mirror of
https://github.com/multica-ai/multica.git
synced 2026-07-17 23:29:01 +02:00
Two follow-ups from Emacs's review on MUL-2406: - runtime_config.go injected `RequestingUserName` raw into `**%s**` in the brief. A name with embedded CR/LF (allowed by `PATCH /api/me`'s outer-trim only, and Google display names) could open a new `## ...` heading and bypass the blockquote guard on the profile description. Add `sanitizeNameForBriefMarkdown` to collapse whitespace, drop C0 controls, and escape inline-markdown structural chars before substitution. Cover the regression with a brief test (newline-laden name + Available Commands payload) and table tests for the sanitizer itself. - `client.ts:getMe()` still bypassed `parseWithFallback`, so a server missing `profile_description` would surface `undefined` to the initial auth load while `updateMe`/PATCH was already guarded. Run GET /api/me through the same `UserSchema` + `EMPTY_USER` fallback to keep the GET/PATCH compatibility boundary symmetric. Co-authored-by: multica-agent <github@multica.ai>