Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Update express and entities #3

Merged
merged 1 commit into from
Feb 7, 2025
Merged

Conversation

depshub-app[bot]
Copy link

@depshub-app depshub-app bot commented Feb 7, 2025

This PR includes 2 dependency updates, including 🔴 1 vulnerability, 🟠 1 major updates.

package.json

📦 Package ⬅️ Previous Version ➡️ New Version 📅 Released ⚠️ Vulnerability
express 4.18.2 🔴 5.0.0 5 months ago GHSA-jj78-5fmv-mv28
entities 4.5.0 🟠 5.0.0 7 months ago
express 4.18.2 -> 🔴 5.0.0 - Changelog ## 5.0.0
entities 4.5.0 -> 🟠 5.0.0 - Changelog ## 5.0.0

  • 🔒 Security updates available: 1 (changed by 1 since last month).
  • ⚠️ Major updates available: 2 (changed by 2 since last month).

This pull request was created using DepsHub

Updated:
- express from 4.18.2 to 5.0.0
- entities from 4.5.0 to 5.0.0


For issues or feature requests: <support@depshub.com>
@@ -27,12 +27,12 @@ app.get('/generate-proxy-url', (req, res) => {
});

// Ultraviolet handler
app.use('/service/', (req, res) => {
app.use('/service/*', (req, res) => {
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package express version 5.0.0 has the following breaking changes:

Updated to path-to-regexp@8.x, removing sub-expression regex patterns for security reasons (ReDoS mitigation).

@@ -1,6 +1,6 @@
import express from 'express';
import { createServer } from 'node:http';
import { uvPath } from '@titaniumnetwork-dev/ultraviolet';
import { uvPath } from '@titaniumnetwork-dev/ultraviolet/dist';
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package entities version 5.0.0 has the following breaking changes:

⚠️ BREAKING: The lib directory was renamed to dist in #1497. Deep imports will have to be updated.

config: '/uv/uv.config.js',
sw: '/uv/uv.sw.js',
};
handler: '/dist/uv.handler.js',
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Package entities version 5.0.0 has the following breaking changes:

⚠️ BREAKING: The lib directory was renamed to dist in #1497. Deep imports will have to be updated.

Copy link

sonarqubecloud bot commented Feb 7, 2025

@browser-vm browser-vm merged commit e7f9b7c into main Feb 7, 2025
4 checks passed
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant