http-server icon indicating copy to clipboard operation
http-server copied to clipboard
verified publisher icon http-party

High Prio Issues 2024-09

Open KernelDeimos opened this issue 1 year ago • 4 comments

This is just a start - I need to update this more later.

TODO

  • Close any issues that are already resolved, Close any PRs that aren't real contributions
  • Ensure tests can run (right now it looks like they fail)
    • Added an issue for this: https://github.com/http-party/http-server/issues/892
  • Resolve high-prio issues, merge high-prio PRs

PRs

  • https://github.com/http-party/http-server/pull/282/files - highly requested feature, missing docs and test. Should be merged and an issue should be open for the docs.
    • also check #885 and #887, take the best of each
    • Should be merged before other PRs for header flags (#685 for example)
  • https://github.com/http-party/http-server/pull/823/files - this should be verified; it definitely sucks when ports don't get closed

Nice to Have

  • https://github.com/http-party/http-server/pull/294
  • https://github.com/http-party/http-server/pull/439
  • https://github.com/http-party/http-server/pull/827

KernelDeimos avatar Sep 13 '24 14:09 KernelDeimos

Adding my list of issues & PRs worthy for consideration:

Issues

  • Replace union in favor of Node streams https://github.com/http-party/http-server/issues/483

Pull Requests

  • Easy Docker usage https://github.com/http-party/http-server/issues/867, https://github.com/http-party/http-server/pull/790
  • IPv6 compatible loopback https://github.com/http-party/http-server/pull/830
  • Upgrading dependencies to latest modern versions: https://github.com/http-party/http-server/pull/846, #808, #875, #843

indexzero avatar Sep 20 '24 15:09 indexzero

I just ran npm audit which updated some dependencies. All tests are still passing. Issue #860 turned out to be a false alarm. Any vulnerability that I know about is now therefore taken care of.

We could do a patch release on this alone before other changes go into main so that anyone configured to stay at the minor version gets a security update. Test coverage, while not perfect, is above 80% for most source files which seems to imply there's low risk of breaking changes, so I think we should do this.

KernelDeimos avatar Sep 20 '24 20:09 KernelDeimos

I created a branch for v14.1.2 with the intention that it will only accept security-related fixes. This is my plan for the next three releases:

  • v14.1.2; update anyone configured for patch updates with security fixes
  • v14.2.0; update anyone configured for minor updates with stability improvements but no features
  • ~~v15.0.0; will have custom headers, basedir option, darkmode, etc~~

Edit: I now think v14.2.0 makes sense for all the current changes, as there should not be any regressions.

KernelDeimos avatar Sep 30 '24 03:09 KernelDeimos

This issue has been inactive for 180 days

github-actions[bot] avatar May 05 '25 12:05 github-actions[bot]