Dark Mode

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Also use the qs module for the simple parser#387

Merged
wesleytodd merged 4 commits intoexpressjs:2.xfrom
papandreou:feature/qsAlways
Jul 24, 2024
Merged

Also use the qs module for the simple parser#387
wesleytodd merged 4 commits intoexpressjs:2.xfrom
papandreou:feature/qsAlways

Conversation

Copy link
Contributor

papandreou commented Feb 10, 2020

Following up from #326

wesleytodd reacted with thumbs up emoji
papandreou requested a review from dougwilson February 10, 2020 22:56
dougwilson self-assigned this Feb 11, 2020
dougwilson added enhancement pr labels Feb 11, 2020
dougwilson added this to the 2.0 milestone Apr 23, 2020
dougwilson force-pushed the master branch from 70560b1 to b356758 Compare January 28, 2022 05:13
dougwilson force-pushed the master branch from acc026f to b6bfabd Compare February 15, 2022 00:53
dougwilson force-pushed the master branch 3 times, most recently from 0ad1d88 to 2a2f471 Compare April 3, 2022 00:47
wesleytodd mentioned this pull request May 17, 2024
46 tasks
wesleytodd changed the base branch from master to 2.x July 23, 2024 01:54
Copy link
Member

wesleytodd commented Jul 23, 2024

We are preparing to release 2.0, and to reduce churn and help us I retargeted this to that branch. Would you be able to rebase this so I can merge it there?

papandreou force-pushed the feature/qsAlways branch from 86c7614 to cd81d5d Compare July 23, 2024 07:02
papandreou force-pushed the feature/qsAlways branch from cd81d5d to 9b83d81 Compare July 23, 2024 07:07
Copy link
Contributor Author

papandreou commented Jul 23, 2024

@wesleytodd, absolutely! Done.

Copy link
Member

wesleytodd commented Jul 24, 2024

Before I merge this, @ljharb mind taking a quick look to make sure this is good to land for v5? It appears your last comment was in 2020 just mentioning to update, which we will for sure ensure we are before publishing.

Copy link
Contributor

ljharb commented Jul 24, 2024

still LGTM!
wesleytodd reacted with thumbs up emoji

wesleytodd merged commit 7eb00cd into expressjs:2.x Jul 24, 2024
papandreou added a commit to papandreou/body-parser that referenced this pull request Jul 27, 2024
* 2.x: (98 commits)
fix(deps): raw-body@^3.0.0 (expressjs#529)
Also use the qs module for the simple parser (expressjs#387)
feat!: remove node less than 18 from ci
2.0.0-beta.2
docs: add missing history entry
tests: enable strict mode
Remove deprecated bodyParser() combination middleware
build: remove conditional code coverage
deps: debug@3.1.0
deps: iconv-lite@0.5.2
deps: raw-body@3.0.0-beta.1
1.20.2
Fix strict json error message on Node.js 19+
deps: raw-body@2.5.2
build: eslint@8.34.0
build: Node.js@18.14
build: Node.js@14.21
deps: content-type@~1.0.5
build: eslint-plugin-promise@6.1.1
build: supertest@6.3.3
...
papandreou added a commit to papandreou/body-parser that referenced this pull request Jul 27, 2024
* 2.x: (98 commits)
fix(deps): raw-body@^3.0.0 (expressjs#529)
Also use the qs module for the simple parser (expressjs#387)
feat!: remove node less than 18 from ci
2.0.0-beta.2
docs: add missing history entry
tests: enable strict mode
Remove deprecated bodyParser() combination middleware
build: remove conditional code coverage
deps: debug@3.1.0
deps: iconv-lite@0.5.2
deps: raw-body@3.0.0-beta.1
1.20.2
Fix strict json error message on Node.js 19+
deps: raw-body@2.5.2
build: eslint@8.34.0
build: Node.js@18.14
build: Node.js@14.21
deps: content-type@~1.0.5
build: eslint-plugin-promise@6.1.1
build: supertest@6.3.3
...
mergify bot added a commit to reisene/HulajDusza-serwis that referenced this pull request Jan 23, 2025
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)
[Powered by Pull Request Badgesrc="](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)


![snyk-top-banner](https://redirect.github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)


Snyk has created this PR to upgrade body-parser from 1.20.3 to
2.0.1.



:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.



**Warning:** This PR contains major version upgrade(s), and may be a
breaking change.

- The recommended version is **4 versions** ahead of your current
version.

- The recommended version was released **4 months ago**.




Release notes



Package name: body-parser


  • 2.0.1 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.1">2024-09-10

    What's
    Changed



    New Contributors



    Full Changelog: href="2.0.0...2.0.1https://redirect.github.com/expressjs/body-parser/compare/2.0.0...2.0.1">2.0.0...2.0.1>



  • 2.0.0 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.0">2024-09-10

    What's
    Changed


    Important



    • add brotli support data-error-text="Failed to load title"
      data-permission-text="Title is private"
      data-url="expressjs/body-parser#406"
      data-hovercard-type="pull_request"
      data-hovercard-url="/expressjs/body-parser/pull/406/hovercard"
      href="#406https://redirect.github.com/expressjs/body-parser/pull/406">#406>
    • Breaking Change: Node.js 18 is the minimum
      supported version


    Details



    New Contributors



    Full Changelog: href="1.20.2...2.0.0https://redirect.github.com/expressjs/body-parser/compare/1.20.2...2.0.0">1.20.2...2.0.0>



  • 2.0.0-beta.2 - href="2023-02-23

    This">https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.2">2023-02-23

    This
    incorporates all changes after 1.19.1 up to 1.20.2.



    • Remove deprecated bodyParser() combination
      middleware

    • deps: debug@3.1.0

      • Add DEBUG_HIDE_DATE environment variable

      • Change timer to per-namespace instead of global

      • Change non-TTY date format

      • Remove DEBUG_FD environment variable support

      • Support 256 namespace colors



    • deps: iconv-lite@0.5.2

      • Add encoding cp720

      • Add encoding UTF-32



    • deps: raw-body@3.0.0-beta.1




  • 2.0.0-beta.1 - href="2021-12-18
    https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.1">2021-12-18
    >
  • req.body is no longer always initialized to
    {}

    • it is left undefined unless a body is parsed



  • urlencoded parser now defaults extended to
    false

  • Use on-finished to determine when body read




  • 1.20.3 - href="2024-09-09

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/1.20.3">2024-09-09

    What's
    Changed


    Important



    • deps: qs@6.13.0

    • add depth option to customize the depth level in the
      parser

    • IMPORTANT: The default depth level for
      parsing URL-encoded data is now 32 (previously was
      Infinity). href="Documentationhttps://redirect.github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation>

    Other changes



    New Contributors



    Full Changelog: href="1.20.2...1.20.3https://redirect.github.com/expressjs/body-parser/compare/1.20.2...1.20.3">1.20.2...1.20.3>



    • from href="body-parser">https://redirect.github.com/expressjs/body-parser/releases">body-parser
    GitHub release notes



    ---

    > [!IMPORTANT]
    >
    > - **Warning:** This PR contains a major version upgrade, and may be a
    breaking change.
    > - Check the changes in this PR to ensure they won't cause issues with
    your project.
    > - This PR was automatically created by Snyk using the credentials of a
    real user.

    ---

    **Note:** _You are seeing this because you or someone else with access
    to this repository has authorized Snyk to open upgrade PRs._

    **For more information:** src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJmY2NmMTA2MC1iZmM1LTRjOWItOGFlMS0xZjczODJhYjI4YjEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImZjY2YxMDYwLWJmYzUtNGM5Yi04YWUxLTFmNzM4MmFiMjhiMSJ9fQ=="
    width="0" height="0"/>

    > - [View latest project
    report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Customise PR
    templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template)
    > - [Adjust upgrade PR
    settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Ignore this dependency or unsubscribe from future upgrade
    PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg=body-parser&utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

    [//]: #
    'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"body-parser","from":"1.20.3","to":"2.0.1"}],"env":"prod","hasFixes":false,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[],"prId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","prPublicId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","packageManager":"npm","priorityScoreList":[],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2024-09-10T04:15:36.065Z"},"vulns":[]}'

    ## Podsumowanie przez Sourcery

    Ulepszenia:
    - Aktualizacja body-parser do wersji 2.0.1, ktora obejmuje:
    - Wsparcie dla kodowania Brotli
    - Rezygnacje ze wsparcia dla starszych wersji Node.js
    - Domyslne ustawienie "extended" na "false" dla parsera urlencoded
    - Zmiane domyslnego poziomu glebokosci parsowania danych URL-encoded do
    32


    Original summary in English

    ## Summary by Sourcery

    Enhancements:
    - Upgrade body-parser to version 2.0.1, which includes support for
    Brotli encoding, drops support for older Node.js versions, defaults
    "extended" to "false" for urlencoded parser, and changes the default
    depth level for parsing URL-encoded data to 32.
    krzysdz mentioned this pull request Jan 3, 2026
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    dougwilson Awaiting requested review from dougwilson

    Assignees

    dougwilson

    Projects

    None yet

    Milestone

    2.0

    Development

    Successfully merging this pull request may close these issues.

    4 participants