Copilot commented on code in PR #4856: URL: https://github.com/apache/cassandra/pull/4856#discussion_r3342974894
########## doc/modules/cassandra/pages/managing/tools/cqlsh.adoc: ########## @@ -461,6 +461,19 @@ value `STDOUT` (without single quotes) to print the CSV to stdout. See `shared-copy-options` for options that apply to both `COPY TO` and `COPY FROM`. +[NOTE] +==== +`COPY TO` only supports printable characters in text column values, in +accordance with RFC 4180. Text columns containing control characters Review Comment: The reference to RFC 4180 here is misleading: RFC 4180 explicitly allows embedded CRLFs inside quoted fields, so saying `COPY TO` “only supports printable characters … in accordance with RFC 4180” overstates what the RFC requires. Consider attributing this to a `COPY TO` limitation (or clarifying it’s a restricted RFC 4180-compatible subset). ########## doc/modules/cassandra/pages/managing/tools/cqlsh.adoc: ########## @@ -461,6 +461,19 @@ value `STDOUT` (without single quotes) to print the CSV to stdout. See `shared-copy-options` for options that apply to both `COPY TO` and `COPY FROM`. +[NOTE] +==== +`COPY TO` only supports printable characters in text column values, in +accordance with RFC 4180. Text columns containing control characters +such as newlines (`\n`), carriage returns (`\r`), null bytes (`\x00`), +or other non-printable characters cannot be reliably exported — values +will be corrupted on re-import via `COPY FROM`. Beyond data integrity, +non-printable characters in CSV output can pose security risks, including +CSV injection and other forms of malicious data embedding. If your data Review Comment: The “CSV injection” warning is not specific to non-printable/control characters (it typically concerns spreadsheet formula evaluation on values starting with `=`, `+`, `-`, or `@`). Mentioning it here can mislead readers into thinking control characters are the primary injection vector; consider removing this clause to keep the note focused on the documented round-trip corruption limitation. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
