Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tools: update path-parse to 1.0.7 #39232

Merged
merged 1 commit into from
Jul 4, 2021
Merged

tools: update path-parse to 1.0.7 #39232

merged 1 commit into from
Jul 4, 2021

Conversation

Trott
Copy link
Member

@Trott Trott commented Jul 2, 2021

path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a
ReDoS is likely to affect us in this tool.

Refs: jbgutierrez/path-parse@09e1086

@Trott Trott added the request-ci Add this label to start a Jenkins CI on a PR. label Jul 2, 2021
@github-actions github-actions bot added tools Issues and PRs related to the tools directory. and removed request-ci Add this label to start a Jenkins CI on a PR. labels Jul 2, 2021
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/38817/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/38824/

@Trott
tools: update path-parse to 1.0.7
2d542f5 
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a
ReDoS is likely to affect us in this tool.

Refs: jbgutierrez/path-parse@09e1086

PR-URL: nodejs#39232
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
@Trott
Copy link
Member Author

Trott commented Jul 4, 2021

Landed in 2d542f5

@Trott Trott merged commit 2d542f5 into nodejs:master Jul 4, 2021
@Trott Trott deleted the path-parse branch July 4, 2021 14:42
targos pushed a commit that referenced this pull request Jul 11, 2021
@Trott @targos
tools: update path-parse to 1.0.7
802d9c4 
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a
ReDoS is likely to affect us in this tool.

Refs: jbgutierrez/path-parse@09e1086

PR-URL: #39232
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
@targos targos mentioned this pull request Jul 13, 2021
Merged
targos pushed a commit that referenced this pull request Sep 4, 2021
@Trott @targos
tools: update path-parse to 1.0.7
ff0ca11 
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a
ReDoS is likely to affect us in this tool.

Refs: jbgutierrez/path-parse@09e1086

PR-URL: #39232
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Zijian Liu <lxxyxzj@gmail.com>
@targos targos mentioned this pull request Sep 4, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@targos targos targos approved these changes

@Lxxyx Lxxyx Lxxyx approved these changes

Assignees
No one assigned
Labels
tools Issues and PRs related to the tools directory.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@Trott @nodejs-github-bot @targos @Lxxyx