Use HTML-escaped messages in CheckstyleOutput

fixes php-parallel-lint#72

Author: gmazzap

src/Output.php

@@ -441,7 +441,7 @@ public function writeResult(Result $result, ErrorFormatter $errorFormatter, $ign
                     sprintf(
                         '        <error line="%d" severity="ERROR" message="%s" source="%s" />',
                         $fileError['line'],
-                        $fileError['message'],
+                        htmlspecialchars($fileError['message'], ENT_COMPAT, 'UTF-8'),
                         $fileError['source']
                     ) .
                     PHP_EOL

tests/Output.phpt

@@ -8,6 +8,7 @@ require __DIR__ . '/../vendor/autoload.php';
 
 use JakubOnderka\PhpParallelLint\ErrorFormatter;
 use JakubOnderka\PhpParallelLint\GitLabOutput;
+use JakubOnderka\PhpParallelLint\CheckstyleOutput;
 use JakubOnderka\PhpParallelLint\IWriter;
 use JakubOnderka\PhpParallelLint\Result;
 use JakubOnderka\PhpParallelLint\SyntaxError;
@@ -46,6 +47,27 @@ class OutputTest extends Tester\TestCase
         }
     }
 
+    public function testCheckstyleOutput()
+    {
+        $errors = array(
+            new JakubOnderka\PhpParallelLint\SyntaxError(
+                'sample.php',
+                'Parse error: syntax error, unexpected \'"\' in ./sample.php on line 3'
+            ),
+        );
+
+        $result = new Result($errors, array(), array(), 0);
+        $writer = new TestWriter();
+        $output = new CheckstyleOutput($writer);
+
+        $output->writeResult($result, new ErrorFormatter(), true);
+        $xml = $writer->getLogs();
+        $parsed = @simplexml_load_string($xml);
+
+        Assert::contains("unexpected '"'", $xml);
+        Assert::type('SimpleXMLElement', $parsed);
+    }
+
     public function getGitLabOutputData()
     {
         return array(