I've installed the package, added to bunfig. Then, for example:
❯ bun add express@3.4.5
bun add v1.3.10 (30e609e0)
⚠ Socket Security Scanner free mode. Set SOCKET_API_KEY to use your Socket org settings.
⏳[@socketsecurity/bun-security-scanner] Scanning 93 packages took 1183ms
installed express@3.21.2 with binaries:
- express
1 package installed [1311.00ms]
Meanwhile:
bun audit v1.3.10 (30e609e0)
express >=3.4.5 <4.0.0-rc1
(direct dependency)
low: Express Open Redirect vulnerability - https://github.com/advisories/GHSA-jj78-5fmv-mv28
low: express vulnerable to XSS via response.redirect() - https://github.com/advisories/GHSA-qw6h-vgh9-j6wx
moderate: Express ressource injection - https://github.com/advisories/GHSA-cm5g-3pgc-8rg4
moderate: Express.js Open Redirect in malformed URLs - https://github.com/advisories/GHSA-rv95-896h-c2vc
I've installed the package, added to bunfig. Then, for example:
Meanwhile: