Socket
Socket
Sign inDemoInstall

express

Package Overview
Dependencies
62
Maintainers
3
Versions
276
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 4.17.3 to 4.18.0

19

lib/application.js

@@ -32,2 +32,9 @@ /*!

var setPrototypeOf = require('setprototypeof')
/**
* Module variables.
* @private
*/
var hasOwnProperty = Object.prototype.hasOwnProperty
var slice = Array.prototype.slice;

@@ -356,3 +363,13 @@

// app.get(setting)
return this.settings[setting];
var settings = this.settings
while (settings && settings !== Object.prototype) {
if (hasOwnProperty.call(settings, setting)) {
return settings[setting]
}
settings = Object.getPrototypeOf(settings)
}
return undefined
}

@@ -359,0 +376,0 @@

58

lib/response.js

@@ -17,2 +17,3 @@ /*!

var contentDisposition = require('content-disposition');
var createError = require('http-errors')
var deprecate = require('depd')('express');

@@ -68,2 +69,5 @@ var encodeUrl = require('encodeurl');

res.status = function status(code) {
if ((typeof code === 'string' || Math.floor(code) !== code) && code > 99 && code < 1000) {
deprecate('res.status(' + JSON.stringify(code) + '): use res.status(' + Math.floor(code) + ') instead')
}
this.statusCode = code;

@@ -140,3 +144,3 @@ return this;

this.statusCode = chunk;
chunk = statuses[chunk]
chunk = statuses.message[chunk]
}

@@ -219,2 +223,9 @@

// alter headers for 205
if (this.statusCode === 205) {
this.set('Content-Length', '0')
this.removeHeader('Transfer-Encoding')
chunk = ''
}
if (req.method === 'HEAD') {

@@ -363,3 +374,3 @@ // skip body for HEAD

res.sendStatus = function sendStatus(statusCode) {
var body = statuses[statusCode] || String(statusCode)
var body = statuses.message[statusCode] || String(statusCode)

@@ -559,2 +570,9 @@ this.statusCode = statusCode;

// support optional filename, where options may be in it's place
if (typeof filename === 'object' &&
(typeof options === 'function' || options === undefined)) {
name = null
opts = filename
}
// set Content-Disposition when file is sent

@@ -581,3 +599,5 @@ var headers = {

// Resolve the full path for sendFile
var fullPath = resolve(path);
var fullPath = !opts.root
? resolve(path)
: path

@@ -675,5 +695,4 @@ // send file

var fn = obj.default;
if (fn) delete obj.default;
var keys = Object.keys(obj);
var keys = Object.keys(obj)
.filter(function (v) { return v !== 'default' })

@@ -689,9 +708,8 @@ var key = keys.length > 0

obj[key](req, this, next);
} else if (fn) {
fn();
} else if (obj.default) {
obj.default(req, this, next)
} else {
var err = new Error('Not Acceptable');
err.status = err.statusCode = 406;
err.types = normalizeTypes(keys).map(function(o){ return o.value });
next(err);
next(createError(406, {
types: normalizeTypes(keys).map(function (o) { return o.value })
}))
}

@@ -862,5 +880,9 @@

if ('maxAge' in opts) {
opts.expires = new Date(Date.now() + opts.maxAge);
opts.maxAge /= 1000;
if (opts.maxAge != null) {
var maxAge = opts.maxAge - 0
if (!isNaN(maxAge)) {
opts.expires = new Date(Date.now() + maxAge)
opts.maxAge = Math.floor(maxAge / 1000)
}
}

@@ -946,3 +968,3 @@

text: function(){
body = statuses[status] + '. Redirecting to ' + address
body = statuses.message[status] + '. Redirecting to ' + address
},

@@ -952,3 +974,3 @@

var u = escapeHtml(address);
body = '<p>' + statuses[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>'
body = '<p>' + statuses.message[status] + '. Redirecting to <a href="' + u + '">' + u + '</a></p>'
},

@@ -1128,3 +1150,3 @@

* @param {*} value
* @param {function} replaces
* @param {function} replacer
* @param {number} spaces

@@ -1131,0 +1153,0 @@ * @param {boolean} escape

25

lib/router/index.js

@@ -111,4 +111,4 @@ /*!

if (name[0] === ':') {
deprecate('router.param(' + JSON.stringify(name) + ', fn): Use router.param(' + JSON.stringify(name.substr(1)) + ', fn) instead');
name = name.substr(1);
deprecate('router.param(' + JSON.stringify(name) + ', fn): Use router.param(' + JSON.stringify(name.slice(1)) + ', fn) instead')
name = name.slice(1)
}

@@ -146,2 +146,3 @@

var slashAdded = false;
var sync = 0
var paramcalled = {};

@@ -185,3 +186,3 @@

if (slashAdded) {
req.url = req.url.substr(1);
req.url = req.url.slice(1)
slashAdded = false;

@@ -193,3 +194,3 @@ }

req.baseUrl = parentUrl;
req.url = protohost + removed + req.url.substr(protohost.length);
req.url = protohost + removed + req.url.slice(protohost.length)
removed = '';

@@ -210,2 +211,7 @@ }

// max sync stack
if (++sync > 100) {
return setImmediate(next, err)
}
// get pathname of request

@@ -259,3 +265,2 @@ var path = getPathname(req);

match = false;
continue;
}

@@ -297,3 +302,3 @@ }

// Validate path is a prefix match
if (layerPath !== path.substr(0, layerPath.length)) {
if (layerPath !== path.slice(0, layerPath.length)) {
next(layerError)

@@ -311,3 +316,3 @@ return

removed = layerPath;
req.url = protohost + req.url.substr(protohost.length + removed.length);
req.url = protohost + req.url.slice(protohost.length + removed.length)

@@ -333,2 +338,4 @@ // Ensure leading slash

}
sync = 0
}

@@ -559,6 +566,6 @@ };

: url.length
var fqdnIndex = url.substr(0, pathLength).indexOf('://')
var fqdnIndex = url.slice(0, pathLength).indexOf('://')
return fqdnIndex !== -1
? url.substr(0, url.indexOf('/', 3 + fqdnIndex))
? url.substring(0, url.indexOf('/', 3 + fqdnIndex))
: undefined

@@ -565,0 +572,0 @@ }

9

lib/router/route.js

@@ -101,2 +101,4 @@ /*!

var stack = this.stack;
var sync = 0
if (stack.length === 0) {

@@ -131,2 +133,7 @@ return done();

// max sync stack
if (++sync > 100) {
return setImmediate(next, err)
}
if (layer.method && layer.method !== method) {

@@ -141,2 +148,4 @@ return next(err);

}
sync = 0
}

@@ -143,0 +152,0 @@ };

1

lib/utils.js

@@ -123,2 +123,3 @@ /*!

* @param {String} str
* @param {Number} index
* @return {Object}

@@ -125,0 +126,0 @@ * @api private

2

lib/view.js

@@ -77,3 +77,3 @@ /*!

// load engine
var mod = this.ext.substr(1)
var mod = this.ext.slice(1)
debug('require "%s"', mod)

@@ -80,0 +80,0 @@

25

package.json
{
"name": "express",
"description": "Fast, unopinionated, minimalist web framework",
"version": "4.17.3",
"version": "4.18.0",
"author": "TJ Holowaychuk <tj@vision-media.ca>",

@@ -33,27 +33,28 @@ "contributors": [

"array-flatten": "1.1.1",
"body-parser": "1.19.2",
"body-parser": "1.20.0",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
"cookie": "0.4.2",
"cookie": "0.5.0",
"cookie-signature": "1.0.6",
"debug": "2.6.9",
"depd": "~1.1.2",
"depd": "2.0.0",
"encodeurl": "~1.0.2",
"escape-html": "~1.0.3",
"etag": "~1.8.1",
"finalhandler": "~1.1.2",
"finalhandler": "1.2.0",
"fresh": "0.5.2",
"http-errors": "2.0.0",
"merge-descriptors": "1.0.1",
"methods": "~1.1.2",
"on-finished": "~2.3.0",
"on-finished": "2.4.1",
"parseurl": "~1.3.3",
"path-to-regexp": "0.1.7",
"proxy-addr": "~2.0.7",
"qs": "6.9.7",
"qs": "6.10.3",
"range-parser": "~1.2.1",
"safe-buffer": "5.2.1",
"send": "0.17.2",
"serve-static": "1.14.2",
"send": "0.18.0",
"serve-static": "1.15.0",
"setprototypeof": "1.2.0",
"statuses": "~1.5.0",
"statuses": "2.0.1",
"type-is": "~1.6.18",

@@ -74,3 +75,3 @@ "utils-merge": "1.0.1",

"method-override": "3.0.0",
"mocha": "9.2.0",
"mocha": "9.2.1",
"morgan": "1.10.0",

@@ -80,4 +81,2 @@ "multiparty": "4.2.3",

"pbkdf2-password": "1.2.1",
"resolve-path": "1.4.0",
"should": "13.2.3",
"supertest": "6.2.2",

@@ -84,0 +83,0 @@ "vhost": "~3.0.2"

70

Readme.md

@@ -5,7 +5,5 @@ [![Express Logo](https://i.cloudup.com/zfY6lL7eFa-3000x3000.png)](http://expressjs.com/)

[![NPM Version][npm-image]][npm-url]
[![NPM Downloads][downloads-image]][downloads-url]
[![Linux Build][ci-image]][ci-url]
[![Windows Build][appveyor-image]][appveyor-url]
[![Test Coverage][coveralls-image]][coveralls-url]
[![NPM Version][npm-version-image]][npm-url]
[![NPM Install Size][npm-install-size-image]][npm-install-size-url]
[![NPM Downloads][npm-downloads-image]][npm-downloads-url]

@@ -37,3 +35,3 @@ ```js

```bash
```console
$ npm install express

@@ -66,6 +64,2 @@ ```

### Security Issues
If you discover a security vulnerability in Express, please see [Security Policies and Procedures](Security.md).
## Quick Start

@@ -77,3 +71,3 @@

```bash
```console
$ npm install -g express-generator@4

@@ -84,3 +78,3 @@ ```

```bash
```console
$ express /tmp/foo && cd /tmp/foo

@@ -91,3 +85,3 @@ ```

```bash
```console
$ npm install

@@ -98,3 +92,3 @@ ```

```bash
```console
$ npm start

@@ -119,3 +113,3 @@ ```

```bash
```console
$ git clone git://github.com/expressjs/express.git --depth 1

@@ -128,11 +122,27 @@ $ cd express

```bash
```console
$ node examples/content-negotiation
```
## Tests
## Contributing
To run the test suite, first install the dependencies, then run `npm test`:
[![Linux Build][github-actions-ci-image]][github-actions-ci-url]
[![Windows Build][appveyor-image]][appveyor-url]
[![Test Coverage][coveralls-image]][coveralls-url]
```bash
The Express.js project welcomes all constructive contributions. Contributions take many forms,
from code for bug fixes and enhancements, to additions and fixes to documentation, additional
tests, triaging incoming pull requests and issues, and more!
See the [Contributing Guide](Contributing.md) for more technical details on contributing.
### Security Issues
If you discover a security vulnerability in Express, please see [Security Policies and Procedures](Security.md).
### Running Tests
To run the test suite, first install the dependencies, then run `npm test`:
```console
$ npm install

@@ -142,6 +152,2 @@ $ npm test

## Contributing
[Contributing Guide](Contributing.md)
## People

@@ -159,11 +165,13 @@

[ci-image]: https://img.shields.io/github/workflow/status/expressjs/express/ci/master.svg?label=linux
[ci-url]: https://github.com/expressjs/express/actions?query=workflow%3Aci
[npm-image]: https://img.shields.io/npm/v/express.svg
[npm-url]: https://npmjs.org/package/express
[downloads-image]: https://img.shields.io/npm/dm/express.svg
[downloads-url]: https://npmcharts.com/compare/express?minimal=true
[appveyor-image]: https://img.shields.io/appveyor/ci/dougwilson/express/master.svg?label=windows
[appveyor-image]: https://badgen.net/appveyor/ci/dougwilson/express/master?label=windows
[appveyor-url]: https://ci.appveyor.com/project/dougwilson/express
[coveralls-image]: https://img.shields.io/coveralls/expressjs/express/master.svg
[coveralls-image]: https://badgen.net/coveralls/c/github/expressjs/express/master
[coveralls-url]: https://coveralls.io/r/expressjs/express?branch=master
[github-actions-ci-image]: https://badgen.net/github/checks/expressjs/express/master?label=linux
[github-actions-ci-url]: https://github.com/expressjs/express/actions/workflows/ci.yml
[npm-downloads-image]: https://badgen.net/npm/dm/express
[npm-downloads-url]: https://npmcharts.com/compare/express?minimal=true
[npm-install-size-image]: https://badgen.net/packagephobia/install/express
[npm-install-size-url]: https://packagephobia.com/result?p=express
[npm-url]: https://npmjs.org/package/express
[npm-version-image]: https://badgen.net/npm/v/express
History.md

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc