From 3d31f1e32802b5b2a9fe490ecb89d45170bfc8d3 Mon Sep 17 00:00:00 2001
From: A <258483684+la14-1@users.noreply.github.com>
Date: Wed, 8 Apr 2026 02:44:18 -0700
Subject: [PATCH] fix(security): add length guard against ReDoS in markdown
 table regex (#3240)

Fixes #3199

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
---
 .claude/skills/setup-spa/helpers.ts | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.claude/skills/setup-spa/helpers.ts b/.claude/skills/setup-spa/helpers.ts
index b577c4c0..4c6d8c91 100644
--- a/.claude/skills/setup-spa/helpers.ts
+++ b/.claude/skills/setup-spa/helpers.ts
@@ -686,6 +686,11 @@ export function extractMarkdownTables(raw: string): {
   clean: string;
   tables: string[];
 } {
+  if (raw.length > 50_000)
+    return {
+      clean: raw,
+      tables: [],
+    };
   const tables: string[] = [];
   MARKDOWN_TABLE_RE.lastIndex = 0;
   const clean = raw.replace(MARKDOWN_TABLE_RE, (match) => {