From 223cde831f09a49a317bc4e5926cc8a38a6fa3f2 Mon Sep 17 00:00:00 2001
From: Louis Lam <louislam@users.noreply.github.com>
Date: Sat, 18 Jan 2025 23:35:40 +0800
Subject: [PATCH 1/4] Fix push examples cannot be loaded (Docker only) (#5490)

---
 .dockerignore | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.dockerignore b/.dockerignore
index 5db08b7bf..77470feb1 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -32,7 +32,6 @@ tsconfig.json
 /extra/healthcheck.exe
 /extra/healthcheck
 /extra/exe-builder
-/extra/push-examples
 /extra/uptime-kuma-push
 
 # Comment the following line if you want to rebuild the healthcheck binary

From 03beef800652be3508ef641867cde75d7f3c8ee4 Mon Sep 17 00:00:00 2001
From: DayShift <113507098+ShiyuBanzhou@users.noreply.github.com>
Date: Thu, 23 Jan 2025 02:03:38 +0800
Subject: [PATCH 2/4] BugFix:Regular Expression in parseDuration Function
 (#5563)

Co-authored-by: Frank Elsinga <frank@elsinga.de>
---
 server/modules/apicache/apicache.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/modules/apicache/apicache.js b/server/modules/apicache/apicache.js
index 41930b24d..95a04d9e3 100644
--- a/server/modules/apicache/apicache.js
+++ b/server/modules/apicache/apicache.js
@@ -485,7 +485,7 @@ function ApiCache() {
         }
 
         if (typeof duration === "string") {
-            let split = duration.match(/^([\d\.,]+)\s?(\w+)$/);
+            let split = duration.match(/^([\d\.,]+)\s?([a-zA-Z]+)$/);
 
             if (split.length === 3) {
                 let len = parseFloat(split[1]);

From 7dc6191b0af91edf58b7938876aa862c2a4ac9bb Mon Sep 17 00:00:00 2001
From: Elliot Matson <ematson5897@gmail.com>
Date: Fri, 24 Jan 2025 11:49:29 -0600
Subject: [PATCH 3/4] fix: add notification-fallback for better google chat
 popups (#5476)

Co-authored-by: Frank Elsinga <frank@elsinga.de>
---
 server/notification-providers/google-chat.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/notification-providers/google-chat.js b/server/notification-providers/google-chat.js
index 0b72fea95..9e94844d7 100644
--- a/server/notification-providers/google-chat.js
+++ b/server/notification-providers/google-chat.js
@@ -72,6 +72,7 @@ class GoogleChat extends NotificationProvider {
 
             // construct json data
             let data = {
+                fallbackText: chatHeader["title"],
                 cardsV2: [
                     {
                         card: {

From 7a9191761dbef6551c2a0aa6eed5f693ba48d688 Mon Sep 17 00:00:00 2001
From: DayShift <113507098+ShiyuBanzhou@users.noreply.github.com>
Date: Sun, 26 Jan 2025 18:52:12 +0800
Subject: [PATCH 4/4] fix: make sure that stripping backslashes for
 notification urls cannot cause catastophic backtracking (ReDOS) (#5573)

Co-authored-by: Frank Elsinga <frank@elsinga.de>
---
 server/notification-providers/pushdeer.js | 3 ++-
 server/notification-providers/whapi.js    | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/server/notification-providers/pushdeer.js b/server/notification-providers/pushdeer.js
index 276c2f476..b1f675957 100644
--- a/server/notification-providers/pushdeer.js
+++ b/server/notification-providers/pushdeer.js
@@ -11,7 +11,8 @@ class PushDeer extends NotificationProvider {
     async send(notification, msg, monitorJSON = null, heartbeatJSON = null) {
         const okMsg = "Sent Successfully.";
         const serverUrl = notification.pushdeerServer || "https://api2.pushdeer.com";
-        const url = `${serverUrl.trim().replace(/\/*$/, "")}/message/push`;
+        // capture group below is nessesary to prevent an ReDOS-attack
+        const url = `${serverUrl.trim().replace(/([^/])\/+$/, "$1")}/message/push`;
 
         let valid = msg != null && monitorJSON != null && heartbeatJSON != null;
 
diff --git a/server/notification-providers/whapi.js b/server/notification-providers/whapi.js
index 70e0fbb4c..d83dc470f 100644
--- a/server/notification-providers/whapi.js
+++ b/server/notification-providers/whapi.js
@@ -24,7 +24,7 @@ class Whapi extends NotificationProvider {
                 "body": msg,
             };
 
-            let url = (notification.whapiApiUrl || "https://gate.whapi.cloud/").replace(/\/+$/, "") + "/messages/text";
+            let url = (notification.whapiApiUrl || "https://gate.whapi.cloud/").replace(/([^/])\/+$/, "$1") + "/messages/text";
 
             await axios.post(url, data, config);