Update Mend: high confidence minor and patch dependency updates #14
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
2.6.1
->2.6.4
1.18.3
->1.20.3
7.0.2
->7.0.3
1.9.0
->1.11.0
1.0.26
->1.0.31
4.16.4
->4.21.0
1.15.6
->1.18.0
1.0.3
->1.6.1
1.3.2
->1.5.0
6.0.1
->6.2.0
10.2.0
->10.7.3
2.0.21
->2.0.22
1.9.1
->1.13.7
Release Notes
caolan/async (async)
v2.6.4
Compare Source
v2.6.3
Compare Source
v2.6.2
Compare Source
expressjs/body-parser (body-parser)
v1.20.3
Compare Source
===================
depth
option to customize the depth level in the parserdepth
level for parsing URL-encoded data is now32
(previously wasInfinity
)v1.20.2
Compare Source
===================
v1.20.1
Compare Source
===================
v1.20.0
Compare Source
===================
strict
eval
usage withFunction
constructorprocess
to check for listenersv1.19.2
Compare Source
===================
__proto__
keysv1.19.1
Compare Source
===================
v1.19.0
Compare Source
===================
pb
) supportthrow
on invalid typekentcdodds/cross-env (cross-env)
v7.0.3
Compare Source
Bug Fixes
expressjs/csurf (csurf)
v1.11.0
Compare Source
===================
SameSite=None
supportv1.10.0
Compare Source
===================
base64-url
dependencymessage
property enumerable forHttpError
sYaffle/EventSource (event-source-polyfill)
v1.0.31
Compare Source
v1.0.30
Compare Source
v1.0.29
Compare Source
v1.0.28
Compare Source
expressjs/express (express)
v4.21.0
Compare Source
What's Changed
"back"
magic string in redirects by @blakeembrey in https://github.com/expressjs/express/pull/5935New Contributors
Full Changelog: expressjs/express@4.20.0...4.21.0
v4.20.0
Compare Source
==========
depth
option to customize the depth level in the parserdepth
level for parsing URL-encoded data is now32
(previously wasInfinity
)res.redirect
\
,|
, and^
to align better with URL specoptions.maxAge
andoptions.expires
tores.clearCookie
v4.19.2
Compare Source
==========
v4.19.1
Compare Source
==========
v4.19.0
Compare Source
==========
v4.18.3
Compare Source
==========
partitioned
optionv4.18.2
Compare Source
===================
v4.18.1
Compare Source
===================
v4.18.0
Compare Source
===================
res.download
options
withoutfilename
inres.download
res.status
null
/undefined
asmaxAge
inres.cookie
Object.prototype
values in settings throughapp.set
/app.get
default
with same arguments as types inres.format
res.send
http-errors
forres.format
errorstrict
priority
optionexpires
option to reject invalid dateseval
usage withFunction
constructorprocess
to check for listeners425 Unordered Collection
to standard425 Too Early
v4.17.3
Compare Source
===================
__proto__
keysv4.17.2
Compare Source
===================
undefined
inres.jsonp
undefined
when"json escape"
is enabledRegExp
sres.jsonp(obj, status)
deprecation messageres.is
JSDocmaxAge
option to reject invalid valuesreq.socket
over deprecatedreq.connection
v4.17.1
Compare Source
===================
null
/undefined
tores.status
"v4.17.0
Compare Source
===================
express.raw
to parse bodies intoBuffer
express.text
to parse bodies into stringres.sendFile
null
/undefined
tores.status
X-Forwarded-Host
pb
) supportSameSite=None
supportContent-Security-Policy
headerpath.normalize
call103 Early Hints
throw
on invalid typeexpressjs/session (express-session)
v1.18.0
Compare Source
===================
partitioned
tocookie
optionspriority
tocookie
optionssecret
thatcrypto.createHmac
supportsexpires
option to reject invalid datesv1.17.3
Compare Source
===================
v1.17.2
Compare Source
===================
res.end
patch to always commit headersv1.17.1
Compare Source
===================
v1.17.0
Compare Source
===================
SameSite=None
supportv1.16.2
Compare Source
===================
cookie.originalMaxAge
when store returnsDate
v1.16.1
Compare Source
===================
data
option toCookie
constructorv1.16.0
Compare Source
===================
cookie.maxAge
value earliercookie.maxAge
to aDate
objectresave: false
may not save altered sessionsutils-merge
dependencysafe-buffer
for improved Buffer APISet-Cookie
as cookie header name for compatibilityeval
usage withFunction
constructorprocess
to check for listenersres.writeHead
patch missing return valuegruntjs/grunt (grunt)
v1.6.1
Compare Source
72f6f03
8d4c183
1c7d483
2d4fd38
902db7c
494f243
b01389e
0072510
v1.6.0
Compare Source
2805dc3
3f1e423
8fd096d
42c5f95
1d88050
v1.5.3
Compare Source
572d79b
58016ff
0749e1d
69b7c50
v1.5.2
Compare Source
7f15fd5
b0ec6e1
433f91b
v1.5.1
Compare Source
ad22608
0652305
v1.5.0
Compare Source
b2b2c2b
3eda6ae
47d32de
2e9161c
04b960e
aad3d45
fdc7056
e35fe54
v1.4.1
Compare Source
e7625e5
5d67e34
d13bf88
08896ae
eee0673
1b6e288
v1.4.0
Compare Source
63b2e89
106ed17
49de70b
47cf8b6
e86db1c
4952368
v1.3.0
Compare Source
faab6be
520fedb
7e669ac
safeLoad
for loading YML files viafile.readYAML
.e350cea
7125f49
00d5907
v1.2.1
Compare Source
ae11839
9d23cb6
e789b1f
v1.2.0
Compare Source
is visible to Node.js and NPM, instead of node_modules directly
inside package that have a dev dependency to these pluginhttps://github.com/gruntjs/grunt/pull/1677nt/pull/1677)
coffeescript is still around, Grunt will attempt to load it.
If it is not, and the user loads a CoffeeScript file,
Grunt will print a useful error indicating that the
coffeescript package should be installed as a dev dependency.
This is considerably more user-friendly than dropping the require entirely,
but doing so is feasible with the latest grunt-cli as users
may simply use grunt --require https://github.com/gruntjs/grunt/pull/1675thub.com/Remove coffeescript from dependencies. gruntjs/grunt#1675)
(https://github.com/gruntjs/grunt/pull/15701570)
(https://github.com/gruntjs/grunt/pull/16971697)
v1.1.0
Compare Source
v1.0.4
Compare Source
gruntjs/grunt-cli (grunt-cli)
v1.5.0
Compare Source
7f5c4e8
bd5917d
f33cc6a
670029a
v1.4.3
Compare Source
07f3b0d
4d691e2
e820858
v1.4.2
Compare Source
4d691e2
e820858
v1.4.1
Compare Source
e820858
v1.4.0
Compare Source
bbc4400
3fa5bf6
c271173
84ebcb8
helmetjs/helmet (helmet)
v6.2.0
Compare Source
strictTransportSecurity
for theStrict-Transport-Security
header, instead ofhsts
)v6.1.5
Compare Source
Fixed
v6.1.4
Compare Source
Fixed
v6.1.3
Compare Source
Fixed
v6.1.2
Compare Source
Fixed
main
to package to help with some build toolsv6.1.1
Compare Source
Fixed
v6.1.0
Compare Source
Changed
mochajs/mocha (mocha)
v10.7.3
Compare Source
🩹 Fixes
v10.7.0
Compare Source
🎉 Enhancements
v10.6.1
Compare Source
🐛 Fixes
v10.6.0
Compare Source
🎉 Enhancements
v10.5.2
Compare Source
🐛 Fixes
v10.5.1
Compare Source
🐛 Fixes
v10.5.0
Compare Source
🎉 Enhancements
🐛 Fixes
🔩 Other
v10.4.0
Compare Source
🎉 Enhancements
.cause
stacks in the error stack traces (@voxpelli)🐛 Fixes
lib/cli/run.js
(@stalet)🔩 Other
v10.3.0
Compare Source
This is a stable release equivalent to 10.30.0-prerelease.
remy/nodemon (nodemon)
v2.0.22
Compare Source
Bug Fixes
jashkenas/underscore (underscore)
v1.13.7
Compare Source
v1.13.6
Compare Source
v1.13.5
Compare Source
v1.13.4
Compare Source
v1.13.3
Compare Source
v1.13.2
Compare Source
v1.13.1
Compare Source
v1.13.0
Compare Source
v1.12.1
Compare Source
v1.12.0
Compare Source
v1.11.0
Compare Source
v1.10.2
Compare Source
v1.10.1
Compare Source
v1.10.0
Compare Source
v1.9.2
Compare Source
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.