From 45ab836cac40d2591ebab18d816afa7eb640fa82 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Sat, 21 Oct 2023 18:19:31 +0100
Subject: [PATCH 1/3] refactor(lib): add `u` unicode flag to regex

---
 lib/spec/openapi/utils.js          | 2 +-
 lib/util/generate-params-schema.js | 2 +-
 lib/util/match-params.js           | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/spec/openapi/utils.js b/lib/spec/openapi/utils.js
index 40c92169..8787efad 100644
--- a/lib/spec/openapi/utils.js
+++ b/lib/spec/openapi/utils.js
@@ -88,7 +88,7 @@ function normalizeUrl (url, serverUrls, stripBasePath) {
 
 function resolveServerUrls (servers) {
   const resolvedUrls = []
-  const findVariablesRegex = /{(.*?)}/g // As for OpenAPI v3 spec url variables are named in brackets, e.g. {foo}
+  const findVariablesRegex = /\{(.*?)\}/gu // As for OpenAPI v3 spec url variables are named in brackets, e.g. {foo}
 
   servers = Array.isArray(servers) ? servers : []
   for (const server of servers) {
diff --git a/lib/util/generate-params-schema.js b/lib/util/generate-params-schema.js
index a0f04152..6c6008d7 100644
--- a/lib/util/generate-params-schema.js
+++ b/lib/util/generate-params-schema.js
@@ -2,7 +2,7 @@
 
 const { matchParams } = require('./match-params')
 
-const namePattern = /\{([^}]+)\}/
+const namePattern = /\{([^}]+)\}/u
 
 function paramName (param) {
   return param.replace(namePattern, (_, captured) => captured)
diff --git a/lib/util/match-params.js b/lib/util/match-params.js
index e3972f3b..384ccceb 100644
--- a/lib/util/match-params.js
+++ b/lib/util/match-params.js
@@ -1,6 +1,6 @@
 'use strict'
 
-const paramPattern = /\{[^{}]+\}/g
+const paramPattern = /\{[^{}]+\}/gu
 
 function hasParams (url) {
   if (!url) return false

From 965d72f4591c8d1adf5ecdef1f7599da42dfd679 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Sat, 28 Oct 2023 12:00:18 +0100
Subject: [PATCH 2/3] fix(lib/spec/openapi): polynomial redos route

---
 lib/spec/openapi/utils.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/spec/openapi/utils.js b/lib/spec/openapi/utils.js
index 8787efad..da135b42 100644
--- a/lib/spec/openapi/utils.js
+++ b/lib/spec/openapi/utils.js
@@ -88,7 +88,7 @@ function normalizeUrl (url, serverUrls, stripBasePath) {
 
 function resolveServerUrls (servers) {
   const resolvedUrls = []
-  const findVariablesRegex = /\{(.*?)\}/gu // As for OpenAPI v3 spec url variables are named in brackets, e.g. {foo}
+  const findVariablesRegex = /\{([^{}]+)\}/gu // As for OpenAPI v3 spec url variables are named in brackets, e.g. {foo}
 
   servers = Array.isArray(servers) ? servers : []
   for (const server of servers) {

From 698c66a2f9b1352f430bb8b4d2d86c7abbc5a9b5 Mon Sep 17 00:00:00 2001
From: Frazer Smith <frazer.dev@outlook.com>
Date: Sat, 28 Oct 2023 12:25:09 +0100
Subject: [PATCH 3/3] fix(lib/util): polynomial redos route

---
 lib/util/generate-params-schema.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/util/generate-params-schema.js b/lib/util/generate-params-schema.js
index 6c6008d7..6a1e2297 100644
--- a/lib/util/generate-params-schema.js
+++ b/lib/util/generate-params-schema.js
@@ -2,7 +2,7 @@
 
 const { matchParams } = require('./match-params')
 
-const namePattern = /\{([^}]+)\}/u
+const namePattern = /\{([^{}]+)\}/u
 
 function paramName (param) {
   return param.replace(namePattern, (_, captured) => captured)