Thread-Watcher
Thread-Watcher copied to clipboard
ffamilyfriendly
deps: bump express from 4.18.3 to 4.19.2 in /bot
Bumps express from 4.18.3 to 4.19.2.
Release notes
Sourced from express's releases.
4.19.2
What's Changed
Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
4.19.1
What's Changed
- Fix ci after location patch by
@wesleytoddin expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
@wesleytoddin expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
4.19.0
What's Changed
- fix typo in release date by
@UlisesGasconin expressjs/express#5527- docs: nominating
@wesleytoddto be project captian by@wesleytoddin expressjs/express#5511- docs: loosen TC activity rules by
@wesleytoddin expressjs/express#5510- Add note on how to update docs for new release by
@crandmckin expressjs/express#5541- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by
@wesleytoddin expressjs/express#5551New Contributors
@crandmckmade their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
Changelog
Sourced from express's changelog.
4.19.2 / 2024-03-25
- Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
- Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
- Prevent open redirect allow list bypass due to encodeurl
- deps: [email protected]
Commits
04bc6274.19.2da4d763Improved fix for open redirect allow list bypass4f0f6cc4.19.1a003cfaAllow passing non-strings to res.location with new encoding handling checks f...a1fa90ffixed un-edited version in history.md for 4.19.011f2b1dbuild: fix build due to inconsistent supertest behavior in older versions084e3654.19.00867302Prevent open redirect allow list bypass due to encodeurl567c9c6Add note on how to update docs for new release (#5541)69a4cf2deps: [email protected]- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency -
@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}