From 669472c80092da87e793e69ac0268616e8c4ebd2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Javi=20Mart=C3=ADn?= <javim@elretirao.net>
Date: Mon, 18 Mar 2024 20:08:50 +0100
Subject: [PATCH] Sanitize the output of a dummy component class

After commit 52ec5094f, we started to get a warning when running out
test suite:

```
WARNING: The #<Class:0x00007958c06fb8e0> component rendered HTML-unsafe
output. The output will be automatically escaped, but you may want to
investigate.
```

The reason is that, for security reasons, since version 3.9.0,
ViewComponent no longer renders unsafe output in the `call` method, so
we need to make sure the rendered text is safe. This is similar to what
Rails automatically does in views with `<%= %>`.

While this change doesn't affect the application (this class is only
used in a test), with it we avoid the warning.
---
 spec/components/application_component_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/spec/components/application_component_spec.rb b/spec/components/application_component_spec.rb
index f3458ed42..97caa5dcf 100644
--- a/spec/components/application_component_spec.rb
+++ b/spec/components/application_component_spec.rb
@@ -6,7 +6,7 @@ describe ApplicationComponent do
 
     component_class = Class.new(ApplicationComponent) do
       def call
-        t("shared.yes")
+        sanitize(t("shared.yes"))
       end
 
       def self.name