Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

fix: deny modifying the object prototype #1698

Merged
merged 3 commits into from
Nov 24, 2023
Merged

fix: deny modifying the object prototype #1698

merged 3 commits into from
Nov 24, 2023

Conversation

WikiRik
Copy link
Member

@WikiRik WikiRik commented Oct 25, 2023
edited
Loading

cc @Sampaguitas

Relates to #1195

@WikiRik WikiRik requested review from sdepold and ephys October 25, 2023 07:59
@codecov
Copy link

codecov bot commented Oct 25, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (837a3cc) 95.10% compared to head (5ebe2fe) 95.10%.

❗ Current head 5ebe2fe differs from pull request most recent head 48e3ab3. Consider uploading reports for the commit 48e3ab3 to get more accurate results

Additional details and impacted files 
@@           Coverage Diff           @@
##           master    #1698   +/-   ##
=======================================
  Coverage   95.10%   95.10%           
=======================================
  Files         117      117           
  Lines        1123     1124    +1     
  Branches      128      129    +1     
=======================================
+ Hits         1068     1069    +1     
  Misses         23       23           
  Partials       32       32

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

sdepold
sdepold approved these changes Nov 10, 2023
View reviewed changes
Copy link
Member

@sdepold sdepold left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should this have a test?

@WikiRik
Copy link
Member Author

WikiRik commented Nov 10, 2023

There is a proof of concept on the website they used to report this issue so we could adapt that one and use it

@WikiRik
Copy link
Member Author

WikiRik commented Nov 24, 2023

Test added, not in the best file since addScopeOptions did not have any other tests and I didn't want to put it with the other scope tests since it will interfere with each other. Won't work on that more since we're deprecating sequelize-typescript with sequelize v7 either way

@WikiRik WikiRik merged commit 5ce8afd into master Nov 24, 2023
5 checks passed
@WikiRik WikiRik deleted the WikiRik/denylist-prototype-pollution branch November 24, 2023 19:36
@WesleyR10 WesleyR10 mentioned this pull request Aug 21, 2024
Open
@lunoon lunoon mentioned this pull request Nov 12, 2024
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@sdepold sdepold sdepold approved these changes

@ephys ephys Awaiting requested review from ephys

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@WikiRik @sdepold