Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Generated on Feb 23, 2024 via pnpm

everyauth 0.4.9

Auth solution (password, facebook, & more) for your node.js Connect & Express apps
Package summary
Share
26
issues
7
critical severity
vulnerability
2
license
5
13
high severity
vulnerability
7
license
1
meta
5
5
moderate severity
vulnerability
5
1
low severity
license
1
9
licenses
120
MIT
6
Apache-2.0
5
ISC
13
other licenses
N/A
5
BSD-3-Clause
4
(AFL-2.1 OR BSD-3-Clause)
1
BSD
1
+ 2 more
Package created
5 Apr 2011
Version published
17 Oct 2014
Maintainers
1
Total deps
144
Direct deps
8
License
UNKNOWN

Issues

26

7 critical severity issues

critical
Recommendation: Upgrade to version 1.9.1 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 0.2.4 or later
via: express@3.21.2
Recommendation: Check the package code and files for license information
via: debug@0.8.1
Recommendation: Check the package code and files for license information
via: everyauth@0.4.9
Recommendation: Check the package code and files for license information
via: connect@2.30.2 & others
Recommendation: Check the package code and files for license information
via: node-swt@0.1.1
Recommendation: Check the package code and files for license information
via: node-wsfederation@0.1.1
Collapse
Expand

13 high severity issues

high
Recommendation: Upgrade to version 6.0.4 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 2.0.0 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 0.6.1 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 0.5.2 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 1.4.1 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 2.6.9 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 6.2.4 or later
via: connect@2.30.2 & others
Recommendation: Validate that the package complies with your license policy
via: connect@2.30.2 & others
via: connect@2.30.2 & others
via: request@2.88.2
via: express@3.21.2
via: request@2.88.2
via: request@2.88.2
Collapse
Expand

5 moderate severity issues

moderate
Recommendation: None
via: request@2.88.2
Recommendation: Upgrade to version 2.6.9 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 2.0.0 or later
via: connect@2.30.2 & others
Recommendation: Upgrade to version 4.1.3 or later
via: request@2.88.2
Recommendation: Upgrade to version 0.2.1 or later
via: express@3.21.2
Collapse
Expand

1 low severity issue

low
Recommendation: Read and validate the license terms
via: connect@2.30.2 & others
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
120 Packages, Including:
accepts@1.2.13
accepts@1.3.8
ajv@6.12.6
asn1@0.2.6
assert-plus@1.0.0
asynckit@0.4.0
aws4@1.12.0
basic-auth-connect@1.0.0
basic-auth@1.0.4
batch@0.5.3
body-parser@1.13.3
bytes@2.1.0
bytes@2.4.0
combined-stream@1.0.8
commander@2.6.0
compressible@2.0.18
compression@1.5.2
connect-timeout@1.6.2
connect@2.30.2
content-disposition@0.5.0
content-type@1.0.5
cookie-parser@1.3.5
cookie-signature@1.0.6
cookie@0.1.3
core-util-is@1.0.2
core-util-is@1.0.3
crc@3.3.0
csrf@3.0.6
csurf@1.8.3
dashdash@1.14.1
debug@2.2.0
debug@2.6.9
delayed-stream@1.0.0
depd@1.0.1
depd@1.1.2
destroy@1.0.3
destroy@1.0.4
ecc-jsbn@0.1.2
ee-first@1.1.1
errorhandler@1.4.3
escape-html@1.0.2
escape-html@1.0.3
etag@1.7.0
express-session@1.11.3
express@3.21.2
extend@3.0.2
extsprintf@1.3.0
fast-deep-equal@3.1.3
fast-json-stable-stringify@2.1.0
finalhandler@0.4.0

Apache License 2.0

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
use-patent-claims
place-warranty
Cannot
hold-liable
use-trademark
Must
include-copyright
include-license
state-changes
include-notice
6 Packages, Including:
aws-sign2@0.7.0
caseless@0.12.0
forever-agent@0.6.1
oauth-sign@0.9.0
request@2.88.2
tunnel-agent@0.6.0

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
5 Packages, Including:
base64-url@1.2.1
har-schema@2.0.0
inherits@2.0.4
json-stringify-safe@5.0.1
sax@1.3.0

N/A

N/A
5 Packages, Including:
debug@0.8.1
everyauth@0.4.9
ms@0.7.1
node-swt@0.1.1
node-wsfederation@0.1.1

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
4 Packages, Including:
bcrypt-pbkdf@1.0.2
qs@4.0.0
qs@6.5.3
tough-cookie@2.5.0

(AFL-2.1 OR BSD-3-Clause)

Permissive
1 Packages, Including:
json-schema@0.4.0

BSD

Invalid
Not OSI Approved
1 Packages, Including:
stream-counter@0.2.0

The Unlicense

Public Domain
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
private-use
modify
Cannot
include-copyright
hold-liable
Must
1 Packages, Including:
tweetnacl@0.14.5

BSD 2-Clause "Simplified" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
uri-js@4.4.1
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

8
All Dependencies CSV
β“˜ This is a list of everyauth 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
connect2.30.236.18 kBMIT
prod
2
9
2
1
debug0.8.13.99 kBUNKNOWN
prod
1
1
1
express3.21.242.38 kBMIT
prod
3
10
3
1
node-swt0.1.110 kBUNKNOWN
prod
1
node-wsfederation0.1.110 kBUNKNOWN
prod
1
openid0.5.1328.29 kBMIT
prod
request2.88.257.83 kBApache-2.0
prod
3
2
xml2js0.6.2838.3 kBMIT
prod

Visualizations