Generated on Feb 14, 2024 via pnpm

Npm

Home

@pm2/io 4.3.5

PM2.io NodeJS APM

Package summary

issues

licenses

Package created

17 May 2018

Version published

22 Apr 2020

Maintainers

Total deps

Direct deps

License

Apache-2

Issues

1 critical severity issue

critical

netmask@1.0.6

Improper parsing of octal bytes in netmask

Recommendation: Upgrade to version 1.1.0 or later

via: @pm2/agent-node@1.1.10

Collapse

Expand

6 high severity issues

high

pac-resolver@3.0.0

Code Injection in pac-resolver

Recommendation: Upgrade to version 5.0.0 or later

via: @pm2/agent-node@1.1.10

degenerator@1.0.4

Code Injection in pac-resolver

Recommendation: Upgrade to version 3.0.1 or later

via: @pm2/agent-node@1.1.10

ip@1.1.8

NPM IP package vulnerable to Server-Side Request Forgery (SSRF) attacks

Recommendation: None

via: @pm2/agent-node@1.1.10

@pm2/io@4.3.5

Package uses an invalid SPDX license ("Apache-2")

Recommendation: Validate that the package complies with your license policy

via: @pm2/io@4.3.5

debug@4.1.1

Deprecated package

via: @pm2/agent-node@1.1.10 & others

uuid@3.4.0

Deprecated package

via: @opencensus/core@0.0.9 & others

Collapse

Expand

3 moderate severity issues

moderate

netmask@1.0.6

netmask npm package mishandles octal input data

Recommendation: Upgrade to version 2.0.1 or later

via: @pm2/agent-node@1.1.10

debug@4.1.1

Regular Expression Denial of Service in debug

Recommendation: Upgrade to version 4.3.1 or later

via: @pm2/agent-node@1.1.10 & others

semver@6.3.0

semver vulnerable to Regular Expression Denial of Service

Recommendation: Upgrade to version 6.3.1 or later

via: semver@6.3.0

Collapse

Expand

1 low severity issue

low

@pm2/io@4.3.5

Package uses a license that is not OSI approved ("Apache-2")

Recommendation: Read and validate the license terms

via: @pm2/io@4.3.5

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

73 Packages, Including:

agent-base@4.2.1

agent-base@4.3.0

ast-types@0.14.2

async-limiter@1.0.1

async@2.6.4

bytes@3.1.2

co@4.6.0

core-util-is@1.0.3

data-uri-to-buffer@1.2.0

debug@2.6.9

debug@3.1.0

debug@3.2.7

debug@4.1.1

deep-is@0.1.4

degenerator@1.0.4

depd@2.0.0

es6-promise@4.2.8

es6-promisify@5.0.0

eventemitter2@5.0.1

eventemitter2@6.4.9

extend@3.0.2

fast-levenshtein@2.0.6

file-uri-to-path@1.0.0

ftp@0.3.10

function-bind@1.1.2

get-uri@2.0.4

hasown@2.0.1

http-errors@2.0.0

http-proxy-agent@2.1.0

https-proxy-agent@3.0.1

iconv-lite@0.4.24

ip@1.1.5

ip@1.1.8

is-core-module@2.13.1

isarray@0.0.1

isarray@1.0.0

levn@0.3.0

lodash@4.17.21

module-details-from-path@1.0.3

ms@2.0.0

ms@2.1.3

netmask@1.0.6

optionator@0.8.3

pac-proxy-agent@3.0.1

pac-resolver@3.0.0

path-parse@1.0.7

prelude-ls@1.1.2

process-nextick-args@2.0.1

proxy-agent@3.1.1

proxy-from-env@1.1.0

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

9 Packages, Including:

@pm2/agent-node@1.1.10

inherits@2.0.4

log-driver@1.2.7

lru-cache@5.1.1

semver@5.7.2

semver@6.3.0

setprototypeof@1.2.0

signal-exit@3.0.7

yallist@3.1.1

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

9 Packages, Including:

async-listener@0.6.10

continuation-local-storage@3.2.1

emitter-listener@1.1.2

escodegen@1.14.3

esprima@3.1.3

esprima@4.0.1

estraverse@4.3.0

esutils@2.0.3

shimmer@1.2.1

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

4 Packages, Including:

@opencensus/core@0.0.8

@opencensus/core@0.0.9

@opencensus/propagation-b3@0.0.8

tslib@1.9.3

Apache-2

Invalid

Not OSI Approved

1 Packages, Including:

@pm2/io@4.3.5

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

source-map@0.6.1

BSD Zero Clause License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

include-copyright

include-license

include-original

Cannot

hold-liable

Must

1 Packages, Including:

tslib@2.6.2

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of @pm2/io 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
@opencensus/core	0.0.9	47.38 kB	Apache-2.0	prod	1
@opencensus/propagation-b3	0.0.8	6.16 kB	Apache-2.0	prod	1
@pm2/agent-node	1.1.10	30.96 kB	ISC	prod	1 4 2
async	2.6.4	120.04 kB	MIT	prod
debug	4.1.1	21.26 kB	MIT	prod	1 1
eventemitter2	6.4.9	18.67 kB	MIT	prod
require-in-the-middle	5.2.0	4.5 kB	MIT	prod	1 1
semver	6.3.0	18.48 kB	ISC	prod	1
shimmer	1.2.1	5.04 kB	BSD-2-Clause	prod
signal-exit	3.0.7	3.76 kB	ISC	prod
tslib	1.9.3	13.98 kB	Apache-2.0	prod