Rocket.Chat.ReactNative icon indicating copy to clipboard operation
Rocket.Chat.ReactNative copied to clipboard
verified publisher icon RocketChat

fix: sanitize special characters in slugifyLikeString function

Open deepak0x opened this issue 2 months ago • 1 comments

Proposed changes

Fixed a bug in slugifyLikeString function where special character sanitization was not working due to dead code.

Issue(s)

Fixes #6782

How to test or reproduce

  1. Run the test suite: yarn test app/lib/database/utils.test.ts
  2. Verify special characters are properly sanitized:
    • slugifyLikeString('test@#$123') should return 'test___123'
    • slugifyLikeString('hello.world!') should return 'hello_world_'

Screenshots

N/A (Code fix)

Types of changes

  • [x] Bugfix (non-breaking change which fixes an issue)
  • [ ] Improvement (non-breaking change which improves a current function)
  • [ ] New feature (non-breaking change which adds functionality)
  • [ ] Documentation update (if none of the other choices apply)

Checklist

  • [x] I have read the CONTRIBUTING doc
  • [x] I have signed the CLA
  • [x] Lint and unit tests pass locally with my changes
  • [x] I have added tests that prove my fix is effective.
  • [ ] I have added necessary documentation (if applicable)
  • [ ] Any dependent changes have been merged and published in downstream modules

Further comments

What was fixed:

  • File: app/lib/database/utils.ts
  • Issue: Line 14 had dead code where str?.replace(likeStringRegex, '_') result was not assigned
  • Fix: Changed to const sanitized = str.replace(likeStringRegex, '_') to properly sanitize before slugifying

Changes:

  1. Fixed the slugifyLikeString function to properly sanitize special characters
  2. Added test cases to verify special character sanitization works correctly
  3. All existing tests pass (14/14 tests)

Impact:

  • Special characters are now properly replaced with '_' before slugification
  • Function works as intended: sanitize → then slugify
  • Used in search functionality and room merging

Test Results:

  • All 14 tests passing
  • New test added for special character sanitization
  • Existing functionality preserved

Summary by CodeRabbit

  • Bug Fixes

    • Special characters in strings are now properly sanitized before slugification, ensuring consistent string transformations.

  • Tests

    • Added test cases validating special character handling during the slugification process.

deepak0x avatar Nov 10 '25 11:11 deepak0x

Walkthrough

The changes fix a bug in slugifyLikeString where the sanitization replacement result was not assigned to a variable, causing the function to skip sanitization before passing strings to the slugify operation. Test cases are added to validate the corrected behavior with special characters.

Changes

Cohort / File(s) Summary
Bug fix to sanitization pipeline
app/lib/database/utils.ts		 Modified slugifyLikeString to capture the result of the replace() call into a variable before passing it to slugify(), fixing a no-op replacement bug.
Test validation
app/lib/database/utils.test.ts		 Added test cases for slugifyLikeString validating sanitization of special characters: @#$_, .!_, and preserving alphanumeric characters with underscores.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Verify the assignment of the replace() result is correct and all replacements are propagated to slugify()
  • Confirm test cases cover the primary edge cases (special characters, existing underscores, numeric content)
  • Ensure the regex pattern used in likeStringRegex is appropriate for the intended sanitization scope

Poem

🐰 A string sanitized but lost in the ether,
Now captured and slugified, bound tight together!
Special chars replaced with underscores so fine,
The tests hop in circles—all logic divine! ✨

Pre-merge checks and finishing touches

✅ Passed checks (5 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title 'fix: sanitize special characters in slugifyLikeString function' accurately describes the main change: fixing a bug where special character sanitization was not applied due to an unassigned replace() result.
Linked Issues check ✅ Passed The PR fully addresses issue #6782: assigns sanitized value before calling slugify, adds test cases verifying sanitization works correctly, and fixes the bug that was skipping the sanitization step.
Out of Scope Changes check ✅ Passed All changes are directly related to fixing the slugifyLikeString sanitization bug. The modifications to utils.ts and test file are squarely within the scope defined by issue #6782.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
  • [ ] 📝 Generate docstrings
🧪 Generate unit tests (beta)
  • [ ] Create PR with unit tests
  • [ ] Post copyable unit tests in a comment
📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

Disabled knowledge base sources:

  • Jira integration is disabled by default for public repositories

You can enable these sources in your CodeRabbit configuration.

📥 Commits

Reviewing files that changed from the base of the PR and between 35324474ba7b5bcaf15c8d49c0a31b293d253c04 and 1c3e4e0174bb0f4dbe848ff47133e0014b3a8361.

📒 Files selected for processing (2)
  • app/lib/database/utils.test.ts (1 hunks)
  • app/lib/database/utils.ts (1 hunks)
🔇 Additional comments (2)
app/lib/database/utils.ts (1)

14-16: Fix correctly addresses the sanitization bug.

The assignment of the replacement result to sanitized ensures that special characters are properly replaced before slugification. This resolves the issue where the previous str?.replace() call was a no-op because its result was not used.

app/lib/database/utils.test.ts (1)

72-77: Excellent test coverage for the sanitization fix.

The new test case validates that special characters are correctly replaced with underscores before slugification, directly verifying the bug fix. The three assertions cover different special character patterns and confirm the expected behavior.

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot] avatar Nov 10 '25 11:11 coderabbitai[bot]