Dark Mode

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Drop support for less than LTS node versions in v2#528

Merged
wesleytodd merged 1 commit into2.xfrom
2.x-node-18
Jul 22, 2024
Merged

Drop support for less than LTS node versions in v2#528
wesleytodd merged 1 commit into2.xfrom
2.x-node-18

Conversation

Copy link
Member

wesleytodd commented Jul 22, 2024

In line with the rest of the project, we intend to drop support in the next majors for all but current LTS.

wesleytodd force-pushed the 2.x-node-18 branch from 062660b to 068910a Compare July 22, 2024 22:16
wesleytodd merged commit ddf9b75 into 2.x Jul 22, 2024
mergify bot added a commit to reisene/HulajDusza-serwis that referenced this pull request Jan 23, 2025
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)
[Powered by Pull Request Badgesrc="](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)


![snyk-top-banner](https://redirect.github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)


Snyk has created this PR to upgrade body-parser from 1.20.3 to
2.0.1.



:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.



**Warning:** This PR contains major version upgrade(s), and may be a
breaking change.

- The recommended version is **4 versions** ahead of your current
version.

- The recommended version was released **4 months ago**.




Release notes



Package name: body-parser


  • 2.0.1 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.1">2024-09-10

    What's
    Changed



    New Contributors



    Full Changelog: href="2.0.0...2.0.1https://redirect.github.com/expressjs/body-parser/compare/2.0.0...2.0.1">2.0.0...2.0.1>



  • 2.0.0 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.0">2024-09-10

    What's
    Changed


    Important



    • add brotli support data-error-text="Failed to load title"
      data-permission-text="Title is private"
      data-url="expressjs/body-parser#406"
      data-hovercard-type="pull_request"
      data-hovercard-url="/expressjs/body-parser/pull/406/hovercard"
      href="#406https://redirect.github.com/expressjs/body-parser/pull/406">#406>
    • Breaking Change: Node.js 18 is the minimum
      supported version


    Details



    New Contributors



    Full Changelog: href="1.20.2...2.0.0https://redirect.github.com/expressjs/body-parser/compare/1.20.2...2.0.0">1.20.2...2.0.0>



  • 2.0.0-beta.2 - href="2023-02-23

    This">https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.2">2023-02-23

    This
    incorporates all changes after 1.19.1 up to 1.20.2.



    • Remove deprecated bodyParser() combination
      middleware

    • deps: debug@3.1.0

      • Add DEBUG_HIDE_DATE environment variable

      • Change timer to per-namespace instead of global

      • Change non-TTY date format

      • Remove DEBUG_FD environment variable support

      • Support 256 namespace colors



    • deps: iconv-lite@0.5.2

      • Add encoding cp720

      • Add encoding UTF-32



    • deps: raw-body@3.0.0-beta.1




  • 2.0.0-beta.1 - href="2021-12-18
    https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.1">2021-12-18
    >
  • req.body is no longer always initialized to
    {}

    • it is left undefined unless a body is parsed



  • urlencoded parser now defaults extended to
    false

  • Use on-finished to determine when body read




  • 1.20.3 - href="2024-09-09

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/1.20.3">2024-09-09

    What's
    Changed


    Important



    • deps: qs@6.13.0

    • add depth option to customize the depth level in the
      parser

    • IMPORTANT: The default depth level for
      parsing URL-encoded data is now 32 (previously was
      Infinity). href="Documentationhttps://redirect.github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation>

    Other changes



    New Contributors



    Full Changelog: href="1.20.2...1.20.3https://redirect.github.com/expressjs/body-parser/compare/1.20.2...1.20.3">1.20.2...1.20.3>



    • from href="body-parser">https://redirect.github.com/expressjs/body-parser/releases">body-parser
    GitHub release notes



    ---

    > [!IMPORTANT]
    >
    > - **Warning:** This PR contains a major version upgrade, and may be a
    breaking change.
    > - Check the changes in this PR to ensure they won't cause issues with
    your project.
    > - This PR was automatically created by Snyk using the credentials of a
    real user.

    ---

    **Note:** _You are seeing this because you or someone else with access
    to this repository has authorized Snyk to open upgrade PRs._

    **For more information:** src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJmY2NmMTA2MC1iZmM1LTRjOWItOGFlMS0xZjczODJhYjI4YjEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImZjY2YxMDYwLWJmYzUtNGM5Yi04YWUxLTFmNzM4MmFiMjhiMSJ9fQ=="
    width="0" height="0"/>

    > - [View latest project
    report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Customise PR
    templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template)
    > - [Adjust upgrade PR
    settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Ignore this dependency or unsubscribe from future upgrade
    PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg=body-parser&utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

    [//]: #
    'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"body-parser","from":"1.20.3","to":"2.0.1"}],"env":"prod","hasFixes":false,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[],"prId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","prPublicId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","packageManager":"npm","priorityScoreList":[],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2024-09-10T04:15:36.065Z"},"vulns":[]}'

    ## Podsumowanie przez Sourcery

    Ulepszenia:
    - Aktualizacja body-parser do wersji 2.0.1, ktora obejmuje:
    - Wsparcie dla kodowania Brotli
    - Rezygnacje ze wsparcia dla starszych wersji Node.js
    - Domyslne ustawienie "extended" na "false" dla parsera urlencoded
    - Zmiane domyslnego poziomu glebokosci parsowania danych URL-encoded do
    32


    Original summary in English

    ## Summary by Sourcery

    Enhancements:
    - Upgrade body-parser to version 2.0.1, which includes support for
    Brotli encoding, drops support for older Node.js versions, defaults
    "extended" to "false" for urlencoded parser, and changes the default
    depth level for parsing URL-encoded data to 32.
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    No reviews

    Assignees

    No one assigned

    Labels

    None yet

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    1 participant