{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":199863880,"defaultBranch":"main","name":"documentation","ownerLogin":"EGI-Federation","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2019-07-31T13:40:41.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/24547948?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1721651941.0","currentOid":""},"activityList":{"items":[{"before":"61139a184fca7b6f24128d5733926414bf7bae68","after":"42d9fbbb4b25bd485672e57d0f621e5141279274","ref":"refs/heads/main","pushedAt":"2024-08-01T13:18:49.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"gwarf","name":"Baptiste Grenier","path":"/gwarf","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/451417?s=80&v=4"},"commit":{"message":"Update _index.md (#663)\n\nthe previous phrase: 'These resources are delivered' could lead to\r\nmisunderstanding changed as suggested\r\n\r\n---------\r\nCo-authored-by: Baptiste Grenier Sourced from ws's\r\nreleases. A request with a number of headers exceeding\r\nthe[ const wss = new WebSocket.Server({ port: 0 }, function () {\r\nconst chars =\r\n"!#$%&'*+-.0123456789abcdefghijklmnopqrstuvwxyz^_`|~".split('');\r\nconst headers = {};\r\nlet count = 0; for (let i = 0; i < chars.length; i++) {\r\nif (count === 2000) break; } headers.Connection = 'Upgrade';\r\nheaders.Upgrade = 'websocket';\r\nheaders['Sec-WebSocket-Key'] = 'dGhlIHNhbXBsZSBub25jZQ==';\r\nheaders['Sec-WebSocket-Version'] = '13'; const request = http.request({\r\nheaders: headers,\r\nhost: '127.0.0.1',\r\nport: wss.address().port\r\n}); request.end();\r\n});\r\nRelease notes
\r\n\r\n
8.17.1
\r\nBug fixes
\r\n\r\n
\r\nserver.maxHeadersCount
][]\r\nthreshold could be used to crash a ws server.const http = require('http');\r\nconst WebSocket = require('ws');\r\n
\r\nfor (let j = 0; j < chars.length; j++) {\r\n const key = chars[i] + chars[j];\r\n headers[key] = 'x';\r\n\r\n if (++count === 2000) break;\r\n}\r\n
The vulnerability was reported by Ryan LaPointe in websockets/ws#2230.
\r\nIn vulnerable versions of ws, the issue can be mitigated in the\r\nfollowing ways:
\r\n--max-http-header-size=size
][] and/or the\r\n[maxHeaderSize
][] options so\r\nthat no more headers than the server.maxHeadersCount
limit\r\ncan be sent.... (truncated)
\r\n\r\n3c56601
\r\n[dist] 8.17.1e55e510
\r\n[security] Fix crash when the Upgrade header cannot be read (#2231)6a00029
\r\n[test] Increase code coverageddfe4a8
\r\n[perf] Reduce the amount of crypto.randomFillSync()
\r\ncallsb73b118
\r\n[dist] 8.17.029694a5
\r\n[test] Use the highWaterMark
variable934c9d6
\r\n[ci] Test on node 221817bac
\r\n[ci] Do not test on node 2196c9b3d
\r\n[major] Flip the default value of allowSynchronousEvents
\r\n(#2221)e5f32c7
\r\n[fix] Emit at most one event per event loop iteration (#2218)Sourced from @umbrelladocs/linkspector
's\r\nreleases.
\r\n\r\nv0.3.8
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix typo by
\r\n@koppor
in UmbrellaDocs/linkspector#49- Fix typo by
\r\n@IvanArkhipov1999
\r\nin UmbrellaDocs/linkspector#52- Use GitHub slugger for converting ID to slug by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#58New Contributors
\r\n\r\n
\r\n- \r\n
@koppor
made\r\ntheir first contribution in UmbrellaDocs/linkspector#49- \r\n
@IvanArkhipov1999
\r\nmade their first contribution in UmbrellaDocs/linkspector#52Full Changelog: https://github.com/UmbrellaDocs/linkspector/compare/v0.3.7...v0.3.8
\r\nv0.3.7
\r\nWhat's Changed
\r\n\r\n
\r\n- Add Dockerfile by
\r\n@marcindulak
in\r\nUmbrellaDocs/linkspector#23- Update the JSON output to only report errors in Reviewdog Diagnostic\r\nFormat by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#43- Minor bug fixes by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#46- Check AsciiDoc hyperlinks by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#48New Contributors
\r\n\r\n
\r\n- \r\n
@marcindulak
\r\nmade their first contribution in UmbrellaDocs/linkspector#23Full Changelog: https://github.com/UmbrellaDocs/linkspector/compare/v0.3.6...v0.3.7
\r\nv0.3.6
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix section links checking in the same file by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#42Full Changelog: https://github.com/UmbrellaDocs/linkspector/compare/v0.3.5...v0.3.6
\r\nv0.3.5
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix top level relative link checking, added test, added\r\n
\r\n.linkspector.yml
by@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#41Full Changelog: https://github.com/UmbrellaDocs/linkspector/compare/v0.3.4...v0.3.5
\r\nv0.3.4
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix: Check section links in the same file. by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#40Full Changelog: https://github.com/UmbrellaDocs/linkspector/compare/v0.3.3...v0.3.4
\r\nv0.3.3
\r\nWhat's Changed
\r\n\r\n
\r\n\r\n- Dev 0.3.3 by
\r\n@gaurav-nelson
\r\nin UmbrellaDocs/linkspector#39- Switched to
\r\nnpm
- Added tests for checking image links and relative links
\r\n
... (truncated)
\r\n4ac8576
\r\nUpdate the package version for release14511bd
\r\nMerge pull request #58\r\nfrom UmbrellaDocs/section-links-fix1b3aff4
\r\nUse GitHub slugger for converting ID to slug7b5fe4d
\r\nMerge pull request #52\r\nfrom IvanArkhipov1999/fix-typo38feffb
\r\nFix typo71b8ebd
\r\nMerge pull request #49\r\nfrom koppor/patch-1e1c40a1
\r\nFix typo8d44ea9
\r\nUpdate test to fix failing build17478b3
\r\nAdded action-linkspector link01daaa6
\r\nUpdate version for release74b2db2
\r\n3.0.388f1429
\r\nupdate eslint. lint, fix unit tests.415d660
\r\nSnyk js braces 6838727 (#40)190510f
\r\nfix tests, skip 1 test in test/braces.expand716eb9f
\r\nreadme bumpa5851e5
\r\nMerge pull request #37\r\nfrom coderaiser/fix/vulnerability2092bd1
\r\nfeature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
\r\nfix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
\r\nremove funding file665ab5d
\r\nupdate keepEscaping doc (#27)