Open dependabot[bot] opened 2 weeks ago
New and removed dependencies detected. Learn more about Socket for GitHub ↗︎
Package | New capabilities | Transitives | Size | Publisher |
---|---|---|---|---|
npm/express@4.21.0 | environment, filesystem, network Transitive: eval, unsafe | +33 |
1.47 MB | wesleytodd |
🚮 Removed packages: npm/express@4.18.2
Files with Coverage Reduction | New Missed Lines | % | ||
---|---|---|---|---|
src/adapters/web-socket-adapter.ts | 2 | 53.48% | ||
src/factories/rate-limiter-factory.ts | 4 | 45.45% | ||
src/adapters/web-socket-server-adapter.ts | 4 | 67.16% | ||
src/handlers/request-handlers/rate-limiter-middleware.ts | 5 | 35.0% | ||
src/adapters/redis-adapter.ts | 6 | 6.38% | ||
<!-- | Total: | 21 | --> |
Totals | |
---|---|
Change from base Build 7508655524: | -0.6% |
Covered Lines: | 1211 |
Relevant Lines: | 2276 |
Bumps path-to-regexp to 1.9.0 and updates ancestor dependency express. These dependencies need to be updated together.
Updates
path-to-regexp
from 1.8.0 to 1.9.0Release notes
Sourced from path-to-regexp's releases.
Commits
c75eb10
1.9.0925ac8e
Add backtrack protection to 1.x release (#320)32a14b0
Fixre.exec('/test/route')
result (#267)Updates
express
from 4.18.2 to 4.21.0Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
7e562c6
4.21.01bcde96
fix(deps): qs@6.13.0 (#5946)7d36477
fix(deps): serve-static@1.16.2 (#5951)40d2d8f
fix(deps): finalhandler@1.3.177ada90
Deprecate"back"
magic string in redirects (#5935)21df421
4.20.04c9ddc1
feat: upgrade to serve-static@0.16.09ebe5d5
feat: upgrade to send@0.19.0 (#5928)ec4a01b
feat: upgrade to body-parser@1.20.3 (#5926)54271f6
fix: don't render redirect values in anchor hrefMaintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show