[Snyk] Upgrade express-rate-limit from 5.5.1 to 7.1.4

[suculent]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade express-rate-limit from 5.5.1 to 7.1.4.

:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

*Warning:* This is a major version upgrade, and may be a breaking change. - The recommended version is **32 versions** ahead of your current version. - The recommended version was released **2 days ago**, on 2023-11-06.

Release notes

Package name: express-rate-limit

• 7.1.4 - 2023-11-06
  

  You can view the changelog here.

    </li>
    <li>
      <b>7.1.3</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.3">2023-10-26</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.1.2</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.2">2023-10-23</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.1.1</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.1">2023-10-09</a></br><h3>Misc</h3>

  • Enabled provenance statement generation, see https://github.com/express-rate-limit/express-rate-limit#406.

  ---

  You can view the full changelog here.

    </li>
    <li>
      <b>7.1.0</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.1.0">2023-10-04</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.2</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.2">2023-09-26</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.1</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.1">2023-09-16</a></br><p>You can view the changelog <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/blob/main/changelog.md">here</a>.</p>
    </li>
    <li>
      <b>7.0.0</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v7.0.0">2023-09-12</a></br><h3>Breaking</h3>

  • Changed behavior when max is set to 0:
    • Previously, max: 0 was treated as a 'disable' flag and would allow all requests through.
    • Starting with v7, all requests will be blocked when max is set to 0.
    • To replicate the old behavior, use the skip function instead.
  • Renamed req.rateLimit.current to req.rateLimit.used.
    • current is now a hidden getter that will return the used value, but it will not appear when iterating over the keys or calling JSON.stringify().
  • Changed the minimum required Node version from v14 to v16.
    • express-rate-limit now targets es2022 in TypeScript/ESBuild.
  • Bumped TypeScript from v4 to v5 and dts-bundle-generator from v7 to v8.

  Deprecated

  • Removed the draft_polli_ratelimit_headers option (it was deprecated in v6).
    • Use standardHeaders: 'draft-6' instead.
  • Removed the onLimitReached option (it was deprecated in v6).
    • This is an example of how to replicate it's behavior with a custom handler option.

  Changed

  • The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
  • The limit configuration option is now prefered to max.
    • It still shows the same behavior, and max is still supported. The change was made to better align with terminology used in the IETF standard drafts.

  Added

  • The validate config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.

    </li>
    <li>
      <b>6.11.2</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v6.11.2">2023-09-12</a></br><h3>Fixed</h3>

  • Restored IncrementResponse TypeScript type (See #397)

    </li>
    <li>
      <b>6.11.1</b> - <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases/tag/v6.11.1">2023-09-10</a></br><h3>Fixed</h3>

  • Check for prefixed keys when validating that the stores have single counted keys (See #395).

    </li>
    <li>
      <b>6.11.0</b> - 2023-09-06
    </li>
    <li>
      <b>6.10.0</b> - 2023-08-30
    </li>
    <li>
      <b>6.9.0</b> - 2023-08-06
    </li>
    <li>
      <b>6.8.1</b> - 2023-07-27
    </li>
    <li>
      <b>6.8.0</b> - 2023-07-21
    </li>
    <li>
      <b>6.7.2</b> - 2023-07-27
    </li>
    <li>
      <b>6.7.1</b> - 2023-07-06
    </li>
    <li>
      <b>6.7.0</b> - 2022-11-15
    </li>
    <li>
      <b>6.6.0</b> - 2022-09-04
    </li>
    <li>
      <b>6.5.2</b> - 2022-08-24
    </li>
    <li>
      <b>6.5.1</b> - 2022-07-23
    </li>
    <li>
      <b>6.4.0</b> - 2022-04-24
    </li>
    <li>
      <b>6.3.0</b> - 2022-02-19
    </li>
    <li>
      <b>6.2.1</b> - 2022-02-10
    </li>
    <li>
      <b>6.2.0</b> - 2022-01-22
    </li>
    <li>
      <b>6.1.0</b> - 2022-01-12
    </li>
    <li>
      <b>6.0.5</b> - 2022-01-06
    </li>
    <li>
      <b>6.0.4</b> - 2022-01-02
    </li>
    <li>
      <b>6.0.3</b> - 2021-12-30
    </li>
    <li>
      <b>6.0.2</b> - 2021-12-30
    </li>
    <li>
      <b>6.0.1</b> - 2021-12-25
    </li>
    <li>
      <b>6.0.0</b> - 2021-12-24
    </li>
    <li>
      <b>5.5.1</b> - 2021-11-06
    </li>
  </ul>
  from <a href="https://snyk.io/redirect/github/express-rate-limit/express-rate-limit/releases">express-rate-limit GitHub release notes</a>

Commit messages

Package name: express-rate-limit

• 6f81e8e 7.1.4
• 01ff7ca 7.1.4 changelog
• 9d08a03 fix: Ratelimit headers empty while running on Bun v1.0.x #418 (#419)
• 888e139 chore: npm pkg fix
• a5c66a6 7.1.3
• c4ca76c v7.1.3 changelog
• 2e88f24 chore: loosen peer dependencies (#416)
• 04a6f18 7.1.2
• 8a66816 7.1.2 changelog
• 5ce5b71 docs: minor tweaks (#413)
• 05f46ca Documentation edits made through Mintlify web editor
• 5354b0f chore: add npm run docs command, remove docs/ prefix from urls (#414)
• 13235ed docs: write more detailed docs in mdx (#411)
• a6c399a chore: upgrade external tests
• a33e45c fix: make sure `req.ip` is not undefined, at least for typescript
• f24a2aa chore: add `.npmrc` to external tests too
• d9e3327 chore: make dependencies exact
• b59337b chore: bump dependencies
• 0cb1e27 Merge branch 'devmarkai-arne/add_logo' (#409)
• 9186cc3 fix lint & rearrange
• 798edea add mintlify to readme
• 8e2a93e 7.1.1
• 5ad21b5 docs: changelog for v7.1.1
• db4e956 ci: enable provenance statement generation

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[ghost]

👇 Click on the image for a new way to code review

#### [](https://app.codesee.io/r/reviews?pr=450&src=https%3A%2F%2Fgithub.com%2Fsuculent%2Fthinx-device-api) #### Legend