Title: fix: upgrade fast-xml-builder to address CVE-2026-44664 by brendan-kellam · Pull Request #1185 · sourcebot-dev/sourcebot · GitHub
Open Graph Title: fix: upgrade fast-xml-builder to address CVE-2026-44664 by brendan-kellam · Pull Request #1185 · sourcebot-dev/sourcebot
X Title: fix: upgrade fast-xml-builder to address CVE-2026-44664 by brendan-kellam · Pull Request #1185 · sourcebot-dev/sourcebot
Description: Sourcebot is a self-hosted tool that helps humans and agents understand your codebase. - fix: upgrade fast-xml-builder to address CVE-2026-44664 by brendan-kellam · Pull Request #1185 · sourcebot-dev/sourcebot
Open Graph Description: Fixes SOU-1073 Summary This PR addresses CVE-2026-44664, a regex bypass vulnerability in fast-xml-builder v1.1.5 that allows XML/HTML injection through triple-dash sequences. Changes Added a yarn ...
X Description: Fixes SOU-1073 Summary This PR addresses CVE-2026-44664, a regex bypass vulnerability in fast-xml-builder v1.1.5 that allows XML/HTML injection through triple-dash sequences. Changes Added a yarn ...
Opengraph URL: https://github.com/sourcebot-dev/sourcebot/pull/1185
X: @github
Domain: github.com
| route-pattern | /_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format) |
| route-controller | voltron_pull_requests_fragments |
| route-action | pull_request_layout |
| fetch-nonce | v2:ae0f0e6f-9924-b4ff-66eb-6edf1770d296 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | A7F4:2D9FEB:3A0510:54BEBD:6A4E0448 |
| html-safe-nonce | 0d84d0ba72b918bfbea8b9cb95a693b96e8fc37acc71db6d8c1eae95e5e414c4 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBN0Y0OjJEOUZFQjozQTA1MTA6NTRCRUJEOjZBNEUwNDQ4IiwidmlzaXRvcl9pZCI6IjQ0MjMyNTI2NDUxNTU1NzA3NjAiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ== |
| visitor-hmac | 8e087a76d2822f094323210c847e31e6bb29c38ddde4c142a81103e6d0d3c929 |
| hovercard-subject-tag | pull_request:3655938708 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/sourcebot-dev/sourcebot/1185/pull_request_layout |
| twitter:image | https://opengraph.githubassets.com/ce371f9753c492f8d71d028610651ef515f4092f3fe91c4537f035298066653f/sourcebot-dev/sourcebot/pull/1185 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/ce371f9753c492f8d71d028610651ef515f4092f3fe91c4537f035298066653f/sourcebot-dev/sourcebot/pull/1185 |
| og:image:alt | Fixes SOU-1073 Summary This PR addresses CVE-2026-44664, a regex bypass vulnerability in fast-xml-builder v1.1.5 that allows XML/HTML injection through triple-dash sequences. Changes Added a yarn ... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | brendan-kellam |
| hostname | github.com |
| expected-hostname | github.com |
| None | df0492960db29b4938cb72070351d6b1d0c6c0767b27ceb8394bbf4fcc0223c6 |
| turbo-cache-control | no-cache |
| go-import | github.com/sourcebot-dev/sourcebot git https://github.com/sourcebot-dev/sourcebot.git |
| octolytics-dimension-user_id | 135396723 |
| octolytics-dimension-user_login | sourcebot-dev |
| octolytics-dimension-repository_id | 846729675 |
| octolytics-dimension-repository_nwo | sourcebot-dev/sourcebot |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 846729675 |
| octolytics-dimension-repository_network_root_nwo | sourcebot-dev/sourcebot |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 52bde38e24398476f8eb1e0760c81346c6a00812 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width