Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-16 21:56:25 -05:00
Code Issues Activity

Fix redos vulnerability

Browse source
This commit is contained in:
Marc Bernard 2024-11-30 20:44:50 -05:00
parent d12a6fdb1e
commit 77c67e674b
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/core/core/src/tarball-utils.ts
View file

@ -8,7 +8,7 @@ import { URL } from 'url';
* @returns {String}
*/
export function getVersionFromTarball(fileName: string): string | void {
const groups = fileName.match(/^.+-(\d+\.\d+\.\d+.+)\.tgz$/);
const groups = fileName.replace(/\.tgz$/, '').match(/^[^/]+-(\d+\.\d+\.\d+.*)/);
return groups !== null ? groups[1] : undefined;
}