Releases: expressjs/express
Releases · expressjs/express
4.15.3
- Fix error when
res.set
cannot add charset toContent-Type
- deps: debug@2.6.7
- Fix
DEBUG_MAX_ARRAY_LENGTH
- deps: ms@2.0.0
- Fix
- deps: finalhandler@~1.0.3
- Fix missing
</html>
in HTML document - deps: debug@2.6.7
- Fix missing
- deps: proxy-addr@~1.1.4
- deps: ipaddr.js@1.3.0
- deps: send@0.15.3
- deps: debug@2.6.7
- deps: ms@2.0.0
- deps: serve-static@1.12.3
- deps: send@0.15.3
- deps: type-is@~1.6.15
- deps: mime-types@~2.1.15
- deps: vary@~1.1.1
- perf: hoist regular expression
5.0.0-alpha.5
This is the fifth Express 5.0 alpha release, based off 4.15.2 and includes
changes from 5.0.0-alpha.4.
4.15.2
- deps: qs@6.4.0
- Fix regression parsing keys starting with
[
- Fix regression parsing keys starting with
4.15.1
- deps: send@0.15.1
- Fix issue when
Date.parse
does not returnNaN
on invalid date - Fix strict violation in broken environments
- Fix issue when
- deps: serve-static@1.12.1
- Fix issue when
Date.parse
does not returnNaN
on invalid date - deps: send@0.15.1
- Fix issue when
5.0.0-alpha.4
This is the fourth Express 5.0 alpha release, based off 4.15.0 and includes
changes from 5.0.0-alpha.3.
- remove:
- Remove Express 3.x middleware error stubs
- deps: router@~1.3.0
- Add
next("router")
to exit from router - Fix case where
router.use
skipped requests routes did not - Skip routing when
req.url
is not set - Use
%o
in path debug to tell types apart - deps: debug@2.6.1
- deps: setprototypeof@1.0.3
- perf: add fast match path for
*
route
- Add
4.15.0
- Add debug message when loading view engine
- Add
next("router")
to exit from router - Fix case where
router.use
skipped requests routes did not - Remove usage of
res._headers
private field- Improves compatibility with Node.js 8 nightly
- Skip routing when
req.url
is not set - Use
%o
in path debug to tell types apart - Use
Object.create
to setup request & response prototypes - Use
setprototypeof
module to replace__proto__
setting - Use
statuses
instead ofhttp
module for status messages - deps: debug@2.6.1
- Allow colors in workers
- Deprecated
DEBUG_FD
environment variable set to3
or higher - Fix error when running under React Native
- Use same color for same namespace
- deps: ms@0.7.2
- deps: etag@~1.8.0
- Use SHA1 instead of MD5 for ETag hashing
- Works with FIPS 140-2 OpenSSL configuration
- deps: finalhandler@~1.0.0
- Fix exception when
err
cannot be converted to a string - Fully URL-encode the pathname in the 404
- Only include the pathname in the 404 message
- Send complete HTML document
- Set
Content-Security-Policy: default-src 'self'
header - deps: debug@2.6.1
- Fix exception when
- deps: fresh@0.5.0
- Fix false detection of
no-cache
request directive - Fix incorrect result when
If-None-Match
has both*
and ETags - Fix weak
ETag
matching to match spec - perf: delay reading header values until needed
- perf: enable strict mode
- perf: hoist regular expressions
- perf: remove duplicate conditional
- perf: remove unnecessary boolean coercions
- perf: skip checking modified time if ETag check failed
- perf: skip parsing
If-None-Match
when noETag
header - perf: use
Date.parse
instead ofnew Date
- Fix false detection of
- deps: qs@6.3.1
- Fix array parsing from skipping empty values
- Fix compacting nested arrays
- deps: send@0.15.0
- Fix false detection of
no-cache
request directive - Fix incorrect result when
If-None-Match
has both*
and ETags - Fix weak
ETag
matching to match spec - Remove usage of
res._headers
private field - Support
If-Match
andIf-Unmodified-Since
headers - Use
res.getHeaderNames()
when available - Use
res.headersSent
when available - deps: debug@2.6.1
- deps: etag@~1.8.0
- deps: fresh@0.5.0
- deps: http-errors@~1.6.1
- Fix false detection of
- deps: serve-static@1.12.0
- Fix false detection of
no-cache
request directive - Fix incorrect result when
If-None-Match
has both*
and ETags - Fix weak
ETag
matching to match spec - Remove usage of
res._headers
private field - Send complete HTML document in redirect response
- Set default CSP header in redirect response
- Support
If-Match
andIf-Unmodified-Since
headers - Use
res.getHeaderNames()
when available - Use
res.headersSent
when available - deps: send@0.15.0
- Fix false detection of
- perf: add fast match path for
*
route - perf: improve
req.ips
performance
5.0.0-alpha.3
This is the third Express 5.0 alpha release, based off 4.14.1 and includes
changes from 5.0.0-alpha.2.
- remove:
res.json(status, obj)
signature - useres.status(status).json(obj)
res.jsonp(status, obj)
signature - useres.status(status).jsonp(obj)
res.vary()
(no arguments) -- provide a field name as an argument
- deps: array-flatten@2.1.1
- deps: path-is-absolute@1.0.1
- deps: router@~1.1.5
- deps: array-flatten@2.0.1
- deps: methods@~1.1.2
- deps: parseurl@~1.3.1
- deps: setprototypeof@1.0.2
4.14.1
- deps: content-disposition@0.5.2
- deps: finalhandler@0.5.1
- Fix exception when
err.headers
is not an object - deps: statuses@~1.3.1
- perf: hoist regular expressions
- perf: remove duplicate validation path
- Fix exception when
- deps: proxy-addr@~1.1.3
- deps: ipaddr.js@1.2.0
- deps: send@0.14.2
- deps: http-errors@~1.5.1
- deps: ms@0.7.2
- deps: statuses@~1.3.1
- deps: serve-static@~1.11.2
- deps: send@0.14.2
- deps: type-is@~1.6.14
- deps: mime-types@~2.1.13
4.14.0
- Add
acceptRanges
option tores.sendFile
/res.sendfile
- Add
cacheControl
option tores.sendFile
/res.sendfile
- Add
options
argument toreq.range
- Includes the
combine
option
- Includes the
- Encode URL in
res.location
/res.redirect
if not already encoded - Fix some redirect handling in
res.sendFile
/res.sendfile
- Fix Windows absolute path check using forward slashes
- Improve error with invalid arguments to
req.get()
- Improve performance for
res.json
/res.jsonp
in most cases - Improve
Range
header handling inres.sendFile
/res.sendfile
- deps: accepts@~1.3.3
- Fix including type extensions in parameters in
Accept
parsing - Fix parsing
Accept
parameters with quoted equals - Fix parsing
Accept
parameters with quoted semicolons - Many performance improvments
- deps: mime-types@~2.1.11
- deps: negotiator@0.6.1
- Fix including type extensions in parameters in
- deps: content-type@~1.0.2
- perf: enable strict mode
- deps: cookie@0.3.1
- Add
sameSite
option - Fix cookie
Max-Age
to never be a floating point number - Improve error message when
encode
is not a function - Improve error message when
expires
is not aDate
- Throw better error for invalid argument to parse
- Throw on invalid values provided to
serialize
- perf: enable strict mode
- perf: hoist regular expression
- perf: use for loop in parse
- perf: use string concatination for serialization
- Add
- deps: finalhandler@0.5.0
- Change invalid or non-numeric status code to 500
- Overwrite status message to match set status code
- Prefer
err.statusCode
iferr.status
is invalid - Set response headers from
err.headers
object - Use
statuses
instead ofhttp
module for status messages
- deps: proxy-addr@~1.1.2
- Fix accepting various invalid netmasks
- Fix IPv6-mapped IPv4 validation edge cases
- IPv4 netmasks must be contingous
- IPv6 addresses cannot be used as a netmask
- deps: ipaddr.js@1.1.1
- deps: qs@6.2.0
- Add
decoder
option inparse
function
- Add
- deps: range-parser@~1.2.0
- Add
combine
option to combine overlapping ranges - Fix incorrectly returning -1 when there is at least one valid range
- perf: remove internal function
- Add
- deps: send@0.14.1
- Add
acceptRanges
option - Add
cacheControl
option - Attempt to combine multiple ranges into single range
- Correctly inherit from
Stream
class - Fix
Content-Range
header in 416 responses when usingstart
/end
options - Fix
Content-Range
header missing from default 416 responses - Fix redirect error when
path
contains raw non-URL characters - Fix redirect when
path
starts with multiple forward slashes - Ignore non-byte
Range
headers - deps: http-errors@~1.5.0
- deps: range-parser@~1.2.0
- deps: statuses@~1.3.0
- perf: remove argument reassignment
- Add
- deps: serve-static@~1.11.1
- Add
acceptRanges
option - Add
cacheControl
option - Attempt to combine multiple ranges into single range
- Fix redirect error when
req.url
contains raw non-URL characters - Ignore non-byte
Range
headers - Use status code 301 for redirects
- deps: send@0.14.1
- Add
- deps: type-is@~1.6.13
- Fix type error when given invalid type to match against
- deps: mime-types@~2.1.11
- deps: vary@~1.1.0
- Only accept valid field names in the
field
argument
- Only accept valid field names in the
- perf: use strict equality when possible
4.13.4
- deps: content-disposition@0.5.1
- perf: enable strict mode
- deps: cookie@0.1.5
- Throw on invalid values provided to
serialize
- Throw on invalid values provided to
- deps: depd@~1.1.0
- Support web browser loading
- perf: enable strict mode
- deps: escape-html@~1.0.3
- perf: enable strict mode
- perf: optimize string replacement
- perf: use faster string coercion
- deps: finalhandler@0.4.1
- deps: escape-html@~1.0.3
- deps: merge-descriptors@1.0.1
- perf: enable strict mode
- deps: methods@~1.1.2
- perf: enable strict mode
- deps: parseurl@~1.3.1
- perf: enable strict mode
- deps: proxy-addr@~1.0.10
- deps: ipaddr.js@1.0.5
- perf: enable strict mode
- deps: range-parser@~1.0.3
- perf: enable strict mode
- deps: send@0.13.1
- deps: depd@~1.1.0
- deps: destroy@~1.0.4
- deps: escape-html@~1.0.3
- deps: range-parser@~1.0.3
- deps: serve-static@~1.10.2
- deps: escape-html@~1.0.3
- deps: parseurl@~1.3.0
- deps: send@0.13.1