search

billmcchesney1 / concord-website

Documentation website source code for Concord
https://concord.walmartlabs.com
Other
0 stars 0 forks source link

chore(deps): update dependency express to ~4.16.0 - autoclosed #61

Closed mend-for-github-com[bot] closed 2 years ago

mend-for-github-com[bot] commented 2 years ago

This PR contains the following updates:

Package Type Update Change
express (source) devDependencies minor ~4.14.0 -> ~4.16.0

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 7.5 CVE-2017-1000048
High High 7.5 CVE-2017-16138
High High 7.5 CVE-2017-16119
Medium Medium 5.3 CVE-2017-16137

Release Notes

expressjs/express ### [`v4.16.0`](https://togithub.com/expressjs/express/blob/master/History.md#​4160--2017-09-28) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.5...4.16.0) \=================== - Add `"json escape"` setting for `res.json` and `res.jsonp` - Add `express.json` and `express.urlencoded` to parse bodies - Add `options` argument to `res.download` - Improve error message when autoloading invalid view engine - Improve error messages when non-function provided as middleware - Skip `Buffer` encoding when not generating ETag for small response - Use `safe-buffer` for improved Buffer API - deps: accepts@~1.3.4 - deps: mime-types@~2.1.16 - deps: content-type@~1.0.4 - perf: remove argument reassignment - perf: skip parameter parsing when no parameters - deps: etag@~1.8.1 - perf: replace regular expression with substring - deps: finalhandler@1.1.0 - Use `res.headersSent` when available - deps: parseurl@~1.3.2 - perf: reduce overhead for full URLs - perf: unroll the "fast-path" `RegExp` - deps: proxy-addr@~2.0.2 - Fix trimming leading / trailing OWS in `X-Forwarded-For` - deps: forwarded@~0.1.2 - deps: ipaddr.js@1.5.2 - perf: reduce overhead when no `X-Forwarded-For` header - deps: qs@6.5.1 - Fix parsing & compacting very deep objects - deps: send@0.16.0 - Add 70 new types for file extensions - Add `immutable` option - Fix missing `` in default error & redirects - Set charset as "UTF-8" for .js and .json - Use instance methods on steam to check for listeners - deps: mime@1.4.1 - perf: improve path validation speed - deps: serve-static@1.13.0 - Add 70 new types for file extensions - Add `immutable` option - Set charset as "UTF-8" for .js and .json - deps: send@0.16.0 - deps: setprototypeof@1.1.0 - deps: utils-merge@1.0.1 - deps: vary@~1.1.2 - perf: improve header token parsing speed - perf: re-use options object when generating ETags - perf: remove dead `.charset` set in `res.jsonp` ### [`v4.15.5`](https://togithub.com/expressjs/express/blob/master/History.md#​4155--2017-09-24) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.4...4.15.5) \=================== - deps: debug@2.6.9 - deps: finalhandler@~1.0.6 - deps: debug@2.6.9 - deps: parseurl@~1.3.2 - deps: fresh@0.5.2 - Fix handling of modified headers with invalid dates - perf: improve ETag match loop - perf: improve `If-None-Match` token parsing - deps: send@0.15.6 - Fix handling of modified headers with invalid dates - deps: debug@2.6.9 - deps: etag@~1.8.1 - deps: fresh@0.5.2 - perf: improve `If-Match` token parsing - deps: serve-static@1.12.6 - deps: parseurl@~1.3.2 - deps: send@0.15.6 - perf: improve slash collapsing ### [`v4.15.4`](https://togithub.com/expressjs/express/blob/master/History.md#​4154--2017-08-06) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.3...4.15.4) \=================== - deps: debug@2.6.8 - deps: depd@~1.1.1 - Remove unnecessary `Buffer` loading - deps: finalhandler@~1.0.4 - deps: debug@2.6.8 - deps: proxy-addr@~1.1.5 - Fix array argument being altered - deps: ipaddr.js@1.4.0 - deps: qs@6.5.0 - deps: send@0.15.4 - deps: debug@2.6.8 - deps: depd@~1.1.1 - deps: http-errors@~1.6.2 - deps: serve-static@1.12.4 - deps: send@0.15.4 ### [`v4.15.3`](https://togithub.com/expressjs/express/blob/master/History.md#​4153--2017-05-16) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.2...4.15.3) \=================== - Fix error when `res.set` cannot add charset to `Content-Type` - deps: debug@2.6.7 - Fix `DEBUG_MAX_ARRAY_LENGTH` - deps: ms@2.0.0 - deps: finalhandler@~1.0.3 - Fix missing `` in HTML document - deps: debug@2.6.7 - deps: proxy-addr@~1.1.4 - deps: ipaddr.js@1.3.0 - deps: send@0.15.3 - deps: debug@2.6.7 - deps: ms@2.0.0 - deps: serve-static@1.12.3 - deps: send@0.15.3 - deps: type-is@~1.6.15 - deps: mime-types@~2.1.15 - deps: vary@~1.1.1 - perf: hoist regular expression ### [`v4.15.2`](https://togithub.com/expressjs/express/blob/master/History.md#​4152--2017-03-06) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.1...4.15.2) \=================== - deps: qs@6.4.0 - Fix regression parsing keys starting with `[` ### [`v4.15.1`](https://togithub.com/expressjs/express/blob/master/History.md#​4151--2017-03-05) [Compare Source](https://togithub.com/expressjs/express/compare/4.15.0...4.15.1) \=================== - deps: send@0.15.1 - Fix issue when `Date.parse` does not return `NaN` on invalid date - Fix strict violation in broken environments - deps: serve-static@1.12.1 - Fix issue when `Date.parse` does not return `NaN` on invalid date - deps: send@0.15.1 ### [`v4.15.0`](https://togithub.com/expressjs/express/blob/master/History.md#​4150--2017-03-01) [Compare Source](https://togithub.com/expressjs/express/compare/4.14.1...4.15.0) \=================== - Add debug message when loading view engine - Add `next("router")` to exit from router - Fix case where `router.use` skipped requests routes did not - Remove usage of `res._headers` private field - Improves compatibility with Node.js 8 nightly - Skip routing when `req.url` is not set - Use `%o` in path debug to tell types apart - Use `Object.create` to setup request & response prototypes - Use `setprototypeof` module to replace `__proto__` setting - Use `statuses` instead of `http` module for status messages - deps: debug@2.6.1 - Allow colors in workers - Deprecated `DEBUG_FD` environment variable set to `3` or higher - Fix error when running under React Native - Use same color for same namespace - deps: ms@0.7.2 - deps: etag@~1.8.0 - Use SHA1 instead of MD5 for ETag hashing - Works with FIPS 140-2 OpenSSL configuration - deps: finalhandler@~1.0.0 - Fix exception when `err` cannot be converted to a string - Fully URL-encode the pathname in the 404 - Only include the pathname in the 404 message - Send complete HTML document - Set `Content-Security-Policy: default-src 'self'` header - deps: debug@2.6.1 - deps: fresh@0.5.0 - Fix false detection of `no-cache` request directive - Fix incorrect result when `If-None-Match` has both `*` and ETags - Fix weak `ETag` matching to match spec - perf: delay reading header values until needed - perf: enable strict mode - perf: hoist regular expressions - perf: remove duplicate conditional - perf: remove unnecessary boolean coercions - perf: skip checking modified time if ETag check failed - perf: skip parsing `If-None-Match` when no `ETag` header - perf: use `Date.parse` instead of `new Date` - deps: qs@6.3.1 - Fix array parsing from skipping empty values - Fix compacting nested arrays - deps: send@0.15.0 - Fix false detection of `no-cache` request directive - Fix incorrect result when `If-None-Match` has both `*` and ETags - Fix weak `ETag` matching to match spec - Remove usage of `res._headers` private field - Support `If-Match` and `If-Unmodified-Since` headers - Use `res.getHeaderNames()` when available - Use `res.headersSent` when available - deps: debug@2.6.1 - deps: etag@~1.8.0 - deps: fresh@0.5.0 - deps: http-errors@~1.6.1 - deps: serve-static@1.12.0 - Fix false detection of `no-cache` request directive - Fix incorrect result when `If-None-Match` has both `*` and ETags - Fix weak `ETag` matching to match spec - Remove usage of `res._headers` private field - Send complete HTML document in redirect response - Set default CSP header in redirect response - Support `If-Match` and `If-Unmodified-Since` headers - Use `res.getHeaderNames()` when available - Use `res.headersSent` when available - deps: send@0.15.0 - perf: add fast match path for `*` route - perf: improve `req.ips` performance ### [`v4.14.1`](https://togithub.com/expressjs/express/blob/master/History.md#​4141--2017-01-28) [Compare Source](https://togithub.com/expressjs/express/compare/4.14.0...4.14.1) \=================== - deps: content-disposition@0.5.2 - deps: finalhandler@0.5.1 - Fix exception when `err.headers` is not an object - deps: statuses@~1.3.1 - perf: hoist regular expressions - perf: remove duplicate validation path - deps: proxy-addr@~1.1.3 - deps: ipaddr.js@1.2.0 - deps: send@0.14.2 - deps: http-errors@~1.5.1 - deps: ms@0.7.2 - deps: statuses@~1.3.1 - deps: serve-static@~1.11.2 - deps: send@0.14.2 - deps: type-is@~1.6.14 - deps: mime-types@~2.1.13