mauricio-molina
commented
1 year ago seconding this for resolving the security vulnerability
Open x20mar opened 2 years ago
mauricio-molina
commented
1 year ago seconding this for resolving the security vulnerability
sondreb
commented
1 year ago I'm fairly new to the koa-ecosystem and I'm looking around trying to find an static file package that is maintained and updated, everything I find is mostly forks and unmaintained for 4-8 years, including this one that is hosted on the official koajs org. The official website does not mention the word static either, at least some hints on where to look would be nice. I get that the packages (modules) are fairly small and focused, but just keeping dependencies fresh and maintained goes a long way improving trust.
I'd rather not go back to Express (used on and off since it was released), so I'll just use this module and hopefully it will be updated soon.
etroynov
commented
1 year ago @sondreb Hi,
I'm already working on an update koa-static, I'll finish soon.
iambumblehead
commented
11 months ago @etroynov good to know, here's hoping it happens :)
fogmoon
commented
3 months ago Hi @etroynov, Can I know whether there is an ETA for the new release that addresses the security vulnerability? 🙏
Describe the feature
Hey, I was wondering if we could get a new release, please? There is a security vulnerability in
koa-sendthat was resolved in v5.0.1The security vulnerability https://github.com/advisories/GHSA-29xr-v42j-r956 was resolved by removing the
mzpackage (see https://github.com/koajs/send/compare/5.0.0...v5.0.1)Thanks
Checklist