Releases: expressjs/express
Releases · expressjs/express
v5.0.0-beta.3
Full Changelog: 5.0.0-beta.2...v5.0.0-beta.3
4.19.2
5.0.0-beta.2
What's Changed
- lib: fix typo ocurred -> occurred by @caioagiani in #4805
- examples: defend from privilege elevation by @KoyamaSohei in #4120
- replace "replaces" with "replacer" in jsdoc by @apeltop in #4843
- Add install size badge to README by @styfle in #3710
- Replace deprecated String.prototype.substr() by @CommanderRoot in #4860
- fix: remove deprecated html attribute by @Hashen110 in #4866
- fix: parameter index is not described in JSDoc by @Hashen110 in #4867
- fix: continue is unnecessary as the last statement in a loop by @Hashen110 in #4868
- Deprecate non integer status codes in v4 by @jonchurch in #4223
- Add root support in res.download() by @mmito in #4855
- res.format(): call default using
objas the context by @shesek in #3587 - Feature/4171 depd by @UlisesGascon in #4174
- Validate
maxAgeappropriateness before use by @cjbarth in #3936 - deps: statuses@2.0.1 by @3imed-jaberi in #4336
- test: fix typo by @Hashen110 in #4882
- docs: fix typo: http -> HTTP by @ghousemohamed in #4872
- Update Security.md by @netcode in #4890
- examples: add missing associated labels by @Hashen110 in #4884
- Increase timeout for mocha to 7500 by @grisu48 in #4887
- Release 4.18 by @dougwilson in #4287
- Expanding the benchmark. by @denizy97 in #4880
- examples: remove unused params by @alxdrg in #4914
- Grammatically updated the express documentation for better comprehension by @REALSTEVEIG in #4926
- Freenode is dead/dying by @theabhinavdas in #5013
- Use https: protocol instead of deprecated git: protocol by @vcsjones in #5032
- build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in #5034
- ci: update actions/checkout to v3 by @armujahid in #5027
- test: remove unused function arguments in params by @raksbisht in #5124
- Remove unused originalIndex from acceptParams by @raksbisht in #5119
- Fixed typos by @raksbisht in #5117
- examples: remove unused params by @raksbisht in #5113
- fix: parameter str is not described in JSDoc by @raksbisht in #5130
- fix: typos in History.md by @raksbisht in #5131
- build : add Node.js@19.7 by @abenhamdine in #5028
- test: remove unused function arguments in params by @raksbisht in #5137
- use random port in test so it won't fail on already listening by @rluvaton in #5162
- tests: use cb() instead of done() by @kristof-low in #5233
- examples: remove multipart example by @riddlew in #5195
- Update support Node.js@18 in the CI by @UlisesGascon in #5490
- Fix favicon-related bug in cookie-sessions example by @DmytroKondrashov in #5414
- Release 4.18.3 by @UlisesGascon in #5505
- fix typo in release date by @UlisesGascon in #5527
- docs: nominating @wesleytodd to be project captian by @wesleytodd in #5511
- docs: loosen TC activity rules by @wesleytodd in #5510
- Add note on how to update docs for new release by @crandmck in #5541
- Release 4.19.0 by @wesleytodd in #5551
- Fix ci after location patch by @wesleytodd in #5552
- fixed un-edited version in history.md for 4.19.0 by @wesleytodd in #5556
New Contributors
- @caioagiani made their first contribution in #4805
- @apeltop made their first contribution in #4843
- @styfle made their first contribution in #3710
- @CommanderRoot made their first contribution in #4860
- @Hashen110 made their first contribution in #4866
- @mmito made their first contribution in #4855
- @UlisesGascon made their first contribution in #4174
- @cjbarth made their first contribution in #3936
- @ghousemohamed made their first contribution in #4872
- @netcode made their first contribution in #4890
- @grisu48 made their first contribution in #4887
- @denizy97 made their first contribution in #4880
- @alxdrg made their first contribution in #4914
- @REALSTEVEIG made their first contribution in #4926
- @theabhinavdas made their first contribution in #5013
- @vcsjones made their first contribution in #5032
- @abenhamdine made their first contribution in #5034
- @armujahid made their first contribution in #5027
- @raksbisht made their first contribution in #5124
- @rluvaton made their first contribution in #5162
- @kristof-low made their first contribution in #5233
- @riddlew made their first contribution in #5195
- @DmytroKondrashov made their first contribution in #5414
- @crandmck made their first contribution in #5541
Full Changelog: v5.0.0-beta.1...5.0.0-beta.2
Contributors
dougwilson, styfle, and 28 other contributors
Assets 2
4.19.1
What's Changed
- Fix ci after location patch by @wesleytodd in #5552
- fixed un-edited version in history.md for 4.19.0 by @wesleytodd in #5556
Full Changelog: 4.19.0...4.19.1
Contributors
wesleytodd
Assets 2
4.19.0
What's Changed
- fix typo in release date by @UlisesGascon in #5527
- docs: nominating @wesleytodd to be project captian by @wesleytodd in #5511
- docs: loosen TC activity rules by @wesleytodd in #5510
- Add note on how to update docs for new release by @crandmck in #5541
- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by @wesleytodd in #5551
New Contributors
Full Changelog: 4.18.3...4.19.0
Contributors
wesleytodd, crandmck, and UlisesGascon
Assets 2
4.18.3
4.18.3
This tag was signed with the committer’s verified signature.
UlisesGascon
Ulises Gascón
1b51eda
This commit was signed with the committer’s verified signature.
UlisesGascon
Ulises Gascón
Main Changes
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
Other Changes
- Use https: protocol instead of deprecated git: protocol by @vcsjones in #5032
- build: Node.js@16.18 and Node.js@18.12 by @abenhamdine in #5034
- ci: update actions/checkout to v3 by @armujahid in #5027
- test: remove unused function arguments in params by @raksbisht in #5124
- Remove unused originalIndex from acceptParams by @raksbisht in #5119
- Fixed typos by @raksbisht in #5117
- examples: remove unused params by @raksbisht in #5113
- fix: parameter str is not described in JSDoc by @raksbisht in #5130
- fix: typos in History.md by @raksbisht in #5131
- build : add Node.js@19.7 by @abenhamdine in #5028
- test: remove unused function arguments in params by @raksbisht in #5137
- use random port in test so it won't fail on already listening by @rluvaton in #5162
- tests: use cb() instead of done() by @kristof-low in #5233
- examples: remove multipart example by @riddlew in #5195
- Update support Node.js@18 in the CI by @UlisesGascon in #5490
- Fix favicon-related bug in cookie-sessions example by @DmytroKondrashov in #5414
- Release 4.18.3 by @UlisesGascon in #5505
New Contributors
- @vcsjones made their first contribution in #5032
- @abenhamdine made their first contribution in #5034
- @armujahid made their first contribution in #5027
- @raksbisht made their first contribution in #5124
- @rluvaton made their first contribution in #5162
- @kristof-low made their first contribution in #5233
- @riddlew made their first contribution in #5195
- @DmytroKondrashov made their first contribution in #5414
Full Changelog: 4.18.2...4.18.3
Contributors
vcsjones, armujahid, and 7 other contributors
Assets 2
4.18.2
- Fix regression routing a large stack in a single route
- deps: body-parser@1.20.1
- deps: qs@6.11.0
- perf: remove unnecessary object clone
- deps: qs@6.11.0
4.18.1
- Fix hanging on large stack of sync routes
4.18.0
- Add "root" option to
res.download - Allow
optionswithoutfilenameinres.download - Deprecate string and non-integer arguments to
res.status - Fix behavior of
null/undefinedasmaxAgeinres.cookie - Fix handling very large stacks of sync middleware
- Ignore
Object.prototypevalues in settings throughapp.set/app.get - Invoke
defaultwith same arguments as types inres.format - Support proper 205 responses using
res.send - Use
http-errorsforres.formaterror - deps: body-parser@1.20.0
- Fix error message for json parse whitespace in
strict - Fix internal error when inflated body exceeds limit
- Prevent loss of async hooks context
- Prevent hanging when request already read
- deps: depd@2.0.0
- deps: http-errors@2.0.0
- deps: on-finished@2.4.1
- deps: qs@6.10.3
- deps: raw-body@2.5.1
- Fix error message for json parse whitespace in
- deps: cookie@0.5.0
- Add
priorityoption - Fix
expiresoption to reject invalid dates
- Add
- deps: depd@2.0.0
- Replace internal
evalusage withFunctionconstructor - Use instance methods on
processto check for listeners
- Replace internal
- deps: finalhandler@1.2.0
- Remove set content headers that break response
- deps: on-finished@2.4.1
- deps: statuses@2.0.1
- deps: on-finished@2.4.1
- Prevent loss of async hooks context
- deps: qs@6.10.3
- deps: send@0.18.0
- Fix emitted 416 error missing headers property
- Limit the headers removed for 304 response
- deps: depd@2.0.0
- deps: destroy@1.2.0
- deps: http-errors@2.0.0
- deps: on-finished@2.4.1
- deps: statuses@2.0.1
- deps: serve-static@1.15.0
- deps: send@0.18.0
- deps: statuses@2.0.1
- Remove code 306
- Rename
425 Unordered Collectionto standard425 Too Early
4.17.3
- deps: accepts@~1.3.8
- deps: mime-types@~2.1.34
- deps: negotiator@0.6.3
- deps: body-parser@1.19.2
- deps: bytes@3.1.2
- deps: qs@6.9.7
- deps: raw-body@2.4.3
- deps: cookie@0.4.2
- deps: qs@6.9.7
- Fix handling of
__proto__keys
- Fix handling of
- pref: remove unnecessary regexp for trust proxy