这是indexloc提供的服务,不要输入任何密码
Skip to content

🔒 Add script tag validation to satisfy SNYK-JS-TSUP-9056218 #1314

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 12, 2025
Merged

🔒 Add script tag validation to satisfy SNYK-JS-TSUP-9056218 #1314

merged 1 commit into from
Nov 12, 2025

Conversation

@benhoad
Copy link
Contributor

@benhoad benhoad commented Mar 6, 2025

Applied suggested fix from https://gist.github.com/jackfromeast/36f98bf7542d11835c883c1d175d9b92

Current test suite passes; investigating extended test to specifically target the CVE scenario.

@codesandbox
Copy link

codesandbox bot commented Mar 6, 2025

Review or Edit in CodeSandbox

Open the branch in Web EditorVS CodeInsiders

Open Preview

@vercel
Copy link

vercel bot commented Mar 6, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

Name Status Preview Comments Updated (UTC)
tsup ✅ Ready (Inspect) Visit Preview 💬 Add feedback May 28, 2025 2:43am

@benhoad benhoad mentioned this pull request Mar 12, 2025
Open
@benhoad benhoad mentioned this pull request Apr 14, 2025
Open
@kishorchouhan
Copy link

kishorchouhan commented May 26, 2025

When can we expect it to be merged?

@benhoad benhoad force-pushed the test-patch-SNYK-JS-TSUP-9056218 branch from 57ab6f2 to 9414332 Compare May 28, 2025 02:43
@benhoad benhoad changed the title Add script tag validation to satisfy SNYK-JS-TSUP-9056218 🔒 Add script tag validation to satisfy SNYK-JS-TSUP-9056218 May 28, 2025
@shadabfaisal7
Copy link

shadabfaisal7 commented Jun 3, 2025

@benhoad when is this getting merged?

@benhoad
Copy link
Contributor Author

benhoad commented Jun 4, 2025

@shadabfaisal7 @kishorchouhan It's awaiting review by @egoist

@kishorchouhan
Copy link

kishorchouhan commented Jun 16, 2025

@egoist Can you please review this to solve the long due vuln on priority?
Screenshot 2025-06-16 at 3 01 08 PM

@charIeszhao
Copy link

charIeszhao commented Jun 24, 2025

@egoist Hello, could you please take a look at this? Thanks

@tylor-metrics
Copy link

tylor-metrics commented Sep 26, 2025

I am assuming this will not make it in since the repo has gone into maintenance.

@sxzz sxzz merged commit df7360b into egoist:main Nov 12, 2025
4 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sxzz sxzz sxzz approved these changes

+1 more reviewer

@darcyYe darcyYe darcyYe approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@benhoad @kishorchouhan @shadabfaisal7 @charIeszhao @tylor-metrics @sxzz @darcyYe