Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump express from 4.18.2 to 4.19.2 in /ui #4419

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump express from 4.18.2 to 4.19.2 in /ui #4419

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 25, 2024
edited

Bumps express from 4.18.2 to 4.19.2.

Release notes

Sourced from express's releases.

4.19.2

What's Changed

Full Changelog: expressjs/express@4.19.1...4.19.2

4.19.1

What's Changed

Full Changelog: expressjs/express@4.19.0...4.19.1

4.19.0

What's Changed

New Contributors

Full Changelog: expressjs/express@4.18.3...4.19.0

4.18.3

Main Changes

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2

Other Changes

... (truncated)

Changelog

Sourced from express's changelog.

4.19.2 / 2024-03-25

  • Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

  • Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

4.18.3 / 2024-02-29

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2
  • deps: cookie@0.6.0
    • Add partitioned option
Commits
  • 04bc627 4.19.2
  • da4d763 Improved fix for open redirect allow list bypass
  • 4f0f6cc 4.19.1
  • a003cfa Allow passing non-strings to res.location with new encoding handling checks f...
  • a1fa90f fixed un-edited version in history.md for 4.19.0
  • 11f2b1d build: fix build due to inconsistent supertest behavior in older versions
  • 084e365 4.19.0
  • 0867302 Prevent open redirect allow list bypass due to encodeurl
  • 567c9c6 Add note on how to update docs for new release (#5541)
  • 69a4cf2 deps: cookie@0.6.0
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.


Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 25, 2024
@alwaysmeticulous alwaysmeticulous
Copy link

alwaysmeticulous bot commented Mar 26, 2024
edited

🤖 Meticulous replayed 50 user sessions and took 424 visual snapshots. Meticulous has not yet run on 13eae06 of the main branch and so there was nothing to compare against.
If you recently setup Meticulous, this is expected. Meticulous will start reporting comparisons for new pull requests after the next commit to the main branch.

Last updated for commit 9aacadc. This comment will update as new commits are pushed.

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from ff49d5f to 2388286 Compare March 26, 2024 00:10
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 0f73d9c to 0c3335a Compare March 26, 2024 01:07
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 0c3335a to dc0da4f Compare March 26, 2024 23:33
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from dc0da4f to 9633fba Compare March 27, 2024 01:16
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 9633fba to ace5f52 Compare March 27, 2024 21:17
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 1c4bede to 820ae73 Compare March 28, 2024 01:37
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 820ae73 to 339a0b7 Compare March 28, 2024 02:33
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 492180c to 2b2f1c5 Compare March 28, 2024 23:52
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 2b2f1c5 to fd9db56 Compare March 29, 2024 00:46
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from fd9db56 to c63e5cd Compare March 30, 2024 11:34
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from c63e5cd to 3c8f8f6 Compare March 30, 2024 12:37
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 3c8f8f6 to 9f15ff3 Compare March 30, 2024 13:34
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from aaa4743 to 35090ed Compare April 16, 2024 02:01
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 35090ed to 539f7d5 Compare April 16, 2024 02:15
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 539f7d5 to 176a0af Compare April 16, 2024 03:00
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 176a0af to 284e2e4 Compare April 16, 2024 20:54
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 284e2e4 to 08e1f4a Compare April 16, 2024 22:43
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 08e1f4a to 39b95db Compare April 17, 2024 02:13
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 9319a77 to 74a7455 Compare April 20, 2024 00:48
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 74a7455 to fe28c30 Compare April 20, 2024 01:30
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 58fa4aa to f8300ad Compare April 20, 2024 08:19
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 85d0443 to 6404e3f Compare April 23, 2024 04:32
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch 2 times, most recently from 3299801 to 4b11a26 Compare April 24, 2024 23:02
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from 4b11a26 to f4dedcf Compare April 24, 2024 23:43
@dependabot
Bump express from 4.18.2 to 4.19.2 in /ui
9aacadc 
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/ui/express-4.19.2 branch from f4dedcf to 9aacadc Compare April 24, 2024 23:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants