GitShow/sindresorhus/remote-git-tags
sindresorhus

remote-git-tags

Get tags from a remote git repo. Using only JS. No git binary required.

by sindresorhus
Star on GitHubForknpm

JavaScript

52 stars9 forks2 contributorsQuiet · 3y agoSince 2014v4.0.0MIT

Meet the team

See all 2 on GitHub →
sindresorhus
sindresorhus12 contributions
Richienb
Richienb1 contribution

Languages

View on GitHub →
JavaScript100%

Commit activity

Last 12 weeks · 0 commits

Full graph →

Community health

4 of 6 standards met

Community profile →
85
✓README✓License✓Contributing✓Code of Conduct○Issue Template○PR Template

Recent fixes

View closed PRs →
Vincebye
Prototype pollution vulnerability in remote-git-tagsClosedIssue

Hi, we are a security team. We found a prototype pollution vulnerability in your project. The issue affects . The vulnerable behavior happens when tag names from an attacker-controlled remote repository are used as dynamic property keys while building the result object. If the remote repository contains a tag named , prototype pollution may occur. Impact An attacker controlling the remote repository may be able to change the prototype of the returned object in the affected runtime. Proof of concept Details We confirmed the following case: sink: The root cause is that untrusted tag names can flow into dynamic property writes without blocking special prototype-related keys.

Vincebye · 3mo ago
Richienb
Move to GitHub ActionsMergedPR
Richienb · 5y ago
prescottprue
feat(core): add typesMergedPR

Adds typescript types

prescottprue · 5y ago
Structured data for AI agents

Repository: sindresorhus/remote-git-tags. Description: Get tags from a remote git repo. Using only JS. No git binary required. Stars: 52, Forks: 9. Primary language: JavaScript. Languages: JavaScript (100%). License: MIT. Latest release: v4.0.0 (4y ago). Open PRs: 0, open issues: 0. Last activity: 3y ago. Community health: 85%. Top contributors: sindresorhus, Richienb.

·@ofershap

Replace github.com with gitshow.dev