nodejs/SOURCES/0004-CVE-2020-15366-nodejs-ajv-ignore-proto-properties.patch

From 8ba0309b6c0c976241f5db056b344260acf674d9 Mon Sep 17 00:00:00 2001
From: Zuzana Svetlikova <zsvetlik@redhat.com>
Date: Fri, 30 Oct 2020 13:51:33 +0100
Subject: [PATCH] CVE-2020-15366-nodejs-ajv-ignore-proto-properties

---
 deps/npm/node_modules/ajv/lib/dot/dependencies.jst | 1 +
 1 file changed, 1 insertion(+)

diff --git a/deps/npm/node_modules/ajv/lib/dot/dependencies.jst b/deps/npm/node_modules/ajv/lib/dot/dependencies.jst
index c41f334224..7403105d4b 100644
--- a/deps/npm/node_modules/ajv/lib/dot/dependencies.jst
+++ b/deps/npm/node_modules/ajv/lib/dot/dependencies.jst
@@ -19,6 +19,7 @@
     , $ownProperties = it.opts.ownProperties;
 
   for ($property in $schema) {
+    if ($property == '__proto__') continue;
     var $sch = $schema[$property];
     var $deps = Array.isArray($sch) ? $propertyDeps : $schemaDeps;
     $deps[$property] = $sch;
-- 
2.26.2