fix(maven): return escaped summary for project description (#5839)

Sychic · web-flow · commit d1b122fb21a1 · 2026-04-19T14:58:32.000Z
* fix(maven): return escaped summary for project description

* build: add quickxml to labrinth

* fix(maven): use quickxml to escape xml special chars
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/apps/labrinth/Cargo.toml b/apps/labrinth/Cargo.toml
@@ -80,6 +80,7 @@ murmur2 = { workspace = true }
 paste = { workspace = true }
 path-util = { workspace = true }
 prometheus = { workspace = true }
+quick-xml = { workspace = true }
 rand = { workspace = true }
 rand_chacha = { workspace = true }
 redis = { workspace = true, features = ["ahash", "r2d2", "tokio-comp"] }
diff --git a/apps/labrinth/src/routes/maven.rs b/apps/labrinth/src/routes/maven.rs
@@ -13,6 +13,7 @@ use crate::queue::session::AuthQueue;
 use crate::routes::ApiError;
 use crate::{auth::get_user_from_headers, database};
 use actix_web::{HttpRequest, HttpResponse, get, route, web};
+use quick_xml::escape::escape;
 use std::collections::HashSet;
 use yaserde::YaSerialize;
 
@@ -329,7 +330,7 @@ pub async fn version_file(
             artifact_id: project_id,
             version: vnum,
             name: project.inner.name,
-            description: project.inner.description,
+            description: escape(project.inner.summary).into_owned(),
         };
         return Ok(HttpResponse::Ok()
             .content_type("text/xml")
