[Snyk] Upgrade body-parser from 1.19.2 to 1.20.1

[m0cah]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade body-parser from 1.19.2 to 1.20.1.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **2 versions** ahead of your current version. - The recommended version was released **3 months ago**, on 2022-10-06. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-COOKIEJAR-3149984](https://snyk.io/vuln/SNYK-JS-COOKIEJAR-3149984) | **372/1000**
**Why?** Proof of Concept exploit, CVSS 5.3 | Proof of Concept (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: body-parser

• 1.20.1 - 2022-10-06
  

  1.20.1

    </li>
    <li>
      <b>1.20.0</b> - <a href="https://snyk.io/redirect/github/expressjs/body-parser/releases/tag/1.20.0">2022-04-03</a></br><ul>

• Fix error message for json parse whitespace in strict
• Fix internal error when inflated body exceeds limit
• Prevent loss of async hooks context
• Prevent hanging when request already read
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: http-errors@2.0.0
  • deps: depd@2.0.0
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
• deps: qs@6.10.3
• deps: raw-body@2.5.1
  • deps: http-errors@2.0.0

1.19.2 - 2022-02-16

• deps: bytes@3.1.2
• deps: qs@6.9.7
  • Fix handling of __proto__ keys
• deps: raw-body@2.4.3
  • deps: bytes@3.1.2

</ul>
from <a href="https://snyk.io/redirect/github/expressjs/body-parser/releases">body-parser GitHub release notes</a>

Commit messages

Package name: body-parser

• 830bdfb 1.20.1
• ecad1cc build: eslint@8.24.0
• 03b93cf build: supertest@6.3.0
• 2c611fc build: Node.js@18.10
• f199e94 perf: remove unnecessary object clone
• 0123e12 build: Node.js@18.9
• de1e6c2 build: Node.js@16.17
• 477ff13 build: eslint-plugin-import@2.26.0
• 40c3fff deps: qs@6.11.0
• 4aa84b7 build: supertest@6.2.4
• b274dd9 build: eslint-plugin-markdown@3.0.0
• eb6dd96 build: eslint@8.23.0
• fe2f823 docs: fix typo in readme
• 7013c29 build: Node.js@18.8
• 9d02699 build: Node.js@16.16
• b89bdc7 build: Node.js@14.20
• 44ffa97 build: mocha@10.0.0
• 633a78a build: Node.js@17.9
• 0936f44 build: Node.js@16.15
• 3d9269e build: support Node.js 18.x
• 1f6f58e 1.20.0
• 7861a00 docs: update CI badge link
• 601a076 docs: add security policy
• 77bcc0e deps: qs@6.10.3

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs