Sourced from undici's\r\nreleases.
\r\n\r\n\r\nv5.28.4
\r\n:warning: Security Release :warning:
\r\n\r\n
\r\n- Fixes https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7\r\nCVE-2024-30260
\r\n- Fixes https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672\r\nCVE-2024-30261
\r\nFull Changelog: https://github.com/nodejs/undici/compare/v5.28.3...v5.28.4
\r\n
fb98306
\r\nBumped v5.28.42b39440
\r\nMerge pull request from GHSA-9qxr-qj54-h67264e3402
\r\nMerge pull request from GHSA-m4v8-wqvr-p9f7723c4e7
\r\nRevert "build(deps-dev): bump formdata-node from 4.4.1 to 6.0.3 (#2389)"0e9d54b
\r\nskip failing test due to Node.js changesSourced from express's\r\nreleases.
\r\n\r\n\r\n4.19.2
\r\nWhat's Changed
\r\n\r\nFull Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
\r\n4.19.1
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix ci after location patch by
\r\n@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
\r\n4.19.0
\r\nWhat's Changed
\r\n\r\n
\r\n- fix typo in release date by
\r\n@UlisesGascon
\r\nin expressjs/express#5527- docs: nominating
\r\n@wesleytodd
to be\r\nproject captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
\r\n@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
\r\n@crandmck
in expressjs/express#5541- Prevent\r\nopen redirect allow list bypass due to encodeurl
\r\n- Release 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5551New Contributors
\r\n\r\n
\r\n- \r\n
@crandmck
\r\nmade their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
\r\n4.18.3
\r\nMain Changes
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\nOther Changes
\r\n\r\n
\r\n\r\n- Use https: protocol instead of deprecated git: protocol by
\r\n@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
\r\n@abenhamdine
in\r\nexpressjs/express#5034- ci: update actions/checkout to v3 by
\r\n@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
\r\n@raksbisht
in expressjs/express#5119- Fixed typos by
\r\n@raksbisht
in expressjs/express#5117- examples: remove unused params by
\r\n@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
\r\n@raksbisht
in expressjs/express#5130- fix: typos in History.md by
\r\n@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
\r\n@abenhamdine
in\r\nexpressjs/express#5028- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5137
... (truncated)
\r\nSourced from express's\r\nchangelog.
\r\n\r\n\r\n4.19.2 / 2024-03-25
\r\n\r\n
\r\n- Improved fix for open redirect allow list bypass
\r\n4.19.1 / 2024-03-20
\r\n\r\n
\r\n- Allow passing non-strings to res.location with new encoding handling\r\nchecks
\r\n4.19.0 / 2024-03-20
\r\n\r\n
\r\n- Prevent open redirect allow list bypass due to encodeurl
\r\n- deps: cookie@0.6.0
\r\n4.18.3 / 2024-02-29
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\n- deps: cookie@0.6.0\r\n
\r\n\r\n
\r\n- Add
\r\npartitioned
option
04bc627
\r\n4.19.2da4d763
\r\nImproved fix for open redirect allow list bypass4f0f6cc
\r\n4.19.1a003cfa
\r\nAllow passing non-strings to res.location with new encoding handling\r\nchecks f...a1fa90f
\r\nfixed un-edited version in history.md for 4.19.011f2b1d
\r\nbuild: fix build due to inconsistent supertest behavior in older\r\nversions084e365
\r\n4.19.00867302
\r\nPrevent open redirect allow list bypass due to encodeurl567c9c6
\r\nAdd note on how to update docs for new release (#5541)69a4cf2
\r\ndeps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser\r\nfor express since your current version.
\r\nSourced from undici's\r\nreleases.
\r\n\r\n\r\nv5.28.3
\r\n⚠️ Security Release ⚠️
\r\nFixes:
\r\n\r\n
\r\n- CVE-2024-24758\r\nProxy-Authorization header not cleared on cross-origin redirect in\r\nfetch
\r\nFull Changelog: https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3
\r\n