Skip to content

Commit

Permalink
bump v0.0.9
Browse files Browse the repository at this point in the history 
fixed Regular Expression Denial of Service (ReDoS) in lodash
  • Loading branch information
@Tjatse
Tjatse committed Mar 1, 2022
1 parent 8142b25 commit 25ffe44
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 6 deletions.
7 changes: 3 additions & 4 deletions package.json
View file
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
{
"name": "ansi-html",
"version": "0.0.8",
"version": "0.0.9",
"description": "An elegant lib that converts the chalked (ANSI) text to HTML.",
"main": "index.js",
"scripts": {
"test": "./node_modules/.bin/mocha -R spec -t 5000"
"test": "./node_modules/.bin/mocha"
},
"bin": {
"ansi-html": "./bin/ansi-html"
Expand Down Expand Up @@ -33,8 +33,7 @@
"devDependencies": {
"mocha": "^1.21.4",
"chai": "^1.9.1",
"chalk": "^1.1.3",
"lodash": "^2.4.2"
"chalk": "^1.1.3"
},
"readmeFilename": "README.md",
"homepage": "https://github.com/Tjatse/ansi-html",
Expand Down
26 changes: 24 additions & 2 deletions test/chaining.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@ var ansiHTML = require('../')
var chalk = require('chalk')
var chai = require('chai')
var expect = chai.expect
var _ = require('lodash')

var fns = {}
Object.keys(chalk.styles).forEach(function (key) {
Expand All @@ -27,7 +26,7 @@ var txt = 'ansi-html'
describe('chaining', function () {
var keys = Object.keys(fns)
for (var i = 0; i < keys.length * 5; i++) {
var cKeys = _.sample(keys, _.random(1, 5))
var cKeys = _sample(keys)

var ret = {}
cKeys.forEach(function (key) {
Expand All @@ -41,3 +40,26 @@ describe('chaining', function () {
}.bind(ret))
}
})

function _random (min, max) {
return Math.ceil(10000 * Math.random()) % max + min
}

function _sample (arr, count) {
if (!count) {
count = _random(1, 5)
}
var len = arr.length
var ret = []
for (var i = 0; i < count; i++) {
var seed = _random(0, len)
while (ret.indexOf(arr[seed]) >= 0) {
seed = _random(0, len)
}
const v = arr[seed]
if (v && ret.indexOf(v) < 0) {
ret.push(v)
}
}
return ret
}

0 comments on commit 25ffe44

Please sign in to comment.