five-server icon indicating copy to clipboard operation
five-server copied to clipboard
verified publisher icon yandeu

Vulnerability with 0.4.4

Open joyheron opened this issue 3 months ago • 1 comments

Describe the bug When I install five-server, I'm getting 4 "low" vulnerabilities, which seem to be from the express6 package. It seems like that was already fixed in this commit: https://github.com/yandeu/five-server/commit/040d95022ad209387d5f02258bd280f1418949bd so maybe it just needs a new version to be released so that the vulnerability would go away in my repository?

joyheron avatar Sep 16 '25 15:09 joyheron

Yes, a new release would solve this issues.

Five-server has many "vulnerabilities." GitHub, for example, reports many security issues, but I need the user to be able to change critical stuff about the server, since this is the whole point of a development server. So in a development environment this should all fine.

yandeu avatar Sep 16 '25 16:09 yandeu