[dist] Update all non-major dependencies (!1356) · Merge requests · http ... PARTY! / node-http-proxy

Merged Administrator requested to merge renovate/all-minor-patch into master Aug 22, 2019

Created by: renovate[bot]

This PR contains the following updates:

Package	Type	Update	Change
connect	dependencies	minor	`~2.11.0` -> `~2.30.0`
sse	devDependencies	patch	`0.0.6` -> `0.0.8`
sse	dependencies	patch	`0.0.6` -> `0.0.8`

Release Notes

senchalabs/connect

`v2.30.2`

Compare Source

===================

deps: body-parser@~1.13.3
- deps: type-is@~1.6.6
deps: compression@~1.5.2
- deps: accepts@~1.2.12
- deps: compressible@~2.0.5
- deps: vary@~1.0.1
deps: errorhandler@~1.4.2
- deps: accepts@~1.2.12
deps: method-override@~2.3.5
- deps: vary@~1.0.1
- perf: enable strict mode
deps: serve-index@~1.7.2
- deps: accepts@~1.2.12
- deps: mime-types@~2.1.4
deps: type-is@~1.6.6
- deps: mime-types@~2.1.4
deps: vhost@~3.0.1
- perf: enable strict mode

`v2.30.1`

Compare Source

===================

deps: body-parser@~1.13.2
- deps: iconv-lite@0.4.11
- deps: qs@4.0.0
- deps: raw-body@~2.1.2
- deps: type-is@~1.6.4
deps: compression@~1.5.1
- deps: accepts@~1.2.10
- deps: compressible@~2.0.4
deps: errorhandler@~1.4.1
- deps: accepts@~1.2.10
deps: qs@4.0.0
- Fix dropping parameters like hasOwnProperty
- Fix various parsing edge cases
deps: morgan@~1.6.1
- deps: basic-auth@~1.0.3
deps: pause@0.1.0
- Re-emit events with all original arguments
- Refactor internals
- perf: enable strict mode
deps: serve-index@~1.7.1
- deps: accepts@~1.2.10
- deps: mime-types@~2.1.2
deps: type-is@~1.6.4
- deps: mime-types@~2.1.2
- perf: enable strict mode
- perf: remove argument reassignment

`v2.30.0`

Compare Source

===================

deps: body-parser@~1.13.1
- Add statusCode property on Errors, in addition to status
- Change type default to application/json for JSON parser
- Change type default to application/x-www-form-urlencoded for urlencoded parser
- Provide static require analysis
- Use the http-errors module to generate errors
- deps: bytes@2.1.0
- deps: iconv-lite@0.4.10
- deps: on-finished@~2.3.0
- deps: raw-body@~2.1.1
- deps: type-is@~1.6.3
- perf: enable strict mode
- perf: remove argument reassignment
- perf: remove delete call
deps: bytes@2.1.0
- Slight optimizations
- Units no longer case sensitive when parsing
deps: compression@~1.5.0
- Fix return value from .end and .write after end
- Improve detection of zero-length body without Content-Length
- deps: accepts@~1.2.9
- deps: bytes@2.1.0
- deps: compressible@~2.0.3
- perf: enable strict mode
- perf: remove flush reassignment
- perf: simplify threshold detection
deps: cookie@0.1.3
- Slight optimizations
deps: cookie-parser@~1.3.5
- deps: cookie@0.1.3
deps: csurf@~1.8.3
- Add sessionKey option
- deps: cookie@0.1.3
- deps: csrf@~3.0.0
deps: errorhandler@~1.4.0
- Add charset to the Content-Type header
- Support statusCode property on Error objects
- deps: accepts@~1.2.9
- deps: escape-html@1.0.2
deps: express-session@~1.11.3
- Support an array in secret option for key rotation
- deps: cookie@0.1.3
- deps: crc@3.3.0
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: uid-safe@~2.0.0
deps: finalhandler@0.4.0
- Fix a false-positive when unpiping in Node.js 0.8
- Support statusCode property on Error objects
- Use unpipe module for unpiping requests
- deps: escape-html@1.0.2
- deps: on-finished@~2.3.0
- perf: enable strict mode
- perf: remove argument reassignment
deps: fresh@0.3.0
- Add weak ETag matching support
deps: morgan@~1.6.0
- Add morgan.compile(format) export
- Do not color 1xx status codes in dev format
- Fix response-time token to not include response latency
- Fix status token incorrectly displaying before response in dev format
- Fix token return values to be undefined or a string
- Improve representation of multiple headers in req and res tokens
- Use res.getHeader in res token
- deps: basic-auth@~1.0.2
- deps: on-finished@~2.3.0
- pref: enable strict mode
- pref: reduce function closure scopes
- pref: remove dynamic compile on every request for dev format
- pref: remove an argument reassignment
- pref: skip function call without skip option
deps: serve-favicon@~2.3.0
- Send non-chunked response for OPTIONS
- deps: etag@~1.7.0
- deps: fresh@0.3.0
- perf: enable strict mode
- perf: remove argument reassignment
- perf: remove bitwise operations
deps: serve-index@~1.7.0
- Accept function value for template option
- Send non-chunked response for OPTIONS
- Stat parent directory when necessary
- Use Date.prototype.toLocaleDateString to format date
- deps: accepts@~1.2.9
- deps: escape-html@1.0.2
- deps: mime-types@~2.1.1
- perf: enable strict mode
- perf: remove argument reassignment
deps: serve-static@~1.10.0
- Add fallthrough option
- Fix reading options from options prototype
- Improve the default redirect response headers
- Malformed URLs now next() instead of 400
- deps: escape-html@1.0.2
- deps: send@0.13.0
- perf: enable strict mode
- perf: remove argument reassignment
deps: type-is@~1.6.3
- deps: mime-types@~2.1.1
- perf: reduce try block size
- perf: remove bitwise operations

`v2.29.2`

Compare Source

===================

deps: body-parser@~1.12.4
- Slight efficiency improvement when not debugging
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: iconv-lite@0.4.8
- deps: on-finished@~2.2.1
- deps: qs@2.4.2
- deps: raw-body@~2.0.1
- deps: type-is@~1.6.2
deps: compression@~1.4.4
- deps: accepts@~1.2.7
- deps: debug@~2.2.0
deps: connect-timeout@~1.6.2
- deps: debug@~2.2.0
- deps: ms@0.7.1
deps: debug@~2.2.0
- deps: ms@0.7.1
deps: depd@~1.0.1
deps: errorhandler@~1.3.6
- deps: accepts@~1.2.7
deps: finalhandler@0.3.6
- deps: debug@~2.2.0
- deps: on-finished@~2.2.1
deps: method-override@~2.3.3
- deps: debug@~2.2.0
deps: morgan@~1.5.3
- deps: basic-auth@~1.0.1
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: on-finished@~2.2.1
deps: qs@2.4.2
- Fix allowing parameters like constructor
deps: response-time@~2.3.1
- deps: depd@~1.0.1
deps: serve-favicon@~2.2.1
- deps: etag@~1.6.0
- deps: ms@0.7.1
deps: serve-index@~1.6.4
- deps: accepts@~1.2.7
- deps: debug@~2.2.0
- deps: mime-types@~2.0.11
deps: serve-static@~1.9.3
- deps: send@0.12.3
deps: type-is@~1.6.2
- deps: mime-types@~2.0.11

`v2.29.1`

Compare Source

===================

deps: body-parser@~1.12.2
- deps: debug@~2.1.3
- deps: qs@2.4.1
- deps: type-is@~1.6.1
deps: compression@~1.4.3
- Fix error when code calls res.end(str, encoding)
- deps: accepts@~1.2.5
- deps: debug@~2.1.3
deps: connect-timeout@~1.6.1
- deps: debug@~2.1.3
deps: debug@~2.1.3
- Fix high intensity foreground color for bold
- deps: ms@0.7.0
deps: errorhandler@~1.3.5
- deps: accepts@~1.2.5
deps: express-session@~1.10.4
- deps: debug@~2.1.3
deps: finalhandler@0.3.4
- deps: debug@~2.1.3
deps: method-override@~2.3.2
- deps: debug@~2.1.3
deps: morgan@~1.5.2
- deps: debug@~2.1.3
deps: qs@2.4.1
- Fix error when parameter hasOwnProperty is present
deps: serve-index@~1.6.3
- Properly escape file names in HTML
- deps: accepts@~1.2.5
- deps: debug@~2.1.3
- deps: escape-html@1.0.1
- deps: mime-types@~2.0.10
deps: serve-static@~1.9.2
- deps: send@0.12.2
deps: type-is@~1.6.1
- deps: mime-types@~2.0.10

`v2.29.0`

Compare Source

===================

Use content-type to parse Content-Type headers
deps: body-parser@~1.12.0
- add debug messages
- accept a function for the type option
- make internal extended: true depth limit infinity
- use content-type to parse Content-Type headers
- deps: iconv-lite@0.4.7
- deps: raw-body@1.3.3
- deps: type-is@~1.6.0
deps: compression@~1.4.1
- Prefer gzip over deflate on the server
- deps: accepts@~1.2.4
deps: connect-timeout@~1.6.0
- deps: http-errors@~1.3.1
deps: cookie-parser@~1.3.4
- deps: cookie-signature@1.0.6
deps: cookie-signature@1.0.6
deps: csurf@~1.7.0
- Accept CSRF-Token and XSRF-Token request headers
- Default cookie.path to '/', if using cookies
- deps: cookie-signature@1.0.6
- deps: csrf@~2.0.6
- deps: http-errors@~1.3.1
deps: errorhandler@~1.3.4
- deps: accepts@~1.2.4
deps: express-session@~1.10.3
- deps: cookie-signature@1.0.6
- deps: uid-safe@1.1.0
deps: http-errors@~1.3.1
- Construct errors using defined constructors from createError
- Fix error names that are not identifiers
- Set a meaningful name property on constructed errors
deps: response-time@~2.3.0
- Add function argument to support recording of response time
deps: serve-index@~1.6.2
- deps: accepts@~1.2.4
- deps: http-errors@~1.3.1
- deps: mime-types@~2.0.9
deps: serve-static@~1.9.1
- deps: send@0.12.1
deps: type-is@~1.6.0
- fix argument reassignment
- fix false-positives in hasBody Transfer-Encoding check
- support wildcard for both type and subtype (*/*)
- deps: mime-types@~2.0.9

`v2.28.3`

Compare Source

===================

deps: compression@~1.3.1
- deps: accepts@~1.2.3
- deps: compressible@~2.0.2
deps: csurf@~1.6.6
- deps: csrf@~2.0.5
deps: errorhandler@~1.3.3
- deps: accepts@~1.2.3
deps: express-session@~1.10.2
- deps: uid-safe@1.0.3
deps: serve-index@~1.6.1
- deps: accepts@~1.2.3
- deps: mime-types@~2.0.8
deps: type-is@~1.5.6
- deps: mime-types@~2.0.8

`v2.28.2`

Compare Source

===================

deps: body-parser@~1.10.2
- deps: iconv-lite@0.4.6
- deps: raw-body@1.3.2
deps: serve-static@~1.8.1
- Fix redirect loop in Node.js 0.11.14
- Fix root path disclosure
- deps: send@0.11.1

`v2.28.1`

Compare Source

===================

deps: csurf@~1.6.5
- deps: csrf@~2.0.4
deps: express-session@~1.10.1
- deps: uid-safe@~1.0.2

`v2.28.0`

Compare Source

===================

deps: body-parser@~1.10.1
- Make internal extended: true array limit dynamic
- deps: on-finished@~2.2.0
- deps: type-is@~1.5.5
deps: compression@~1.3.0
- Export the default filter function for wrapping
- deps: accepts@~1.2.2
- deps: debug@~2.1.1
deps: connect-timeout@~1.5.0
- deps: debug@~2.1.1
- deps: http-errors@~1.2.8
- deps: ms@0.7.0
deps: csurf@~1.6.4
- deps: csrf@~2.0.3
- deps: http-errors@~1.2.8
deps: debug@~2.1.1
deps: errorhandler@~1.3.2
- Add log option
- Fix heading content to not include stack
- deps: accepts@~1.2.2
deps: express-session@~1.10.0
- Add store.touch interface for session stores
- Fix MemoryStore expiration with resave: false
- deps: debug@~2.1.1
deps: finalhandler@0.3.3
- deps: debug@~2.1.1
- deps: on-finished@~2.2.0
deps: method-override@~2.3.1
- deps: debug@~2.1.1
- deps: methods@~1.1.1
deps: morgan@~1.5.1
- Add multiple date formats clf, iso, and web
- Deprecate buffer option
- Fix date format in common and combined formats
- Fix token arguments to accept values with "
- deps: debug@~2.1.1
- deps: on-finished@~2.2.0
deps: serve-favicon@~2.2.0
- Support query string in the URL
- deps: etag@~1.5.1
- deps: ms@0.7.0
deps: serve-index@~1.6.0
- Add link to root directory
- deps: accepts@~1.2.2
- deps: batch@0.5.2
- deps: debug@~2.1.1
- deps: mime-types@~2.0.7
deps: serve-static@~1.8.0
- Fix potential open redirect when mounted at root
- deps: send@0.11.0
deps: type-is@~1.5.5
- deps: mime-types@~2.0.7

`v2.27.6`

Compare Source

===================

deps: serve-index@~1.5.3
- deps: accepts@~1.1.4
- deps: http-errors@~1.2.8
- deps: mime-types@~2.0.4

`v2.27.5`

Compare Source

===================

deps: compression@~1.2.2
- Fix .end to only proxy to .end
- deps: accepts@~1.1.4
deps: express-session@~1.9.3
- Fix error when req.sessionID contains a non-string value
deps: http-errors@~1.2.8
- Fix stack trace from exported function
- Remove arguments.callee usage
deps: serve-index@~1.5.2
- Fix icon name background alignment on mobile view
deps: type-is@~1.5.4
- deps: mime-types@~2.0.4

`v2.27.4`

Compare Source

===================

deps: body-parser@~1.9.3
- deps: iconv-lite@0.4.5
- deps: qs@2.3.3
- deps: raw-body@1.3.1
- deps: type-is@~1.5.3
deps: compression@~1.2.1
- deps: accepts@~1.1.3
deps: errorhandler@~1.2.3
- deps: accepts@~1.1.3
deps: express-session@~1.9.2
- deps: crc@3.2.1
deps: qs@2.3.3
- Fix arrayLimit behavior
deps: serve-favicon@~2.1.7
- Avoid errors from enumerables on Object.prototype
deps: serve-index@~1.5.1
- deps: accepts@~1.1.3
- deps: mime-types@~2.0.3
deps: type-is@~1.5.3
- deps: mime-types@~2.0.3

`v2.27.3`

Compare Source

===================

Correctly invoke async callback asynchronously
deps: csurf@~1.6.3
- bump csrf
- bump http-errors

`v2.27.2`

Compare Source

===================

Fix handling of URLs containing :// in the path
deps: body-parser@~1.9.2
- deps: qs@2.3.2
deps: qs@2.3.2
- Fix parsing of mixed objects and values

`v2.27.1`

Compare Source

===================

deps: body-parser@~1.9.1
- deps: on-finished@~2.1.1
- deps: qs@2.3.0
- deps: type-is@~1.5.2
deps: express-session@~1.9.1
- Remove unnecessary empty write call
deps: finalhandler@0.3.2
- deps: on-finished@~2.1.1
deps: morgan@~1.4.1
- deps: on-finished@~2.1.1
deps: qs@2.3.0
- Fix parsing of mixed implicit and explicit arrays
deps: serve-static@~1.7.1
- deps: send@0.10.1

`v2.27.0`

Compare Source

===================

Use http-errors module for creating errors
Use utils-merge module for merging objects
deps: body-parser@~1.9.0
- include the charset in "unsupported charset" error message
- include the encoding in "unsupported content encoding" error message
- deps: depd@~1.0.0
deps: compression@~1.2.0
- deps: debug@~2.1.0
deps: connect-timeout@~1.4.0
- Create errors with http-errors
- deps: debug@~2.1.0
deps: debug@~2.1.0
- Implement DEBUG_FD env variable support
deps: depd@~1.0.0
deps: express-session@~1.9.0
- deps: debug@~2.1.0
- deps: depd@~1.0.0
deps: finalhandler@0.3.1
- Terminate in progress response only on error
- Use on-finished to determine request status
- deps: debug@~2.1.0
deps: method-override@~2.3.0
- deps: debug@~2.1.0
deps: morgan@~1.4.0
- Add debug messages
- deps: depd@~1.0.0
deps: response-time@~2.2.0
- Add header option for custom header name
- Add suffix option
- Change digits argument to an options argument
- deps: depd@~1.0.0
deps: serve-favicon@~2.1.6
- deps: etag@~1.5.0
deps: serve-index@~1.5.0
- Add dir argument to filter function
- Add icon for mkv files
- Create errors with http-errors
- Fix incorrect 403 on Windows and Node.js 0.11
- Lookup icon by mime type for greater icon support
- Support using tokens multiple times
- deps: accepts@~1.1.2
- deps: debug@~2.1.0
- deps: mime-types@~2.0.2
deps: serve-static@~1.7.0
- deps: send@0.10.0

`v2.26.6`

Compare Source

===================

deps: compression@~1.1.2
- deps: accepts@~1.1.2
- deps: compressible@~2.0.1
deps: csurf@~1.6.2
- bump http-errors
- fix cookie name when using cookie: true
deps: errorhandler@~1.2.2
- deps: accepts@~1.1.2

`v2.26.5`

Compare Source

===================

Fix accepting non-object arguments to logger
deps: serve-static@~1.6.4
- Fix redirect loop when index file serving disabled

`v2.26.4`

Compare Source

===================

deps: morgan@~1.3.2
- Fix req.ip integration when immediate: false
deps: type-is@~1.5.2
- deps: mime-types@~2.0.2

`v2.26.3`

Compare Source

===================

deps: body-parser@~1.8.4
- fix content encoding to be case-insensitive
deps: serve-favicon@~2.1.5
- deps: etag@~1.4.0
deps: serve-static@~1.6.3
- deps: send@0.9.3

`v2.26.2`

Compare Source

===================

deps: body-parser@~1.8.3
- deps: qs@2.2.4
deps: qs@2.2.4
- Fix issue with object keys starting with numbers truncated

`v2.26.1`

Compare Source

===================

deps: body-parser@~1.8.2
- deps: depd@0.4.5
deps: depd@0.4.5
deps: express-session@~1.8.2
- Use crc instead of buffer-crc32 for speed
- deps: depd@0.4.5
deps: morgan@~1.3.1
- Remove un-used bytes dependency
- deps: depd@0.4.5
deps: serve-favicon@~2.1.4
- Fix content headers being sent in 304 response
- deps: etag@~1.3.1
deps: serve-static@~1.6.2
- deps: send@0.9.2

`v2.26.0`

Compare Source

===================

deps: body-parser@~1.8.1
- add parameterLimit option to urlencoded parser
- change urlencoded extended array limit to 100
- make empty-body-handling consistent between chunked requests
- respond with 415 when over parameterLimit in urlencoded
- deps: media-typer@0.3.0
- deps: qs@2.2.3
- deps: type-is@~1.5.1
deps: compression@~1.1.0
- deps: accepts@~1.1.0
- deps: compressible@~2.0.0
- deps: debug@~2.0.0
deps: connect-timeout@~1.3.0
- deps: debug@~2.0.0
deps: cookie-parser@~1.3.3
- deps: cookie-signature@1.0.5
deps: cookie-signature@1.0.5
deps: csurf@~1.6.1
- add ignoreMethods option
- bump cookie-signature
- csrf-tokens -> csrf
- set code property on CSRF token errors
deps: debug@~2.0.0
deps: errorhandler@~1.2.0
- Display error using util.inspect if no other representation
- deps: accepts@~1.1.0
deps: express-session@~1.8.1
- Do not resave already-saved session at end of request
- Prevent session prototype methods from being overwritten
- deps: cookie-signature@1.0.5
- deps: debug@~2.0.0
deps: finalhandler@0.2.0
- Set X-Content-Type-Options: nosniff header
- deps: debug@~2.0.0
deps: fresh@0.2.4
deps: media-typer@0.3.0
- Throw error when parameter format invalid on parse
deps: method-override@~2.2.0
- deps: debug@~2.0.0
deps: morgan@~1.3.0
- Assert if format is not a function or string
deps: qs@2.2.3
- Fix issue where first empty value in array is discarded
deps: serve-favicon@~2.1.3
- Accept string for maxAge (converted by ms)
- Use etag to generate ETag header
- deps: fresh@0.2.4
deps: serve-index@~1.2.1
- Add debug messages
- Resolve relative paths at middleware setup
- deps: accepts@~1.1.0
deps: serve-static@~1.6.1
- Add lastModified option
- deps: send@0.9.1
deps: type-is@~1.5.1
- fix hasbody to be true for content-length: 0
- deps: media-typer@0.3.0
- deps: mime-types@~2.0.1
deps: vhost@~3.0.0

`v2.25.10`

Compare Source

====================

deps: serve-static@~1.5.4
- deps: send@0.8.5

`v2.25.9`

Compare Source

===================

deps: body-parser@~1.6.7
- deps: qs@2.2.2
deps: qs@2.2.2

`v2.25.8`

Compare Source

===================

deps: body-parser@~1.6.6
- deps: qs@2.2.0
deps: csurf@~1.4.1
deps: qs@2.2.0
- Array parsing fix
- Performance improvements

`v2.25.7`

Compare Source

===================

deps: body-parser@~1.6.5
- deps: on-finished@2.1.0
deps: express-session@~1.7.6
- Fix exception on res.end(null) calls
deps: morgan@~1.2.3
- deps: on-finished@2.1.0
deps: serve-static@~1.5.3
- deps: send@0.8.3

`v2.25.6`

Compare Source

===================

deps: body-parser@~1.6.4
- deps: qs@1.2.2
deps: qs@1.2.2
deps: serve-static@~1.5.2
- deps: send@0.8.2

`v2.25.5`

Compare Source

===================

Fix backwards compatibility in logger

`v2.25.4`

Compare Source

===================

Fix query middleware breaking with argument
- It never really took one in the first place
deps: body-parser@~1.6.3
- deps: qs@1.2.1
deps: compression@~1.0.11
- deps: on-headers@~1.0.0
- deps: parseurl@~1.3.0
deps: connect-timeout@~1.2.2
- deps: on-headers@~1.0.0
deps: express-session@~1.7.5
- Fix parsing original URL
- deps: on-headers@~1.0.0
- deps: parseurl@~1.3.0
deps: method-override@~2.1.3
deps: on-headers@~1.0.0
deps: parseurl@~1.3.0
deps: qs@1.2.1
deps: response-time@~2.0.1
- deps: on-headers@~1.0.0
deps: serve-index@~1.1.6
- Fix URL parsing
deps: serve-static@~1.5.1
- Fix parsing of weird req.originalUrl values
- deps: parseurl@~1.3.0 = deps: utils-merge@1.0.0

`v2.25.3`

Compare Source

===================

deps: multiparty@3.3.2
- Fix potential double-callback

`v2.25.2`

Compare Source

===================

deps: body-parser@~1.6.2
- deps: qs@1.2.0
deps: qs@1.2.0
- Fix parsing array of objects

`v2.25.1`

Compare Source

====================

deps: serve-static@~1.5.4
- deps: send@0.8.5

`v2.25.0`

Compare Source

===================

deps: body-parser@~1.6.0
- deps: qs@1.0.2
deps: compression@~1.0.10
- Fix upper-case Content-Type characters prevent compression
- deps: compressible@~1.1.1
deps: csurf@~1.4.0
- Support changing req.session after csurf middleware
- Calling res.csrfToken() after req.session.destroy() will now work
deps: express-session@~1.7.4
- Fix res.end patch to call correct upstream res.write
- Fix response end delay for non-chunked responses
deps: qs@1.0.2
- Complete rewrite
- Limits array length to 20
- Limits object depth to 5
- Limits parameters to 1,000
deps: serve-static@~1.5.0
- Add extensions option
- deps: send@0.8.1

`v2.24.3`

Compare Source

===================

deps: serve-index@~1.1.5
- Fix Content-Length calculation for multi-byte file names
- deps: accepts@~1.0.7
deps: serve-static@~1.4.4
- Fix incorrect 403 on Windows and Node.js 0.11
- deps: send@0.7.4

`v2.24.2`

Compare Source

===================

deps: body-parser@~1.5.2
deps: depd@0.4.4
- Work-around v8 generating empty stack traces
deps: express-session@~1.7.2
deps: morgan@~1.2.2
deps: serve-static@~1.4.2

`v2.24.1`

Compare Source

===================

deps: body-parser@~1.5.1
deps: depd@0.4.3
- Fix exception when global Error.stackTraceLimit is too low
deps: express-session@~1.7.1
deps: morgan@~1.2.1
deps: serve-index@~1.1.4
deps: serve-static@~1.4.1

`v2.24.0`

Compare Source

===================

deps: body-parser@~1.5.0
- deps: depd@0.4.2
- deps: iconv-lite@0.4.4
- deps: raw-body@1.3.0
- deps: type-is@~1.3.2
deps: compression@~1.0.9
- Add debug messages
- deps: accepts@~1.0.7
deps: connect-timeout@~1.2.1
- Accept string for time (converted by ms)
- deps: debug@1.0.4
deps: debug@1.0.4
deps: depd@0.4.2
- Add TRACE_DEPRECATION environment variable
- Remove non-standard grey color from color output
- Support --no-deprecation argument
- Support --trace-deprecation argument
deps: express-session@~1.7.0
- Improve session-ending error handling
- deps: debug@1.0.4
- deps: depd@0.4.2
deps: finalhandler@0.1.0
- Respond after request fully read
- deps: debug@1.0.4
deps: method-override@~2.1.2
- deps: debug@1.0.4
- deps: parseurl@~1.2.0
deps: morgan@~1.2.0
- Add :remote-user token
- Add combined log format
- Add common log format
- Remove non-standard grey color from dev format
deps: multiparty@3.3.1
deps: parseurl@~1.2.0
- Cache URLs based on original value
- Remove no-longer-needed URL mis-parse work-around
- Simplify the "fast-path" RegExp
deps: serve-static@~1.4.0
- Add dotfiles option
- deps: parseurl@~1.2.0
- deps: send@0.7.0

`v2.23.0`

Compare Source

===================

deps: debug@1.0.3
- Add support for multiple wildcards in namespaces
deps: express-session@~1.6.4
deps: method-override@~2.1.0
- add simple debug output
- deps: methods@1.1.0
- deps: parseurl@~1.1.3
deps: parseurl@~1.1.3
- faster parsing of href-only URLs
deps: serve-static@~1.3.1
- deps: parseurl@~1.1.3

`v2.22.0`

Compare Source

===================

deps: csurf@~1.3.0
- Fix cookie.signed option to actually sign cookie
deps: express-session@~1.6.1
- Fix res.end patch to return correct value
- Fix res.end patch to handle multiple res.end calls
- Reject cookies with missing signatures
deps: multiparty@3.3.0
- Always emit close after all parts ended
- Fix callback hang in node.js 0.8 on errors
deps: serve-static@~1.3.0
- Accept string for maxAge (converted by ms)
- Add setHeaders option
- Include HTML link in redirect response
- deps: send@0.5.0

`v2.21.1`

Compare Source

===================

deps: cookie-parser@1.3.2
- deps: cookie-signature@1.0.4
deps: cookie-signature@1.0.4
- fix for timing attacks
deps: express-session@~1.5.2
- deps: cookie-signature@1.0.4
deps: type-is@~1.3.2
- more mime types

`v2.21.0`

Compare Source

===================

deprecate connect(middleware) -- use app.use(middleware) instead
deprecate connect.createServer() -- use connect() instead
fix res.setHeader() patch to work with get -> append -> set pattern
deps: compression@~1.0.8
deps: errorhandler@~1.1.1
deps: express-session@~1.5.0
- Deprecate integration with cookie-parser middleware
- Deprecate looking for secret in req.secret
- Directly read cookies; cookie-parser no longer required
- Directly set cookies; res.cookie no longer required
- Generate session IDs with uid-safe, faster and even less collisions
deps: serve-index@~1.1.3

`v2.20.2`

Compare Source

===================

deps: body-parser@1.4.3
- deps: type-is@1.3.1

`v2.20.1`

Compare Source

===================

deps: type-is@1.3.1
- fix global variable leak

`v2.20.0`

Compare Source

===================

deprecate verify option to json -- use body-parser npm module instead
deprecate verify option to urlencoded -- use body-parser npm module instead
deprecate things with depd module
use finalhandler for final response handling
use media-typer to parse content-type for charset
deps: body-parser@1.4.2
- check accepted charset in content-type (accepts utf-8)
- check accepted encoding in content-encoding (accepts identity)
- deprecate urlencoded() without provided extended option
- lazy-load urlencoded parsers
- support gzip and deflate bodies
- set inflate: false to turn off
- deps: raw-body@1.2.2
- deps: type-is@1.3.0
- Support all encodings from iconv-lite
deps: connect-timeout@1.1.1
- deps: debug@1.0.2
deps: cookie-parser@1.3.1
- export parsing functions
- req.cookies and req.signedCookies are now plain objects
- slightly faster parsing of many cookies
deps: csurf@1.2.2
deps: errorhandler@1.1.0
- Display error on console formatted like throw
- Escape HTML in stack trace
- Escape HTML in title
- Fix up edge cases with error sent in response
- Set X-Content-Type-Options: nosniff header
- Use accepts for negotiation
deps: express-session@1.4.0
- Add genid option to generate custom session IDs
- Add saveUninitialized option to control saving uninitialized sessions
- Add unset option to control unsetting req.session
- Generate session IDs with rand-token by default; reduce collisions
- Integrate with express "trust proxy" by default
- deps: buffer-crc32@0.2.3
- deps: debug@1.0.2
deps: multiparty@3.2.9
deps: serve-index@1.1.2
- deps: batch@0.5.1
deps: type-is@1.3.0
- improve type parsing
deps: vhost@2.0.0
- Accept RegExp object for hostname
- Provide req.vhost object
- Support IPv6 literal in Host header

`v2.19.6`

Compare Source

===================

deps: body-parser@1.3.1
- deps: type-is@1.2.1
deps: compression@1.0.7
- use vary module for better Vary behavior
- deps: accepts@1.0.3
- deps: compressible@1.1.0
deps: debug@1.0.2
deps: serve-index@1.1.1
- deps: accepts@1.0.3
deps: serve-static@1.2.3
- Do not throw un-catchable error on file open race condition
- deps: send@0.4.3

`v2.19.5`

Compare Source

===================

deps: csurf@1.2.1
- refactor to use csrf-tokens@~1.0.2
deps: debug@1.0.1
deps: serve-static@1.2.2
- fix "event emitter leak" warnings
- deps: send@0.4.2
deps: type-is@1.2.1
- Switch dependency from mime to mime-types@1.0.0

`v2.19.4`

Compare Source

===================

deps: errorhandler@1.0.2
- Pass on errors from reading error files
deps: method-override@2.0.2
- use vary module for better Vary behavior
deps: serve-favicon@2.0.1
- Reduce byte size of ETag header

`v2.19.3`

Compare Source

===================

deps: compression@1.0.6
- fix listeners for delayed stream creation
- fix regression for certain stream.pipe(res) situations
- fix regression when negotiation fails

`v2.19.2`

Compare Source

===================

deps: compression@1.0.4
- fix adding Vary when value stored as array
- fix back-pressure behavior
- fix length check for res.end

`v2.19.1`

Compare Source

===================

fix deprecated utils.escape

`v2.19.0`

Compare Source

===================

deprecate methodOverride() -- use method-override npm module instead
deps: body-parser@1.3.0
- add extended option to urlencoded parser
deps: method-override@2.0.1
- set Vary header
- deps: methods@1.0.1
deps: multiparty@3.2.8
deps: response-time@2.0.0
- add digits argument
- do not override existing X-Response-Time header
- timer not subject to clock drift
- timer resolution down to nanoseconds
deps: serve-static@1.2.1
- send max-age in Cache-Control in correct format
- use escape-html for escaping
- deps: send@0.4.1

`v2.18.0`

Compare Source

===================

deps: compression@1.0.3
deps: serve-index@1.1.0
- Fix content negotiation when no Accept header
- Properly support all HTTP methods
- Support vanilla node.js http servers
- Treat ENAMETOOLONG as code 414
- Use accepts for negotiation
deps: serve-static@1.2.0
- Calculate ETag with md5 for reduced collisions
- Fix wrong behavior when index file matches directory
- Ignore stream errors after request ends
- Skip directories in index file search
- deps: send@0.4.0

`v2.17.3`

Compare Source

===================

deps: express-session@1.2.1
- Fix resave such that resave: true works

`v2.17.2`

Compare Source

===================

deps: body-parser@1.2.2
- invoke next(err) after request fully read
- deps: raw-body@1.1.6
deps: method-override@1.0.2
- Handle req.body key referencing array or object
- Handle multiple HTTP headers

`v2.17.1`

Compare Source

===================

fix res.charset appending charset when content-type has one

`v2.17.0`

Compare Source

===================

deps: express-session@1.2.0
- Add resave option to control saving unmodified sessions
deps: morgan@1.1.1
- "dev" format will use same tokens as other formats
- :response-time token is now empty when immediate used
- :response-time token is now monotonic
- :response-time token has precision to 1 μs
- fix :status + immediate output in node.js 0.8
- improve buffer option to prevent indefinite event loop holding
- simplify method to get remote address
- deps: bytes@1.0.0
deps: serve-index@1.0.3
- Fix error from non-statable files in HTML view

`v2.16.2`

Compare Source

===================

fix edge-case in res.appendHeader that would append in wrong order
deps: method-override@1.0.1

`v2.16.1`

Compare Source

===================

remove usages of res.headerSent from core

`v2.16.0`

Compare Source

===================

deprecate res.headerSent -- use res.headersSent
deprecate res.on("header") -- use on-headers module instead
fix connect.version to reflect the actual version
json: use body-parser
- add type option
- fix repeated limit parsing with every request
- improve parser speed
urlencoded: use body-parser
- add type option
- fix repeated limit parsing with every request
dep: bytes@1.0.0
- add negative support
dep: cookie-parser@1.1.0
- deps: cookie@0.1.2
dep: csurf@1.2.0
- add support for double-submit cookie
dep: express-session@1.1.0
- Add name option; replacement for key option
- Use setImmediate in MemoryStore for node.js >= 0.10

`v2.15.0`

Compare Source

===================

Add simple res.cookie support
Add res.appendHeader
Call error stack even when response has been sent
Patch res.headerSent to return Boolean
Patch res.headersSent for node.js 0.8
Prevent default 404 handler after response sent
dep: compression@1.0.2
- support headers given to res.writeHead
- deps: bytes@0.3.0
- deps: negotiator@0.4.3
dep: connect-timeout@1.1.0
- Add req.timedout property
- Add respond option to constructor
- Clear timer on socket destroy
- deps: debug@0.8.1
dep: debug@^0.8.0
- add enable() method
- change from stderr to stdout
dep: errorhandler@1.0.1
- Clean up error CSS
- Do not respond after headers sent
dep: express-session@1.0.4
- Remove import of setImmediate
- Use res.cookie() instead of res.setHeader()
- deps: cookie@0.1.2
- deps: debug@0.8.1
dep: morgan@1.0.1
- Make buffer unique per morgan instance
- deps: bytes@0.3.0
dep: serve-favicon@2.0.0
- Accept Buffer of icon as first argument
- Non-GET and HEAD requests are denied
- Send valid max-age value
- Support conditional requests
- Support max-age=0
- Support OPTIONS method
- Throw if path argument is directory
dep: serve-index@1.0.2
- Add stylesheet option
- deps: negotiator@0.4.3

`v2.14.5`

Compare Source

===================

dep: raw-body@1.1.4
- allow true as an option
- deps: bytes@0.3.0
dep: serve-static@1.1.0
- Accept options directly to send module
- deps: send@0.3.0

`v2.14.4`

Compare Source

===================

dep: bytes@0.3.0
- added terabyte support
dep: csurf@1.1.0
- add constant-time string compare
dep: serve-static@1.0.4
- Resolve relative paths at middleware setup
- Use parseurl to parse the URL from request
fix node.js 0.8 compatibility with memory session