Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix vulnerable package path-to-regex of superstatic #7929

Closed
IchordeDionysos opened this issue Nov 11, 2024 · 3 comments · Fixed by #7941
Closed

Fix vulnerable package path-to-regex of superstatic #7929

IchordeDionysos opened this issue Nov 11, 2024 · 3 comments · Fixed by #7941
Assignees
@bkendall
Labels
api: core type: bug

Comments

@IchordeDionysos
Copy link
Contributor

firebase-tools: 13.24.2

Platform: any

Update the path-to-regex vulnerability in superstatic to resolve a vulnerability added to firebase-tools.

firebase/superstatic#482

This would help reduce the number of vulnerabilities of downstream consumers and focus on actual / important reports.
@google-oss-bot
Copy link
Contributor

This issue does not seem to follow the issue template. Make sure you provide all the required information.

@IchordeDionysos
Copy link
Contributor Author

IchordeDionysos commented Nov 11, 2024
edited
Loading

/cc @joehan @yuchenshi if you can help push this ☺️

@bkendall bkendall self-assigned this Nov 12, 2024
@bkendall
Copy link
Contributor

Thanks for the report. It should be addressed with this PR: firebase/superstatic#484

@bkendall bkendall mentioned this issue Nov 13, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@bkendall bkendall

Labels
api: core type: bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

upgrade superstatic to 9.1.0 firebase/firebase-tools
4 participants
@bkendall @IchordeDionysos @google-oss-bot @rizafran