node-gyp 3.4.0

Node.js native addon build tool

Repository

github.com/nodejs/node-gyp

npm

npmjs.com/package/node-gyp

Homepage

github.com/nodejs/node-gyp#readme

Package Created

5 Feb 2012

Maintainers

Version Published

28 Jun 2016

Dependencies

111

Total Versions

139

License

MIT

Issues

high 9 high severity issues

tar@2.2.2

Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization Recommendation: Upgrade to version 3.2.2 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning Recommendation: Upgrade to version 3.2.3 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.16 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite on Windows via insufficient relative path sanitization Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
tar@2.2.2

Arbitrary File Creation/Overwrite via insufficient symlink protection due to directory cache poisoning using symbolic links Recommendation: Upgrade to version 4.4.18 or later

via: tar@2.2.2
es5-ext@0.10.62

Package uses postinstall script: " node -e "try{require('./_postinstall')}catch(e){}" || exit 0"

via: path-array@1.0.1
request@2.88.2

Deprecated package

via: request@2.88.2
tar@2.2.2

Deprecated package

via: tar@2.2.2
uuid@3.4.0

Deprecated package

via: request@2.88.2

moderate one moderate severity issue

Server-Side Request Forgery in Request

Recommendation: None

request@2.88.2 via: request@2.88.2

https://github.com/advisories/GHSA-p8p7-x288-28g6

Licenses

MIT License

Permissive OSI Approved

Can: commercial-use modify distribute sublicense private-use

Cannot: hold-liable

Must: include-copyright include-license

ajv@6.12.6 ansi-regex@2.1.1 array-index@1.0.0 asn1@0.2.6 assert-plus@1.0.0 asynckit@0.4.0 aws4@1.12.0 balanced-match@1.0.2 brace-expansion@1.1.11 code-point-at@1.1.0 combined-stream@1.0.8 concat-map@0.0.1 core-util-is@1.0.2 core-util-is@1.0.3 dashdash@1.14.1 debug@2.6.9 delayed-stream@1.0.0 delegates@1.0.0 ecc-jsbn@0.1.2 es6-iterator@2.0.3 extend@3.0.2 extsprintf@1.3.0 fast-deep-equal@3.1.3 fast-json-stable-stringify@2.1.0 form-data@2.3.3 getpass@0.1.7 har-validator@5.1.5 has-color@0.1.7 http-signature@1.2.0 is-fullwidth-code-point@1.0.0 is-typedarray@1.0.0 isarray@1.0.0 isstream@0.1.2 jsbn@0.1.1 json-schema-traverse@0.4.1 jsprim@1.4.2 mime-db@1.52.0 mime-types@2.1.35 minimist@1.2.8 mkdirp@0.5.6 ms@2.0.0 node-gyp@3.4.0 number-is-nan@1.0.1 object-assign@4.1.1 os-homedir@1.0.2 os-tmpdir@1.0.2 path-array@1.0.1 path-is-absolute@1.0.1 performance-now@2.1.0 process-nextick-args@2.0.1 psl@1.9.0 punycode@2.3.0 readable-stream@2.3.8 safe-buffer@5.1.2 safe-buffer@5.2.1 safer-buffer@2.1.2 sshpk@1.17.0 string-width@1.0.2 string_decoder@1.1.1 strip-ansi@3.0.1 util-deprecate@1.0.2 uuid@3.4.0 verror@1.10.0

ISC License

Permissive OSI Approved

Can: commercial-use modify distribute

Cannot: hold-liable

Must: include-copyright include-license

abbrev@1.1.1 aproba@1.2.0 are-we-there-yet@1.1.7 block-stream@0.0.9 console-control-strings@1.1.0 d@1.0.1 es5-ext@0.10.62 es6-symbol@3.1.3 ext@1.7.0 fs.realpath@1.0.0 fstream@1.0.12 gauge@2.6.0 glob@7.2.3 graceful-fs@4.2.11 har-schema@2.0.0 has-unicode@2.0.1 inflight@1.0.6 inherits@2.0.4 isexe@2.0.0 json-stringify-safe@5.0.1 minimatch@3.1.2 next-tick@1.1.0 nopt@3.0.6 npmlog@3.1.2 once@1.4.0 osenv@0.1.5 rimraf@2.7.1 semver@5.7.1 set-blocking@2.0.0 signal-exit@3.0.7 tar@2.2.2 type@1.2.0 type@2.7.2 which@1.3.1 wide-align@1.1.5 wrappy@1.0.2

Apache License 2.0

Permissive OSI Approved

Can: commercial-use modify distribute sublicense private-use use-patent-claims place-warranty

Cannot: hold-liable use-trademark

Must: include-copyright include-license state-changes include-notice

aws-sign2@0.7.0 caseless@0.12.0 forever-agent@0.6.1 oauth-sign@0.9.0 request@2.88.2 tunnel-agent@0.6.0

BSD 3-Clause "New" or "Revised" License

Permissive OSI Approved

Can: commercial-use modify distribute place-warranty

Cannot: use-trademark hold-liable

Must: include-copyright include-license

bcrypt-pbkdf@1.0.2 qs@6.5.3 tough-cookie@2.5.0

(AFL-2.1 OR BSD-3-Clause)

Permissive

json-schema@0.4.0

The Unlicense

Public Domain OSI Approved

Can: commercial-use private-use modify

Cannot: include-copyright hold-liable

Must:

tweetnacl@0.14.5

BSD 2-Clause "Simplified" License

Permissive OSI Approved

Can: commercial-use modify distribute place-warranty

Cannot: hold-liable

Must: include-copyright include-license

uri-js@4.4.1

Dependencies

111

Get CSV

Name	Version	Size	License	Type	Vulnerabilities
abbrev	1.1.1	2.25 kB	ISC	prod
ajv	6.12.6	197.63 kB	MIT	prod
ansi-regex	2.1.1	2.29 kB	MIT	prod
aproba	1.2.0	3.44 kB	ISC	prod
are-we-there-yet	1.1.7	5.11 kB	ISC	prod
array-index	1.0.0	5.52 kB	MIT	prod	1
asn1	0.2.6	5.84 kB	MIT	prod
assert-plus	1.0.0	3.85 kB	MIT	prod
asynckit	0.4.0	7.92 kB	MIT	prod
aws-sign2	0.7.0	5.04 kB	Apache-2.0	prod
aws4	1.12.0	8.06 kB	MIT	prod
balanced-match	1.0.2	2.61 kB	MIT	prod
bcrypt-pbkdf	1.0.2	10.85 kB	BSD-3-Clause	prod
block-stream	0.0.9	3.64 kB	ISC	prod
brace-expansion	1.1.11	4.14 kB	MIT	prod
caseless	0.12.0	5.2 kB	Apache-2.0	prod
code-point-at	1.1.0	1.73 kB	MIT	prod
combined-stream	1.0.8	3.97 kB	MIT	prod
concat-map	0.0.1	2.21 kB	MIT	prod
console-control-strings	1.1.0	3.26 kB	ISC	prod
core-util-is	1.0.2	6.85 kB	MIT	prod
core-util-is	1.0.3	1.85 kB	MIT	prod
d	1.0.1	6.28 kB	ISC	prod	1
dashdash	1.14.1	22.99 kB	MIT	prod
debug	2.6.9	16.13 kB	MIT	prod
delayed-stream	1.0.0	3.38 kB	MIT	prod
delegates	1.0.0	2.78 kB	MIT	prod
ecc-jsbn	0.1.2	7.91 kB	MIT	prod
es5-ext	0.10.62	92.79 kB	ISC	prod	1
es6-iterator	2.0.3	8.07 kB	MIT	prod
es6-symbol	3.1.3	7.21 kB	ISC	prod	1
ext	1.7.0	8.35 kB	ISC	prod
extend	3.0.2	7.09 kB	MIT	prod
extsprintf	1.3.0	8.8 kB	MIT	prod
fast-deep-equal	3.1.3	3.57 kB	MIT	prod
fast-json-stable-stringify	2.1.0	6.17 kB	MIT	prod
forever-agent	0.6.1	4.92 kB	Apache-2.0	prod
form-data	2.3.3	33.47 kB	MIT	prod
fs.realpath	1.0.0	4.33 kB	ISC	prod
fstream	1.0.12	16.61 kB	ISC	prod
gauge	2.6.0	20.13 kB	ISC	prod
getpass	0.1.7	2.54 kB	MIT	prod
glob	7.2.3	15.08 kB	ISC	prod
graceful-fs	4.2.11	9.57 kB	ISC	prod
har-schema	2.0.0	3.54 kB	ISC	prod
har-validator	5.1.5	2.54 kB	MIT	prod
has-color	0.1.7	986 B	MIT	prod
has-unicode	2.0.1	1.92 kB	ISC	prod
http-signature	1.2.0	14.85 kB	MIT	prod
inflight	1.0.6	1.99 kB	ISC	prod
inherits	2.0.4	1.98 kB	ISC	prod
is-fullwidth-code-point	1.0.0	2.07 kB	MIT	prod
is-typedarray	1.0.0	1.84 kB	MIT	prod
isarray	1.0.0	1.97 kB	MIT	prod
isexe	2.0.0	3.67 kB	ISC	prod
isstream	0.1.2	3.67 kB	MIT	prod
jsbn	0.1.1	13.39 kB	MIT	prod
json-schema-traverse	0.4.1	5.02 kB	MIT	prod
json-schema	0.4.0	8.73 kB	(AFL-2.1 OR BSD-3-Clause)	prod
json-stringify-safe	5.0.1	3.92 kB	ISC	prod
jsprim	1.4.2	10.63 kB	MIT	prod
mime-db	1.52.0	26.36 kB	MIT	prod
mime-types	2.1.35	5.46 kB	MIT	prod
minimatch	3.1.2	11.66 kB	ISC	prod
minimist	1.2.8	15.16 kB	MIT	prod
mkdirp	0.5.6	2.95 kB	MIT	prod
ms	2.0.0	2.81 kB	MIT	prod
next-tick	1.1.0	3.67 kB	ISC	prod
node-gyp	3.4.0	394.7 kB	MIT	prod
nopt	3.0.6	10.07 kB	ISC	prod
npmlog	3.1.2	6.08 kB	ISC	prod
number-is-nan	1.0.1	1.43 kB	MIT	prod
oauth-sign	0.9.0	5.07 kB	Apache-2.0	prod
object-assign	4.1.1	2.61 kB	MIT	prod
once	1.4.0	1.93 kB	ISC	prod
os-homedir	1.0.2	1.72 kB	MIT	prod
os-tmpdir	1.0.2	1.75 kB	MIT	prod
osenv	0.1.5	2.25 kB	ISC	prod
path-array	1.0.1	3.9 kB	MIT	prod	1
path-is-absolute	1.0.1	1.84 kB	MIT	prod
performance-now	2.1.0	4.46 kB	MIT	prod
process-nextick-args	2.0.1	1.62 kB	MIT	prod
psl	1.9.0	139.49 kB	MIT	prod
punycode	2.3.0	7.21 kB	MIT	prod
qs	6.5.3	27.47 kB	BSD-3-Clause	prod
readable-stream	2.3.8	25.14 kB	MIT	prod
request	2.88.2	57.83 kB	Apache-2.0	prod	21
rimraf	2.7.1	5.53 kB	ISC	prod
safe-buffer	5.1.2	9.59 kB	MIT	prod
safe-buffer	5.2.1	9.74 kB	MIT	prod
safer-buffer	2.1.2	11.75 kB	MIT	prod
semver	5.7.1	17.13 kB	ISC	prod
set-blocking	2.0.0	2.16 kB	ISC	prod
signal-exit	3.0.7	3.76 kB	ISC	prod
sshpk	1.17.0	54.41 kB	MIT	prod
string-width	1.0.2	2.03 kB	MIT	prod
string_decoder	1.1.1	4.72 kB	MIT	prod
strip-ansi	3.0.1	1.69 kB	MIT	prod
tar	2.2.2	211.58 kB	ISC	prod	6
tough-cookie	2.5.0	23.87 kB	BSD-3-Clause	prod
tunnel-agent	0.6.0	5.69 kB	Apache-2.0	prod
tweetnacl	0.14.5	48.5 kB	Unlicense	prod
type	1.2.0	17.68 kB	ISC	prod
type	2.7.2	19.86 kB	ISC	prod
uri-js	4.4.1	128.91 kB	BSD-2-Clause	prod
util-deprecate	1.0.2	2.19 kB	MIT	prod
uuid	3.4.0	11.87 kB	MIT	prod	1
verror	1.10.0	11.99 kB	MIT	prod
which	1.3.1	4.08 kB	ISC	prod
wide-align	1.1.5	1.95 kB	ISC	prod
wrappy	1.0.2	1.64 kB	ISC	prod

node-gyp 3.4.0

Issues

high 9 high severity issues

moderate one moderate severity issue

Licenses

MIT License

ISC License

Apache License 2.0

BSD 3-Clause "New" or "Revised" License

(AFL-2.1 OR BSD-3-Clause)

The Unlicense

BSD 2-Clause "Simplified" License

Dependencies

Get real-time protection against malicious scripts