mirrors/misskey
1
0
Fork 1
mirror of https://github.com/misskey-dev/misskey.git synced 2026-05-25 00:24:11 +02:00
Code Releases Activity

Use safe yaml.JSON_SCHEMA to prevent code execution vulnerabilities

Browse Source 
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-12-01 02:18:44 +00:00
parent 69c8d8e102
commit ffdc78b354
4 changed files with 9 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
packages/i18n/build.ts
View File

@@ -70,7 +70,7 @@ function compileLocales(): void {
const files = fs.readdirSync(srcDir).filter(f => f.endsWith('.yml'));
for (const file of files) {
const yamlContent = clean(fs.readFileSync(resolve(srcDir, file), 'utf-8'));
const jsonContent = yaml.load(yamlContent);
const jsonContent = yaml.load(yamlContent, { schema: yaml.JSON_SCHEMA });
const jsonFile = file.replace(/\.yml$/, '.json');
fs.writeFileSync(resolve(destDir, jsonFile), JSON.stringify(jsonContent), 'utf-8');
}