[Snyk] Upgrade express-rate-limit from 5.4.1 to 6.0.1

[snyk-bot]

Snyk has created this PR to upgrade express-rate-limit from 5.4.1 to 6.0.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 4 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2021-12-25.

Release notes

Package name: express-rate-limit

• 6.0.1 - 2021-12-25
  

  Fixed

  • Ensure CommonJS projects can import the module.
• 6.0.0 - 2021-12-24
  

  Added

  • express 4.x as a peer dependency.
  • Better Typescript support (the library was rewritten in Typescript).
  • Export the package as both ESM and CJS.
  • Publish the built package (.tgz file) on GitHub releases as well as the npm registry.
  • Issue and PR templates.
  • A contributing guide.

  Changed

  • Rename the draft_polli_ratelimit_headers option to standardHeaders.
  • Rename the headers option to legacyHeaders.
  • Retry-After header is now sent if either legacyHeaders or standardHeaders is set.
  • Allow keyGenerator to be an async function/return a promise.
  • Change the way custom stores are defined.
    • Add the init method for stores to set themselves up using options passed to the middleware.
    • Rename the incr method to increment.
    • Allow the increment, decrement, resetKey and resetAll methods to return a promise.
    • Old stores will automatically be promisified and used.
  • The package can now only be used with NodeJS version 12.9.0 or greater.
  • The onLimitReached configuration option is now deprecated. Replace it with a custom handler that checks the number of hits.

  Removed

  • Remove the deprecated limiter.resetIp method (use the limiter.resetKey method instead).
  • Remove the deprecated options delayMs, delayAfter (the delay functionality was moved to the express-slow-down package) and global (use a key generator that returns a constant value).
• 5.5.1 - 2021-11-06
  

  5.5.1

• 5.5.0 - 2021-10-12
  

  5.5.0

• 5.4.1 - 2021-10-05
  

  5.4.1

from express-rate-limit GitHub release notes

Commit messages

Package name: express-rate-limit

• b160f00 6.0.1
• 76a4213 fix: allow cjs modules to use this package
• e9a06dc docs: add `keyGenerator` is allowed to be async note to changelog
• f6014e4 typo fix
• 81346ba disable flakey test
• 6f90be2 Remove docs for deprecated onLimitReached method
• 00f38ff Call out onLimitReached deprecation
• 4786948 Merge pull request [Snyk] Upgrade eslint from 7.24.0 to 7.30.0 #263 from gamemaker1/opiniated-improvements
• 4d64399 style: use named import for `process.platform`
• b576907 test: disable server hang test on macos
• 4230f8f style: format readme
• 11beef0 docs: update changelog
• 0600195 meta: add issue and pr templates
• 1266365 docs: add contributing guide
• 3f41686 test: test with modern, legacy and both-compatible stores
• 27464f2 meta: rename `README.md` to `readme.md`
• 5668e4c docs: add what to use instead of deprecated/removed options
• d6b5059 test: fix the hanging test
• cae6769 fix: allow store methods to be sync too
• 60ee90b test: restore accidentally deleted test
• 3819bd4 meta: add files (like `*.log`) from .gitignore to `npm run clean`
• f3f7d4e test: fix tests that did something different from their description
• f79b9b2 meta: add most prettier config to editorconfig
• a4fb22b docs: fix typo in readme

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs