Potential issues with regular expressions

[gkalpak]

Hey there 👋

CodeQL code scanning reports some potential security-related issues with some regular expressions urlMatcher.ts.

We (HeroDevs) offer some commercial products that are based on UI-Router packages and we would like to discuss these potential issues and/or coordinate on disclosure/fixing. What is a good medium to discuss?

(cc @christopherthielen, @wawyed, who seem to be the last committers to this repo.)

[christopherthielen]

Hi, I'm not actively maintaining this any more but am open to security fixes.

Can it be discussed publicly?

[gkalpak]

Thanks for responding even though the project is no longer under active maintenance, @christopherthielen 👍

It's nothing super-serious, but I'd rather not discuss this in any more detail publicly 🙊

[wawyed]

I don't mind adding a fix for it either