Closed dependabot[bot] closed 5 days ago
Bumps the npm_and_yarn group with 2 updates in the /oid4vc/demo/frontend directory: express and send. Bumps the npm_and_yarn group with 1 update in the /oid4vc/integration/credo directory: express.
Updates express from 4.19.2 to 4.20.0
express
Sourced from express's releases.
4.20.0 What's Changed Important IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity) Remove link renderization in html while using res.redirect Other Changes 4.19.2 Staging by @wesleytodd in expressjs/express#5561 remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562 feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565 Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564 Add a Threat Model by @UlisesGascon in expressjs/express#5526 Assign captain of encodeurl by @blakeembrey in expressjs/express#5579 Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587 docs: update Security.md by @inigomarquinez in expressjs/express#5590 docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600 Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433 docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605 deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569 skip QUERY method test by @jonchurch in expressjs/express#5628 ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639 add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627 doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619 List and sort all projects, add captains by @blakeembrey in expressjs/express#5653 docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666 ✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690 [v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672 skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695 📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683 remove minor version pinning from ci by @jonchurch in expressjs/express#5722 Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762 Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599 Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436 update scorecard link by @bjohansebas in expressjs/express#5814 Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836 deps: path-to-regexp@0.1.8 by @blakeembrey in expressjs/express#5603 docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835 4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781 path-to-regexp@0.1.10 by @blakeembrey in expressjs/express#5902 New Contributors @marco-ippolito made their first contribution in expressjs/express#5565 @inigomarquinez made their first contribution in expressjs/express#5590 @mertcanaltin made their first contribution in expressjs/express#5627 @ctcpip made their first contribution in expressjs/express#5690 @bjohansebas made their first contribution in expressjs/express#5814 Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.20.0
depth
32
Infinity
res.redirect
@wesleytodd
@marco-ippolito
@jonchurch
@UlisesGascon
@blakeembrey
http-errors
expressjs.com
morgan
cors
body-parser
@inigomarquinez
@mertcanaltin
@ctcpip
res.clearCookie
options.maxAge
options.expires
@IamLizu
@bjohansebas
question
discuss
merge-descriptors
@RobinTail
Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.20.0
Sourced from express's changelog.
4.20.0 / 2024-09-10 deps: serve-static@0.16.0 Remove link renderization in html while redirecting deps: send@0.19.0 Remove link renderization in html while redirecting deps: body-parser@0.6.0 add depth option to customize the depth level in the parser IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity) Remove link renderization in html while using res.redirect deps: path-to-regexp@0.1.10 Adds support for named matching groups in the routes using a regex Adds backtracking protection to parameters without regexes defined deps: encodeurl@~2.0.0 Removes encoding of \, |, and ^ to align better with URL spec Deprecate passing options.maxAge and options.expires to res.clearCookie Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
\
|
^
21df421
4c9ddc1
9ebe5d5
ec4a01b
54271f6
125bb74
2a980ad
a3e7e05
c5addb9
e35380a
Updates body-parser from 1.20.2 to 1.20.3
Sourced from body-parser's releases.
1.20.3 What's Changed Important deps: qs@6.13.0 add depth option to customize the depth level in the parser IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation Other changes chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522 ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523 fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527 deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521 Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531 Linter by @UlisesGascon in expressjs/body-parser#534 Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535 New Contributors @inigomarquinez made their first contribution in expressjs/body-parser#522 @melikhov-dev made their first contribution in expressjs/body-parser#521 @bjohansebas made their first contribution in expressjs/body-parser#531 @UlisesGascon made their first contribution in expressjs/body-parser#534 Full Changelog: https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3
@melikhov-dev
Full Changelog: https://github.com/expressjs/body-parser/compare/1.20.2...1.20.3
Sourced from body-parser's changelog.
1.20.3 / 2024-09-10 deps: qs@6.13.0 add depth option to customize the depth level in the parser IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
1752951
39744cf
b2695c4
ade0f3f
99a1bd6
9478591
83db46a
9d4e212
This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.
Updates path-to-regexp from 0.1.7 to 0.1.10
path-to-regexp
Sourced from path-to-regexp's releases.
Backtrack protection Fixed Add backtrack protection to parameters 29b96b4 This will break some edge cases but should improve performance https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10 Support non-lookahead regex output Added Allow a non-lookahead regex (#312) c4272e4 https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9 Support named matching groups in RegExp Added Add support for named matching groups (#301) 114f62d https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8
Fixed
https://github.com/pillarjs/path-to-regexp/compare/v0.1.9...v0.1.10
Added
https://github.com/component/path-to-regexp/compare/v0.1.8...v0.1.9
RegExp
https://github.com/pillarjs/path-to-regexp/compare/v0.1.7...v0.1.8
c827fce
29b96b4
ac4c234
bdb6635
c4272e4
51a1955
114f62d
Updates send from 0.18.0 to 1.1.0
send
Sourced from send's releases.
1.1.0 What's Changed Remove link renderization in html while redirecting (pillarjs/send#235) fix: engines node@>=18 by @wesleytodd in pillarjs/send#233 Do not serve files when path ends with / by @rmhaiderali in pillarjs/send#224 Release: 1.1.0 by @UlisesGascon in pillarjs/send#236 New Contributors @rmhaiderali made their first contribution in pillarjs/send#224 Full Changelog: https://github.com/pillarjs/send/compare/v1.0.0...1.1.0 0.19.0 What's Changed Remove link renderization in html while redirecting (pillarjs/send#235) New Contributors @UlisesGascon made their first contribution in pillarjs/send#235 Full Changelog: https://github.com/pillarjs/send/compare/0.18.0...0.19.0
@rmhaiderali
Full Changelog: https://github.com/pillarjs/send/compare/v1.0.0...1.1.0
Full Changelog: https://github.com/pillarjs/send/compare/0.18.0...0.19.0
Sourced from send's changelog.
1.1.0 / 2024-09-10 Changes from 0.19.0 1.0.0 / 2024-07-25 Drop support for Node.js <18.0 statuses@^2.0.1 range-parser@^1.2.1 on-finished@^2.4.1 ms@^2.1.3 mime-types@^2.1.35 http-errors@^2.0.0 fresh@^0.5.2 etag@^1.8.1 escape-html@^1.0.3 encodeurl@^2.0.0 destroy@^1.2.0 debug@^4.3.5 1.0.0-beta.2 / 2024-03-04 Changes from 0.18.0 1.0.0-beta.1 / 2022-02-04 Drop support for Node.js 0.8 Remove hidden option -- use dotfiles option Remove from alias to root -- use root directly Remove send.etag() -- use etag in options Remove send.index() -- use index in options Remove send.maxage() -- use maxAge in options Remove send.root() -- use root in options Use mime-types for file to content type mapping -- removed send.mime deps: debug@3.1.0 Add DEBUG_HIDE_DATE environment variable Change timer to per-namespace instead of global Change non-TTY date format Remove DEBUG_FD environment variable support Support 256 namespace colors 0.19.0 / 2024-09-10 Remove link renderization in html while redirecting
statuses@^2.0.1
range-parser@^1.2.1
on-finished@^2.4.1
ms@^2.1.3
mime-types@^2.1.35
http-errors@^2.0.0
fresh@^0.5.2
etag@^1.8.1
escape-html@^1.0.3
encodeurl@^2.0.0
destroy@^1.2.0
debug@^4.3.5
hidden
dotfiles
from
root
send.etag()
etag
options
send.index()
index
send.maxage()
maxAge
send.root()
mime-types
send.mime
DEBUG_HIDE_DATE
DEBUG_FD
dc6b5d4
8eaab61
9774100
672e5c3
91c184e
ddfb7d7
56b1817
0c0d374
b0e3e2d
2d5841a
This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.
Updates express from 4.20.0 to 5.0.0
Updates serve-static from 1.15.0 to 2.1.0
serve-static
Sourced from serve-static's releases.
2.1.0 What's Changed Remove link renderization in html while redirecting (expressjs/serve-static#173) chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/serve-static#163 ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/serve-static#164 Update dev deps by @wesleytodd in expressjs/serve-static#168 Update prod deps for v2 by @wesleytodd in expressjs/serve-static#169 Release 2.0 by @wesleytodd in expressjs/serve-static#165 Release: 2.1.0 by @UlisesGascon in expressjs/serve-static#174 New Contributors @inigomarquinez made their first contribution in expressjs/serve-static#163 Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...2.1.0 2.0.0-beta.1 Change dotfiles option default to 'ignore' Drop support for Node.js 0.8 Remove hidden option; use dotfiles option instead deps: send@1.0.0-beta.1 Use mime-types for file to content type mapping deps: debug@3.1.0 1.16.0 What's Changed Remove link renderization in html while redirecting (expressjs/serve-static#173) New Contributors @UlisesGascon made their first contribution in expressjs/serve-static#173 Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0
Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...2.1.0
'ignore'
Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0
Sourced from serve-static's changelog.
2.1.0 / 2024-09-10 Changes from 1.16.0 2.0.0 / 2024-08-23 deps: parseurl@^1.3.3 excape-html@^1.0.3 encodeurl@^2.0.0 supertest@^6.3.4 safe-buffer@^5.2.1 nyc@^17.0.0 mocha@^10.7.0 Changes from 1.x 2.0.0-beta.2 / 2024-03-20 deps: send@1.0.0-beta.2 2.0.0-beta.1 / 2022-02-05 Change dotfiles option default to 'ignore' Drop support for Node.js 0.8 Remove hidden option; use dotfiles option instead deps: send@1.0.0-beta.1 Use mime-types for file to content type mapping deps: debug@3.1.0 1.16.0 / 2024-09-10 Remove link renderization in html while redirecting
87c5f09
ce73089
d79edce
707f803
1c317e0
d3db1f6
050cf48
9bba9fa
5efec61
5d26187
This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.
To ignore these dependencies, configure ignore rules in dependabot.yml
Bumps the npm_and_yarn group with 2 updates in the /oid4vc/demo/frontend directory: express and send. Bumps the npm_and_yarn group with 1 update in the /oid4vc/integration/credo directory: express.
Updates
express
from 4.19.2 to 4.20.0Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
21df421
4.20.04c9ddc1
feat: upgrade to serve-static@0.16.09ebe5d5
feat: upgrade to send@0.19.0 (#5928)ec4a01b
feat: upgrade to body-parser@1.20.3 (#5926)54271f6
fix: don't render redirect values in anchor href125bb74
path-to-regexp@0.1.10 (#5902)2a980ad
merge-descriptors@1.0.3 (#5781)a3e7e05
docs: specify new instructions forquestion
anddiscuss
c5addb9
deps: path-to-regexp@0.1.8 (#5603)e35380a
docs: add@IamLizu
to the triage team (#5836)Updates
body-parser
from 1.20.2 to 1.20.3Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
1752951
1.20.339744cf
chore: linter (#534)b2695c4
Merge commit from forkade0f3f
add scorecard to readme (#531)99a1bd6
deps: qs@6.12.3 (#521)9478591
fix: pin to node@22.4.183db46a
ci: fix errors in ci github action for node 8 and 9 (#523)9d4e212
chore: add support for OSSF scorecard reporting (#522)Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.
Updates
path-to-regexp
from 0.1.7 to 0.1.10Release notes
Sourced from path-to-regexp's releases.
Commits
c827fce
0.1.1029b96b4
Add backtrack protection to parametersac4c234
Update repo url (#314)bdb6635
0.1.9c4272e4
Allow a non-lookahead regex (#312)51a1955
0.1.8114f62d
Add support for named matching groups (#301)Updates
send
from 0.18.0 to 1.1.0Release notes
Sourced from send's releases.
Changelog
Sourced from send's changelog.
Commits
dc6b5d4
1.1.08eaab61
Merge commit from fork9774100
Do not serve files when path ends with / in windows (#224)672e5c3
fix: engines node@>=1891c184e
1.0.0ddfb7d7
fix: update history.md56b1817
Merge branch '1.0'0c0d374
fix(deps): statuses@^2.0.1b0e3e2d
fix(deps): range-parser@^1.2.12d5841a
fix(deps): on-finished@^2.4.1Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.
Updates
express
from 4.20.0 to 5.0.0Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
21df421
4.20.04c9ddc1
feat: upgrade to serve-static@0.16.09ebe5d5
feat: upgrade to send@0.19.0 (#5928)ec4a01b
feat: upgrade to body-parser@1.20.3 (#5926)54271f6
fix: don't render redirect values in anchor href125bb74
path-to-regexp@0.1.10 (#5902)2a980ad
merge-descriptors@1.0.3 (#5781)a3e7e05
docs: specify new instructions forquestion
anddiscuss
c5addb9
deps: path-to-regexp@0.1.8 (#5603)e35380a
docs: add@IamLizu
to the triage team (#5836)Updates
serve-static
from 1.15.0 to 2.1.0Release notes
Sourced from serve-static's releases.
Changelog
Sourced from serve-static's changelog.
Commits
87c5f09
2.1.0ce73089
Merge commit from forkd79edce
Create SECURITY.md707f803
2.0.01c317e0
fix: update history.mdd3db1f6
fix(deps): parseurl@^1.3.3050cf48
fix(deps): excape-html@^1.0.39bba9fa
fix(deps): encodeurl@^2.0.05efec61
fix(devDeps): supertest@^6.3.45d26187
fix(devDeps): safe-buffer@^5.2.1Maintainer changes
This version was pushed to npm by ulisesgascon, a new releaser for serve-static since your current version.
Updates
express
from 4.19.2 to 4.20.0Release notes
Sourced from express's releases.
Changelog
Sourced from express's changelog.
Commits
21df421
4.20.04c9ddc1
feat: upgrade to serve-static@0.16.09ebe5d5
feat: upgrade to send@0.19.0 (#5928)ec4a01b
feat: upgrade to body-parser@1.20.3 (#5926)54271f6
fix: don't render redirect values in anchor href125bb74
path-to-regexp@0.1.10 (#5902)2a980ad
merge-descriptors@1.0.3 (#5781)a3e7e05
docs: specify new instructions forquestion
anddiscuss
c5addb9
deps: path-to-regexp@0.1.8 (#5603)e35380a
docs: add@IamLizu
to the triage team (#5836)Updates
body-parser
from 1.20.2 to 1.20.3Release notes
Sourced from body-parser's releases.
Changelog
Sourced from body-parser's changelog.
Commits
1752951
1.20.339744cf
chore: linter (#534)b2695c4
Merge commit from forkade0f3f
add scorecard to readme (#531)99a1bd6
deps: qs@6.12.3 (#521)9478591
fix: pin to node@22.4.183db46a
ci: fix errors in ci github action for node 8 and 9 (#523)9d4e212
chore: add support for OSSF scorecard reporting... _Description has been truncated_