Generated on Apr 29, 2024 via pnpm

Npm

Home

express-microservice-starter 0.6.1

An express-based Node.js API bootstrapping module for microservices.

express

zookeeper

microservice

starter

zoologist

Package summary

issues

licenses

Package created

12 May 2015

Version published

20 Oct 2017

Maintainers

Total deps

122

Direct deps

License

ISC

Issues

5 critical severity issues

critical

mockery@1.7.0

mockery is vulnerable to prototype pollution

Recommendation: None

via: zoologist@0.4.14

underscore@1.4.4

Arbitrary Code Execution in underscore

Recommendation: Upgrade to version 1.12.1 or later

via: zoologist@0.4.14

ip@0.3.2

Package has no specified license

Recommendation: Check the package code and files for license information

via: ip@0.3.2

requirefresh@1.1.2

Package has no specified license

Recommendation: Check the package code and files for license information

via: konfig@0.2.1

underscore@1.4.4

Package has no specified license

Recommendation: Check the package code and files for license information

via: zoologist@0.4.14

Collapse

Expand

11 high severity issues

high

js-yaml@3.2.7

Code Injection in js-yaml

Recommendation: Upgrade to version 3.13.1 or later

via: konfig@0.2.1

qs@6.5.1

qs vulnerable to Prototype Pollution

Recommendation: Upgrade to version 6.5.3 or later

via: body-parser@1.18.2 & others

esprima@2.0.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: konfig@0.2.1

express-enrouten@1.2.1

Package uses an invalid SPDX license ("Apache 2.0")

Recommendation: Validate that the package complies with your license policy

via: express-enrouten@1.2.1

jsonify@0.0.1

Package uses an invalid SPDX license ("Public Domain")

Recommendation: Validate that the package complies with your license policy

via: caller@1.0.0 & others

coffee-script@1.12.7

Deprecated package

via: konfig@0.2.1

coffee-script@1.9.3

Deprecated package

via: konfig@0.2.1

dtrace-provider@0.8.8

Package uses install script: "node-gyp rebuild || node suppress-error.js"

via: bunyan@1.8.12 & others

node-uuid@1.4.8

Deprecated package

via: zoologist@0.4.14

uuid@2.0.3

Deprecated package

via: zoologist@0.4.14

uuid@3.0.0

Deprecated package

via: uuid@3.0.0

Collapse

Expand

5 moderate severity issues

moderate

js-yaml@3.2.7

Denial of Service in js-yaml

Recommendation: Upgrade to version 3.13.0 or later

via: konfig@0.2.1

validator@6.1.0

Inefficient Regular Expression Complexity in validator.js

Recommendation: Upgrade to version 13.7.0 or later

via: express-validator@3.0.0

ip@0.3.2

NPM IP package incorrectly identifies some private IP addresses as public

Recommendation: Upgrade to version 1.1.9 or later

via: ip@0.3.2

express@4.16.2

Express.js Open Redirect in malformed URLs

Recommendation: Upgrade to version 4.19.2 or later

via: express@4.16.2

konfig@0.2.1

Package uses a problematic Weakly Protective license ("LGPL-3.0")

Recommendation: Validate that the package complies with your license policy

via: konfig@0.2.1

Collapse

Expand

4 low severity issues

low

esprima@2.0.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: konfig@0.2.1

express-enrouten@1.2.1

Package uses a license that is not OSI approved ("Apache 2.0")

Recommendation: Read and validate the license terms

via: express-enrouten@1.2.1

jsonify@0.0.1

Package uses a license that is not OSI approved ("Public Domain")

Recommendation: Read and validate the license terms

via: caller@1.0.0 & others

konfig@0.2.1

Package uses a deprecated license ("LGPL-3.0")

via: konfig@0.2.1

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

97 Packages, Including:

accepts@1.3.8

address@1.0.3

argparse@1.0.10

array-flatten@1.1.1

async@0.2.10

async@0.9.2

async@1.4.0

balanced-match@1.0.2

bluebird@2.9.34

bluebird@3.7.2

body-parser@1.18.2

brace-expansion@1.1.11

bunyan@1.8.12

bytes@3.0.0

caller@1.0.0

coffee-script@1.12.7

coffee-script@1.9.3

concat-map@0.0.1

content-disposition@0.5.2

content-type@1.0.5

cookie-signature@1.0.6

cookie@0.3.1

cors@2.7.1

cson@2.0.0

debug@2.6.9

debuglog@1.0.1

deep-equal@0.1.2

defined@0.0.0

depd@1.1.1

depd@1.1.2

destroy@1.0.4

ee-first@1.1.1

encodeurl@1.0.2

escape-html@1.0.3

etag@1.8.1

express-cache-response-directive@1.1.0

express-partial-response@0.3.4

express-validator@3.0.0

express@4.16.2

finalhandler@1.1.0

forwarded@0.2.0

fresh@0.5.2

http-errors@1.6.2

http-errors@1.6.3

iconv-lite@0.4.19

ipaddr.js@1.9.1

isarray@0.0.1

js-quantities@1.8.0

js-yaml@3.2.7

json-mask@0.3.2

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

14 Packages, Including:

custom-error-generator@7.0.0

express-microservice-starter@0.6.1

glob@6.0.4

graceful-fs@4.2.11

inflight@1.0.6

inherits@2.0.3

inherits@2.0.4

minimatch@3.1.2

once@1.4.0

rimraf@2.4.5

setprototypeof@1.0.3

setprototypeof@1.1.0

wrappy@1.0.2

zoologist@0.4.14

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

3 Packages, Including:

cson-parser@1.3.5

qs@6.5.1

sprintf-js@1.0.3

N/A

3 Packages, Including:

ip@0.3.2

requirefresh@1.1.2

underscore@1.4.4

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

1 Packages, Including:

dtrace-provider@0.8.8

BSD

Invalid

Not OSI Approved

1 Packages, Including:

esprima@2.0.0

Apache 2.0

Invalid

Not OSI Approved

1 Packages, Including:

express-enrouten@1.2.1

Public Domain

Invalid

Not OSI Approved

1 Packages, Including:

jsonify@0.0.1

GNU Lesser General Public License v3.0 only

Weakly Protective

OSI Approved

Deprecated

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

use-patent-claims

Cannot

sublicense

hold-liable

Must

include-original

state-changes

disclose-source

include-license

include-copyright

include-install-instructions

1 Packages, Including:

konfig@0.2.1

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of express-microservice-starter 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
address	1.0.3	4.29 kB	MIT	prod
async	1.4.0	25.76 kB	MIT	prod
bluebird	2.9.34	98.24 kB	MIT	prod
body-parser	1.18.2	13.3 kB	MIT	prod	1
bunyan	1.8.12	265.05 kB	MIT	prod	1
caller	1.0.0	3.13 kB	MIT	prod	1 1
cors	2.7.1	9.58 kB	MIT	prod
express-cache-response-directive	1.1.0	4.92 kB	MIT	prod
express-enrouten	1.2.1	9.88 kB	Apache 2.0	prod	2 2
express-partial-response	0.3.4	2.48 kB	MIT	prod
express-validator	3.0.0	49.84 kB	MIT	prod	1
express	4.16.2	52.78 kB	MIT	prod	1 1
ip	0.3.2	6.26 kB	UNKNOWN	prod	1 1
konfig	0.2.1	4.53 kB	LGPL-3.0	prod	1 4 2 2
optional	0.1.3	1.44 kB	MIT	prod
uuid	3.0.0	6.72 kB	MIT	prod	1
vitalsigns	0.4.3	14.22 kB	MIT	prod
zoologist	0.4.14	7.63 kB	ISC	prod	3 3