sanitize entire response before parsing comments (#416)

<!-- This is an auto-generated comment: release notes by OSS CodeRabbit
-->
### Summary by CodeRabbit

```
### Bug Fixes:
- Fixed a logic error in the `add` function in `prompts.ts`. The operation has been corrected from subtraction to addition.
- Enhanced security in `review.ts` by sanitizing the entire response before parsing comments. 

### Refactor:
- Renamed `sanitizeComment` function to `sanitizeResponse` in `review.ts`, and expanded its functionality to sanitize code blocks for suggestions and diffs.

### Removed:
- Removed single line comment functionality as it was deemed unnecessary.
```

> 🎉 Here's to bugs that are no more,  
> To logic errors shown the door.  
> With sanitized responses, we stand tall,  
> In the face of threats, big or small.  
> So here's to code that's clean and neat,  
> Making our victory oh so sweet! 🥳

<!-- end of auto-generated comment: release notes by OSS CodeRabbit -->

src/prompts.ts

@@ -113,7 +113,8 @@ consisting of review sections. Each review section must have a line number range
 and a review comment for that range. Use separator after each review section. 
 Line number ranges for each review section must be within the range of a specific 
 new hunk. Start line number must belong to the same hunk as the end line number.
-Provide the exact line number range (inclusive) for each issue.
+Provide the exact line number range (inclusive) for each review comment. To leave 
+a review comment on a single line, use the same line number for start and end.
 
 Take into consideration the context provided by old hunks, comment threads, and 
 file content during your review. Remember, the hunk under review is a fragment of a 
@@ -171,7 +172,7 @@ text \`LGTM!\` for that line range in the review section.
 18: return a + b
 19:
 20: def add(x, y):
-21: z = x - y
+21: z = x + y
 22: retrn z
 23: 
 24: def multiply(x, y):
@@ -219,11 +220,9 @@ def complex_function(x, y):
 + return c / 2
 \`\`\`
 ---
-20-22:
-There's a logic error and a syntax error in the add function.
+22-22:
+There's a syntax error in the add function.
 \`\`\`suggestion
-def add(x, y):
- z = x + y
  return z
 \`\`\`
 ---

src/review.ts

@@ -868,21 +868,21 @@ function parseReview(
 ): Review[] {
  const reviews: Review[] = []
 
+ response = sanitizeResponse(response.trim())
+
  const lines = response.split('\n')
  const lineNumberRangeRegex = /(?:^|\s)(\d+)-(\d+):\s*$/
- const lineNumberSingleRegex = /(?:^|\s)(\d+):\s*$/ // New single line regex
  const commentSeparator = '---'
 
  let currentStartLine: number | null = null
  let currentEndLine: number | null = null
  let currentComment = ''
  function storeReview(): void {
  if (currentStartLine !== null && currentEndLine !== null) {
- const sanitizedComment = sanitizeComment(currentComment.trim())
  const review: Review = {
  startLine: currentStartLine,
  endLine: currentEndLine,
- comment: sanitizedComment.trim()
+ comment: currentComment
  }
 
  let withinPatch = false
@@ -971,15 +971,14 @@ ${review.comment}`
  return comment
  }
 
- function sanitizeComment(comment: string): string {
+ function sanitizeResponse(comment: string): string {
  comment = sanitizeCodeBlock(comment, 'suggestion')
  comment = sanitizeCodeBlock(comment, 'diff')
  return comment
  }
 
  for (const line of lines) {
  const lineNumberRangeMatch = line.match(lineNumberRangeRegex)
- const lineNumberSingleMatch = line.match(lineNumberSingleRegex) // Check for single line match
 
  if (lineNumberRangeMatch != null) {
  storeReview()
@@ -990,15 +989,6 @@ ${review.comment}`
  info(`Found line number range: ${currentStartLine}-${currentEndLine}`)
  }
  continue
- } else if (lineNumberSingleMatch != null) {
- storeReview()
- currentStartLine = parseInt(lineNumberSingleMatch[1], 10)
- currentEndLine = currentStartLine // For single line comments, start and end are the same
- currentComment = ''
- if (debug) {
- info(`Found single line comment: ${currentStartLine}`)
- }
- continue
  }
 
  if (line.trim() === commentSeparator) {