Skip to content

[code-simplifier] Code Simplification#1927

Closed
github-actions[bot] wants to merge 7 commits into
mainfrom
simplify-code-refinement-b78088427b44667b
Closed

[code-simplifier] Code Simplification#1927
github-actions[bot] wants to merge 7 commits into
mainfrom
simplify-code-refinement-b78088427b44667b

Conversation

@github-actions

@github-actions github-actions Bot commented May 21, 2026

Copy link
Copy Markdown

Caution

agentic threat detected
Threat detection flagged this output in warn mode. Manual review is REQUIRED before any follow-up automation.

Details

The threat detection results could not be parsed.

Review the workflow run logs for details.

Simplifying code in builder.py and settings.py

Warning

Firewall blocked 1 domain

The following domain was blocked by the firewall during workflow execution:

  • localhost

To allow these domains, add them to the network.allowed list in your workflow frontmatter:

network:
  allowed:
    - defaults
    - "localhost"

See Network Configuration for more information.

Generated by Code Simplifier ·

Add this agentic workflows to your repo

To install this agentic workflow, run

gh aw add githubnext/agentics/workflows/code-simplifier.md@8f9734b7e64b80cc29497af03eaf1e0d9e7625da
  • expires on May 22, 2026, 7:48 AM UTC

Summary by Sourcery

Simplify agent setup, MCP configuration handling, and response generation while consolidating validation logic and directory management.

Enhancements:

  • Load agent instructions from the configured prompt template instead of using an inline hardcoded list.
  • Refactor MCP tools setup to use the structured MCPScheme/URLConnection model rather than manual JSON parsing and filtering.
  • Simplify generate_response streaming to yield only updated history while unifying tool event handling and media attachment logic.
  • Remove unused URL validation and file download helpers from the builder.
  • Consolidate MCP settings validation into a single model validator that enforces JSON format and schema correctness.
  • Streamline directory settings validation to create required directories with reduced control flow and logging.

@semanticdiff-com

semanticdiff-com Bot commented May 21, 2026

Copy link
Copy Markdown

Review changes with  SemanticDiff

Changed Files
File Status
  src/chattr/app/builder.py  24% smaller
  src/chattr/app/settings.py  17% smaller

@sourcery-ai

sourcery-ai Bot commented May 21, 2026

Copy link
Copy Markdown
Contributor

Reviewer's Guide

Refactors agent and MCP setup to reuse structured configuration and prompt helpers, simplifies response streaming to only manage chat history while centralizing tool-call metadata handling, and consolidates MCP and directory validation logic in settings for cleaner, more robust configuration handling.

Sequence diagram for updated generate_response event handling

sequenceDiagram
    actor User
    participant Builder
    participant Agent

    User->>Builder: generate_response(message, history)
    Builder->>Builder: _setup_agent()
    Builder->>Agent: stream_events(message, history)

    loop for each response
        Agent-->>Builder: RunContentEvent
        alt response is RunContentEvent
            Builder->>Builder: history.append(ChatMessage(role="assistant", content))
        else response is ToolCallStartedEvent or ToolCallCompletedEvent
            Builder->>Builder: metadata = MetadataDict(...)
            Builder->>Builder: history.append(ChatMessage(role="assistant", content, metadata))
            alt ToolCallCompletedEvent and not tool_call_error
                alt tool.tool_name == generate_audio_for_text
                    Builder->>Builder: history.append(Audio(tool.result, ...))
                else tool.tool_name == generate_video_mcp
                    Builder->>Builder: history.append(Video(tool.result, ...))
                else
                    Builder->>Builder: raise Error
                end
            end
        end
        Builder-->>User: yield history
    end

    Builder->>Builder: _close()
Loading

File-Level Changes

Change Details Files
Reuse structured prompt and MCP configuration when constructing the Agent and its tools.
  • Replace hard-coded agent instructions with a call to the existing _setup_prompt helper so prompts are centrally defined.
  • Parse mcp.json via MCPScheme.model_validate_json instead of manual JSON dict loading.
  • Filter MCP URL servers by URLConnection type and pass their URL and transport fields directly into MultiMCPTools.
src/chattr/app/builder.py
Simplify generate_response to only yield updated history and centralize tool-call metadata handling.
  • Change generate_response to yield only the updated history list instead of a tuple with audio/video paths.
  • Unify ToolCallStartedEvent and ToolCallCompletedEvent handling by building a shared metadata dict, including duration and success/failure log when applicable.
  • Retain audio/video rendering on successful tool completions while simplifying the branching logic and error reporting for unknown tools.
src/chattr/app/builder.py
Remove unused HTTP download helpers from the builder to reduce dead code.
  • Delete the _is_url helper and its HttpUrl/ValidationError-based URL validation.
  • Delete the _download_file helper that performed HTTP downloads and m3u8 playlist resolution.
src/chattr/app/builder.py
Consolidate MCP settings validation into a single model validator using MCPScheme.
  • Replace multiple validators (existence, suffix check, and scheme validation) with a single validate_mcp_config method.
  • Ensure that non-existent mcp.json files only emit a warning and short-circuit further validation, while existing files must be .json and parse as a valid MCPScheme.
src/chattr/app/settings.py
Simplify directory creation logic for application directories.
  • Refactor create_missing_dirs to use a local list of directories rather than inline repetition.
  • Remove try/except around directory creation and log successful directory creation directly while still using parents=True and exist_ok=True.
src/chattr/app/settings.py

Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

Comment thread src/chattr/app/builder.py
metadata["duration"] = tool.created_at
else:
metadata["log"] = (
"Tool Call Failed"
@mergify mergify Bot temporarily deployed to code_quality May 21, 2026 19:30 Inactive
@mergify mergify Bot had a problem deploying to code_quality May 21, 2026 19:31 Failure
@mergify mergify Bot had a problem deploying to code_quality May 21, 2026 19:31 Failure
@mergify mergify Bot had a problem deploying to code_quality May 21, 2026 19:31 Failure
@mergify mergify Bot temporarily deployed to code_quality May 21, 2026 19:31 Inactive
@MH0386

MH0386 commented May 21, 2026

Copy link
Copy Markdown
Contributor

🔍 Vulnerabilities of ghcr.io/alphaspheredotai/chattr:6f05711-pr-1927

📦 Image Reference ghcr.io/alphaspheredotai/chattr:6f05711-pr-1927
digestsha256:c673eb8ca0fa1d8f9a7fcb82404fa5745fced330b479a9fa6363324a9217efa9
vulnerabilitiescritical: 11 high: 13 medium: 4 low: 0
platformlinux/amd64
size271 MB
packages425
critical: 1 high: 1 medium: 0 low: 0 glibc 2.43-r6 (apk)

pkg:apk/wolfi/glibc@2.43-r6?arch=x86_64&origin=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 libcrypt1 2.43-r6 (apk)

pkg:apk/wolfi/libcrypt1@2.43-r6?arch=x86_64&distro=wolfi

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 ld-linux 2.43-r6 (apk)

pkg:apk/wolfi/ld-linux@2.43-r6?arch=x86_64&origin=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 ld-linux 2.43-r6 (apk)

pkg:apk/wolfi/ld-linux@2.43-r6?arch=x86_64&distro=wolfi-20230201&upstream=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 libcrypt1 2.43-r6 (apk)

pkg:apk/wolfi/libcrypt1@2.43-r6?arch=x86_64&origin=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 glibc-locale-posix 2.43-r6 (apk)

pkg:apk/wolfi/glibc-locale-posix@2.43-r6?arch=x86_64&origin=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 ld-linux 2.43-r6 (apk)

pkg:apk/wolfi/ld-linux@2.43-r6?arch=x86_64&distro=wolfi

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 glibc-locale-posix 2.43-r6 (apk)

pkg:apk/wolfi/glibc-locale-posix@2.43-r6?arch=x86_64&distro=wolfi

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 glibc-locale-posix 2.43-r6 (apk)

pkg:apk/wolfi/glibc-locale-posix@2.43-r6?arch=x86_64&distro=wolfi-20230201&upstream=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 libcrypt1 2.43-r6 (apk)

pkg:apk/wolfi/libcrypt1@2.43-r6?arch=x86_64&distro=wolfi-20230201&upstream=glibc

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 1 high: 1 medium: 0 low: 0 glibc 2.43-r6 (apk)

pkg:apk/wolfi/glibc@2.43-r6?arch=x86_64&distro=wolfi

# Dockerfile (1:14)
FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS builder

ARG INSTALL_SOURCE
ARG PYTHON_VERSION

# skipcq: DOK-DL3018
RUN apk add --no-cache build-base git uv

USER nonroot

RUN --mount=type=cache,target=/root/.cache/uv \
    uv tool install ${INSTALL_SOURCE} --python ${PYTHON_VERSION}

FROM cgr.dev/chainguard/wolfi-base:latest@sha256:1af610c4a70668dad46159ee178b20378c79a49b554f76405670fc442d30183a AS production

critical : CVE--2026--5450

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.049%
EPSS Percentile15th percentile
Description

high : CVE--2026--5928

Affected range<2.43-r7
Fixed version2.43-r7
EPSS Score0.046%
EPSS Percentile14th percentile
Description
critical: 0 high: 1 medium: 1 low: 0 picomatch 4.0.3 (npm)

pkg:npm/picomatch@4.0.3

# Dockerfile (28:28)
COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/

high 7.5: CVE--2026--33671 Inefficient Regular Expression Complexity

Affected range>=4.0.0
<4.0.4
Fixed version4.0.4
CVSS Score7.5
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score0.019%
EPSS Percentile5th percentile
Description

Impact

picomatch is vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as +() and *(), especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input.

Examples of problematic patterns include +(a|aa), +(*|?), +(+(a)), *(+(a)), and +(+(+(a))). In local reproduction, these patterns caused multi-second event-loop blocking with relatively short inputs. For example, +(a|aa) compiled to ^(?:(?=.)(?:a|aa)+)$ and took about 2 seconds to reject a 41-character non-matching input, while nested patterns such as +(+(a)) and *(+(a)) took around 29 seconds to reject a 33-character input on a modern M1 MacBook.

Applications are impacted when they allow untrusted users to supply glob patterns that are passed to picomatch for compilation or matching. In those cases, an attacker can cause excessive CPU consumption and block the Node.js event loop, resulting in a denial of service. Applications that only use trusted, developer-controlled glob patterns are much less likely to be exposed in a security-relevant way.

Patches

This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2.

Users should upgrade to one of these versions or later, depending on their supported release line.

Workarounds

If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch.

Possible mitigations include:

  • disable extglob support for untrusted patterns by using noextglob: true
  • reject or sanitize patterns containing nested extglobs or extglob quantifiers such as +() and *()
  • enforce strict allowlists for accepted pattern syntax
  • run matching in an isolated worker or separate process with time and resource limits
  • apply application-level request throttling and input validation for any endpoint that accepts glob patterns

Resources

  • Picomatch repository: https://github.com/micromatch/picomatch
  • lib/parse.js and lib/constants.js are involved in generating the vulnerable regex forms
  • Comparable ReDoS precedent: CVE-2024-4067 (micromatch)
  • Comparable generated-regex precedent: CVE-2024-45296 (path-to-regexp)

medium 5.3: CVE--2026--33672 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Affected range>=4.0.0
<4.0.4
Fixed version4.0.4
CVSS Score5.3
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score0.057%
EPSS Percentile18th percentile
Description

Impact

picomatch is vulnerable to a method injection vulnerability (CWE-1321) affecting the POSIX_REGEX_SOURCE object. Because the object inherits from Object.prototype, specially crafted POSIX bracket expressions (e.g., [[:constructor:]]) can reference inherited method names. These methods are implicitly converted to strings and injected into the generated regular expression.

This leads to incorrect glob matching behavior (integrity impact), where patterns may match unintended filenames. The issue does not enable remote code execution, but it can cause security-relevant logic errors in applications that rely on glob matching for filtering, validation, or access control.

All users of affected picomatch versions that process untrusted or user-controlled glob patterns are potentially impacted.

Patches

This issue is fixed in picomatch 4.0.4, 3.0.2 and 2.3.2.

Users should upgrade to one of these versions or later, depending on their supported release line.

Workarounds

If upgrading is not immediately possible, avoid passing untrusted glob patterns to picomatch.

Possible mitigations include:

  • Sanitizing or rejecting untrusted glob patterns, especially those containing POSIX character classes like [[:...:]].

  • Avoiding the use of POSIX bracket expressions if user input is involved.

  • Manually patching the library by modifying POSIX_REGEX_SOURCE to use a null prototype:

    const POSIX_REGEX_SOURCE = {
      __proto__: null,
      alnum: 'a-zA-Z0-9',
      alpha: 'a-zA-Z',
      // ... rest unchanged
    };

Resources

critical: 0 high: 1 medium: 0 low: 0 pdfjs-dist 3.11.174 (npm)

pkg:npm/pdfjs-dist@3.11.174

# Dockerfile (28:28)
COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/

high 8.8: CVE--2024--4367 Improper Check for Unusual or Exceptional Conditions

Affected range<=4.1.392
Fixed version4.2.67
CVSS Score8.8
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score38.342%
EPSS Percentile97th percentile
Description

Impact

If pdf.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true (which is the default value), unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain.

Patches

The patch removes the use of eval:
mozilla/pdf.js#18015

Workarounds

Set the option isEvalSupported to false.

References

https://bugzilla.mozilla.org/show_bug.cgi?id=1893645

critical: 0 high: 0 medium: 2 low: 0 brace-expansion 5.0.4 (npm)

pkg:npm/brace-expansion@5.0.4

# Dockerfile (28:28)
COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/

medium 6.5: CVE--2026--45149 Uncontrolled Resource Consumption

Affected range>=5.0.0
<5.0.6
Fixed version5.0.6
CVSS Score6.5
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Description

The max option was being applied too late:

When expanding a single large numeric range like {1..10000000}, the sequence generation loop generates all 10 million intermediate elements before the max limit is applied With max=10, the output is correctly limited to 10 items, but the process still allocates ~505 MB and spends ~800ms building the full intermediate array.

Workaround

Ensure the string to be expanded doesn't contain more values than the desired max item count.

medium 6.5: CVE--2026--33750 Uncontrolled Resource Consumption

Affected range>=4.0.0
<5.0.5
Fixed version5.0.5
CVSS Score6.5
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score0.024%
EPSS Percentile7th percentile
Description

Impact

A brace pattern with a zero step value (e.g., {1..2..0}) causes the sequence generation loop to run indefinitely, making the process hang for seconds and allocate heaps of memory.

The loop in question:

https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L184

test() is one of

https://github.com/juliangruber/brace-expansion/blob/daa71bcb4a30a2df9bcb7f7b8daaf2ab30e5794a/src/index.ts#L107-L113

The increment is computed as Math.abs(0) = 0, so the loop variable never advances. On a test machine, the process hangs for about 3.5 seconds and allocates roughly 1.9 GB of memory before throwing a RangeError. Setting max to any value has no effect because the limit is only checked at the output combination step, not during sequence generation.

This affects any application that passes untrusted strings to expand(), or by error sets a step value of 0. That includes tools built on minimatch/glob that resolve patterns from CLI arguments or config files. The input needed is just 10 bytes.

Patches

Upgrade to versions

  • 5.0.5+

A step increment of 0 is now sanitized to 1, which matches bash behavior.

Workarounds

Sanitize strings passed to expand() to ensure a step value of 0 is not used.

critical: 0 high: 0 medium: 1 low: 0 ip-address 10.1.0 (npm)

pkg:npm/ip-address@10.1.0

# Dockerfile (28:28)
COPY --from=builder --chown=nonroot:nonroot --chmod=555 /home/nonroot/.local/ /home/nonroot/.local/

medium 5.3: CVE--2026--42338 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected range<=10.1.0
Fixed version10.1.1
CVSS Score5.3
CVSS VectorCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
EPSS Score0.036%
EPSS Percentile11th percentile
Description

Summary

Address6.group() and Address6.link() do not HTML-escape attacker-controlled content before embedding it in the HTML strings they return, and AddressError.parseMessage (emitted by the Address6 constructor for invalid input) can contain unescaped attacker-controlled content in one branch. An application that (1) passes untrusted input to Address6 and (2) renders the output of these methods, or the thrown error's parseMessage, as HTML (e.g. via innerHTML) is vulnerable to cross-site scripting. A related issue in v6.helpers.spanAll() produced malformed markup but was not exploitable; it is hardened in the same release for consistency.

Details

Four related issues were identified and fixed together:

  1. Address6.group(): zone ID injection. The Address6 constructor stores the raw input (including any IPv6 zone ID) in this.address before zone stripping. group() then passed this.address to helpers.simpleGroup(), which wrapped each :-separated segment in a <span> element without HTML-escaping the content. A zone ID containing HTML markup was embedded verbatim.
  2. Address6.link({ prefix, className }): attribute-value injection. link() concatenated user-supplied prefix and className into the href="…" and class="…" attributes without escaping. A caller passing untrusted content through these options could inject event handlers (e.g. onmouseover) and achieve XSS.
  3. Address6 constructor: leading-zero IPv4 error path. The leading-zero branch in parse4in6() built AddressError.parseMessage by concatenating the raw address through String.replace(). Because parse4in6() runs before the bad-character check, any characters in the groups preceding the IPv4 suffix flowed into the error's HTML unescaped. Consumers who render parseMessage as HTML (its documented purpose — it already contains <span class="parse-error"> markup) could be XSS'd by a crafted input such as <img src=x onerror=alert(1)>:10.0.01.1.
  4. v6.helpers.spanAll(): attribute-value injection (defense in depth). spanAll() embedded each character of its input into a class="digit value-${n} …" attribute without escaping. Because split('') limits n to a single character this was not exploitable in practice, but it produced malformed markup and is fixed for consistency.

Affected Versions

All versions up to and including 10.1.0.

Patched Version

10.1.1.

Impact

Real-world exposure is believed to be extremely limited. Analysis of all 425 dependent npm packages as well as GitHub code search found zero consumers of group(), link(), or spanAll(): these HTML-emitting surfaces appear to be unused across published npm packages and public repositories. Applications using only the address-parsing and comparison APIs (isValid, correctForm, isInSubnet, bigInt, etc.) are not affected.

Consumers who do render the output of group(), link(), spanAll(), or AddressError.parseMessage as HTML against untrusted input should upgrade.

PoC

const { Address6 } = require('ip-address');
const addr = new Address6('fe80::1%<img src=x onerror=alert(1)>');
document.body.innerHTML = addr.group();  // fires the onerror handler in 10.1.0

Workarounds

If users cannot upgrade immediately:

  • Do not pass untrusted input to the Address6 constructor, or
  • Never render the output of group(), link(), or spanAll(), nor the parseMessage field of any thrown AddressError, as HTML; treat these values as text only, or run them through DOMPurify before inserting into the DOM (DOMPurify's default configuration preserves the library's intended <span> wrapping while stripping any injected event handlers), or
  • Validate input with Address6.isValid() and reject anything that contains a zone identifier (a % character) or characters outside [0-9a-fA-F:/] before passing it to the constructor.

Lack of separate CVEs

Given the evidence that these methods are not used, and given that they are all of the same construction, maintainers do not think it's relevant or useful to create a separate CVE for each library method.

Credit

ip-address thanks @scovetta for reporting this issue.

@sonarqubecloud

Copy link
Copy Markdown

@github-actions

Copy link
Copy Markdown
Author

This pull request was automatically closed because it expired on 2026-05-22T07:48:20.119Z.

Closed by Workflow

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants