Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-01-13 22:48:31 -05:00
Code Issues Activity

Fix redos vulnerability

Browse source
This commit is contained in:
Marc Bernard 2024-11-30 20:44:50 -05:00
parent d12a6fdb1e
commit 77c67e674b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/core/core/src/tarball-utils.ts
View file

@ -8,7 +8,7 @@ import { URL } from 'url';
* @returns {String} * @returns {String}
*/ */
export function getVersionFromTarball(fileName: string): string | void { export function getVersionFromTarball(fileName: string): string | void {
const groups = fileName.match(/^.+-(\d+\.\d+\.\d+.+)\.tgz$/); const groups = fileName.replace(/\.tgz$/, '').match(/^[^/]+-(\d+\.\d+\.\d+.*)/);
return groups !== null ? groups[1] : undefined; return groups !== null ? groups[1] : undefined;
} }