New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: remove ReDoS regexp #504

Merged
merged 1 commit into from Sep 21, 2017

Conversation

Projects
None yet
4 participants
@zhuangya
Copy link
Contributor

zhuangya commented Sep 21, 2017

  • split the line by '\n',
  • and trim each line(do we really need to trim each line?).
  • then join each line by ' '

i think this is the same as the original RegExp, correct me if wrong.

fix #501

@coveralls

This comment has been minimized.

Copy link

coveralls commented Sep 21, 2017

Coverage Status

Coverage increased (+2.1%) to 74.839% when pulling 42a6ae0 on zhuangya:redos into 47747f3 on visionmedia:master.

2 similar comments
@coveralls

This comment has been minimized.

Copy link

coveralls commented Sep 21, 2017

Coverage Status

Coverage increased (+2.1%) to 74.839% when pulling 42a6ae0 on zhuangya:redos into 47747f3 on visionmedia:master.

@coveralls

This comment has been minimized.

Copy link

coveralls commented Sep 21, 2017

Coverage Status

Coverage increased (+2.1%) to 74.839% when pulling 42a6ae0 on zhuangya:redos into 47747f3 on visionmedia:master.

@TooTallNate TooTallNate merged commit c38a016 into visionmedia:master Sep 21, 2017

2 checks passed

continuous-integration/travis-ci/pr The Travis CI build passed
Details
coverage/coveralls Coverage increased (+2.1%) to 74.839%
Details
@TooTallNate

This comment has been minimized.

Copy link
Member

TooTallNate commented Sep 21, 2017

Thank you!

@dougwilson

This comment has been minimized.

Copy link
Contributor

dougwilson commented Sep 21, 2017

Can this be backported to the 2.x series?

TooTallNate added a commit that referenced this pull request Sep 22, 2017

@TooTallNate

This comment has been minimized.

Copy link
Member

TooTallNate commented Sep 22, 2017

@dougwilson Sure thing: https://github.com/visionmedia/debug/releases/tag/2.6.9

Curious what's holding you back from upgrading though 😅

@joseluisq joseluisq referenced this pull request Dec 15, 2017

Closed

Upgrade debug to v2.6.9 #13

platinumazure added a commit to eslint/eslint that referenced this pull request Dec 18, 2017

Upgrade: debug@^3.1.0
This version of debug addresses a minor ReDoS issue. See visionmedia/debug#501, visionmedia/debug#504 for more information. Looking at the rest of the changelog, this should be a pretty low-risk upgrade.

aladdin-add added a commit to eslint/eslint that referenced this pull request Dec 19, 2017

Upgrade: debug@^3.1.0 (#9731)
This version of debug addresses a minor ReDoS issue. See visionmedia/debug#501, visionmedia/debug#504 for more information. Looking at the rest of the changelog, this should be a pretty low-risk upgrade.

@zhuangya zhuangya deleted the zhuangya:redos branch Dec 25, 2017

sodawy added a commit to sodawy/session that referenced this pull request Jan 6, 2018

stenalpjolly added a commit to stenalpjolly/express that referenced this pull request Aug 30, 2018

Upgrading package.json
With reference to fix: remove ReDoS regexp(visionmedia/debug#504)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment