tag-like (but not valid HTML tag) text should be escaped

[isoos]

Markdown version: 7.2.2 using GitHubWeb extension set.
Originally reported: dart-lang/pub-dev#7559

Input:

Future<List<EntityAnnotation>> **labelDetection**

<EntityAnnotation>

Output:

<p>Future&lt;List<EntityAnnotation>&gt; <strong>labelDetection</strong></p>
<EntityAnnotation>

Expected: <EntityAnnotation> is also escaped to <EntityAnnotation>.

[isoos]

/cc @chenzhiguang @devoncarew

[srawlins]

I don't think this is a bug. I think this is working as expected. Most CommonMark-compliant Markdown implementations do not escape <EntityAnnotation>.

https://babelmark.github.io/?text=Future%3CList%3CEntityAnnotation%3E%3E+**labelDetection**%0A%0A%3CEntityAnnotation%3E

[isoos]

/cc @jonasfj

I'm not sure what's the best strategy would be here, but maybe we could apply an escaping before running it through HTML sanitization?

[srawlins]

cc @kallentu I think we should just be linting text like this, that is reported by the analyzer. This text should just be in backticks.

[jonasfj]

In backticks or brackets if you want to link to the types, right/maybe?

[srawlins]

Ehhhh. 😁 The formats that the analyzer accepts in square brackets is a short list 😦 . Basically [Foo], [Foo.foo], and [foo.Foo.foo]. So [List<int>] doesn't work, but I would love for it to work some day.

But yes, "in backticks or brackets."

[jonasfj]

Uh, I guess that makes sense.

[faithoflifedev]

As an FYI, it appears that using:

Future<List\<EntityAnnotation>> **labelDetection**

Notice the \<

Will trick the system into creating html that displays correctly on Github and pub.dev

[isoos]

Will trick the system into creating html that displays correctly on Github and pub.dev

@faithoflifedev: I think it may produce an <EntityAnnotation> String text in the markdown output, but pub.dev should filter it out with HTML sanitization. Do you have any example page where we are not filtering it?

[faithoflifedev]

Do you have any example page where we are not filtering it?

Hi @isoos, I originally opened the Issue #7557 that led to this discussion. If I understand your question correctly then you should see an example here - https://pub.dev/packages/google_vision/versions/1.2.0+6#new-helper-methods - you can campare this with - https://pub.dev/packages/google_vision/versions/1.2.0+5#new-helper-methods - where in the first link the HTML is rendered as would be expected by the user (i.e. <EntityAnnotation> is displayed), while on the second link <EntityAnnotation> is missing on the 4th row since the \< workaround was not used.

[isoos]

@faithoflifedev: to be clear, the linked page source has <EntityAnnotation> content, and not <EntityAnnotation> in the sources (in other words: the HTML sanitization is working as expected, the "trick" is for the markdown rendering).

[faithoflifedev]

@isoos, understood - my initial problem was the HTML render difference between pub.dev and github.com, which can be resolved with the workaround. From my perspective there's no need for me to pursue this.

From an overall end-user perspective there may be a perception that a README on github.com will render the same on pub.dev, I'll leave that up to the "collective" you to resolve as you see fit 😄