search

mbradds / pipeline-profiles

Data visualization platform for Canada's major pipeline systems
https://lively-desert-05b6cc51e.1.azurestaticapps.net/
MIT License
6 stars 5 forks source link

[Snyk] Upgrade express from 4.17.3 to 4.18.0 #130

Closed mbradds closed 2 years ago

mbradds commented 2 years ago

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade express from 4.17.3 to 4.18.0.

![merge advice](https://app.snyk.io/badges/merge-advice/?package_manager=npm&package_name=express&from_version=4.17.3&to_version=4.18.0&pr_id=a30025df-b1b8-4443-bcf2-84ff9c54c4b6&visibility=true&has_feature_flag=false) :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
- The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2022-04-25.
Release notes
Package name: express
  • 4.18.0 - 2022-04-25
    • Add "root" option to res.download
    • Allow options without filename in res.download
    • Deprecate string and non-integer arguments to res.status
    • Fix behavior of null/undefined as maxAge in res.cookie
    • Fix handling very large stacks of sync middleware
    • Ignore Object.prototype values in settings through app.set/app.get
    • Invoke default with same arguments as types in res.format
    • Support proper 205 responses using res.send
    • Use http-errors for res.format error
    • deps: body-parser@1.20.0
      • Fix error message for json parse whitespace in strict
      • Fix internal error when inflated body exceeds limit
      • Prevent loss of async hooks context
      • Prevent hanging when request already read
      • deps: depd@2.0.0
      • deps: http-errors@2.0.0
      • deps: on-finished@2.4.1
      • deps: qs@6.10.3
      • deps: raw-body@2.5.1
    • deps: cookie@0.5.0
      • Add priority option
      • Fix expires option to reject invalid dates
    • deps: depd@2.0.0
      • Replace internal eval usage with Function constructor
      • Use instance methods on process to check for listeners
    • deps: finalhandler@1.2.0
      • Remove set content headers that break response
      • deps: on-finished@2.4.1
      • deps: statuses@2.0.1
    • deps: on-finished@2.4.1
      • Prevent loss of async hooks context
    • deps: qs@6.10.3
    • deps: send@0.18.0
      • Fix emitted 416 error missing headers property
      • Limit the headers removed for 304 response
      • deps: depd@2.0.0
      • deps: destroy@1.2.0
      • deps: http-errors@2.0.0
      • deps: on-finished@2.4.1
      • deps: statuses@2.0.1
    • deps: serve-static@1.15.0
      • deps: send@0.18.0
    • deps: statuses@2.0.1
      • Remove code 306
      • Rename 425 Unordered Collection to standard 425 Too Early
  • 4.17.3 - 2022-02-17
    • deps: accepts@~1.3.8
      • deps: mime-types@~2.1.34
      • deps: negotiator@0.6.3
    • deps: body-parser@1.19.2
      • deps: bytes@3.1.2
      • deps: qs@6.9.7
      • deps: raw-body@2.4.3
    • deps: cookie@0.4.2
    • deps: qs@6.9.7
      • Fix handling of __proto__ keys
    • pref: remove unnecessary regexp for trust proxy
from express GitHub release notes
Commit messages
Package name: express
  • 547fdd4 4.18.0
  • 0b330ef bench: print latency and vary connections
  • 158a170 build: support Node.js 18.x
  • 29ea1b2 build: use 64-bit Node.js in AppVeyor
  • 11a209e build: support Node.js 17.x
  • fd8e45c tests: mark stack overflow as long running
  • 708ac4c Fix handling very large stacks of sync middleware
  • 92c5ce5 deps: cookie@0.5.0
  • 8880dda examples: add missing html label associations
  • b91c7ff examples: use http-errors to create errors
  • ecaf67c docs: remove Node Security Project from security policy
  • 99175c3 docs: fix typo in casing of HTTP
  • 1b2e097 tests: fix typo in description
  • 04da4aa build: use supertest@3.4.2 for Node.js 6.x
  • 2e2d78c deps: on-finished@2.4.1
  • 980d881 deps: statuses@2.0.1
  • 1df7576 deps: qs@6.10.3
  • 32c558d deps: body-parser@1.20.0
  • a107702 Use http-errors for res.format error
  • 5855339 Fix behavior of null/undefined as "maxAge" in res.cookie
  • 1cc8169 deps: depd@2.0.0
  • 9482b82 Invoke default with same arguments as types in res.format
  • 10b9b50 examples: use updated res.download in example
  • 03dc367 Allow options without filename in res.download
Compare
**Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: 🧐 [View latest project report](https://app.snyk.io/org/mbradds/project/61f1d8be-79ad-4b34-932f-70e2e4b1ee1e?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/mbradds/project/61f1d8be-79ad-4b34-932f-70e2e4b1ee1e/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/mbradds/project/61f1d8be-79ad-4b34-932f-70e2e4b1ee1e/settings/integration?pkg=express&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)