forked from juliacodez/stitch-click-to-call
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency express to v4.20.0 #5
Open
mend-for-github-com
wants to merge
1
commit into
master
Choose a base branch
from
whitesource-remediate/express-4.x-lockfile
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Update dependency express to v4.20.0 #5
mend-for-github-com
wants to merge
1
commit into
master
from
whitesource-remediate/express-4.x-lockfile
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0
Update dependency express to v4.17.0 - autoclosed
Mar 27, 2023
mend-for-github-com
bot
deleted the
whitesource-remediate/express-4.x-lockfile
branch
March 27, 2023 19:23
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0 - autoclosed
Update dependency express to v4.17.0
Mar 31, 2023
mend-for-github-com
bot
restored the
whitesource-remediate/express-4.x-lockfile
branch
March 31, 2023 05:47
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0
Update dependency express to v4.17.0 - autoclosed
Jun 16, 2023
mend-for-github-com
bot
deleted the
whitesource-remediate/express-4.x-lockfile
branch
June 16, 2023 04:14
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0 - autoclosed
Update dependency express to v4.17.0
Jun 18, 2023
mend-for-github-com
bot
restored the
whitesource-remediate/express-4.x-lockfile
branch
June 18, 2023 12:02
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/express-4.x-lockfile
branch
from
June 18, 2023 12:02
de25478
to
6ad4fde
Compare
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0
Update dependency express to v4.17.0 - autoclosed
Oct 9, 2023
mend-for-github-com
bot
deleted the
whitesource-remediate/express-4.x-lockfile
branch
October 9, 2023 04:30
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0 - autoclosed
Update dependency express to v4.17.0
Oct 10, 2023
mend-for-github-com
bot
restored the
whitesource-remediate/express-4.x-lockfile
branch
October 10, 2023 04:56
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/express-4.x-lockfile
branch
from
October 10, 2023 04:56
6ad4fde
to
edd0cd6
Compare
mend-for-github-com
bot
changed the title
Update dependency express to v4.17.0
Update dependency express to v4.19.0
Apr 9, 2024
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/express-4.x-lockfile
branch
from
April 9, 2024 00:17
edd0cd6
to
aaa399e
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/express-4.x-lockfile
branch
from
September 30, 2024 12:06
aaa399e
to
349a4c4
Compare
mend-for-github-com
bot
changed the title
Update dependency express to v4.19.0
Update dependency express to v4.20.0
Sep 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
4.16.3
->4.20.0
By merging this PR, the below vulnerabilities will be automatically resolved:
Release Notes
expressjs/express (express)
v4.20.0
Compare Source
==========
depth
option to customize the depth level in the parserdepth
level for parsing URL-encoded data is now32
(previously wasInfinity
)res.redirect
\
,|
, and^
to align better with URL specoptions.maxAge
andoptions.expires
tores.clearCookie
v4.19.2
Compare Source
==========
v4.19.1
Compare Source
==========
v4.19.0
Compare Source
==========
v4.18.3
Compare Source
==========
partitioned
optionv4.18.2
Compare Source
===================
v4.18.1
Compare Source
===================
v4.18.0
Compare Source
===================
res.download
options
withoutfilename
inres.download
res.status
null
/undefined
asmaxAge
inres.cookie
Object.prototype
values in settings throughapp.set
/app.get
default
with same arguments as types inres.format
res.send
http-errors
forres.format
errorstrict
priority
optionexpires
option to reject invalid dateseval
usage withFunction
constructorprocess
to check for listeners425 Unordered Collection
to standard425 Too Early
v4.17.3
Compare Source
===================
__proto__
keysv4.17.2
Compare Source
===================
undefined
inres.jsonp
undefined
when"json escape"
is enabledRegExp
sres.jsonp(obj, status)
deprecation messageres.is
JSDocmaxAge
option to reject invalid valuesreq.socket
over deprecatedreq.connection
v4.17.1
Compare Source
===================
null
/undefined
tores.status
"v4.17.0
Compare Source
===================
express.raw
to parse bodies intoBuffer
express.text
to parse bodies into stringres.sendFile
null
/undefined
tores.status
X-Forwarded-Host
pb
) supportSameSite=None
supportContent-Security-Policy
headerpath.normalize
call103 Early Hints
throw
on invalid typev4.16.4
Compare Source
===================
"Request aborted"
may be logged inres.sendfile
Router
constructor