Generated on May 8, 2024 via pnpm

Npm

Home

express-microservice-starter 0.7.2

An express-based Node.js API bootstrapping module for microservices.

express

zookeeper

microservice

starter

zoologist

Package summary

issues

licenses

Package created

12 May 2015

Version published

7 Mar 2019

Maintainers

Total deps

298

Direct deps

License

ISC

Issues

4 critical severity issues

critical

mockery@1.7.0

mockery is vulnerable to prototype pollution

Recommendation: None

via: zoologist@0.5.9

underscore@1.4.4

Arbitrary Code Execution in underscore

Recommendation: Upgrade to version 1.12.1 or later

via: zoologist@0.5.9

requirefresh@1.1.2

Package has no specified license

Recommendation: Check the package code and files for license information

via: konfig@0.2.1

underscore@1.4.4

Package has no specified license

Recommendation: Check the package code and files for license information

via: zoologist@0.5.9

Collapse

Expand

16 high severity issues

high

is_js@0.9.0

is_js vulnerable to Regular Expression Denial of Service

Recommendation: None

via: request-ip@2.2.0

dicer@0.2.5

Crash in HeaderParser in dicer

Recommendation: None

via: swagger-tools@0.10.4

js-yaml@3.2.7

Code Injection in js-yaml

Recommendation: Upgrade to version 3.13.1 or later

via: konfig@0.2.1

qs@6.5.1

qs vulnerable to Prototype Pollution

Recommendation: Upgrade to version 6.5.3 or later

via: swagger-tools@0.10.4

esprima@2.0.0

Package uses an invalid SPDX license ("BSD")

Recommendation: Validate that the package complies with your license policy

via: konfig@0.2.1

express-enrouten@1.3.0

Package uses an invalid SPDX license ("Apache 2.0")

Recommendation: Validate that the package complies with your license policy

via: express-enrouten@1.3.0

coffee-script@1.12.7

Deprecated package

via: konfig@0.2.1

coffee-script@1.9.3

Deprecated package

via: konfig@0.2.1

core-js@2.6.12

Deprecated package

via: swagger-tools@0.10.4

core-js@2.6.12

Package uses postinstall script: "node -e "try{require('./postinstall')}catch(e){}""

via: swagger-tools@0.10.4

dtrace-provider@0.8.8

Package uses install script: "node-gyp rebuild || node suppress-error.js"

via: bunyan@1.8.15 & others

formidable@1.2.6

Deprecated package

via: swagger-tools@0.10.4

multer@1.4.4

Deprecated package

via: swagger-tools@0.10.4

superagent@3.8.3

Deprecated package

via: swagger-tools@0.10.4

superagent@7.1.6

Deprecated package

via: swagger-tools@0.10.4

uuid@3.4.0

Deprecated package

via: uuid@3.4.0 & others

Collapse

Expand

3 moderate severity issues

moderate

js-yaml@3.2.7

Denial of Service in js-yaml

Recommendation: Upgrade to version 3.13.0 or later

via: konfig@0.2.1

validator@8.2.0

Inefficient Regular Expression Complexity in validator.js

Recommendation: Upgrade to version 13.7.0 or later

via: express-validator@4.3.0 & others

konfig@0.2.1

Package uses a problematic Weakly Protective license ("LGPL-3.0")

Recommendation: Validate that the package complies with your license policy

via: konfig@0.2.1

Collapse

Expand

3 low severity issues

low

esprima@2.0.0

Package uses a license that is not OSI approved ("BSD")

Recommendation: Read and validate the license terms

via: konfig@0.2.1

express-enrouten@1.3.0

Package uses a license that is not OSI approved ("Apache 2.0")

Recommendation: Read and validate the license terms

via: express-enrouten@1.3.0

konfig@0.2.1

Package uses a deprecated license ("LGPL-3.0")

via: konfig@0.2.1

Collapse

Expand

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

266 Packages, Including:

@types/body-parser@1.19.5

@types/connect@3.4.38

@types/express-serve-static-core@4.19.0

@types/express@4.0.39

@types/http-errors@2.0.4

@types/mime@1.3.5

@types/node@20.12.10

@types/qs@6.9.15

@types/range-parser@1.2.7

@types/send@0.17.4

@types/serve-static@1.15.7

accepts@1.3.8

address@1.2.2

append-field@1.0.0

argparse@1.0.10

array-buffer-byte-length@1.0.1

array-flatten@1.1.1

arraybuffer.prototype.slice@1.0.3

asap@2.0.6

async@0.2.10

async@0.9.2

async@2.6.4

asynckit@0.4.0

available-typed-arrays@1.0.7

balanced-match@1.0.2

bluebird@2.11.0

bluebird@3.7.2

body-parser@1.18.2

body-parser@1.20.2

brace-expansion@1.1.11

buffer-from@1.1.2

bunyan@1.8.15

busboy@0.2.14

bytes@3.0.0

bytes@3.1.2

call-bind@1.0.7

caller@1.0.1

coffee-script@1.12.7

coffee-script@1.9.3

combined-stream@1.0.8

commander@2.11.0

commander@4.1.1

component-emitter@1.3.1

concat-map@0.0.1

concat-stream@1.6.2

content-disposition@0.5.4

content-type@1.0.5

cookie-signature@1.0.6

cookie@0.6.0

cookiejar@2.1.4

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

17 Packages, Including:

custom-error-generator@7.0.0

dezalgo@1.0.4

express-microservice-starter@0.7.2

glob@6.0.4

graceful-fs@4.2.11

inflight@1.0.6

inherits@2.0.3

inherits@2.0.4

minimatch@3.1.2

once@1.4.0

rimraf@2.4.5

semver@7.6.1

setprototypeof@1.0.3

setprototypeof@1.1.0

setprototypeof@1.2.0

wrappy@1.0.2

zoologist@0.5.9

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

5 Packages, Including:

cson-parser@1.3.5

qs@6.11.0

qs@6.12.1

qs@6.5.1

sprintf-js@1.0.3

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

4 Packages, Including:

dtrace-provider@0.8.8

esprima@4.0.1

memory-cache@0.1.6

uri-js@4.4.1

N/A

2 Packages, Including:

requirefresh@1.1.2

underscore@1.4.4

BSD

Invalid

Not OSI Approved

1 Packages, Including:

esprima@2.0.0

Apache 2.0

Invalid

Not OSI Approved

1 Packages, Including:

express-enrouten@1.3.0

GNU Lesser General Public License v3.0 only

Weakly Protective

OSI Approved

Deprecated

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

use-patent-claims

Cannot

sublicense

hold-liable

Must

include-original

state-changes

disclose-source

include-license

include-copyright

include-install-instructions

1 Packages, Including:

konfig@0.2.1

(WTFPL OR MIT)

Permissive

1 Packages, Including:

spark-md5@3.0.2

Direct Dependencies

All Dependencies CSV

ⓘ This is a list of express-microservice-starter 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
address	1.2.2	4.38 kB	MIT	prod
async	2.6.4	120.04 kB	MIT	prod
bluebird	3.7.2	136.03 kB	MIT	prod
body-parser	1.20.2	14.75 kB	MIT	prod
bunyan	1.8.15	58.89 kB	MIT	prod	1
caller	1.0.1	2.33 kB	MIT	prod
cors	2.8.5	6.03 kB	MIT	prod
express-cache-response-directive	1.1.0	4.92 kB	MIT	prod
express-enrouten	1.3.0	10.12 kB	Apache 2.0	prod	1 1
express-partial-response	0.3.4	2.48 kB	MIT	prod
express-validator	4.3.0	20.81 kB	MIT	prod	1
express	4.19.2	209.73 kB	MIT	prod
ip	1.1.9	15.09 kB	MIT	prod
konfig	0.2.1	4.53 kB	LGPL-3.0	prod	1 4 2 2
optional	0.1.4	1.45 kB	MIT	prod
request-ip	2.2.0	3.78 kB	MIT	prod	1
swagger-tools	0.10.4	585.82 kB	MIT	prod	8 1
uuid	3.4.0	11.87 kB	MIT	prod	1
vitalsigns	0.4.3	14.22 kB	MIT	prod
zoologist	0.5.9	21.52 kB	ISC	prod	3 2