This repository has been archived by the owner on Sep 13, 2022. It is now read-only.

[Snyk] Upgrade express from 4.17.1 to 4.17.2 #202

Open

snyk-bot wants to merge 1 commit into main from snyk-upgrade-8f69e1e1550b4849a141b4a00576de0c

Contributor

snyk-bot commented Jan 11, 2022

Snyk has created this PR to upgrade express from 4.17.1 to 4.17.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released a month ago, on 2021-12-17.

Release notes

Package name: express

4.17.2 - 2021-12-17
- Fix handling of undefined in res.jsonp
- Fix handling of undefined when "json escape" is enabled
- Fix incorrect middleware execution with unanchored RegExps
- Fix res.jsonp(obj, status) deprecation message
- Fix typo in res.is JSDoc
- deps: body-parser@1.19.1
  - deps: bytes@3.1.1
  - deps: http-errors@1.8.1
  - deps: qs@6.9.6
  - deps: raw-body@2.4.2
  - deps: safe-buffer@5.2.1
  - deps: type-is@~1.6.18
- deps: content-disposition@0.5.4
  - deps: safe-buffer@5.2.1
- deps: cookie@0.4.1
  - Fix maxAge option to reject invalid values
- deps: proxy-addr@~2.0.7
  - Use req.socket over deprecated req.connection
  - deps: forwarded@0.2.0
  - deps: ipaddr.js@1.9.1
- deps: qs@6.9.6
- deps: safe-buffer@5.2.1
- deps: send@0.17.2
  - deps: http-errors@1.8.1
  - deps: ms@2.1.3
  - pref: ignore empty http tokens
- deps: serve-static@1.14.2
  - deps: send@0.17.2
- deps: setprototypeof@1.2.0
4.17.1 - 2019-05-26
- Revert "Improve error message for null/undefined to res.status"

from express GitHub release notes

Commit messages

Package name: express

ea537d9 4.17.2
eee93a2 build: update example dependencies
b35773c build: eslint@7.32.0
c8a4200 build: mocha@9.1.3
21cf522 examples: improve 404 message wording
a24f27a deps: serve-static@1.14.2
a33266a build: support Node.js 14.x
6fe271e build: support Node.js 13.x
cbe25d6 deps: setprototypeof@1.2.0
3bb6d96 examples: demonstrate sub directory download
6660649 deps: qs@6.9.6
a75e470 docs: add note about security report location
db05a74 deps: send@0.17.2
c2e23ec deps: body-parser@1.19.1
96850e8 deps: content-disposition@0.5.4
b8d59d5 deps: safe-buffer@5.2.1
59d695c build: update example dependencies
e242796 tests: fix test in app.head
aaa9690 deps: proxy-addr@~2.0.7
f275e87 Fix handling of undefined when "json escape" is enabled
9dd0e7a Fix handling of undefined in res.jsonp
1b2f3a0 tests: fix up primitive tests for res.jsonp
519126d deps: cookie@0.4.1
99a369f Fix incorrect middleware execution with unanchored RegExps

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs


          fix: upgrade express from 4.17.1 to 4.17.2

8d0eea6

Snyk has created this PR to upgrade express from 4.17.1 to 4.17.2.

See this package in npm:
https://www.npmjs.com/package/express

See this project in Snyk:
https://app.snyk.io/org/nodeshift-starters/project/5faee20c-6802-4eb0-91a7-0cecce05c4d9?utm_source=github&utm_medium=referral&page=upgrade-pr

coveralls commented Jan 11, 2022

Coverage remained the same at 85.714% when pulling 8d0eea6 on snyk-upgrade-8f69e1e1550b4849a141b4a00576de0c into ec2c5d3 on main.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.