add-pr-comment: render inline threads as applyable single/multi-line suggestions

[jamesadevine]

Diagnostic Summary

• Pipeline: AITestAgent Issue Fixer (an ado-aw agentic workflow, devdiv/DevDiv)
• Definition ID: Unknown
• Build ID: Unknown — the defect is in safe-output rendering, not a build failure; reproduced deterministically with ado-aw execute locally (v0.37.0 + patched build)
• Run URL (production artifact): PR #750251, thread #9557714 — https://devdiv.visualstudio.com/DefaultCollection/DevDiv/_git/AITestAgent/pullRequest/750251?discussionId=9557714
• Result: Partially succeeded — the add-pr-comment POST returns HTTP 200, but the persisted thread renders as a non-applyable suggestion
• Failing stage/job/step: Stage 3 (SafeOutputs) → SafeOutputs → add-pr-comment
• First failed timeline record: N/A (no hard failure; defective output)
• Suspected root cause: add-pr-comment anchors the inline thread with a zero-width range and HTML-escapes </> inside fenced and inline code
• Confidence: High

Evidence

Relevant log excerpts

Read back from the ADO REST API for the production thread (threads/9557714):

• threadContext.rightFileStart = { line: 90, offset: 1 }, rightFileEnd = { line: 90, offset: 1 } — a zero-width anchor. ADO treats it as an insertion point, so "Apply" prepends the suggested line to the original (duplicated/concatenated line).
• The ```suggestion body and the prose inline-code spans contain </> instead of literal </>, so applying writes HTML entities into the file.

Timeline observations

• The safe output executed "successfully" (HTTP 200); there is no build-level failure. The defect is entirely in the rendered/persisted thread shape.

Changes since last successful build

• Not a user regression — latent in the runtime's anchor + escaping logic. Present across all add-pr-comment inline suggestions.

Environment

• Agent source file: AITestAgent Issue Fixer workflow .md (in the AITestAgent ADO repo) — path Unknown
• Compiled pipeline YAML: Unknown
• Compilation in sync: Unknown
• ado-aw version: v0.37.0 (reproduced locally; also on a patched build of main)
• AWF version: Unknown
• MCPG version: Unknown
• Agent pool: ubuntu-22.04
• Engine/model: copilot / claude-opus-4.7
• Relevant MCP servers: SafeOutputs

Analysis

• Stage classification: Stage 3 (SafeOutputs)
• Why this stage failed: add-pr-comment builds a threadContext whose right-side end anchor is offset 1 (zero-width), and runs the whole comment body — including the ```suggestion fence and inline `code` spans — through sanitize() → escape_html_tags, which escapes every </>. ADO renders fenced/inline code verbatim and never interprets HTML there, so the escaping is both unnecessary and corrupting; the zero-width anchor makes "Apply" non-idempotent.

Root Cause

• Root cause: three independent defects, all reproduced and fixed:
  1. src/safeoutputs/add_pr_comment.rs — inline thread anchored with a zero-width right-side range (offset 1) instead of spanning the whole target line(s). Fix: anchor rightFileEnd to (UTF-16 length of the last line) + 1.
  2. src/sanitize.rs — escape_html_tags escaped </> inside ```/~~~ fences. Fix: fence-aware skip.
  3. src/sanitize.rs — same escaper mangled inline `code` spans in prose. Fix: inline-code-aware skip with a security guard for unmatched backticks.
• Category: Runtime regression
• Ruled-out causes: network/AWF (HTTP 200), write-token/permissions (thread created), pool/image, threat-analysis block — none involved; defect reproduces deterministically offline.

[jamesadevine]

#1099