[Snyk] Upgrade body-parser from 1.19.0 to 1.20.0

[flaviuse]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.20.0.

 :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

- The recommended version is **3 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2022-04-03. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- | Directory Traversal
[SNYK-JS-MOMENT-2440688](https://snyk.io/vuln/SNYK-JS-MOMENT-2440688) | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | No Known Exploit | Prototype Pollution
[SNYK-JS-ASYNC-2441827](https://snyk.io/vuln/SNYK-JS-ASYNC-2441827) | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Proof of Concept | Regular Expression Denial of Service (ReDoS)
[SNYK-JS-RAMDA-1582370](https://snyk.io/vuln/SNYK-JS-RAMDA-1582370) | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | No Known Exploit | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-2332181](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2332181) | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | Proof of Concept | Information Exposure
[SNYK-JS-FOLLOWREDIRECTS-2396346](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2396346) | **661/1000**
**Why?** Recently disclosed, Has a fix available, CVSS 7.5 | No Known Exploit (*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: body-parser

• 1.20.0 - 2022-04-03
  
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0
• 1.19.2 - 2022-02-16
  
  • deps: bytes@3.1.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • deps: raw-body@2.4.3
    • deps: bytes@3.1.2
• 1.19.1 - 2021-12-10
  
  • deps: bytes@3.1.1
  • deps: http-errors@1.8.1
    • deps: inherits@2.0.4
    • deps: toidentifier@1.0.1
    • deps: setprototypeof@1.2.0
  • deps: qs@6.9.6
  • deps: raw-body@2.4.2
    • deps: bytes@3.1.1
    • deps: http-errors@1.8.1
  • deps: safe-buffer@5.2.1
  • deps: type-is@~1.6.18
• 1.19.0 - 2019-04-26
  
  • deps: bytes@3.1.0
    • Add petabyte (pb) support
  • deps: http-errors@1.7.2
    • Set constructor name when possible
    • deps: setprototypeof@1.1.1
    • deps: statuses@'>= 1.5.0 < 2'
  • deps: iconv-lite@0.4.24
    • Added encoding MIK
  • deps: qs@6.7.0
    • Fix parsing array brackets after index
  • deps: raw-body@2.4.0
    • deps: bytes@3.1.0
    • deps: http-errors@1.7.2
    • deps: iconv-lite@0.4.24
  • deps: type-is@~1.6.17
    • deps: mime-types@~2.1.24
    • perf: prevent internal throw on invalid type

from body-parser GitHub release notes

Commit messages

Package name: body-parser

• 1f6f58e 1.20.0
• 7861a00 docs: update CI badge link
• 601a076 docs: add security policy
• 77bcc0e deps: qs@6.10.3
• eac5f22 build: Node.js@17.8
• 8611539 build: mocha@9.2.2
• 2a2f471 Fix internal error when inflated body exceeds limit
• 9db582d Fix error message for json parse whitespace in strict
• bd702d2 lint: remove deprecated String.prototype.substr
• 96df60f deps: depd@2.0.0
• 1040c7e deps: http-errors@2.0.0
• b9f9acb deps: on-finished@2.4.1
• db3949f deps: raw-body@2.5.1
• 0eb981a build: mocha@9.2.1
• 87c55af build: Node.js@17.6
• 6a557fd tests: assert err.type on most tests
• 424dadd 1.19.2
• 11248a2 deps: raw-body@2.4.3
• 7a088eb build: Node.js@14.19
• ecedf31 build: Node.js@16.14
• b6bfabd build: Node.js@17.5
• badd6b2 build: fix code coverage aggregate upload
• 96b448a build: Node.js@17.4
• 70560b1 build: mocha@9.2.0

Compare

---

**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/flaviuse/project/4f948c0c-2a6e-4fba-8cd5-e5dfa4f57aab?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/flaviuse/project/4f948c0c-2a6e-4fba-8cd5-e5dfa4f57aab/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/flaviuse/project/4f948c0c-2a6e-4fba-8cd5-e5dfa4f57aab/settings/integration?pkg=body-parser&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)