Skip to content

Merge pull request #2870 from AIFlowML/fix-plugin-spheron

GitHub Advanced Security / CodeQL failed Jan 28, 2025 in 2s

2 new alerts including 2 high severity security vulnerabilities

New alerts in code changed by this pull request

Security Alerts:

  • 2 high

Alerts not introduced by this pull request might have been detected because the code changes were too large.

See annotations below for details.

View all branch alerts.

Annotations

Check failure on line 105 in packages/core/src/parsing.ts

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings starting with '["' and with many repetitions of '["a'.
This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings starting with '["' and with many repetitions of '["a'.

Check failure on line 347 in packages/plugin-spheron/src/utils/index.ts

See this annotation in the file changed.

Code scanning / CodeQL

Polynomial regular expression used on uncontrolled data High

This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '0'.
This
regular expression
Loading
that depends on
library input
Loading
may run slow on strings with many repetitions of '0'.