Home
Docs
GitHub
Pricing
Blog
Log In

Run Sandworm Audit for your App

Get started
Hold on, we're currently generating a fresh version of this report
Generated on May 3, 2024 via pnpm

express 4.16.2

Fast, unopinionated, minimalist web framework
Package summary
Share
3
issues
1
high severity
vulnerability
1
2
moderate severity
vulnerability
2
3
licenses
47
MIT
3
ISC
1
BSD-3-Clause
Package created
29 Dec 2010
Version published
10 Oct 2017
Maintainers
2
Total deps
51
Direct deps
30
License
MIT

Issues

3

1 high severity issue

high
Recommendation: Upgrade to version 6.5.3 or later
via: body-parser@1.18.2 & others
Collapse
Expand

2 moderate severity issues

moderate
Recommendation: Upgrade to version 4.19.2 or later
via: express@4.16.2
Recommendation: Upgrade to version 4.19.2 or later
via: express@4.16.2
Collapse
Expand

Licenses

MIT License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
sublicense
private-use
Cannot
hold-liable
Must
include-copyright
include-license
47 Packages, Including:
accepts@1.3.8
array-flatten@1.1.1
body-parser@1.18.2
bytes@3.0.0
content-disposition@0.5.2
content-type@1.0.5
cookie-signature@1.0.6
cookie@0.3.1
debug@2.6.9
depd@1.1.1
depd@1.1.2
destroy@1.0.4
ee-first@1.1.1
encodeurl@1.0.2
escape-html@1.0.3
etag@1.8.1
express@4.16.2
finalhandler@1.1.0
forwarded@0.2.0
fresh@0.5.2
http-errors@1.6.2
http-errors@1.6.3
iconv-lite@0.4.19
ipaddr.js@1.9.1
media-typer@0.3.0
merge-descriptors@1.0.1
methods@1.1.2
mime-db@1.52.0
mime-types@2.1.35
mime@1.4.1
ms@2.0.0
negotiator@0.6.3
on-finished@2.3.0
parseurl@1.3.3
path-to-regexp@0.1.7
proxy-addr@2.0.7
range-parser@1.2.1
raw-body@2.3.2
safe-buffer@5.1.1
send@0.16.1
serve-static@1.13.1
statuses@1.3.1
statuses@1.5.0
type-is@1.6.18
unpipe@1.0.0
utils-merge@1.0.1
vary@1.1.2

ISC License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
Cannot
hold-liable
Must
include-copyright
include-license
3 Packages, Including:
inherits@2.0.3
setprototypeof@1.0.3
setprototypeof@1.1.0

BSD 3-Clause "New" or "Revised" License

Permissive
OSI Approved
This is a human-readable summary of (and not a substitute for) the license. Disclaimer.
Can
commercial-use
modify
distribute
place-warranty
Cannot
use-trademark
hold-liable
Must
include-copyright
include-license
1 Packages, Including:
qs@6.5.1
Disclaimer

This deed highlights only some of the key features and terms of the actual license. It is not a license and has no legal value. You should carefully review all of the terms and conditions of the actual license before using the licensed material.

Sandworm is not a law firm and does not provide legal services. Distributing, displaying, or linking to this deed or the license that it summarizes does not create a lawyer-client or any other relationship.

Direct Dependencies

30
All Dependencies CSV
β“˜ This is a list of express 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.
NameVersionSizeLicenseTypeVulnerabilities
accepts1.3.85.28 kBMIT
prod
array-flatten1.1.11.95 kBMIT
prod
body-parser1.18.213.3 kBMIT
prod
1
content-disposition0.5.26.47 kBMIT
prod
content-type1.0.53.82 kBMIT
prod
cookie-signature1.0.62.06 kBMIT
prod
cookie0.3.15.83 kBMIT
prod
debug2.6.916.13 kBMIT
prod
depd1.1.28.81 kBMIT
prod
encodeurl1.0.23.18 kBMIT
prod
escape-html1.0.31.87 kBMIT
prod
etag1.8.14.28 kBMIT
prod
finalhandler1.1.05.72 kBMIT
prod
fresh0.5.24.13 kBMIT
prod
merge-descriptors1.0.12.26 kBMIT
prod
methods1.1.22.42 kBMIT
prod
on-finished2.3.04.45 kBMIT
prod
parseurl1.3.33.86 kBMIT
prod
path-to-regexp0.1.73.19 kBMIT
prod
proxy-addr2.0.75.37 kBMIT
prod
qs6.5.121.66 kBBSD-3-Clause
prod
1
range-parser1.2.13.52 kBMIT
prod
safe-buffer5.1.18.64 kBMIT
prod
send0.16.115.34 kBMIT
prod
serve-static1.13.19.02 kBMIT
prod
setprototypeof1.1.01.39 kBISC
prod
statuses1.3.14.06 kBMIT
prod
type-is1.6.185.73 kBMIT
prod
utils-merge1.0.11.91 kBMIT
prod
vary1.1.23.68 kBMIT
prod

Visualizations

Frequently Asked Questions

What does express do?

Express.js is a fast, unopinionated, and minimalist web development framework for Node.js. It's renowned for its robust routing and focus on high performance. Express doesn't enforce a specific ORM or template engine, making it an excellent solution for creating single page applications, websites, hybrids, or public HTTP APIs. This flexibility is further enhanced by support for over 14 template engines via Consolidate.js. In addition, Express provides a suite of HTTP utilities and middleware to help build scalable applications with ease.

How do you use express?

To use Express.js, you'll first need to download and install Node.js versions of 0.10 or higher. You can install Express in your Node.js modules using npm with the npm install express command.

Here's an example of how to create a basic Express application:

const express = require('express')
const app = express()

app.get('/', function (req, res) {
  res.send('Hello World')
})

app.listen(3000)

This creates an Express application that listens on port 3000, and responds with 'Hello World' for requests to the root URL (/) or route.

To quickly get started with Express, you could use the executable express(1) to generate an application skeleton by using the command npm install -g express-generator@4, create the app with express /tmp/foo && cd /tmp/foo, install dependencies with npm install and start the server with npm start.

Where are the express docs?

The official Express documentation, which includes a comprehensive guide to getting started, API references, and a variety of other resources, can be found on the Express.js website. The website repository is available on GitHub for those interested in contributing to the Express documentation. You could also engage with the Express community via Libera Chat IRC, Google Group or use Gitter for support and discussion.