Created by: dependabot[bot]
Bumps github.com/labstack/echo/v4 from 4.2.0 to 4.9.0.
Release notes
Sourced from github.com/labstack/echo/v4's releases.
v4.9.0
Security
- Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260
Enhancements
- Allow configuring ErrorHandler in CSRF middleware #2257
- Replace HTTP method constants in tests with stdlib constants #2247
v4.8.0
Most notable things
You can now add any arbitrary HTTP method type as a route #2237
e.Add("COPY", "/*", func(c echo.Context) error return c.String(http.StatusOK, "OK COPY") })
You can add custom 404 handler for specific paths #2217
e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) }) g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
Enhancements
- Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
- Refactor: body_limit middleware unit test #2145
- Refactor: Timeout mw: rework how test waits for timeout. #2187
- BasicAuth middleware returns 500 InternalServerError on invalid base64 strings but should return 400 #2191
- Refactor: duplicated findStaticChild process at findChildWithLabel #2176
- Allow different param names in different methods with same path scheme #2209
- Add support for registering handlers for different 404 routes #2217
- Middlewares should use errors.As() instead of type assertion on HTTPError #2227
- Allow arbitrary HTTP method types to be added as routes #2237
v4.7.2
Fixes
- Fix nil pointer exception when calling Start again after address binding error #2131
- Fix CSRF middleware not being able to extract token from multipart/form-data form #2136
- Fix Timeout middleware write race #2126
Enhancements
... (truncated)
Changelog
Sourced from github.com/labstack/echo/v4's changelog.
v4.9.0 - 2022-09-04
Security
- Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260
Enhancements
- Allow configuring ErrorHandler in CSRF middleware #2257
- Replace HTTP method constants in tests with stdlib constants #2247
v4.8.0 - 2022-08-10
Most notable things
You can now add any arbitrary HTTP method type as a route #2237
e.Add("COPY", "/*", func(c echo.Context) error return c.String(http.StatusOK, "OK COPY") })
You can add custom 404 handler for specific paths #2217
e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) }) g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
Enhancements
- Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
- Refactor: body_limit middleware unit test #2145
- Refactor: Timeout mw: rework how test waits for timeout. #2187
- BasicAuth middleware returns 500 InternalServerError on invalid base64 strings but should return 400 #2191
- Refactor: duplicated findStaticChild process at findChildWithLabel #2176
- Allow different param names in different methods with same path scheme #2209
- Add support for registering handlers for different 404 routes #2217
- Middlewares should use errors.As() instead of type assertion on HTTPError #2227
- Allow arbitrary HTTP method types to be added as routes #2237
v4.7.2 - 2022-03-16
Fixes
... (truncated)
Commits
-
16d3b65
Changelog for 4.9.0 -
0ac4d74
Fix #2259 open redirect vulnerability in echo.StaticDirectoryHandler (used by... -
d77e8c0
Added ErrorHandler and ErrorHandlerWithContext in CSRF middleware (#2257) -
534bbb8
replace POST constance with stdlib constance -
fb57d96
replace GET constance with stdlib constance -
d48197d
Changelog for 4.8.0 -
cba12a5
Allow arbitrary HTTP method types to be added as routes -
a327884
add:README.md-Third-party middlewares-github.com/go-woo/protoc-gen-echo -
61422dd
Update CI-flow (Go 1.19 +deps) -
a9879ff
Middlewares should use errors.As() instead of type assertion on HTTPError - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.