profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/joepie91/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.

HenningM/express-ws 661

WebSocket endpoints for express applications

joepie91/anonnews2 20

The source code for the current http://anonnews.org/ (AnonNews 2.0) The current rewrite, version 3.0, will live in a separate repository.

arkbg1/BitVote 14

Protecting Ethereum from Social and Political Attacks

joepie91/BlueCP 3

A web hosting panel based on PHP.

joepie91/4chandownloader 2

[unmaintained] Simple tool to download a 4chan thread.

joepie91/beautifulsoup 2

My fork of BeautifulSoup, primarily to add more support for CSS selectors. Supports basic :nth-of-type() pseudoselectors and non-tag selectors as direct descendants.

ConnectU/logicmon-azure-config 1

NodeJS and Electron mechanism for configuring some azure settings

joepie91/binder 1

Binder is a lightweight SQL mapper for Python

joepie91/blogger-discovery 1

Discovering blogger blogs using the profile pages

joepie91/book 1

Crypto 101, the introductory book on cryptography.

pull request commenttc39/proposal-optional-chaining

Fix broken link of Angular in Prior Art section

Superseded by #145.

masoud-msk

comment created time in 43 minutes

PR opened tc39/proposal-optional-chaining

fix link to Angular doc

Uses a link to an archived version of their documentation (per https://github.com/angular/angular/issues/38393#issuecomment-671522621). Supersedes #140

+1 -1

0 comment

1 changed file

pr created time in 44 minutes

create barnchtc39/proposal-optional-chaining

branch : angular-doc-permalink

created branch time in an hour

issue closedtc39/proposal-optional-chaining

`==` is bad style

Hi,

My colleague let me know that == is bad style. Word is, all the best linter rules prohibit it.

I cannot say he is wrong; but it's confusing when source documents such as this proposal use this frowned-upon syntactical hackery.

/s

closed time in an hour

Some-IOI-Sixer

issue commenttc39/proposal-optional-chaining

`==` is bad style

Whether it is bad style is a matter of opinion.

Although this repo is not supposed to serve as documentation for people that don’t necessarily know the == null trick, while writing the explainer, I have been careful enough to complement occurrences of == null with a comment saying explicitly “null or undefined”, or, more colloquially, “nullish”.

Some-IOI-Sixer

comment created time in an hour

issue commenttc39/proposal-optional-chaining

`==` is bad style

a == null is a common exception to that rule. == is bad practice because of problems caused by the loose type conversion.

a == null has a well defined and useful meaning, it is equivalent to a === null || a === undefined so it's a commonly used exception to the rule when you want to check if something is nullish.

e.g. a == null ? b : a is equivalent to a ?? b.

Some-IOI-Sixer

comment created time in an hour

issue openedtc39/proposal-optional-chaining

`==` is bad style

Hi,

My colleague let me know that == is bad style. Word is, all the best linter rules prohibit it.

I cannot say he is wrong; but it's confusing when source documents such as this proposal use this frowned-upon syntactical hackery.

/s

created time in 2 hours

startedjoepie91/node-random-number-csprng

started time in 6 hours

PublicEvent

startedjoepie91/python-whois

started time in a day

issue openedkanzure/pdfparanoia

Installation Error

Tried to install this package using pip3 on Linux mint and got the following error: ERROR: Command errored out with exit status 1: python setup.py egg_info Check the logs for full command output. <br /> image

created time in 5 days

startedreactwg/react-18

started time in 7 days

issue closedHenningM/express-ws

include path incorrect in /index.js

Version: 5.01 The current

./src/index

points to nowhere in the installed npm package ...

closed time in 8 days

webarchymeta

issue commentHenningM/express-ws

include path incorrect in /index.js

@HenningM it works for me now

webarchymeta

comment created time in 8 days

PR closed HenningM/express-ws

Revert "Updated dependencies to fix security issue "

Reverts HenningM/express-ws#146

looks like this commit created a breaking change.

Error: /path/to/project/node_modules/express-ws/index.js:4 module.exports = _require('./src/index').default /path/to/project/node_modules/express-ws/index.js:1 Error: Cannot find module './src/index'

+4 -4

3 comments

1 changed file

jasonolmstead33

pr closed time in 8 days

issue commentHenningM/express-ws

include path incorrect in /index.js

@HenningM thank you for that. seems to be working. will close the PR to revert changes.

webarchymeta

comment created time in 8 days

issue commentHenningM/express-ws

include path incorrect in /index.js

I've published a 5.0.2 version without the babel -> esm changes for now. Let me know if this version works better for you, @webarchymeta.

I will have another look at your changes, @OmgImAlexis.

webarchymeta

comment created time in 8 days

pull request commentHenningM/express-ws

Revert "Updated dependencies to fix security issue "

I'm using the latest code right now I'm all of our projects.

jasonolmstead33

comment created time in 8 days

pull request commentHenningM/express-ws

Revert "Updated dependencies to fix security issue "

This PR should be closed. There's no way a 3 year old commit broke this. You have an issue with the way your project is setup.

jasonolmstead33

comment created time in 8 days

issue commentHenningM/express-ws

include path incorrect in /index.js

@webarchymeta @HenningM @OmgImAlexis Ive created a PR to revert the changes. seems as though this commit broke loading the /lib folder.

Not sure why you opened that PR the revert doesn't need to happen. This is an issue on your end.

Can you show me the contents of node_modules/express-ws?

webarchymeta

comment created time in 8 days

issue commentHenningM/express-ws

include path incorrect in /index.js

@webarchymeta @HenningM @OmgImAlexis Ive created a PR to revert the changes. seems as though this commit broke loading the /lib folder.

webarchymeta

comment created time in 8 days

pull request commentHenningM/express-ws

Revert "Updated dependencies to fix security issue "

@HenningM seems like the update included more than just the update to the ws node_modules. the removal of babel and updating to ESM is causing issues.

jasonolmstead33

comment created time in 8 days

PR opened HenningM/express-ws

Revert "Updated dependencies to fix security issue "

Reverts HenningM/express-ws#146

looks like this commit created a breaking change.

Error: /path/to/project/node_modules/express-ws/index.js:4 module.exports = _require('./src/index').default /path/to/project/node_modules/express-ws/index.js:1 Error: Cannot find module './src/index'

+4 -4

0 comment

1 changed file

pr created time in 8 days

issue openedHenningM/express-ws

include path incorrect in /index.js

Version: 5.01 The current

./src/index

points to nowhere ...

created time in 8 days

issue closedHenningM/express-ws

Please can you push out an update for `ws` to patch the security vulnerability.

See below:

image

Remediation Upgrade ws to version 7.4.6 or later. For example:

"dependencies": {
  "ws": ">=7.4.6"
}

or…

"devDependencies": {
  "ws": ">=7.4.6"
}

Always verify the validity and compatibility of suggestions with your codebase.

Details: GHSA-6fc8-4gx4-v693 moderate severity Vulnerable versions: >= 5.0.0, < 7.4.6 Patched version: 7.4.6 Impact A specially crafted value of the Sec-Websocket-Protocol header can be used to significantly slow down a ws server.

Proof of concept

for (const length of [1000, 2000, 4000, 8000, 16000, 32000]) {
  const value = 'b' + ' '.repeat(length) + 'x';
  const start = process.hrtime.bigint();

  value.trim().split(/ *, */);

  const end = process.hrtime.bigint();

  console.log('length = %d, time = %f ns', length, end - start);
}

Patches The vulnerability was fixed in ws@7.4.6 (websockets/ws@00c425e).

Workarounds In vulnerable versions of ws, the issue can be mitigated by reducing the maximum allowed length of the request headers using the --max-http-header-size=size and/or the maxHeaderSize options.

Credits The vulnerability was responsibly disclosed along with a fix in private by Robert McLaughlin from University of California, Santa Barbara.

closed time in 8 days

dannysmc95

issue commentHenningM/express-ws

Please can you push out an update for `ws` to patch the security vulnerability.

express-ws version 5.0.1 has been published, upgrading the ws dependency to v7.4.6.

Thanks to @hartmutobendorf for the PR!

dannysmc95

comment created time in 8 days

created tagHenningM/express-ws

tagv5.0.1

WebSocket endpoints for express applications

created time in 8 days

PR merged HenningM/express-ws

Updated dependencies to fix security issue

https://snyk.io/test/github/henningm/express-ws

+4 -4

2 comments

1 changed file

hartmutobendorf

pr closed time in 8 days

push eventHenningM/express-ws

hartmutobendorf

commit sha 5af5fabb51a455af9987d8744d0d6772fd1678cc

updated dependencies

view details

hartmutobendorf

commit sha 2810f22be663c89b434ba3f1e1ec2ae092366b3f

updated dependencies

view details

Henning Morud

commit sha 9eeefd038831fce62668c66a8670e09676d489c0

Merge branch 'hartmutobendorf-master'

view details

push time in 8 days