Is morgan-json safe to use?

morgan-json has 1 known vulnerabilities on the latest version (1.1.0). DepScope rates its health at 36/100 (critical risk).

What is the latest version of morgan-json?

The latest version of morgan-json is 1.1.0, released 2016-10-20.

Does morgan-json have known vulnerabilities?

Yes. morgan-json has 1 known vulnerabilities. See depscope.dev/pkg/npm/morgan-json for details.

Is morgan-json deprecated?

No, morgan-json is actively maintained. Latest release: 1.1.0 (2016-10-20).

What are alternatives to morgan-json?

Popular alternatives to morgan-json in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does morgan-json use?

morgan-json is licensed under MIT.

morgan-json

npmv1.1.0

A variant of `morgan.compile` that provides format functions that output JSON

License MITpermissive2 versions2 maintainers1 deps8,670 weekly dl

indexzero/morgan-json

/ 100

Health

do not use

morgan-json has critical vulnerabilities — do not use

Low health score (36/100)
1 critical vulnerabilities

Health breakdown0 – 100

0/25

maintenance

6/20

popularity

15/25

security

12/15

maturity

3/15

community

Vulnerabilities

1 critical

Advisories (1)

Severity	ID	Summary	Fixed in
critical	CVE-2022-25921	morgan-json vulnerable to Arbitrary Code Execution	—

Bundle & TypeScript

🌟

TypeScript

7/10typed

Types from @types/morgan-json (DefinitelyTyped)

Health History

Dependency Tree

License Audit

Dependencies (1)

diagnostics

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/morgan-json