fix(rg): cap brace alternation recursion depth

[chaliy]

Motivation

• Brace-alternation parsing in rg’s glob converter recursed unboundedly on attacker-controlled input, enabling CPU exhaustion and stack-overflow aborts.
• The vuln is reachable from user-controlled inputs (-g, --iglob, --type-add, --ignore-file, etc.) and VFS ignore files, so it must be mitigated at conversion time.
• The fix needs to stop recursive expansion while preserving normal glob behavior for reasonable inputs.

Description

• Introduce RG_GLOB_MAX_BRACE_DEPTH and route conversion through a new glob_to_regex_with_depth(pattern, depth) entrypoint to track recursion depth.
• When the depth cap is reached glob_to_regex_with_depth falls back to returning a literal-escaped regex for the remaining pattern instead of recursing further.
• Update glob_alternation_to_regex to accept a depth parameter, return None when the cap is reached, and call glob_to_regex_with_depth for each alternative.
• Add a unit test glob_brace_alternation_depth_limit_does_not_expand_nested_pattern to assert the depth-limit fallback behavior.

Testing

• Added and ran the unit test rg::tests::glob_brace_alternation_depth_limit_does_not_expand_nested_pattern, which passed.
• Ran cargo test -p bashkit (library test run) which completed with the test-suite passing for the executed targets in this environment.

---

Codex Task

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	bashkit	0746df9	Commit Preview URL	May 25 2026, 02:27 AM