From acec5366eb9094e670b6d1a87457634e74d6384e Mon Sep 17 00:00:00 2001 From: James Burke Date: Thu, 3 Feb 2022 17:26:25 -0800 Subject: [PATCH 1/3] SECURITY.md --- SECURITY.md | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..ea821655 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,9 @@ +# Security Policy + +## Supported Versions + +This project is not under active development and is in low maintenance mode. + +## Reporting a Vulnerability + +You can email jrburke using the common gmail domain as the email host name. From ecc356a219b79075c562d002c21d18436482e15a Mon Sep 17 00:00:00 2001 From: James Burke Date: Mon, 15 Jul 2024 22:26:43 -0700 Subject: [PATCH 2/3] Fixes requirejs/requirejs#1854, pollution --- dist/r.js | 9 +++++---- require.js | 5 +++-- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/dist/r.js b/dist/r.js index 46f2864d..ca747184 100644 --- a/dist/r.js +++ b/dist/r.js @@ -1,5 +1,5 @@ /** - * @license r.js 2.3.6 Copyright jQuery Foundation and other contributors. + * @license r.js 2.3.6+ Tue, 16 Jul 2024 05:19:14 GMT Copyright jQuery Foundation and other contributors. * Released under MIT license, http://github.com/requirejs/r.js/LICENSE */ @@ -19,7 +19,7 @@ var requirejs, require, define, xpcUtil; (function (console, args, readFileFunc) { var fileName, env, fs, vm, path, exec, rhinoContext, dir, nodeRequire, nodeDefine, exists, reqMain, loadedOptimizedLib, existsForNode, Cc, Ci, - version = '2.3.6', + version = '2.3.6 Tue, 16 Jul 2024 05:19:14 GMT', jsSuffixRegExp = /\.js$/, commandOption = '', useLibLoaded = {}, @@ -282,7 +282,8 @@ var requirejs, require, define, xpcUtil; contexts = {}, cfg = {}, globalDefQueue = [], - useInteractive = false; + useInteractive = false, + disallowedProps = ['__proto__', 'constructor']; //Could match something like ')//comment', do not lose the prefix to comment. function commentReplace(match, singlePrefix) { @@ -343,7 +344,7 @@ var requirejs, require, define, xpcUtil; function eachProp(obj, func) { var prop; for (prop in obj) { - if (hasProp(obj, prop)) { + if (hasProp(obj, prop) && disallowedProps.indexOf(prop) == -1) { if (func(obj[prop], prop)) { break; } diff --git a/require.js b/require.js index 78490f91..acda0565 100644 --- a/require.js +++ b/require.js @@ -33,7 +33,8 @@ var requirejs, require, define; contexts = {}, cfg = {}, globalDefQueue = [], - useInteractive = false; + useInteractive = false, + disallowedProps = ['__proto__', 'constructor']; //Could match something like ')//comment', do not lose the prefix to comment. function commentReplace(match, singlePrefix) { @@ -94,7 +95,7 @@ var requirejs, require, define; function eachProp(obj, func) { var prop; for (prop in obj) { - if (hasProp(obj, prop)) { + if (hasProp(obj, prop) && disallowedProps.indexOf(prop) == -1) { if (func(obj[prop], prop)) { break; } From 1874a29ad51a395703629e3aece5d094a791b7ea Mon Sep 17 00:00:00 2001 From: James Burke Date: Sat, 20 Jul 2024 15:07:44 -0700 Subject: [PATCH 3/3] Rev to 2.3.7 --- build/jslib/x.js | 4 ++-- dist/r.js | 8 ++++---- require.js | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/build/jslib/x.js b/build/jslib/x.js index e13ed1da..c7cf06a7 100644 --- a/build/jslib/x.js +++ b/build/jslib/x.js @@ -1,5 +1,5 @@ /** - * @license r.js 2.3.6 Copyright jQuery Foundation and other contributors. + * @license r.js 2.3.7 Copyright jQuery Foundation and other contributors. * Released under MIT license, http://github.com/requirejs/r.js/LICENSE */ @@ -19,7 +19,7 @@ var requirejs, require, define, xpcUtil; (function (console, args, readFileFunc) { var fileName, env, fs, vm, path, exec, rhinoContext, dir, nodeRequire, nodeDefine, exists, reqMain, loadedOptimizedLib, existsForNode, Cc, Ci, - version = '2.3.6', + version = '2.3.7', jsSuffixRegExp = /\.js$/, commandOption = '', useLibLoaded = {}, diff --git a/dist/r.js b/dist/r.js index ca747184..4112f609 100644 --- a/dist/r.js +++ b/dist/r.js @@ -1,5 +1,5 @@ /** - * @license r.js 2.3.6+ Tue, 16 Jul 2024 05:19:14 GMT Copyright jQuery Foundation and other contributors. + * @license r.js 2.3.7 Copyright jQuery Foundation and other contributors. * Released under MIT license, http://github.com/requirejs/r.js/LICENSE */ @@ -19,7 +19,7 @@ var requirejs, require, define, xpcUtil; (function (console, args, readFileFunc) { var fileName, env, fs, vm, path, exec, rhinoContext, dir, nodeRequire, nodeDefine, exists, reqMain, loadedOptimizedLib, existsForNode, Cc, Ci, - version = '2.3.6 Tue, 16 Jul 2024 05:19:14 GMT', + version = '2.3.7', jsSuffixRegExp = /\.js$/, commandOption = '', useLibLoaded = {}, @@ -248,7 +248,7 @@ var requirejs, require, define, xpcUtil; } /** vim: et:ts=4:sw=4:sts=4 - * @license RequireJS 2.3.6 Copyright jQuery Foundation and other contributors. + * @license RequireJS 2.3.7 Copyright jQuery Foundation and other contributors. * Released under MIT license, https://github.com/requirejs/requirejs/blob/master/LICENSE */ //Not using strict: uneven strict support in browsers, #392, and causes @@ -260,7 +260,7 @@ var requirejs, require, define, xpcUtil; (function (global, setTimeout) { var req, s, head, baseElement, dataMain, src, interactiveScript, currentlyAddingScript, mainScript, subPath, - version = '2.3.6', + version = '2.3.7', commentRegExp = /\/\*[\s\S]*?\*\/|([^:"'=]|^)\/\/.*$/mg, cjsRequireRegExp = /[^.]\s*require\s*\(\s*["']([^'"\s]+)["']\s*\)/g, jsSuffixRegExp = /\.js$/, diff --git a/require.js b/require.js index acda0565..b49cd710 100644 --- a/require.js +++ b/require.js @@ -1,5 +1,5 @@ /** vim: et:ts=4:sw=4:sts=4 - * @license RequireJS 2.3.6 Copyright jQuery Foundation and other contributors. + * @license RequireJS 2.3.7 Copyright jQuery Foundation and other contributors. * Released under MIT license, https://github.com/requirejs/requirejs/blob/master/LICENSE */ //Not using strict: uneven strict support in browsers, #392, and causes @@ -11,7 +11,7 @@ var requirejs, require, define; (function (global, setTimeout) { var req, s, head, baseElement, dataMain, src, interactiveScript, currentlyAddingScript, mainScript, subPath, - version = '2.3.6', + version = '2.3.7', commentRegExp = /\/\*[\s\S]*?\*\/|([^:"'=]|^)\/\/.*$/mg, cjsRequireRegExp = /[^.]\s*require\s*\(\s*["']([^'"\s]+)["']\s*\)/g, jsSuffixRegExp = /\.js$/, pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy