tools,doc: add guards against prototype pollution when creating proxies#43391
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Collaborator
nodejs-github-bot commented Jun 12, 2022
Review requested:
|
nodejs-github-bot added needs-ci Uh oh!
There was an error while loading. Please reload this page.
jasnell approved these changes Jun 13, 2022
aduh95 added author ready 
LiviaMedeiros approved these changes Jun 15, 2022
Uh oh!
There was an error while loading. Please reload this page.
github-actionsbot removed the request-ci Collaborator
nodejs-github-bot commented Jun 15, 2022
Collaborator
nodejs-github-bot commented Jun 15, 2022
Collaborator
nodejs-github-bot commented Jun 15, 2022
aduh95 added commit-queue nodejs-github-bot added commit-queue-failed Collaborator
nodejs-github-bot commented Jun 15, 2022
Commit Queue failed- Loading data for nodejs/node/pull/43391 ✔ Done loading data for nodejs/node/pull/43391 ----------------------------------- PR info ------------------------------------ Title tools,doc: add guards against prototype pollution when creating proxies (#43391) ⚠ Could not retrieve the email or name of the PR author's from user's GitHub profile! Branch aduh95:proxy-prototype-pollution -> nodejs:main Labels tools, author ready, needs-ci, commit-queue-squash Commits 4 - tools,doc: add guards against prototype pollution when creating proxies - fixup! tools,doc: add guards against prototype pollution when creatin… - fixup! tools,doc: add guards against prototype pollution when creatin… - Update tools/eslint-rules/avoid-prototype-pollution.js Committers 2 - Antoine du Hamel - GitHub PR-URL: https://github.com/nodejs/node/pull/43391 Reviewed-By: James M Snell Reviewed-By: LiviaMedeiros Reviewed-By: Сковорода Никита Андреевич ------------------------------ Generated metadata ------------------------------ PR-URL: https://github.com/nodejs/node/pull/43391 Reviewed-By: James M Snell Reviewed-By: LiviaMedeiros Reviewed-By: Сковорода Никита Андреевич -------------------------------------------------------------------------------- ℹ This PR was created on Sun, 12 Jun 2022 11:53:36 GMT ✔ Approvals: 3 ✔ - James M Snell (@jasnell) (TSC): https://github.com/nodejs/node/pull/43391#pullrequestreview-1004583796 ✔ - LiviaMedeiros (@LiviaMedeiros): https://github.com/nodejs/node/pull/43391#pullrequestreview-1007161498 ✔ - Сковорода Никита Андреевич (@ChALkeR) (TSC): https://github.com/nodejs/node/pull/43391#pullrequestreview-1007417535 ✔ Last GitHub CI successful ℹ Last Full PR CI on 2022-06-15T20:46:03Z: https://ci.nodejs.org/job/node-test-pull-request/44599/ - Querying data for job/node-test-pull-request/44599/ ✔ Last Jenkins CI successful -------------------------------------------------------------------------------- ✔ No git cherry-pick in progress ✔ No git am in progress ✔ No git rebase in progress -------------------------------------------------------------------------------- - Bringing origin/main up to date... From https://github.com/nodejs/node * branch main -> FETCH_HEAD 70b516e4db..9119382555 main -> origin/main ✔ origin/main is now up-to-date main is out of sync with origin/main. Mismatched commits: - 9119382555 tools: report unsafe string and regex primordials as lint errors -------------------------------------------------------------------------------- HEAD is now at 9119382555 tools: report unsafe string and regex primordials as lint errors ✔ Reset to origin/main - Downloading patch for 43391 From https://github.com/nodejs/node * branch refs/pull/43391/merge -> FETCH_HEAD ✔ Fetched commits as 70b516e4dbdf..a92ce2efa40a -------------------------------------------------------------------------------- Auto-merging test/parallel/test-eslint-avoid-prototype-pollution.js CONFLICT (content): Merge conflict in test/parallel/test-eslint-avoid-prototype-pollution.js Auto-merging tools/eslint-rules/avoid-prototype-pollution.js CONFLICT (content): Merge conflict in tools/eslint-rules/avoid-prototype-pollution.js error: could not apply 86dc079e91... tools,doc: add guards against prototype pollution when creating proxies hint: After resolving the conflicts, mark them with hint: "git add/rm ", then run hint: "git cherry-pick --continue". hint: You can instead skip this commit with "git cherry-pick --skip". hint: To abort and get back to the state before "git cherry-pick", hint: run "git cherry-pick --abort". ✖ Failed to apply patcheshttps://github.com/nodejs/node/actions/runs/2505466684 |
PR-URL: nodejs#43391 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
aduh95force-pushed the proxy-prototype-pollution branch from a92ce2e to 358008fCompareContributorAuthor
aduh95 commented Jun 15, 2022
Landed in 358008f |
22 tasks
danielleadams pushed a commit that referenced this pull request Jun 16, 2022
PR-URL: #43391 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
Merged
This was referenced Jun 17, 2022
aduh95 added a commit to aduh95/node that referenced this pull request Aug 1, 2022
PR-URL: nodejs#43391 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
aduh95 added a commit to aduh95/node that referenced this pull request Aug 1, 2022
PR-URL: nodejs#43391 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
targos pushed a commit that referenced this pull request Aug 2, 2022
PR-URL: #43391 Backport-PR-URL: #44081 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
guangwong pushed a commit to noslate-project/node that referenced this pull request Oct 10, 2022
PR-URL: nodejs/node#43391 Backport-PR-URL: nodejs/node#44081 Reviewed-By: James M Snell <[email protected]> Reviewed-By: LiviaMedeiros <[email protected]> Reviewed-By: Сковорода Никита Андреевич <[email protected]>
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
When defining a
Proxy, the handler object could be at risk of prototypepollution when using a plain object literal: