From 5c810ceeadcd23b94dfed54ec194cd0f2695d020 Mon Sep 17 00:00:00 2001
From: Jordan Padams <33492486+jordanpadams@users.noreply.github.com>
Date: Wed, 13 Nov 2024 17:30:11 -0800
Subject: [PATCH] Fix code scanning alert no. 20: Jinja2 templating with
 autoescape=False

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 src/pds/registry/utils/treks/product_service_builder.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/pds/registry/utils/treks/product_service_builder.py b/src/pds/registry/utils/treks/product_service_builder.py
index c11f8aa..939971d 100644
--- a/src/pds/registry/utils/treks/product_service_builder.py
+++ b/src/pds/registry/utils/treks/product_service_builder.py
@@ -5,7 +5,7 @@
 from datetime import date
 
 import requests
-from jinja2 import Environment
+from jinja2 import Environment, select_autoescape
 from pds.registry.utils.treks import templates
 
 
@@ -60,7 +60,7 @@ def create_pds4_xml(self):
         self.create_reference_list()
 
         # create env
-        env = Environment()
+        env = Environment(autoescape=select_autoescape(['html', 'xml']))
 
         # get template
         with importlib.resources.open_text(templates, "product-service-template.xml") as io: