Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

security(tablekit-icon): colors.js has embedded denial of service #82

Merged
merged 1 commit into from
Jan 10, 2022
Merged

security(tablekit-icon): colors.js has embedded denial of service #82

merged 1 commit into from
Jan 10, 2022

Conversation

DragonStuff
Copy link
Contributor

The maintainer has intentionally published a DoS in 1.4.1 and higher. It is recommended to lock to 1.4.0 and move to another package.

This pull request makes the following changes:

It relates to the following issue #s:

wahidfarid
wahidfarid previously approved these changes Jan 10, 2022
View reviewed changes
@github-actions
Copy link

github-actions bot commented Jan 10, 2022
edited
Loading

Unit Test Results

    1 files    28 suites   26s ⏱️
191 tests 191 ✔️ 0 💤 0

Results for commit 56a1b63.

♻️ This comment has been updated with latest results.

@DragonStuff DragonStuff changed the title security(tablecheck-icon): colors.js has embedded denial of service security(tablekit-icon): colors.js has embedded denial of service Jan 10, 2022
@DragonStuff DragonStuff merged commit 9204c42 into main Jan 10, 2022
@DragonStuff DragonStuff deleted the SEC-INTERNAL/lock-colors branch January 10, 2022 16:13
@SimeonC SimeonC mentioned this pull request Jan 11, 2022
Merged
@daniellizik daniellizik mentioned this pull request Jan 11, 2022
Closed
@tablecheck-public-automation
Copy link
Collaborator

🚀 PR was released in @tablecheck/tablekit-alert@3.1.0, @tablecheck/tablekit-avatar@2.1.0, @tablecheck/tablekit-badge@2.1.0, @tablecheck/tablekit-banner@2.1.0, @tablecheck/tablekit-button-group@2.1.0, @tablecheck/tablekit-button@2.1.0, @tablecheck/tablekit-calendar@3.1.0, @tablecheck/tablekit-checkbox@2.1.0, @tablecheck/tablekit-enzyme@2.1.0, @tablecheck/tablekit-free-icon-config@2.1.0, @tablecheck/tablekit-icon@2.1.0, @tablecheck/tablekit-inline-dialog@2.1.0, @tablecheck/tablekit-input-button@2.1.0, @tablecheck/tablekit-input@2.1.0, @tablecheck/tablekit-item@2.1.0, @tablecheck/tablekit-language-selector@2.1.0, @tablecheck/tablekit-logo@2.1.0, @tablecheck/tablekit-modal-dialog@3.1.0, @tablecheck/tablekit-package-namespace@1.1.0, @tablecheck/tablekit-panel@2.1.0, @tablecheck/tablekit-password-field@2.1.0, @tablecheck/tablekit-phone-input@3.1.0, @tablecheck/tablekit-pro-icon-config@2.1.0, @tablecheck/tablekit-radio@2.1.0, @tablecheck/tablekit-select@2.1.0, @tablecheck/tablekit-sidenav@2.1.0, @tablecheck/tablekit-spinner@2.1.0, @tablecheck/tablekit-table@2.1.0, @tablecheck/tablekit-tabs@2.1.0, @tablecheck/tablekit-tag@2.1.0, @tablecheck/tablekit-textarea@2.1.0, @tablecheck/tablekit-theme@2.1.0, @tablecheck/tablekit-toggle@2.1.0, @tablecheck/tablekit-tooltip@2.1.0, @tablecheck/tablekit-topnav@2.1.0, @tablecheck/tablekit-typography@2.1.0, @tablecheck/tablekit-utils@1.1.0 🚀

@tablecheck-public-automation tablecheck-public-automation added the released This issue/pull request has been released. label Jan 24, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Findmitrey Findmitrey Findmitrey approved these changes

@wahidfarid wahidfarid wahidfarid approved these changes

Assignees
No one assigned
Labels
released This issue/pull request has been released.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

security(npm): colors.js has embedded denial of service
4 participants
@DragonStuff @tablecheck-public-automation @wahidfarid @Findmitrey