lib/PublicInbox/SolverGit.pm | 13 +++++++------
 lib/PublicInbox/ViewDiff.pm  |  6 +++---

diff --git a/lib/PublicInbox/SolverGit.pm b/lib/PublicInbox/SolverGit.pm
index 34669dbeeaf97f6c706c7734318b48334647fbbc..f881e16e41c89cfdd74515401ad2b164394dde22 100644
--- a/lib/PublicInbox/SolverGit.pm
+++ b/lib/PublicInbox/SolverGit.pm
@@ -34,6 +34,12 @@ # is otherwise unaffected by having many patches, here, as it can share
 # work fairly.  Other PSGI servers may have trouble, though.
 my $MAX_PATCH = 9999;
 
+my $LF = qr!\r?\n!;
+my $ANY = qr![^\r\n]+!;
+my $MODE = '100644|120000|100755';
+my $FN = qr!(?:("?[^/\n]+/[^\r\n]+)|/dev/null)!;
+my %BAD_COMPONENT = ('' => 1, '.' => 1, '..' => 1);
+
 # di = diff info / a hashref with information about a diff ($di):
 # {
 #	oid_a => abbreviated pre-image oid,
@@ -110,10 +116,6 @@ 	if ($cte =~ /\bquoted-printable\b/i && $part->crlf eq "\n") {
 		$s =~ s/\r\n/\n/sg;
 	}
 
-	state $LF = qr!\r?\n!;
-	state $ANY = qr![^\r\n]+!;
-	state $MODE = '100644|120000|100755';
-	state $FN = qr!(?:("?[^/\n]+/[^\r\n]+)|/dev/null)!;
 
 	$s =~ m!( # $1 start header lines we save for debugging:
 
@@ -174,8 +176,7 @@ 	my (undef, @b) = split(m{/}, git_unquote($path_b));
 
 	# get rid of path-traversal attempts and junk patches:
 	# it's junk at best, an attack attempt at worse:
-	state $bad_component = { map { $_ => 1 } ('', '.', '..') };
-	foreach (@a, @b) { return if $bad_component->{$_} }
+	foreach (@a, @b) { return if $BAD_COMPONENT{$_} }
 
 	$di->{path_a} = join('/', @a) if @a;
 	$di->{path_b} = join('/', @b);
diff --git a/lib/PublicInbox/ViewDiff.pm b/lib/PublicInbox/ViewDiff.pm
index 0f5c0e4e6128006e738620fe1f2b404a1e1b0e9f..57a1b5d66dd9dda27de87c3106da22fb3f385355 100644
--- a/lib/PublicInbox/ViewDiff.pm
+++ b/lib/PublicInbox/ViewDiff.pm
@@ -20,6 +20,9 @@ sub UNSAFE () { "^A-Za-z0-9\-\._~/" }
 
 my $OID_NULL = '0{7,40}';
 my $OID_BLOB = '[a-f0-9]{7,40}';
+my $LF = qr!\n!;
+my $ANY = qr![^\n]!;
+my $FN = qr!(?:"?[^/\n]+/[^\n]+|/dev/null)!;
 
 # cf. git diff.c :: get_compact_summary
 my $DIFFSTAT_COMMENT = qr/\((?:new|gone|(?:(?:new|mode) [\+\-][lx]))\)/;
@@ -170,9 +173,6 @@
 # callers must do CRLF => LF conversion before calling this
 sub flush_diff ($$$) {
 	my ($dst, $ctx, $cur) = @_;
-	state $LF = qr!\n!;
-	state $ANY = qr![^\n]!;
-	state $FN = qr!(?:"?[^/\n]+/[^\n]+|/dev/null)!;
 
 	my @top = split(/(
 		(?:	# begin header stuff, don't capture filenames, here,