git-urls icon indicating copy to clipboard operation
git-urls copied to clipboard

Published 20 hours ago verified publisher icon whilp

Fix regex denial-of-service

Open mojotx opened this issue 1 year ago • 1 comments

This should fix https://github.com/whilp/git-urls/issues/24. Need to bump version from v1.0.0 to v1.0.1

Otherwise I am going to have to start using my forked version since this shows up as a Dependabot warning now.

See https://github.com/mojotx/git-goclone/security/dependabot/10

mojotx avatar Feb 11 '24 15:02 mojotx

This attempts to address https://github.com/advisories/GHSA-3f2q-6294-fmq5 and https://github.com/whilp/git-urls/issues/24. It is an alternative to https://github.com/whilp/git-urls/pull/25, but with a more generous URL length limit of 8000 instead of 1000. It still completes in 500 µs on my system, for a URL of 8000 characters.

mojotx avatar Feb 13 '24 20:02 mojotx