Fix HTML decoding in related issues error message

Scott Hamptonrequested to merge
560854-fix-issuable-error-message-encoding into master

What does this MR do and why?

On the violation details page for the Related issues section, server error messages containing HTML entities were being displayed as-is instead of being decoded.

This change replaces text interpolation with GitLab's SafeHtml directive to properly decode HTML entities while maintaining security through DOMPurify sanitization.

References

Related to #560854 (closed)

Screenshots or screen recordings

Before After
image Screenshot_2025-08-18_at_1.01.43_PM

How to set up and validate locally

  1. You need to have a group with Ultimate license.
  2. Required data, you can do either of following steps:
    1. You can checkout branch hraghuvanshi-comp-violations-seeder and run command FILTER=compliance_report_data SEED_COMPLIANCE_REPORT_DATA=1 GROUPID=<group_id> bundle exec rake db:seed_fu for filling required data and you can run query.
    2. Create all items manually:

      1. You need to have at least one project under the group, atleast one audit event related to the project.

      2. Also, have at least one compliance framework in the group, the framework should have atleast one compliance control.

      3. The framework should be applied to the project.

      4. Now create a compliance violation entry in the database by running following command in the rails console:

        ComplianceManagement::Projects::ComplianceViolation.create(project_id: <project_id>, namespace_id: <namespace_id>, audit_event_id: <audit_event_id>, compliance_requirements_control_id: <compliance_requirements_control_id>, status: 0, audit_event_table_name: 0)
  3. You may need to create some issues on the project and a separate project to test with
  4. Navigate to the project that now has the violation, and go to path/to/project/-/security/compliance_violations/<violation-id>
  5. Try adding a related issue that doesn't exist.
  6. Verify that the error message is correctly rendering

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Merge request reports