pub fn sanitize_for_pattern_matching(command: &str) -> Cow<'_, str>Expand description
Create a sanitized view of command for regex-based pattern matching.
This function replaces known-safe string arguments (commit messages, issue descriptions, grep patterns, etc.) so dangerous substrings inside those arguments don’t trigger false-positive blocks.
The sanitizer is intentionally conservative:
- It only strips arguments in the explicit
SAFE_STRING_REGISTRY. - It never strips any token that appears to contain shell-executed constructs
like
$(or backticks (even if the flag/command is otherwise safe).
This is designed to be be used on the hot path, so it returns a borrowed view when no sanitization is required.