WIP: Hoist escape_md to shared diffguard-types crate

crates/diffguard-analytics/src/lib.rs

@@ -175,7 +175,7 @@ pub struct TrendRun {
     /// Stored as `u64` to avoid silent truncation for very large repositories
     /// (those with more than 2^32 - 1 unique files).
     pub files_scanned: u64,
-    pub lines_scanned: u32,
+    pub lines_scanned: u64,
     pub findings: u32,
 }
 

crates/diffguard-core/src/render.rs

@@ -1,6 +1,6 @@
 use diffguard_types::{
     CheckReceipt, Finding, REASON_GIT_UNAVAILABLE, REASON_MISSING_BASE, REASON_NO_DIFF_INPUT,
-    REASON_TOOL_ERROR, REASON_TRUNCATED, VerdictStatus,
+    REASON_TOOL_ERROR, REASON_TRUNCATED, VerdictStatus, escape_md,
 };
 
 /// Reasons that are meaningful to render in markdown output.
@@ -114,28 +114,6 @@ fn render_finding_row(f: &Finding) -> String {
     )
 }
 
-/// Escapes special Markdown characters in table cell content.
-///
-/// Escapes pipe (`|`), backtick (`` ` ``), hash (`#`), asterisk (`*`),
-/// underscore (`_`), open bracket (`[`), close bracket (`]`), and greater-than
-/// (`>`) characters by prefixing with backslash. Also escapes CRLF (`\r\n`)
-/// and LF (`\n`) line endings to prevent breaking the markdown table structure.
-///
-/// These escapes are needed to prevent breaking the markdown table structure
-/// and prevent unintended markdown formatting.
-fn escape_md(s: &str) -> String {
-    s.replace('|', "\\|")
-        .replace('`', "\\`")
-        .replace('#', "\\#")
-        .replace('*', "\\*")
-        .replace('_', "\\_")
-        .replace('[', "\\[")
-        .replace(']', "\\]")
-        .replace('>', "\\>")
-        .replace('\r', "\\r")
-        .replace('\n', "\\n")
-}
-
 #[cfg(test)]
 mod tests {
     use super::*;

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_common_escapes.snap

@@ -0,0 +1,6 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"dir\\ name\\\"quote\\\"\\\\tab\\tnewline\\ncarriage\\rend\"#)"
+---
+dir name"quote"\tab	newline
+carriageend

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_embedded_octal-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"octal\\141\\040space\"#)"
+---
+octala space

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_embedded_octal.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"hello\\041world\"#)"
+---
+hello!world

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_empty.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(\"\")"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_max_octal_values-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\77\"#)"
+---
+?

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_max_octal_values.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\377\"#)"
+---
+�

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_multiple_octal.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\001\\002\\003\"#)"
+---
+


crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_no_escapes.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(\"plain_string_no_escapes\")"
+---
+plain_string_no_escapes

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_non_octal_digits-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\9\"#)"
+---
+\9

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_non_octal_digits.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\8\"#)"
+---
+\8

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\1\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-3.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\2\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-4.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\3\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-5.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\4\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-6.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\5\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-7.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\6\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_single_digit_octal-8.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\7\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_three_digit_octal-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\177\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_trailing_backslash.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"endswith\\\"#)"
+---
+endswith\

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_two_digit_octal-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\07\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_two_digit_octal-3.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\10\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_two_digit_octal-4.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\12\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_two_digit_octal-5.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\15\"#)"
+---
+

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_two_digit_octal-6.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\77\"#)"
+---
+?

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_unknown_escape-2.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\q1\"#)"
+---
+\q1

crates/diffguard-diff/src/snapshots/diffguard_diff__unified__tests__snapshot_unescape_git_path_unknown_escape.snap

@@ -0,0 +1,5 @@
+---
+source: crates/diffguard-diff/src/unified.rs
+expression: "unescape_git_path(r#\"\\q\"#)"
+---
+\q

crates/diffguard-diff/tests/integration_octal_escaped_paths.rs

@@ -0,0 +1,147 @@
+//! Integration tests for parsing diffs with octal-escaped paths.
+//!
+//! These tests exercise the full pipeline: raw diff text with quoted paths
+//! containing octal escape sequences → parse_unified_diff → DiffLine with
+//! correctly unescaped paths.
+//!
+//! The change being tested: replacing `u8 as u32` with `u32::from(u8)` in
+//! unescape_git_path's octal parsing branch. This is a lossless widening cast
+//! that doesn't affect behavior, but these tests verify the full integration
+//! path still works correctly.
+
+use diffguard_diff::parse_unified_diff;
+use diffguard_types::Scope;
+
+/// Test: Full pipeline with a path containing an octal-escaped space.
+/// Git outputs paths with spaces as `\040` (octal for space).
+///
+/// Flow: diff text with quoted path → parse_diff_git_line → tokenize_git_paths
+///       → unquote_git_token → unescape_git_path → unescaped path in DiffLine
+#[test]
+fn test_parse_diff_with_octal_escaped_space_in_path() {
+    // Git quotes paths with special characters and uses octal escapes for spaces
+    // "\040" is octal for space (ASCII 32)
+    let diff = r#"
+diff --git "a/path\040with spaces/file.rs" "b/path with spaces/file.rs"
+--- "a/path\040with spaces/file.rs"
++++ "b/path with spaces/file.rs"
+@@ -1 +1,2 @@
+ fn existing() {}
++fn added() {}
+"#;
+
+    let (lines, stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+
+    // The path should be unescaped: \040 → ' '
+    assert_eq!(lines.len(), 1);
+    assert_eq!(lines[0].path, "path with spaces/file.rs");
+    assert_eq!(lines[0].content, "fn added() {}");
+    assert_eq!(stats.files, 1);
+    assert_eq!(stats.lines, 1);
+}
+
+/// Test: Full pipeline with embedded octal escapes in path.
+/// Path contains multiple octal escapes representing different characters.
+///
+/// \041 = '!' (ASCII 33)
+/// \040 = ' ' (ASCII 32)
+#[test]
+fn test_parse_diff_with_multiple_octal_escapes_in_path() {
+    let diff = r#"
+diff --git "a/file\041name\040here.rs" "b/file!name here.rs"
+--- "a/file\041name\040here.rs"
++++ "b/file!name here.rs"
+@@ -1 +1,2 @@
+ fn existing() {}
++fn added() {}
+"#;
+
+    let (lines, _stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+
+    // All octal escapes should be properly decoded
+    assert_eq!(lines[0].path, "file!name here.rs");
+}
+
+/// Test: Octal escapes at path boundaries (start, middle, end).
+///
+/// \143 = 'c' (ASCII 99) - octal for lowercase 'c'
+#[test]
+fn test_parse_diff_with_octal_escape_at_path_boundaries() {
+    // \143 = 'c'
+    let diff = r#"
+diff --git "a/\143at.rs" "b/cat.rs"
+--- "a/\143at.rs"
++++ "b/cat.rs"
+@@ -1 +1,2 @@
+ fn existing() {}
++fn added() {}
+"#;
+
+    let (lines, _stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+    assert_eq!(lines[0].path, "cat.rs");
+}
+
+/// Test: Three-digit octal escape at maximum value.
+/// \177 = DEL (ASCII 127), \000 = NUL (ASCII 0)
+#[test]
+fn test_parse_diff_with_octal_edge_cases() {
+    // \177 = 127 (DEL), \000 = 0 (NUL)
+    // These are boundary cases for the u8→u32 cast
+    let diff = r#"
+diff --git "a/\177\000file.rs" "b/\177\000file.rs"
+--- "a/\177\000file.rs"
++++ "b/\177\000file.rs"
+@@ -1 +1,2 @@
+ fn existing() {}
++fn added() {}
+"#;
+
+    let (lines, _stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+    // The path should contain the raw bytes (non-printable but valid)
+    assert_eq!(lines[0].path, "\x7F\x00file.rs");
+}
+
+/// Test: Renamed file with octal-escaped path.
+/// When a file is renamed, the "rename to" path can also have octal escapes.
+#[test]
+fn test_parse_diff_rename_with_octal_escaped_path() {
+    let diff = r#"
+diff --git "a/old\040name.rs" "b/new\040name.rs"
+rename from old name.rs
+rename to new name.rs
+--- "a/old\040name.rs"
++++ "b/new\040name.rs"
+@@ -1 +1,2 @@
+ fn existing() {}
++fn added() {}
+"#;
+
+    let (lines, _stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+    // The path should be unescaped
+    assert_eq!(lines[0].path, "new name.rs");
+}
+
+/// Test: Multiple files with mixed quoted/unquoted paths.
+#[test]
+fn test_parse_diff_multiple_files_mixed_path_formats() {
+    let diff = r#"
+diff --git "a/quoted\040path.rs" "b/quoted path.rs"
+--- "a/quoted\040path.rs"
++++ "b/quoted path.rs"
+@@ -1 +1,2 @@
++added to quoted path
+diff --git a/normal_path.rs b/normal_path.rs
+--- a/normal_path.rs
++++ b/normal_path.rs
+@@ -1 +1,2 @@
++added to normal path
+"#;
+
+    let (lines, stats) = parse_unified_diff(diff, Scope::Added).unwrap();
+
+    assert_eq!(lines.len(), 2);
+    assert_eq!(lines[0].path, "quoted path.rs");
+    assert_eq!(lines[1].path, "normal_path.rs");
+    assert_eq!(stats.files, 2);
+    assert_eq!(stats.lines, 2);
+}

crates/diffguard-domain/src/evaluate.rs

@@ -26,7 +26,7 @@ pub struct Evaluation {
     /// The previous `u32` cast would silently truncate, producing incorrect
     /// (often zero) counts for very large codebases.
     pub files_scanned: u64,
-    pub lines_scanned: u32,
+    pub lines_scanned: u64,
     /// Aggregated per-rule hit counts (deterministically sorted by rule ID).
     pub rule_hits: Vec<RuleHitStat>,
 }
@@ -102,7 +102,7 @@ pub fn evaluate_lines_with_overrides_and_language(
         .iter()
         .map(|line| line.path.clone())
         .collect::<BTreeSet<_>>();
-    let lines_scanned = u32::try_from(input_lines.len()).unwrap_or(u32::MAX);
+    let lines_scanned = u64::try_from(input_lines.len()).unwrap_or(u64::MAX);
 
     let mut current_file: Option<String> = None;
     let mut current_lang = Language::Unknown;

crates/diffguard-domain/src/preprocess.rs

@@ -166,13 +166,15 @@ pub struct PreprocessOptions {
 }
 
 impl PreprocessOptions {
+    #[must_use]
     pub fn none() -> Self {
         Self {
             mask_comments: false,
             mask_strings: false,
         }
     }
 
+    #[must_use]
     pub fn comments_only() -> Self {
         Self {
             mask_comments: true,