Dark Mode

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Release: 2.0.1#537

Merged
UlisesGascon merged 1 commit intomasterfrom
release/2.0.1
Sep 10, 2024
Merged

Release: 2.0.1#537
UlisesGascon merged 1 commit intomasterfrom
release/2.0.1

Conversation

Copy link
Member

UlisesGascon commented Sep 10, 2024

No description provided.

ctcpip approved these changes Sep 10, 2024
wesleytodd approved these changes Sep 10, 2024
UlisesGascon merged commit 966bc9d into master Sep 10, 2024
mergify bot added a commit to reisene/HulajDusza-serwis that referenced this pull request Jan 23, 2025
![snyk-io[bot]](https://badgen.net/badge/icon/snyk-io%5Bbot%5D/green?label=)
[Powered by Pull Request Badgesrc="](https://pullrequestbadge.com/?utm_medium=github&utm_source=reisene&utm_campaign=badge_info)


![snyk-top-banner](https://redirect.github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)


Snyk has created this PR to upgrade body-parser from 1.20.3 to
2.0.1.



:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.



**Warning:** This PR contains major version upgrade(s), and may be a
breaking change.

- The recommended version is **4 versions** ahead of your current
version.

- The recommended version was released **4 months ago**.




Release notes



Package name: body-parser


  • 2.0.1 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.1">2024-09-10

    What's
    Changed



    New Contributors



    Full Changelog: href="2.0.0...2.0.1https://redirect.github.com/expressjs/body-parser/compare/2.0.0...2.0.1">2.0.0...2.0.1>



  • 2.0.0 - href="2024-09-10

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/2.0.0">2024-09-10

    What's
    Changed


    Important



    • add brotli support data-error-text="Failed to load title"
      data-permission-text="Title is private"
      data-url="expressjs/body-parser#406"
      data-hovercard-type="pull_request"
      data-hovercard-url="/expressjs/body-parser/pull/406/hovercard"
      href="#406https://redirect.github.com/expressjs/body-parser/pull/406">#406>
    • Breaking Change: Node.js 18 is the minimum
      supported version


    Details



    New Contributors



    Full Changelog: href="1.20.2...2.0.0https://redirect.github.com/expressjs/body-parser/compare/1.20.2...2.0.0">1.20.2...2.0.0>



  • 2.0.0-beta.2 - href="2023-02-23

    This">https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.2">2023-02-23

    This
    incorporates all changes after 1.19.1 up to 1.20.2.



    • Remove deprecated bodyParser() combination
      middleware

    • deps: debug@3.1.0

      • Add DEBUG_HIDE_DATE environment variable

      • Change timer to per-namespace instead of global

      • Change non-TTY date format

      • Remove DEBUG_FD environment variable support

      • Support 256 namespace colors



    • deps: iconv-lite@0.5.2

      • Add encoding cp720

      • Add encoding UTF-32



    • deps: raw-body@3.0.0-beta.1




  • 2.0.0-beta.1 - href="2021-12-18
    https://redirect.github.com/expressjs/body-parser/releases/tag/v2.0.0-beta.1">2021-12-18
    >
  • req.body is no longer always initialized to
    {}

    • it is left undefined unless a body is parsed



  • urlencoded parser now defaults extended to
    false

  • Use on-finished to determine when body read




  • 1.20.3 - href="2024-09-09

    What">https://redirect.github.com/expressjs/body-parser/releases/tag/1.20.3">2024-09-09

    What's
    Changed


    Important



    • deps: qs@6.13.0

    • add depth option to customize the depth level in the
      parser

    • IMPORTANT: The default depth level for
      parsing URL-encoded data is now 32 (previously was
      Infinity). href="Documentationhttps://redirect.github.com/expressjs/body-parser/blob/17529513673e39ba79886a7ce3363320cf1c0c50/README.md#depth">Documentation>

    Other changes



    New Contributors



    Full Changelog: href="1.20.2...1.20.3https://redirect.github.com/expressjs/body-parser/compare/1.20.2...1.20.3">1.20.2...1.20.3>



    • from href="body-parser">https://redirect.github.com/expressjs/body-parser/releases">body-parser
    GitHub release notes



    ---

    > [!IMPORTANT]
    >
    > - **Warning:** This PR contains a major version upgrade, and may be a
    breaking change.
    > - Check the changes in this PR to ensure they won't cause issues with
    your project.
    > - This PR was automatically created by Snyk using the credentials of a
    real user.

    ---

    **Note:** _You are seeing this because you or someone else with access
    to this repository has authorized Snyk to open upgrade PRs._

    **For more information:** src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJmY2NmMTA2MC1iZmM1LTRjOWItOGFlMS0xZjczODJhYjI4YjEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImZjY2YxMDYwLWJmYzUtNGM5Yi04YWUxLTFmNzM4MmFiMjhiMSJ9fQ=="
    width="0" height="0"/>

    > - [View latest project
    report](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Customise PR
    templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template)
    > - [Adjust upgrade PR
    settings](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr)
    > - [Ignore this dependency or unsubscribe from future upgrade
    PRs](https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59/settings/integration?pkg=body-parser&utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

    [//]: #
    'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"body-parser","from":"1.20.3","to":"2.0.1"}],"env":"prod","hasFixes":false,"isBreakingChange":true,"isMajorUpgrade":true,"issuesToFix":[],"prId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","prPublicId":"fccf1060-bfc5-4c9b-8ae1-1f7382ab28b1","packageManager":"npm","priorityScoreList":[],"projectPublicId":"55e114f8-489e-4f14-b900-20574b041e59","projectUrl":"https://app.snyk.io/org/reisene/project/55e114f8-489e-4f14-b900-20574b041e59?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":4,"publishedDate":"2024-09-10T04:15:36.065Z"},"vulns":[]}'

    ## Podsumowanie przez Sourcery

    Ulepszenia:
    - Aktualizacja body-parser do wersji 2.0.1, ktora obejmuje:
    - Wsparcie dla kodowania Brotli
    - Rezygnacje ze wsparcia dla starszych wersji Node.js
    - Domyslne ustawienie "extended" na "false" dla parsera urlencoded
    - Zmiane domyslnego poziomu glebokosci parsowania danych URL-encoded do
    32


    Original summary in English

    ## Summary by Sourcery

    Enhancements:
    - Upgrade body-parser to version 2.0.1, which includes support for
    Brotli encoding, drops support for older Node.js versions, defaults
    "extended" to "false" for urlencoded parser, and changes the default
    depth level for parsing URL-encoded data to 32.
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

    Reviewers

    wesleytodd wesleytodd approved these changes

    ctcpip ctcpip approved these changes

    Assignees

    No one assigned

    Labels

    None yet

    Projects

    None yet

    Milestone

    No milestone

    Development

    Successfully merging this pull request may close these issues.

    3 participants