Fascinated/Minetrack
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
Minetrack makes it easy to keep an eye on your favorite Minecraft servers. https://mc.fascinated.cc/
219 Commits 3 Branches 0 Tags 1.6 MiB
JavaScript 89.1%
CSS 7.2%
HTML 2.7%
Dockerfile 0.8%
Shell 0.2%
003c3dfd01
Go to file
benmag1 003c3dfd01 Fix for 2 vulnerable dependency paths (#53) 
Minetrack currently has a 11 vulnerable dependency paths, introducing 6 different types of known vulnerabilities.

This PR fixes  vulnerable dependencies, [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722) in the `tough-cookie` dependency, [remote memory exposure ](https://snyk.io/vuln/npm:request:20160119) vulnerability in the `request` dependency.

You can see [Snyk test report](https://snyk.io/test/github/Cryptkeeper/Minetrack) of this project for details. 

This PR changes `Package.json` to upgrade `request` to the newer 2.74.0 version, and will fix all the vulnerabilities listed above.

You can get alerts and fix PRs for future vulnerabilities for free by [watching this repo with Snyk](https://snyk.io/add).

Note this PR fixes all the vulnerabilities introduced trough `request` dependency, in order to be vulnerability free you will need to upgrade others dependencies as well.

Full disclosure: I'm a part of the Snyk team, just looking to spread some security goodness and awareness ;)
2016-10-25 13:14:35 -05:00
assets Will print the port only if it is custom 2016-10-08 01:15:47 +01:00
docs 2.2.2, clean up documentation 2016-07-05 14:11:09 -05:00
lib Require mcpe-ping-fixed 2016-07-05 14:36:29 -05:00
scripts Use nodejs-legacy because sqlite3 is bad. 2015-12-10 22:23:17 -06:00
.gitignore Add .DS_Store to gitignore 2016-03-01 19:09:25 -06:00
app.js Show supported versions for PC servers 2016-03-01 21:09:38 -06:00
config.json Remove production config/assets 2016-07-05 12:49:39 -05:00
gulpfile.js Standardize the gulp task names (build-type-name) 2015-11-30 14:11:10 -06:00
LICENSE First commit, most of the backend system! :) 2015-11-01 22:56:08 -06:00
package.json Fix for 2 vulnerable dependency paths (#53) 2016-10-25 13:14:35 -05:00
README.md 2.2.2, clean up documentation 2016-07-05 14:11:09 -05:00
servers.json Use example configurations 2016-02-23 19:42:19 -06:00

README.md

Minetrack

Minetrack is a Minecraft PC/PE server tracker that lets you focus on what's happening now. Built to be lightweight and durable, you can easily adapt it to monitor BungeeCord or server instances.

Try it out!

You can see an up-to-date copy of the production branch running on http://minetrack.me

"master" branch contains everything you need to start your own copy. "production" branch is what's used in the production environment of the minetrack.me site.

Usage

  1. Make sure everything is correct in config.json.
  2. Add/remove servers by editing the servers.json file.
  3. Run npm install.
  4. Run node app.js to boot the system (may need sudo!)

(There's also install.sh and start.sh, but they may not work for your OS.)

Database logging is disabled by default. You can enable it in config.json by setting logToDatabase to true. This requires sqlite3 drivers to be installed.

What's being changed?

For the changelog, check out the CHANGELOG file.