Is oauth2-server safe to use?

oauth2-server has 1 known vulnerabilities on the latest version (3.1.1). DepScope rates its health at 58/100 (high risk).

What is the latest version of oauth2-server?

The latest version of oauth2-server is 3.1.1, released 2020-07-14.

Does oauth2-server have known vulnerabilities?

Yes. oauth2-server has 1 known vulnerabilities. See depscope.dev/pkg/npm/oauth2-server for details.

Is oauth2-server deprecated?

No, oauth2-server is actively maintained. Latest release: 3.1.1 (2020-07-14).

What are alternatives to oauth2-server?

Popular alternatives to oauth2-server in npm include: semver, debug, ansi-styles, minimatch, brace-expansion.

What license does oauth2-server use?

oauth2-server is licensed under MIT.

oauth2-server

npmv3.1.1

Complete, framework-agnostic, compliant and well tested module for implementing an OAuth2 Server in node.js

License MITpermissive19 versions4 maintainers6 deps152,987 weekly dl

oauthjs/node-oauth2-server

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Moderate health score (58/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

14/20

popularity

20/25

security

15/15

maturity

9/15

community

0/15

popularity_floor

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2020-26938	oauth2-server through 3.1.1 vulnerable to Open Redirect	—

Bundle & TypeScript

📦

Bundle Size

99.8 KBminified

30.9 KB gzipped

6 direct dependencies

side effects

🌟

TypeScript

7/10typed

Types from @types/oauth2-server (DefinitelyTyped)

Health History

Dependency Tree

License Audit

Dependencies (6)

basic-auth bluebird lodash promisify-any statuses type-is

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/oauth2-server