fix(security): close code-scanning and dependabot alerts#5557
Conversation
- markdown-paste.ts: strip <style>/<script> in a loop, not a single pass, so nested/overlapping tags can't leave a surviving <script> behind (incomplete multi-character sanitization) - block-identity.ts: annotate the two SHA-1 uses as intentional (UUIDv5 per RFC 4122, deterministic id derivation only, not a security use of the hash) rather than swap algorithms, which would change every derived fork block id - apps/pii: bump transformers 4.56.2 -> 5.3.0 (CVE-2026-4372 RCE via crafted config.json, CVE-2026-1839 RCE via Trainer torch.load), huggingface_hub 0.35.3 -> 1.3.0 (transformers 5.3.0's floor), and pytest 8.4.1 -> 9.0.3 (CVE-2025-71176 tmpdir handling); verified pip resolves cleanly and the unit test suite passes on 9.0.3
|
The latest updates on your projects. Learn more about Vercel for GitHub. |
PR SummaryMedium Risk Overview Rich markdown paste: Workspace forking: Documents that UUIDv5 SHA-1 in PII service deps: Bumps Reviewed by Cursor Bugbot for commit 55051c4. Configure here. |
Greptile SummaryThis PR fixes security alerts in the paste sanitizer, fork block IDs, and PII dependency pins. The main changes are:
Confidence Score: 5/5This looks safe to merge.
Important Files Changed
Reviews (4): Last reviewed commit: "fix(files): drop unterminated <script>/<..." | Re-trigger Greptile |
Greptile flagged the repeated-replace loop from the prior commit: it strips <style>/<script> correctly but rescans the whole string once per nesting level, so deeply nested clipboard HTML can freeze the tab. Replace it with a single linear pass that tracks nesting depth of the open tag via a tag-token scan, dropping the element in one pass no matter how deeply nested.
|
@cursor review |
Repo convention is TSDoc-only documentation, no non-TSDoc explanatory comments. Moved the uuidV5 SHA-1 rationale and the stray-close-tag note into the existing TSDoc blocks above each function. Left the two lgtm[...] annotations as trailing comments since those are functional CodeQL suppression directives (must sit on the flagged line), not documentation.
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
2 issues from previous reviews remain unresolved.
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 2ec7bdf. Configure here.
Covers the case Greptile flagged: nested and 50-deep <script> tags must strip in one pass without leaking a dangling tag.
Cursor Bugbot caught two related bugs in the single-pass rewrite: if pasted HTML ends while a script/style element is still open (truncated or malformed clipboard HTML), cursor never advanced past the open tag, so the final flush re-appended the untouched tag/content (leaking an unstripped <script>) and duplicated the prefix already copied into result. Fix: advance cursor the moment a tag opens, not when it closes, and only do the final flush when we end at depth 0. An element that never closes has cursor already past its open tag, so it and everything after it is dropped instead of reappearing.
|
@cursor review |
There was a problem hiding this comment.
✅ Bugbot reviewed your changes and found no new issues!
Comment @cursor review or bugbot run to trigger another review on this PR
Reviewed by Cursor Bugbot for commit 55051c4. Configure here.

Summary
<style>/<script>in a loop instead of a single pass, so nested/overlapping tags can't leave a surviving<script>behind (CodeQL: incomplete multi-character sanitization)transformers4.56.2 -> 5.3.0 (CVE-2026-4372 RCE via craftedconfig.json, CVE-2026-1839 RCE viaTrainer'storch.load),huggingface_hub0.35.3 -> 1.3.0 (transformers 5.3.0's floor),pytest8.4.1 -> 9.0.3 (CVE-2025-71176 tmpdir handling)Type of Change
Testing
apps/piipins cleanly (no conflicts) in a cleanpython:3.12-slimcontainerapps/piiunit test suite against pytest 9.0.3 — passesbunx biome checkclean on both touched TS filesChecklist