You can clone with
HTTPS or Subversion.
there's a bug that makes attackers able to reliably DoS a nowjs server with one message. You've got a mail with a proof of concept (sent it to email@example.com).
If you aren't able to fix this within the next two weeks, the PoC goes to the nodejs mailing list.
fix gh #157