-
Notifications
You must be signed in to change notification settings - Fork 355
Permalink
Choose a base ref
{{ refName }}
default
Choose a head ref
{{ refName }}
default
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
base repository: socketio/engine.io-client
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 6.5.2
Could not load branches
Nothing to show
Loading
Could not load tags
Nothing to show
{{ refName }}
default
Loading
...
head repository: socketio/engine.io-client
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 6.5.3
Could not load branches
Nothing to show
Loading
Could not load tags
Nothing to show
{{ refName }}
default
Loading
- 8 commits
- 17 files changed
- 4 contributors
Commits on Sep 13, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 3dcb88c - Browse repository at this point
Copy the full SHA 3dcb88cView commit details
Commits on Nov 6, 2023
-
Configuration menu - View commit details
-
Copy full SHA for 46ef851 - Browse repository at this point
Copy the full SHA 46ef851View commit details -
Configuration menu - View commit details
-
Copy full SHA for c1795ef - Browse repository at this point
Copy the full SHA c1795efView commit details
Commits on Nov 9, 2023
-
chore: bump @babel/traverse from 7.12.9 to 7.23.2 (#712)
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.12.9 to 7.23.2. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for f2aca29 - Browse repository at this point
Copy the full SHA f2aca29View commit details -
chore: bump browserify-sign from 4.2.1 to 4.2.2 (#713)
Bumps [browserify-sign](https://github.com/crypto-browserify/browserify-sign) from 4.2.1 to 4.2.2. - [Changelog](https://github.com/browserify/browserify-sign/blob/main/CHANGELOG.md) - [Commits](browserify/browserify-sign@v4.2.1...v4.2.2) --- updated-dependencies: - dependency-name: browserify-sign dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Configuration menu - View commit details
-
Copy full SHA for 8d86e0d - Browse repository at this point
Copy the full SHA 8d86e0dView commit details -
fix: add a maximum length for the URL
The regular expression used to parse the URL provided by the user has a time complexity of O(n^2), hence the length limitation. Please note that this does not seem realistically exploitable, as an attacker would have to be able to provide a malicious URL to the user and inject it in the Engine.IO client. We could also have: - modified the regex, but there are a lot of edge cases and the current test coverage is probably not sufficient - use the built-in URL object, but we would have to add a polyfill for old platforms like IE Thanks to Young-jin Hwang from the Soonchunhyang University for the responsible disclosure.
Configuration menu - View commit details
-
Copy full SHA for 707597d - Browse repository at this point
Copy the full SHA 707597dView commit details -
Configuration menu - View commit details
-
Copy full SHA for ef9ad7d - Browse repository at this point
Copy the full SHA ef9ad7dView commit details -
Configuration menu - View commit details
-
Copy full SHA for fa47916 - Browse repository at this point
Copy the full SHA fa47916View commit details
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff 6.5.2...6.5.3