• Joined on 2022-08-05
Vylpes created branch feature/CD-457 in External/card-drop 2025-06-18 18:04:18 +01:00
Vylpes pushed to feature/CD-457 at External/card-drop 2025-06-18 18:04:18 +01:00
9d93b9b95e Update drop embed buttons to auto sacrifice on reroll
Vylpes created branch hotfix/0.9.3 in External/card-drop 2025-06-18 17:38:12 +01:00
Vylpes pushed to hotfix/0.9.3 at External/card-drop 2025-06-18 17:38:12 +01:00
Vylpes pushed to feature/DOTF-17 at Vylpes/dotfiles 2025-06-06 18:40:04 +01:00
cf41e0cb1a WIP: Start migrating FZF
0dffc86fbf Merge branch 'master' into feature/DOTF-17
c115136dc2 Save flameshot to clipboard
30d1fb1326 Replace lf with ranger
e276af98a8 Use bindkey emacs mode
Compare 5 commits »
Vylpes commented on issue Vylpes/dotfiles#17 2025-06-06 18:25:25 +01:00
Migrate config to lua

Seems to have an issue also with the keyboards, fzf is saying Undefined variable :FZF

Vylpes opened issue External/card-drop#463 2025-06-04 22:12:30 +01:00
[23] [LOW] Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Vylpes commented on issue External/card-drop#462 2025-06-04 22:11:28 +01:00
[22] [LOW] undici Denial of Service attack via bad certificate data

Upgrade undici to version 6.21.2 or later. For example:

undici@^6.21.2:
  version "6.21.2"
Vylpes opened issue External/card-drop#462 2025-06-04 22:11:19 +01:00
[22] [LOW] undici Denial of Service attack via bad certificate data
Vylpes commented on issue External/card-drop#461 2025-06-04 18:39:24 +01:00
[21] [MODERATE] Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups

Upgrade @babel/helpers to version 7.26.10 or later. For example:

@babel/helpers@^7.26.10:
  version "7.26.10"
Vylpes opened issue External/card-drop#461 2025-06-04 18:39:14 +01:00
[21] [MODERATE] Babel has inefficient RegExp complexity in generated code with .replace when transpiling named capturing groups
Vylpes commented on issue External/card-drop#460 2025-06-04 18:37:53 +01:00
[20] [MODERATE] Use of Insufficiently Random Values in undici

Upgrade undici to version 6.21.2 or later. For example:

undici@^6.21.2:
  version "6.21.2"
Vylpes opened issue External/card-drop#460 2025-06-04 18:37:40 +01:00
[20] [MODERATE] Use of Insufficiently Random Values in undici
Vylpes commented on issue External/card-drop#459 2025-06-04 18:36:26 +01:00
[19] [HIGH] path-to-regexp contains a ReDoS

Upgrade path-to-regexp to version 0.1.12 or later. For example:

path-to-regexp@^0.1.12:
  version "0.1.12"
Vylpes opened issue External/card-drop#459 2025-06-04 18:36:23 +01:00
[19] [HIGH] path-to-regexp contains a ReDoS
Vylpes commented on issue External/card-drop#458 2025-06-04 18:34:48 +01:00
[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn

Upgrade cross-spawn to version 7.0.5 or later. For example:

cross-spawn@^7.0.5:
  version "7.0.5"
Vylpes commented on issue External/card-drop#458 2025-06-04 18:34:16 +01:00
[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn

Transitive dependency cross-spawn 7.0.3 is introduced via

  • eslint 8.57.0
  • glob 10.4.5
  • jest 29.7.0
  • np 9.2.0
  • typeorm 0.3.20
Vylpes opened issue External/card-drop#458 2025-06-04 18:33:23 +01:00
[18] [HIGH] Regular Expression Denial of Service (ReDoS) in cross-spawn
Vylpes closed issue External/card-drop#358 2025-06-04 18:31:51 +01:00
[11] Regular Expression Denial of Service (ReDoS) in micromatch
Vylpes closed issue External/card-drop#369 2025-06-04 18:31:51 +01:00
[12] express vulnerable to XSS via response.redirect()