thinking about the mayhem that would be caused by a well-intentioned regex finding wide use… and then it has a wee bit of a problem with catastrophic backtracking when presented with specific patterns of text. Maybe intentionally crafted ones. That could easily break clients or take a server down.
Blessed will be the day where I won't get hounded by constant "vulnerability" notifications about these. Especially when the NPM package in question is utterly unrelated to main code but just tags along as a dependency of something. Bonus if it's a dev dependency.
Not just that. I very intentionally spell out the cn words that i put in first so that the mute actually works. Somewhere I think you had to also not put a comma behind it bc it treated
Word, differently than word , word2
No idea how it works here, if * is counted as for possible word combinations
Comments
https://bsky.app/profile/mxaellhc.bsky.social/post/3kufmvfucvd2a
Blessed will be the day where I won't get hounded by constant "vulnerability" notifications about these. Especially when the NPM package in question is utterly unrelated to main code but just tags along as a dependency of something. Bonus if it's a dev dependency.
Word, differently than word , word2
No idea how it works here, if * is counted as for possible word combinations