Summary
Safe-output sanitization escapes template delimiters inside GitHub suggestion fenced code blocks. This makes PR review suggestions unsafe to apply when the suggested replacement contains legitimate documentation syntax that uses double curly braces, such as Elastic documentation substitutions.
Reproduction
Have an agentic workflow create a pull request review comment with a GitHub suggestion block like this:
```suggestion
Refer to [Advanced {{fleet-server}} options](/reference/fleet/fleet-server-scalability.md#fleet-server-configuration).
```The rendered review suggestion becomes:
```suggestion
Refer to [Advanced \{\{fleet-server}} options](/reference/fleet/fleet-server-scalability.md#fleet-server-configuration).
```If a human clicks Commit suggestion, GitHub applies the backslashes literally and changes the source file to \{{fleet-server}}, breaking the documentation substitution.
Expected behavior
Sanitization should preserve the contents of fenced code blocks, including GitHub suggestion fences. The Safe Outputs specification says code blocks and inline code must not be sanitized, and a suggestion block is a fenced code block whose contents are intended to be applied literally.
Actual behavior
The safe-output sanitizer neutralizes {{ inside the suggestion fence, changing apply-ready patch text.
Impact
This affects documentation repositories that use template-like syntax as source content. In Elastic docs, {{...}} is valid substitution syntax, so escaped braces in a suggestion block produce an incorrect patch when accepted.
Notes
This appears related to template delimiter sanitization from #15015, which intentionally neutralizes patterns like {{ to \{\{. That behavior makes sense for normal comment text, but not inside fenced code blocks, especially suggestion blocks where the content is executable patch text.
Summary
Safe-output sanitization escapes template delimiters inside GitHub
suggestionfenced code blocks. This makes PR review suggestions unsafe to apply when the suggested replacement contains legitimate documentation syntax that uses double curly braces, such as Elastic documentation substitutions.Reproduction
Have an agentic workflow create a pull request review comment with a GitHub suggestion block like this:
The rendered review suggestion becomes:
If a human clicks Commit suggestion, GitHub applies the backslashes literally and changes the source file to
\{{fleet-server}}, breaking the documentation substitution.Expected behavior
Sanitization should preserve the contents of fenced code blocks, including GitHub suggestion fences. The Safe Outputs specification says code blocks and inline code must not be sanitized, and a suggestion block is a fenced code block whose contents are intended to be applied literally.
Actual behavior
The safe-output sanitizer neutralizes
{{inside thesuggestionfence, changing apply-ready patch text.Impact
This affects documentation repositories that use template-like syntax as source content. In Elastic docs,
{{...}}is valid substitution syntax, so escaped braces in a suggestion block produce an incorrect patch when accepted.Notes
This appears related to template delimiter sanitization from #15015, which intentionally neutralizes patterns like
{{to\{\{. That behavior makes sense for normal comment text, but not inside fenced code blocks, especiallysuggestionblocks where the content is executable patch text.