Sourced from ejs's\r\nreleases.
\r\n\r\n\r\nv3.1.10
\r\nVersion 3.1.10
\r\nv3.1.9
\r\nVersion 3.1.9
\r\n
d3f807d
\r\nVersion 3.1.109ee26dd
\r\nMocha TDDe469741
\r\nBasic pollution protection715e950
\r\nMerge pull request #756 from\r\nJeffrey-mu/maincabe314
\r\nInclude advanced usage examples29b076c
\r\nAdded header11503c7
\r\nMerge branch 'main' of github.com:mde/ejs into main7690404
\r\nAdded security banner to READMEf47d7ae
\r\nUpdate SECURITY.md828cea1
\r\nUpdate SECURITY.mdSourced from express's\r\nreleases.
\r\n\r\n\r\n4.19.2
\r\nWhat's Changed
\r\n\r\nFull Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
\r\n4.19.1
\r\nWhat's Changed
\r\n\r\n
\r\n- Fix ci after location patch by
\r\n@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
\r\n4.19.0
\r\nWhat's Changed
\r\n\r\n
\r\n- fix typo in release date by
\r\n@UlisesGascon
\r\nin expressjs/express#5527- docs: nominating
\r\n@wesleytodd
to be\r\nproject captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
\r\n@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
\r\n@crandmck
in expressjs/express#5541- Prevent\r\nopen redirect allow list bypass due to encodeurl
\r\n- Release 4.19.0 by
\r\n@wesleytodd
in expressjs/express#5551New Contributors
\r\n\r\n
\r\n- \r\n
@crandmck
\r\nmade their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
\r\n4.18.3
\r\nMain Changes
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\nOther Changes
\r\n\r\n
\r\n\r\n- Use https: protocol instead of deprecated git: protocol by
\r\n@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
\r\n@abenhamdine
in\r\nexpressjs/express#5034- ci: update actions/checkout to v3 by
\r\n@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
\r\n@raksbisht
in expressjs/express#5119- Fixed typos by
\r\n@raksbisht
in expressjs/express#5117- examples: remove unused params by
\r\n@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
\r\n@raksbisht
in expressjs/express#5130- fix: typos in History.md by
\r\n@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
\r\n@abenhamdine
in\r\nexpressjs/express#5028- test: remove unused function arguments in params by
\r\n@raksbisht
in expressjs/express#5137
... (truncated)
\r\nSourced from express's\r\nchangelog.
\r\n\r\n\r\n4.19.2 / 2024-03-25
\r\n\r\n
\r\n- Improved fix for open redirect allow list bypass
\r\n4.19.1 / 2024-03-20
\r\n\r\n
\r\n- Allow passing non-strings to res.location with new encoding handling\r\nchecks
\r\n4.19.0 / 2024-03-20
\r\n\r\n
\r\n- Prevent open redirect allow list bypass due to encodeurl
\r\n- deps: cookie@0.6.0
\r\n4.18.3 / 2024-02-29
\r\n\r\n
\r\n- Fix routing requests without method
\r\n- deps: body-parser@1.20.2\r\n
\r\n\r\n
\r\n- Fix strict json error message on Node.js 19+
\r\n- deps: content-type@~1.0.5
\r\n- deps: raw-body@2.5.2
\r\n- deps: cookie@0.6.0\r\n
\r\n\r\n
\r\n- Add
\r\npartitioned
option4.18.2 / 2022-10-08
\r\n\r\n
\r\n- Fix regression routing a large stack in a single route
\r\n- deps: body-parser@1.20.1\r\n
\r\n\r\n
\r\n- deps: qs@6.11.0
\r\n- perf: remove unnecessary object clone
\r\n- deps: qs@6.11.0
\r\n
04bc627
\r\n4.19.2da4d763
\r\nImproved fix for open redirect allow list bypass4f0f6cc
\r\n4.19.1a003cfa
\r\nAllow passing non-strings to res.location with new encoding handling\r\nchecks f...a1fa90f
\r\nfixed un-edited version in history.md for 4.19.011f2b1d
\r\nbuild: fix build due to inconsistent supertest behavior in older\r\nversions084e365
\r\n4.19.00867302
\r\nPrevent open redirect allow list bypass due to encodeurl567c9c6
\r\nAdd note on how to update docs for new release (#5541)69a4cf2
\r\ndeps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser\r\nfor express since your current version.
\r\nSourced from webpack-dev-middleware's\r\nreleases.
\r\n\r\n\r\nv5.3.4
\r\n5.3.4\r\n(2024-03-20)
\r\nBug Fixes
\r\n\r\n
Sourced from webpack-dev-middleware's\r\nchangelog.
\r\n\r\n\r\n5.3.4\r\n(2024-03-20)
\r\nBug Fixes
\r\n\r\n
86071ea
\r\nchore(release): 5.3.4189c4ac
\r\nfix(security): do not allow to read files above (#1779)1ecbf2f
\r\n1.1.96a3ada9
\r\nlib: fixed CVE-2023-42282 and added unit test6585820
\r\nRelease version 1.15.4 of the npm package.7a6567e
\r\nDisallow bracketed hostnames.05629af
\r\nPrefer native URL instead of deprecated url.parse.1cba8e8
\r\nPrefer native URL instead of legacy url.resolve.72bc2a4
\r\nSimplify _processResponse error handling.3d42aec
\r\nAdd bracket tests.bcbb096
\r\nDo not directly set Error properties.Sourced from axios's\r\nreleases.
\r\n\r\n\r\nRelease v1.6.0
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028)\r\n(96ee232)
\r\n- dns: fixed lookup function decorator to work\r\nproperly in node v20; (#6011)\r\n(5aaff53)
\r\n- types: fix AxiosHeaders types; (#5931)\r\n(a1c8ad0)
\r\nPRs
\r\n\r\n
\r\n- CVE 2023 45857 ( #6028\r\n)
\r\n\r\n\r\n⚠️ Critical vulnerability fix. See\r\nhttps://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459\r\n
Contributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- Valentin\r\nPanov
\r\n- Rinku Chaudhari
\r\nRelease v1.5.1
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- adapters: improved adapters loading logic to have\r\nclear error messages; (#5919)\r\n(e410779)
\r\n- formdata: fixed automatic addition of the\r\n
\r\nContent-Type
header for FormData in non-browser\r\nenvironments; (#5917)\r\n(bc9af51)- headers: allow
\r\ncontent-encoding
header\r\nto handle case-insensitive values (#5890)\r\n(#5892)\r\n(4c89f25)- types: removed duplicated code (9e62056)
\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- David Dallas
\r\n- Sean Sattler
\r\n- Mustafa Ateş Uzun
\r\n- Przemyslaw\r\nMotacki
\r\n- Michael Di Prisco
\r\nRelease v1.5.0
\r\nRelease notes:
\r\nBug Fixes
\r\n\r\n
\r\n- adapter: make adapter loading error more clear by\r\nusing platform-specific adapters explicitly (#5837)\r\n(9a414bb)
\r\n- dns: fixed
\r\ncacheable-lookup
\r\nintegration; (#5836)\r\n(b3e327d)- headers: added support for setting header names\r\nthat overlap with class methods; (#5831)\r\n(d8b4ca0)
\r\n- headers: fixed common Content-Type header merging;\r\n(#5832)\r\n(8fda276)
\r\nFeatures
\r\n\r\n
... (truncated)
\r\nSourced from axios's\r\nchangelog.
\r\n\r\n\r\n1.6.0\r\n(2023-10-26)
\r\nBug Fixes
\r\n\r\n
\r\n- CSRF: fixed CSRF vulnerability CVE-2023-45857 (#6028)\r\n(96ee232)
\r\n- dns: fixed lookup function decorator to work\r\nproperly in node v20; (#6011)\r\n(5aaff53)
\r\n- types: fix AxiosHeaders types; (#5931)\r\n(a1c8ad0)
\r\nPRs
\r\n\r\n
\r\n- CVE 2023 45857 ( #6028\r\n)
\r\n\r\n\r\n⚠️ Critical vulnerability fix. See\r\nhttps://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459\r\n
Contributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- Valentin\r\nPanov
\r\n- Rinku Chaudhari
\r\n1.5.1\r\n(2023-09-26)
\r\nBug Fixes
\r\n\r\n
\r\n- adapters: improved adapters loading logic to have\r\nclear error messages; (#5919)\r\n(e410779)
\r\n- formdata: fixed automatic addition of the\r\n
\r\nContent-Type
header for FormData in non-browser\r\nenvironments; (#5917)\r\n(bc9af51)- headers: allow
\r\ncontent-encoding
header\r\nto handle case-insensitive values (#5890)\r\n(#5892)\r\n(4c89f25)- types: removed duplicated code (9e62056)
\r\nContributors to this release
\r\n\r\n
\r\n- Dmitriy\r\nMozgovoy
\r\n- David Dallas
\r\n- Sean Sattler
\r\n- Mustafa Ateş Uzun
\r\n- Przemyslaw\r\nMotacki
\r\n- Michael Di Prisco
\r\nPRs
\r\n\r\n
\r\n- CVE 2023 45857 ( #6028\r\n)
\r\n\r\n\r\n⚠️ Critical vulnerability fix. See\r\nhttps://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459\r\n
1.5.0\r\n(2023-08-26)
\r\n\r\n
... (truncated)
\r\nf7adacd
\r\nchore(release): v1.6.0 (#6031)9917e67
\r\nchore(ci): fix release-it arg; (#6032)96ee232
\r\nfix(CSRF): fixed CSRF vulnerability CVE-2023-45857 (#6028)7d45ab2
\r\nchore(tests): fixed tests to pass in node v19 and v20 with\r\nkeep-alive
enabl...5aaff53
\r\nfix(dns): fixed lookup function decorator to work properly in node v20;\r\n(#6011)a48a63a
\r\nchore(docs): added AxiosHeaders docs; (#5932)a1c8ad0
\r\nfix(types): fix AxiosHeaders types; (#5931)2ac731d
\r\nchore(docs): update readme.md (#5889)88fb52b
\r\nchore(release): v1.5.1 (#5920)e410779
\r\nfix(adapters): improved adapters loading logic to have clear error\r\nmessages; ...