server-up-ndot 1.3.3 → 1.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/create.js +19 -0
- package/lib/dev.js +19 -0
- package/package.json +1 -1
- package/readme.md +13 -0
package/lib/create.js
CHANGED
|
@@ -15,6 +15,25 @@ module.exports = function create(name){
|
|
|
15
15
|
copyFolder(templatePath, projectPath);
|
|
16
16
|
|
|
17
17
|
console.log("Server created:", name);
|
|
18
|
+
console.log(`
|
|
19
|
+
==============================
|
|
20
|
+
🔐 TODAY SECURITY NOTICE
|
|
21
|
+
==============================
|
|
22
|
+
|
|
23
|
+
📦 Package: axios
|
|
24
|
+
⚠️ Affected: <= 1.14.0
|
|
25
|
+
🔥 Severity: CRITICAL
|
|
26
|
+
|
|
27
|
+
📖 See README for full details
|
|
28
|
+
|
|
29
|
+
⚡ Action Required:
|
|
30
|
+
- Update immediately
|
|
31
|
+
- Check your dependencies
|
|
32
|
+
|
|
33
|
+
==============================
|
|
34
|
+
Stay safe. Security matters.
|
|
35
|
+
==============================
|
|
36
|
+
`);
|
|
18
37
|
};
|
|
19
38
|
|
|
20
39
|
function copyFolder(src,dest){
|
package/lib/dev.js
CHANGED
|
@@ -4,5 +4,24 @@ function dev() {
|
|
|
4
4
|
const child = spawn("node", ["app.js"], {
|
|
5
5
|
stdio: "inherit"
|
|
6
6
|
});
|
|
7
|
+
console.log(`
|
|
8
|
+
==============================
|
|
9
|
+
🔐 TODAY SECURITY NOTICE
|
|
10
|
+
==============================
|
|
11
|
+
|
|
12
|
+
📦 Package: axios
|
|
13
|
+
⚠️ Affected: <= 1.14.0
|
|
14
|
+
🔥 Severity: CRITICAL
|
|
15
|
+
|
|
16
|
+
📖 See README for full details
|
|
17
|
+
|
|
18
|
+
⚡ Action Required:
|
|
19
|
+
- Update immediately
|
|
20
|
+
- Check your dependencies
|
|
21
|
+
|
|
22
|
+
==============================
|
|
23
|
+
Stay safe. Security matters.
|
|
24
|
+
==============================
|
|
25
|
+
`);
|
|
7
26
|
}
|
|
8
27
|
module.exports = dev;
|
package/package.json
CHANGED
package/readme.md
CHANGED
|
@@ -1,3 +1,13 @@
|
|
|
1
|
+
# today sicu news
|
|
2
|
+
## axios
|
|
3
|
+
axios <=1.14.0
|
|
4
|
+
Severity: **critical**
|
|
5
|
+
Axios has a NO_PROXY Hostname Normalization Bypass Leads to SSRF - https://github.com/advisories/GHSA-3p68-rc4w-qgx5
|
|
6
|
+
Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain - https://github.com/advisories/GHSA-fvcv-3m26-pcqx
|
|
7
|
+
fix available via `npm audit fix`
|
|
8
|
+
|
|
9
|
+
*Pay attention to security!*
|
|
10
|
+
|
|
1
11
|
# server-up-ndot
|
|
2
12
|
|
|
3
13
|
Simple server generator and auto library install for Node.js.
|
|
@@ -61,6 +71,9 @@ npx server-up-ndot create myserver
|
|
|
61
71
|
|
|
62
72
|
## 1.3.x
|
|
63
73
|
|
|
74
|
+
### 1.3.4
|
|
75
|
+
- sicu news updated
|
|
76
|
+
|
|
64
77
|
### 1.3.3
|
|
65
78
|
- Just joke readme(lmaoooooooooo)
|
|
66
79
|
|