postman-runtime
postman-runtime copied to clipboard
[Snyk] Upgrade express from 4.17.2 to 4.18.1
Snyk has created this PR to upgrade express from 4.17.2 to 4.18.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 3 versions ahead of your current version.
- The recommended version was released 4 months ago, on 2022-04-29.
Release notes
Package name: express
-
4.18.1 - 2022-04-29
- Fix hanging on large stack of sync routes
-
4.18.0 - 2022-04-25
- Add "root" option to
res.download
- Allow
options
withoutfilename
inres.download
- Deprecate string and non-integer arguments to
res.status
- Fix behavior of
null
/undefined
asmaxAge
inres.cookie
- Fix handling very large stacks of sync middleware
- Ignore
Object.prototype
values in settings throughapp.set
/app.get
- Invoke
default
with same arguments as types inres.format
- Support proper 205 responses using
res.send
- Use
http-errors
forres.format
error - deps: [email protected]
- Fix error message for json parse whitespace in
strict
- Fix internal error when inflated body exceeds limit
- Prevent loss of async hooks context
- Prevent hanging when request already read
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix error message for json parse whitespace in
- deps: [email protected]
- Add
priority
option - Fix
expires
option to reject invalid dates
- Add
- deps: [email protected]
- Replace internal
eval
usage withFunction
constructor - Use instance methods on
process
to check for listeners
- Replace internal
- deps: [email protected]
- Remove set content headers that break response
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Prevent loss of async hooks context
- deps: [email protected]
- deps: [email protected]
- Fix emitted 416 error missing headers property
- Limit the headers removed for 304 response
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Remove code 306
- Rename
425 Unordered Collection
to standard425 Too Early
- Add "root" option to
-
4.17.3 - 2022-02-17
- deps: accepts@~1.3.8
- deps: mime-types@~2.1.34
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix handling of
__proto__
keys
- Fix handling of
- pref: remove unnecessary regexp for trust proxy
- deps: accepts@~1.3.8
-
4.17.2 - 2021-12-17
- Fix handling of
undefined
inres.jsonp
- Fix handling of
undefined
when"json escape"
is enabled - Fix incorrect middleware execution with unanchored
RegExp
s - Fix
res.jsonp(obj, status)
deprecation message - Fix typo in
res.is
JSDoc - deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: type-is@~1.6.18
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix
maxAge
option to reject invalid values
- Fix
- deps: proxy-addr@~2.0.7
- Use
req.socket
over deprecatedreq.connection
- deps: [email protected]
- deps: [email protected]
- Use
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- pref: ignore empty http tokens
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix handling of
Commit messages
Package name: express
- d854c43 4.18.1
- b02a95c build: [email protected]
- 631ada0 Fix hanging on large stack of sync routes
- 75e0c7a bench: remove unused parameter
- e2482b7 build: [email protected]
- 2df96e3 build: [email protected]
- a38fae1 build: [email protected]
- 547fdd4 4.18.0
- 0b330ef bench: print latency and vary connections
- 158a170 build: support Node.js 18.x
- 29ea1b2 build: use 64-bit Node.js in AppVeyor
- 11a209e build: support Node.js 17.x
- fd8e45c tests: mark stack overflow as long running
- 708ac4c Fix handling very large stacks of sync middleware
- 92c5ce5 deps: [email protected]
- 8880dda examples: add missing html label associations
- b91c7ff examples: use http-errors to create errors
- ecaf67c docs: remove Node Security Project from security policy
- 99175c3 docs: fix typo in casing of HTTP
- 1b2e097 tests: fix typo in description
- 04da4aa build: use [email protected] for Node.js 6.x
- 2e2d78c deps: [email protected]
- 980d881 deps: [email protected]
- 1df7576 deps: [email protected]
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
Codecov Report
Merging #1229 (0194fe6) into develop (946ee96) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## develop #1229 +/- ##
========================================
Coverage 79.57% 79.57%
========================================
Files 42 42
Lines 2972 2972
Branches 856 856
========================================
Hits 2365 2365
Misses 607 607
Flag | Coverage Δ | |
---|---|---|
integration | 69.48% <ø> (ø) |
|
legacy | 48.51% <ø> (ø) |
|
unit | 43.23% <ø> (ø) |
Flags with carried forward coverage won't be shown. Click here to find out more.
:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more