Skip to content

Fix/security frontend micromatch redos #209

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
harsh-hak wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Fix/security frontend micromatch redos #209

harsh-hak wants to merge 15 commits into from

Conversation

@harsh-hak
Copy link

@harsh-hak harsh-hak commented Jan 25, 2026

Vulnerability: Regular Expression Denial of Service (ReDoS)

Package: micromatch
Fix: Added a version override to force ^4.0.8.
Branch: fix/security-frontend-micromatch-redos
Status: Pushed to origin.

harsh-hak added 15 commits January 6, 2026 19:07
@harsh-hak
chore: Update dependencies, add security-related packages, and remove…
9ff0b7a 
… legacy OpenSSL option from start script.
@harsh-hak
chore: update firebase dependency to version 11.0.0.
256c772
@harsh-hak
chore: Allow minor updates for firebase dependency by changing its ve…
013f240 
…rsion constraint.
@harsh-hak
feat: Add core user authentication, recipe creation, barcode scanning…
659447f 
… with allergen detection, and various new UI pages.
@harsh-hak
chore: remove file
34d57b4
@harsh-hak
backend , front end and API run all with the same coommand
6caf351
@harsh-hak
feat: Implement medical breach detection module, new health tools pag…
05598a0 
…e, and update the main navigation.
@harsh-hak
fix(security): upgrade jspdf to v4.0.0 and html2pdf.js to v0.14.0
631ed87
@harsh-hak
docs: add description for Medical Data Breach Checker feature
22bf68c
@harsh-hak
docs: simplify Medical Data Breach Checker description
9f20d6d
@harsh-hak
chore: delete file
3b17a9f
@harsh-hak
chore: Add git_log.txt.chore: Add git_log.txt.
258ebe9
@harsh-hak
Merge branch 'master' into master
94097d3
@harsh-hak
Merge branch 'Backend-,-Frontend-,-API-Integration' into master
a0f024d
@harsh-hak
fix(security): Upgrade micromatch to resolve ReDoS vulnerability
9408748
Bubblegumb
Bubblegumb reviewed Jan 27, 2026
View reviewed changes
build/allergy-meal.html
Copy link
Contributor

@Bubblegumb Bubblegumb Jan 27, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure if this is for fontend but there is already an existing allergy prefrences page and separte meal planning page.

Bubblegumb
Bubblegumb reviewed Jan 27, 2026
View reviewed changes
build/js/profile.js
Copy link
Contributor

@Bubblegumb Bubblegumb Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

asme comment where there is already an existing profile page

Bubblegumb
Bubblegumb reviewed Jan 27, 2026
View reviewed changes
package.json
Copy link
Contributor

@Bubblegumb Bubblegumb Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great work updating the json file to the latest one.

Bubblegumb
Bubblegumb requested changes Jan 27, 2026
View reviewed changes
Copy link
Contributor

@Bubblegumb Bubblegumb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Relevant changes but need to revert the port to 80 which is set in backend by default.
Please do address the other comments made througout.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Bubblegumb Bubblegumb Bubblegumb requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@harsh-hak @Bubblegumb