[pre-commit.ci] auto fixes from pre-commit.com hooks

pre-commit-ci[bot] · pre-commit-ci[bot] · commit 4d59fe5a7dc2 · 2025-10-21T19:47:50.000Z
for more information, see https://pre-commit.ci
diff --git a/tests/_server/templates/test_templates.py b/tests/_server/templates/test_templates.py
@@ -737,7 +737,9 @@ def test_static_files_injection_prevention(self) -> None:
 
     def test_static_malicious_filename_injection(self) -> None:
         """Test that malicious filenames in static exports are properly escaped."""
-        malicious_filepath = self.tmp_path / "</script><script>alert(1)</script>.py"
+        malicious_filepath = (
+            self.tmp_path / "</script><script>alert(1)</script>.py"
+        )
 
         result = templates.static_notebook_template(
             self.html,
@@ -755,7 +757,9 @@ def test_static_malicious_filename_injection(self) -> None:
 
         # Must not contain unescaped script tags
         assert "</script><script>" not in result
-        assert "<script>alert(1)" not in result.replace("\\u003Cscript\\u003E", "")
+        assert "<script>alert(1)" not in result.replace(
+            "\\u003Cscript\\u003E", ""
+        )
 
         # Must contain escaped versions in JSON context
         assert "\\u003C" in result or "\\u003E" in result
diff --git a/tests/_server/test_templates_filename.py b/tests/_server/test_templates_filename.py
@@ -124,7 +124,11 @@ def test_script_breakout_prevention(self, payload: str) -> None:
         # Must contain escaped versions of dangerous chars
         # json_script escapes <, >, & to \uXXXX format
         if "<" in payload or ">" in payload or "&" in payload:
-            assert "\\u003C" in result or "\\u003E" in result or "\\u0026" in result
+            assert (
+                "\\u003C" in result
+                or "\\u003E" in result
+                or "\\u0026" in result
+            )
 
         # Must be valid JSON that round-trips correctly
         parsed = json.loads(result)
@@ -181,9 +185,9 @@ def test_complex_structure_escaping(
             # Combining characters
             {"text": "e\u0301"},  # é as combining character
             # Right-to-left marks
-            {"text": "\u200F"},
+            {"text": "\u200f"},
             # Zero-width characters
-            {"text": "test\u200Bword"},
+            {"text": "test\u200bword"},
         ],
     )
     def test_unicode_handling(self, data: dict) -> None:
