Sourced from serve-static's\r\nreleases.
\r\n\r\n\r\n1.16.0
\r\nWhat's Changed
\r\n\r\n
\r\n- Remove link renderization in html while redirecting (expressjs/serve-static#173)
\r\nNew Contributors
\r\n\r\n
\r\n- \r\n
@UlisesGascon
\r\nmade their first contribution in expressjs/serve-static#173Full Changelog: https://github.com/expressjs/serve-static/compare/v1.15.0...1.16.0
\r\n
Sourced from serve-static's\r\nchangelog.
\r\n\r\n\r\n1.16.2 / 2024-09-11
\r\n\r\n
\r\n- deps: encodeurl@~2.0.0
\r\n1.16.1 / 2024-09-11
\r\n\r\n
\r\n- deps: send@0.19.0
\r\n1.16.0 / 2024-09-10
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n
This version was pushed to npm by wesleytodd, a new releaser\r\nfor serve-static since your current version.
\r\nSourced from express's\r\nreleases.
\r\n\r\n\r\n4.21.0
\r\nWhat's Changed
\r\n\r\n
\r\n- Deprecate
\r\n"back"
magic string in redirects by\r\n@blakeembrey
\r\nin expressjs/express#5935- finalhandler@1.3.1 by
\r\n@wesleytodd
in expressjs/express#5954- fix(deps): serve-static@1.16.2 by
\r\n@wesleytodd
in expressjs/express#5951- Upgraded dependency qs to 6.13.0 to match qs in body-parser by
\r\n@agadzinski93
\r\nin expressjs/express#5946New Contributors
\r\n\r\n
\r\n- \r\n
@agadzinski93
\r\nmade their first contribution in expressjs/express#5946Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0
\r\n4.20.0
\r\nWhat's Changed
\r\nImportant
\r\n\r\n
\r\n- IMPORTANT: The default
\r\ndepth
level for parsing\r\nURL-encoded data is now32
(previously was\r\nInfinity
)- Remove link renderization in html while using\r\n
\r\nres.redirect
Other Changes
\r\n\r\n
\r\n\r\n- 4.19.2 Staging by
\r\n@wesleytodd
in expressjs/express#5561- remove duplicate location test for data uri by
\r\n@wesleytodd
in expressjs/express#5562- feat: document beta releases expectations by
\r\n@marco-ippolito
\r\nin expressjs/express#5565- Cut down on duplicated CI runs by
\r\n@jonchurch
in expressjs/express#5564- Add a Threat Model by
\r\n@UlisesGascon
\r\nin expressjs/express#5526- Assign captain of encodeurl by
\r\n@blakeembrey
in\r\nexpressjs/express#5579- Nominate jonchurch as repo captain for
\r\nhttp-errors
,\r\nexpressjs.com
,morgan
,cors
,\r\nbody-parser
by@jonchurch
in expressjs/express#5587- docs: update Security.md by
\r\n@inigomarquinez
\r\nin expressjs/express#5590- docs: update triage nomination policy by
\r\n@UlisesGascon
\r\nin expressjs/express#5600- Add CodeQL (SAST) by
\r\n@UlisesGascon
\r\nin expressjs/express#5433- docs: add UlisesGascon as triage initiative captain by
\r\n@UlisesGascon
\r\nin expressjs/express#5605- deps: encodeurl@~2.0.0 by
\r\n@blakeembrey
in\r\nexpressjs/express#5569- skip QUERY method test by
\r\n@jonchurch
in expressjs/express#5628- ignore ETAG query test on 21 and 22, reuse skip util by
\r\n@jonchurch
in expressjs/express#5639- add support Node.js@22 in the CI by
\r\n@mertcanaltin
\r\nin expressjs/express#5627- doc: add table of contents, tc/triager lists to readme by
\r\n@mertcanaltin
\r\nin expressjs/express#5619- List and sort all projects, add captains by
\r\n@blakeembrey
in\r\nexpressjs/express#5653- docs: add
\r\n@UlisesGascon
\r\nas captain for cookie-parser by@UlisesGascon
\r\nin expressjs/express#5666- ✨ bring back query tests for node 21 by
\r\n@ctcpip
in expressjs/express#5690- [v4] Deprecate
\r\nres.clearCookie
accepting\r\noptions.maxAge
andoptions.expires
by@jonchurch
in expressjs/express#5672- skip QUERY tests for Node 21 only, still not supported by
\r\n@jonchurch
in expressjs/express#5695- 📝 update people, add ctcpip to TC by
\r\n@ctcpip
in expressjs/express#5683- remove minor version pinning from ci by
\r\n@jonchurch
in expressjs/express#5722- Fix link variable use in attribution section of CODE OF CONDUCT by\r\n
\r\n@IamLizu
in expressjs/express#5762- Replace Appveyor windows testing with GHA by
\r\n@jonchurch
in expressjs/express#5599- Add OSSF Scorecard badge by
\r\n@UlisesGascon
\r\nin expressjs/express#5436- update scorecard link by
\r\n@bjohansebas
in\r\nexpressjs/express#5814- Nominate
\r\n@IamLizu
to the\r\ntriage team by@UlisesGascon
\r\nin expressjs/express#5836- deps: path-to-regexp@0.1.8 by
\r\n@blakeembrey
in\r\nexpressjs/express#5603
... (truncated)
\r\nSourced from express's\r\nchangelog.
\r\n\r\n\r\n4.21.0 / 2024-09-11
\r\n\r\n
\r\n- Deprecate
\r\nres.location("back")
and\r\nres.redirect("back")
magic string- deps: serve-static@1.16.2\r\n
\r\n\r\n
\r\n- includes send@0.19.0
\r\n- deps: finalhandler@1.3.1
\r\n- deps: qs@6.13.0
\r\n4.20.0 / 2024-09-10
\r\n\r\n
\r\n- deps: serve-static@0.16.0\r\n
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n- deps: send@0.19.0\r\n
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n- deps: body-parser@0.6.0\r\n
\r\n\r\n
\r\n- add
\r\ndepth
option to customize the depth level in the\r\nparser- IMPORTANT: The default
\r\ndepth
level for parsing\r\nURL-encoded data is now32
(previously was\r\nInfinity
)- Remove link renderization in html while using\r\n
\r\nres.redirect
- deps: path-to-regexp@0.1.10\r\n
\r\n\r\n
\r\n- Adds support for named matching groups in the routes using a\r\nregex
\r\n- Adds backtracking protection to parameters without regexes\r\ndefined
\r\n- deps: encodeurl@~2.0.0\r\n
\r\n\r\n
\r\n- Removes encoding of
\r\n\\
,|
, and\r\n^
to align better with URL spec- Deprecate passing
\r\noptions.maxAge
and\r\noptions.expires
tores.clearCookie
\r\n\r\n
\r\n- Will be ignored in v5, clearCookie will set a cookie with an expires\r\nin the past to instruct clients to delete the cookie
\r\n
7e562c6
\r\n4.21.01bcde96
\r\nfix(deps): qs@6.13.0 (#5946)7d36477
\r\nfix(deps): serve-static@1.16.2 (#5951)40d2d8f
\r\nfix(deps): finalhandler@1.3.177ada90
\r\nDeprecate "back"
magic string in redirects (#5935)21df421
\r\n4.20.04c9ddc1
\r\nfeat: upgrade to serve-static@0.16.09ebe5d5
\r\nfeat: upgrade to send@0.19.0 (#5928)ec4a01b
\r\nfeat: upgrade to body-parser@1.20.3 (#5926)54271f6
\r\nfix: don't render redirect values in anchor hrefSourced from send's\r\nreleases.
\r\n\r\n\r\n0.19.0
\r\nWhat's Changed
\r\n\r\n
\r\n- Remove link renderization in html while redirecting (pillarjs/send#235)
\r\nNew Contributors
\r\n\r\n
\r\n- \r\n
@UlisesGascon
\r\nmade their first contribution in pillarjs/send#235Full Changelog: https://github.com/pillarjs/send/compare/0.18.0...0.19.0
\r\n
Sourced from send's\r\nchangelog.
\r\n\r\n\r\n0.19.0 / 2024-09-10
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n
9d2db99
\r\n0.19.0ae4f298
\r\nMerge commit from forkThis version was pushed to npm by ulisesgascon, a new\r\nreleaser for send since your current version.
\r\nSourced from express's\r\nreleases.
\r\n\r\n\r\n4.21.0
\r\nWhat's Changed
\r\n\r\n
\r\n- Deprecate
\r\n"back"
magic string in redirects by\r\n@blakeembrey
\r\nin expressjs/express#5935- finalhandler@1.3.1 by
\r\n@wesleytodd
in expressjs/express#5954- fix(deps): serve-static@1.16.2 by
\r\n@wesleytodd
in expressjs/express#5951- Upgraded dependency qs to 6.13.0 to match qs in body-parser by
\r\n@agadzinski93
\r\nin expressjs/express#5946New Contributors
\r\n\r\n
\r\n- \r\n
@agadzinski93
\r\nmade their first contribution in expressjs/express#5946Full Changelog: https://github.com/expressjs/express/compare/4.20.0...4.21.0
\r\n4.20.0
\r\nWhat's Changed
\r\nImportant
\r\n\r\n
\r\n- IMPORTANT: The default
\r\ndepth
level for parsing\r\nURL-encoded data is now32
(previously was\r\nInfinity
)- Remove link renderization in html while using\r\n
\r\nres.redirect
Other Changes
\r\n\r\n
\r\n\r\n- 4.19.2 Staging by
\r\n@wesleytodd
in expressjs/express#5561- remove duplicate location test for data uri by
\r\n@wesleytodd
in expressjs/express#5562- feat: document beta releases expectations by
\r\n@marco-ippolito
\r\nin expressjs/express#5565- Cut down on duplicated CI runs by
\r\n@jonchurch
in expressjs/express#5564- Add a Threat Model by
\r\n@UlisesGascon
\r\nin expressjs/express#5526- Assign captain of encodeurl by
\r\n@blakeembrey
in\r\nexpressjs/express#5579- Nominate jonchurch as repo captain for
\r\nhttp-errors
,\r\nexpressjs.com
,morgan
,cors
,\r\nbody-parser
by@jonchurch
in expressjs/express#5587- docs: update Security.md by
\r\n@inigomarquinez
\r\nin expressjs/express#5590- docs: update triage nomination policy by
\r\n@UlisesGascon
\r\nin expressjs/express#5600- Add CodeQL (SAST) by
\r\n@UlisesGascon
\r\nin expressjs/express#5433- docs: add UlisesGascon as triage initiative captain by
\r\n@UlisesGascon
\r\nin expressjs/express#5605- deps: encodeurl@~2.0.0 by
\r\n@blakeembrey
in\r\nexpressjs/express#5569- skip QUERY method test by
\r\n@jonchurch
in expressjs/express#5628- ignore ETAG query test on 21 and 22, reuse skip util by
\r\n@jonchurch
in expressjs/express#5639- add support Node.js@22 in the CI by
\r\n@mertcanaltin
\r\nin expressjs/express#5627- doc: add table of contents, tc/triager lists to readme by
\r\n@mertcanaltin
\r\nin expressjs/express#5619- List and sort all projects, add captains by
\r\n@blakeembrey
in\r\nexpressjs/express#5653- docs: add
\r\n@UlisesGascon
\r\nas captain for cookie-parser by@UlisesGascon
\r\nin expressjs/express#5666- ✨ bring back query tests for node 21 by
\r\n@ctcpip
in expressjs/express#5690- [v4] Deprecate
\r\nres.clearCookie
accepting\r\noptions.maxAge
andoptions.expires
by@jonchurch
in expressjs/express#5672- skip QUERY tests for Node 21 only, still not supported by
\r\n@jonchurch
in expressjs/express#5695- 📝 update people, add ctcpip to TC by
\r\n@ctcpip
in expressjs/express#5683- remove minor version pinning from ci by
\r\n@jonchurch
in expressjs/express#5722- Fix link variable use in attribution section of CODE OF CONDUCT by\r\n
\r\n@IamLizu
in expressjs/express#5762- Replace Appveyor windows testing with GHA by
\r\n@jonchurch
in expressjs/express#5599- Add OSSF Scorecard badge by
\r\n@UlisesGascon
\r\nin expressjs/express#5436- update scorecard link by
\r\n@bjohansebas
in\r\nexpressjs/express#5814- Nominate
\r\n@IamLizu
to the\r\ntriage team by@UlisesGascon
\r\nin expressjs/express#5836- deps: path-to-regexp@0.1.8 by
\r\n@blakeembrey
in\r\nexpressjs/express#5603
... (truncated)
\r\nSourced from express's\r\nchangelog.
\r\n\r\n\r\n4.21.0 / 2024-09-11
\r\n\r\n
\r\n- Deprecate
\r\nres.location("back")
and\r\nres.redirect("back")
magic string- deps: serve-static@1.16.2\r\n
\r\n\r\n
\r\n- includes send@0.19.0
\r\n- deps: finalhandler@1.3.1
\r\n- deps: qs@6.13.0
\r\n4.20.0 / 2024-09-10
\r\n\r\n
\r\n- deps: serve-static@0.16.0\r\n
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n- deps: send@0.19.0\r\n
\r\n\r\n
\r\n- Remove link renderization in html while redirecting
\r\n- deps: body-parser@0.6.0\r\n
\r\n\r\n
\r\n- add
\r\ndepth
option to customize the depth level in the\r\nparser- IMPORTANT: The default
\r\ndepth
level for parsing\r\nURL-encoded data is now32
(previously was\r\nInfinity
)- Remove link renderization in html while using\r\n
\r\nres.redirect
- deps: path-to-regexp@0.1.10\r\n
\r\n\r\n
\r\n- Adds support for named matching groups in the routes using a\r\nregex
\r\n- Adds backtracking protection to parameters without regexes\r\ndefined
\r\n- deps: encodeurl@~2.0.0\r\n
\r\n\r\n
\r\n- Removes encoding of
\r\n\\
,|
, and\r\n^
to align better with URL spec- Deprecate passing
\r\noptions.maxAge
and\r\noptions.expires
tores.clearCookie
\r\n\r\n
\r\n- Will be ignored in v5, clearCookie will set a cookie with an expires\r\nin the past to instruct clients to delete the cookie
\r\n
7e562c6
\r\n4.21.01bcde96
\r\nfix(deps): qs@6.13.0 (#5946)7d36477
\r\nfix(deps): serve-static@1.16.2 (#5951)40d2d8f
\r\nfix(deps): finalhandler@1.3.177ada90
\r\nDeprecate "back"
magic string in redirects (#5935)21df421
\r\n4.20.04c9ddc1
\r\nfeat: upgrade to serve-static@0.16.09ebe5d5
\r\nfeat: upgrade to send@0.19.0 (#5928)ec4a01b
\r\nfeat: upgrade to body-parser@1.20.3 (#5926)54271f6
\r\nfix: don't render redirect values in anchor hrefSourced from socket.io's\r\nreleases.
\r\n\r\n\r\n4.7.5
\r\nBug Fixes
\r\n\r\n
\r\n- close the adapters when the server is closed (bf64870)
\r\n- remove duplicate pipeline when serving bundle (e426f3e)
\r\nLinks
\r\n\r\n
\r\n- Diff: https://github.com/socketio/socket.io/compare/4.7.4...4.7.5
\r\n- Client release: 4.7.5
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.4
\r\nBug Fixes
\r\n\r\n
\r\n- typings: calling io.emit with no arguments\r\nincorrectly errored (cb6d2e0),\r\ncloses #4914
\r\nLinks
\r\n\r\n
\r\n- Diff: https://github.com/socketio/socket.io/compare/4.7.3...4.7.4
\r\n- Client release: 4.7.4
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.3
\r\nBug Fixes
\r\n\r\n
\r\n- return the first response when broadcasting to a single socket (#4878)\r\n(df8e70f)
\r\n- typings: allow to bind to a non-secure Http2Server\r\n(#4853)\r\n(8c9ebc3)
\r\nLinks
\r\n\r\n
\r\n- Diff: https://github.com/socketio/socket.io/compare/4.7.2...4.7.3
\r\n- Client release: 4.7.3
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.2
\r\nBug Fixes
\r\n\r\n
\r\n- clean up child namespace when client is rejected in middleware (#4773)\r\n(0731c0d)
\r\n- webtransport: properly handle WebTransport-only\r\nconnections (3468a19)
\r\n- webtransport: add proper framing (a306db0)
\r\nLinks
\r\n\r\n
... (truncated)
\r\nSourced from socket.io's\r\nchangelog.
\r\n\r\n\r\n4.7.5\r\n(2024-03-14)
\r\nBug Fixes
\r\n\r\n
\r\n- close the adapters when the server is closed (bf64870)
\r\n- remove duplicate pipeline when serving bundle (e426f3e)
\r\nDependencies
\r\n\r\n
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.4\r\n(2024-01-12)
\r\nBug Fixes
\r\n\r\n
\r\n- typings: calling io.emit with no arguments\r\nincorrectly errored (cb6d2e0),\r\ncloses #4914
\r\nDependencies
\r\n\r\n
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.3\r\n(2024-01-03)
\r\nBug Fixes
\r\n\r\n
\r\n- return the first response when broadcasting to a single socket (#4878)\r\n(df8e70f)
\r\n- typings: allow to bind to a non-secure Http2Server\r\n(#4853)\r\n(8c9ebc3)
\r\nDependencies
\r\n\r\n
\r\n- \r\n
engine.io@~6.5.2
\r\n(no change)- \r\n
ws@~8.11.0
\r\n(no change)4.7.2\r\n(2023-08-02)
\r\n\r\n
... (truncated)
\r\n5017681
\r\nchore(release): 4.7.5bf64870
\r\nfix: close the adapters when the server is closed748e18c
\r\nci: test with older TypeScript versionb9ce6a2
\r\nrefactor: create specific adapter for parent namespaces (#4950)54dabe5
\r\nci: upgrade to actions/checkout@4 and actions/setup-node@4e426f3e
\r\nfix: remove duplicate pipeline when serving bundlee36062c
\r\ndocs: update the webtransport example0bbe8ae
\r\ndocs: only execute the passport middleware once914a8bd
\r\ndocs: add example with JWTd943c3e
\r\ndocs: update the Passport.js example74b2db2
\r\n3.0.388f1429
\r\nupdate eslint. lint, fix unit tests.415d660
\r\nSnyk js braces 6838727 (#40)190510f
\r\nfix tests, skip 1 test in test/braces.expand716eb9f
\r\nreadme bumpa5851e5
\r\nMerge pull request #37\r\nfrom coderaiser/fix/vulnerability2092bd1
\r\nfeature: braces: add maxSymbols (https://github.com/micromatch/braces/issues/...9f5b4cf
\r\nfix: vulnerability (https://security.snyk.io/vuln/SNYK-JS-BRACES-6838727)98414f9
\r\nremove funding file665ab5d
\r\nupdate keepEscaping doc (#27)Sourced from gh-pages's\r\nreleases.
\r\n\r\n\r\nv5.0.0
\r\nPotentially breaking change: the
\r\npublish
method now\r\nalways returns a promise. Previously, it did not return a promise in\r\nsome error cases. This should not impact most users.Updates to the development dependencies required a minimum Node\r\nversion of 14 for the tests. The library should still work on Node 12,\r\nbut tests are no longer run in CI for version 12. A future major version\r\nof the library may drop support for version 12 altogether.
\r\nWhat's Changed
\r\n\r\n
\r\n- Assorted updates by
\r\n@tschaub
in tschaub/gh-pages#452- Update README to clarify project site configuration requirements\r\nwith tools like CRA, webpack, Vite, etc. by
\r\n@Nezteb
in tschaub/gh-pages#445- Bump actions/checkout from 2 to 3 by
\r\n@dependabot
in tschaub/gh-pages#453- Bump actions/setup-node from 1 to 3 by
\r\n@dependabot
in tschaub/gh-pages#455- Bump email-addresses from 3.0.1 to 5.0.0 by
\r\n@dependabot
in tschaub/gh-pages#454- Bump async from 2.6.4 to 3.2.4 by
\r\n@dependabot
in tschaub/gh-pages#459- Remove quotation marks by
\r\n@Vicropht
in tschaub/gh-pages#438New Contributors
\r\n\r\n
\r\n- \r\n
@Nezteb
made\r\ntheir first contribution in tschaub/gh-pages#445- \r\n
@Vicropht
\r\nmade their first contribution in tschaub/gh-pages#438Full Changelog: https://github.com/tschaub/gh-pages/compare/v4.0.0...v5.0.0
\r\nv4.0.0
\r\nThis release doesn't include any breaking changes, but due to updated\r\ndevelopment dependencies, tests are no longer run on Node 10.
\r\nWhat's Changed
\r\n\r\n
\r\n- Bump minimist from 1.2.5 to 1.2.6 by
\r\n@dependabot
in tschaub/gh-pages#423- Bump async from 2.6.1 to 2.6.4 by
\r\n@dependabot
in tschaub/gh-pages#427- Bump path-parse from 1.0.6 to 1.0.7 by
\r\n@dependabot
in tschaub/gh-pages#431- Bump ansi-regex from 3.0.0 to 3.0.1 by
\r\n@dependabot
in tschaub/gh-pages#430- Updated dev dependencies and formatting by
\r\n@tschaub
in tschaub/gh-pages#432Full Changelog: https://github.com/tschaub/gh-pages/compare/v3.2.3...v4.0.0
\r\n
Sourced from gh-pages's\r\nchangelog.
\r\n\r\n\r\nv5.0.0
\r\nPotentially breaking change: the
\r\npublish
method now\r\nalways returns a promise. Previously, it did not return a promise in\r\nsome error cases. This should not impact most users.Updates to the development dependencies required a minimum Node\r\nversion of 14 for the tests. The library should still work on Node 12,\r\nbut tests are no longer run in CI for version 12. A future major version\r\nof the library may drop support for version 12 altogether.
\r\n\r\n
\r\n- #438 -\r\nRemove quotation marks (
\r\n@Vicropht
)- #459 -\r\nBump async from 2.6.4 to 3.2.4 (
\r\n@tschaub
)- #454 -\r\nBump email-addresses from 3.0.1 to 5.0.0 (
\r\n@tschaub
)- #455 -\r\nBump actions/setup-node from 1 to 3 (
\r\n@tschaub
)- #453 -\r\nBump actions/checkout from 2 to 3 (
\r\n@tschaub
)- #445 -\r\nUpdate README to clarify project site configuration requirements with\r\ntools like CRA, webpack, Vite, etc. (
\r\n@Nezteb
)- #452 -\r\nAssorted updates (
\r\n@tschaub
)v4.0.0
\r\nThis release doesn't include any breaking changes, but due to updated\r\ndevelopment dependencies, tests are no longer run on Node 10.
\r\n\r\n
\r\n- #432 -\r\nUpdated dev dependencies and formatting (
\r\n@tschaub
)- #430 -\r\nBump ansi-regex from 3.0.0 to 3.0.1 (
\r\n@tschaub
)- #431 -\r\nBump path-parse from 1.0.6 to 1.0.7 (
\r\n@tschaub
)- #427 -\r\nBump async from 2.6.1 to 2.6.4 (
\r\n@tschaub
)- #423 -\r\nBump minimist from 1.2.5 to 1.2.6 (
\r\n@tschaub
)
f729b97
\r\n5.0.051534c7
\r\nLog changesace063b
\r\nMerge pull request #438\r\nfrom Vicropht/patch-158e54be
\r\nMerge pull request #459\r\nfrom tschaub/dependabot/npm_and_yarn/async-3.2.42189df3
\r\nBump async from 2.6.4 to 3.2.4051846e
\r\nMerge pull request #454\r\nfrom tschaub/dependabot/npm_and_yarn/email-addresses-...5c91c67
\r\nMerge pull request #455\r\nfrom tschaub/dependabot/github_actions/actions/setup-...fe0ad83
\r\nMerge pull request #453\r\nfrom tschaub/dependabot/github_actions/actions/checko...b89287d
\r\nMerge pull request #445\r\nfrom Nezteb/patch-1e890bd1
\r\nBump email-addresses from 3.0.1 to 5.0.0Sourced from express's\r\nreleases.
\r\n\r\n\r\n4.19.2
\r\nWhat's Changed
\r\n\r\nFull Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
\r\n4.19.1
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix ci after location patch by
\r\n@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
\r\n4.19.0
\r\nWhat's Changed
\r\n\r\n
\r\n- fix typo in release date by
\r\n@UlisesGascon
\r\nin expressjs/express#5527- docs: nominating
\r\n@wesleytodd
to be\r\nproject captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
\r\n@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
\r\n@crandmck
in expressjs/express#5541- Prevent\r\nopen redirect allow list bypass due to encodeurl
\r\n- Release 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5551New Contributors
\r\n\r\n
\r\n- \r\n
@crandmck
\r\nmade their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
\r\n4.18.3
\r\nMain Changes
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\nOther Changes
\r\n\r\n
\r\n\r\n- Use https: protocol instead of deprecated git: protocol by
\r\n@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
\r\n@abenhamdine
in\r\nexpressjs/express#5034- ci: update actions/checkout to v3 by
\r\n@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
\r\n@raksbisht
in expressjs/express#5119- Fixed typos by
\r\n@raksbisht
in expressjs/express#5117- examples: remove unused params by
\r\n@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
\r\n@raksbisht
in expressjs/express#5130- fix: typos in History.md by
\r\n@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
\r\n@abenhamdine
in\r\nexpressjs/express#5028- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5137
... (truncated)
\r\nSourced from express's\r\nchangelog.
\r\n\r\n\r\n4.19.2 / 2024-03-25
\r\n\r\n
\r\n- Improved fix for open redirect allow list bypass
\r\n4.19.1 / 2024-03-20
\r\n\r\n
\r\n- Allow passing non-strings to res.location with new encoding handling\r\nchecks
\r\n4.19.0 / 2024-03-20
\r\n\r\n
\r\n- Prevent open redirect allow list bypass due to encodeurl
\r\n- deps: cookie@0.6.0
\r\n4.18.3 / 2024-02-29
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\n- deps: cookie@0.6.0\r\n
\r\n\r\n
\r\n- Add
\r\npartitioned
option
04bc627
\r\n4.19.2da4d763
\r\nImproved fix for open redirect allow list bypass4f0f6cc
\r\n4.19.1a003cfa
\r\nAllow passing non-strings to res.location with new encoding handling\r\nchecks f...a1fa90f
\r\nfixed un-edited version in history.md for 4.19.011f2b1d
\r\nbuild: fix build due to inconsistent supertest behavior in older\r\nversions084e365
\r\n4.19.00867302
\r\nPrevent open redirect allow list bypass due to encodeurl567c9c6
\r\nAdd note on how to update docs for new release (#5541)69a4cf2
\r\ndeps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser\r\nfor express since your current version.
\r\nSourced from webpack-dev-middleware's\r\nreleases.
\r\n\r\n\r\nv5.3.4
\r\n5.3.4\r\n(2024-03-20)
\r\nBug Fixes
\r\n\r\n
Sourced from webpack-dev-middleware's\r\nchangelog.
\r\n\r\n\r\n5.3.4\r\n(2024-03-20)
\r\nBug Fixes
\r\n\r\n
86071ea
\r\nchore(release): 5.3.4189c4ac
\r\nfix(security): do not allow to read files above (#1779)6585820
\r\nRelease version 1.15.4 of the npm package.7a6567e
\r\nDisallow bracketed hostnames.05629af
\r\nPrefer native URL instead of deprecated url.parse.1cba8e8
\r\nPrefer native URL instead of legacy url.resolve.72bc2a4
\r\nSimplify _processResponse error handling.3d42aec
\r\nAdd bracket tests.bcbb096
\r\nDo not directly set Error properties.192dbe7
\r\nRelease version 1.15.3 of the npm package.bd8c81e
\r\nFix resource leak on destroy.9c728c3
\r\nSplit linting and testing.