Remove support for unsafe regular expressions (!79611) · Merge requests · GitLab.org / GitLab

Grzegorz Bizon requested to merge feature/gb/remove-unsafe-regexps into master Feb 01, 2022

What does this MR do and why?

This merge request removes a feature flag, that has been disabled by default for a while already, that makes it possible to use unsafe regular expressions, especially in CI/CD configuration, what could be leveraged into a DoS attack.

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Edited Mar 03, 2022 by Grzegorz Bizon

Remove support for unsafe regular expressions

What does this MR do and why?

MR acceptance checklist

Merge request reports