body-parser
Advanced tools
Comparing version 1.19.2 to 1.20.0
@@ -0,1 +1,19 @@ | ||
1.20.0 / 2022-04-02 | ||
=================== | ||
* Fix error message for json parse whitespace in `strict` | ||
* Fix internal error when inflated body exceeds limit | ||
* Prevent loss of async hooks context | ||
* Prevent hanging when request already read | ||
* deps: depd@2.0.0 | ||
- Replace internal `eval` usage with `Function` constructor | ||
- Use instance methods on `process` to check for listeners | ||
* deps: http-errors@2.0.0 | ||
- deps: depd@2.0.0 | ||
- deps: statuses@2.0.1 | ||
* deps: on-finished@2.4.1 | ||
* deps: qs@6.10.3 | ||
* deps: raw-body@2.5.1 | ||
- deps: http-errors@2.0.0 | ||
1.19.2 / 2022-02-15 | ||
@@ -2,0 +20,0 @@ =================== |
@@ -15,5 +15,7 @@ /*! | ||
var createError = require('http-errors') | ||
var destroy = require('destroy') | ||
var getBody = require('raw-body') | ||
var iconv = require('iconv-lite') | ||
var onFinished = require('on-finished') | ||
var unpipe = require('unpipe') | ||
var zlib = require('zlib') | ||
@@ -93,5 +95,10 @@ | ||
// unpipe from stream and destroy | ||
if (stream !== req) { | ||
unpipe(req) | ||
destroy(stream, true) | ||
} | ||
// read off entire request | ||
stream.resume() | ||
onFinished(req, function onfinished () { | ||
dump(req, function onfinished () { | ||
next(createError(400, _error)) | ||
@@ -184,1 +191,18 @@ }) | ||
} | ||
/** | ||
* Dump the contents of a request. | ||
* | ||
* @param {object} req | ||
* @param {function} callback | ||
* @api private | ||
*/ | ||
function dump (req, callback) { | ||
if (onFinished.isFinished(req)) { | ||
callback(null) | ||
} else { | ||
onFinished(req, callback) | ||
req.resume() | ||
} | ||
} |
@@ -40,3 +40,3 @@ /*! | ||
var FIRST_CHAR_REGEXP = /^[\x20\x09\x0a\x0d]*(.)/ // eslint-disable-line no-control-regex | ||
var FIRST_CHAR_REGEXP = /^[\x20\x09\x0a\x0d]*([^\x20\x09\x0a\x0d])/ // eslint-disable-line no-control-regex | ||
@@ -126,3 +126,3 @@ /** | ||
var charset = getCharset(req) || 'utf-8' | ||
if (charset.substr(0, 4) !== 'utf-') { | ||
if (charset.slice(0, 4) !== 'utf-') { | ||
debug('invalid charset') | ||
@@ -157,3 +157,5 @@ next(createError(415, 'unsupported charset "' + charset.toUpperCase() + '"', { | ||
var index = str.indexOf(char) | ||
var partial = str.substring(0, index) + '#' | ||
var partial = index !== -1 | ||
? str.substring(0, index) + '#' | ||
: '' | ||
@@ -179,3 +181,7 @@ try { | ||
function firstchar (str) { | ||
return FIRST_CHAR_REGEXP.exec(str)[1] | ||
var match = FIRST_CHAR_REGEXP.exec(str) | ||
return match | ||
? match[1] | ||
: undefined | ||
} | ||
@@ -182,0 +188,0 @@ |
{ | ||
"name": "body-parser", | ||
"description": "Node.js body parsing middleware", | ||
"version": "1.19.2", | ||
"version": "1.20.0", | ||
"contributors": [ | ||
@@ -15,9 +15,11 @@ "Douglas Christopher Wilson <doug@somethingdoug.com>", | ||
"debug": "2.6.9", | ||
"depd": "~1.1.2", | ||
"http-errors": "1.8.1", | ||
"depd": "2.0.0", | ||
"destroy": "1.2.0", | ||
"http-errors": "2.0.0", | ||
"iconv-lite": "0.4.24", | ||
"on-finished": "~2.3.0", | ||
"qs": "6.9.7", | ||
"raw-body": "2.4.3", | ||
"type-is": "~1.6.18" | ||
"on-finished": "2.4.1", | ||
"qs": "6.10.3", | ||
"raw-body": "2.5.1", | ||
"type-is": "~1.6.18", | ||
"unpipe": "1.0.0" | ||
}, | ||
@@ -33,3 +35,3 @@ "devDependencies": { | ||
"methods": "1.1.2", | ||
"mocha": "9.2.0", | ||
"mocha": "9.2.2", | ||
"nyc": "15.1.0", | ||
@@ -43,6 +45,8 @@ "safe-buffer": "5.2.1", | ||
"HISTORY.md", | ||
"SECURITY.md", | ||
"index.js" | ||
], | ||
"engines": { | ||
"node": ">= 0.8" | ||
"node": ">= 0.8", | ||
"npm": "1.2.8000 || >= 1.4.16" | ||
}, | ||
@@ -49,0 +53,0 @@ "scripts": { |
@@ -345,2 +345,10 @@ # body-parser | ||
### stream is not readable | ||
This error will occur when the request is no longer readable when this middleware | ||
attempts to read it. This typically means something other than a middleware from | ||
this module read the reqest body already and the middleware was also configured to | ||
read the same request. The `status` property is set to `500` and the `type` | ||
property is set to `'stream.not.readable'`. | ||
### too many parameters | ||
@@ -457,2 +465,2 @@ | ||
[github-actions-ci-image]: https://img.shields.io/github/workflow/status/expressjs/body-parser/ci/master?label=ci | ||
[github-actions-ci-url]: https://github.com/expressjs/body-parser?query=workflow%3Aci | ||
[github-actions-ci-url]: https://github.com/expressjs/body-parser/actions/workflows/ci.yml |
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
60183
11
918
465
12
+ Addeddestroy@1.2.0
+ Addedunpipe@1.0.0
+ Addedcall-bind@1.0.7(transitive)
+ Addeddefine-data-property@1.1.4(transitive)
+ Addeddepd@2.0.0(transitive)
+ Addeddestroy@1.2.0(transitive)
+ Addedes-define-property@1.0.0(transitive)
+ Addedes-errors@1.3.0(transitive)
+ Addedfunction-bind@1.1.2(transitive)
+ Addedget-intrinsic@1.2.4(transitive)
+ Addedgopd@1.0.1(transitive)
+ Addedhas-property-descriptors@1.0.2(transitive)
+ Addedhas-proto@1.0.3(transitive)
+ Addedhas-symbols@1.0.3(transitive)
+ Addedhasown@2.0.2(transitive)
+ Addedhttp-errors@2.0.0(transitive)
+ Addedobject-inspect@1.13.2(transitive)
+ Addedon-finished@2.4.1(transitive)
+ Addedqs@6.10.3(transitive)
+ Addedraw-body@2.5.1(transitive)
+ Addedset-function-length@1.2.2(transitive)
+ Addedside-channel@1.0.6(transitive)
+ Addedstatuses@2.0.1(transitive)
- Removeddepd@1.1.2(transitive)
- Removedhttp-errors@1.8.1(transitive)
- Removedon-finished@2.3.0(transitive)
- Removedqs@6.9.7(transitive)
- Removedraw-body@2.4.3(transitive)
- Removedstatuses@1.5.0(transitive)
Updateddepd@2.0.0
Updatedhttp-errors@2.0.0
Updatedon-finished@2.4.1
Updatedqs@6.10.3
Updatedraw-body@2.5.1