refactor: Upgrade express-rate-limit from 6.11.2 to 7.2.0

[parseplatformorg]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade express-rate-limit from 6.11.2 to 7.2.0.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

*Warning:* This is a major version upgrade, and may be a breaking change. - The recommended version is **10 versions** ahead of your current version. - The recommended version was released **22 days ago**, on 2024-03-02.

Release notes

Package name: express-rate-limit

• 7.2.0 - 2024-03-02
  

  You can view the changelog here.

    </li>
    <li>
      <b>7.1.5</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.5">2023-11-27</a></br><p>You can view the changelog <a href="https://express-rate-limit.mintlify.app/reference/changelog" rel="nofollow">here</a>.</p>
    </li>
    <li>
      <b>7.1.4</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.4">2023-11-06</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.1.3</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.3">2023-10-26</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.1.2</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.2">2023-10-23</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.1.1</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.1">2023-10-09</a></br><h3>Misc</h3>

  • Enabled provenance statement generation, see https://github.com/express-rate-limit/express-rate-limit#406.

  ---

  You can view the full changelog here.

    </li>
    <li>
      <b>7.1.0</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.0">2023-10-04</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.2</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.2">2023-09-26</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.1</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.1">2023-09-16</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.0</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.0">2023-09-12</a></br><h3>Breaking</h3>

  • Changed behavior when max is set to 0:
    • Previously, max: 0 was treated as a 'disable' flag and would allow all requests through.
    • Starting with v7, all requests will be blocked when max is set to 0.
    • To replicate the old behavior, use the skip function instead.
  • Renamed req.rateLimit.current to req.rateLimit.used.
    • current is now a hidden getter that will return the used value, but it will not appear when iterating over the keys or calling JSON.stringify().
  • Changed the minimum required Node version from v14 to v16.
    • express-rate-limit now targets es2022 in TypeScript/ESBuild.
  • Bumped TypeScript from v4 to v5 and dts-bundle-generator from v7 to v8.

  Deprecated

  • Removed the draft_polli_ratelimit_headers option (it was deprecated in v6).
    • Use standardHeaders: 'draft-6' instead.
  • Removed the onLimitReached option (it was deprecated in v6).
    • This is an example of how to replicate it's behavior with a custom handler option.

  Changed

  • The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
  • The limit configuration option is now prefered to max.
    • It still shows the same behavior, and max is still supported. The change was made to better align with terminology used in the IETF standard drafts.

  Added

  • The validate config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.

    </li>
    <li>
      <b>6.11.2</b> - 2023-09-12
    </li>
  </ul>
  from <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases">express-rate-limit GitHub release notes</a>

Commit messages

Package name: express-rate-limit

• f77addc 7.2.0
• dc4f067 7.2.0 changelog
• 5f6dc55 docs: add Configuration & Thank You sections to readme (#440)
• be7fe9c Check for instance creation while handling a request (#438)
• c252ae3 docs: improve store-related docs (#437)
• 31fc799 docs: Create Data Stores documentation page (#433)
• 2d4105e build(deps-dev): bump follow-redirects from 1.15.3 to 1.15.4 (#431)
• d8a1cc2 Update overview.mdx sponsor link (#427)
• 7df39f8 docs: resetKey example
• 782773e 7.1.5
• 3d7e112 7.1.5 changelog
• eee94f1 fix: requestWasSuccessful async support (#426)
• 7498834 docs: restore instance and request API docs
• 1a7f986 fix: ci generation config of the url for changelog (#423)
• c8ffbe4 chore: dependency bump
• 3ea29e4 docs: current -> used & a note for express-slow-down users
• 039b49d docs: fix broken anchor links for validate config option
• cc25ef0 chore: add funding link to package.json
• 8b68b5c chore: move changelog to docs folder/mintlify (#420)
• c347de4 formatting
• b818476 fix broken links in docs
• 6f81e8e 7.1.4
• 01ff7ca 7.1.4 changelog
• 9d08a03 fix: Ratelimit headers empty while running on Bun v1.0.x #418 (#419)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[parse-github-assistant[bot]]

I will reformat the title to use the proper commit message syntax.

[parse-github-assistant[bot]]

Thanks for opening this pull request!

• ❌ Please link an issue that describes the reason for this pull request, otherwise your pull request will be closed. Make sure to write it as Closes: #123 in the PR description, so I can recognize it.