Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Update express and entities #3

Merged
merged 1 commit into from
Feb 7, 2025
Merged

Update express and entities #3

merged 1 commit into from
Feb 7, 2025
+306 −229

Conversation

depshub-app[bot]
Copy link

@depshub-app depshub-app bot commented Feb 7, 2025

This PR includes 2 dependency updates, including 🔴 1 vulnerability, 🟠 1 major updates.

package.json

📦 Package ⬅️ Previous Version ➡️ New Version 📅 Released ⚠️ Vulnerability
express 4.18.2 🔴 5.0.0 5 months ago GHSA-jj78-5fmv-mv28
entities 4.5.0 🟠 5.0.0 7 months ago
express 4.18.2 -> 🔴 5.0.0 - Changelog ## 5.0.0
entities 4.5.0 -> 🟠 5.0.0 - Changelog ## 5.0.0
  • 🔒 Security updates available: 1 (changed by 1 since last month).
  • ⚠️ Major updates available: 2 (changed by 2 since last month).

This pull request was created using DepsHub

Update express and entities
22e8c7f 
Updated:
- express from 4.18.2 to 5.0.0
- entities from 4.5.0 to 5.0.0


For issues or feature requests: <support@depshub.com>
depshub-app[bot]
depshub-app bot commented Feb 7, 2025
View reviewed changes
server.js
@@ -27,12 +27,12 @@ app.get('/generate-proxy-url', (req, res) => {
});

// Ultraviolet handler
app.use('/service/', (req, res) => {
app.use('/service/*', (req, res) => {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package express version 5.0.0 has the following breaking changes:

Updated to path-to-regexp@8.x, removing sub-expression regex patterns for security reasons (ReDoS mitigation).

depshub-app[bot]
depshub-app bot commented Feb 7, 2025
View reviewed changes
server.js
@@ -1,6 +1,6 @@
import express from 'express';
import { createServer } from 'node:http';
import { uvPath } from '@titaniumnetwork-dev/ultraviolet';
import { uvPath } from '@titaniumnetwork-dev/ultraviolet/dist';
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package entities version 5.0.0 has the following breaking changes:

⚠️ BREAKING: The lib directory was renamed to dist in #1497. Deep imports will have to be updated.

depshub-app[bot]
depshub-app bot commented Feb 7, 2025
View reviewed changes
uv.config.js
config: '/uv/uv.config.js',
sw: '/uv/uv.sw.js',
};
handler: '/dist/uv.handler.js',
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package entities version 5.0.0 has the following breaking changes:

⚠️ BREAKING: The lib directory was renamed to dist in #1497. Deep imports will have to be updated.

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Feb 7, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@browser-vm browser-vm merged commit e7f9b7c into main Feb 7, 2025
4 checks passed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@browser-vm browser-vm browser-vm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@browser-vm