Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade express-rate-limit from 2.14.2 to 7.1.5 #5

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

Jircs1
Copy link
Owner

@Jircs1 Jircs1 commented Mar 19, 2024

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade express-rate-limit from 2.14.2 to 7.1.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 68 versions ahead of your current version.
  • The recommended version was released 4 months ago, on 2023-11-27.
Release notes
Package name: express-rate-limit
  • 7.1.5 - 2023-11-27

    You can view the changelog here.

  • 7.1.4 - 2023-11-06

    You can view the changelog here.

  • 7.1.3 - 2023-10-26

    You can view the changelog here.

  • 7.1.2 - 2023-10-23

    You can view the changelog here.

  • 7.1.1 - 2023-10-09

    Misc


    You can view the full changelog here.

  • 7.1.0 - 2023-10-04

    You can view the changelog here.

  • 7.0.2 - 2023-09-26

    You can view the changelog here.

  • 7.0.1 - 2023-09-16

    You can view the changelog here.

  • 7.0.0 - 2023-09-12

    Breaking

    • Changed behavior when max is set to 0:
      • Previously, max: 0 was treated as a 'disable' flag and would allow all requests through.
      • Starting with v7, all requests will be blocked when max is set to 0.
      • To replicate the old behavior, use the skip function instead.
    • Renamed req.rateLimit.current to req.rateLimit.used.
      • current is now a hidden getter that will return the used value, but it will not appear when iterating over the keys or calling JSON.stringify().
    • Changed the minimum required Node version from v14 to v16.
      • express-rate-limit now targets es2022 in TypeScript/ESBuild.
    • Bumped TypeScript from v4 to v5 and dts-bundle-generator from v7 to v8.

    Deprecated

    • Removed the draft_polli_ratelimit_headers option (it was deprecated in v6).
      • Use standardHeaders: 'draft-6' instead.
    • Removed the onLimitReached option (it was deprecated in v6).
      • This is an example of how to replicate it's behavior with a custom handler option.

    Changed

    • The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
    • The limit configuration option is now prefered to max.
      • It still shows the same behavior, and max is still supported. The change was made to better align with terminology used in the IETF standard drafts.

    Added

    • The validate config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.
  • 6.11.2 - 2023-09-12

    Fixed

    • Restored IncrementResponse TypeScript type (See #397)
  • 6.11.1 - 2023-09-10
  • 6.11.0 - 2023-09-06
  • 6.10.0 - 2023-08-30
  • 6.9.0 - 2023-08-06
  • 6.8.1 - 2023-07-27
  • 6.8.0 - 2023-07-21
  • 6.7.2 - 2023-07-27
  • 6.7.1 - 2023-07-06
  • 6.7.0 - 2022-11-15
  • 6.6.0 - 2022-09-04
  • 6.5.2 - 2022-08-24
  • 6.5.1 - 2022-07-23
  • 6.4.0 - 2022-04-24
  • 6.3.0 - 2022-02-19
  • 6.2.1 - 2022-02-10
  • 6.2.0 - 2022-01-22
  • 6.1.0 - 2022-01-12
  • 6.0.5 - 2022-01-06
  • 6.0.4 - 2022-01-02
  • 6.0.3 - 2021-12-30
  • 6.0.2 - 2021-12-30
  • 6.0.1 - 2021-12-25
  • 6.0.0 - 2021-12-24
  • 5.5.1 - 2021-11-06
  • 5.5.0 - 2021-10-12
  • 5.4.1 - 2021-10-05
  • 5.4.0 - 2021-10-01
  • 5.3.0 - 2021-07-01
  • 5.2.6 - 2021-02-17
  • 5.2.5 - 2021-02-08
  • 5.2.3 - 2020-11-19
  • 5.2.2 - 2020-11-19
  • 5.2.1 - 2020-11-19
  • 5.1.3 - 2020-04-29
  • 5.1.1 - 2020-02-13
  • 5.0.0 - 2019-06-08
  • 4.0.4 - 2019-06-01
  • 4.0.3 - 2019-05-29
  • 4.0.2 - 2019-05-27
  • 4.0.1 - 2019-05-22
  • 4.0.0 - 2019-05-21
  • 3.5.3 - 2019-05-22
  • 3.5.2 - 2019-05-21
  • 3.5.1 - 2019-05-10
  • 3.5.0 - 2019-04-29
  • 3.4.1 - 2019-04-16
  • 3.4.0 - 2019-02-19
  • 3.3.2 - 2018-11-12
  • 3.3.1 - 2018-11-08
  • 3.3.0 - 2018-10-30
  • 3.2.1 - 2018-10-09
  • 3.2.0 - 2018-09-18
  • 3.1.1 - 2018-09-06
  • 3.1.0 - 2018-08-23
  • 3.0.3 - 2018-08-22
  • 3.0.2 - 2018-08-21
  • 3.0.1 - 2018-08-21
  • 3.0.0 - 2018-08-21
  • 2.14.2 - 2018-08-23
from express-rate-limit GitHub release notes
Commit messages
Package name: express-rate-limit

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Copy link

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/express-rate-limit@7.1.5 network Transitive: environment, eval, filesystem +49 1.68 MB nfriedly

🚮 Removed packages: npm/clone@1.0.4, npm/defaults@1.0.3, npm/express-rate-limit@2.14.2

View full report↗︎

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants