tniessen
Follow
Pinned
1,233 contributions in the last year
Activity overview
Contribution activity
March 2023
Created 35 commits in 6 repositories
Created a pull request in nodejs/node that received 28 comments
permission: fix some vulnerabilities in fs
Without this patch, any restrictions imposed by the permission model can be easily bypassed, granting full read and write access to any file. On Wi…
+80
−34
•
28
comments
Opened 22 other pull requests in 2 repositories
nodejs/node
20
merged
1
closed
- doc: use serial comma in cli docs
- tools: upgrade Windows digital signature to SHA256
- crypto: remove DEFAULT_ENCODING
- doc: remove use of DEFAULT_ENCODING in PBKDF2 docs
- src: replace impossible THROW with CHECK
- crypto: unify validation of checkPrime checks
- test: fix 'checks' validation test for checkPrime
- test: mark test-http-max-sockets as flaky on win32
- test: fix test-permission-deny-fs-wildcard (win32)
- crypto: remove obsolete SSL_OP_* constants
- src: remove SSL_CTX_get_tlsext_ticket_keys guards
- doc: remove remaining SSL_OP_NETSCAPE_*_BUG
- crypto: remove ALPN_ENABLED
- tls: support automatic DHE
- test: simplify test-tls-ecdh-multiple
- src: remove TLSEXT_TYPE_alpn guard
- src: remove use of SSL_OP_SINGLE_DH_USE
- doc: remove useless SSL_OP_* options
- doc: fix links to SSL_CTX_set_options
- doc: fix description of TLS dhparam option
- test: simplify test-tls-ecdh-auto
openssl/openssl
1
closed
Reviewed 34 pull requests in 8 repositories
nodejs/node
23 pull requests
- quic: implement various utilities classes to be used by the quic impl
- permission: handle case-sensitive file systems
- doc: fix grammar in the collaborator guide
- test,crypto: update WebCryptoAPI WPT
- tools: add HTML previews for PR containing doc changes
- crypto: unify validation of checkPrime checks
- test,crypto: update WebCryptoAPI WPT
- doc: rename the startup performance initiative to startup snapshot
- permission: fix some vulnerabilities in fs
- Revert "vm: fix leak in vm.compileFunction when importModuleDynamically is used"
- src: fix clang 14 linker error
- stream: add setter & getter for default highWaterMark
- src: use std::array for passing argv in node::url
-
test: move
test-tls-autoselectfamily-servernametotest/internet - benchmark: add real-world examples for url parsing
- tls: support automatic DHE
- test: update WPT fixtures resources, common, streams, FileAPI
- doc: add missing test runner flags to man page
- tools: update lint-md-dependencies to rollup@3.18.0
- doc: use number which is bigger than 1024 as port in http2
- test: move testPath from CWD to temporary directory
-
url: set
formatUrlmethod as no side effect - fs: add recursive opendir/readdir
nodejs/TSC
3 pull requests
nodejs/nodejs.org
2 pull requests
nodejs/github-bot
2 pull requests
nodejs/.github
1 pull request
nodejs/tweet
1 pull request
nodejs/admin
1 pull request
nodejs/create-node-meeting-artifacts
1 pull request
Created an issue in nodejs/node that received 15 comments
Permission model restrictions imposed through process.permission.deny can be bypassed through case-insensitive paths
process.permission.deny() does not respect whether the relevant directories use case-insensitive path processing. Thus, unless an exponential numbe…
15
comments