Skip to content

Add RESTful API endpoints #102

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Copilot wants to merge 7 commits into
base: master
Choose a base branch
from

Security: Replace regex email validation to prevent ReDoS

0aedc8f
Select commit
Loading
Failed to load commit list.
Open

Add RESTful API endpoints #102

Security: Replace regex email validation to prevent ReDoS
0aedc8f
Select commit
Loading
Failed to load commit list.
Codacy Production / Codacy Static Code Analysis required action Nov 4, 2025 in 0s

44 new issues (0 max.) of at least severity.

Annotations

Check warning on line 15 in app.js

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

app.js#L15 

Require statement not part of import statement.

Check warning on line 52 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L52 

Insecure dependency npm/body-parser@1.13.3 (CVE-2024-45590: body-parser: Denial of Service Vulnerability in body-parser) (update to 1.20.3)

Check notice on line 137 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L137 

Insecure dependency npm/debug@2.2.0 (CVE-2017-16137: nodejs-debug: Regular expression Denial of Service) (update to 2.6.9)

Check failure on line 167 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L167 

Insecure dependency npm/ejs@2.7.4 (CVE-2022-29078: ejs: server-side template injection in outputFunctionName) (update to 3.1.7)

Check warning on line 188 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L188 

Insecure dependency npm/ejs@0.8.8 (CVE-2017-1000188: nodejs-ejs: Cross-site scripting via ejs.renderFile()) (update to 2.5.5)

Check warning on line 188 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L188 

Insecure dependency npm/ejs@0.8.8 (CVE-2017-1000189: nodejs-ejs: Denial of Service via renderFile() by overriding localNames) (update to 2.5.5)

Check failure on line 188 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L188 

Insecure dependency npm/ejs@0.8.8 (CVE-2022-29078: ejs: server-side template injection in outputFunctionName) (update to 3.1.7)

Check warning on line 188 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L188 

Insecure dependency npm/ejs@0.8.8 (CVE-2024-33883: The ejs (aka Embedded JavaScript templates) package before 3.1.10 for  ...) (update to 3.1.10)

Check warning on line 209 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L209 

Insecure dependency npm/express@4.13.4 (CVE-2024-29041: express: cause malformed URLs to be evaluated) (update to 4.19.2)

Check notice on line 303 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L303 

Insecure dependency npm/cookie@0.1.5 (CVE-2024-47764: cookie: cookie accepts cookie name, path, and domain with out of bounds characters) (update to 0.7.0)

Check warning on line 406 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L406 

Insecure dependency npm/log4js@0.6.38 (CVE-2022-21704: log4js-node is a port of log4js to node.js. In affected versions defau ...) (update to 6.4.0)

Check warning on line 454 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L454 

Insecure dependency npm/mime@1.3.4 (CVE-2017-16138: nodejs-mime: Regular expression Denial of Service) (update to 1.4.1)

Check failure on line 483 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L483 

Insecure dependency npm/morgan@1.6.1 (CVE-2019-5413: nodejs-morgan: Unescaped input in compile() function) (update to 1.9.1)

Check warning on line 483 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L483 

Insecure dependency npm/morgan@1.6.1 (NSWG-ECO-473: Arbitrary Code Injection) (update to >=1.9.1)

Check notice on line 499 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L499 

Insecure dependency npm/on-headers@1.0.2 (CVE-2025-7339: on-headers: on-headers vulnerable to http response header manipulation) (update to 1.1.0)

Check warning on line 513 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L513 

Insecure dependency npm/negotiator@0.5.3 (CVE-2016-10539: negotiator is an HTTP content negotiator for Node.js and is used by ma ...) (update to 0.6.1)

Check warning on line 513 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L513 

Insecure dependency npm/negotiator@0.5.3 (NSWG-ECO-106: Regular Expression Denial of Service) (update to >= 0.6.1)

Check warning on line 558 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L558 

Insecure dependency npm/path-to-regexp@0.1.7 (CVE-2024-45296: path-to-regexp: Backtracking regular expressions cause ReDoS) (update to 0.1.10)

Check warning on line 558 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L558 

Insecure dependency npm/path-to-regexp@0.1.7 (CVE-2024-52798: path-to-regexp: path-to-regexp Unpatched `path-to-regexp` ReDoS in 0.1.x) (update to 0.1.12)

Check failure on line 564 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L564 

Insecure dependency npm/pg@5.1.0 (CVE-2017-16082: A remote code execution vulnerability was found within the pg module w ...) (update to 5.2.1)

Check warning on line 707 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L707 

Insecure dependency npm/qs@4.0.0 (CVE-2017-1000048: nodejs-qs: Prototype override protection bypass) (update to 6.0.4)

Check warning on line 707 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L707 

Insecure dependency npm/qs@4.0.0 (CVE-2022-24999: express: "qs" prototype poisoning causes the hang of the node process) (update to 6.10.3)

Check notice on line 801 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L801 

Insecure dependency npm/send@0.13.1 (CVE-2024-43799: send: Code Execution Vulnerability in Send Library) (update to 0.19.0)

Check warning on line 854 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L854 

Insecure dependency npm/ms@0.7.2 (CVE-2017-20162: Vercel ms Inefficient Regular Expression Complexity vulnerability) (update to 2.0.0)

Check notice on line 860 in package-lock.json

See this annotation in the file changed.

@codacy-production codacy-production / Codacy Static Code Analysis

package-lock.json#L860 

Insecure dependency npm/serve-static@1.10.3 (CVE-2024-43800: serve-static: Improper Sanitization in serve-static) (update to 1.16.0)
View more details on Codacy Production