Skip to content

tools: update path-parse to 1.0.7#39232

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Trott merged 1 commit into from
Jul 4, 2021
Merged

tools: update path-parse to 1.0.7 #39232

Trott merged 1 commit into from
Jul 4, 2021

Conversation

@Trott
Copy link
Member

@TrottTrott commented Jul 2, 2021

path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a
ReDoS is likely to affect us in this tool.

Refs: jbgutierrez/path-parse@09e1086

@TrottTrott added the request-ci Add this label to start a Jenkins CI on a PR. label Jul 2, 2021
@github-actionsgithub-actionsbot added tools Issues and PRs related to the tools directory. and removed request-ci Add this label to start a Jenkins CI on a PR. labels Jul 2, 2021
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jul 2, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/38817/

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jul 2, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/38824/

@Trott
tools: update path-parse to 1.0.7
2d542f5
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a ReDoS is likely to affect us in this tool. Refs: jbgutierrez/path-parse@09e1086 PR-URL: nodejs#39232 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Zijian Liu <[email protected]>
@Trott
Copy link
MemberAuthor

Trott commented Jul 4, 2021

Landed in 2d542f5

@TrottTrott merged commit 2d542f5 into nodejs:masterJul 4, 2021
@TrottTrott deleted the path-parse branch July 4, 2021 14:42
targos pushed a commit that referenced this pull request Jul 11, 2021
@Trott@targos
tools: update path-parse to 1.0.7
802d9c4
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a ReDoS is likely to affect us in this tool. Refs: jbgutierrez/path-parse@09e1086 PR-URL: #39232 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Zijian Liu <[email protected]>
@targostargos mentioned this pull request Jul 13, 2021
Merged
targos pushed a commit that referenced this pull request Sep 4, 2021
@Trott@targos
tools: update path-parse to 1.0.7
ff0ca11
path-parse 1.0.6 is vulnerable to ReDoS. Update to 1.0.7. Uh, not that a ReDoS is likely to affect us in this tool. Refs: jbgutierrez/path-parse@09e1086 PR-URL: #39232 Reviewed-By: Michaël Zasso <[email protected]> Reviewed-By: Zijian Liu <[email protected]>
@targostargos mentioned this pull request Sep 4, 2021
Merged
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@targostargostargos approved these changes

@LxxyxLxxyxLxxyx approved these changes

Assignees

No one assigned

Labels

toolsIssues and PRs related to the tools directory.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Trott@nodejs-github-bot@targos@Lxxyx