swiftregex
swiftregex copied to clipboard
SwiftFiddle
Update dependency vapor/vapor to from: "4.106.1"
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| vapor/vapor | minor | from: "4.102.1" -> from: "4.106.1" |
[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
vapor/vapor (vapor/vapor)
v4.106.1: - Omit ACAO header instead of empty value
What's Changed
Omit ACAO header instead of empty value by @grahamburgsma in #3243
For context, Vapor currently sends an empty Access-Control-Allow-Origin (ACAO) header when the origin does not match or is set to none.
We recently had a pentest done against our Vapor server and the tester reported the following regarding the empty ACAO header:
When the header is empty, browsers might reject the request without detailed error messages, making it harder for developers to debug or even realize there is a problem. This lack of transparency can lead to extended periods of vulnerability before the issue is discovered.
Looking at some other sources as well, an empty header doesn’t appear to be a valid value and so could result in unexpected behaviour.
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS#the_http_response_headers https://fetch.spec.whatwg.org/#http-access-control-allow-origin
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.106.0...4.106.1
v4.106.0: - Drop Support for Swift 5.8
What's Changed
Drop Support for Swift 5.8 by @0xTim in #3240
- Removes support for Swift 5.8, making 5.9 the lowest supported version
- Updates Swift Crypto dependency to accept 4.0.0 that is about to land
- Fixes up some warnings in Swift 6
- Removes code paths from old Swift versions
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.105.2...4.106.0
v4.105.2: - Raise error when the data expected an array but not parsed as array
What's Changed
Raise error when the data expected an array but not parsed as array by @sidepelican in #3222
URLEncodedFormDecoderfails silently without throwing an error when attempting to decode data in the following pattern:array[0]=0&array[1]=1&array[3]=3. Now it is decoded as an empty array. Typically, a decoder throws an error when data cannot be parsed as the expected structure, so I propose modifying the decoder to throw an error in this case as well.
Reviewers
Thanks to the reviewers for their help:
This patch was released by @ptoffy
Full Changelog: https://github.com/vapor/vapor/compare/4.105.1...4.105.2
v4.105.1: - Throw an error if unkeyed container is at end
What's Changed
Throw an error if unkeyed container is at end by @supersonicbyte in #3226
Throwing an error if the unkeyed container is at end while decoding query params fixes the crash mentioned with this issue: vapor/vapor#3217
The error being thrown is
DecodingError.valueNotFoundand it’s matching the error thrown byJSONDecoder.
New Contributor
- @supersonicbyte made their first contribution in #3226 🎉
Reviewers
Thanks to the reviewers for their help:
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.105.0...4.105.1
v4.105.0: - Support Swift 6
What's Changed
Support Swift 6 by @0xTim in #3225
- Drop support for Swift 5.7
- Fix warnings in Vapor with latest Swift 6 changes
- Fix tests on Linux nightlies
Reviewers
Thanks to the reviewers for their help:
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.104.0...4.105.0
v4.104.0: - Conditional Content Response Compression
What's Changed
Conditional Content Response Compression by @dimitribouniol in #3215
Added support for conditionally compressing responses based on content type or marker headers. This is necessary because some resource types, such as images, don’t compress much, and end up maxing out CPU time on the thread and sometimes block the entire channel while they compress. This results in pipelined resources taking a long time to load even on fast connections.
This change comes with three knobs to control this:
- A global disabled/enabled by default state for the entire server.
- Allow and disallow lists of content types for automatic configurations.
- A marker header for explicitly configuring certain requests or routes to compress or not.
Notably, since the response compression handler now takes a predicate, it is always installed, and the predicate statelessly determines if a response should be compressed based on the server configuration:
- If a response compression configuration was never set, this continues to be a no-op and no compression will occur, though routes can now explicitly enable it as needed. …
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.103.2...4.104.0
v4.103.2: - Use Configured JSONEncoder in ErrorMiddleware
What's Changed
Use Configured JSONEncoder in ErrorMiddleware by @0xTim in #3224
Use the prescribed content encoder for the body of
ErrorMiddlewareinstead of a containedJSONEncoderthat can’t be overridden.You can set the encoder with
ContentConfiguration.global.use(encoder: myCustomEncoder, for: .json)Resolves #3218
Reviewers
Thanks to the reviewers for their help:
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.103.1...4.103.2
v4.103.1: - fix: support capital letters in the domain part of email validation
What's Changed
fix: support capital letters in the domain part of email validation by @Austinpayne in #3211
Fixes #2889
New Contributor
- @Austinpayne made their first contribution in #3211 🎉
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.103.0...4.103.1
v4.103.0: - HTTPHeaders.LastModified Public Initializer
What's Changed
HTTPHeaders.LastModified Public Initializer by @dimitribouniol in #3216
Added a public initializer for
HTTPHeaders.LastModified, and updated the value property to be readwrite, which would prevent needing to roll your own formatter and header access in application code.
This patch was released by @0xTim
Full Changelog: https://github.com/vapor/vapor/compare/4.102.1...4.103.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}