Update dependency body-parser to v1.20.3 #13

mend-for-github-com · 2022-11-29T07:07:38Z

This PR contains the following updates:

Package	Type	Update	Change
body-parser	dependencies	minor	`1.18.3` -> `1.20.3`

By merging this PR, the issue #12 will be automatically resolved and closed:

Severity	CVSS Score	Vulnerability
High	7.5	CVE-2024-45590

Release Notes

expressjs/body-parser (body-parser)

`v1.20.3`

Compare Source

===================

deps: [email protected]
add depth option to customize the depth level in the parser
IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

`v1.20.2`

Compare Source

===================

Fix strict json error message on Node.js 19+
deps: content-type@~1.0.5
- perf: skip value escaping when unnecessary
deps: [email protected]

`v1.20.1`

Compare Source

===================

deps: [email protected]
perf: remove unnecessary object clone

`v1.20.0`

Compare Source

===================

Fix error message for json parse whitespace in strict
Fix internal error when inflated body exceeds limit
Prevent loss of async hooks context
Prevent hanging when request already read
deps: [email protected]
- Replace internal eval usage with Function constructor
- Use instance methods on process to check for listeners
deps: [email protected]
- deps: [email protected]
- deps: [email protected]
deps: [email protected]
deps: [email protected]
deps: [email protected]
- deps: [email protected]

`v1.19.2`

Compare Source

===================

deps: [email protected]
deps: [email protected]
- Fix handling of __proto__ keys
deps: [email protected]
- deps: [email protected]

`v1.19.1`

Compare Source

===================

deps: [email protected]
deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
deps: [email protected]
deps: [email protected]
- deps: [email protected]
- deps: [email protected]
deps: [email protected]
deps: type-is@~1.6.18

`v1.19.0`

Compare Source

===================

deps: [email protected]
- Add petabyte (pb) support
deps: [email protected]
- Set constructor name when possible
- deps: [email protected]
- deps: statuses@'>= 1.5.0 < 2'
deps: [email protected]
- Added encoding MIK
deps: [email protected]
- Fix parsing array brackets after index
deps: [email protected]
- deps: [email protected]
- deps: [email protected]
- deps: [email protected]
deps: type-is@~1.6.17
- deps: mime-types@~2.1.24
- perf: prevent internal throw on invalid type

If you want to rebase/retry this PR, check this box

mend-for-github-com bot added the security fix Security fix generated by Mend label Nov 29, 2022

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x branch from ada2631 to d12e079 Compare January 19, 2023 16:02

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x branch from d12e079 to eb07a39 Compare March 13, 2023 14:11

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.0~~ Update dependency body-parser to v1.19.0 - autoclosed Mar 27, 2023

mend-for-github-com bot closed this Mar 27, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x branch March 27, 2023 10:08

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.0 - autoclosed~~ Update dependency body-parser to v1.19.0 Mar 31, 2023

mend-for-github-com bot reopened this Mar 31, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x branch March 31, 2023 05:47

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.0~~ Update dependency body-parser to v1.19.0 - autoclosed Jun 16, 2023

mend-for-github-com bot closed this Jun 16, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x branch June 16, 2023 11:05

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.0 - autoclosed~~ Update dependency body-parser to v1.19.0 Jun 18, 2023

mend-for-github-com bot reopened this Jun 18, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x branch June 18, 2023 18:51

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x branch from eb07a39 to 78ba458 Compare June 18, 2023 18:53

Update dependency body-parser to v1.20.3

743d76a

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x branch from 78ba458 to 743d76a Compare September 15, 2024 21:15

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.0~~ Update dependency body-parser to v1.20.3 Sep 15, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update dependency body-parser to v1.20.3 #13

Update dependency body-parser to v1.20.3 #13

mend-for-github-com bot commented Nov 29, 2022 •

edited

Loading

Update dependency body-parser to v1.20.3 #13

Are you sure you want to change the base?

Update dependency body-parser to v1.20.3 #13

Conversation

mend-for-github-com bot commented Nov 29, 2022 • edited Loading

Release Notes

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.2

v1.19.1

v1.19.0

mend-for-github-com bot commented Nov 29, 2022 •

edited

Loading

`v1.20.3`

`v1.20.2`

`v1.20.1`

`v1.20.0`

`v1.19.2`

`v1.19.1`

`v1.19.0`