{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":125561963,"defaultBranch":"master","name":"vulcan","ownerLogin":"mitre","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2018-03-16T19:38:01.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/44968?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1723123307.0","currentOid":""},"activityList":{"items":[{"before":"dab66699c5411ff14804ff66a8a59fed0fa94367","after":"2106615a48b10f3102f56d544d6df19853a3f671","ref":"refs/heads/fix-component-import-filter","pushedAt":"2024-08-08T13:40:33.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"Merge branch 'master' into fix-component-import-filter","shortMessageHtmlLink":"Merge branch 'master' into fix-component-import-filter"}},{"before":"47bd7577265828928bec656d309629ae4f338962","after":null,"ref":"refs/heads/edit-project-description","pushedAt":"2024-08-08T13:21:47.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"}},{"before":"509ff273af4dbfbe6e910f3f03a968b70774a038","after":"0d8e5833aa4d0d2af350671f63d3537c34cf1795","ref":"refs/heads/master","pushedAt":"2024-08-08T13:21:45.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"Allow Admin to Update Project Description (#632)\n\nallow updating project description\r\n\r\nSigned-off-by: Vanessa Fotso ","shortMessageHtmlLink":"Allow Admin to Update Project Description (#632)"}},{"before":"771b7a72e262e8382d7f081d02692fb16454fa5a","after":"dab66699c5411ff14804ff66a8a59fed0fa94367","ref":"refs/heads/fix-component-import-filter","pushedAt":"2024-08-07T17:11:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"freddyfeelgood","name":"Darrick Williams","path":"/freddyfeelgood","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/11075121?s=80&v=4"},"commit":{"message":"fix linting issue","shortMessageHtmlLink":"fix linting issue"}},{"before":null,"after":"771b7a72e262e8382d7f081d02692fb16454fa5a","ref":"refs/heads/fix-component-import-filter","pushedAt":"2024-08-07T16:16:09.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"freddyfeelgood","name":"Darrick Williams","path":"/freddyfeelgood","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/11075121?s=80&v=4"},"commit":{"message":"add sort filter for dropdown items and fix default limit of 10","shortMessageHtmlLink":"add sort filter for dropdown items and fix default limit of 10"}},{"before":null,"after":"47bd7577265828928bec656d309629ae4f338962","ref":"refs/heads/edit-project-description","pushedAt":"2024-08-07T12:33:03.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"allow updating project description\n\nSigned-off-by: Vanessa Fotso ","shortMessageHtmlLink":"allow updating project description"}},{"before":"df20950c83e6d5ed2972538b6ffb04e44f156854","after":"4933a7b01de8df530d23307afe2878ebf1a21e8d","ref":"refs/heads/ruby-version-bump","pushedAt":"2024-07-24T22:09:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"updated rubocop config\n\nSigned-off-by: Vanessa Fotso ","shortMessageHtmlLink":"updated rubocop config"}},{"before":null,"after":"a6082e35dbc90b6544fa7a91d74f55f97f11ac5b","ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-0c1a06be20","pushedAt":"2024-07-23T20:45:33.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump vue-template-compiler in the npm_and_yarn group\n\nBumps the npm_and_yarn group with 1 update: [vue-template-compiler](https://github.com/vuejs/vue).\n\n\nUpdates `vue-template-compiler` from 2.6.14 to 2.7.16\n- [Release notes](https://github.com/vuejs/vue/releases)\n- [Changelog](https://github.com/vuejs/vue/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/vuejs/vue/compare/v2.6.14...v2.7.16)\n\n---\nupdated-dependencies:\n- dependency-name: vue-template-compiler\n dependency-type: direct:production\n dependency-group: npm_and_yarn\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump vue-template-compiler in the npm_and_yarn group"}},{"before":null,"after":"df20950c83e6d5ed2972538b6ffb04e44f156854","ref":"refs/heads/ruby-version-bump","pushedAt":"2024-07-01T03:09:08.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"WIP ruby and rails version bump\n\nSigned-off-by: Vanessa Fotso ","shortMessageHtmlLink":"WIP ruby and rails version bump"}},{"before":"6c5f79047f05dc84c59ae5fcf0f062992ae28bac","after":"509ff273af4dbfbe6e910f3f03a968b70774a038","ref":"refs/heads/master","pushedAt":"2024-06-28T17:45:06.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"v2.1.8\n\nSigned-off-by: Vanessa Fotso ","shortMessageHtmlLink":"v2.1.8"}},{"before":"c22c70723e0fb8f627dc8bc75d67f9c11cea0ccf","after":null,"ref":"refs/heads/626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","pushedAt":"2024-06-28T16:51:30.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"}},{"before":"95df25b45571662988d562af21154ac50fdce5cf","after":"6c5f79047f05dc84c59ae5fcf0f062992ae28bac","ref":"refs/heads/master","pushedAt":"2024-06-28T16:51:28.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"updated cci mappings to latest rev5 (#627)\n\n* updated cci mappings to latest rev5\r\n\r\n* rubocop spacing cleanup\r\n\r\n---------\r\n\r\nCo-authored-by: darrickw \r\nCo-authored-by: Vanessa Fotso <46642178+vanessuniq@users.noreply.github.com>","shortMessageHtmlLink":"updated cci mappings to latest rev5 (#627)"}},{"before":"d77e1698b15c41e50afccac78ca6a411fd6b6697","after":"c22c70723e0fb8f627dc8bc75d67f9c11cea0ccf","ref":"refs/heads/626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","pushedAt":"2024-06-28T14:57:23.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"vanessuniq","name":"Vanessa Fotso","path":"/vanessuniq","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/46642178?s=80&v=4"},"commit":{"message":"Merge branch 'master' into 626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","shortMessageHtmlLink":"Merge branch 'master' into 626-update-cci-mapping-in-vulcan-with-the-…"}},{"before":"bdcb499226ab42e07c53284d96ed24aff8106e8b","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-f1947d1c58","pushedAt":"2024-06-18T15:28:36.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"ac83e379d7e24802c076bd0b1473871c6848347a","after":"95df25b45571662988d562af21154ac50fdce5cf","ref":"refs/heads/master","pushedAt":"2024-06-18T15:28:35.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump ws from 6.2.2 to 6.2.3 in the npm_and_yarn group across 1 directory (#628)\n\nBumps the npm_and_yarn group with 1 update in the / directory:\n[ws](https://github.com/websockets/ws).\n\nUpdates `ws` from 6.2.2 to 6.2.3\n
\nRelease notes\n

Sourced from ws's\nreleases.

\n
\n

6.2.3

\n

Bug fixes

\n
    \n
  • Backported e55e5106 to the 6.x release line (eeb76d31).
    • \n
\n
\n
\n
\nCommits\n
    \n
  • d87f3b6\n[dist] 6.2.3
    • \n
  • eeb76d3\n[security] Fix crash when the Upgrade header cannot be read (#2231)
    • \n
  • See full diff in compare\nview
    • \n
\n
\n
\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ws&package-manager=npm_and_yarn&previous-version=6.2.2&new-version=6.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore major version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency's major version (unless you unignore this specific\ndependency's major version or upgrade to it yourself)\n- `@dependabot ignore minor version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency's minor version (unless you unignore this specific\ndependency's minor version or upgrade to it yourself)\n- `@dependabot ignore ` will close this group update PR\nand stop Dependabot creating any more for the specific dependency\n(unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore ` will remove all of the ignore\nconditions of the specified dependency\n- `@dependabot unignore ` will\nremove the ignore condition of the specified dependency and ignore\nconditions\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts page](https://github.com/mitre/vulcan/network/alerts).\n\n
","shortMessageHtmlLink":"Bump ws from 6.2.2 to 6.2.3 in the npm_and_yarn group across 1 direct…"}},{"before":null,"after":"bdcb499226ab42e07c53284d96ed24aff8106e8b","ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-f1947d1c58","pushedAt":"2024-06-18T15:20:59.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump ws from 6.2.2 to 6.2.3 in the npm_and_yarn group across 1 directory\n\nBumps the npm_and_yarn group with 1 update in the / directory: [ws](https://github.com/websockets/ws).\n\n\nUpdates `ws` from 6.2.2 to 6.2.3\n- [Release notes](https://github.com/websockets/ws/releases)\n- [Commits](https://github.com/websockets/ws/compare/6.2.2...6.2.3)\n\n---\nupdated-dependencies:\n- dependency-name: ws\n dependency-type: indirect\n dependency-group: npm_and_yarn\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump ws from 6.2.2 to 6.2.3 in the npm_and_yarn group across 1 directory"}},{"before":"094cc5c79d4b302465c10384be4b9295c56a76cd","after":"d77e1698b15c41e50afccac78ca6a411fd6b6697","ref":"refs/heads/626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","pushedAt":"2024-06-11T20:08:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"freddyfeelgood","name":"Darrick Williams","path":"/freddyfeelgood","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/11075121?s=80&v=4"},"commit":{"message":"rubocop spacing cleanup","shortMessageHtmlLink":"rubocop spacing cleanup"}},{"before":"ac83e379d7e24802c076bd0b1473871c6848347a","after":"094cc5c79d4b302465c10384be4b9295c56a76cd","ref":"refs/heads/626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","pushedAt":"2024-06-11T15:51:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"freddyfeelgood","name":"Darrick Williams","path":"/freddyfeelgood","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/11075121?s=80&v=4"},"commit":{"message":"updated cci mappings to latest rev5","shortMessageHtmlLink":"updated cci mappings to latest rev5"}},{"before":null,"after":"ac83e379d7e24802c076bd0b1473871c6848347a","ref":"refs/heads/626-update-cci-mapping-in-vulcan-with-the-latest-cci-list-with-rev-5-mappings","pushedAt":"2024-06-11T15:50:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"rlakey","name":"Ryan","path":"/rlakey","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/14838339?s=80&v=4"},"commit":{"message":"v2.1.7\n\nSigned-off-by: George M Dias ","shortMessageHtmlLink":"v2.1.7"}},{"before":"07441b7c43274f6e61f8c523f7ea374e17576892","after":"ac83e379d7e24802c076bd0b1473871c6848347a","ref":"refs/heads/master","pushedAt":"2024-05-21T17:08:07.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"georgedias","name":"George M. Dias","path":"/georgedias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13986875?s=80&v=4"},"commit":{"message":"v2.1.7\n\nSigned-off-by: George M Dias ","shortMessageHtmlLink":"v2.1.7"}},{"before":"8fb64931a87c309bff57a0ae4ee87d04ac81c903","after":"07441b7c43274f6e61f8c523f7ea374e17576892","ref":"refs/heads/master","pushedAt":"2024-05-21T17:07:17.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"georgedias","name":"George M. Dias","path":"/georgedias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13986875?s=80&v=4"},"commit":{"message":"v2.1.7\n\nSigned-off-by: George M Dias ","shortMessageHtmlLink":"v2.1.7"}},{"before":"979ed2f8642f8204dc501a5eab93e598418fde96","after":null,"ref":"refs/heads/heroku-upgrade","pushedAt":"2024-05-17T18:59:36.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"georgedias","name":"George M. Dias","path":"/georgedias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13986875?s=80&v=4"}},{"before":"22ce8a2e881684fe8883bbdcf50d4a203b54eec8","after":"8fb64931a87c309bff57a0ae4ee87d04ac81c903","ref":"refs/heads/master","pushedAt":"2024-05-17T18:59:35.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"georgedias","name":"George M. Dias","path":"/georgedias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/13986875?s=80&v=4"},"commit":{"message":"Upgrade to New Heroku Plan (#624)\n\nAs announced on May 1, 2024, Heroku Postgres mini and basic plans will\r\nreach end-of-life (EOL) on May 22, 2024.\r\nHeimdall was using heroku-postgresql:mini.\r\n\r\nMake the necessary changes in the app.json, update to the new Essential\r\nplan to:\r\nheroku-postgresql:mini → heroku-postgresql:essential-0","shortMessageHtmlLink":"Upgrade to New Heroku Plan (#624)"}},{"before":null,"after":"979ed2f8642f8204dc501a5eab93e598418fde96","ref":"refs/heads/heroku-upgrade","pushedAt":"2024-05-10T18:50:11.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"DMedina6","name":null,"path":"/DMedina6","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/158589619?s=80&v=4"},"commit":{"message":"upgrade heroku to new service tier","shortMessageHtmlLink":"upgrade heroku to new service tier"}},{"before":"9244fa6f736a4029f81bcc197b5a6447ff8f4e99","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-008df46ec9","pushedAt":"2024-04-10T21:28:02.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"}},{"before":"c8f2d5b39bb09630f4bdf1c200d42106f6c804a8","after":"22ce8a2e881684fe8883bbdcf50d4a203b54eec8","ref":"refs/heads/master","pushedAt":"2024-04-10T21:28:00.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"github-actions[bot]","name":null,"path":"/apps/github-actions","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/15368?s=80&v=4"},"commit":{"message":"Bump the npm_and_yarn group across 1 directory with 3 updates (#623)\n\nBumps the npm_and_yarn group with 3 updates in the / directory:\n[express](https://github.com/expressjs/express),\n[follow-redirects](https://github.com/follow-redirects/follow-redirects)\nand [tar](https://github.com/isaacs/node-tar).\n\nUpdates `express` from 4.18.2 to 4.19.2\n
\nRelease notes\n

Sourced from express's\nreleases.

\n
\n

4.19.2

\n

What's Changed

\n
    \n
  • Improved\nfix for open redirect allow list bypass
    • \n
\n

Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2

\n

4.19.1

\n

What's Changed

\n
    \n
  • Fix ci after location patch by @​wesleytodd in expressjs/express#5552
    • \n
  • fixed un-edited version in history.md for 4.19.0 by @​wesleytodd in expressjs/express#5556
    • \n
\n

Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1

\n

4.19.0

\n

What's Changed

\n
    \n
  • fix typo in release date by @​UlisesGascon\nin expressjs/express#5527
    • \n
  • docs: nominating @​wesleytodd to be\nproject captian by @​wesleytodd in expressjs/express#5511
    • \n
  • docs: loosen TC activity rules by @​wesleytodd in expressjs/express#5510
    • \n
  • Add note on how to update docs for new release by @​crandmck in expressjs/express#5541
    • \n
  • Prevent\nopen redirect allow list bypass due to encodeurl
    • \n
  • Release 4.19.0 by @​wesleytodd in expressjs/express#5551
    • \n
\n

New Contributors

\n
    \n
  • @​crandmck\nmade their first contribution in expressjs/express#5541
    • \n
\n

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

\n

4.18.3

\n

Main Changes

\n
    \n
  • Fix routing requests without method
    • \n
  • deps: body-parser@1.20.2\n
      \n
    • Fix strict json error message on Node.js 19+
      • \n
    • deps: content-type@~1.0.5
      • \n
    • deps: raw-body@2.5.2
      • \n
    \n
    • \n
\n

Other Changes

\n
    \n
  • Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
    • \n
  • build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in\nexpressjs/express#5034
    • \n
  • ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
    • \n
  • test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
    • \n
  • Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
    • \n
  • Fixed typos by @​raksbisht in expressjs/express#5117
    • \n
  • examples: remove unused params by @​raksbisht in expressjs/express#5113
    • \n
  • fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
    • \n
  • fix: typos in History.md by @​raksbisht in expressjs/express#5131
    • \n
  • build : add Node.js@19.7 by @​abenhamdine in\nexpressjs/express#5028
    • \n
  • test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137
    • \n
\n\n
\n

... (truncated)

\n
\n
\nChangelog\n

Sourced from express's\nchangelog.

\n
\n

4.19.2 / 2024-03-25

\n
    \n
  • Improved fix for open redirect allow list bypass
    • \n
\n

4.19.1 / 2024-03-20

\n
    \n
  • Allow passing non-strings to res.location with new encoding handling\nchecks
    • \n
\n

4.19.0 / 2024-03-20

\n
    \n
  • Prevent open redirect allow list bypass due to encodeurl
    • \n
  • deps: cookie@0.6.0
    • \n
\n

4.18.3 / 2024-02-29

\n
    \n
  • Fix routing requests without method
    • \n
  • deps: body-parser@1.20.2\n
      \n
    • Fix strict json error message on Node.js 19+
      • \n
    • deps: content-type@~1.0.5
      • \n
    • deps: raw-body@2.5.2
      • \n
    \n
    • \n
  • deps: cookie@0.6.0\n
      \n
    • Add partitioned option
      • \n
    \n
    • \n
\n
\n
\n
\nCommits\n
    \n
  • 04bc627\n4.19.2
    • \n
  • da4d763\nImproved fix for open redirect allow list bypass
    • \n
  • 4f0f6cc\n4.19.1
    • \n
  • a003cfa\nAllow passing non-strings to res.location with new encoding handling\nchecks f...
    • \n
  • a1fa90f\nfixed un-edited version in history.md for 4.19.0
    • \n
  • 11f2b1d\nbuild: fix build due to inconsistent supertest behavior in older\nversions
    • \n
  • 084e365\n4.19.0
    • \n
  • 0867302\nPrevent open redirect allow list bypass due to encodeurl
    • \n
  • 567c9c6\nAdd note on how to update docs for new release (#5541)
    • \n
  • 69a4cf2\ndeps: cookie@0.6.0
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\nMaintainer changes\n

This version was pushed to npm by wesleytodd, a new releaser\nfor express since your current version.

\n
\n
\n\nUpdates `follow-redirects` from 1.15.4 to 1.15.6\n
\nCommits\n
    \n
  • 35a517c\nRelease version 1.15.6 of the npm package.
    • \n
  • c4f847f\nDrop Proxy-Authorization across hosts.
    • \n
  • 8526b4a\nUse GitHub for disclosure.
    • \n
  • b1677ce\nRelease version 1.15.5 of the npm package.
    • \n
  • d8914f7\nPreserve fragment in responseUrl.
    • \n
  • See full diff in compare\nview
    • \n
\n
\n
\n\nUpdates `tar` from 6.1.11 to 6.2.1\n
\nRelease notes\n

Sourced from tar's\nreleases.

\n
\n

v6.1.13

\n

6.1.13\n(2022-12-07)

\n

Dependencies

\n
    \n
  • cc4e0dd\n#343\nbump minipass from 3.3.6 to 4.0.0
    • \n
\n

v6.1.12

\n

6.1.12\n(2022-10-31)

\n

Bug Fixes

\n
    \n
  • 57493ee\n#332\nensuring close event is emited after stream has ended (@​webark)
    • \n
  • b003c64\n#314\nreplace deprecated String.prototype.substr() (#314)\n(@​CommanderRoot,\n@​lukekarrys)
    • \n
\n

Documentation

\n
    \n
  • f129929\n#313\nremove dead link to benchmarks (#313)\n(@​yetzt)
    • \n
  • c1faa9f\nadd examples/explanation of using tar.t (@​isaacs)
    • \n
\n
\n
\n
\nChangelog\n

Sourced from tar's\nchangelog.

\n
\n

Changelog

\n

7.0

\n
    \n
  • Rewrite in TypeScript, provide ESM and CommonJS hybrid\ninterface
    • \n
  • Add tree-shake friendly exports, like\nimport('tar/create')\nand import('tar/read-entry') to get individual functions or\nclasses.
    • \n
  • Add chmod option that defaults to false, and deprecate\nnoChmod. That is, reverse the default option regarding\nexplicitly setting file system modes to match tar entry\nsettings.
    • \n
  • Add processUmask option to avoid having to call\nprocess.umask() when chmod: true (or\nnoChmod: false) is\nset.
    • \n
\n

6.2

\n
    \n
  • Add support for brotli compression
    • \n
  • Add maxDepth option to prevent extraction into\nexcessively\ndeep folders.
    • \n
\n

6.1

\n
    \n
  • remove dead link to benchmarks (#313)\n(@​yetzt)
    • \n
  • add examples/explanation of using tar.t (@​isaacs)
    • \n
  • ensure close event is emited after stream has ended (@​webark)
    • \n
  • replace deprecated String.prototype.substr() (@​CommanderRoot,\n@​lukekarrys)
    • \n
\n

6.0

\n
    \n
  • Drop support for node 6 and 8
    • \n
  • fix symlinks and hardlinks on windows being packed with\n\\-style path targets
    • \n
\n

5.0

\n
    \n
  • Address unpack race conditions using path reservations
    • \n
  • Change large-numbers errors from TypeError to Error
    • \n
  • Add TAR_* error codes
    • \n
  • Raise TAR_BAD_ARCHIVE warning/error when there are no\nvalid\nentries found in an archive
    • \n
  • do not treat ignored entries as an invalid archive
    • \n
  • drop support for node v4
    • \n
  • unpack: conditionally use a file mapping to write files on\nWindows
    • \n
  • Set more portable 'mode' value in portable mode
    • \n
  • Set portable gzip option in portable mode
    • \n
\n\n
\n

... (truncated)

\n
\n
\nCommits\n
    \n
  • bef7b1e\n6.2.1
    • \n
  • fe8cd57\nprevent extraction in excessively deep subfolders
    • \n
  • fe7ebfd\nremove security.md
    • \n
  • 5bc9d40\n6.2.0
    • \n
  • fe1ef5e\nchangelog 6.2
    • \n
  • e483220\nget rid of npm lint stuff
    • \n
  • 689928a\nci that works outside of npm org
    • \n
  • db6f539\nfile inference improvements for .tbr and .tgz
    • \n
  • 336fa8f\nrefactor: dry and other pr comments
    • \n
  • eeba222\nchore: lint fixes
    • \n
  • Additional commits viewable in compare\nview
    • \n
\n
\n
\n\n\nDependabot will resolve any conflicts with this PR as long as you don't\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n
\nDependabot commands and options\n
\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore major version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency's major version (unless you unignore this specific\ndependency's major version or upgrade to it yourself)\n- `@dependabot ignore minor version` will close this\ngroup update PR and stop Dependabot creating any more for the specific\ndependency's minor version (unless you unignore this specific\ndependency's minor version or upgrade to it yourself)\n- `@dependabot ignore ` will close this group update PR\nand stop Dependabot creating any more for the specific dependency\n(unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore ` will remove all of the ignore\nconditions of the specified dependency\n- `@dependabot unignore ` will\nremove the ignore condition of the specified dependency and ignore\nconditions\nYou can disable automated security fix PRs for this repo from the\n[Security Alerts page](https://github.com/mitre/vulcan/network/alerts).\n\n
","shortMessageHtmlLink":"Bump the npm_and_yarn group across 1 directory with 3 updates (#623)"}},{"before":"d93ff1a4d41bbf57b93ad70d644f10f285d6bb9f","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-security-group-687b632a86","pushedAt":"2024-04-10T21:20:21.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"9244fa6f736a4029f81bcc197b5a6447ff8f4e99","ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-008df46ec9","pushedAt":"2024-04-10T21:20:17.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump the npm_and_yarn group across 1 directory with 3 updates\n\nBumps the npm_and_yarn group with 3 updates in the / directory: [express](https://github.com/expressjs/express), [follow-redirects](https://github.com/follow-redirects/follow-redirects) and [tar](https://github.com/isaacs/node-tar).\n\n\nUpdates `express` from 4.18.2 to 4.19.2\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/master/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)\n\nUpdates `follow-redirects` from 1.15.4 to 1.15.6\n- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)\n- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.4...v1.15.6)\n\nUpdates `tar` from 6.1.11 to 6.2.1\n- [Release notes](https://github.com/isaacs/node-tar/releases)\n- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/isaacs/node-tar/compare/v6.1.11...v6.2.1)\n\n---\nupdated-dependencies:\n- dependency-name: express\n dependency-type: indirect\n dependency-group: npm_and_yarn\n- dependency-name: follow-redirects\n dependency-type: indirect\n dependency-group: npm_and_yarn\n- dependency-name: tar\n dependency-type: indirect\n dependency-group: npm_and_yarn\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump the npm_and_yarn group across 1 directory with 3 updates"}},{"before":"c490bb5d44076c39987b6d66eb3a22bec9ebcd36","after":null,"ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-security-group-b2e1eb7815","pushedAt":"2024-03-28T17:44:50.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"}},{"before":null,"after":"d93ff1a4d41bbf57b93ad70d644f10f285d6bb9f","ref":"refs/heads/dependabot/npm_and_yarn/npm_and_yarn-security-group-687b632a86","pushedAt":"2024-03-28T17:44:46.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"dependabot[bot]","name":null,"path":"/apps/dependabot","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/29110?s=80&v=4"},"commit":{"message":"Bump the npm_and_yarn group across 1 directory with 2 updates\n\nBumps the npm_and_yarn group with 2 updates in the / directory: [express](https://github.com/expressjs/express) and [follow-redirects](https://github.com/follow-redirects/follow-redirects).\n\n\nUpdates `express` from 4.18.2 to 4.19.2\n- [Release notes](https://github.com/expressjs/express/releases)\n- [Changelog](https://github.com/expressjs/express/blob/master/History.md)\n- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)\n\nUpdates `follow-redirects` from 1.15.4 to 1.15.6\n- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)\n- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.4...v1.15.6)\n\n---\nupdated-dependencies:\n- dependency-name: express\n dependency-type: indirect\n dependency-group: npm_and_yarn-security-group\n- dependency-name: follow-redirects\n dependency-type: indirect\n dependency-group: npm_and_yarn-security-group\n...\n\nSigned-off-by: dependabot[bot] ","shortMessageHtmlLink":"Bump the npm_and_yarn group across 1 directory with 2 updates"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOC0wOFQxMzo0MDozMy4wMDAwMDBazwAAAASVTVgn","startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOC0wOFQxMzo0MDozMy4wMDAwMDBazwAAAASVTVgn","endCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wMy0yOFQxNzo0NDo0Ni4wMDAwMDBazwAAAAQiBlA7"}},"title":"Activity · mitre/vulcan"}