opentok-node chore(deps): update dependency express to ~4.21.1 (main)

chore(deps): update dependency express to ~4.21.1 (main)

Open mend-for-github-com[bot] opened this issue 8 months ago • 0 comments

This PR contains the following updates:

Package	Type	Update	Change
express (source)	dependencies	minor	`~4.19.0` -> `~4.21.1`

By merging this PR, the issue #337 will be automatically resolved and closed:

Severity	CVSS Score	Vulnerability
High	7.5	CVE-2024-45296
High	7.5	CVE-2024-45590
High	7.5	CVE-2024-52798
Medium	5.3	CVE-2024-47764
Medium	5.0	CVE-2024-43796
Medium	5.0	CVE-2024-43799
Medium	5.0	CVE-2024-43800

expressjs/express (express)

Full Changelog: https://github.com/expressjs/express/compare/4.21.0...4.21.1

Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0

==========

deps: [email protected]
- Remove link renderization in html while redirecting
deps: [email protected]
- Remove link renderization in html while redirecting
deps: [email protected]
- add depth option to customize the depth level in the parser
- IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
Remove link renderization in html while using res.redirect
deps: [email protected]
- Adds support for named matching groups in the routes using a regex
- Adds backtracking protection to parameters without regexes defined
deps: encodeurl@~2.0.0
- Removes encoding of \, |, and ^ to align better with URL spec
Deprecate passing options.maxAge and options.expires to res.clearCookie
- Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie