fix(duo-chat): prevent code blocks from overflowing message bubble

Austin Regneryrequested to merge
aregnery/fixed-nested-code-snippet into main

What does this MR do?

Fixes a layout bug in Duo Chat where fenced code blocks containing long, unbroken lines (URLs, tokens, hashes, minified JS, etc.) would either wrap mid-character or push the chat bubble past the conversation container's width.

How to test locally with the overflow stress-test stories

overflow-stress-stories.patch

Apply the patch

  1. Save the patch block named overflow-stress-stories.patch at the repo root.

  2. Check out this MR's branch:

    git fetch origin aregnery/fixed-nested-code-snippet
git checkout aregnery/fixed-nested-code-snippet

  3. Apply the patch:

    git am overflow-stress-stories.patch

    Or, if you prefer not to create a commit:

    git apply overflow-stress-stories.patch

Run the stories

yarn storybook

Then in the Storybook sidebar, navigate to:

chat → duo-chat-message → overflow-stress (temporary)

Each story is wrapped in a fixed-width dashed-border container so the bubble's parent boundary is visible. The width arg is a Storybook control — try toggling between narrow (320px), medium (480px), and wide (720px).

Screenshots or screen recordings

Before After
CleanShot_2026-05-11_at_13.40.41_2x CleanShot_2026-05-11_at_14.49.46_2x
CleanShot_2026-05-11_at_13.40.49_2x CleanShot_2026-05-11_at_14.49.57_2x

Integration merge requests

Does this MR meet the acceptance criteria?

This checklist encourages the authors, reviewers, and maintainers of merge requests (MRs) to confirm changes were analyzed for conformity with the project's guidelines, security and accessibility.

Toggle the acceptance checklist

Conformity

  • Code review guidelines.
  • GitLab UI's contributing guidelines.
  • If it changes a Pajamas-compliant component's look & feel, the MR has been reviewed by a UX designer.
  • If it changes GitLab UI's documentation guidelines, the MR has been reviewed by a Technical Writer.
  • If the MR changes a component's API, integration MR(s) have been opened (see integration merge requests above).
  • Added the ~"component:*" label(s) if applicable.

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

  • Label as security and @ mention @gitlab-com/gl-security/product-security/psirt-group
  • Security reports checked/validated by a reviewer from the PSIRT team

Accessibility

If this MR adds or modifies a component, take a few moments to review the following:

  • All actions and functionality can be done with a keyboard.
  • Links, buttons, and controls have a visible focus state.
  • All content is presented in text or with a text equivalent. For example, alt text for SVG, or aria-label for icons that have meaning or perform actions.
  • Changes in a component’s state are announced by a screen reader. For example, changing aria-expanded="false" to aria-expanded="true" when an accordion is expanded.
  • Color combinations have sufficient contrast.
Edited by Austin Regnery

Merge request reports