Navigation Menu

Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: replace ansi-html with ansi-html-community #3801

Merged
merged 1 commit into from Sep 7, 2021
Merged

fix: replace ansi-html with ansi-html-community #3801

merged 1 commit into from Sep 7, 2021

Conversation

carlobeltrame
Copy link
Contributor

This fixes the ReDoS vulnerability CVE-2021-23424

  • This is a bugfix
  • This is a feature
  • This is a code refactor
  • This is a test update
  • This is a docs update
  • This is a metadata update

For Bugs and Features; did you add new tests?

I only replaced a dependency which has tests on its own.

Motivation / Use-Case

Fixes #3576
Replaces #3798

Breaking Changes

None

Additional Info

This was referenced Sep 6, 2021
Closed
Closed
@codecov
Copy link

codecov bot commented Sep 6, 2021
edited

Codecov Report

Merging #3801 (3210ee1) into master (e7c7009) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #3801   +/-   ##
=======================================
  Coverage   92.88%   92.88%           
=======================================
  Files          14       14           
  Lines        1321     1321           
  Branches      463      463           
=======================================
  Hits         1227     1227           
  Misses         87       87           
  Partials        7        7

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e7c7009...3210ee1. Read the comment docs.

alexander-akait
alexander-akait previously approved these changes Sep 6, 2021
View reviewed changes
snitin315
snitin315 previously approved these changes Sep 6, 2021
View reviewed changes
Copy link
Member

@snitin315 snitin315 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks! ⭐

@carlobeltrame
Copy link
Contributor Author

@alexander-akait @snitin315 I had to rebase onto the current master

@alexander-akait alexander-akait merged commit 36fd214 into webpack:master Sep 7, 2021
@carlobeltrame carlobeltrame deleted the fix/ansi-html-community branch September 7, 2021 14:29
@pedantic79 pedantic79 mentioned this pull request Sep 9, 2021
Closed
@luc122c luc122c mentioned this pull request Sep 12, 2021
Closed
@mdamian322 mdamian322 mentioned this pull request Sep 24, 2021
Merged
@ZuBB ZuBB mentioned this pull request Oct 20, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rishabh3112 rishabh3112 rishabh3112 approved these changes

@snitin315 snitin315 snitin315 approved these changes

@alexander-akait alexander-akait alexander-akait left review comments

@anshumanv anshumanv Awaiting requested review from anshumanv anshumanv is a code owner

@hiroppy hiroppy Awaiting requested review from hiroppy hiroppy is a code owner

@knagaitsev knagaitsev Awaiting requested review from knagaitsev

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

ReDoS Vulnerability
4 participants
@carlobeltrame @alexander-akait @rishabh3112 @snitin315