Installations
npm install static-serverDeveloper Guide
Typescript
No
Module System
CommonJS
Min. Node Version
>=4
Node Version
8.1.4
NPM Version
5.5.1
Score
96.7
Supply Chain
91
Quality
75.3
Maintenance
84
Vulnerability
100
License
Releases
Unable to fetch releases
Contributors
Unable to fetch Contributors
Languages
JavaScript (99.58%)
Shell (0.42%)
validate.email 🚀
Verify real, reachable, and deliverable emails with instant MX records, SMTP checks, and disposable email detection.
Developer
nbluis
Download Statistics
Total Downloads
16,877,256
Last Day
6,384
Last Week
31,394
Last Month
134,879
Last Year
1,304,953
GitHub Statistics
210 Stars
101 Commits
51 Forks
5 Watchers
1 Branches
17 Contributors
Updated on Feb 18, 2025
Bundle Size
38.43 kB
Minified
11.95 kB
Minified + Gzipped
Maintainers
Package Meta Information
Latest Version
2.2.1
Package Id
static-server@2.2.1
Size
9.54 kB
NPM Version
5.5.1
Node Version
8.1.4
Published on
Apr 03, 2018
Total Downloads
Cumulative downloads
Total Downloads
16,877,256
Last Day
16.8%
6,384
Compared to previous day
Last Week
6.9%
31,394
Compared to previous week
Last Month
32.6%
134,879
Compared to previous month
Last Year
-23.1%
1,304,953
Compared to previous year
Daily Downloads
Weekly Downloads
Monthly Downloads
Yearly Downloads
Node static server
A simple http server to serve static resource files from a local directory.
Getting started
- Install node.js
- Install npm package globally
npm -g install static-server - Go to the folder you want to serve
- Run the server
static-server
Options
-h, --help output usage information
-V, --version output the version number
-p, --port <n> the port to listen to for incoming HTTP connections
-i, --index <filename> the default index file if not specified
-f, --follow-symlink follow links, otherwise fail with file not found
-d, --debug enable to show error messages
-n, --not-found <filename> the error 404 file
-c, --cors <pattern> Cross Origin Pattern. Use "*" to allow all origins
-z, --no-nocache disable cache (http 304) responses.
-o, --open open server in the local browser
Using as a node module
The server may be used as a dependency HTTP server.
Example
1var StaticServer = require('static-server'); 2var server = new StaticServer({ 3 rootPath: '.', // required, the root of the server file tree 4 port: 1337, // required, the port to listen 5 name: 'my-http-server', // optional, will set "X-Powered-by" HTTP header 6 host: '10.0.0.100', // optional, defaults to any interface 7 cors: '*', // optional, defaults to undefined 8 followSymlink: true, // optional, defaults to a 404 error 9 templates: { 10 index: 'foo.html', // optional, defaults to 'index.html' 11 notFound: '404.html' // optional, defaults to undefined 12 } 13}); 14 15server.start(function () { 16 console.log('Server listening to', server.port); 17}); 18 19server.on('request', function (req, res) { 20 // req.path is the URL resource (file name) from server.rootPath 21 // req.elapsedTime returns a string of the request's elapsed time 22}); 23 24server.on('symbolicLink', function (link, file) { 25 // link is the source of the reference 26 // file is the link reference 27 console.log('File', link, 'is a link to', file); 28}); 29 30server.on('response', function (req, res, err, file, stat) { 31 // res.status is the response status sent to the client 32 // res.headers are the headers sent 33 // err is any error message thrown 34 // file the file being served (may be null) 35 // stat the stat of the file being served (is null if file is null) 36 37 // NOTE: the response has already been sent at this point 38});
FAQ
- Can I use this project in production environments? Obviously not.
- Can this server run php, ruby, python or any other cgi script? No.
- Is this server ready to receive thousands of requests? Preferably not.
Contributors
An special thank you to all contributors who allow this project to continue to evolve.
License
Stable Version
Stable Version
2.2.1
High
1
7.5/10
Summary
static-server Path Traversal vulnerability
Affected Versions
<= 2.2.1
Reason
no binaries found in the repo
Reason
Found 8/20 approved changesets -- score normalized to 4
Reason
project is archived
Details
- Warn: Repository is archived.
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: npmCommand not pinned by hash: local-install.sh:4
- Info: 0 out of 1 npmCommand dependencies pinned
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
license file not detected
Details
- Warn: project does not have a license file
Reason
branch protection not enabled on development/release branches
Details
- Warn: branch protection not enabled for branch 'master'
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 18 are checked with a SAST tool
Reason
27 existing vulnerabilities detected
Details
- Warn: Project is vulnerable to: GHSA-h452-7996-h45h
- Warn: Project is vulnerable to: GHSA-9vvw-cc9w-f27h
- Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c
- Warn: Project is vulnerable to: GHSA-h6ch-v84p-w6p9
- Warn: Project is vulnerable to: GHSA-qrmc-fj45-qfc2
- Warn: Project is vulnerable to: GHSA-q42p-pg8m-cqh6
- Warn: Project is vulnerable to: GHSA-w457-6q6x-cgp9
- Warn: Project is vulnerable to: GHSA-62gr-4qp9-h98f
- Warn: Project is vulnerable to: GHSA-f52g-6jhx-586p
- Warn: Project is vulnerable to: GHSA-2cf5-4w76-r9qv
- Warn: Project is vulnerable to: GHSA-3cqr-58rm-57f8
- Warn: Project is vulnerable to: GHSA-g9r4-xpmj-mj65
- Warn: Project is vulnerable to: GHSA-q2c6-c6pm-g3gh
- Warn: Project is vulnerable to: GHSA-765h-qjxv-5f44
- Warn: Project is vulnerable to: GHSA-f2jv-r9rf-7988
- Warn: Project is vulnerable to: GHSA-2pr6-76vf-7546
- Warn: Project is vulnerable to: GHSA-8j8c-7jfh-h6hx
- Warn: Project is vulnerable to: GHSA-wrvr-8mpx-r7pp
- Warn: Project is vulnerable to: GHSA-hxm2-r34f-qmc5
- Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3
- Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m
- Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h
- Warn: Project is vulnerable to: GHSA-3fx5-fwvr-xrjg
- Warn: Project is vulnerable to: GHSA-w9mr-4mfr-499f
- Warn: Project is vulnerable to: GHSA-gqgv-6jq5-jjj9
- Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp
- Warn: Project is vulnerable to: GHSA-8225-6cvr-8pqp
Score
1.7
/10
Last Scanned on 2025-02-17
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More