fix(maven): return escaped summary for project description (#5839)

* fix(maven): return escaped summary for project description

* build: add quickxml to labrinth

* fix(maven): use quickxml to escape xml special chars

Cargo.lock

@@ -4941,6 +4941,7 @@ dependencies = [
  "paste",
  "path-util",
  "prometheus",
+ "quick-xml 0.38.3",
  "rand 0.8.5",
  "rand_chacha 0.3.1",
  "redis",

apps/labrinth/Cargo.toml

@@ -80,6 +80,7 @@ murmur2 = { workspace = true }
 paste = { workspace = true }
 path-util = { workspace = true }
 prometheus = { workspace = true }
+quick-xml = { workspace = true }
 rand = { workspace = true }
 rand_chacha = { workspace = true }
 redis = { workspace = true, features = ["ahash", "r2d2", "tokio-comp"] }

apps/labrinth/src/routes/maven.rs

@@ -13,6 +13,7 @@ use crate::queue::session::AuthQueue;
 use crate::routes::ApiError;
 use crate::{auth::get_user_from_headers, database};
 use actix_web::{HttpRequest, HttpResponse, get, route, web};
+use quick_xml::escape::escape;
 use std::collections::HashSet;
 use yaserde::YaSerialize;
 
@@ -329,7 +330,7 @@ pub async fn version_file(
             artifact_id: project_id,
             version: vnum,
             name: project.inner.name,
-            description: project.inner.description,
+            description: escape(project.inner.summary).into_owned(),
         };
         return Ok(HttpResponse::Ok()
             .content_type("text/xml")