Open staging-whitesource-for-github-com[bot] opened 5 hours ago
This PR contains the following updates:
4.15.5
4.17.0
By merging this PR, the below issues will be automatically resolved and closed:
This PR contains the following updates:
4.15.5
->4.17.0
By merging this PR, the below issues will be automatically resolved and closed:
Release Notes
expressjs/express (express)
### [`v4.17.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4170--2019-05-16) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.16.4...4.17.0) \=================== - Add `express.raw` to parse bodies into `Buffer` - Add `express.text` to parse bodies into string - Improve error message for non-strings to `res.sendFile` - Improve error message for `null`/`undefined` to `res.status` - Support multiple hosts in `X-Forwarded-Host` - deps: accepts@~1.3.7 - deps: body-parser@1.19.0 - Add encoding MIK - Add petabyte (`pb`) support - Fix parsing array brackets after index - deps: bytes@3.1.0 - deps: http-errors@1.7.2 - deps: iconv-lite@0.4.24 - deps: qs@6.7.0 - deps: raw-body@2.4.0 - deps: type-is@~1.6.17 - deps: content-disposition@0.5.3 - deps: cookie@0.4.0 - Add `SameSite=None` support - deps: finalhandler@~1.1.2 - Set stricter `Content-Security-Policy` header - deps: parseurl@~1.3.3 - deps: statuses@~1.5.0 - deps: parseurl@~1.3.3 - deps: proxy-addr@~2.0.5 - deps: ipaddr.js@1.9.0 - deps: qs@6.7.0 - Fix parsing array brackets after index - deps: range-parser@~1.2.1 - deps: send@0.17.1 - Set stricter CSP header in redirect & error responses - deps: http-errors@~1.7.2 - deps: mime@1.6.0 - deps: ms@2.1.1 - deps: range-parser@~1.2.1 - deps: statuses@~1.5.0 - perf: remove redundant `path.normalize` call - deps: serve-static@1.14.1 - Set stricter CSP header in redirect response - deps: parseurl@~1.3.3 - deps: send@0.17.1 - deps: setprototypeof@1.1.1 - deps: statuses@~1.5.0 - Add `103 Early Hints` - deps: type-is@~1.6.18 - deps: mime-types@~2.1.24 - perf: prevent internal `throw` on invalid type ### [`v4.16.4`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4164--2018-10-10) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.16.3...4.16.4) \=================== - Fix issue where `"Request aborted"` may be logged in `res.sendfile` - Fix JSDoc for `Router` constructor - deps: body-parser@1.18.3 - Fix deprecation warnings on Node.js 10+ - Fix stack trace for strict json parse error - deps: depd@~1.1.2 - deps: http-errors@~1.6.3 - deps: iconv-lite@0.4.23 - deps: qs@6.5.2 - deps: raw-body@2.3.3 - deps: type-is@~1.6.16 - deps: proxy-addr@~2.0.4 - deps: ipaddr.js@1.8.0 - deps: qs@6.5.2 - deps: safe-buffer@5.1.2 ### [`v4.16.3`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4163--2018-03-12) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.16.2...4.16.3) \=================== - deps: accepts@~1.3.5 - deps: mime-types@~2.1.18 - deps: depd@~1.1.2 - perf: remove argument reassignment - deps: encodeurl@~1.0.2 - Fix encoding `%` as last character - deps: finalhandler@1.1.1 - Fix 404 output for bad / missing pathnames - deps: encodeurl@~1.0.2 - deps: statuses@~1.4.0 - deps: proxy-addr@~2.0.3 - deps: ipaddr.js@1.6.0 - deps: send@0.16.2 - Fix incorrect end tag in default error & redirects - deps: depd@~1.1.2 - deps: encodeurl@~1.0.2 - deps: statuses@~1.4.0 - deps: serve-static@1.13.2 - Fix incorrect end tag in redirects - deps: encodeurl@~1.0.2 - deps: send@0.16.2 - deps: statuses@~1.4.0 - deps: type-is@~1.6.16 - deps: mime-types@~2.1.18 ### [`v4.16.2`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4162--2017-10-09) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.16.1...4.16.2) \=================== - Fix `TypeError` in `res.send` when given `Buffer` and `ETag` header set - perf: skip parsing of entire `X-Forwarded-Proto` header ### [`v4.16.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4161--2017-09-29) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.16.0...4.16.1) \=================== - deps: send@0.16.1 - deps: serve-static@1.13.1 - Fix regression when `root` is incorrectly set to a file - deps: send@0.16.1 ### [`v4.16.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#4160--2017-09-28) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.15.5...4.16.0) \=================== - Add `"json escape"` setting for `res.json` and `res.jsonp` - Add `express.json` and `express.urlencoded` to parse bodies - Add `options` argument to `res.download` - Improve error message when autoloading invalid view engine - Improve error messages when non-function provided as middleware - Skip `Buffer` encoding when not generating ETag for small response - Use `safe-buffer` for improved Buffer API - deps: accepts@~1.3.4 - deps: mime-types@~2.1.16 - deps: content-type@~1.0.4 - perf: remove argument reassignment - perf: skip parameter parsing when no parameters - deps: etag@~1.8.1 - perf: replace regular expression with substring - deps: finalhandler@1.1.0 - Use `res.headersSent` when available - deps: parseurl@~1.3.2 - perf: reduce overhead for full URLs - perf: unroll the "fast-path" `RegExp` - deps: proxy-addr@~2.0.2 - Fix trimming leading / trailing OWS in `X-Forwarded-For` - deps: forwarded@~0.1.2 - deps: ipaddr.js@1.5.2 - perf: reduce overhead when no `X-Forwarded-For` header - deps: qs@6.5.1 - Fix parsing & compacting very deep objects - deps: send@0.16.0 - Add 70 new types for file extensions - Add `immutable` option - Fix missing `