Generated on May 18, 2024 via pnpm

frontail 4.9.2

streaming logs to the browser

Package summary

24

issues

8

licenses

Package created

4 Apr 2012

Version published

17 Feb 2021

Maintainers

1

Total deps

150

Direct deps

18

License

MIT

Issues

24

9 critical severity issues

xmlhttprequest-ssl@1.5.5

xmlhttprequest and xmlhttprequest-ssl vulnerable to Arbitrary Code Injection

Recommendation: Upgrade to version 1.6.2 or later

via: socket.io@2.3.0

xmlhttprequest-ssl@1.5.5

Improper Certificate Validation in xmlhttprequest-ssl

Recommendation: Upgrade to version 1.6.1 or later

via: socket.io@2.3.0

better-assert@1.0.2

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

callsite@1.0.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

component-bind@1.0.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

component-inherit@0.0.3

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

cookie@0.1.0

Package has no specified license

Recommendation: Check the package code and files for license information

via: cookie@0.1.0

indexof@0.0.1

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

object-component@0.0.3

Package has no specified license

Recommendation: Check the package code and files for license information

via: socket.io@2.3.0

5 high severity issues

engine.io@3.4.2

Resource exhaustion in engine.io

Recommendation: Upgrade to version 3.6.0 or later

via: socket.io@2.3.0

debug@4.1.1

Deprecated package

via: socket.io@2.3.0

har-validator@5.1.5

Deprecated package

via: universal-analytics@0.4.23

request@2.88.2

Deprecated package

via: universal-analytics@0.4.23

uuid@3.3.2

Deprecated package

via: universal-analytics@0.4.23 & others

9 moderate severity issues

engine.io@3.4.2

Uncaught exception in engine.io

Recommendation: Upgrade to version 3.6.1 or later

via: socket.io@2.3.0

ws@6.1.4

ReDoS in Sec-Websocket-Protocol header

Recommendation: Upgrade to version 6.2.2 or later

via: socket.io@2.3.0

socket.io@2.3.0

CORS misconfiguration in socket.io

Recommendation: Upgrade to version 2.4.0 or later

via: socket.io@2.3.0

tough-cookie@2.5.0

tough-cookie Prototype Pollution vulnerability

Recommendation: Upgrade to version 4.1.3 or later

via: universal-analytics@0.4.23

request@2.88.2

Server-Side Request Forgery in Request

Recommendation: None

via: universal-analytics@0.4.23

callsite@1.0.0

Package has no specified source code repository

via: socket.io@2.3.0

has-binary2@1.0.3

Package has no specified source code repository

via: socket.io@2.3.0

indexof@0.0.1

Package has no specified source code repository

via: socket.io@2.3.0

object-component@0.0.3

Package has no specified source code repository

via: socket.io@2.3.0

1 low severity issue

debug@4.1.1

Regular Expression Denial of Service in debug

Recommendation: Upgrade to version 4.3.1 or later

via: socket.io@2.3.0

Licenses

MIT License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

Cannot

hold-liable

Must

include-copyright

include-license

120 Packages, Including:

CBuffer@0.1.4

accepts@1.3.8

after@0.8.2

ajv@6.12.6

arraybuffer.slice@0.0.7

asn1@0.2.6

assert-plus@1.0.0

async-limiter@1.0.1

asynckit@0.4.0

aws4@1.12.0

backo2@1.0.2

base64-arraybuffer@0.1.4

base64-arraybuffer@0.1.5

base64id@2.0.0

basic-auth-connect@1.0.0

blob@0.0.5

byline@5.0.0

combined-stream@1.0.8

command-exists@1.2.8

commander@3.0.1

component-emitter@1.2.1

component-emitter@1.3.1

connect@3.7.0

cookie-parser@1.4.5

cookie-signature@1.0.6

cookie@0.3.1

cookie@0.4.0

core-util-is@1.0.2

crc@3.4.4

crypto-random-string@1.0.0

daemon-fix41@1.1.2

dashdash@1.14.1

debug@2.6.9

debug@3.1.0

debug@4.1.1

debug@4.3.4

delayed-stream@1.0.0

depd@1.1.2

destroy@1.0.4

dot-prop@4.2.1

ecc-jsbn@0.1.2

ee-first@1.1.1

encodeurl@1.0.2

engine.io-client@3.4.4

engine.io-parser@2.2.1

engine.io@3.4.2

escape-html@1.0.3

etag@1.8.1

express-session@1.15.6

extend@3.0.2

ISC License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

Cannot

hold-liable

Must

include-copyright

include-license

9 Packages, Including:

graceful-fs@4.2.11

har-schema@2.0.0

inherits@2.0.4

json-stringify-safe@5.0.1

once@1.4.0

setprototypeof@1.1.1

signal-exit@3.0.7

wrappy@1.0.2

write-file-atomic@2.4.3

N/A

N/A

7 Packages, Including:

better-assert@1.0.2

callsite@1.0.0

component-bind@1.0.0

component-inherit@0.0.3

cookie@0.1.0

indexof@0.0.1

object-component@0.0.3

Apache License 2.0

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

sublicense

private-use

use-patent-claims

place-warranty

Cannot

hold-liable

use-trademark

Must

include-copyright

include-license

state-changes

include-notice

6 Packages, Including:

aws-sign2@0.7.0

caseless@0.12.0

forever-agent@0.6.1

oauth-sign@0.9.0

request@2.88.2

tunnel-agent@0.6.0

BSD 3-Clause "New" or "Revised" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

use-trademark

hold-liable

Must

include-copyright

include-license

4 Packages, Including:

bcrypt-pbkdf@1.0.2

fs-tail-stream@1.1.0

qs@6.5.3

tough-cookie@2.5.0

BSD 2-Clause "Simplified" License

Permissive

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

modify

distribute

place-warranty

Cannot

hold-liable

Must

include-copyright

include-license

2 Packages, Including:

configstore@4.0.0

uri-js@4.4.1

(AFL-2.1 OR BSD-3-Clause)

Permissive

1 Packages, Including:

json-schema@0.4.0

The Unlicense

Public Domain

OSI Approved

This is a human-readable summary of (and not a substitute for) the license. Disclaimer.

Can

commercial-use

private-use

modify

Cannot

include-copyright

hold-liable

Must

1 Packages, Including:

tweetnacl@0.14.5

Direct Dependencies

18

All Dependencies CSV

ⓘ This is a list of frontail 's direct dependencies. Data on all dependencies, including transitive ones, is available via CSV download.

Name	Version	Size	License	Type	Vulnerabilities
CBuffer	0.1.4	5.83 kB	MIT	prod
basic-auth-connect	1.0.0	2.77 kB	MIT	prod
byline	5.0.0	3.6 kB	MIT	prod
command-exists	1.2.8	3.8 kB	MIT	prod
commander	3.0.1	22.69 kB	MIT	prod
configstore	4.0.0	3.14 kB	BSD-2-Clause	prod
connect	3.7.0	26.84 kB	MIT	prod
cookie-parser	1.4.5	3.89 kB	MIT	prod
cookie	0.1.0	3.07 kB	UNKNOWN	prod	1
daemon-fix41	1.1.2	3.65 kB	MIT	prod
express-session	1.15.6	20.99 kB	MIT	prod
fs-tail-stream	1.1.0	13.96 kB	BSD-3-Clause	prod
is-docker	1.1.0	1.53 kB	MIT	prod
serve-static	1.14.1	8.32 kB	MIT	prod
socket.io	2.3.0	13.38 kB	MIT	prod	8 2 7 1
universal-analytics	0.4.23	25.02 kB	MIT	prod	3 2
untildify	3.0.2	1.58 kB	MIT	prod
uuid	3.3.2	12.61 kB	MIT	prod	1

Recent Versions