Socket
Socket
Sign inDemoInstall

express

Package Overview
Dependencies
49
Maintainers
3
Versions
276
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

Comparing version 5.0.0-alpha.8 to 5.0.0-beta.1

6

lib/application.js

@@ -24,3 +24,3 @@ /*!

var compileTrust = require('./utils').compileTrust;
var flatten = require('array-flatten');
var flatten = require('array-flatten').flatten
var merge = require('utils-merge');

@@ -93,3 +93,3 @@ var resolve = require('path').resolve;

this.set('env', env);
this.set('query parser', 'extended');
this.set('query parser', 'simple')
this.set('subdomain offset', 2);

@@ -277,3 +277,3 @@ this.set('trust proxy', false);

* though note that it aliases this method as `ejs.__express` internally
* so if you're using ".ejs" extensions you dont need to do anything.
* so if you're using ".ejs" extensions you don't need to do anything.
*

@@ -280,0 +280,0 @@ * Some template engines do not follow this convention, the

2

lib/request.js

@@ -233,3 +233,3 @@ /*!

* Check if the incoming request contains the "Content-Type"
* header field, and it contains the give mime `type`.
* header field, and it contains the given mime `type`.
*

@@ -236,0 +236,0 @@ * Examples:

44

lib/response.js

@@ -21,2 +21,3 @@ /*!

var onFinished = require('on-finished');
var mime = require('mime-types')
var path = require('path');

@@ -33,3 +34,2 @@ var pathIsAbsolute = require('path-is-absolute');

var extname = path.extname;
var mime = send.mime;
var resolve = path.resolve;

@@ -53,9 +53,2 @@ var vary = require('vary');

/**
* Module variables.
* @private
*/
var charsetRegExp = /;\s*charset\s*=/;
/**
* Set status `code`.

@@ -272,6 +265,11 @@ *

// replace chars not allowed in JavaScript that are in JSON
body = body
.replace(/\u2028/g, '\\u2028')
.replace(/\u2029/g, '\\u2029');
if (body === undefined) {
// empty argument
body = ''
} else if (typeof body === 'string') {
// replace chars not allowed in JavaScript that are in JSON
body = body
.replace(/\u2028/g, '\\u2028')
.replace(/\u2029/g, '\\u2029')
}

@@ -315,3 +313,3 @@ // the /**/ is a specific security mitigation for "Rosetta Flash JSONP abuse"

* The callback `callback(err)` is invoked when the transfer is complete
* or when an error occurs. Be sure to check `res.sentHeader`
* or when an error occurs. Be sure to check `res.headersSent`
* if you wish to attempt responding, as the header and some data

@@ -454,4 +452,6 @@ * may have already been transferred.

/**
* Set _Content-Type_ response header with `type` through `mime.lookup()`
* Set _Content-Type_ response header with `type` through `mime.contentType()`
* when it does not contain "/", or set the Content-Type to `type` otherwise.
* When no mapping is found though `mime.contentType()`, the type is set to
* "application/octet-stream".
*

@@ -474,3 +474,3 @@ * Examples:

var ct = type.indexOf('/') === -1
? mime.lookup(type)
? (mime.contentType(type) || 'application/octet-stream')
: type;

@@ -505,3 +505,3 @@

*
* 'appliation/json': function(){
* 'application/json': function () {
* res.send({ message: 'hey' });

@@ -609,3 +609,3 @@ * }

: Array.isArray(val) ? [prev].concat(val)
: [prev, val];
: [prev, val]
}

@@ -628,2 +628,5 @@

*
* When the set header is "Content-Type", the type is expanded to include
* the charset if not present using `mime.contentType()`.
*
* @param {String|Object} field

@@ -647,6 +650,3 @@ * @param {String|Array} val

}
if (!charsetRegExp.test(value)) {
var charset = mime.charsets.lookup(value.split(';')[0]);
if (charset) value += '; charset=' + charset.toLowerCase();
}
value = mime.contentType(value)
}

@@ -997,3 +997,3 @@

if (escape) {
if (escape && typeof json === 'string') {
json = json.replace(/[<>&]/g, function (c) {

@@ -1000,0 +1000,0 @@ switch (c.charCodeAt(0)) {

12

lib/utils.js

@@ -17,4 +17,4 @@ /*!

var contentType = require('content-type');
var mime = require('send').mime;
var etag = require('etag');
var mime = require('mime-types')
var proxyaddr = require('proxy-addr');

@@ -57,3 +57,3 @@ var qs = require('qs');

? acceptParams(type)
: { value: mime.lookup(type), params: {} };
: { value: (mime.lookup(type) || 'application/octet-stream'), params: {} }
};

@@ -122,2 +122,3 @@

case true:
case 'weak':
fn = exports.wetag;

@@ -130,5 +131,2 @@ break;

break;
case 'weak':
fn = exports.wetag;
break;
default:

@@ -158,2 +156,3 @@ throw new TypeError('unknown value for etag function: ' + val);

case true:
case 'simple':
fn = querystring.parse;

@@ -166,5 +165,2 @@ break;

break;
case 'simple':
fn = querystring.parse;
break;
default:

@@ -171,0 +167,0 @@ throw new TypeError('unknown value for query parser function: ' + val);

52

package.json
{
"name": "express",
"description": "Fast, unopinionated, minimalist web framework",
"version": "5.0.0-alpha.8",
"version": "5.0.0-beta.1",
"author": "TJ Holowaychuk <tj@vision-media.ca>",

@@ -23,2 +23,3 @@ "contributors": [

"web",
"http",
"rest",

@@ -32,7 +33,7 @@ "restful",

"accepts": "~1.3.7",
"array-flatten": "2.1.1",
"body-parser": "1.19.0",
"content-disposition": "0.5.3",
"array-flatten": "3.0.0",
"body-parser": "2.0.0-beta.1",
"content-disposition": "0.5.4",
"content-type": "~1.0.4",
"cookie": "0.4.0",
"cookie": "0.4.1",
"cookie-signature": "1.0.6",

@@ -48,13 +49,14 @@ "debug": "3.1.0",

"methods": "~1.1.2",
"mime-types": "~2.1.34",
"on-finished": "~2.3.0",
"parseurl": "~1.3.3",
"path-is-absolute": "1.0.1",
"proxy-addr": "~2.0.5",
"qs": "6.7.0",
"proxy-addr": "~2.0.7",
"qs": "6.9.6",
"range-parser": "~1.2.1",
"router": "2.0.0-alpha.1",
"safe-buffer": "5.1.2",
"send": "0.17.1",
"serve-static": "1.14.1",
"setprototypeof": "1.1.1",
"router": "2.0.0-beta.1",
"safe-buffer": "5.2.1",
"send": "1.0.0-beta.1",
"serve-static": "2.0.0-beta.1",
"setprototypeof": "1.2.0",
"statuses": "~1.5.0",

@@ -67,22 +69,22 @@ "type-is": "~1.6.18",

"after": "0.8.2",
"connect-redis": "3.4.1",
"cookie-parser": "~1.4.4",
"cookie-session": "1.3.3",
"ejs": "2.6.1",
"eslint": "2.13.1",
"express-session": "1.16.1",
"hbs": "4.0.4",
"connect-redis": "3.4.2",
"cookie-parser": "1.4.6",
"cookie-session": "2.0.0",
"ejs": "3.1.6",
"eslint": "7.32.0",
"express-session": "1.17.2",
"hbs": "4.2.0",
"istanbul": "0.4.5",
"marked": "0.6.2",
"marked": "0.7.0",
"method-override": "3.0.0",
"mocha": "5.2.0",
"morgan": "1.9.1",
"multiparty": "4.2.1",
"mocha": "9.1.3",
"morgan": "1.10.0",
"multiparty": "4.2.2",
"pbkdf2-password": "1.2.1",
"should": "13.2.3",
"supertest": "3.3.0",
"supertest": "6.1.6",
"vhost": "~3.0.2"
},
"engines": {
"node": ">= 0.10.0"
"node": ">= 4"
},

@@ -89,0 +91,0 @@ "files": [

13

Readme.md

@@ -7,3 +7,3 @@ [![Express Logo](https://i.cloudup.com/zfY6lL7eFa-3000x3000.png)](http://expressjs.com/)

[![NPM Downloads][downloads-image]][downloads-url]
[![Linux Build][travis-image]][travis-url]
[![Linux Build][ci-image]][ci-url]
[![Windows Build][appveyor-image]][appveyor-url]

@@ -31,2 +31,5 @@ [![Test Coverage][coveralls-image]][coveralls-url]

If this is a brand new project, make sure to create a `package.json` first with
the [`npm init` command](https://docs.npmjs.com/creating-a-package-json-file).
Installation is done using the

@@ -100,3 +103,3 @@ [`npm install` command](https://docs.npmjs.com/getting-started/installing-npm-packages-locally):

The Express philosophy is to provide small, robust tooling for HTTP servers, making
it a great solution for single page applications, web sites, hybrids, or public
it a great solution for single page applications, websites, hybrids, or public
HTTP APIs.

@@ -149,8 +152,8 @@

[ci-image]: https://img.shields.io/github/workflow/status/expressjs/express/ci/master.svg?label=linux
[ci-url]: https://github.com/expressjs/express/actions?query=workflow%3Aci
[npm-image]: https://img.shields.io/npm/v/express.svg
[npm-url]: https://npmjs.org/package/express
[downloads-image]: https://img.shields.io/npm/dm/express.svg
[downloads-url]: https://npmjs.org/package/express
[travis-image]: https://img.shields.io/travis/expressjs/express/master.svg?label=linux
[travis-url]: https://travis-ci.org/expressjs/express
[downloads-url]: https://npmcharts.com/compare/express?minimal=true
[appveyor-image]: https://img.shields.io/appveyor/ci/dougwilson/express/master.svg?label=windows

@@ -157,0 +160,0 @@ [appveyor-url]: https://ci.appveyor.com/project/dougwilson/express

History.md

Sorry, the diff of this file is too big to display

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc