postman-runtime
postman-runtime copied to clipboard
Bump express from 4.17.2 to 4.19.1
Bumps express from 4.17.2 to 4.19.1.
Release notes
Sourced from express's releases.
4.19.0
What's Changed
- fix typo in release date by
@UlisesGascon
in expressjs/express#5527- docs: nominating
@wesleytodd
to be project captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
@crandmck
in expressjs/express#5541- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by
@wesleytodd
in expressjs/express#5551New Contributors
@crandmck
made their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
4.18.3
Main Changes
- Fix routing requests without method
- deps: [email protected]
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: [email protected]
Other Changes
- Use https: protocol instead of deprecated git: protocol by
@vcsjones
in expressjs/express#5032- build: [email protected] and [email protected] by
@abenhamdine
in expressjs/express#5034- ci: update actions/checkout to v3 by
@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
@raksbisht
in expressjs/express#5119- Fixed typos by
@raksbisht
in expressjs/express#5117- examples: remove unused params by
@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
@raksbisht
in expressjs/express#5130- fix: typos in History.md by
@raksbisht
in expressjs/express#5131- build : add [email protected] by
@abenhamdine
in expressjs/express#5028- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5137- use random port in test so it won't fail on already listening by
@rluvaton
in expressjs/express#5162- tests: use cb() instead of done() by
@kristof-low
in expressjs/express#5233- examples: remove multipart example by
@riddlew
in expressjs/express#5195- Update support Node.js@18 in the CI by
@UlisesGascon
in expressjs/express#5490- Fix favicon-related bug in cookie-sessions example by
@DmytroKondrashov
in expressjs/express#5414- Release 4.18.3 by
@UlisesGascon
in expressjs/express#5505New Contributors
@vcsjones
made their first contribution in expressjs/express#5032@abenhamdine
made their first contribution in expressjs/express#5034@armujahid
made their first contribution in expressjs/express#5027@raksbisht
made their first contribution in expressjs/express#5124@rluvaton
made their first contribution in expressjs/express#5162@kristof-low
made their first contribution in expressjs/express#5233@riddlew
made their first contribution in expressjs/express#5195
... (truncated)
Changelog
Sourced from express's changelog.
4.19.1 / 2024-03-20
- Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
- Prevent open redirect allow list bypass due to encodeurl
- deps: [email protected]
4.18.3 / 2024-02-29
- Fix routing requests without method
- deps: [email protected]
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: [email protected]
- deps: [email protected]
- Add
partitioned
option4.18.2 / 2022-10-08
- Fix regression routing a large stack in a single route
- deps: [email protected]
- deps: [email protected]
- perf: remove unnecessary object clone
- deps: [email protected]
4.18.1 / 2022-04-29
- Fix hanging on large stack of sync routes
4.18.0 / 2022-04-25
- Add "root" option to
res.download
- Allow
options
withoutfilename
inres.download
- Deprecate string and non-integer arguments to
res.status
- Fix behavior of
null
/undefined
asmaxAge
inres.cookie
- Fix handling very large stacks of sync middleware
- Ignore
Object.prototype
values in settings throughapp.set
/app.get
- Invoke
default
with same arguments as types inres.format
- Support proper 205 responses using
res.send
- Use
http-errors
forres.format
error- deps: [email protected]
- Fix error message for json parse whitespace in
strict
... (truncated)
Commits
4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: [email protected]4ee853e
docs: loosen TC activity rules414854b
docs: nominating@wesleytodd
to be project captian- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
You can trigger a rebase of this PR by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)