Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: yaml resource exhaustion #5127

Merged
merged 3 commits into from
Jan 8, 2025
Merged

fix: yaml resource exhaustion #5127

merged 3 commits into from
Jan 8, 2025

Conversation

yorhodes
Copy link
Member

@yorhodes yorhodes commented Jan 8, 2025
edited
Loading

Description

Fixes

ReferenceError: Excessive alias count indicates a resource exhaustion attack

See https://stackoverflow.com/questions/63075256/why-does-the-npm-yaml-library-have-a-max-alias-number

Backward compatibility

Yes

Testing

Manual

@yorhodes yorhodes requested review from jmrossy and ltyu as code owners January 8, 2025 18:32
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jan 8, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 31522e2

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 9 packages
Name Type
@hyperlane-xyz/cli Patch
@hyperlane-xyz/ccip-server Patch
@hyperlane-xyz/github-proxy Patch
@hyperlane-xyz/helloworld Patch
@hyperlane-xyz/infra Patch
@hyperlane-xyz/sdk Patch
@hyperlane-xyz/utils Patch
@hyperlane-xyz/widgets Patch
@hyperlane-xyz/core Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@yorhodes yorhodes changed the title Fix resource exhaustion fix: yaml resource exhaustion Jan 8, 2025
@yorhodes yorhodes enabled auto-merge January 8, 2025 18:36
@yorhodes yorhodes added this pull request to the merge queue Jan 8, 2025
@codecov Codecov
Copy link

codecov bot commented Jan 8, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.53%. Comparing base (71dd0f1) to head (31522e2).
Report is 3 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #5127   +/-   ##
=======================================
  Coverage   77.53%   77.53%           
=======================================
  Files         103      103           
  Lines        2110     2110           
  Branches      190      190           
=======================================
  Hits         1636     1636           
  Misses        453      453           
  Partials       21       21
Components Coverage Δ
core 87.80% <ø> (ø)
hooks 79.39% <ø> (ø)
isms 83.68% <ø> (ø)
token 91.27% <ø> (ø)
middlewares 79.80% <ø> (ø)

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

auto-merge was automatically disabled January 8, 2025 19:03

Pull Request is not mergeable

Merged via the queue into main with commit cd7c413 Jan 8, 2025
40 checks passed
@yorhodes yorhodes deleted the yaml-resource-exhaustion branch January 8, 2025 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ltyu ltyu ltyu approved these changes

@jmrossy jmrossy Awaiting requested review from jmrossy jmrossy is a code owner

Assignees
No one assigned
Labels
None yet
Projects
Hyperlane Tasks
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@yorhodes @ltyu