From 27d93a37f7f6cd76e273826ee7d8252be2d5f457 Mon Sep 17 00:00:00 2001 From: Nathan Rajlich Date: Thu, 16 Mar 2017 11:44:29 -0700 Subject: [PATCH 01/18] update "debug" to v0.7.3 Closes #428. --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 377ea962..e38b3da4 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ ], "license": "MIT", "dependencies": { - "ms": "0.7.2" + "ms": "0.7.3" }, "devDependencies": { "browserify": "9.0.3", From 9742c5f383a6f8046241920156236ade8ec30d53 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Vieira?= Date: Tue, 4 Apr 2017 17:54:50 +0100 Subject: [PATCH 02/18] chore(): ignore bower.json in npm installations. (#437) --- .npmignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.npmignore b/.npmignore index db2fbb9d..5f60eecc 100644 --- a/.npmignore +++ b/.npmignore @@ -6,3 +6,4 @@ example dist yarn.lock coverage +bower.json From f5ae33211a3026e8d45a2f7c880caa6da2e35629 Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Fri, 7 Apr 2017 09:49:13 -0700 Subject: [PATCH 03/18] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 07ba5396..35e50e1b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -3,7 +3,7 @@ ================== * Fix: Fix for electron reference to `process.env.DEBUG` (#431, @paulcbetts) - * Docs: Changelog fix (@thebigredgeeK) + * Docs: Changelog fix (@thebigredgeek) 2.6.2 / 2017-03-10 ================== From 2f3ebf49c16dc0807a1c125a089129f98583aff5 Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Fri, 7 Apr 2017 09:49:45 -0700 Subject: [PATCH 04/18] Update CHANGELOG.md --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 35e50e1b..259e0c20 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,7 @@ 2.6.3 / 2017-03-13 ================== - * Fix: Fix for electron reference to `process.env.DEBUG` (#431, @paulcbetts) + * Fix: Electron reference to `process.env.DEBUG` (#431, @paulcbetts) * Docs: Changelog fix (@thebigredgeek) 2.6.2 / 2017-03-10 From 1f01b70f88202c22deaa3df70e343fc409504147 Mon Sep 17 00:00:00 2001 From: Lucian Buzzo Date: Thu, 20 Apr 2017 19:04:28 +0100 Subject: [PATCH 05/18] Fix bug that would occure if process.env.DEBUG is a non-string value. (#444) Connects to #443 --- src/debug.js | 2 +- test/debug_spec.js | 19 ++++++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/debug.js b/src/debug.js index d5d6d167..6a5e3fc9 100644 --- a/src/debug.js +++ b/src/debug.js @@ -141,7 +141,7 @@ function enable(namespaces) { exports.names = []; exports.skips = []; - var split = (namespaces || '').split(/[\s,]+/); + var split = (typeof namespaces === 'string' ? namespaces : '').split(/[\s,]+/); var len = split.length; for (var i = 0; i < len; i++) { diff --git a/test/debug_spec.js b/test/debug_spec.js index 4ab4d88d..142fbe79 100644 --- a/test/debug_spec.js +++ b/test/debug_spec.js @@ -6,11 +6,11 @@ var chai , debug , sinon , sinonChai; - + if (typeof module !== 'undefined') { chai = require('chai'); expect = chai.expect; - + debug = require('../src/index'); sinon = require('sinon'); sinonChai = require("sinon-chai"); @@ -20,20 +20,24 @@ if (typeof module !== 'undefined') { describe('debug', function () { var log = debug('test'); - + log.log = sinon.stub(); - + it('passes a basic sanity check', function () { expect(log('hello world')).to.not.throw; }); + it('allows namespaces to be a non-string value', function () { + expect(debug.enable(true)).to.not.throw; + }); + context('with log function', function () { - + beforeEach(function () { debug.enable('test'); log = debug('test'); }); - + it('uses it', function () { log.log = sinon.stub(); log('using custom log function'); @@ -41,7 +45,7 @@ describe('debug', function () { expect(log.log).to.have.been.calledOnce; }); }); - + describe('custom functions', function () { var log; @@ -59,4 +63,5 @@ describe('debug', function () { }); }); }); + }); From f311b10b7b79efb33f4e23898ae6bbb152e94b16 Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Thu, 20 Apr 2017 11:07:44 -0700 Subject: [PATCH 06/18] release 2.6.4 --- CHANGELOG.md | 7 +++++++ component.json | 2 +- package.json | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 259e0c20..37a62926 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,11 @@ +2.6.4 / 2017-04-20 +================== + + * Fix: bug that would occure if process.env.DEBUG is a non-string value. (#444, @LucianBuzzo) + * Chore: ignore bower.json in npm installations. (#437, @joaovieira) + * Misc: update "ms" to v0.7.3 (@tootallnate) + 2.6.3 / 2017-03-13 ================== diff --git a/component.json b/component.json index e150dc47..dd403078 100644 --- a/component.json +++ b/component.json @@ -2,7 +2,7 @@ "name": "debug", "repo": "visionmedia/debug", "description": "small debugging utility", - "version": "2.6.3", + "version": "2.6.4", "keywords": [ "debug", "log", diff --git a/package.json b/package.json index e38b3da4..3ff4e5e2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "debug", - "version": "2.6.3", + "version": "2.6.4", "repository": { "type": "git", "url": "git://github.com/visionmedia/debug.git" From cae07b70c968bdcadffff452dee8613522857888 Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Thu, 27 Apr 2017 08:59:02 -0700 Subject: [PATCH 07/18] cleanup browser tests and fix null reference check on window.documentElement.style.WebkitAppearance (#447) --- src/browser.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/browser.js b/src/browser.js index e21c1e0b..7978ce72 100644 --- a/src/browser.js +++ b/src/browser.js @@ -40,20 +40,20 @@ function useColors() { // NB: In an Electron preload script, document will be defined but not fully // initialized. Since we know we're in Chrome, we'll just detect this case // explicitly - if (typeof window !== 'undefined' && window && typeof window.process !== 'undefined' && window.process.type === 'renderer') { + if (window && window.process && window.process.type === 'renderer') { return true; } // is webkit? http://stackoverflow.com/a/16459606/376773 // document is undefined in react-native: https://github.com/facebook/react-native/pull/1632 - return (typeof document !== 'undefined' && document && 'WebkitAppearance' in document.documentElement.style) || + return (document && document.documentElement && document.documentElement.style && document.documentElement.style.WebkitAppearance) || // is firebug? http://stackoverflow.com/a/398120/376773 - (typeof window !== 'undefined' && window && window.console && (console.firebug || (console.exception && console.table))) || + (window && window.console && (window.console.firebug || (window.console.exception && window.console.table))) || // is firefox >= v31? // https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages - (typeof navigator !== 'undefined' && navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31) || + (navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31) || // double check webkit in userAgent just in case we are in a worker - (typeof navigator !== 'undefined' && navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/)); + (navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/)); } /** From 14df14c3585bbeb10262f96f5ce61549669709d8 Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Thu, 27 Apr 2017 09:03:42 -0700 Subject: [PATCH 08/18] release 2.6.5 --- .gitignore | 1 + CHANGELOG.md | 8 ++++++++ package.json | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index ccaa248a..f459ae9f 100644 --- a/.gitignore +++ b/.gitignore @@ -3,5 +3,6 @@ node_modules *.sock build yarn.lock +npm-debug.log dist coverage diff --git a/CHANGELOG.md b/CHANGELOG.md index 37a62926..3eaa74b5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,12 @@ +2.6.5 / 2017-04-27 +================== + + * Fix: null reference check on window.documentElement.style.WebkitAppearance (#447, @thebigredgeek) + * Misc: clean up browser reference checks (#447, @thebigredgeek) + * Misc: add npm-debug.log to .gitignore (@thebigredgeek) + + 2.6.4 / 2017-04-20 ================== diff --git a/package.json b/package.json index 3ff4e5e2..288e632a 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "debug", - "version": "2.6.4", + "version": "2.6.5", "repository": { "type": "git", "url": "git://github.com/visionmedia/debug.git" From c211947ea37e1b08ee78653d78defbda7438783d Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Thu, 27 Apr 2017 09:05:43 -0700 Subject: [PATCH 09/18] update version for component --- component.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/component.json b/component.json index dd403078..2ca5172f 100644 --- a/component.json +++ b/component.json @@ -2,7 +2,7 @@ "name": "debug", "repo": "visionmedia/debug", "description": "small debugging utility", - "version": "2.6.4", + "version": "2.6.5", "keywords": [ "debug", "log", From 1351d2f91f20da46316be67265216761548db53c Mon Sep 17 00:00:00 2001 From: Douglas Wilson Date: Wed, 10 May 2017 18:51:27 -0400 Subject: [PATCH 10/18] Inline extend function in node implementation (#452) --- src/node.js | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/node.js b/src/node.js index 3c7407b6..af612976 100644 --- a/src/node.js +++ b/src/node.js @@ -231,7 +231,12 @@ function createWritableStdioStream (fd) { */ function init (debug) { - debug.inspectOpts = util._extend({}, exports.inspectOpts); + debug.inspectOpts = {}; + + var keys = Object.keys(exports.inspectOpts); + for (var i = 0; i < keys.length; i++) { + debug.inspectOpts[keys[i]] = exports.inspectOpts[keys[i]]; + } } /** From b68dbf8cd4a8111dd4ccef56b8e2e3d463c5aadc Mon Sep 17 00:00:00 2001 From: Mohammad Asad Siddiqui Date: Sat, 13 May 2017 05:24:14 +0530 Subject: [PATCH 11/18] Fix typo (#455) Enables/disabled -> Enables/disabled --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 4aeab13f..f67be6b3 100644 --- a/README.md +++ b/README.md @@ -100,7 +100,7 @@ Then, run the program to be debugged as usual. | Name | Purpose | |-----------|-------------------------------------------------| -| `DEBUG` | Enables/disabled specific debugging namespaces. | +| `DEBUG` | Enables/disables specific debugging namespaces. | | `DEBUG_COLORS`| Whether or not to use colors in the debug output. | | `DEBUG_DEPTH` | Object inspection depth. | | `DEBUG_SHOW_HIDDEN` | Shows hidden properties on inspected objects. | From 4a6c85c6018a4a4cff4b04f40173ca9d2c72c1da Mon Sep 17 00:00:00 2001 From: Douglas Wilson Date: Fri, 12 May 2017 19:54:37 -0400 Subject: [PATCH 12/18] update "debug" to v1.0.0 (#454) --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 288e632a..9b5615a6 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ ], "license": "MIT", "dependencies": { - "ms": "0.7.3" + "ms": "1.0.0" }, "devDependencies": { "browserify": "9.0.3", From 15850cb89debc3a2cd0b61ef7f9e298f257506cc Mon Sep 17 00:00:00 2001 From: Jamie Date: Tue, 16 May 2017 16:06:36 +0100 Subject: [PATCH 13/18] Fix Regular Expression Denial of Service (ReDoS) https://snyk.io/vuln/npm:ms:20170412 --- package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package.json b/package.json index 9b5615a6..609bf4d6 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,7 @@ ], "license": "MIT", "dependencies": { - "ms": "1.0.0" + "ms": "2.0.0" }, "devDependencies": { "browserify": "9.0.3", From 6bb07f7e1bafa33631d8f36a779f17eb8abf5fea Mon Sep 17 00:00:00 2001 From: "Andrew E. Rhyne" Date: Tue, 16 May 2017 21:33:08 -0700 Subject: [PATCH 14/18] release 2.6.7 --- CHANGELOG.md | 7 +++++++ component.json | 2 +- package.json | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3eaa74b5..189dbc82 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,11 @@ +2.6.7 / 2017-05-16 +================== + + * Fix: Update ms to 2.0.0 to fix regular expression denial of service vulnerability (#458, @hubdotcom) + * Fix: Inline extend function in node implementation (#452, @dougwilson) + * Docs: Fix typo (#455, @msasad) + 2.6.5 / 2017-04-27 ================== diff --git a/component.json b/component.json index 2ca5172f..d7118d2f 100644 --- a/component.json +++ b/component.json @@ -2,7 +2,7 @@ "name": "debug", "repo": "visionmedia/debug", "description": "small debugging utility", - "version": "2.6.5", + "version": "2.6.7", "keywords": [ "debug", "log", diff --git a/package.json b/package.json index 609bf4d6..02ae1486 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "debug", - "version": "2.6.5", + "version": "2.6.7", "repository": { "type": "git", "url": "git://github.com/visionmedia/debug.git" From 2482e08e4ef36416154ee27e9a2d60e568a01d48 Mon Sep 17 00:00:00 2001 From: Marc MacLeod Date: Thu, 18 May 2017 12:38:54 -0400 Subject: [PATCH 15/18] Check for undefined on browser globals (#462) * Check for undefined on browser globals. Not all environments include these globals. For example, web workers do not have global window objects. * remove redundant global checks --- src/browser.js | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/src/browser.js b/src/browser.js index 7978ce72..71069249 100644 --- a/src/browser.js +++ b/src/browser.js @@ -40,20 +40,20 @@ function useColors() { // NB: In an Electron preload script, document will be defined but not fully // initialized. Since we know we're in Chrome, we'll just detect this case // explicitly - if (window && window.process && window.process.type === 'renderer') { + if (typeof window !== 'undefined' && window.process && window.process.type === 'renderer') { return true; } // is webkit? http://stackoverflow.com/a/16459606/376773 // document is undefined in react-native: https://github.com/facebook/react-native/pull/1632 - return (document && document.documentElement && document.documentElement.style && document.documentElement.style.WebkitAppearance) || + return (typeof document !== 'undefined' && document.documentElement && document.documentElement.style && document.documentElement.style.WebkitAppearance) || // is firebug? http://stackoverflow.com/a/398120/376773 - (window && window.console && (window.console.firebug || (window.console.exception && window.console.table))) || + (typeof window !== 'undefined' && window.console && (window.console.firebug || (window.console.exception && window.console.table))) || // is firefox >= v31? // https://developer.mozilla.org/en-US/docs/Tools/Web_Console#Styling_messages - (navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31) || + (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/firefox\/(\d+)/) && parseInt(RegExp.$1, 10) >= 31) || // double check webkit in userAgent just in case we are in a worker - (navigator && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/)); + (typeof navigator !== 'undefined' && navigator.userAgent && navigator.userAgent.toLowerCase().match(/applewebkit\/(\d+)/)); } /** From 52e1f21284322f167839e5d3a60f635c8b2dc842 Mon Sep 17 00:00:00 2001 From: Nathan Rajlich Date: Thu, 18 May 2017 13:06:48 -0700 Subject: [PATCH 16/18] Release 2.6.8 --- CHANGELOG.md | 5 +++++ component.json | 2 +- package.json | 2 +- 3 files changed, 7 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 189dbc82..a1a270cd 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ +2.6.8 / 2017-05-18 +================== + + * Fix: Check for undefined on browser globals (#462, @marbemac) + 2.6.7 / 2017-05-16 ================== diff --git a/component.json b/component.json index d7118d2f..94cd36d8 100644 --- a/component.json +++ b/component.json @@ -2,7 +2,7 @@ "name": "debug", "repo": "visionmedia/debug", "description": "small debugging utility", - "version": "2.6.7", + "version": "2.6.8", "keywords": [ "debug", "log", diff --git a/package.json b/package.json index 02ae1486..df863517 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "debug", - "version": "2.6.7", + "version": "2.6.8", "repository": { "type": "git", "url": "git://github.com/visionmedia/debug.git" From f53962e944a87e6ca9bb622a2a12dffc22a9bb5a Mon Sep 17 00:00:00 2001 From: Ya Zhuang Date: Fri, 22 Sep 2017 06:26:33 +0800 Subject: [PATCH 17/18] remove ReDoS regexp in %o formatter (#504) --- src/node.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/node.js b/src/node.js index af612976..b15109c9 100644 --- a/src/node.js +++ b/src/node.js @@ -85,7 +85,9 @@ function useColors() { exports.formatters.o = function(v) { this.inspectOpts.colors = this.useColors; return util.inspect(v, this.inspectOpts) - .replace(/\s*\n\s*/g, ' '); + .split('\n').map(function(str) { + return str.trim() + }).join(' '); }; /** From 13abeae468fea297d0dccc50bc55590809241083 Mon Sep 17 00:00:00 2001 From: Nathan Rajlich Date: Fri, 22 Sep 2017 15:32:23 +0200 Subject: [PATCH 18/18] Release 2.6.9 --- CHANGELOG.md | 5 +++++ component.json | 2 +- package.json | 2 +- src/inspector-log.js | 15 +++++++++++++++ 4 files changed, 22 insertions(+), 2 deletions(-) create mode 100644 src/inspector-log.js diff --git a/CHANGELOG.md b/CHANGELOG.md index a1a270cd..eadaa189 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,4 +1,9 @@ +2.6.9 / 2017-09-22 +================== + + * remove ReDoS regexp in %o formatter (#504) + 2.6.8 / 2017-05-18 ================== diff --git a/component.json b/component.json index 94cd36d8..9de26410 100644 --- a/component.json +++ b/component.json @@ -2,7 +2,7 @@ "name": "debug", "repo": "visionmedia/debug", "description": "small debugging utility", - "version": "2.6.8", + "version": "2.6.9", "keywords": [ "debug", "log", diff --git a/package.json b/package.json index df863517..dc787ba7 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "debug", - "version": "2.6.8", + "version": "2.6.9", "repository": { "type": "git", "url": "git://github.com/visionmedia/debug.git" diff --git a/src/inspector-log.js b/src/inspector-log.js new file mode 100644 index 00000000..60ea6c04 --- /dev/null +++ b/src/inspector-log.js @@ -0,0 +1,15 @@ +module.exports = inspectorLog; + +// black hole +const nullStream = new (require('stream').Writable)(); +nullStream._write = () => {}; + +/** + * Outputs a `console.log()` to the Node.js Inspector console *only*. + */ +function inspectorLog() { + const stdout = console._stdout; + console._stdout = nullStream; + console.log.apply(console, arguments); + console._stdout = stdout; +}