Mizah/mizzkey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request from GHSA-3f39-6537-3cgc

Browse source 
This commit implements HTTP header and body validation to fix
[SIF-2023-002](https://advisory.silicon.moe/advisory/sif-2023-002/)

Signed-off-by: perillamint <perillamint@silicon.moe>
Co-authored-by: perillamint <perillamint@silicon.moe>
Co-authored-by: yunochi <yuno@yunochi.com>
This commit is contained in:
syuilo 2023-11-14 17:09:45 +09:00 committed by GitHub
parent 30bb24d18c
commit 65c5626b65
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 79 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

3
packages/backend/package.json
View file

@ -59,7 +59,6 @@
"dependencies": {
"@aws-sdk/client-s3": "3.412.0",
"@aws-sdk/lib-storage": "3.412.0",
"@smithy/node-http-handler": "2.1.5",
"@bull-board/api": "5.9.1",
"@bull-board/fastify": "5.9.1",
"@bull-board/ui": "5.9.1",
@ -78,6 +77,7 @@
"@peertube/http-signature": "1.7.0",
"@simplewebauthn/server": "8.3.5",
"@sinonjs/fake-timers": "11.2.2",
"@smithy/node-http-handler": "2.1.5",
"@swc/cli": "0.1.62",
"@swc/core": "1.3.96",
"accepts": "1.3.8",
@ -99,6 +99,7 @@
"date-fns": "2.30.0",
"deep-email-validator": "0.1.21",
"fastify": "4.24.3",
"fastify-raw-body": "^4.2.2",
"feed": "4.2.2",
"file-type": "18.7.0",
"fluent-ffmpeg": "2.1.2",