Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency body-parser to ^1.20.3 (main) #19

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update dependency body-parser to ^1.20.3 (main) #19

wants to merge 1 commit into from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented Sep 19, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change
body-parser dependencies minor ^1.15.2 -> ^1.20.3

By merging this PR, the issue #18 will be automatically resolved and closed:

Severity CVSS Score CVE Reachability
High High 7.5 CVE-2024-45590

Release Notes

expressjs/body-parser (body-parser)

v1.20.3

Compare Source

===================

  • deps: [email protected]
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

v1.20.2

Compare Source

===================

  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: [email protected]

v1.20.1

Compare Source

===================

v1.20.0

Compare Source

===================

v1.19.2

Compare Source

===================

v1.19.1

Compare Source

===================

v1.19.0

Compare Source

===================

v1.18.3

Compare Source

===================

v1.18.2

Compare Source

===================

v1.18.1

Compare Source

===================

v1.18.0

Compare Source

===================

  • Fix JSON strict violation error to match native parse error
  • Include the body property on verify errors
  • Include the type property on all generated errors
  • Use http-errors to set status code on errors
  • deps: [email protected]
  • deps: [email protected]
  • deps: depd@~1.1.1
    • Remove unnecessary Buffer loading
  • deps: http-errors@~1.6.2
  • deps: [email protected]
    • Add support for React Native
    • Add a warning if not loaded as utf-8
    • Fix CESU-8 decoding in Node.js 8
    • Improve speed of ISO-8859-1 encoding
  • deps: [email protected]
  • deps: [email protected]
  • perf: prevent internal throw when missing charset

v1.17.2

Compare Source

===================

v1.17.1

Compare Source

===================

v1.17.0

Compare Source

===================

v1.16.1

Compare Source

===================

  • deps: [email protected]
    • Fix deprecation messages in WebStorm and other editors
    • Undeprecate DEBUG_FD set to 1 or 2

v1.16.0

Compare Source

===================

  • deps: [email protected]
    • Allow colors in workers
    • Deprecated DEBUG_FD environment variable
    • Fix error when running under React Native
    • Use same color for same namespace
    • deps: [email protected]
  • deps: http-errors@~1.5.1
  • deps: [email protected]
    • Added encoding MS-31J
    • Added encoding MS-932
    • Added encoding MS-936
    • Added encoding MS-949
    • Added encoding MS-950
    • Fix GBK/GB18030 handling of Euro character
  • deps: [email protected]
    • Fix array parsing from skipping empty values
  • deps: raw-body@~2.2.0
  • deps: type-is@~1.6.14
    • deps: mime-types@~2.1.13
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Sep 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants