angular

mirror of https://github.com/angular/angular synced 2026-05-24 09:28:37 +00:00

History

Alan Agius 7871093822 fix(localize): validate locale in getOutputPathFn to prevent path traversal The `localize-translate` CLI tool uses the `locale` field from translation files to expand the `{{LOCALE}}` placeholder in the output directory. It failed to sanitize `locale` input, allowing malicious translations to write files outside of the configured output directory. This change mitigates this issue by combining. Closes #67906		2026-03-30 12:15:26 +02:00
..
extract	refactor(localize): convert scripts within `packages/localize` to relative imports (#60540 )	2025-03-26 20:40:01 -07:00
migrate	refactor: replace `fast-glob` usage with `tinyglobby` (#60264 )	2025-03-07 10:57:23 -08:00
translate	fix(localize): validate locale in getOutputPathFn to prevent path traversal	2026-03-30 12:15:26 +02:00
diagnostics.ts	refactor: update license text to point to angular.dev (#57901 )	2024-09-24 15:33:00 +02:00
source_file_utils.ts	refactor(localize): convert scripts within `packages/localize` to relative imports (#60540 )	2025-03-26 20:40:01 -07:00