express

express copied to clipboard

### Main Changes I am not sure what are our current policies regarding adding badges to the readme file, but I will love to suggest to include the OSSF Scorecard...

UlisesGascon

Add Dependency Review Action

1

### Main Changes This GitHub action will add an additional check when a PR is created in the project and will review any change in the dependencies (cda07fd). > This...

UlisesGascon

Add CodeQL (SAST)

1

### Main Changes This change include the addition of [CodeQL](https://codeql.github.com/) as the [SAST](https://en.wikipedia.org/wiki/Static_application_security_testing) tool for the project. It will run an analysis every day (200fa10) ### Impact in the OSSF...

UlisesGascon

Improve pipelines

11

### Main Changes This change include the pinning for the GItHub Actions dependencies (ce959ac) and the permissions definition for the pipeline (ea604fb) ### Impact in the OSSF Scorecard ![Screenshot 2024-02-02...

UlisesGascon

### Main Changes This pipeline will proactively report the status of the project (every day and when a push is done to `master` branch) including critical fields (`CI-Tests`, `Contributors`, `Dependency-Update-Tool`,...

UlisesGascon

Add support Node.js@21 in the CI

1

### Main Changes Add support for Node 21 in the CI (d4ecdb4) and appveyor (54ecfb7) Note: Node 21.6.2 is last version available ### Changelog - d4ecdb4 build: support Node.js 21.x...

UlisesGascon

Add support Node.js@20 in the CI

1

### Main Changes Add support for Node 20 in the CI (9015d2a) and appveyor (6dc18f9) Note: Node 20.11.1 is last version available ### Changelog - 9015d2a build: support Node.js 20.x...

UlisesGascon

Extension to add Global Error Handler/Response Handler

2

Idea: Add an option to extend a internal global error handler and response envelope wrapper. This basically wraps the response into a wrapper and automatically takes care of the error...

shravan20

Added the check for /favicon request in " count" middleware. Without this check, a request to /favicon that is made by most browsers will also increment the counter. This will...

DmytroKondrashov

Bump qs to 6.9.7 (CVE-2022-24999)

3

I'm using 5.x, and it still has a dependency on qs 6.9.6, which is [vulnerable to prototype pollution](https://github.com/advisories/GHSA-hrpp-h998-j3pp). I see you fixed it on master branch with version 6.11.0, but...

christianblais