Comments (7)
You could set attackTimeout
parameter to null
for preventing such a false positive.
from recheck.
Thanks, I'll try it.
from recheck.
I couldn't add the attackTimeout
parameter. How can I add it?
[2] ERROR in .eslintrc.json:
[2] Configuration for rule "redos/no-vulnerable" is invalid:
[2] Value {"ignoreErrors":false,"attackTimeout":null,"timeout":20000} should NOT have additional properties.
"rules": {
"redos/no-vulnerable": [
"error",
{
"ignoreErrors": false,
"attackTimeout": null,
"timeout": 20000
}
]
},
from recheck.
Sorry. Currently eslint-plugin-redos
does not accept all parameters (For historical reason, this plugin was maintained in another repo, and I thought it is hard to maintain parameters definition at this time.)
I'll update the plugin today or tomorrow. Thanks!
from recheck.
I see, I'll wait for it.
from recheck.
@falsandtru A new version v4.4.0
is released. Please try it.
from recheck.
It works well. Thanks.
from recheck.
Related Issues (20)
- JS style attack string representation
- Action Required: Fix Renovate Configuration
- False positive of fuzz HOT 10
- Parameters don't work on the playground HOT 1
- Playground report a false postive in fuzz mode HOT 4
- eslint-plugin-redos with default config HOT 2
- v4.4.2 of the eslint plugin doesn't work under node v14 HOT 3
- Fails on Node 14 since bump to 4.4.2 HOT 2
- Is there any guidance document?Thanks! HOT 2
- Recheck throws error `Error: write EPIPE` HOT 11
- Performance issue with regex and ESlint `"plugin:redos/recommended"` HOT 10
- Docs: Mention that the eslint plugin uses `checkSync` due to an ESLint limitation HOT 2
- Document how to build from scratch HOT 5
- regex being reported as polynomial but testing shows linear HOT 2
- Docs: `timeout` parameter for `check()` HOT 4
- False negative with timeout HOT 11
- eslint-plugin-redos cache config is not working HOT 2
- MacOS ARM64 native binaries HOT 4
- Regex DoS check timesout HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from recheck.