OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
Files
32bcf4ca27bba9d4e48418f12dc6d7c2252e71ec
node/lib
History
Tobias Nießen 32bcf4ca27 permission: improve path traversal protection 
Always use the original implementation of pathModule.resolve. If the
application overwrites the value of pathModule.resolve with a custom
implementation, it should not have any effect on the permission model.

PR-URL: https://github.com/nodejs-private/node-private/pull/456
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
CVE-ID: CVE-2023-39331
2023-10-13 18:05:10 -03:00
..
assert
dns
fs
inspector
internal
permission: improve path traversal protection
2023-10-13 18:05:10 -03:00
path
readline
readline: use addAbortListener
2023-07-11 19:50:13 +03:00
stream
stream: add pipeline() for webstreams
2023-02-02 19:45:42 +00:00
test
test_runner: add junit reporter
2023-09-14 08:43:53 +00:00
timers
fs: use kResistStopPropagation
2023-06-24 15:52:38 +00:00
util
_http_agent.js
http: refactor to make servername option normalization testable
2023-10-06 15:31:05 +02:00
_http_client.js
url: offload URLSearchParams initialization
2023-03-01 17:03:58 +00:00
_http_common.js
http: null the joinDuplicateHeaders property on cleanup
2023-07-03 06:20:13 +00:00
_http_incoming.js
lib: add trailing commas to more internal files
2023-02-26 11:34:02 +01:00
_http_outgoing.js
http: send implicit headers on HEAD with no body
2023-05-26 12:38:24 +00:00
_http_server.js
http: start connections checking interval on listen
2023-07-24 20:55:19 +00:00
_stream_duplex.js
_stream_passthrough.js
_stream_readable.js
_stream_transform.js
_stream_wrap.js
_stream_writable.js
_tls_common.js
tools: add prefer-proto rule
2023-01-10 05:38:36 +00:00
_tls_wrap.js
tls: use validateNumber for options.minDHSize
2023-10-06 13:18:34 +00:00
.eslintrc.yaml
lib: update usage of always on Atomics API
2023-10-10 08:26:58 +02:00
assert.js
assert: deprecate callTracker
2023-04-29 06:57:08 +00:00
async_hooks.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
buffer.js
buffer: combine checking range of sourceStart in buf.copy
2023-05-07 23:58:41 +00:00
child_process.js
typings: update JSDoc for cwd in child_process
2023-08-08 15:32:31 +08:00
cluster.js
cluster: use ObjectPrototypeHasOwnProperty
2023-05-25 16:04:19 +00:00
console.js
constants.js
crypto.js
crypto: remove DEFAULT_ENCODING
2023-03-26 18:03:58 +00:00
dgram.js
dgram: socket add asyncDispose
2023-07-11 21:10:27 +00:00
diagnostics_channel.js
lib: implement WeakReference on top of JS WeakRef
2023-08-16 18:45:07 +02:00
dns.js
dns: call ada::idna::to_ascii directly from c++
2023-05-10 16:04:35 +00:00
domain.js
lib: implement WeakReference on top of JS WeakRef
2023-08-16 18:45:07 +02:00
events.js
events: validate options of on and once
2023-09-29 10:56:20 +00:00
fs.js
fs: improve error perf of sync chmod+fchmod
2023-10-12 11:14:34 -04:00
http2.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
http.js
lib: update params in jsdoc for HTTPRequestOptions
2023-09-29 13:14:24 +02:00
https.js
lib: update params in jsdoc for HTTPRequestOptions
2023-09-29 13:14:24 +02:00
inspector.js
inspector: open add SymbolDispose
2023-07-16 09:46:27 +00:00
module.js
module: implement register utility
2023-06-12 00:00:46 +00:00
net.js
net: server add asyncDispose
2023-07-11 21:10:28 +00:00
os.js
tools: fix jsdoc lint
2023-05-02 00:48:20 +00:00
path.js
path: indicate index of wrong resolve() parameter
2023-05-04 14:03:20 +00:00
perf_hooks.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
process.js
punycode.js
lib: runtime deprecate punycode
2023-04-03 17:47:28 +00:00
querystring.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
readline.js
readline: use addAbortListener
2023-07-11 19:50:13 +03:00
repl.js
repl: don't accumulate excess indentation in .load
2023-09-21 13:37:41 +00:00
stream.js
errors: improve performance of instantiation
2023-09-28 09:57:38 +00:00
string_decoder.js
tools: fix jsdoc lint
2023-05-02 00:48:20 +00:00
sys.js
test.js
test_runner: add initial draft for fakeTimers
2023-06-22 04:01:52 +00:00
timers.js
timers: support Symbol.dispose
2023-07-05 13:39:38 +00:00
tls.js
tls: add trailing commas in source files
2023-02-22 01:22:23 +01:00
trace_events.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
tty.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00
url.js
url: validate pathToFileURL(path) argument as string
2023-08-31 20:35:04 +08:00
util.js
tools: fix jsdoc lint
2023-05-02 00:48:20 +00:00
v8.js
src: make AliasedBuffers in the binding data weak
2023-04-20 03:28:35 +00:00
vm.js
vm: use default HDO when importModuleDynamically is not set
2023-10-05 00:11:04 +00:00
wasi.js
wasi: make returnOnExit true by default
2023-04-11 16:35:52 -04:00
worker_threads.js
src: throw DataCloneError on transfering untransferable objects
2023-05-05 11:22:42 +00:00
zlib.js
lib: add trailing commas to all public core modules
2023-02-28 12:10:24 +01:00