Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Dependabot Alert: Predictable results in nanoid generation when given non-integer values #762

Open
JennaySDavis opened this issue Dec 18, 2024 · 2 comments
Open

Dependabot Alert: Predictable results in nanoid generation when given non-integer values #762

JennaySDavis opened this issue Dec 18, 2024 · 2 comments
Assignees
@johnbeallgsa
Labels
Dependabot Alert Sprint 46

Comments

@JennaySDavis
Copy link
Contributor

When a nanoid is called with a fractional value, there are several undesirable effects:

  • in browser and non-secure, the code infinite loops on while (size--)
  • in node, the value of poolOffset becomes fractional, causing calls to nanoid to return zeroes until the pool is next filled
  • if the first call in the node is a fractional argument, the initial buffer allocation fails with an error
@JennaySDavis
Copy link
Contributor Author

JennaySDavis commented Jan 2, 2025
edited
Loading

Acceptance Criteria

Pass/Fail Description
Pass Regression Testing of Program Website

Comments/Additional Notes
N/A

ADA Compliance (Automated scan via Chrome Lighthouse)

Criteria Score
Performance 99
Accessibility 100
Best Practices 100

Passed 01/02/2025 - JSD

@johnbeallgsa
Copy link
Contributor

Thanks for talking about this in Demo. Moving to Done.

felder101 added a commit that referenced this issue Jan 9, 2025
@felder101
Production Release
329c18a 
Sprint 46 issues include:

Sales, Transactions, Card/Account Holder Data #768
Senate Judiciary Committee hearing Link #755
Dependabot Alert: Predictable results in nanoid generation when given non-integer values #762
Program Statistics #769
Georgia Tax Updates #764
@felder101 felder101 mentioned this issue Jan 9, 2025
Merged
felder101 added a commit that referenced this issue Jan 13, 2025
@felder101
Production Release (#781)
86f44e2 
Sprint 46 issues include:

Sales, Transactions, Card/Account Holder Data #768
Senate Judiciary Committee hearing Link #755
Dependabot Alert: Predictable results in nanoid generation when given non-integer values #762
Program Statistics #769
Georgia Tax Updates #764
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@johnbeallgsa johnbeallgsa

Labels
Dependabot Alert Sprint 46
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@johnbeallgsa @JennaySDavis