fix collision by proxy number #328
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
artalar
force-pushed
the
proxy-number-collision
branch
from
398fd90 to
397c549
Compare
Owner
|
Thanks. Fixed was released in 3.1.31. |
This was referenced Feb 10, 2022
Open
This was referenced Feb 10, 2022
Closed
This was referenced Feb 12, 2022
CVE-2021-23566 (Medium) detected in nanoid-3.1.12.tgz - autoclosed
billmcchesney1/react-bootstrap#87
Closed
This was referenced Feb 12, 2022
Closed
Closed
feynmanliang
pushed a commit
to feynmanliang/beanmachine
that referenced
this pull request
Apr 5, 2022
…arch#1387) Summary: ### Motivation Fix vulnerability described in ai/nanoid#328 Note `docusaurus-plugin-internaldocs-fb` doesn't pin its hard docusaurus version dependency and facebook/docusaurus#6287 introduced a breaking change, so we need to pin docusaurus version to keep the build green. ### Changes proposed Upgrades pinned JS dep versions from running `yarn upgrade` Pull Request resolved: facebookresearch#1387 Test Plan: `yarn build` ### Types of changes - [x] Docs change / refactoring / dependency upgrade - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) ### Checklist - [ ] My code follows the code style of this project. - [ ] My change requires a change to the documentation. - [ ] I have updated the documentation accordingly. - [x] I have read the **[CONTRIBUTING](https://github.com/facebookresearch/beanmachine/blob/main/CONTRIBUTING.md)** document. - [ ] I have added tests to cover my changes. - [ ] All new and existing tests passed. - [x] The title of my pull request is a short description of the requested changes. **Static Docs Preview: beanmachine** |[Full Site](https://our.intern.facebook.com/intern/staticdocs/eph/D35151907/V5/beanmachine/)| |**Modified Pages**| Reviewed By: horizon-blue Differential Revision: D35151907 Pulled By: feynmanliang fbshipit-source-id: 051b702c83a482fb3d3dacbd8bb3ebe9a0109af3
facebook-github-bot
pushed a commit
to facebookresearch/beanmachine
that referenced
this pull request
Apr 5, 2022
Summary: ### Motivation Fix vulnerability described in ai/nanoid#328 Note `docusaurus-plugin-internaldocs-fb` doesn't pin its hard docusaurus version dependency and facebook/docusaurus#6287 introduced a breaking change, so we need to pin docusaurus version to keep the build green. ### Changes proposed Upgrades pinned JS dep versions from running `yarn upgrade` Pull Request resolved: #1387 Test Plan: `yarn build` ### Types of changes - [x] Docs change / refactoring / dependency upgrade - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) ### Checklist - [ ] My code follows the code style of this project. - [ ] My change requires a change to the documentation. - [ ] I have updated the documentation accordingly. - [x] I have read the **[CONTRIBUTING](https://github.com/facebookresearch/beanmachine/blob/main/CONTRIBUTING.md)** document. - [ ] I have added tests to cover my changes. - [ ] All new and existing tests passed. - [x] The title of my pull request is a short description of the requested changes. **Static Docs Preview: beanmachine** |[Full Site](https://our.intern.facebook.com/intern/staticdocs/eph/D35151907/V5/beanmachine/)| |**Modified Pages**| Reviewed By: horizon-blue Differential Revision: D35151907 Pulled By: feynmanliang fbshipit-source-id: b4274c7fc713fccddd1d1c64c9024138107a5716
This was referenced Apr 7, 2022
This was referenced Apr 15, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
You can test live reproduce here https://stackblitz.com/edit/nanoid-collision?file=index.js (type
node index.jsin the console)