Bug#907667: lintian: should html escape output if --color=html is used
Chris Lamb:
> Hi Niels,
>
>> Any reason for introducing the CGI dependency over simply applying the
>> same escape rules for the $information variable?
>
> Only because well-used libraries are preferred, particularly for data
> sanitisation (!) operations.
>
> Is the extra dependency problematic? We use some far-more esoteric
> libraries than CGI, so I did not think it would be an issue.
>
>
> Regards,
>
If we are consistent with how we perform the quoting, I do not mind the
extra dependency. Particularly because it should be doable to reduce it
to a suggests given --color=html is not a default (which we can add
later if relevant).
Though, reminder - if you introduce a new dependency, you will have to
get DSA to install it on lindsay.d.o before you can upgrade lintian there.
Thanks,
~Niels
Reply to: