Release 4.14 #3006
Merged
Release 4.14 #3006
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
dougwilson
force-pushed
the
4.14
branch
2 times, most recently
from
d5c9870 to
e550269
Compare
dougwilson
force-pushed
the
4.14
branch
4 times, most recently
from
c9531ac to
98224d2
Compare
|
FYI everyone + @expressjs/express-tc, 4.14 should have been complete tonight for a release tomorrow, but is currently delayed pending the resolution of a concern. |
|
As per the Express TC meeting on 6/15, this Express 4.14 release will be released today, 6/16! |
petems
added a commit
to petems/gscan
that referenced
this pull request
Aug 31, 2016
* https://nodesecurity.io/advisories/106 * older express depended on older accepts which required vulnerable negotiator * See PRs for context * jshttp/negotiator@26a05ec * expressjs/express#3006
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a tracking issue for release 4.14.
Please keep feature requests in their own issues
If you want to make a comment on a particular change, please make the comment in the "Files changed" tab so comments are not lost during a rebase.
List of changes for release:
res.location/res.redirectif not already encodedres.redirectunpredictable sometimes with Unicode and even ANSI/ASCII #2897 The header content contains invalid characters TypeError: The header content contains invalid characters at ServerResponse. #3003res.json/res.jsonpperformance in Node.js < 6 OptimizeJSON.stringifyperformance in V8. #2900res.headerBugFixed: prevent toLowerCase crash the App. #2993===instead of==except when testing fornullorundefined. #2722acceptsmodule to 1.3.3 which brings in lots ofnegotiatorimprovementscontent-typemodule to 1.0.2cookiemodule to 0.3.1 which brings newsameSiteoptionfinalhandlermodule to 0.5.0 which bringserr.headerssupportproxy-addrmodule to 1.1.2qsmodule to 6.2.0 which brings theencodeoption toquerymiddlewarerange-parsermodule to 1.2.0 which brings options likecombinesendmodule to 0.14.1 which bringsRange& redirect fixes and new optionsserve-staticmodule to 1.11.1 which bringsRange& redirect fixes and new optionstype-ismodule to 1.6.13varymodule to 1.1.0 which brings field name validationTesting this release
If you want to try out this release, you can install it with the following commands:
Owners/collaborators: please do not merge this PR :)