[Snyk] Upgrade body-parser from 1.20.1 to 1.20.2 #290

snyk-bot · 2023-04-22T02:22:18Z

Snyk has created this PR to upgrade body-parser from 1.20.1 to 1.20.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released 2 months ago, on 2023-02-22.

Release notes

Package name: body-parser

1.20.2 - 2023-02-22
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
  - perf: skip value escaping when unnecessary
- deps: raw-body@2.5.2
1.20.1 - 2022-10-06
- deps: qs@6.11.0
- perf: remove unnecessary object clone

from body-parser GitHub release notes

Commit messages

Package name: body-parser

ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
0385872 deps: raw-body@2.5.2
2c35b41 build: eslint@8.34.0
f0646c2 build: Node.js@18.14
f345fb1 build: Node.js@14.21
6842efc deps: content-type@~1.0.5
5af7315 build: eslint-plugin-promise@6.1.1
8e605b3 build: supertest@6.3.3
cba6e77 build: mocha@10.2.0
6a464ab build: eslint-plugin-import@2.27.5
7ebf276 build: eslint@8.32.0
69bb649 build: Node.js@16.19
8ff995f docs: switch badges to badgen
850832f build: Node.js@18.13
dad8f34 build: actions/download-artifact@v3
b17df32 build: use $GITHUB_OUTPUT for environment list
d22513a build: actions/upload-artifact@v3
9f44f7b build: actions/checkout@v3
48e18ea build: mocha@10.1.0

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade body-parser from 1.20.1 to 1.20.2. See this package in npm: https://www.npmjs.com/package/body-parser See this project in Snyk: https://app.snyk.io/org/cameri/project/2f0c25a2-d08a-45e1-a6f4-84766cbed88d?utm_source=github&utm_medium=referral&page=upgrade-pr

socket-security · 2023-04-22T02:23:11Z

New dependency changes detected. Learn more about Socket for GitHub ↗︎

👍 No new dependency issues detected in pull request

Bot Commands

To ignore an alert, reply with a comment starting with @SocketSecurity ignore followed by a space separated list of package-name@version specifiers. e.g. @SocketSecurity ignore foo@1.0.0 bar@* or ignore all packages with @SocketSecurity ignore-all

Pull request alert summary

Issue	Status
Install scripts	✅ 0 issues
Native code	✅ 0 issues
Bin script shell injection	✅ 0 issues
Unresolved require	✅ 0 issues
Invalid package.json	✅ 0 issues
HTTP dependency	✅ 0 issues
Git dependency	✅ 0 issues
Potential typo squat	✅ 0 issues
Known Malware	✅ 0 issues
Telemetry	✅ 0 issues
Protestware/Troll package	✅ 0 issues