[feat] New Release

[x20mar]

Describe the feature

Hey, I was wondering if we could get a new release, please? There is a security vulnerability in koa-send that was resolved in v5.0.1

The security vulnerability GHSA-29xr-v42j-r956 was resolved by removing the mz package (see koajs/send@5.0.0...v5.0.1)

Thanks

Checklist

• I have searched through GitHub issues for similar issues.
• I have completely read through the README and documentation.

[mauricio-molina]

seconding this for resolving the security vulnerability

[sondreb]

I'm fairly new to the koa-ecosystem and I'm looking around trying to find an static file package that is maintained and updated, everything I find is mostly forks and unmaintained for 4-8 years, including this one that is hosted on the official koajs org. The official website does not mention the word static either, at least some hints on where to look would be nice. I get that the packages (modules) are fairly small and focused, but just keeping dependencies fresh and maintained goes a long way improving trust.

I'd rather not go back to Express (used on and off since it was released), so I'll just use this module and hopefully it will be updated soon.

[etroynov]

@sondreb Hi,

I'm already working on an update koa-static, I'll finish soon.

[iambumblehead]

@etroynov good to know, here's hoping it happens :)

[fogmoon]

Hi @etroynov,
Can I know whether there is an ETA for the new release that addresses the security vulnerability? 🙏

[dingshaohua-com]

@sondreb Hi,

I'm already working on an update koa-static, I'll finish soon.

now is 2025