fix: commit messages being double-escaped in activies tab

CHANGELOG.md

@@ -119,6 +119,7 @@ Please view this file on the master branch, on stable branches it's out of date.
   - Cleanup Ci::ApplicationController. !6757 (Takuya Noguchi)
   - Fixes padding in all clipboard icons that have .btn class
   - Fix a typo in doc/api/labels.md
+  - Fix double-escaping in activities tab (Alexandre Maia)
   - API: all unknown routing will be handled with 404 Not Found
   - Add docs for request profiling
   - Make guests unable to view MRs on private projects

lib/banzai/filter/html_entity_filter.rb

@@ -5,7 +5,7 @@ module Banzai
     # Text filter that escapes these HTML entities: & " < >
     class HtmlEntityFilter < HTML::Pipeline::TextFilter
       def call
-        ERB::Util.html_escape(text)
+        ERB::Util.html_escape_once(text)
       end
     end
   end

spec/lib/banzai/filter/html_entity_filter_spec.rb

@@ -11,4 +11,9 @@ describe Banzai::Filter::HtmlEntityFilter, lib: true do
 
     expect(output).to eq(escaped)
   end
+
+  it 'does not double-escape' do
+    escaped = ERB::Util.html_escape("Merge branch 'blabla' into 'master'")
+    expect(filter(escaped)).to eq(escaped)
+  end
 end