Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zerver/openapi
History
Alex Vandiver f1c61fbea1 openapi: Use more carefully-constructed regexes for markdown extension. 
This removes a false-positive ReDoS, since the input is always
checked-in code.  It also incidentally refactors to make the regexes
be more explicit about the values they expect, and removes unnecessary
capturing groups.

It removes an optional parenthesized status code for fixtures,
unnecessary since 981e4f8946, as well as
optional key-value language options, unnecessary since
a2be9a0e2d.

Thank you to @erik-krogh and @yoff for bringing this to our attention.
 		2021-10-03 18:49:38 -07:00
..
__init__.py openapi: Add missing __init__.py; fix type errors hidden by its absence. 2021-07-05 12:20:39 -07:00
curl_param_value_generators.py populate_db: Use do_create_realm for creating zulip realm. 2021-07-06 17:37:43 -07:00
javascript_examples.js eslint: Fix unicorn/no-new-array. 2021-01-25 14:53:19 -08:00
javascript_examples.py python: Normalize quotes with Black. 2021-02-12 13:11:19 -08:00
markdown_extension.py openapi: Use more carefully-constructed regexes for markdown extension. 2021-10-03 18:49:38 -07:00
openapi.py openapi: Remove unused to_python_type function. 2021-08-19 01:53:47 -07:00
python_examples.py docs: Add missing space in “emoji set”. 2021-09-08 15:31:28 -07:00
test_curl_examples.py openapi: Use more carefully-constructed regexes for markdown extension. 2021-10-03 18:49:38 -07:00
testing.yaml openapi: Add missing object types. 2020-08-12 16:11:29 -07:00
zulip.yaml streams: Split setting for stream creation policy. 2021-10-01 10:26:42 -07:00