vonage-node-code-snippets
vonage-node-code-snippets copied to clipboard
Published
20 hours ago •
Vonage
Vonage
chore(deps): update dependency express to v4.19.1 (master)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| express (source) | dependencies | minor | 4.18.2 -> 4.19.1 |
This PR resolves the vulnerabilities described in Issue #146
Version 4.18.2 
Risk Change  |
 Critical |
 High |
 Medium |
 Low |
|---|---|---|---|---|
| N/A | 0 | 0 | 1 | 0 |
Version 4.19.1 
| Risk Change |
Critical |
High |
Medium |
Low |
|---|---|---|---|---|
-100%  |
0 (--) | 0 (--) | 0 (-1 ) |
0 (--) |
Mend ensures you have the greatest risk reduction ("Recommended Fix"-highlighted in green) by removing as many vulnerabilities as possible. Click to see how we calculate risk reduction.
Release Notes
expressjs/express (express)
v4.19.1
==========
- Allow passing non-strings to res.location with new encoding handling checks
v4.19.0
==========
- Prevent open redirect allow list bypass due to encodeurl
- deps: [email protected]
v4.18.3
==========
- Fix routing requests without method
- deps: [email protected]
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: [email protected]
- deps: [email protected]
- Add
partitionedoption
- Add
- [ ] If you want to rebase/retry this PR, check this box
![mend-for-github-com[bot] avatar](https://avatars.githubusercontent.com/in/30796?v=4 "Published by a pub.dev verified publisher"){kind=small}