search

davisjam / vuln-regex-detector

Detect vulnerable regexes in your project. REDOS, catastrophic backtracking.
MIT License
320 stars 29 forks source link

Package is unusable: server is down #73

Open jrtitus opened 4 years ago

jrtitus commented 4 years ago

Using the example code here: https://www.npmjs.com/package/vuln-regex-detector

/c/dev/tmp/safe
$ node .
(node:12616) UnhandledPromiseRejectionWarning: INVALID
(node:12616) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with 
.catch(). To terminate the node process on unhandled promise rejection, use the CLI flag `--unhandled-rejections=strict` (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:12616) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Ping test:

$ ping toybox.cs.vt.edu

Pinging toybox.cs.vt.edu [128.173.237.124] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 128.173.237.124:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
jrtitus commented 4 years ago

I assume it's the same reason as #72. You may want to put a warning in the main README stating this is the case.

TheL1ne commented 2 years ago

THis is a pretty big issue as this makes the whole detector unusable on windows machines as the configure skript can not be run on anything but ubuntu. Please consider changing either the limitation to ubuntu or bring the server back up.

For reasons I can not explain I have to work on a windows machine.