use text/template to avoid HTML escaping

willnorris · willnorris · commit b431030b15aa · 2021-08-09T11:36:20.000-07:00
Co-authored-by: Roy O'Young <roy2220@outlook.com> Closes #57
diff --git a/main.go b/main.go
@@ -21,13 +21,13 @@ import (
 	"errors"
 	"flag"
 	"fmt"
-	"html/template"
 	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
 	"regexp"
 	"strings"
+	"text/template"
 	"time"
 
 	"golang.org/x/sync/errgroup"
diff --git a/main_test.go b/main_test.go
@@ -15,13 +15,13 @@
 package main
 
 import (
-	"html/template"
 	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
 	"testing"
+	"text/template"
 )
 
 func run(t *testing.T, name string, args ...string) {
diff --git a/tmpl.go b/tmpl.go
@@ -18,9 +18,9 @@ import (
 	"bufio"
 	"bytes"
 	"fmt"
-	"html/template"
 	"io/ioutil"
 	"strings"
+	"text/template"
 	"unicode"
 )
 
diff --git a/tmpl_test.go b/tmpl_test.go
@@ -16,9 +16,9 @@ package main
 
 import (
 	"errors"
-	"html/template"
 	"os"
 	"testing"
+	"text/template"
 )
 
 func init() {
@@ -170,6 +170,14 @@ func TestExecuteTemplate(t *testing.T) {
 			"/*", " * ", "*/",
 			"/*\n * HYS\n*/\n\n",
 		},
+
+		// ensure we don't escape HTML characters by using the wrong template package
+		{
+			"{{.Holder}}",
+			licenseData{Holder: "A&Z"},
+			"", "", "",
+			"A&Z\n\n",
+		},
 	}
 
 	for _, tt := range tests {
