chore(deps): update dependency body-parser to v1.20.3 #9

mend-for-github-com · 2023-02-17T15:56:29Z

This PR contains the following updates:

Package	Type	Update	Change
body-parser	dependencies	minor	`1.18.3` -> `1.20.3`

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	CVE
High	7.5	CVE-2022-24999
High	7.5	CVE-2024-45590

Release Notes

expressjs/body-parser (body-parser)

`v1.20.3`

Compare Source

===================

deps: qs@6.13.0
add depth option to customize the depth level in the parser
IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

`v1.20.2`

Compare Source

===================

Fix strict json error message on Node.js 19+
deps: content-type@~1.0.5
- perf: skip value escaping when unnecessary
deps: raw-body@2.5.2

`v1.20.1`

Compare Source

===================

deps: qs@6.11.0
perf: remove unnecessary object clone

`v1.20.0`

Compare Source

===================

Fix error message for json parse whitespace in strict
Fix internal error when inflated body exceeds limit
Prevent loss of async hooks context
Prevent hanging when request already read
deps: depd@2.0.0
- Replace internal eval usage with Function constructor
- Use instance methods on process to check for listeners
deps: http-errors@2.0.0
- deps: depd@2.0.0
- deps: statuses@2.0.1
deps: on-finished@2.4.1
deps: qs@6.10.3
deps: raw-body@2.5.1
- deps: http-errors@2.0.0

`v1.19.2`

Compare Source

===================

deps: bytes@3.1.2
deps: qs@6.9.7
- Fix handling of __proto__ keys
deps: raw-body@2.4.3
- deps: bytes@3.1.2

`v1.19.1`

Compare Source

===================

deps: bytes@3.1.1
deps: http-errors@1.8.1
- deps: inherits@2.0.4
- deps: toidentifier@1.0.1
- deps: setprototypeof@1.2.0
deps: qs@6.9.6
deps: raw-body@2.4.2
- deps: bytes@3.1.1
- deps: http-errors@1.8.1
deps: safe-buffer@5.2.1
deps: type-is@~1.6.18

`v1.19.0`

Compare Source

===================

deps: bytes@3.1.0
- Add petabyte (pb) support
deps: http-errors@1.7.2
- Set constructor name when possible
- deps: setprototypeof@1.1.1
- deps: statuses@'>= 1.5.0 < 2'
deps: iconv-lite@0.4.24
- Added encoding MIK
deps: qs@6.7.0
- Fix parsing array brackets after index
deps: raw-body@2.4.0
- deps: bytes@3.1.0
- deps: http-errors@1.7.2
- deps: iconv-lite@0.4.24
deps: type-is@~1.6.17
- deps: mime-types@~2.1.24
- perf: prevent internal throw on invalid type

If you want to rebase/retry this PR, check this box

mend-for-github-com bot added the security fix Security fix generated by Mend label Feb 17, 2023

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0~~ chore(deps): update dependency body-parser to v1.19.0 - autoclosed Mar 27, 2023

mend-for-github-com bot closed this Mar 27, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch March 27, 2023 18:58

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0 - autoclosed~~ chore(deps): update dependency body-parser to v1.19.0 Mar 31, 2023

mend-for-github-com bot reopened this Mar 31, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch March 31, 2023 04:32

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0~~ chore(deps): update dependency body-parser to v1.19.0 - autoclosed Jun 16, 2023

mend-for-github-com bot closed this Jun 16, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch June 16, 2023 03:57

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0 - autoclosed~~ chore(deps): update dependency body-parser to v1.19.0 Jun 18, 2023

mend-for-github-com bot reopened this Jun 18, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch June 18, 2023 11:43

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from f99a84d to 7e7561b Compare June 18, 2023 11:43

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 4 times, most recently from e6b23a1 to 4b16110 Compare July 28, 2023 02:11

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 4b16110 to ed68d15 Compare October 21, 2023 05:27

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 3 times, most recently from fb48b05 to 7feb903 Compare November 29, 2023 05:31

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 7feb903 to 4a7358c Compare January 2, 2024 04:55

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0~~ chore(deps): update dependency body-parser to v1.19.0 - autoclosed Apr 2, 2024

mend-for-github-com bot closed this Apr 2, 2024

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch April 2, 2024 19:01

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0 - autoclosed~~ chore(deps): update dependency body-parser to v1.19.0 Apr 7, 2024

mend-for-github-com bot reopened this Apr 7, 2024

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch April 7, 2024 06:26

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 4a7358c to 5184f61 Compare April 7, 2024 06:26

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 5184f61 to df666e8 Compare September 11, 2024 12:34

mend-for-github-com bot changed the title ~~chore(deps): update dependency body-parser to v1.19.0~~ chore(deps): update dependency body-parser to v1.20.3 Sep 11, 2024

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from df666e8 to a7c5ddf Compare November 14, 2024 07:34

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 6 times, most recently from f25b7f1 to 38ca189 Compare December 7, 2024 05:19

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 3 times, most recently from ae0f2f7 to 2a04538 Compare December 16, 2024 07:20

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 2 times, most recently from 4454316 to 011e404 Compare December 20, 2024 05:33

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 011e404 to 92ba692 Compare January 2, 2025 22:08

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 92ba692 to 426036d Compare January 15, 2025 05:54

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 426036d to 8aaf00b Compare February 6, 2025 07:51

chore(deps): update dependency body-parser to v1.20.3

a0f1866

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 8aaf00b to a0f1866 Compare February 13, 2025 07:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency body-parser to v1.20.3 #9

chore(deps): update dependency body-parser to v1.20.3 #9

mend-for-github-com bot commented Feb 17, 2023 •

edited

Loading

chore(deps): update dependency body-parser to v1.20.3 #9

Are you sure you want to change the base?

chore(deps): update dependency body-parser to v1.20.3 #9

Conversation

mend-for-github-com bot commented Feb 17, 2023 • edited Loading

Release Notes

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.2

v1.19.1

v1.19.0

mend-for-github-com bot commented Feb 17, 2023 •

edited

Loading

`v1.20.3`

`v1.20.2`

`v1.20.1`

`v1.20.0`

`v1.19.2`

`v1.19.1`

`v1.19.0`