Snyk has created this PR to upgrade express from 4.17.1 to 4.21.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 12 versions ahead of your current version.
The recommended version was released on a month ago.
Snyk has created this PR to upgrade express from 4.17.1 to 4.21.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 12 versions ahead of your current version.
The recommended version was released on a month ago.
Issues fixed by the recommended upgrade:
SNYK-JS-BODYPARSER-7926860
SNYK-JS-QS-3153490
SNYK-JS-COOKIE-8163060
SNYK-JS-EXPRESS-6474509
SNYK-JS-EXPRESS-7926867
SNYK-JS-PATHTOREGEXP-7925106
SNYK-JS-SEND-7926862
SNYK-JS-SERVESTATIC-7926865
Release notes
Package name: express
What's Changed
Full Changelog: 4.21.0...4.21.1
What's Changed
"back"
magic string in redirects by @ blakeembrey in #5935New Contributors
Full Changelog: 4.20.0...4.21.0
What's Changed
Important
depth
level for parsing URL-encoded data is now32
(previously wasInfinity
)res.redirect
Other Changes
http-errors
,expressjs.com
,morgan
,cors
,body-parser
by @ jonchurch in #5587res.clearCookie
acceptingoptions.maxAge
andoptions.expires
by @ jonchurch in #5672question
anddiscuss
by @ IamLizu in #5835merge-descriptors
dependency by @ RobinTail in #5781New Contributors
Full Changelog: 4.19.1...4.20.0
What's Changed
Full Changelog: 4.19.1...4.19.2
What's Changed
Full Changelog: 4.19.0...4.19.1
What's Changed
New Contributors
Full Changelog: 4.18.3...4.19.0
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information: