High Prio Issues 2024-09

[KernelDeimos]

This is just a start - I need to update this more later.

TODO

• Close any issues that are already resolved, Close any PRs that aren't real contributions
• Ensure tests can run (right now it looks like they fail)
  • Added an issue for this: https://github.com/http-party/http-server/issues/892
• Resolve high-prio issues, merge high-prio PRs

PRs

• https://github.com/http-party/http-server/pull/282/files - highly requested feature, missing docs and test. Should be merged and an issue should be open for the docs.
  • also check #885 and #887, take the best of each
  • Should be merged before other PRs for header flags (#685 for example)
• https://github.com/http-party/http-server/pull/823/files - this should be verified; it definitely sucks when ports don't get closed

Nice to Have

• https://github.com/http-party/http-server/pull/294
• https://github.com/http-party/http-server/pull/439
• https://github.com/http-party/http-server/pull/827

[indexzero]

Adding my list of issues & PRs worthy for consideration:

Issues

• Replace union in favor of Node streams https://github.com/http-party/http-server/issues/483

Pull Requests

• Easy Docker usage https://github.com/http-party/http-server/issues/867, https://github.com/http-party/http-server/pull/790
• IPv6 compatible loopback https://github.com/http-party/http-server/pull/830
• Upgrading dependencies to latest modern versions: https://github.com/http-party/http-server/pull/846, #808, #875, #843

[KernelDeimos]

I just ran npm audit which updated some dependencies. All tests are still passing. Issue #860 turned out to be a false alarm. Any vulnerability that I know about is now therefore taken care of.

We could do a patch release on this alone before other changes go into main so that anyone configured to stay at the minor version gets a security update. Test coverage, while not perfect, is above 80% for most source files which seems to imply there's low risk of breaking changes, so I think we should do this.

[KernelDeimos]

I created a branch for v14.1.2 with the intention that it will only accept security-related fixes. This is my plan for the next three releases:

• v14.1.2; update anyone configured for patch updates with security fixes
• v14.2.0; update anyone configured for minor updates with stability improvements but no features
• v15.0.0; will have custom headers, basedir option, darkmode, etc