<#294 Bump express from 4.18.2 to 4.19.2>
Pull req...
# websiteg
GitHub
03/29/2024, 6:30 AM#294 Bump express from 4.18.2 to 4.19.2
Pull request opened by dependabot[bot]
Bumps express from 4.18.2 to 4.19.2.
Release notes
Sourced from express's releases.
4.19.2
What's Changed
• Improved fix for open redirect allow list bypass
Full Changelog: expressjs/express@4.19.1...4.19.2
4.19.1
What's Changed
• Fix ci after location patch by `@wesleytodd` in expressjs/express#5552
• fixed un-edited version in history.md for 4.19.0 by `@wesleytodd` in expressjs/express#5556
Full Changelog: expressjs/express@4.19.0...4.19.1
4.19.0
What's Changed
• fix typo in release date by `@UlisesGascon` in expressjs/express#5527
• docs: nominating `@wesleytodd` to be project captian by `@wesleytodd` in expressjs/express#5511
• docs: loosen TC activity rules by `@wesleytodd` in expressjs/express#5510
• Add note on how to update docs for new release by `@crandmck` in expressjs/express#5541
• Prevent open redirect allow list bypass due to encodeurl
• Release 4.19.0 by `@wesleytodd` in expressjs/express#5551
New Contributors
• `@crandmck` made their first contribution in expressjs/express#5541
Full Changelog: expressjs/express@4.18.3...4.19.0
4.18.3
Main Changes
• Fix routing requests without method
• deps: body-parser@1.20.2
• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
• deps: raw-body@2.5.2
Other Changes
• Use https: protocol instead of deprecated git: protocol by `@vcsjones` in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by `@abenhamdine` in expressjs/express#5034
• ci: update actions/checkout to v3 by `@armujahid` in expressjs/express#5027
• test: remove unused function arguments in params by `@raksbisht` in expressjs/express#5124
• Remove unused originalIndex from acceptParams by `@raksbisht` in expressjs/express#5119
• Fixed typos by `@raksbisht` in expressjs/express#5117
• examples: remove unused params by `@raksbisht` in expressjs/express#5113
• fix: parameter str is not described in JSDoc by `@raksbisht` in expressjs/express#5130
• fix: typos in History.md by `@raksbisht` in expressjs/express#5131
• build : add Node.js@19.7 by `@abenhamdine` in expressjs/express#5028
• test: remove unused function arguments in params by `@raksbisht` in expressjs/express#5137... (truncated) Changelog Sourced from express's changelog.
4.19.2 / 2024-03-25
• Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
• Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
• Prevent open redirect allow list bypass due to encodeurl
• deps: cookie@0.6.0
4.18.3 / 2024-02-29
• Fix routing requests without method
• deps: body-parser@1.20.2
• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
• deps: raw-body@2.5.2
• deps: cookie@0.6.0
• AddCommits • `04bc627` 4.19.2 • `da4d763` Improved fix for open redirect allow list bypass • `4f0f6cc` 4.19.1 • `a003cfa` Allow passing non-strings to res.location with new encoding handling checks f... • `a1fa90f` fixed un-edited version in history.md for 4.19.0 • `11f2b1d` build: fix build due to inconsistent supertest behavior in older versions • `084e365` 4.19.0 • `0867302` Prevent open redirect allow list bypass due to encodeurl • `567c9c6` Add note on how to update docs for new release (#5541) • `69a4cf2` deps: cookie@0.6.0 • Additional commits viewable in compare view Maintainer changes This version was pushed to npm by wesleytodd, a new releaser for express since your current version. Dependabot compatibility score Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commentingoptionpartitioned
@dependabot rebase@dependabot rebase@dependabot recreate@dependabot merge@dependabot squash and merge@dependabot cancel mergeGitHub
04/26/2024, 11:57 AM2 Views