Security Fix: mitigate ReDOS attacks on the chat bot.

2025-06-06 16:37:06 +02:00
parent 98dc729447
commit 0be11fb2ae
9 changed files with 2068 additions and 55 deletions
--- a/package.json
+++ b/package.json
@ -34,9 +34,10 @@
    "http-proxy": "^1.18.1",
    "log-rotate": "^0.2.8",
    "openid-client": "^5.7.1",
+    "re2": "^1.22.1",
    "short-uuid": "^5.2.0",
    "validate-color": "^2.2.4",
-    "xmppjs-chat-bot": "^0.5.0"
+    "xmppjs-chat-bot": "^0.6.0"
  },
  "devDependencies": {
    "@eslint/js": "^9.28.0",
@ -54,6 +55,7 @@
    "@types/got": "^9.6.12",
    "@types/http-proxy": "^1.17.16",
    "@types/node": "^16.18.126",
+    "@types/re2": "^1.10.0",
    "@types/winston": "^2.4.4",
    "@types/xmpp__jid": "^1.3.5",
    "@typescript-eslint/parser": "^8.4.0",