Socket
Socket
Sign inDemoInstall

express

Package Overview
Dependencies
41
Maintainers
4
Versions
276
Alerts
File Explorer

Advanced tools

npm Scripts
License

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 4.13.4 to 4.14.0

11

lib/middleware/query.js

@@ -33,10 +33,5 @@ /*!

if (opts !== undefined) {
if (opts.allowDots === undefined) {
opts.allowDots = false;
}
if (opts.allowPrototypes === undefined) {
opts.allowPrototypes = true;
}
if (opts !== undefined && opts.allowPrototypes === undefined) {
// back-compat for qs module
opts.allowPrototypes = true;
}

@@ -43,0 +38,0 @@

49

lib/request.js

@@ -60,2 +60,10 @@ /*!

req.header = function header(name) {
if (!name) {
throw new TypeError('name argument is required to req.get');
}
if (typeof name !== 'string') {
throw new TypeError('name must be a string to req.get');
}
var lc = name.toLowerCase();

@@ -175,25 +183,30 @@

/**
* Parse Range header field,
* capping to the given `size`.
* Parse Range header field, capping to the given `size`.
*
* Unspecified ranges such as "0-" require
* knowledge of your resource length. In
* the case of a byte range this is of course
* the total number of bytes. If the Range
* header field is not given `null` is returned,
* `-1` when unsatisfiable, `-2` when syntactically invalid.
* Unspecified ranges such as "0-" require knowledge of your resource length. In
* the case of a byte range this is of course the total number of bytes. If the
* Range header field is not given `undefined` is returned, `-1` when unsatisfiable,
* and `-2` when syntactically invalid.
*
* NOTE: remember that ranges are inclusive, so
* for example "Range: users=0-3" should respond
* with 4 users when available, not 3.
* When ranges are returned, the array has a "type" property which is the type of
* range that is required (most commonly, "bytes"). Each array element is an object
* with a "start" and "end" property for the portion of the range.
*
* @param {Number} size
* @return {Array}
* The "combine" option can be set to `true` and overlapping & adjacent ranges
* will be combined into a single range.
*
* NOTE: remember that ranges are inclusive, so for example "Range: users=0-3"
* should respond with 4 users when available, not 3.
*
* @param {number} size
* @param {object} [options]
* @param {boolean} [options.combine=false]
* @return {number|array}
* @public
*/
req.range = function(size){
req.range = function range(size, options) {
var range = this.get('Range');
if (!range) return;
return parseRange(size, range);
return parseRange(size, range, options);
};

@@ -308,3 +321,3 @@

*
* req.protocol == 'https'
* req.protocol === 'https'
*

@@ -443,6 +456,6 @@ * @return {Boolean}

// GET or HEAD for weak freshness validation only
if ('GET' != method && 'HEAD' != method) return false;
if ('GET' !== method && 'HEAD' !== method) return false;
// 2xx or 304 as per rfc2616 14.26
if ((s >= 200 && s < 300) || 304 == s) {
if ((s >= 200 && s < 300) || 304 === s) {
return fresh(this.headers, (this.res._headers || {}));

@@ -449,0 +462,0 @@ }

30

lib/response.js

@@ -17,2 +17,3 @@ /*!

var deprecate = require('depd')('express');
var encodeUrl = require('encodeurl');
var escapeHtml = require('escape-html');

@@ -193,3 +194,3 @@ var http = require('http');

// strip irrelevant headers
if (204 == this.statusCode || 304 == this.statusCode) {
if (204 === this.statusCode || 304 === this.statusCode) {
this.removeHeader('Content-Type');

@@ -244,3 +245,3 @@ this.removeHeader('Content-Length');

var spaces = app.get('json spaces');
var body = JSON.stringify(val, replacer, spaces);
var body = stringify(val, replacer, spaces);

@@ -287,3 +288,3 @@ // content-type

var spaces = app.get('json spaces');
var body = JSON.stringify(val, replacer, spaces);
var body = stringify(val, replacer, spaces);
var callback = this.req.query[app.get('jsonp callback name')];

@@ -747,3 +748,3 @@

* @param {String} name
* @param {Object} options
* @param {Object} [options]
* @return {ServerResponse} for chaining

@@ -840,4 +841,3 @@ * @public

// set location
this.set('Location', loc);
return this;
return this.set('Location', encodeUrl(loc));
};

@@ -880,4 +880,3 @@

// Set location header
this.location(address);
address = this.get('Location');
address = this.location(address).get('Location');

@@ -887,3 +886,3 @@ // Support text/{plain,html} by default

text: function(){
body = statusCodes[status] + '. Redirecting to ' + encodeURI(address);
body = statusCodes[status] + '. Redirecting to ' + address;
},

@@ -1062,1 +1061,14 @@

}
/**
* Stringify JSON, like JSON.stringify, but v8 optimized.
* @private
*/
function stringify(value, replacer, spaces) {
// v8 checks arguments.length for optimizing simple call
// https://bugs.chromium.org/p/v8/issues/detail?id=4730
return replacer || spaces
? JSON.stringify(value, replacer, spaces)
: JSON.stringify(value);
}

2

lib/router/index.js

@@ -122,3 +122,3 @@ /*!

// middleware function
if ('function' != typeof fn) {
if ('function' !== typeof fn) {
throw new Error('invalid param() call for ' + name + ', got ' + fn);

@@ -125,0 +125,0 @@ }

9

lib/utils.js

@@ -69,5 +69,5 @@ /*!

exports.isAbsolute = function(path){
if ('/' == path[0]) return true;
if (':' == path[1] && '\\' == path[2]) return true;
if ('\\\\' == path.substring(0, 2)) return true; // Microsoft Azure absolute path
if ('/' === path[0]) return true;
if (':' === path[1] && ('\\' === path[2] || '/' === path[2])) return true; // Windows device path
if ('\\\\' === path.substring(0, 2)) return true; // Microsoft Azure absolute path
};

@@ -146,3 +146,3 @@

var pms = parts[i].split(/ *= */);
if ('q' == pms[0]) {
if ('q' === pms[0]) {
ret.quality = parseFloat(pms[1]);

@@ -288,3 +288,2 @@ } else {

return qs.parse(str, {
allowDots: false,
allowPrototypes: true

@@ -291,0 +290,0 @@ });

46

package.json
{
"name": "express",
"description": "Fast, unopinionated, minimalist web framework",
"version": "4.13.4",
"version": "4.14.0",
"author": "TJ Holowaychuk <tj@vision-media.ca>",

@@ -17,2 +17,3 @@ "contributors": [

"repository": "expressjs/express",
"homepage": "http://expressjs.com/",
"keywords": [

@@ -30,13 +31,14 @@ "express",

"dependencies": {
"accepts": "~1.2.12",
"accepts": "~1.3.3",
"array-flatten": "1.1.1",
"content-disposition": "0.5.1",
"content-type": "~1.0.1",
"cookie": "0.1.5",
"content-type": "~1.0.2",
"cookie": "0.3.1",
"cookie-signature": "1.0.6",
"debug": "~2.2.0",
"depd": "~1.1.0",
"encodeurl": "~1.0.1",
"escape-html": "~1.0.3",
"etag": "~1.7.0",
"finalhandler": "0.4.1",
"finalhandler": "0.5.0",
"fresh": "0.3.0",

@@ -48,29 +50,29 @@ "merge-descriptors": "1.0.1",

"path-to-regexp": "0.1.7",
"proxy-addr": "~1.0.10",
"qs": "4.0.0",
"range-parser": "~1.0.3",
"send": "0.13.1",
"serve-static": "~1.10.2",
"type-is": "~1.6.6",
"proxy-addr": "~1.1.2",
"qs": "6.2.0",
"range-parser": "~1.2.0",
"send": "0.14.1",
"serve-static": "~1.11.1",
"type-is": "~1.6.13",
"utils-merge": "1.0.0",
"vary": "~1.0.1"
"vary": "~1.1.0"
},
"devDependencies": {
"after": "0.8.1",
"ejs": "2.3.4",
"istanbul": "0.4.2",
"body-parser": "~1.15.1",
"cookie-parser": "~1.4.3",
"ejs": "2.4.2",
"istanbul": "0.4.3",
"marked": "0.3.5",
"mocha": "2.3.4",
"should": "7.1.1",
"supertest": "1.1.0",
"body-parser": "~1.14.2",
"method-override": "~2.3.6",
"mocha": "2.5.3",
"morgan": "~1.7.0",
"should": "9.0.2",
"supertest": "1.2.0",
"connect-redis": "~2.4.1",
"cookie-parser": "~1.4.1",
"cookie-session": "~1.2.0",
"express-session": "~1.13.0",
"jade": "~1.11.0",
"method-override": "~2.3.5",
"morgan": "~1.6.1",
"multiparty": "~4.1.2",
"vhost": "~3.0.1"
"vhost": "~3.0.2"
},

@@ -77,0 +79,0 @@ "engines": {

4

Readme.md

@@ -40,4 +40,6 @@ [![Express Logo](https://i.cloudup.com/zfY6lL7eFa-3000x3000.png)](http://expressjs.com/)

* [Website and Documentation](http://expressjs.com/) - [[website repo](https://github.com/strongloop/expressjs.com)]
* [#express](https://webchat.freenode.net/?channels=express) on freenode IRC
* [Github Organization](https://github.com/expressjs) for Official Middleware & Modules
* Visit the [Wiki](https://github.com/expressjs/express/wiki)
* [Google Group](https://groups.google.com/group/express-js) for discussion

@@ -47,2 +49,4 @@ * [Gitter](https://gitter.im/expressjs/express) for support and discussion

**PROTIP** Be sure to read [Migrating from 3.x to 4.x](https://github.com/expressjs/express/wiki/Migrating-from-3.x-to-4.x) as well as [New features in 4.x](https://github.com/expressjs/express/wiki/New-features-in-4.x).
###Security Issues

@@ -49,0 +53,0 @@ 

History.md

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc