Update dependency send to v0.16.0 - autoclosed #31

dev-mend-for-github-com · 2023-02-13T03:32:46Z

This PR contains the following updates:

Package	Type	Update	Change
send	dependencies	minor	`0.11.1` -> `0.16.0`

By merging this PR, the issue #9 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	7.5	CVE-2015-8315
High	7.5	CVE-2017-16119
High	7.5	CVE-2017-16138
Medium	5.3	CVE-2017-16137

Release Notes

pillarjs/send (send)

`v0.16.0`

Compare Source

===================

Add immutable option
Fix missing </html> in default error & redirects
Use instance methods on steam to check for listeners
deps: mime@1.4.1
- Add 70 new types for file extensions
- Set charset as "UTF-8" for .js and .json
perf: improve path validation speed

`v0.15.6`

Compare Source

===================

deps: debug@2.6.9
perf: improve If-Match token parsing

`v0.15.5`

Compare Source

===================

deps: etag@~1.8.1
- perf: replace regular expression with substring
deps: fresh@0.5.2
- Fix handling of modified headers with invalid dates
- perf: improve ETag match loop
- perf: improve If-None-Match token parsing

`v0.15.4`

Compare Source

===================

deps: debug@2.6.8
deps: depd@~1.1.1
- Remove unnecessary Buffer loading
deps: http-errors@~1.6.2
- deps: depd@1.1.1

`v0.15.3`

Compare Source

===================

deps: debug@2.6.7
- deps: ms@2.0.0
deps: ms@2.0.0

`v0.15.2`

Compare Source

===================

deps: debug@2.6.4
- Fix DEBUG_MAX_ARRAY_LENGTH
- deps: ms@0.7.3
deps: ms@1.0.0

`v0.15.1`

Compare Source

===================

Fix issue when Date.parse does not return NaN on invalid date
Fix strict violation in broken environments

`v0.15.0`

Compare Source

===================

Support If-Match and If-Unmodified-Since headers
Add res and path arguments to directory event
Remove usage of res._headers private field
- Improves compatibility with Node.js 8 nightly
Send complete HTML document in redirect & error responses
Set default CSP header in redirect & error responses
Use res.getHeaderNames() when available
Use res.headersSent when available
deps: debug@2.6.1
- Allow colors in workers
- Deprecated DEBUG_FD environment variable set to 3 or higher
- Fix error when running under React Native
- Use same color for same namespace
- deps: ms@0.7.2
deps: etag@~1.8.0
deps: fresh@0.5.0
- Fix false detection of no-cache request directive
- Fix incorrect result when If-None-Match has both * and ETags
- Fix weak ETag matching to match spec
- perf: delay reading header values until needed
- perf: enable strict mode
- perf: hoist regular expressions
- perf: remove duplicate conditional
- perf: remove unnecessary boolean coercions
- perf: skip checking modified time if ETag check failed
- perf: skip parsing If-None-Match when no ETag header
- perf: use Date.parse instead of new Date
deps: http-errors@~1.6.1
- Make message property enumerable for HttpErrors
- deps: setprototypeof@1.0.3

`v0.14.2`

Compare Source

===================

deps: http-errors@~1.5.1
- deps: inherits@2.0.3
- deps: setprototypeof@1.0.2
- deps: statuses@'>= 1.3.1 < 2'
deps: ms@0.7.2
deps: statuses@~1.3.1

`v0.14.1`

Compare Source

===================

Fix redirect error when path contains raw non-URL characters
Fix redirect when path starts with multiple forward slashes

`v0.14.0`

Compare Source

===================

Add acceptRanges option
Add cacheControl option
Attempt to combine multiple ranges into single range
Correctly inherit from Stream class
Fix Content-Range header in 416 responses when using start/end options
Fix Content-Range header missing from default 416 responses
Ignore non-byte Range headers
deps: http-errors@~1.5.0
- Add HttpError export, for err instanceof createError.HttpError
- Support new code 421 Misdirected Request
- Use setprototypeof module to replace __proto__ setting
- deps: inherits@2.0.1
- deps: statuses@'>= 1.3.0 < 2'
- perf: enable strict mode
deps: range-parser@~1.2.0
- Fix incorrectly returning -1 when there is at least one valid range
- perf: remove internal function
deps: statuses@~1.3.0
- Add 421 Misdirected Request
- perf: enable strict mode
perf: remove argument reassignment

`v0.13.2`

Compare Source

===================

Fix invalid Content-Type header when send.mime.default_type unset

`v0.13.1`

Compare Source

===================

deps: depd@~1.1.0
- Support web browser loading
- perf: enable strict mode
deps: destroy@~1.0.4
- perf: enable strict mode
deps: escape-html@~1.0.3
- perf: enable strict mode
- perf: optimize string replacement
- perf: use faster string coercion
deps: range-parser@~1.0.3
- perf: enable strict mode

`v0.13.0`

Compare Source

===================

Allow Node.js HTTP server to set Date response header
Fix incorrectly removing Content-Location on 304 response
Improve the default redirect response headers
Send appropriate headers on default error response
Use http-errors for standard emitted errors
Use statuses instead of http module for status messages
deps: escape-html@1.0.2
deps: etag@~1.7.0
- Improve stat performance by removing hashing
deps: fresh@0.3.0
- Add weak ETag matching support
deps: on-finished@~2.3.0
- Add defined behavior for HTTP CONNECT requests
- Add defined behavior for HTTP Upgrade requests
- deps: ee-first@1.1.1
perf: enable strict mode
perf: remove unnecessary array allocations

`v0.12.3`

Compare Source

===================

deps: debug@~2.2.0
- deps: ms@0.7.1
deps: depd@~1.0.1
deps: etag@~1.6.0

Improve support for JXcore
Support "fake" stats objects in environments without fs

deps: ms@0.7.1
- Prevent extraordinarily long inputs
deps: on-finished@~2.2.1

`v0.12.2`

Compare Source

===================

Throw errors early for invalid extensions or index options
deps: debug@~2.1.3
- Fix high intensity foreground color for bold
- deps: ms@0.7.0

`v0.12.1`

Compare Source

===================

Fix regression sending zero-length files

`v0.12.0`

Compare Source

===================

Always read the stat size from the file
Fix mutating passed-in options
deps: mime@1.3.4

If you want to rebase/retry this PR, check this box

dev-mend-for-github-com bot added the security fix Security fix generated by Mend label Feb 13, 2023

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.15.3~~ Update dependency send to v0.16.0 Mar 15, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 5ee321a to 627841b Compare March 15, 2023 20:06

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.16.0 - autoclosed Mar 19, 2023

dev-mend-for-github-com bot closed this Mar 19, 2023

dev-mend-for-github-com bot deleted the whitesource-remediate/send-0.x branch March 19, 2023 09:52

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0 - autoclosed~~ Update dependency send to v0.16.0 Mar 20, 2023

dev-mend-for-github-com bot reopened this Mar 20, 2023

dev-mend-for-github-com bot restored the whitesource-remediate/send-0.x branch March 20, 2023 09:48

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.16.0 - autoclosed Jun 15, 2023

dev-mend-for-github-com bot closed this Jun 15, 2023

dev-mend-for-github-com bot deleted the whitesource-remediate/send-0.x branch June 15, 2023 04:01

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0 - autoclosed~~ Update dependency send to v0.16.0 Jun 19, 2023

dev-mend-for-github-com bot restored the whitesource-remediate/send-0.x branch June 19, 2023 04:42

dev-mend-for-github-com bot reopened this Jun 19, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 627841b to 2673fce Compare June 19, 2023 04:42

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.15.6 Jul 29, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 2673fce to 07ed42b Compare July 29, 2023 09:42

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.15.6~~ Update dependency send to v0.16.0 Jul 31, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 07ed42b to 701ffe6 Compare July 31, 2023 01:27

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.15.6 Nov 10, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch 2 times, most recently from 607a6b7 to 5e9693a Compare November 12, 2023 00:28

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.15.6~~ Update dependency send to v0.16.0 Nov 12, 2023

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.16.0 - autoclosed Dec 10, 2023

dev-mend-for-github-com bot closed this Dec 10, 2023

dev-mend-for-github-com bot deleted the whitesource-remediate/send-0.x branch December 10, 2023 12:13

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0 - autoclosed~~ Update dependency send to v0.16.0 Dec 11, 2023

dev-mend-for-github-com bot restored the whitesource-remediate/send-0.x branch December 11, 2023 13:52

dev-mend-for-github-com bot reopened this Dec 11, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch 2 times, most recently from d2cbedd to aec6fff Compare December 14, 2023 12:07

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.15.6 Dec 14, 2023

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.15.6~~ Update dependency send to v0.16.0 Dec 15, 2023

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from aec6fff to 79c9595 Compare December 15, 2023 15:24

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.15.6 Mar 18, 2024

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 79c9595 to 79a5629 Compare March 18, 2024 18:08

Update dependency send to v0.16.0

4a9e46a

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.15.6~~ Update dependency send to v0.16.0 Apr 17, 2024

dev-mend-for-github-com bot force-pushed the whitesource-remediate/send-0.x branch from 79a5629 to 4a9e46a Compare April 17, 2024 18:19

dev-mend-for-github-com bot changed the title ~~Update dependency send to v0.16.0~~ Update dependency send to v0.16.0 - autoclosed May 17, 2024

dev-mend-for-github-com bot closed this May 17, 2024

dev-mend-for-github-com bot deleted the whitesource-remediate/send-0.x branch May 17, 2024 18:36

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency send to v0.16.0 - autoclosed #31

Update dependency send to v0.16.0 - autoclosed #31

dev-mend-for-github-com bot commented Feb 13, 2023 •

edited

Loading

Update dependency send to v0.16.0 - autoclosed #31

Update dependency send to v0.16.0 - autoclosed #31

Conversation

dev-mend-for-github-com bot commented Feb 13, 2023 • edited Loading

Release Notes

dev-mend-for-github-com bot commented Feb 13, 2023 •

edited

Loading