{"id":1152200,"name":"@risingstack/protect","ecosystem":"npm","description":"[![Build Status](https://travis-ci.org/RisingStack/protect.svg?branch=master)](https://travis-ci.org/RisingStack/protect)","homepage":"https://github.com/risingstack/protect#readme","licenses":"MIT","normalized_licenses":["MIT"],"repository_url":"https://github.com/risingstack/protect","keywords_array":["security","express","sql injection","xss"],"namespace":"risingstack","versions_count":3,"first_release_published_at":"2017-05-14T10:11:23.111Z","latest_release_published_at":"2017-05-24T15:34:44.684Z","latest_release_number":"1.2.0","last_synced_at":"2026-04-06T11:58:32.283Z","created_at":"2022-04-08T12:15:05.383Z","updated_at":"2026-04-06T11:58:32.284Z","registry_url":"https://www.npmjs.com/package/@risingstack/protect","install_command":"npm install @risingstack/protect","documentation_url":null,"metadata":{"funding":null,"dist-tags":{"latest":"1.2.0"}},"repo_metadata":{"id":43347881,"uuid":"91164909","full_name":"RisingStack/protect","owner":"RisingStack","description":"Proactively protect your Node.js web services","archived":false,"fork":false,"pushed_at":"2018-09-28T12:37:10.000Z","size":22,"stargazers_count":401,"open_issues_count":8,"forks_count":23,"subscribers_count":11,"default_branch":"master","last_synced_at":"2025-05-24T13:09:51.516Z","etag":null,"topics":["express","nodejs","security","sql-injection","xss"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/RisingStack.png","metadata":{},"created_at":"2017-05-13T09:56:22.000Z","updated_at":"2025-04-04T13:36:08.000Z","dependencies_parsed_at":"2022-07-07T21:13:36.042Z","dependency_job_id":null,"html_url":"https://github.com/RisingStack/protect","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RisingStack","download_url":"https://codeload.github.com/RisingStack/protect/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":256086244,"owners_count":22334812,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"RisingStack","name":"RisingStack","uuid":"6916052","kind":"organization","description":"We're a full-stack development agency specialized in building highly-scalable and resilient digital products. We \u003c3 JavaScript, Kubernetes and Microservices.","email":null,"website":"https://risingstack.com","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/6916052?v=4","repositories_count":163,"last_synced_at":"2025-03-27T15:01:50.100Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/RisingStack","funding_links":[],"total_stars":11197,"followers":42,"following":0,"created_at":"2022-11-08T04:46:04.884Z","updated_at":"2025-03-27T15:01:50.100Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RisingStack","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/RisingStack/repositories"},"tags":[{"name":"v1.2.0","sha":"80f469d09eca39296cad8c1589d2f15f42b5e2da","kind":"commit","published_at":"2017-05-24T15:32:45.000Z","download_url":"https://codeload.github.com/RisingStack/protect/tar.gz/v1.2.0","html_url":"https://github.com/RisingStack/protect/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/tags/v1.2.0/manifests"},{"name":"v1.1.0","sha":"6a4495d2bb8ab52dacea0c041476026c5d11394a","kind":"commit","published_at":"2017-05-19T12:01:04.000Z","download_url":"https://codeload.github.com/RisingStack/protect/tar.gz/v1.1.0","html_url":"https://github.com/RisingStack/protect/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/tags/v1.1.0/manifests"}]},"repo_metadata_updated_at":"2026-03-21T09:21:52.866Z","dependent_packages_count":3,"downloads":483,"downloads_period":"last-month","dependent_repos_count":23,"rankings":{"downloads":4.711214972098551,"dependent_repos_count":2.6787420592982483,"dependent_packages_count":5.807396218681975,"stargazers_count":3.2909031780886577,"forks_count":4.7985241598588875,"docker_downloads_count":0.8349137918629649,"average":3.6869490633148807},"purl":"pkg:npm/%40risingstack/protect","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwY2gtcnh3My1mZ3g4","url":"https://github.com/advisories/GHSA-vpch-rxw3-fgx8","title":"Cross-Site Scripting in @risingstack/protect","description":"All versions of `@risingstack/protect` are vulnerable to Cross-Site Scripting. The  `isXss()` XSS validator has several bypasses that may allow attackers to execute arbitrary JavaScript in a victim's browser.\n\n\n## Recommendation\n\nNo fix is currently available. Consider using an alternative package. The package is not actively maintained and will not be patched.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2018-04-25T14:30:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.1,"cvss_vector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N","references":["https://nvd.nist.gov/vuln/detail/CVE-2018-1000160","https://github.com/RisingStack/protect/issues/16","https://github.com/advisories/GHSA-vpch-rxw3-fgx8","https://snyk.io/vuln/SNYK-JS-RISINGSTACKPROTECT-455402","https://www.npmjs.com/advisories/1116","https://github.com/RisingStack/protect/blob/60b0c91e86686d34e5202419ce9ae7e8dc08edcd/lib/rules/xss.js#L4-L13","http://embed.plnkr.co/xHbhB29JWWyMUMeHsLrm"],"source_kind":"github","identifiers":["GHSA-vpch-rxw3-fgx8","CVE-2018-1000160"],"repository_url":"https://github.com/RisingStack/protect","blast_radius":0.0,"created_at":"2022-12-21T16:13:14.145Z","updated_at":"2026-04-05T22:09:50.876Z","epss_percentage":0.0029,"epss_percentile":0.52038,"api_url":"https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwY2gtcnh3My1mZ3g4","html_url":"https://advisories.ecosyste.ms/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwY2gtcnh3My1mZ3g4","packages":[{"ecosystem":"npm","package_name":"@risingstack/protect","versions":[{"first_patched_version":null,"vulnerable_version_range":"\u003c= 1.2.0"}],"purl":"pkg:npm/%40risingstack%2Fprotect"}],"related_packages_url":"https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZwY2gtcnh3My1mZ3g4/related_packages","related_advisories":[]}],"docker_usage_url":"https://docker.ecosyste.ms/usage/npm/@risingstack/protect","docker_dependents_count":1,"docker_downloads_count":2189,"usage_url":"https://repos.ecosyste.ms/usage/npm/@risingstack/protect","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/npm/@risingstack/protect/dependencies","status":"deprecated","funding_links":[],"critical":null,"issue_metadata":{"last_synced_at":"2025-05-24T13:08:28.516Z","issues_count":10,"pull_requests_count":9,"avg_time_to_close_issue":148047.25,"avg_time_to_close_pull_request":5248067.428571428,"issues_closed_count":4,"pull_requests_closed_count":7,"pull_request_authors_count":5,"issue_authors_count":10,"avg_comments_per_issue":1.2,"avg_comments_per_pull_request":0.2222222222222222,"merged_pull_requests_count":6,"bot_issues_count":0,"bot_pull_requests_count":0,"past_year_issues_count":0,"past_year_pull_requests_count":0,"past_year_avg_time_to_close_issue":null,"past_year_avg_time_to_close_pull_request":null,"past_year_issues_closed_count":0,"past_year_pull_requests_closed_count":0,"past_year_pull_request_authors_count":0,"past_year_issue_authors_count":0,"past_year_avg_comments_per_issue":null,"past_year_avg_comments_per_pull_request":null,"past_year_bot_issues_count":0,"past_year_bot_pull_requests_count":0,"past_year_merged_pull_requests_count":0,"issues_url":"https://issues.ecosyste.ms/api/v1/hosts/GitHub/repositories/RisingStack%2Fprotect/issues","maintainers":[],"active_maintainers":[]},"versions_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@risingstack%2Fprotect/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@risingstack%2Fprotect/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@risingstack%2Fprotect/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@risingstack%2Fprotect/related_packages","codemeta_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/packages/@risingstack%2Fprotect/codemeta","maintainers":[{"uuid":"hekike","login":"hekike","name":null,"email":"email@martonpeter.com","url":null,"packages_count":43,"html_url":"https://www.npmjs.com/~hekike","role":null,"created_at":"2022-11-20T23:13:52.449Z","updated_at":"2022-11-20T23:13:52.449Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/hekike/packages"},{"uuid":"gergelyke","login":"gergelyke","name":null,"email":"mail@nemethgergely.com","url":null,"packages_count":51,"html_url":"https://www.npmjs.com/~gergelyke","role":null,"created_at":"2022-11-20T23:13:52.442Z","updated_at":"2022-11-20T23:13:52.442Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/gergelyke/packages"},{"uuid":"solkimicreb","login":"solkimicreb","name":null,"email":"miklos.bertalan@risingstack.com","url":null,"packages_count":61,"html_url":"https://www.npmjs.com/~solkimicreb","role":null,"created_at":"2022-11-20T23:13:52.472Z","updated_at":"2022-11-20T23:13:52.472Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/solkimicreb/packages"},{"uuid":"peteyycz","login":"peteyycz","name":null,"email":"p.czibik@gmail.com","url":null,"packages_count":25,"html_url":"https://www.npmjs.com/~peteyycz","role":null,"created_at":"2022-11-20T23:13:52.459Z","updated_at":"2022-11-20T23:13:52.459Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/peteyycz/packages"},{"uuid":"risingnpm","login":"risingnpm","name":null,"email":"info@risingstack.com","url":null,"packages_count":27,"html_url":"https://www.npmjs.com/~risingnpm","role":null,"created_at":"2022-11-20T23:13:52.435Z","updated_at":"2022-11-20T23:13:52.435Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/risingnpm/packages"},{"uuid":"dandesz198","login":"dandesz198","name":null,"email":"dandesz198@gmail.com","url":null,"packages_count":22,"html_url":"https://www.npmjs.com/~dandesz198","role":null,"created_at":"2022-11-20T23:13:52.421Z","updated_at":"2022-11-20T23:13:52.421Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/dandesz198/packages"},{"uuid":"kubischj","login":"kubischj","name":null,"email":"kubischj@windowslive.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~kubischj","role":null,"created_at":"2022-11-20T23:13:52.394Z","updated_at":"2022-11-20T23:13:52.394Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/kubischj/packages"},{"uuid":"fwalkwithm","login":"fwalkwithm","name":null,"email":"fwalkwithm@gmail.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~fwalkwithm","role":null,"created_at":"2022-11-20T23:13:52.398Z","updated_at":"2022-11-20T23:13:52.398Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/fwalkwithm/packages"},{"uuid":"ozonid","login":"ozonid","name":null,"email":"david@risingstack.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~ozonid","role":null,"created_at":"2022-11-20T23:13:52.406Z","updated_at":"2022-11-20T23:13:52.406Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/ozonid/packages"},{"uuid":"jota","login":"jota","name":null,"email":"simonzsoltjota@gmail.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~jota","role":null,"created_at":"2022-11-20T23:13:52.413Z","updated_at":"2022-11-20T23:13:52.413Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/jota/packages"},{"uuid":"paldiana01","login":"paldiana01","name":null,"email":"diana.pal@risingstack.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~paldiana01","role":null,"created_at":"2022-11-20T23:13:52.428Z","updated_at":"2022-11-20T23:13:52.428Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/paldiana01/packages"},{"uuid":"tamas.hodi","login":"tamas.hodi","name":null,"email":"tamas.hodi89@gmail.com","url":null,"packages_count":21,"html_url":"https://www.npmjs.com/~tamas.hodi","role":null,"created_at":"2022-11-20T23:13:52.466Z","updated_at":"2022-11-20T23:13:52.466Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/npmjs.org/maintainers/tamas.hodi/packages"}]}