Created by: renovate[bot]
This PR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
request | dependencies | minor | ~2.27.0 -> ~2.88.0 |
GitHub Vulnerability Alerts
CVE-2017-16026
Affected versions of request will disclose local system memory to remote systems in certain circumstances. When a multipart request is made, and the type of body is number, then a buffer of that size will be allocated and sent to the remote server as the body.
Release Notes
request/request
v2.88.0
- #2996 fix(uuid): import versioned uuid (@kwonoj)
- #2994 Update to oauth-sign 0.9.0 (@dlecocq)
- #2993 Fix header tests (@simov)
- #2904 #515, #2894 Strip port suffix from Host header if the protocol is known. (#2904) (@paambaati)
- #2791 Improve AWS SigV4 support. (#2791) (@vikhyat)
- #2977 Update test certificates (@simov)
v2.87.0
- #2943 Replace hawk dependency with a local implemenation (#2943) (@hueniverse)
v2.86.0
- #2885 Remove redundant code (for Node.js 0.9.4 and below) and dependency (@ChALkeR)
- #2942 Make Test GREEN Again! (@simov)
- #2923 Alterations for failing CI tests (@gareth-robinson)
v2.85.0
v2.84.0
- #2793 Fixed calculation of oauth_body_hash, issue #2792 (@dvishniakov)
- #2880 Update hawk to 7.0.7 (#2880) (@kornel-kedzierski)
v2.83.0
- #2776 Updating tough-cookie due to security fix. (#2776) (@karlnorling)
v2.82.0
- #2703 Add Node.js v8 to Travis CI (@ryysud)
- #2751 Update of hawk and qs to latest version (#2751) (@Olivier-Moreau)
- #2658 Fixed some text in README.md (#2658) (@Marketionist)
- #2635 chore(package): update aws-sign2 to version 0.7.0 (#2635) (@greenkeeperio-bot)
- #2641 Update README to simplify & update convenience methods (#2641) (@FredKSchott)
- #2541 Add convenience method for HTTP OPTIONS (#2541) (@jamesseanwright)
- #2605 Add promise support section to README (#2605) (@FredKSchott)
- #2579 refactor(lint): replace eslint with standard (#2579) (@ahmadnassri)
-
#2598 Update codecov to version 2.0.2
🚀 (@greenkeeperio-bot) - #2590 Adds test-timing keepAlive test (@nicjansma)
- #2589 fix tabulation on request example README.MD (@odykyi)
- #2594 chore(dependencies): har-validator to 5.x removes babel dep
v2.81.0
- #2584 Security issue: Upgrade qs to version 6.4.0 (@sergejmueller)
- #2578 safe-buffer doesn't zero-fill by default, its just a polyfill. (#2578) (@mikeal)
- #2566 Timings: Tracks 'lookup', adds 'wait' time, fixes connection re-use (#2566) (@nicjansma)
- #2574 Migrating to safe-buffer for improved security. (@mikeal)
- #2573 fixes #2572 (@ahmadnassri)
v2.80.0
- #2571 Correctly format the Host header for IPv6 addresses (@JamesMGreene)
- #2558 Update README.md example snippet (@FredKSchott)
- #2221 Adding a simple Response object reference in argument specification (@calamarico)
- #2452 Adds .timings array with DNC, TCP, request and response times (@nicjansma)
- #2553 add ISSUE_TEMPLATE, move PR template (@FredKSchott)
- #2539 Create PULL_REQUEST_TEMPLATE.md (@FredKSchott)
-
#2524 Update caseless to version 0.12.0
🚀 (@greenkeeperio-bot) - #2460 Fix wrong MIME type in example (@OwnageIsMagic)
- #2514 Change tags to keywords in package.json (@humphd)
- #2492 More lenient gzip decompression (@addaleax)
v2.79.0
- #2368 Fix typeof check in test-pool.js (@forivall)
-
#2394 Use
files
in package.json (@SimenB) - #2463 AWS support for session tokens for temporary credentials (@simov)
- #2467 Migrate to uuid (@simov, @antialias)
-
#2459 Update taper to version 0.5.0
🚀 (@greenkeeperio-bot) - #2448 Make other connect timeout test more reliable too (@mscdex)
v2.78.0
v2.77.0
- #2439 Fix socket 'connect' listener handling (@mscdex)
-
#2442
👻 😱 Node.js 0.10 is unmaintained😱 👻 (@greenkeeperio-bot) - #2435 Add followOriginalHttpMethod to redirect to original HTTP method (@kirrg001)
- #2414 Improve test-timeout reliability (@mscdex)
v2.76.0
- #2424 Handle buffers directly instead of using "bl" (@zertosh)
- #2415 Re-enable timeout tests on Travis + other fixes (@mscdex)
- #2431 Improve timeouts accuracy and node v6.8.0+ compatibility (@mscdex, @greenkeeperio-bot)
-
#2428 Update qs to version 6.3.0
🚀 (@greenkeeperio-bot) - #2420 change .on to .once, remove possible memory leaks (@duereg)
- #2426 Remove "isFunction" helper in favor of "typeof" check (@zertosh)
- #2425 Simplify "defer" helper creation (@zertosh)
-
#2402 form-data@2.1.1 breaks build
🚨 (@greenkeeperio-bot) -
#2393 Update form-data to version 2.1.0
🚀 (@greenkeeperio-bot)
v2.75.0
- #2381 Drop support for Node 0.10 (@simov)
-
#2377 Update form-data to version 2.0.0
🚀 (@greenkeeperio-bot) - #2353 Add greenkeeper ignored packages (@simov)
-
#2351 Update karma-tap to version 3.0.1
🚀 (@greenkeeperio-bot) -
#2348 form-data@1.0.1 breaks build
🚨 (@greenkeeperio-bot) - #2349 Check error type instead of string (@scotttrinh)
v2.74.0
- #2295 Update tough-cookie to 2.3.0 (@stash-sfdc)
-
#2280 Update karma-tap to version 2.0.1
🚀 (@greenkeeperio-bot)
v2.73.0
- #2240 Remove connectionErrorHandler to fix #1903 (@zarenner)
-
#2251 tape@4.6.0 breaks build
🚨 (@greenkeeperio-bot) - #2225 Update docs (@ArtskydJ)
-
#2203 Update browserify to version 13.0.1
🚀 (@greenkeeperio-bot) -
#2275 Update karma to version 1.1.1
🚀 (@greenkeeperio-bot) - #2204 Add codecov.yml and disable PR comments (@simov)
- #2212 Fix link to http.IncomingMessage documentation (@nazieb)
- #2208 Update to form-data RC4 and pass null values to it (@simov)
- #2207 Move aws4 require statement to the top (@simov)
-
#2199 Update karma-coverage to version 1.0.0
🚀 (@greenkeeperio-bot) -
#2206 Update qs to version 6.2.0
🚀 (@greenkeeperio-bot) - #2205 Use server-destory to close hanging sockets in tests (@simov)
-
#2200 Update karma-cli to version 1.0.0
🚀 (@greenkeeperio-bot)
v2.72.0
- #2176 Do not try to pipe Gzip responses with no body (@simov)
- #2175 Add 'delete' alias for the 'del' API method (@simov, @MuhanZou)
- #2172 Add support for deflate content encoding (@czardoz)
- #2169 Add callback option (@simov)
- #2165 Check for self.req existence inside the write method (@simov)
- #2167 Fix TravisCI badge reference master branch (@a0viedo)
v2.71.0
v2.70.0
-
#2147 Update eslint to version 2.5.3
🚀 (@simov, @greenkeeperio-bot) - #2009 Support JSON stringify replacer argument. (@elyobo)
-
#2142 Update eslint to version 2.5.1
🚀 (@greenkeeperio-bot) -
#2128 Update browserify-istanbul to version 2.0.0
🚀 (@greenkeeperio-bot) -
#2115 Update eslint to version 2.3.0
🚀 (@simov, @greenkeeperio-bot) - #2089 Fix badges (@simov)
-
#2092 Update browserify-istanbul to version 1.0.0
🚀 (@greenkeeperio-bot) - #2079 Accept read stream as body option (@simov)
-
#2070 Update bl to version 1.1.2
🚀 (@greenkeeperio-bot) - #2063 Up bluebird and oauth-sign (@simov)
- #2058 Karma fixes for latest versions (@eiriksm)
- #2057 Update contributing guidelines (@simov)
-
#2054 Update qs to version 6.1.0
🚀 (@greenkeeperio-bot)
v2.69.0
v2.68.0
- #2036 Add AWS Signature Version 4 (@simov, @mirkods)
- #2022 Convert numeric multipart bodies to string (@simov, @feross)
- #2024 Update har-validator dependency for nsp advisory #76 (@TylerDixon)
-
#2016 Update qs to version 6.0.2
🚀 (@greenkeeperio-bot) -
#2007 Use the
extend
module instead of util._extend (@simov) -
#2003 Update browserify to version 13.0.0
🚀 (@greenkeeperio-bot) -
#1989 Update buffer-equal to version 1.0.0
🚀 (@greenkeeperio-bot) - #1956 Check form-data content-length value before setting up the header (@jongyoonlee)
- #1958 Use IncomingMessage.destroy method (@simov)
- #1952 Adds example for Tor proxy (@prometheansacrifice)
-
#1943 Update eslint to version 1.10.3
🚀 (@simov, @greenkeeperio-bot) -
#1924 Update eslint to version 1.10.1
🚀 (@greenkeeperio-bot) - #1915 Remove content-length and transfer-encoding headers from defaultProxyHeaderWhiteList (@yaxia)
v2.67.0
-
#1913 Update http-signature to version 1.1.0
🚀 (@greenkeeperio-bot)
v2.66.0
- #1906 Update README URLs based on HTTP redirects (@ReadmeCritic)
- #1905 Convert typed arrays into regular buffers (@simov)
-
#1902 node-uuid@1.4.7 breaks build
🚨 (@greenkeeperio-bot) - #1894 Fix tunneling after redirection from https (Original: #1881) (@simov, @falms)
-
#1893 Update eslint to version 1.9.0
🚀 (@greenkeeperio-bot) -
#1852 Update eslint to version 1.7.3
🚀 (@simov, @greenkeeperio-bot, @paulomcnally, @michelsalib, @arbaaz, @nsklkn, @LoicMahieu, @JoshWillik, @jzaefferer, @ryanwholey, @djchie, @thisconnect, @mgenereu, @acroca, @Sebmaster, @KoltesDigital) - #1876 Implement loose matching for har mime types (@simov)
-
#1875 Update bluebird to version 3.0.2
🚀 (@simov, @greenkeeperio-bot) -
#1871 Update browserify to version 12.0.1
🚀 (@greenkeeperio-bot) - #1866 Add missing quotes on x-token property in README (@miguelmota)
- #1874 Fix typo in README.md (@gswalden)
- #1860 Improve referer header tests and docs (@simov)
- #1861 Remove redundant call to Stream constructor (@watson)
- #1857 Fix Referer header to point to the original host name (@simov)
-
#1850 Update karma-coverage to version 0.5.3
🚀 (@greenkeeperio-bot) - #1847 Use node's latest version when building (@simov)
- #1836 Tunnel: fix wrong property name (@KoltesDigital)
- #1820 Set href as request.js uses it (@mgenereu)
-
#1840 Update http-signature to version 1.0.2
🚀 (@greenkeeperio-bot) -
#1845 Update istanbul to version 0.4.0
🚀 (@greenkeeperio-bot)
v2.65.0
-
#1833 Update aws-sign2 to version 0.6.0
🚀 (@greenkeeperio-bot) - #1811 Enable loose cookie parsing in tough-cookie (@Sebmaster)
- #1830 Bring back tilde ranges for all dependencies (@simov)
- #1821 Implement support for RFC 2617 MD5-sess algorithm. (@BigDSK)
- #1828 Updated qs dependency to 5.2.0 (@acroca)
-
#1818 Extract
readResponseBody
method out ofonRequestResponse
(@pvoisin) - #1819 Run stringify once (@mgenereu)
- #1814 Updated har-validator to version 2.0.2 (@greenkeeperio-bot)
- #1807 Updated tough-cookie to version 2.1.0 (@greenkeeperio-bot)
- #1800 Add caret ranges for devDependencies, except eslint (@simov)
- #1799 Updated karma-browserify to version 4.4.0 (@greenkeeperio-bot)
- #1797 Updated tape to version 4.2.0 (@greenkeeperio-bot)
- #1788 Pinned all dependencies (@greenkeeperio-bot)
v2.64.0
- #1787 npm ignore examples, release.sh and disabled.appveyor.yml (@thisconnect)
- #1775 Fix typo in README.md (@djchie)
- #1776 Changed word 'conjuction' to read 'conjunction' in README.md (@ryanwholey)
- #1785 Revert: Set default application/json content-type when using json option #1772 (@simov)
v2.63.0
- #1772 Set default application/json content-type when using json option (@jzaefferer)
v2.62.0
- #1768 Add node 4.0 to the list of build targets (@simov)
- #1767 Query strings now cooperate with unix sockets (@JoshWillik)
- #1750 Revert doc about installation of tough-cookie added in #884 (@LoicMahieu)
- #1746 Missed comma in Readme (@nsklkn)
- #1743 Fix options not being initialized in defaults method (@simov)
v2.61.0
- #1721 Minor fix in README.md (@arbaaz)
- #1733 Avoid useless Buffer transformation (@michelsalib)
- #1726 Update README.md (@paulomcnally)
- #1715 Fix forever option in node > 0.10 #1709 (@calibr)
- #1716 Do not create Buffer from Object in setContentLength(iojs v3.0 issue) (@calibr)
- #1711 Add ability to detect connect timeouts (@kevinburke)
- #1712 Set certificate expiration to August 2, 2018 (@kevinburke)
- #1700 debug() when JSON.parse() on a response body fails (@phillipj)
v2.60.0
- #1687 Fix caseless bug - content-type not being set for multipart/form-data (@simov, @garymathews)
v2.59.0
- #1671 Add tests and docs for using the agent, agentClass, agentOptions and forever options. Forever option defaults to using http(s).Agent in node 0.12+ (@simov)
- #1679 Fix - do not remove OAuth param when using OAuth realm (@simov, @jhalickman)
- #1668 updated dependencies (@deamme)
- #1656 Fix form method (@simov)
- #1651 Preserve HEAD method when using followAllRedirects (@simov)
-
#1652 Update
encoding
option documentation in README.md (@daniel347x) -
#1650 Allow content-type overriding when using the
form
option (@simov) -
#1646 Clarify the nature of setting
ca
inagentOptions
(@jeffcharles)
v2.58.0
-
#1638 Use the
extend
module to deep extend in the defaults method (@simov) - #1631 Move tunnel logic into separate module (@simov)
- #1634 Fix OAuth query transport_method (@simov)
- #1603 Add codecov (@simov)
v2.57.0
v2.56.0
- #1610 Bump module dependencies (@simov)
- #1600 Extract the querystring logic into separate module (@simov)
- #1607 Re-generate certificates (@simov)
- #1599 Move getProxyFromURI logic below the check for Invaild URI (#1595) (@simov)
- #1598 Fix the way http verbs are defined in order to please intellisense IDEs (@simov, @flannelJesus)
- #1591 A few minor fixes: (@simov)
- #1584 Refactor test-default tests (according to comments in #1430) (@simov)
- #1585 Fixing documentation regarding TLS options (#1583) (@mainakae)
- #1574 Refresh the oauth_nonce on redirect (#1573) (@simov)
- #1570 Discovered tests that weren't properly running (@seanstrom)
- #1569 Fix pause before response arrives (@kevinoid)
- #1558 Emit error instead of throw (@simov)
- #1568 Fix stall when piping gzipped response (@kevinoid)
- #1560 Update combined-stream (@apechimp)
- #1543 Initial support for oauth_body_hash on json payloads (@simov, @aesopwolf)
- #1541 Fix coveralls (@simov)
- #1540 Fix recursive defaults for convenience methods (@simov)
- #1536 More eslint style rules (@froatsnook)
- #1533 Adding dependency status bar to README.md (@YasharF)
- #1539 ensure the latest version of har-validator is included (@ahmadnassri)
- #1516 forever+pool test (@devTristan)
v2.55.0
- #1520 Refactor defaults (@simov)
- #1525 Delete request headers with undefined value. (@froatsnook)
- #1521 Add promise tests (@simov)
- #1518 Fix defaults (@simov)
- #1515 Allow static invoking of convenience methods (@simov)
- #1505 Fix multipart boundary extraction regexp (@simov)
- #1510 Fix basic auth form data (@simov)
v2.54.0
- #1501 HTTP Archive 1.2 support (@ahmadnassri)
- #1486 Add a test for the forever agent (@akshayp)
- #1500 Adding handling for no auth method and null bearer (@philberg)
- #1498 Add table of contents in readme (@simov)
- #1477 Add support for qs options via qsOptions key (@simov)
- #1496 Parameters encoded to base 64 should be decoded as UTF-8, not ASCII. (@albanm)
- #1494 Update eslint (@froatsnook)
- #1474 Require Colon in Basic Auth (@erykwalder)
- #1481 Fix baseUrl and redirections. (@burningtree)
- #1469 Feature/base url (@froatsnook)
- #1459 Add option to time request/response cycle (including rollup of redirects) (@aaron-em)
- #1468 Re-enable io.js/node 0.12 build (@simov, @mikeal, @BBB)
- #1442 Fixed the issue with strictSSL tests on 0.12 & io.js by explicitly setting a cipher that matches the cert. (@BBB, @nickmccurdy, @demohi, @simov, @0x4139)
- #1460 localAddress or proxy config is lost when redirecting (@simov, @0x4139)
- #1453 Test on Node.js 0.12 and io.js with allowed failures (@nickmccurdy, @demohi)
- #1426 Fixing tests to pass on io.js and node 0.12 (only test-https.js stiff failing) (@mikeal)
- #1446 Missing HTTP referer header with redirects Fixes #1038 (@simov, @guimon)
- #1428 Deprecate Node v0.8.x (@nylen)
- #1436 Add ability to set a requester without setting default options (@tikotzky)
- #1435 dry up verb methods (@sethpollack)
- #1423 Allow fully qualified multipart content-type header (@simov)
- #1430 Fix recursive requester (@tikotzky)
- #1429 Throw error when making HEAD request with a body (@tikotzky)
- #1419 Add note that the project is broken in 0.12.x (@nylen)
- #1413 Fix basic auth (@simov)
- #1397 Improve pipe-from-file tests (@nylen)
v2.53.0
- #1396 Do not rfc3986 escape JSON bodies (@nylen, @simov)
-
#1392 Improve
timeout
option description (@watson)
v2.52.0
- #1383 Add missing HTTPS options that were not being passed to tunnel (@brichard19) (@nylen)
- #1388 Upgrade mime-types package version (@roderickhsiao)
- #1389 Revise Setup Tunnel Function (@seanstrom)
- #1374 Allow explicitly disabling tunneling for proxied https destinations (@nylen)
- #1376 Use karma-browserify for tests. Add browser test coverage reporter. (@eiriksm)
- #1366 Refactor OAuth into separate module (@simov)
- #1373 Rewrite tunnel test to be pure Node.js (@nylen)
- #1371 Upgrade test reporter (@nylen)
- #1360 Refactor basic, bearer, digest auth logic into separate class (@simov)
- #1354 Remove circular dependency from debugging code (@nylen)
- #1351 Move digest auth into private prototype method (@simov)
- #1352 Update hawk dependency to ~2.3.0 (@mridgway)
- #1353 Correct travis-ci badge (@dogancelik)
- #1349 Make sure we return on errored browser requests. (@eiriksm)
- #1346 getProxyFromURI Extraction Refactor (@seanstrom)
- #1337 Standardize test ports on 6767 (@nylen)
- #1341 Emit FormData error events as Request error events (@nylen, @rwky)
- #1343 Clean up readme badges, and add Travis and Coveralls badges (@nylen)
- #1345 Update README.md (@Aaron-Hartwig)
- #1338 Always wait for server.close() callback in tests (@nylen)
- #1342 Add mock https server and redo start of browser tests for this purpose. (@eiriksm)
- #1339 Improve auth docs (@nylen)
- #1335 Add support for OAuth plaintext signature method (@simov)
- #1332 Add clean script to remove test-browser.js after the tests run (@seanstrom)
- #1327 Fix errors generating coverage reports. (@nylen)
- #1330 Return empty buffer upon empty response body and encoding is set to null (@seanstrom)
- #1326 Use faster container-based infrastructure on Travis (@nylen)
- #1315 Implement rfc3986 option (@simov, @nylen, @apoco, @DullReferenceException, @mmalecki, @oliamb, @cliffcrosland, @LewisJEllis, @eiriksm, @poislagarde)
- #1314 Detect urlencoded form data header via regex (@simov)
- #1317 Improve OAuth1.0 server side flow example (@simov)
v2.51.0
v2.50.0
- #1308 Add browser test to keep track of browserify compability. (@eiriksm)
- #1299 Add optional support for jsonReviver (@poislagarde)
- #1277 Add Coveralls configuration (@simov)
- #1307 Upgrade form-data, add back browserify compability. Fixes #455. (@eiriksm)
- #1305 Fix typo in README.md (@LewisJEllis)
- #1288 Update README.md to explain custom file use case (@cliffcrosland)
v2.49.0
- #1295 fix(proxy): no-proxy false positive (@oliamb)
-
#1292 Upgrade
caseless
to 0.8.1 (@mmalecki) - #1276 Set transfer encoding for multipart/related to chunked by default (@simov)
- #1275 Fix multipart content-type headers detection (@simov)
- #1269 adds streams example for review (@tbuchok)
- #1238 Add examples README.md (@simov)
v2.48.0
- #1263 Fixed a syntax error / typo in README.md (@xna2)
- #1253 Add multipart chunked flag (@simov, @nylen)
- #1251 Clarify that defaults() does not modify global defaults (@nylen)
- #1250 Improve documentation for pool and maxSockets options (@nylen)
- #1237 Documenting error handling when using streams (@vmattos)
- #1244 Finalize changelog command (@nylen)
- #1241 Fix typo (@alexanderGugel)
- #1223 Show latest version number instead of "upcoming" in changelog (@nylen)
- #1236 Document how to use custom CA in README (
Renovate configuration
rebase!
".
-
If you want to rebase/retry this PR, check this box
This PR has been generated by Renovate Bot. View repository job log here.