chore(deps): update dependency express-session to v1.18.1 #18

mend-for-github-com · 2024-05-03T07:49:05Z

This PR contains the following updates:

Package	Type	Update	Change
express-session	dependencies	minor	`1.15.6` -> `1.18.1`

Release Notes

expressjs/session (express-session)

`v1.18.1`

Compare Source

==========

deps: [email protected]
- Fix object assignment of hasOwnProperty
deps: [email protected]
- Allow leading dot for domain
  - Although not permitted in the spec, some users expect this to work and user agents ignore the leading dot according to spec
- Add fast path for serialize without options, use obj.hasOwnProperty when parsing
deps: [email protected]
- perf: parse cookies ~10% faster
- fix: narrow the validation of cookies to match RFC6265
- fix: add main to package.json for rspack

`v1.18.0`

Compare Source

===================

Add debug log for pathname mismatch
Add partitioned to cookie options
Add priority to cookie options
Fix handling errors from setting cookie
Support any type in secret that crypto.createHmac supports
deps: [email protected]
- Fix expires option to reject invalid dates
- perf: improve default decode speed
- perf: remove slow string split in parse
deps: [email protected]

`v1.17.3`

Compare Source

===================

Fix resaving already-saved new session at end of request
deps: [email protected]

`v1.17.2`

Compare Source

===================

Fix res.end patch to always commit headers
deps: [email protected]
deps: [email protected]

`v1.17.1`

Compare Source

===================

Fix internal method wrapping error on failed reloads

`v1.17.0`

Compare Source

===================

deps: [email protected]
- Add SameSite=None support
deps: [email protected]

`v1.16.2`

Compare Source

===================

Fix restoring cookie.originalMaxAge when store returns Date
deps: parseurl@~1.3.3

`v1.16.1`

Compare Source

===================

Fix error passing data option to Cookie constructor
Fix uncaught error from bad session data

`v1.16.0`

Compare Source

===================

Catch invalid cookie.maxAge value earlier
Deprecate setting cookie.maxAge to a Date object
Fix issue where resave: false may not save altered sessions
Remove utils-merge dependency
Use safe-buffer for improved Buffer API
Use Set-Cookie as cookie header name for compatibility
deps: depd@~2.0.0
- Replace internal eval usage with Function constructor
- Use instance methods on process to check for listeners
- perf: remove argument reassignment
deps: on-headers@~1.0.2
- Fix res.writeHead patch missing return value

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

disabled

chore(deps): update dependency express-session to v1.18.1

6692d98

mend-for-github-com bot force-pushed the whitesource-remediate/express-session-1.x-lockfile branch from 1c769c1 to 6692d98 Compare October 9, 2024 07:58

mend-for-github-com bot changed the title ~~chore(deps): update dependency express-session to v1.18.0~~ chore(deps): update dependency express-session to v1.18.1 Oct 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): update dependency express-session to v1.18.1 #18

chore(deps): update dependency express-session to v1.18.1 #18

mend-for-github-com bot commented May 3, 2024 •

edited

Loading

chore(deps): update dependency express-session to v1.18.1 #18

Are you sure you want to change the base?

chore(deps): update dependency express-session to v1.18.1 #18

Conversation

mend-for-github-com bot commented May 3, 2024 • edited Loading

Release Notes

Configuration

mend-for-github-com bot commented May 3, 2024 •

edited

Loading