From 9a0ea9fa0147cf1f0772627b8236d542a7acd0ff Mon Sep 17 00:00:00 2001
From: Michael Ball <michael@mball.co>
Date: Thu, 20 Jul 2023 16:31:02 +0200
Subject: [PATCH] use html_safe in format helper

---
 app/helpers/format_helper.rb | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/app/helpers/format_helper.rb b/app/helpers/format_helper.rb
index fbfc2245e..feadf6fd7 100644
--- a/app/helpers/format_helper.rb
+++ b/app/helpers/format_helper.rb
@@ -190,14 +190,14 @@ def markdown(text, escape_html = true)
       safe_links_only: true
     }
     markdown = Redcarpet::Markdown.new(Redcarpet::Render::HTML.new(render_options), markdown_options)
-    escape_html ? sanitize(markdown.render(text)) : markdown.render(text)
+    escape_html ? sanitize(markdown.render(text)) : markdown.render(text).html_safe
   end
 
   def markdown_hint(text = '')
-    markdown(
-      "#{text} Please look at #{link_to '**Markdown Syntax**', 'https://daringfireball.net/projects/markdown/syntax',
-                                        target: '_blank', rel: 'noopener'} to format your text", false
-    )
+    link = link_to('**Markdown Syntax**',
+                   'https://daringfireball.net/projects/markdown/syntax',
+                   target: '_blank', rel: 'noopener')
+    markdown("#{text} Please look at #{link} to format your text", false)
   end
 
   # Return a plain text markdown stripped of formatting.