Skip to content

fix: fix parsing for newer versions of brotli #171

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 5, 2024
Merged

fix: fix parsing for newer versions of brotli #171

merged 1 commit into from
Jan 5, 2024

Conversation

@richardlau
Copy link
Member

@richardlau richardlau commented Jan 4, 2024
edited
Loading

Newer versions of brotli have changed how it defines version macros in c/common/version.h. Attempt to decode the new definitions first, falling back to the previous code to allow the parser to parse the version from both older and newer versions of brotli.

Fixes: nodejs/security-wg#1181

@richardlau
fix: fix parsing for newer versions of brotli
cdb9268 
Newer versions of brotli have changed how it defines version macros
in `c/common/version.h`. Attempt to decode the new definitions first,
falling back to the previous code to allow the parser to parse the
version from both older and newer versions of brotli.
@richardlau richardlau mentioned this pull request Jan 4, 2024
Closed
@richardlau
Copy link
Member Author

FWIW:

$ cd dep_checker
$ python3
Python 3.11.6 (main, Oct  3 2023, 00:00:00) [GCC 12.3.1 20230508 (Red Hat 12.3.1-1)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from pathlib import Path
>>> import versions_parser
>>> versions_parser.get_brotli_version(Path("/home/rlau/sandbox/github/node"))
'1.1.0'
>>> versions_parser.get_brotli_version(Path("/home/rlau/sandbox/github/trees/v20.x"))
'1.0.9'
>>>

mhdawson
mhdawson approved these changes Jan 5, 2024
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@richardlau richardlau merged commit 696e1fe into main Jan 5, 2024
@richardlau richardlau deleted the fix-brotli branch January 10, 2024 12:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mhdawson mhdawson mhdawson approved these changes

@RafaelGSS RafaelGSS RafaelGSS approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

nodejs-dependency-vuln-assessments automation failing

4 participants

@richardlau @mhdawson @RafaelGSS