demo
demo copied to clipboard
[Snyk] Upgrade express from 4.17.1 to 4.18.1
This PR was automatically created by Snyk using the credentials of a real user.
Snyk has created this PR to upgrade express from 4.17.1 to 4.18.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is 4 versions ahead of your current version.
- The recommended version was released a month ago, on 2022-04-29.
Release notes
Package name: express
-
4.18.1 - 2022-04-29
- Fix hanging on large stack of sync routes
-
4.18.0 - 2022-04-25
- Add "root" option to
res.download
- Allow
options
withoutfilename
inres.download
- Deprecate string and non-integer arguments to
res.status
- Fix behavior of
null
/undefined
asmaxAge
inres.cookie
- Fix handling very large stacks of sync middleware
- Ignore
Object.prototype
values in settings throughapp.set
/app.get
- Invoke
default
with same arguments as types inres.format
- Support proper 205 responses using
res.send
- Use
http-errors
forres.format
error - deps: [email protected]
- Fix error message for json parse whitespace in
strict
- Fix internal error when inflated body exceeds limit
- Prevent loss of async hooks context
- Prevent hanging when request already read
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix error message for json parse whitespace in
- deps: [email protected]
- Add
priority
option - Fix
expires
option to reject invalid dates
- Add
- deps: [email protected]
- Replace internal
eval
usage withFunction
constructor - Use instance methods on
process
to check for listeners
- Replace internal
- deps: [email protected]
- Remove set content headers that break response
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Prevent loss of async hooks context
- deps: [email protected]
- deps: [email protected]
- Fix emitted 416 error missing headers property
- Limit the headers removed for 304 response
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Remove code 306
- Rename
425 Unordered Collection
to standard425 Too Early
- Add "root" option to
-
4.17.3 - 2022-02-17
- deps: accepts@~1.3.8
- deps: mime-types@~2.1.34
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix handling of
__proto__
keys
- Fix handling of
- pref: remove unnecessary regexp for trust proxy
- deps: accepts@~1.3.8
-
4.17.2 - 2021-12-17
- Fix handling of
undefined
inres.jsonp
- Fix handling of
undefined
when"json escape"
is enabled - Fix incorrect middleware execution with unanchored
RegExp
s - Fix
res.jsonp(obj, status)
deprecation message - Fix typo in
res.is
JSDoc - deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: type-is@~1.6.18
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix
maxAge
option to reject invalid values
- Fix
- deps: proxy-addr@~2.0.7
- Use
req.socket
over deprecatedreq.connection
- deps: [email protected]
- deps: [email protected]
- Use
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- pref: ignore empty http tokens
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- Fix handling of
-
4.17.1 - 2019-05-26
- Revert "Improve error message for
null
/undefined
tores.status
"
- Revert "Improve error message for
Commit messages
Package name: express
- d854c43 4.18.1
- b02a95c build: [email protected]
- 631ada0 Fix hanging on large stack of sync routes
- 75e0c7a bench: remove unused parameter
- e2482b7 build: [email protected]
- 2df96e3 build: [email protected]
- a38fae1 build: [email protected]
- 547fdd4 4.18.0
- 0b330ef bench: print latency and vary connections
- 158a170 build: support Node.js 18.x
- 29ea1b2 build: use 64-bit Node.js in AppVeyor
- 11a209e build: support Node.js 17.x
- fd8e45c tests: mark stack overflow as long running
- 708ac4c Fix handling very large stacks of sync middleware
- 92c5ce5 deps: [email protected]
- 8880dda examples: add missing html label associations
- b91c7ff examples: use http-errors to create errors
- ecaf67c docs: remove Node Security Project from security policy
- 99175c3 docs: fix typo in casing of HTTP
- 1b2e097 tests: fix typo in description
- 04da4aa build: use [email protected] for Node.js 6.x
- 2e2d78c deps: [email protected]
- 980d881 deps: [email protected]
- 1df7576 deps: [email protected]
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🔕 Ignore this dependency or unsubscribe from future upgrade PRs
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.