Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump express from 4.18.2 to 4.20.0 #83

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate-pagopa[bot]
Copy link

This PR contains the following updates:

Package Type Update Change
express (source) dependencies minor 4.18.2 -> 4.20.0

For further information on security, please refer to the Confluence page link


Release Notes

expressjs/express (express)

v4.20.0

Compare Source

==========

  • deps: serve-static@0.16.0
    • Remove link renderization in html while redirecting
  • deps: send@0.19.0
    • Remove link renderization in html while redirecting
  • deps: body-parser@0.6.0
    • add depth option to customize the depth level in the parser
    • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
  • Remove link renderization in html while using res.redirect
  • deps: path-to-regexp@0.1.10
    • Adds support for named matching groups in the routes using a regex
    • Adds backtracking protection to parameters without regexes defined
  • deps: encodeurl@~2.0.0
    • Removes encoding of \, |, and ^ to align better with URL spec
  • Deprecate passing options.maxAge and options.expires to res.clearCookie
    • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

v4.19.2

Compare Source

==========

  • Improved fix for open redirect allow list bypass

v4.19.1

Compare Source

==========

  • Allow passing non-strings to res.location with new encoding handling checks

v4.19.0

Compare Source

==========

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

v4.18.3

Compare Source

==========

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2
  • deps: cookie@0.6.0
    • Add partitioned option

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@renovate-pagopa renovate-pagopa bot requested a review from a team as a code owner September 18, 2024 06:04
@renovate-pagopa renovate-pagopa bot added the OER label Sep 18, 2024
@codecov-commenter
Copy link

codecov-commenter commented Sep 18, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (main@6aefe2f). Learn more about missing BASE report.

Additional details and impacted files
@@           Coverage Diff           @@
##             main      #83   +/-   ##
=======================================
  Coverage        ?   85.89%           
=======================================
  Files           ?       10           
  Lines           ?      319           
  Branches        ?       39           
=======================================
  Hits            ?      274           
  Misses          ?       38           
  Partials        ?        7           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from e032e53 to b49f2ee Compare October 9, 2024 06:06
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from b49f2ee to 15ee69a Compare November 11, 2024 06:09
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch 5 times, most recently from bd11ab7 to 13bd408 Compare December 9, 2024 05:48
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch 4 times, most recently from 404f22b to c4a8eb9 Compare December 17, 2024 05:46
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from c4a8eb9 to 623da39 Compare December 20, 2024 05:46
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from 623da39 to cf5cda4 Compare January 3, 2025 05:46
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch 2 times, most recently from b9e941f to 2a91a85 Compare January 15, 2025 05:45
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch 3 times, most recently from 1072f16 to 7aee08e Compare February 10, 2025 05:43
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from 7aee08e to 5c974c5 Compare February 13, 2025 05:43
@renovate-pagopa renovate-pagopa bot force-pushed the renovate/express-to-4.20.0 branch from 5c974c5 to 3c80002 Compare February 20, 2025 05:43
Copy link

Pull request label validation error!
Required label for app version: patch,minor,major,ignore-for-release
Required label for chart version: chart-patch,chart-minor,chart-major.

Found labels on PR...

app version:
chart version:

If you want to skip release for this PR add skip-release label

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant