search

micromatch / braces

Faster brace expansion for node.js. Besides being faster, braces is not subject to DoS attacks like minimatch, is more accurate, and has more complete support for Bash 4.3.
https://github.com/jonschlinkert
MIT License
207 stars 47 forks source link

question #15

Closed bondz closed 6 years ago

bondz commented 6 years ago

Snyk says this vulnerability has been fixed....

jonschlinkert commented 6 years ago

1) It was fixed immediately after it was reported 2) it wasn't "a potential vulnerability". this was discussed at length elsewhere. 3) you should never create an issue like this about a potential vulnerability unless you want to either incite panic or actually cause the problem that everyone wants to avoid. 4) I'm deleting part of your original comment for security reasons.