Title: Bump express from 4.17.1 to 4.19.2 by dependabot[bot] · Pull Request #41 · HttpErrorPages/HttpErrorPages · GitHub
Open Graph Title: Bump express from 4.17.1 to 4.19.2 by dependabot[bot] · Pull Request #41 · HttpErrorPages/HttpErrorPages
X Title: Bump express from 4.17.1 to 4.19.2 by dependabot[bot] · Pull Request #41 · HttpErrorPages/HttpErrorPages
Description: Bumps express from 4.17.1 to 4.19.2.
Release notes
Sourced from express's releases.
4.19.2
What's Changed
Improved fix for open redirect allow list bypass
Full Changelog: expressjs/express@4.19.1...4.19.2
4.19.1
What's Changed
Fix ci after location patch by @wesleytodd in expressjs/express#5552
fixed un-edited version in history.md for 4.19.0 by @wesleytodd in expressjs/express#5556
Full Changelog: expressjs/express@4.19.0...4.19.1
4.19.0
What's Changed
fix typo in release date by @UlisesGascon in expressjs/express#5527
docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511
docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510
Add note on how to update docs for new release by @crandmck in expressjs/express#5541
Prevent open redirect allow list bypass due to encodeurl
Release 4.19.0 by @wesleytodd in expressjs/express#5551
New Contributors
@crandmck made their first contribution in expressjs/express#5541
Full Changelog: expressjs/express@4.18.3...4.19.0
4.18.3
Main Changes
Fix routing requests without method
deps: body-parser@1.20.2
Fix strict json error message on Node.js 19+
deps: content-type@~1.0.5
deps: raw-body@2.5.2
Other Changes
Use https: protocol instead of deprecated git: protocol by @vcsjones in expressjs/express#5032
build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in expressjs/express#5034
ci: update actions/checkout to v3 by @armujahid in expressjs/express#5027
test: remove unused function arguments in params by @raksbisht in expressjs/express#5124
Remove unused originalIndex from acceptParams by @raksbisht in expressjs/express#5119
Fixed typos by @raksbisht in expressjs/express#5117
examples: remove unused params by @raksbisht in expressjs/express#5113
fix: parameter str is not described in JSDoc by @raksbisht in expressjs/express#5130
fix: typos in History.md by @raksbisht in expressjs/express#5131
build : add Node.js@19.7 by @abenhamdine in expressjs/express#5028
test: remove unused function arguments in params by @raksbisht in expressjs/express#5137
... (truncated)
Changelog
Sourced from express's changelog.
4.19.2 / 2024-03-25
Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
Prevent open redirect allow list bypass due to encodeurl
deps: cookie@0.6.0
4.18.3 / 2024-02-29
Fix routing requests without method
deps: body-parser@1.20.2
Fix strict json error message on Node.js 19+
deps: content-type@~1.0.5
deps: raw-body@2.5.2
deps: cookie@0.6.0
Add partitioned option
4.18.2 / 2022-10-08
Fix regression routing a large stack in a single route
deps: body-parser@1.20.1
deps: qs@6.11.0
perf: remove unnecessary object clone
deps: qs@6.11.0
4.18.1 / 2022-04-29
Fix hanging on large stack of sync routes
4.18.0 / 2022-04-25
Add "root" option to res.download
Allow options without filename in res.download
Deprecate string and non-integer arguments to res.status
Fix behavior of null/undefined as maxAge in res.cookie
Fix handling very large stacks of sync middleware
Ignore Object.prototype values in settings through app.set/app.get
... (truncated)
Commits
04bc627 4.19.2
da4d763 Improved fix for open redirect allow list bypass
4f0f6cc 4.19.1
a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
a1fa90f fixed un-edited version in history.md for 4.19.0
11f2b1d build: fix build due to inconsistent supertest behavior in older versions
084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show
Open Graph Description: Bumps express from 4.17.1 to 4.19.2. Release notes Sourced from express's releases. 4.19.2 What's Changed Improved fix for open redirect allow list bypass Full Changelog: expressjs/expr...
X Description: Bumps express from 4.17.1 to 4.19.2. Release notes Sourced from express's releases. 4.19.2 What's Changed Improved fix for open redirect allow list bypass Full Changelog: expres...
Opengraph URL: https://github.com/HttpErrorPages/HttpErrorPages/pull/41
X: @github
Domain: patch-diff.githubusercontent.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:045e1b4c-47dc-3b24-52af-6554a7a12332 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | DF60:2267:6B470D:95F9C1:697B4B8E |
| html-safe-nonce | f5d236135ece99699d8bcb06bb9aeb94ff8ee078d598219741ba41b0dcbdf125 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJERjYwOjIyNjc6NkI0NzBEOjk1RjlDMTo2OTdCNEI4RSIsInZpc2l0b3JfaWQiOiI0MzMwMDIxMTE4Nzc5OTEzMTAiLCJyZWdpb25fZWRnZSI6ImlhZCIsInJlZ2lvbl9yZW5kZXIiOiJpYWQifQ== |
| visitor-hmac | 138ef17afe1da7146acc7ed7de747e26c48c2546b2cd41702a8a5132925d7217 |
| hovercard-subject-tag | pull_request:1791319061 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/HttpErrorPages/HttpErrorPages/pull/41/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps express from 4.17.1 to 4.19.2. Release notes Sourced from express's releases. 4.19.2 What's Changed Improved fix for open redirect allow list bypass Full Changelog: expressjs/expr... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | b3124d344a5a1055df639ae19c1a21017efdd6e719343f8aece5e6a6073188fa |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/HttpErrorPages/HttpErrorPages git https://github.com/HttpErrorPages/HttpErrorPages.git |
| octolytics-dimension-user_id | 47022990 |
| octolytics-dimension-user_login | HttpErrorPages |
| octolytics-dimension-repository_id | 29097688 |
| octolytics-dimension-repository_nwo | HttpErrorPages/HttpErrorPages |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 29097688 |
| octolytics-dimension-repository_network_root_nwo | HttpErrorPages/HttpErrorPages |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 07d1c29491ce2024b6cf68a237e0b5d30ce05b61 |
| ui-target | canary-1 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width