fix(codegen): escape backticks and ${} in template literal raw values#18101
Closed
CompuIves wants to merge 1 commit intooxc-project:mainfrom
Closed
fix(codegen): escape backticks and ${} in template literal raw values#18101CompuIves wants to merge 1 commit intooxc-project:mainfrom
${} in template literal raw values#18101CompuIves wants to merge 1 commit intooxc-project:mainfrom
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a codegen bug where backticks and template literal interpolation syntax (${}) in template literal raw values could cause syntax errors when generating code. The fix adds proper escaping logic for template literals, handling backticks, ${} sequences, and </script> tags.
Changes:
- Added
print_template_literal_strmethod to escape special sequences in template literals - Added helper function
is_preceded_by_odd_backslashesto detect already-escaped characters - Updated
TemplateLiteralcode generation to use the new escaping method - Added comprehensive unit tests for the escaping logic
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| crates/oxc_codegen/src/lib.rs | Implements new template literal escaping function with unit tests |
| crates/oxc_codegen/src/gen.rs | Updates TemplateLiteral to use new escaping method instead of script-tag-only escaping |
Comments suppressed due to low confidence (1)
crates/oxc_codegen/src/gen.rs:3281
- TSTemplateLiteralType should also use
print_template_literal_strinstead ofprint_strto properly escape backticks,${}, and</script>sequences, consistent with the runtime TemplateLiteral handling.
p.print_str(item.value.raw.as_str());
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Merging this PR will not alter performance
Comparing 
Footnotes
|
CompuIves
force-pushed
the
template-literal-escaping
branch
from
b3c55d2 to
848f273
Compare
Boshen
added a commit
that referenced
this pull request
Jan 17, 2026
…atic template literal creation
Adds a helper method to AstBuilder that creates a TemplateElementValue from a cooked string,
automatically escaping special characters (backticks, ${, backslashes, carriage returns) in the
raw field.
This is useful when programmatically creating template literals. The codegen always expects valid
AST with properly escaped raw values - use this helper instead of manually constructing
TemplateElementValue.
Closes #18101
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Boshen
added a commit
that referenced
this pull request
Jan 17, 2026
Add `escape_raw: bool` parameter to `template_element` and `template_element_with_lone_surrogates` builder methods. When building template literals programmatically from cooked values, special characters (backticks, dollar-braces, backslashes, carriage returns) need to be escaped in the raw field. Setting `escape_raw: true` automatically handles this escaping. The parser passes `false` since it receives already-escaped values from source. Programmatic users should pass `true` when creating template elements from runtime string values. Closes #18101 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2 tasks
Member
|
Superseded by #18121 - instead of escaping in codegen, we add an Codegen always expects valid AST - users should pass |
Boshen
added a commit
that referenced
this pull request
Jan 17, 2026
Add `escape_raw: bool` parameter to `template_element` and `template_element_with_lone_surrogates` builder methods. When building template literals programmatically from cooked values, special characters (backticks, dollar-braces, backslashes, carriage returns) need to be escaped in the raw field. Setting `escape_raw: true` automatically handles this escaping. The parser passes `false` since it receives already-escaped values from source. Programmatic users should pass `true` when creating template elements from runtime string values. Closes #18101 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Boshen
added a commit
that referenced
this pull request
Jan 17, 2026
Add `escape_raw: bool` parameter to `template_element` and `template_element_with_lone_surrogates` builder methods. When building template literals programmatically from cooked values, special characters (backticks, dollar-braces, backslashes, carriage returns) need to be escaped in the raw field. Setting `escape_raw: true` automatically handles this escaping. The parser passes `false` since it receives already-escaped values from source. Programmatic users should pass `true` when creating template elements from runtime string values. Closes #18101 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
graphite-app bot
pushed a commit
that referenced
this pull request
Jan 19, 2026
) ## Summary - Add `escape_raw: bool` parameter to `template_element` and `template_element_with_lone_surrogates` builder methods - When `escape_raw: true`, special characters (backticks, `${`, backslashes, carriage returns) are automatically escaped in the raw field - Parser passes `false` (already-escaped values from source) - Programmatic users pass `true` (runtime string values need escaping) This is an alternative approach to #18101 - instead of escaping in codegen, we make the escaping opt-in at the AST builder level. Closes #18101 ## Test plan - [x] Added test `template_literal_escape_when_building_ast` in codegen tests - [x] Verified parser still works correctly with `escape_raw: false` 🤖 Generated with [Claude Code](https://claude.com/claude-code)
graphite-app bot
pushed a commit
that referenced
this pull request
Jan 19, 2026
) ## Summary - Add `escape_raw: bool` parameter to `template_element` and `template_element_with_lone_surrogates` builder methods - When `escape_raw: true`, special characters (backticks, `${`, backslashes, carriage returns) are automatically escaped in the raw field - Parser passes `false` (already-escaped values from source) - Programmatic users pass `true` (runtime string values need escaping) This is an alternative approach to #18101 - instead of escaping in codegen, we make the escaping opt-in at the AST builder level. Closes #18101 ## Test plan - [x] Added test `template_literal_escape_when_building_ast` in codegen tests - [x] Verified parser still works correctly with `escape_raw: false` 🤖 Generated with [Claude Code](https://claude.com/claude-code)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We're using OXC pretty extensively these days for custom transforms, lints and now also for code edits where users make edits in a UI and we update code. I'm a big fan of OXC, it's super fast, easy to use and also works great in the browser!
When manually injecting AST, or e.g. editing AST, I noticed that it's possible to inject backticks in template literals, leading to syntax errors. It seems like we already have escaping logic (single/double quotes, etc) for strings, so I thought it could be valuable to also add escaping to template literals in
codegen.