Snyk has created this PR to upgrade express-rate-limit from 5.4.1 to 6.5.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
Warning: This is a major version upgrade, and may be a breaking change.
The recommended version is 14 versions ahead of your current version.
The recommended version was released 21 days ago, on 2022-07-23.
Export the MemoryStore, so it can now be imported as a named import
(import { MemoryStore } from 'express-rate-limit').
Fixed
Deprecate the onLimitReached option (this was supposed to be deprecated in
v6.0.0 itself); developers should use a custom handler function that checks if
the rate limit has been exceeded instead.
Bumped minimum Node version from 12.9 to 14.5 because the transpiled output uses the nullish coalescing operator (??), which isn't supported in Node prior to 14.x.
Snyk has created this PR to upgrade express-rate-limit from 5.4.1 to 6.5.1.
Warning: This is a major version upgrade, and may be a breaking change.
Release notes
Package name: express-rate-limit
-
6.5.1 - 2022-07-23
- The message option can now be a (sync/asynx) function that returns a value (#311)
- Updated all dependencies
-
6.4.0 - 2022-04-24
- Adds Express 5 (
- Tests are now run on Node 12, 14, 16 and 18 on CI (#305)
- Updated all development dependencies (#306)
-
6.3.0 - 2022-02-19
- Changes the build target to
- Changes the minimum required Node version to 12.9.0.
-
6.2.1 - 2022-02-10
- Use the default value for an option when
-
6.2.0 - 2022-01-22
- Export the
- Deprecate the
-
6.1.0 - 2022-01-12
- Added a named export
- Added a named export
-
6.0.5 - 2022-01-06
- Use named imports for ExpressJS types so users do not need to enable the
-
6.0.4 - 2022-01-02
- Upload the built package as a
- Add
- Bumped the minimum node.js version in
-
6.0.3 - 2021-12-30
- Bumped minimum Node version from 12.9 to 14.5 because the transpiled output uses the nullish coalescing operator (
-
6.0.2 - 2021-12-30
- Ensure CommonJS projects can import the module.
- Add additional tests that test:
- importing the library in
- usage of the library with external stores (
- Use
🚀
- Use
-
6.0.1 - 2021-12-25
-
6.0.0 - 2021-12-24
-
5.5.1 - 2021-11-06
-
5.5.0 - 2021-10-12
-
5.4.1 - 2021-10-05
from express-rate-limit GitHub release notesChanged
Added
5.0.0-beta.1) as a supported peer dependency (#304)Changed
Changed
es2019so that ESBuild outputs code that can run with Node 12.Fixed
undefinedis passed to the ratelimiter.
Added
MemoryStore, so it can now be imported as a named import(
import { MemoryStore } from 'express-rate-limit').Fixed
onLimitReachedoption (this was supposed to be deprecated inv6.0.0 itself); developers should use a custom handler function that checks if
the rate limit has been exceeded instead.
Added
rateLimitin case the default import does not work.Fixed
default, so Typescript CommonJS developers can default-import the library (import rateLimit from 'express-rate-limit').Fixed
esModuleInteropflag in their Typescript compiler configuration.Fixed
.tgzto GitHub releases.Changed
mainandmodulefields topackage.json. This helps tools such as ESLint that do not yet support theexportsfield.package-lock.jsonto matchpackage.jsonChanged
??), which isn't supported in Node prior to 14.x.Fixed
Added
js-cjs,js-esm,ts-cjs,ts-esmenvironments.redis,mongo,memcached,precise).Changed
esbuildto generate ESM and CJS output. This reduces the size of the built package from 138 kb to 13kb and build time to 4 ms!dts-bundle-generatorto generate a single Typescript declaration file.Commit messages
Package name: express-rate-limit
- 12deb5c 6.5.1
- a4fc58e chore(deps): downgrade `del-cli` to 4.0.1
- 03a95ec chore(deps): downgrade `xo` to 0.49.0
- 4278463 docs(changelog): add notes for 6.5.0
- 8d36873 chore(deps): bump dependencies
- 7f8cf9e feat: allow the `message` option to be a function (#311)
- 9201784 Merge pull request #312 from nfriedly/dependabot/npm_and_yarn/terser-5.14.2
- a382821 chore(deps): bump terser from 5.10.0 to 5.14.2
- e7820d2 6.4.0
- 490ab2e docs: update changelog for 6.4.0
- c636e58 meta: add express 5 as peer dependency (#304)
- c99ebae meta: run ci on node 18 (#305)
- 2b91eba chore: bump all dependencies (#306)
- 8145af3 Merge pull request #302 from nfriedly/dependabot/npm_and_yarn/minimist-1.2.6
- e4cbbc9 chore(deps): bump minimist from 1.2.5 to 1.2.6
- 566f96c docs: update changelog for 6.3.0
- 435e1e4 6.3.0
- dc3160b meta: support node 12 (#295)
- b1dc72f docs(changelog): update for v6.2.1
- 49294c8 6.2.1
- 1f0a8ec fix: use default value for option when `undefined` is passed (#294)
- a8dc1f7 6.2.0
- 98d7762 docs: update changelog for v6.2.0
- c2c0780 chore(deps): bump dependencies
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs