Bump express from 4.16.4 to 4.17.0
Created by: dependabot-preview[bot]
Bumps express from 4.16.4 to 4.17.0.
Release notes
Sourced from express's releases.
4.17.0
- Add
express.raw
to parse bodies intoBuffer
- Add
express.text
to parse bodies into string- Improve error message for non-strings to
res.sendFile
- Improve error message for
null
/undefined
tores.status
- Support multiple hosts in
X-Forwarded-Host
- deps: accepts@~1.3.7
- deps: body-parser@1.19.0
- Add encoding MIK
- Add petabyte (
pb
) support- Fix parsing array brackets after index
- deps: bytes@3.1.0
- deps: http-errors@1.7.2
- deps: iconv-lite@0.4.24
- deps: qs@6.7.0
- deps: raw-body@2.4.0
- deps: type-is@~1.6.17
- deps: content-disposition@0.5.3
- deps: cookie@0.4.0
- Add
SameSite=None
support- deps: finalhandler@~1.1.2
- Set stricter
Content-Security-Policy
header- deps: parseurl@~1.3.3
- deps: statuses@~1.5.0
- deps: parseurl@~1.3.3
- deps: proxy-addr@~2.0.5
- deps: ipaddr.js@1.9.0
- deps: qs@6.7.0
- Fix parsing array brackets after index
- deps: range-parser@~1.2.1
- deps: send@0.17.1
- Set stricter CSP header in redirect & error responses
- deps: http-errors@~1.7.2
- deps: mime@1.6.0
- deps: ms@2.1.1
- deps: range-parser@~1.2.1
- deps: statuses@~1.5.0
- perf: remove redundant
path.normalize
call- deps: serve-static@1.14.1
- Set stricter CSP header in redirect response
- deps: parseurl@~1.3.3
- deps: send@0.17.1
- deps: setprototypeof@1.1.1
- deps: statuses@~1.5.0
- Add
103 Early Hints
- deps: type-is@~1.6.18
- deps: mime-types@~2.1.24
- perf: prevent internal
throw
on invalid type
Changelog
Sourced from express's changelog.
4.17.0 / 2019-05-16
... (truncated)
- Add
express.raw
to parse bodies intoBuffer
- Add
express.text
to parse bodies into string- Improve error message for non-strings to
res.sendFile
- Improve error message for
null
/undefined
tores.status
- Support multiple hosts in
X-Forwarded-Host
- deps: accepts@~1.3.7
- deps: body-parser@1.19.0
- Add encoding MIK
- Add petabyte (
pb
) support- Fix parsing array brackets after index
- deps: bytes@3.1.0
- deps: http-errors@1.7.2
- deps: iconv-lite@0.4.24
- deps: qs@6.7.0
- deps: raw-body@2.4.0
- deps: type-is@~1.6.17
- deps: content-disposition@0.5.3
- deps: cookie@0.4.0
- Add
SameSite=None
support- deps: finalhandler@~1.1.2
- Set stricter
Content-Security-Policy
header- deps: parseurl@~1.3.3
- deps: statuses@~1.5.0
- deps: parseurl@~1.3.3
- deps: proxy-addr@~2.0.5
- deps: ipaddr.js@1.9.0
- deps: qs@6.7.0
- Fix parsing array brackets after index
- deps: range-parser@~1.2.1
- deps: send@0.17.1
- Set stricter CSP header in redirect & error responses
- deps: http-errors@~1.7.2
- deps: mime@1.6.0
- deps: ms@2.1.1
- deps: range-parser@~1.2.1
- deps: statuses@~1.5.0
- perf: remove redundant
path.normalize
call- deps: serve-static@1.14.1
- Set stricter CSP header in redirect response
- deps: parseurl@~1.3.3
- deps: send@0.17.1
- deps: setprototypeof@1.1.1
- deps: statuses@~1.5.0
- Add
103 Early Hints
- deps: type-is@~1.6.18
- deps: mime-types@~2.1.24
- perf: prevent internal
throw
on invalid type
Commits
-
10c7756
4.17.0 -
9dadca2
docs: remove Gratipay links -
b8e5056
tests: ignore unreachable line -
94e48a1
build: update example dependencies -
efcb17d
deps: cookie@0.4.0 -
b9ecb9a
build: support Node.js 12.x -
5266f3a
build: test against Node.js 13.x nightly -
e502dde
build: Node.js@10.15 -
da6f701
deps: range-parser@~1.2.1 -
88f9733
deps: serve-static@1.14.1 - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot ignore this [patch|minor|major] version
will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -
@dependabot use these labels
will set the current labels as the default for future PRs for this repo and language -
@dependabot use these reviewers
will set the current reviewers as the default for future PRs for this repo and language -
@dependabot use these assignees
will set the current assignees as the default for future PRs for this repo and language -
@dependabot use this milestone
will set the current milestone as the default for future PRs for this repo and language -
@dependabot badge me
will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot dashboard:
- Update frequency (including time of day and day of week)
- Automerge options (never/patch/minor, and dev/runtime dependencies)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Finally, you can contact us by mentioning @dependabot.