From 9661b4041e35f13c41279b951122b65ee57bd7bd Mon Sep 17 00:00:00 2001 From: Fallen_Breath Date: Thu, 3 Oct 2024 01:29:46 +0800 Subject: [PATCH] GfmMarkdown remark-github stricter commit hash verification --- src/components/markdown/gfm-markdown.tsx | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/src/components/markdown/gfm-markdown.tsx b/src/components/markdown/gfm-markdown.tsx index 721157a..3118aed 100644 --- a/src/components/markdown/gfm-markdown.tsx +++ b/src/components/markdown/gfm-markdown.tsx @@ -4,7 +4,7 @@ import rehypeRaw from "rehype-raw"; import rehypeSanitize from "rehype-sanitize"; import rehypeSlug from "rehype-slug"; import remarkGfm from "remark-gfm"; -import remarkGithub, { Options as RemarkGithubOptions } from "remark-github"; +import remarkGithub, { defaultBuildUrl, Options as RemarkGithubOptions } from "remark-github"; import { PluggableList } from "unified"; import { AnchorIdSanitizeFixer } from "./anchor-id-sanitize-fixer"; import { alerts } from "./gfm-markdown-alerts"; @@ -49,7 +49,16 @@ export default function GfmMarkdown( remarkGfm, ] if (repository) { - remarkPlugins.push([remarkGithub, {repository} as RemarkGithubOptions]) + // https://github.com/remarkjs/remark-github + remarkPlugins.push([remarkGithub, { + repository, + buildUrl(values) { + if (values.type === 'commit' && values.hash.length !== 40 /* SHA-1 */) { + return false + } + return defaultBuildUrl(values) + }, + } as RemarkGithubOptions]) } const rehypePlugins: PluggableList = [] @@ -65,7 +74,7 @@ export default function GfmMarkdown( if (allowEmbedHtml) { rehypePlugins.push(imageHeightFixer) } - rehypePlugins.push([rehypeGithubAlerts, {alerts: alerts}]) + rehypePlugins.push([rehypeGithubAlerts, {alerts}]) rehypePlugins.push(mermaidTransformer) return (