search

tapio / live-server

A simple development http server with live reload capability.
http://tapiov.net/live-server/
4.4k stars 484 forks source link

fix(security): fixed security issues found with SNYK #429

Closed jebarpg closed 1 month ago

jebarpg commented 4 months ago

Updated dependencies to fix security issues found by SNYK and added a new eslint config file to work with the updated eslint dependency conventions.

justinwiley commented 1 month ago

@tapio is this project still alive or deprecated? If its deprecated could you notify folks that it currently uses insecure dependencies and they should look for an alternative, if not could you review and merge this request?

npm i live-server -g
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated opn@6.0.0: The package has been renamed to `open`
npm WARN deprecated fsevents@1.2.13: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
jebarpg commented 1 month ago

@tapio is this project still alive or deprecated? If its deprecated could you notify folks that it currently uses insecure dependencies and they should look for an alternative, if not could you review and merge this request?

npm i live-server -g
npm WARN deprecated source-map-url@0.4.1: See https://github.com/lydell/source-map-url#deprecated
npm WARN deprecated urix@0.1.0: Please see https://github.com/lydell/urix#deprecated
npm WARN deprecated resolve-url@0.2.1: https://github.com/lydell/resolve-url#deprecated
npm WARN deprecated source-map-resolve@0.5.3: See https://github.com/lydell/source-map-resolve#deprecated
npm WARN deprecated opn@6.0.0: The package has been renamed to `open`
npm WARN deprecated fsevents@1.2.13: The v1 package contains DANGEROUS / INSECURE binaries. Upgrade to safe fsevents v2
npm WARN deprecated chokidar@2.1.8: Chokidar 2 does not receive security updates since 2019. Upgrade to chokidar 3 with 15x fewer dependencies
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.

@justinwiley I ended up switching over to five-server. https://www.npmjs.com/package/five-server "(Maintained Fork of Live Server)"