Is static-server safe to use?

static-server has 1 known vulnerabilities on the latest version (2.2.1). DepScope rates its health at 47/100 (high risk).

What is the latest version of static-server?

The latest version of static-server is 2.2.1, released 2018-04-03.

Does static-server have known vulnerabilities?

Yes. static-server has 1 known vulnerabilities. See depscope.dev/pkg/npm/static-server for details.

Is static-server deprecated?

No, static-server is actively maintained. Latest release: 2.2.1 (2018-04-03).

What are alternatives to static-server?

Popular alternatives to static-server in npm include: semver, ansi-styles, minimatch, debug, brace-expansion.

What license does static-server use?

static-server is licensed under MIT.

static-server

npmv2.2.1

A simple http server to serve static resource files from a local directory.

License MITpermissive14 versions1 maintainers5 deps36,352 weekly dl

nbluis/static-server

/ 100

Health

update required

[email protected] has vulnerabilities — update to latest

Moderate health score (47/100) — verify manually
1 high severity vulnerabilities

Health breakdown0 – 100

0/25

maintenance

10/20

popularity

20/25

security

15/15

maturity

2/15

community

Vulnerabilities

1 high

Advisories (1)

Severity	ID	Summary	Fixed in
high	CVE-2023-26152	static-server Path Traversal vulnerability	—

Bundle & TypeScript

📦

Bundle Size

38.4 KBminified

12.0 KB gzipped

5 direct dependencies

side effects

🌟

TypeScript

0/10untyped

No type definitions available

Health History

Dependency Tree

License Audit

Dependencies (5)

chalk commander file-size mime opn

API access

Get this data programmatically — free, no authentication.

curl https://depscope.dev/api/check/npm/static-server