form-data - npm Package Compare versions

Comparing version

2.5.5

2.5.6

+19

-1

CHANGELOG.md

		@@ -8,2 +8,10 @@ # Changelog

		## [v4.0.5](https://github.com/form-data/form-data/compare/v4.0.4...v4.0.5) - 2025-11-17

		### Commits

		- [Tests] Switch to newer v8 prediction library; enable node 24 testing [`16e0076`](https://github.com/form-data/form-data/commit/16e00765342106876f98a1c9703314006c9e937a)
		- [Dev Deps] update `@ljharb/eslint-config`, `eslint` [`5822467`](https://github.com/form-data/form-data/commit/5822467f0ec21f6ad613c1c90856375e498793c7)
		- [Fix] set Symbol.toStringTag in the proper place [`76d0dee`](https://github.com/form-data/form-data/commit/76d0dee43933b5e167f7f09e5d9cbbd1cf911aa7)

		## [v4.0.4](https://github.com/form-data/form-data/compare/v4.0.3...v4.0.4) - 2025-07-16
		@@ -162,3 +170,3 @@

		## [v3.0.0](https://github.com/form-data/form-data/compare/v2.5.5...v3.0.0) - 2019-11-05
		## [v3.0.0](https://github.com/form-data/form-data/compare/v2.5.6...v3.0.0) - 2019-11-05

		@@ -187,2 +195,12 @@ ### Merged

		## [v2.5.6](https://github.com/form-data/form-data/compare/v2.5.5...v2.5.6) - 2026-06-12

		### Commits

		- [Fix] escape CR, LF, and `"` in field names and filenames [`b620316`](https://github.com/form-data/form-data/commit/b62031603c2d7c329b2a369b49466790f0ba6314)
		- [Dev Deps] update `@ljharb/eslint-config`, `auto-changelog`, `eslint`, `tape` [`12be578`](https://github.com/form-data/form-data/commit/12be578e936fd77eee75e2e656955f5343c4b80f)
		- [Dev Deps] update `js-randomness-predictor` [`46cfd23`](https://github.com/form-data/form-data/commit/46cfd23bd40be14cfa0391e1c5357c4d74098f23)
		- [Tests] use `safe-buffer` so the header-injection test runs on node < 4 [`633044a`](https://github.com/form-data/form-data/commit/633044a57a7b19f41cec2271ffd24afa2f6280af)
		- [Deps] update `hasown` [`e3b96ee`](https://github.com/form-data/form-data/commit/e3b96eef1661bca8ea4297de057b78bf2734e900)

		## [v2.5.5](https://github.com/form-data/form-data/compare/v2.5.4...v2.5.5) - 2025-07-18
		@@ -189,0 +207,0 @@

+7

-2

lib/form_data.js

		@@ -18,2 +18,7 @@ 'use strict';

		// escape CR/LF/`"` so a name/filename can't inject headers or smuggle parts; matches the WHATWG HTML multipart/form-data encoding
		function escapeHeaderParam(str) {
		return String(str).replace(/\r/g, '%0D').replace(/\n/g, '%0A').replace(/"/g, '%22');
		}

		/**
		@@ -194,3 +199,3 @@ * Create readable "multipart/form-data" streams.
		// add custom disposition as third element or keep it two elements if not
		'Content-Disposition': ['form-data', 'name="' + field + '"'].concat(contentDisposition \|\| []),
		'Content-Disposition': ['form-data', 'name="' + escapeHeaderParam(field) + '"'].concat(contentDisposition \|\| []),
		// if no content type. allow it to be empty array
		@@ -250,3 +255,3 @@ 'Content-Type': [].concat(contentType \|\| []),
		if (filename) {
		contentDisposition = 'filename="' + filename + '"';
		contentDisposition = 'filename="' + escapeHeaderParam(filename) + '"';
		}
		@@ -253,0 +258,0 @@

+7

-7

package.json

		@@ -5,3 +5,3 @@ {
		"description": "A library to create readable \"multipart/form-data\" streams. Can be used to submit forms and file uploads to other web applications.",
		"version": "2.5.5",
		"version": "2.5.6",
		"repository": {
		@@ -46,3 +46,3 @@ "type": "git",
		"es-set-tostringtag": "^2.1.0",
		"hasown": "^2.0.2",
		"hasown": "^2.0.4",
		"mime-types": "^2.1.35",
		@@ -52,4 +52,4 @@ "safe-buffer": "^5.2.1"
		"devDependencies": {
		"@ljharb/eslint-config": "^21.2.0",
		"auto-changelog": "^2.5.0",
		"@ljharb/eslint-config": "^22.2.3",
		"auto-changelog": "^2.6.0",
		"browserify": "^13.3.0",
		@@ -60,3 +60,3 @@ "browserify-istanbul": "^2.0.0",
		"encoding": "^0.1.13",
		"eslint": "=8.8.0",
		"eslint": "^8.57.1",
		"fake": "^0.2.2",
		@@ -67,3 +67,3 @@ "far": "^0.0.7",
		"istanbul": "^0.4.5",
		"js-randomness-predictor": "^1.5.5",
		"js-randomness-predictor": "^3.6.0",
		"obake": "^0.1.2",
		@@ -77,3 +77,3 @@ "phantomjs-prebuilt": "^2.1.16",
		"semver": "^6.3.1",
		"tape": "^5.9.0"
		"tape": "^5.10.1"
		},
		@@ -80,0 +80,0 @@ "license": "MIT",

+4

-4

README.md

		@@ -9,7 +9,7 @@ # Form-Data [![NPM Module](https://img.shields.io/npm/v/form-data.svg)](https://www.npmjs.com/package/form-data) [![Join the chat at https://gitter.im/form-data/form-data](http://form-data.github.io/images/gitterbadge.svg)](https://gitter.im/form-data/form-data)

		[![Linux Build](https://img.shields.io/travis/form-data/form-data/v2.5.5.svg?label=linux:4.x-12.x)](https://travis-ci.org/form-data/form-data)
		[![MacOS Build](https://img.shields.io/travis/form-data/form-data/v2.5.5.svg?label=macos:4.x-12.x)](https://travis-ci.org/form-data/form-data)
		[![Windows Build](https://img.shields.io/travis/form-data/form-data/v2.5.5.svg?label=windows:4.x-12.x)](https://travis-ci.org/form-data/form-data)
		[![Linux Build](https://img.shields.io/travis/form-data/form-data/v2.5.6.svg?label=linux:4.x-12.x)](https://travis-ci.org/form-data/form-data)
		[![MacOS Build](https://img.shields.io/travis/form-data/form-data/v2.5.6.svg?label=macos:4.x-12.x)](https://travis-ci.org/form-data/form-data)
		[![Windows Build](https://img.shields.io/travis/form-data/form-data/v2.5.6.svg?label=windows:4.x-12.x)](https://travis-ci.org/form-data/form-data)

		[![Coverage Status](https://img.shields.io/coveralls/form-data/form-data/v2.5.5.svg?label=code+coverage)](https://coveralls.io/github/form-data/form-data?branch=master)
		[![Coverage Status](https://img.shields.io/coveralls/form-data/form-data/v2.5.6.svg?label=code+coverage)](https://coveralls.io/github/form-data/form-data?branch=master)
		[![Dependency Status](https://img.shields.io/david/form-data/form-data.svg)](https://david-dm.org/form-data/form-data)
		@@ -16,0 +16,0 @@

form-data - npm Package Compare versions

Improved metrics

Dependency changes