vrr/spawn
2
0
Fork 0
mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-19 08:01:17 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 8

fix(security): add length guard against ReDoS in markdown table regex (#3240)
Some checks are pending
CLI Release / Build and release CLI (push) Waiting to run
Details
Lint / ShellCheck (push) Waiting to run
Details
Lint / Biome Lint (push) Waiting to run
Details
Lint / macOS Compatibility (push) Waiting to run
Details

Browse source 
Fixes #3199

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
A 2026-04-08 02:44:18 -07:00 committed by GitHub
parent 8c73bb9713
commit 3d31f1e328
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.claude/skills/setup-spa/helpers.ts
View file

@ -686,6 +686,11 @@ export function extractMarkdownTables(raw: string): {
clean: string;
tables: string[];
} {
if (raw.length > 50_000)
return {
clean: raw,
tables: [],
};
const tables: string[] = [];
MARKDOWN_TABLE_RE.lastIndex = 0;
const clean = raw.replace(MARKDOWN_TABLE_RE, (match) => {