Only do special escaping for refernce characters

`@#!$&~%^`

lib/banzai/filter/markdown_pre_escape_filter.rb

@@ -24,8 +24,9 @@ module Banzai
     # This filter does the initial surrounding, and MarkdownPostEscapeFilter
     # does the conversion into span tags.
     class MarkdownPreEscapeFilter < HTML::Pipeline::TextFilter
-      ASCII_PUNCTUATION   = %r{([\\][!"#$%&'()*+,-./:;<=>?@\[\\\]^_`{|}~])}.freeze
-      LITERAL_KEYWORD     = 'cmliteral'
+      # We just need to target those that are special GitLab references
+      ASCII_PUNCTUATION = %r{([\\][@#!$&~%^])}.freeze
+      LITERAL_KEYWORD   = 'cmliteral'
 
       def call
         return @text unless Feature.enabled?(:honor_escaped_markdown, context[:group] || context[:project]&.group)

spec/lib/banzai/pipeline/full_pipeline_spec.rb

@@ -142,5 +142,12 @@ RSpec.describe Banzai::Pipeline::FullPipeline do
 
       expect(output).to include("<span>#</span>#{issue.iid}")
     end
+
+    it 'converts user reference with escaped underscore because of italics' do
+      markdown = '_@test\__'
+      output = described_class.to_html(markdown, project: project)
+
+      expect(output).to include('<em>@test_</em>')
+    end
   end
 end

spec/lib/banzai/pipeline/plain_markdown_pipeline_spec.rb

@@ -31,11 +31,10 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
       end
     end
 
-    # Test strings taken from https://spec.commonmark.org/0.29/#backslash-escapes
     describe 'CommonMark tests', :aggregate_failures do
-      it 'converts all ASCII punctuation to literals' do
-        markdown = %q(\!\"\#\$\%\&\'\*\+\,\-\.\/\:\;\<\=\>\?\@\[\]\^\_\`\{\|\}\~) + %q[\(\)\\\\]
-        punctuation = %w(! " # $ % &amp; ' * + , - . / : ; &lt; = &gt; ? @ [ \\ ] ^ _ ` { | } ~) + %w[( )]
+      it 'converts all reference punctuation to literals' do
+        markdown = %q(\@\#\!\$\&\~\%\^)
+        punctuation = %w(@ # ! $ ~ % ^)
 
         result = described_class.call(markdown, project: project)
         output = result[:output].to_html
@@ -44,6 +43,16 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
         expect(result[:escaped_literals]).to be_truthy
       end
 
+      it 'does not convert non-reference punctuation to spans' do
+        markdown = %q(\"\'\*\+\,\-\.\/\:\;\<\=\>\?\[\]\_\`\{\|\}) + %q[\(\)\\\\]
+
+        result = described_class.call(markdown, project: project)
+        output = result[:output].to_html
+
+        expect(output).not_to include('<span>')
+        expect(result[:escaped_literals]).to be_falsey
+      end
+
       it 'does not convert other characters to literals' do
         markdown = %q(\→\A\a\ \3\φ\«)
         expected = '\→\A\a\ \3\φ\«'
@@ -52,49 +61,13 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
         expect(result[:escaped_literals]).to be_falsey
       end
 
-      describe 'escaped characters are treated as regular characters and do not have their usual Markdown meanings' do
-        where(:markdown, :expected) do
-          %q(\*not emphasized*)              | %q(<span>*</span>not emphasized*)
-          %q(\<br/> not a tag)               | %q(<span>&lt;</span>br/&gt; not a tag)
-          %q!\[not a link](/foo)!            | %q!<span>[</span>not a link](/foo)!
-          %q(\`not code`)                    | %q(<span>`</span>not code`)
-          %q(1\. not a list)                 | %q(1<span>.</span> not a list)
-          %q(\# not a heading)               | %q(<span>#</span> not a heading)
-          %q(\[foo]: /url "not a reference") | %q(<span>[</span>foo]: /url "not a reference")
-          %q(\&ouml; not a character entity) | %q(<span>&amp;</span>ouml; not a character entity)
-        end
-
-        with_them do
-          it 'keeps them as literals' do
-            correct_html_included(markdown, expected)
-          end
-        end
-      end
-
-      it 'backslash is itself escaped, the following character is not' do
-        markdown = %q(\\\\*emphasis*)
-        expected = %q(<span>\</span><em>emphasis</em>)
-
-        correct_html_included(markdown, expected)
-      end
-
-      it 'backslash at the end of the line is a hard line break' do
-        markdown = <<~MARKDOWN
-          foo\\
-          bar
-        MARKDOWN
-        expected = "foo<br>\nbar"
-
-        correct_html_included(markdown, expected)
-      end
-
       describe 'backslash escapes do not work in code blocks, code spans, autolinks, or raw HTML' do
         where(:markdown, :expected) do
-          %q(`` \[\` ``)       | %q(<code>\[\`</code>)
-          %q(    \[\])         | %Q(<code>\\[\\]\n</code>)
-          %Q(~~~\n\\[\\]\n~~~) | %Q(<code>\\[\\]\n</code>)
-          %q(<http://example.com?find=\*>) | %q(<a href="http://example.com?find=%5C*">http://example.com?find=\*</a>)
-          %q[<a href="/bar\/)">]           | %q[<a href="/bar%5C/)">]
+          %q(`` \@\! ``)       | %q(<code>\@\!</code>)
+          %q(    \@\!)         | %Q(<code>\\@\\!\n</code>)
+          %Q(~~~\n\\@\\!\n~~~) | %Q(<code>\\@\\!\n</code>)
+          %q(<http://example.com?find=\@>) | %q(<a href="http://example.com?find=%5C@">http://example.com?find=\@</a>)
+          %q[<a href="/bar\@)">]           | %q[<a href="/bar%5C@)">]
         end
 
         with_them do
@@ -104,9 +77,9 @@ RSpec.describe Banzai::Pipeline::PlainMarkdownPipeline do
 
       describe 'work in all other contexts, including URLs and link titles, link references, and info strings in fenced code blocks' do
         where(:markdown, :expected) do
-          %q![foo](/bar\* "ti\*tle")!            | %q(<a href="/bar*" title="ti*tle">foo</a>)
-          %Q![foo]\n\n[foo]: /bar\\* "ti\\*tle"! | %q(<a href="/bar*" title="ti*tle">foo</a>)
-          %Q(``` foo\\+bar\nfoo\n```)            | %Q(<code lang="foo+bar">foo\n</code>)
+          %q![foo](/bar\@ "\@title")!            | %q(<a href="/bar@" title="@title">foo</a>)
+          %Q![foo]\n\n[foo]: /bar\\@ "\\@title"! | %q(<a href="/bar@" title="@title">foo</a>)
+          %Q(``` foo\\@bar\nfoo\n```)            | %Q(<code lang="foo@bar">foo\n</code>)
         end
 
         with_them do