llhttp
llhttp copied to clipboard
nodejs
Port of http_parser to llparse
In one of the existing llhttp tests (shown at the bottom), it shows llhttp reporting some of the folded whitespace characters as being part of the header value. According to...
It has resulted in request smuggling vulnerabilities in the past, so dropping it reduces attack surface.
At present, many new features have been added, but the version number has not been updated. I hope the version will be released as soon as possible.
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.19 to 20.11.22. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.21.0 to 7.1.0. Release notes Sourced from @typescript-eslint/parser's releases. v7.1.0 7.1.0 (2024-02-26) 🚀 Features eslint-plugin: add *-type-checked-only configs (#8367) eslint-plugin: [naming-convention] support the auto-accessor syntax (#8084) eslint-plugin:...
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.3 to 3.24.5. Changelog Sourced from github/codeql-action's changelog. CodeQL Action Changelog See the releases page for the relevant changes to the CodeQL CLI and language packs. Note...
Bumps [eslint](https://github.com/eslint/eslint) from 8.56.0 to 8.57.0. Release notes Sourced from eslint's releases. v8.57.0 Features 1120b9b feat: Add loadESLint() API method for v8 (#18098) (Nicholas C. Zakas) dca7d0f feat: Enable eslint.config.mjs...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.12.7 to 20.12.8. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...
Bumps [@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin) from 1.7.0 to 1.8.0. Release notes Sourced from @stylistic/eslint-plugin's releases. v1.8.0 1.8.0 (2024-04-30) Features jsx-function-call-newline: add jsx-function-call-newline rule (#376) (110aa4c) jsx-one-expression-per-line: allow single line (#377) (f8825f2) jsx-wrap-multilines: supports...