| diff --git a/node_modules/html-minifier/src/htmlminifier.js b/node_modules/html-minifier/src/htmlminifier.js |
| index d7efa99..d0d8999 100644 |
| --- a/node_modules/html-minifier/src/htmlminifier.js |
| +++ b/node_modules/html-minifier/src/htmlminifier.js |
| @@ -873,7 +873,8 @@ function minify(value, options, partialMarkup) { |
| return re.source; |
| }); |
| if (customFragments.length) { |
| - var reCustomIgnore = new RegExp('\\s*(?:' + customFragments.join('|') + ')+\\s*', 'g'); |
| + // CVE-2022-37620 ReDoS mitigation: limit repetition to prevent catastrophic backtracking |
| + var reCustomIgnore = new RegExp('\\s*(?:' + customFragments.join('|') + '){1,20}\\s*', 'g'); |
| // temporarily replace custom ignored fragments with unique attributes |
| value = value.replace(reCustomIgnore, function(match) { |
| if (!uidAttr) { |