rpms / rh-nodejs12-nodejs-nodemon

Clone
Source Code
GIT

Files

  1.   8dc9a880c8fc59dc0e28975d74362daecf85b9db
  2.   SOURCES
  3.   0003-fix-eliminate-ReDoS-36.patch
Blob Blame History Raw 
From 77d803b877935e51c42e8bd66510d41f3e76460c Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sat, 6 Mar 2021 13:16:16 -0800
Subject: [PATCH] fix: eliminate ReDoS (#36)

This change fixes a regular expression denial of service
vulnerability.

Refs: https://github.com/gulpjs/glob-parent/issues/32
Refs: https://app.snyk.io/vuln/SNYK-JS-GLOBPARENT-1016905
Signed-off-by: rpm-build <rpm-build>
---
 node_modules/glob-parent/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/node_modules/glob-parent/index.js b/node_modules/glob-parent/index.js
index 2ded6ea..c7b3bd3 100644
--- a/node_modules/glob-parent/index.js
+++ b/node_modules/glob-parent/index.js
@@ -6,7 +6,7 @@ var isWin32 = require('os').platform() === 'win32';
 
 var slash = '/';
 var backslash = /\\/g;
-var enclosure = /[\{\[].*[\/]*.*[\}\]]$/;
+var enclosure = /[\{\[].*[\}\]]$/;
 var globby = /(^|[^\\])([\{\[]|\([^\)]+$)/;
 var escaped = /\\([\*\?\|\[\]\(\)\{\}])/g;
 
-- 
2.31.1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation