[Snyk] Upgrade express from 4.16.4 to 4.17.1 #4

snyk-bot · 2020-06-04T23:18:25Z

Snyk has created this PR to upgrade express from 4.16.4 to 4.17.1.

✨What is Merge Advice?

We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. 🙏

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 2 versions ahead of your current version.
The recommended version was released a year ago, on 2019-05-26.

Release notes

Package name: express

4.17.1 - 2019-05-26
- Revert "Improve error message for null/undefined to res.status"
4.17.0 - 2019-05-17
- Add express.raw to parse bodies into Buffer
- Add express.text to parse bodies into string
- Improve error message for non-strings to res.sendFile
- Improve error message for null/undefined to res.status
- Support multiple hosts in X-Forwarded-Host
- deps: accepts@~1.3.7
- deps: [email protected]
  - Add encoding MIK
  - Add petabyte (pb) support
  - Fix parsing array brackets after index
  - deps: [email protected]
  - deps: [email protected]
  - deps: [email protected]
  - deps: [email protected]
  - deps: [email protected]
  - deps: type-is@~1.6.17
- deps: [email protected]
- deps: [email protected]
  - Add SameSite=None support
- deps: finalhandler@~1.1.2
  - Set stricter Content-Security-Policy header
  - deps: parseurl@~1.3.3
  - deps: statuses@~1.5.0
- deps: parseurl@~1.3.3
- deps: proxy-addr@~2.0.5
  - deps: [email protected]
- deps: [email protected]
  - Fix parsing array brackets after index
- deps: range-parser@~1.2.1
- deps: [email protected]
  - Set stricter CSP header in redirect & error responses
  - deps: http-errors@~1.7.2
  - deps: [email protected]
  - deps: [email protected]
  - deps: range-parser@~1.2.1
  - deps: statuses@~1.5.0
  - perf: remove redundant path.normalize call
- deps: [email protected]
  - Set stricter CSP header in redirect response
  - deps: parseurl@~1.3.3
  - deps: [email protected]
- deps: [email protected]
- deps: statuses@~1.5.0
  - Add 103 Early Hints
- deps: type-is@~1.6.18
  - deps: mime-types@~2.1.24
  - perf: prevent internal throw on invalid type
4.16.4 - 2018-10-11
- Fix issue where "Request aborted" may be logged in res.sendfile
- Fix JSDoc for Router constructor
- deps: [email protected]
  - Fix deprecation warnings on Node.js 10+
  - Fix stack trace for strict json parse error
  - deps: depd@~1.1.2
  - deps: http-errors@~1.6.3
  - deps: [email protected]
  - deps: [email protected]
  - deps: [email protected]
  - deps: type-is@~1.6.16
- deps: proxy-addr@~2.0.4
  - deps: [email protected]
- deps: [email protected]
- deps: [email protected]