search

GrottoCenter / grottocenter-api

Grottocenter API
https://api.grottocenter.org
GNU Affero General Public License v3.0
14 stars 2 forks source link

chore(deps): bump express-rate-limit from 6.7.0 to 6.10.0 #1251

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 10 months ago

Bumps express-rate-limit from 6.7.0 to 6.10.0.

Release notes

Sourced from express-rate-limit's releases.

v6.10.0

Added

  • Support for combined RateLimit header from the RateLimit header fields for HTTP standardization draft adopted by the IETF. Enable by setting standardHeaders: 'draft-7'
  • New standardHeaders: 'draft-6' option, treated equivalent to standardHeaders: true from previous releases. (true and false are still supported.)
  • New RateLimit-Policy header added when standardHeaders is set to 'draft-6', 'draft-7', or true
  • Warning when using deprecated draft_polli_ratelimit_headers option
  • Warning when using deprecated onLimitReached option
  • Warning when totalHits value returned from Store is invalid

v6.9.0

Added

  • New validaion check for double-counted requests
  • Added help link to each ValidationError, directing users to the appropriate wiki page for more info

Changed

  • Miscaleanous documenation improvements

You can view the full changelog here.

v6.8.1

Changed

  • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and dts-bundle-generator from 8.x to 7.x (See #360)

You can view the full changelog here.

v6.8.0

Added

You can view the changelog here.

v6.7.2

(Backport of v6.8.1)

You can view the full changelog here.

v6.7.1

Fixed

  • Fixed compatibility with TypeScript's TypeScript new node16 module resolution strategy (See

... (truncated)

Changelog

Sourced from express-rate-limit's changelog.

6.10.0

Added

  • Support for combined RateLimit header from the RateLimit header fields for HTTP standardization draft adopted by the IETF. Enable by setting standardHeaders: 'draft-7'
  • New standardHeaders: 'draft-6' option, treated equivalent to standardHeaders: true from previous releases. (true and false are still supported.)
  • New RateLimit-Policy header added when standardHeaders is set to 'draft-6', 'draft-7', or true
  • Warning when using deprecated draft_polli_ratelimit_headers option
  • Warning when using deprecated onLimitReached option
  • Warning when totalHits value returned from Store is invalid

6.9.0

Added

  • New validaion check for double-counted requests
  • Added help link to each ValidationError, directing users to the appropriate wiki page for more info

Changed

  • Miscaleanous documenation improvements

6.8.1 & 6.7.2

Changed

  • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and dts-bundle-generator from 8.x to 7.x (See #360)

6.8.0

Added

6.7.1

Fixed

... (truncated)

Commits
  • 57ee25c 6.10.0
  • fbd64df Update changelog for 6.10.0
  • 8716f5a feat: support combined RateLimit header from ietf draft 7 (#376)
  • 07bfc67 feat: validate totalHits value returned from store (#379)
  • 43cadd4 validations: add draft_polli_ratelimit_headers option deprecation warning (...
  • 0bdd5fc test: improve coverage
  • 3cb205d docs: precise-memory-store is modern as of v2
  • f8469d1 chore: remove unecessary meta files
  • a53350c chore: use extracted config packages
  • a118c69 docs: update ci badge in readme
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 9 months ago

Superseded by #1255.