From f9d72006dcc6033297729c3b0b4a86e43d1925ba Mon Sep 17 00:00:00 2001
From: wangdi <wangdi@kylinos.cn>
Date: Wed, 19 Mar 2025 18:09:32 +0800
Subject: [PATCH] prevent exploit of CVE-2021-30483

---
 webpack.common.js | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/webpack.common.js b/webpack.common.js
index 43c25ee..20f175e 100644
--- a/webpack.common.js
+++ b/webpack.common.js
@@ -9,7 +9,8 @@ const InlineManifestWebpackPlugin = require('inline-manifest-webpack-plugin')
 const env = process.env.NODE_ENV || 'development'
 const useFakeData = process.env.FAKE_DATA === 'true'
 const packageInfo = require('./package.json')
-const fetchGitInfo = require('./webpack.gitinfo.js')
+// disable git info fetch to prevent exploit of CVE-2021-30483
+// const fetchGitInfo = require('./webpack.gitinfo.js')
 
 // common modules required by all entry points
 const commonModules = ['core-js/stable']
@@ -17,7 +18,9 @@ const commonModules = ['core-js/stable']
 // common webpack configuration applicable to all environments
 // @see: https://github.com/patternfly/patternfly-react-seed/blob/master/webpack.common.js
 async function common () {
-  const gitInfo = await fetchGitInfo()
+  // disable git info fetch to prevent exploit of CVE-2021-30483
+  // const gitInfo = await fetchGitInfo()
+  const gitInfo = null
   const rpmInfo = process.env.RPM_PACKAGE_NAME && {
     packageName: process.env.RPM_PACKAGE_NAME,
     packageVersion: process.env.RPM_PACKAGE_VERSION,
-- 
2.48.1