await fs.mkdtemp(path.join(os.tmpdir(), "moltbot-media-")); // Create file with XML special characters in the name (what filesystem allows) - // Note: The sanitizeFilename in store.ts would strip most dangerous chars, - // but we test that even if some slip through, they get escaped in output - const filePath = path.join(dir, "file.txt"); + // We use '&' because it's valid on all platforms (including Windows) but still requires XML escaping + const filePath = path.join(dir, "file&test.txt"); await fs.writeFile(filePath, "safe content"); const ctx: MsgContext = { @@ -575,10 +574,9 @@ describe("applyMediaUnderstanding", () => { expect(result.appliedFile).toBe(true); // Verify XML special chars are escaped in the output - expect(ctx.Body).toContain("<"); - expect(ctx.Body).toContain(">"); - // The raw < and > should not appear unescaped in the name attribute - expect(ctx.Body).not.toMatch(/name="[^"]*<[^"]*"/); + expect(ctx.Body).toContain("&"); + // The raw & should not appear unescaped in the name attribute + expect(ctx.Body).not.toMatch(/name="[^"]*&[^"]*"/); }); it("normalizes MIME types to prevent attribute injection", async () => {