Title: Security Vulnerability, openSSL Unit-Testing by Segmentational · Pull Request #1925 · nodegit/nodegit · GitHub
Open Graph Title: Security Vulnerability, openSSL Unit-Testing by Segmentational · Pull Request #1925 · nodegit/nodegit
X Title: Security Vulnerability, openSSL Unit-Testing by Segmentational · Pull Request #1925 · nodegit/nodegit
Description: Hello! I know I'm new here, but the following change(s) are quite non-invasive and I thought I'd contribute back :D. Overview got had a moderate security issue that was thrown. The following PR aims to fix that. Additionally, I've provided solutions to other larger open source npm packages relating to the minimist issues (a dependency of the very popular mocha package), but as this is my first time around nodegit, I thought it best to first see how willing the maintainers are to accept my PR (while limited, it seems some either copy and replicate my changes, or haven't bothered to look into the proposals). Reference to minimist-related PR in express dependency Discussion It seems that got, a dependency, is getting used only in the util directory. Further, specific usage of the module where got is initialized is limited to acquireOpenSSL.js. I thought to also create some unit testing as I saw that was a point of needed contributions. Further diving down into the rabbit hole, I found that the binding for node-gyp auto-generates with darwin specified to 10.11 as the minimum version; because I'm unable to verify (10.15) on the lower versions, I set the test to it.skip. However, I was unable to successfully compile openSSL v1.1.1l. I updated the reference (a magic constant in acquireOpenSSL.js) to v1.1.1p. Thereafter I was able to successfully build wooohoooooo. I believe usage of these directives is still yet limited to electron applications; but I'm not 100% certain on this one. Note that while my personal testing included changing the v1.1.1l version to v1.1.1p, I did set it back.
Open Graph Description: Hello! I know I'm new here, but the following change(s) are quite non-invasive and I thought I'd contribute back :D. Overview got had a moderate security issue that was thrown. The followin...
X Description: Hello! I know I'm new here, but the following change(s) are quite non-invasive and I thought I'd contribute back :D. Overview got had a moderate security issue that was thrown. The ...
Opengraph URL: https://github.com/nodegit/nodegit/pull/1925
X: @github
Domain: patch-diff.githubusercontent.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:9cd0f90f-7f5b-cb56-7799-cecbfcb47ad2 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | AC04:2D6BC4:18B0B61:2167D70:697016F3 |
| html-safe-nonce | b57beb2bb5681cd218dfc5aa2cbd106059ee82f0d60923de3eca46782bac4738 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJBQzA0OjJENkJDNDoxOEIwQjYxOjIxNjdENzA6Njk3MDE2RjMiLCJ2aXNpdG9yX2lkIjoiMzc4MjM2NTI1MzA5MzgyNDI0MyIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | b730fe77f3e3488c455d02d2dfffe4b0c2740a796037f1131dbe21346e0fd2c6 |
| hovercard-subject-tag | pull_request:996146902 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/nodegit/nodegit/pull/1925/files |
| twitter:image | https://avatars.githubusercontent.com/u/60639231?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/u/60639231?s=400&v=4 |
| og:image:alt | Hello! I know I'm new here, but the following change(s) are quite non-invasive and I thought I'd contribute back :D. Overview got had a moderate security issue that was thrown. The followin... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 043a09521e81f00c45482046b3f38390b8b292cf9a86ad665a632633a072c05c |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/nodegit/nodegit git https://github.com/nodegit/nodegit.git |
| octolytics-dimension-user_id | 657068 |
| octolytics-dimension-user_login | nodegit |
| octolytics-dimension-repository_id | 1383170 |
| octolytics-dimension-repository_nwo | nodegit/nodegit |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 1383170 |
| octolytics-dimension-repository_network_root_nwo | nodegit/nodegit |
| turbo-body-classes | logged-out env-production page-responsive full-width |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 98881eadf8ae73000970c42161c094b0809b1330 |
| ui-target | canary-1 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width