Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump express from 4.18.2 to 4.19.2 - autoclosed #374

Closed
wants to merge 1 commit into from

Conversation

renovate-pagopa[bot]
Copy link

@renovate-pagopa renovate-pagopa bot commented Apr 16, 2024

This PR contains the following updates:

Package Type Update Change
express (source) dependencies minor 4.18.2 -> 4.19.2

For further information on security, please refer to the Confluence page link


Release Notes

expressjs/express (express)

v4.19.2

Compare Source

==========

  • Improved fix for open redirect allow list bypass

v4.19.1

Compare Source

==========

  • Allow passing non-strings to res.location with new encoding handling checks

v4.19.0

Compare Source

==========

  • Prevent open redirect allow list bypass due to encodeurl
  • deps: cookie@0.6.0

v4.18.3

Compare Source

==========

  • Fix routing requests without method
  • deps: body-parser@1.20.2
    • Fix strict json error message on Node.js 19+
    • deps: content-type@~1.0.5
    • deps: raw-body@2.5.2
  • deps: cookie@0.6.0
    • Add partitioned option

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@renovate-pagopa renovate-pagopa bot requested a review from a team as a code owner April 16, 2024 07:12
@renovate-pagopa renovate-pagopa bot added the OER label Apr 16, 2024
Copy link

Jira Pull request Link

It seems this Pull Request has no issues that refers to Jira!!!
Please check it out.

Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@renovate-pagopa renovate-pagopa bot changed the title Bump express from 4.18.2 to 4.19.2 Bump express from 4.18.2 to 4.19.2 - autoclosed Sep 18, 2024
@renovate-pagopa renovate-pagopa bot closed this Sep 18, 2024
@renovate-pagopa renovate-pagopa bot deleted the renovate/express-to-4.19.2 branch September 18, 2024 05:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants