From 0cd87f5414400ab505f867e5a465596ebe61de98 Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sat, 4 Sep 2021 14:56:07 -0700
Subject: [PATCH 1/2] chore: pin xo to latest version that works with current
 code

---
 package.json | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 7b2d8a1..a160421 100644
--- a/package.json
+++ b/package.json
@@ -34,10 +34,9 @@
     "remove",
     "delete"
   ],
-  "dependencies": {},
   "devDependencies": {
     "mocha": "*",
-    "xo": "*"
+    "xo": "^0.17.1"
   },
   "xo": {
     "envs": [

From 6d894768a492c1f7d1e5e80645c43ed9416432af Mon Sep 17 00:00:00 2001
From: Rich Trott <rtrott@gmail.com>
Date: Sat, 4 Sep 2021 14:56:23 -0700
Subject: [PATCH 2/2] fix: update regular expression to remove ReDOS

Fixes: https://github.com/stevemao/trim-off-newlines/issues/2
---
 index.js | 2 +-
 test.js  | 7 +++++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/index.js b/index.js
index 46e3d57..9aaa826 100644
--- a/index.js
+++ b/index.js
@@ -1,6 +1,6 @@
 'use strict';
 
-var regex = /^(?:\r\n|\n|\r)+|(?:\r\n|\n|\r)+$/g;
+var regex = /^(?:\r|\n)+|(?:\r|\n)+$/g;
 
 module.exports = function (str) {
 	return str.replace(regex, '');
diff --git a/test.js b/test.js
index 54cdac8..f4c9ffb 100644
--- a/test.js
+++ b/test.js
@@ -19,3 +19,10 @@ it('should trim off \\r\\n', function () {
 	assert.strictEqual(trimOffNewlines('\r\nunicorns\r\n'), 'unicorns');
 	assert.strictEqual(trimOffNewlines('unicorns\r\n\r\n\r\n\r\n\r\n\r\n'), 'unicorns');
 });
+
+it('should not be susceptible to exponential backtracking', function () {
+	var start = Date.now();
+	trimOffNewlines('a' + '\r\n'.repeat(1000) + 'a');
+	var end = Date.now();
+	assert.ok(end - start < 1000, 'took too long, probably susceptible to ReDOS');
+});