gaston-cerrillo / vulnerable-app

0 stars 0 forks source link

[Snyk] Upgrade body-parser from 1.20.0 to 1.20.1 #7

Open gaston-cerrillo opened 2 years ago

gaston-cerrillo commented 2 years ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade body-parser from 1.20.0 to 1.20.1.

![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=body-parser&from_version=1.20.0&to_version=1.20.1&pr_id=d7df46b4-643e-4304-9b3f-4b3d5004b8a2&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2022-10-06.
Release notes
Package name: body-parser
  • 1.20.1 - 2022-10-06

    1.20.1

      </li>
      <li>
        <b>1.20.0</b> - <a href="https://snyk.io/redirect/github/expressjs/body-parser/releases/tag/1.20.0">2022-04-03</a></br><ul>
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0
from body-parser GitHub release notes

Commit messages
Package name: body-parser Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs