{"id":13431096,"url":"https://github.com/natemcmaster/dotnet-serve","last_synced_at":"2025-12-28T07:04:49.955Z","repository":{"id":27478896,"uuid":"114074795","full_name":"natemcmaster/dotnet-serve","owner":"natemcmaster","description":"Simple command-line HTTPS server for the .NET Core CLI","archived":false,"fork":false,"pushed_at":"2025-09-13T23:35:35.000Z","size":309,"stargazers_count":855,"open_issues_count":1,"forks_count":66,"subscribers_count":19,"default_branch":"main","last_synced_at":"2025-11-27T12:37:38.292Z","etag":null,"topics":["command-line-tool","dotnet","dotnet-core","webserver"],"latest_commit_sha":null,"homepage":"https://nuget.org/packages/dotnet-serve/","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/natemcmaster.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["natemcmaster"]}},"created_at":"2017-12-13T04:43:16.000Z","updated_at":"2025-11-27T06:39:58.000Z","dependencies_parsed_at":"2024-01-05T20:52:53.030Z","dependency_job_id":"44d1d3ee-5060-4fc8-b0d9-c777602dbfae","html_url":"https://github.com/natemcmaster/dotnet-serve","commit_stats":{"total_commits":185,"total_committers":20,"mean_commits":9.25,"dds":0.3891891891891892,"last_synced_commit":"ace5b81e432c9888fcc165366836d310c04ebeb6"},"previous_names":[],"tags_count":44,"template":false,"template_full_name":null,"purl":"pkg:github/natemcmaster/dotnet-serve","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/natemcmaster%2Fdotnet-serve","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/natemcmaster%2Fdotnet-serve/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/natemcmaster%2Fdotnet-serve/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/natemcmaster%2Fdotnet-serve/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/natemcmaster","download_url":"https://codeload.github.com/natemcmaster/dotnet-serve/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/natemcmaster%2Fdotnet-serve/sbom","scorecard":{"id":675220,"data":{"date":"2025-08-11","repo":{"name":"github.com/natemcmaster/dotnet-serve","commit":"8b058e878c5e67f55ac20a9cefae8b2bd7b7d2d3"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":4.4,"checks":[{"name":"Code-Review","score":3,"reason":"Found 8/24 approved changesets -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":3,"reason":"4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/ci.yml:1","Warn: no topLevel permission defined: .github/workflows/stale.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:24: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:26: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:32: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:38: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:52: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yml:66: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/ci.yml/main?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/stale.yml:16: update your workflow using https://app.stepsecurity.io/secureworkflow/natemcmaster/dotnet-serve/stale.yml/main?enable=pin","Info:   0 out of   5 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   3 third-party GitHubAction dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Info: FSF or OSI recognized license: Apache License 2.0: LICENSE.txt:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Packaging","score":10,"reason":"packaging workflow detected","details":["Info: Project packages its releases by way of GitHub Actions.: .github/workflows/ci.yml:43"],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Signed-Releases","score":0,"reason":"Project has not signed or included provenance with any releases.","details":["Warn: release artifact v1.10.190 not signed: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/223868627","Warn: release artifact v1.10.188 not signed: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/223867817","Warn: release artifact v1.10.175 not signed: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/149076185","Warn: release artifact v1.10.172 not signed: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/110149722","Warn: release artifact v1.10.168 not signed: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/109821285","Warn: release artifact v1.10.190 does not have provenance: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/223868627","Warn: release artifact v1.10.188 does not have provenance: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/223867817","Warn: release artifact v1.10.175 does not have provenance: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/149076185","Warn: release artifact v1.10.172 does not have provenance: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/110149722","Warn: release artifact v1.10.168 does not have provenance: https://api.github.com/repos/natemcmaster/dotnet-serve/releases/109821285"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 18 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-21T21:14:56.439Z","repository_id":27478896,"created_at":"2025-08-21T21:14:56.439Z","updated_at":"2025-08-21T21:14:56.439Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28091299,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-12-28T02:00:05.685Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["command-line-tool","dotnet","dotnet-core","webserver"],"created_at":"2024-07-31T02:01:00.459Z","updated_at":"2025-12-28T07:04:49.948Z","avatar_url":"https://github.com/natemcmaster.png","language":"C#","funding_links":["https://github.com/sponsors/natemcmaster"],"categories":["Frameworks, Libraries and Tools","C\\#","框架, 库和工具","Misc"],"sub_categories":["Misc","大杂烩"],"readme":"dotnet-serve\n============\n\n[![Build Status][ci-badge]][ci] [![Code Coverage][codecov-badge]][codecov]\n[![NuGet][nuget-badge] ![NuGet Downloads][nuget-download-badge]][nuget]\n\n[ci]: https://github.com/natemcmaster/dotnet-serve/actions?query=workflow%3ACI+branch%3Amain\n[ci-badge]: https://github.com/natemcmaster/dotnet-serve/workflows/CI/badge.svg\n[codecov]: https://codecov.io/gh/natemcmaster/dotnet-serve\n[codecov-badge]: https://codecov.io/gh/natemcmaster/dotnet-serve/branch/main/graph/badge.svg?token=l6uSsHZ8nA\n[nuget]: https://www.nuget.org/packages/dotnet-serve/\n[nuget-badge]: https://img.shields.io/nuget/v/dotnet-serve.svg?style=flat-square\n[nuget-download-badge]: https://img.shields.io/nuget/dt/dotnet-serve?style=flat-square\n\nA simple command-line HTTP server.\n\nIt launches a server in the current working directory and serves all files from that directory.\n\n## Get started\n\n[Install .NET](https://get.dot.net) and run this command:\n\n```\ndotnet tool install --global dotnet-serve\n```\n\nStart a simple server and open the browser by running:\n\n```\ndotnet serve -o\n```\n\nAnd with HTTPS:\n\n```\ndotnet serve -o -S\n```\n\nWith a specific port (otherwise, it defaults to a random unused port):\n\n```\ndotnet serve --port 8080\n```\n\nAllow access from remote machines (defaults to loopback only). Use this if running inside Docker:\n\n```\ndotnet serve --address any\n```\n\n## Usage\n\n```\nUsage: dotnet serve [options]\n\nOptions:\n  --version                            Show version information.\n  -d|--directory \u003cDIR\u003e                 The root directory to serve. [Current directory]\n  -o|--open-browser[:\u003cPATH\u003e]           Open a web browser when the server starts. [Default false]\n                                       You can also provide the subpath to launch by using -o:\u003cPATH\u003e.\n                                       Example: -o:/path/index.html\n  -p|--port \u003cPORT\u003e                     Port to use [8080]. Use 0 for a dynamic port.\n  -a|--address \u003cADDRESS\u003e               Address to use. [Default = localhost].\n                                       Accepts IP addresses,\n                                       'localhost' to accept only loopback requests, or\n                                       'any' to accept requests from any IP address.\n  --path-base \u003cPATH\u003e                   The base URL path appended to the site URL.\n  --reverse-proxy \u003cMAPPING\u003e            Map a path pattern to another url.\n                                       Expected format is \u003cSOURCE_PATH_PATTERN\u003e=\u003cDESTINATION_URL_PREFIX\u003e.\n                                       SOURCE_PATH_PATTERN uses ASP.NET routing syntax. Use {**all} to match anything.\n  --default-extensions[:\u003cEXTENSIONS\u003e]  A comma-delimited list of extensions to use when no extension is provided in the URL. [.html,.htm]\n  -q|--quiet                           Show less console output.\n  -v|--verbose                         Show more console output.\n  -h|--headers \u003cHEADER_AND_VALUE\u003e      A header to return with all file/directory responses. e.g. -h \"X-XSS-Protection: 1; mode=block\"\n  -S|--tls                             Enable TLS (HTTPS)\n  --cert                               A PEM encoded certificate file to use for HTTPS connections.\n                                       Defaults to file in current directory named 'cert.pem'\n  --key                                A PEM encoded private key to use for HTTPS connections.\n                                       Defaults to file in current directory named 'private.key'\n  --pfx                                A PKCS#12 certificate file to use for HTTPS connections.\n                                       Defaults to file in current directory named 'cert.pfx'\n  --pfx-pwd                            The password to open the certificate file. (Optional)\n  -m|--mime \u003cMAPPING\u003e                  Add a mapping from file extension to MIME type. Empty MIME removes a mapping.\n                                       Expected format is \u003cEXT\u003e=\u003cMIME\u003e.\n  -z|--gzip                            Enable gzip compression\n  -b|--brotli                          Enable brotli compression\n  -c|--cors                            Enable CORS (it will enable CORS for all origins and all methods)\n  --save-options                       Save specified options to .netconfig for subsequent runs.\n  --config-file                          Use the given .netconfig file.\n  --fallback-file                       The path to a file which is served for requests that do not match known file names.\n                                       This is commonly used for single-page applications.\n  -?|--help                            Show help information.\n```\n\n\u003e Tip: single letters for options can be combined. Example: `dotnet serve -Sozq`\n\n## Configuring HTTPS\n\n`dotnet serve -S` will serve requests over HTTPS. By default, it will attempt to find an appropriate certificate on the machine.\n\nBy default, `dotnet serve` will look for, in order:\n - A pair of files named `cert.pem` and `private.key` in the current directory\n - A file named `cert.pfx` in the current directory\n - The ASP.NET Core Developer Certificate (localhost only)\n\nYou can also manually specify certificates as command line options (see below):\n\n\u003e _See also [this doc](./docs/GenerateCert.md) for how to create a self-signed HTTPS certificate._\n\n### .pem files\n\nUse this when you have your certificate and private key stored in separate files (PEM encoded):\n\n```\ndotnet serve --cert ./cert.pem --key ./private.pem\n```\n\nNote: currently only RSA private keys are supported.\n\n### .pfx file\n\nUse this when you have your certificate as a .pfx/.p12 file (PKCS#12 format):\n\n```\ndotnet serve --pfx myCert.pfx --pfx-pwd certPass123\n```\n\n### Using the ASP.NET Core Developer Certificate\n\nThe developer certificate is automatically created the first time you use `dotnet`.\nWhen serving on 'localhost', dotnet-serve will discover and use it when you run:\n\n```\ndotnet serve -S\n```\n\n## Reverse Proxy\n\n`dotnet-serve --reverse-proxy /api/{**all}=http://localhost:5000` will proxy all requests matching `/api/*` to `http://localhost:5000/api/*`.\n\nThe source path pattern uses ASP.NET routing syntax.\n[See the ASP.NET docs for more info.](https://docs.microsoft.com/en-us/aspnet/core/fundamentals/routing?view=aspnetcore-5.0#route-template-reference)\n\nMultiple `--reverse-proxy \u003cMAPPING\u003e` directives can be defined.\n\n## Reusing options with .netconfig\n\n`dotnet-serve` supports reading and saving options using [dotnet-config](https://dotnetconfig.org/), which provides hierarchical inherited configuration for any .NET tool. This means you can save your frequently used options to `.netconfig` so you don't need to specify them every time and for every folder you serve across your machine.\n\nTo save the options used in a particular run to the current directory's `.netconfig`, just append\n`--save-options`:\n\n```\ndotnet serve -p 8080 --gzip --cors --quiet --save-options\n```\n\nAfter running that command, a new `.netconfig` will be created (if there isn't one already there) with the following section for `dotnet-serve`:\n\n```ini\n[serve]\n\tport = 8000\n\tquiet\n\tgzip\n\tcors\n\theader = X-My-Option: foo\n\theader = X-Another: bar\n```\n\nNote: multiple `header`, `mime` type mappings, and `exclude-file` entries can be provided as individual variables.\n\nYou can place those settings in any parent folder, and they will be reused across all descendant folders. Alternatively, they can be saved to global (user profile) or system locations. To easily configure these options at those levels, use the `dotnet-config` tool itself:\n\n```\ndotnet config --global --set serve.port 8000\n```\n\nThis will default the port to `8000` whenever a port is not specified in the command line. You\ncan open the saved `.netconfig` at `%USERPROFILE%\\.netconfig` or `~/.netconfig`.\n\nThe `cert`, `key` and `pfx` values, in particular, can be relative paths that are resolved\nrelative to the location of the declaring `.netconfig` file, which can be very convenient.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnatemcmaster%2Fdotnet-serve","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnatemcmaster%2Fdotnet-serve","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnatemcmaster%2Fdotnet-serve/lists"}