Register | Log in

node-braces

Fast, comprehensive, bash-like brace expansion implemented in JS

Choose email to subscribe with

general

source: node-braces (main)
version: 3.0.3+~3.0.5-1
maintainer: Debian Javascript Maintainers (archive) (DMD)
uploaders: Sruthi Chandran [DMD]
arch: all
std-ver: 4.7.2
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.0.2-2
oldstable: 3.0.2+~3.0.0-1
stable: 3.0.2+~3.0.1-1
testing: 3.0.3+~3.0.4-1
unstable: 3.0.3+~3.0.5-1

versioned links

2.0.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.2+~3.0.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.2+~3.0.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.3+~3.0.4-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.0.3+~3.0.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

node-braces

action needed

lintian reports 6 warnings high

Lintian reports 6 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2022-07-30 Last update: 2024-07-30 00:05

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2024-4068: (needs triaging) The NPM package `braces`, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-05-13 Last update: 2025-04-07 16:30

testing migrations

excuses:
- Migration status for node-braces (3.0.3+~3.0.4-1 to 3.0.3+~3.0.5-1): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- ∙ ∙ autopkgtest for node-braces/3.0.3+~3.0.5-1: amd64: Pass, arm64: Pass, armel: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ autopkgtest for node-chokidar/3.6.0-2: amd64: Pass, arm64: Pass, armel: Pass, armhf: Pass, i386: Pass, ppc64el: Pass, riscv64: Regression or new test ♻ (reference ♻), s390x: Pass
- ∙ ∙ Too young, only 2 of 5 days old
- Additional info:
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/n/node-braces.html
- ∙ ∙ Waiting for reproducibility test results on amd64 - info ♻
- ∙ ∙ Reproducible on arm64 - info ♻
- ∙ ∙ Waiting for reproducibility test results on armhf - info ♻
- ∙ ∙ Waiting for reproducibility test results on i386 - info ♻
- Not considered

news

[2025-04-07] Accepted node-braces 3.0.3+~3.0.5-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2024-05-24] node-braces 3.0.3+~3.0.4-1 MIGRATED to testing (Debian testing watch)
[2024-05-22] Accepted node-braces 3.0.3+~3.0.4-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2021-11-16] node-braces 3.0.2+~3.0.1-1 MIGRATED to testing (Debian testing watch)
[2021-11-13] Accepted node-braces 3.0.2+~3.0.1-1 (source) into unstable (Yadd) (signed by: Xavier Guimard)
[2020-10-21] Accepted node-braces 3.0.2+~3.0.0-1~bpo10+1 (source) into buster-backports (Xavier Guimard)
[2020-10-21] node-braces 3.0.2+~3.0.0-1 MIGRATED to testing (Debian testing watch)
[2020-10-19] Accepted node-braces 3.0.2+~3.0.0-1 (source) into unstable (Xavier Guimard)
[2020-04-27] Accepted node-braces 3.0.2-2~bpo10+1 (source all) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Praveen Arimbrathodiyil)
[2019-09-08] node-braces 3.0.2-2 MIGRATED to testing (Debian testing watch)
[2019-09-02] Accepted node-braces 3.0.2-2 (source) into unstable (Xavier Guimard)
[2019-06-05] Accepted node-braces 3.0.2-1 (source) into experimental (Xavier Guimard)
[2018-01-04] node-braces 2.0.2-2 MIGRATED to testing (Debian testing watch)
[2017-12-29] Accepted node-braces 2.0.2-2 (source) into unstable (Jérémy Lal)
[2016-11-14] node-braces 2.0.2-1 MIGRATED to testing (Debian testing watch)
[2016-11-03] Accepted node-braces 2.0.2-1 (source all) into unstable, unstable (Sruthi Chandran) (signed by: Praveen Arimbrathodiyil)

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 6)
buildd: logs, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.0.3+~3.0.4-1

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing