/**
 * Common utilities.
 */

const ESCAPE_MAP = {
  "&": "&",
  "<": "&lt;",
  ">": "&gt;",
  '"': "&quot;",
  "'": "&#39;",
};

/**
 * Escape string for safe use in HTML (text content / attributes).
 * @param {string} s - Raw string
 * @returns {string} HTML-escaped string
 */
export function escapeHtml(s) {
  return String(s).replace(/[&<>"']/g, (c) => ESCAPE_MAP[c]);
}