Skip to content

[Snyk] Upgrade express-rate-limit from 6.8.1 to 6.9.0

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade express-rate-limit from 6.8.1 to 6.9.0.

Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 1 version ahead of your current version.
  • The recommended version was released a month ago, on 2023-08-06.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Information Exposure
SNYK-JS-MONGODB-5871303
496/1000
Why? Recently disclosed, Has a fix available, CVSS 4.2
No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes
Package name: express-rate-limit
  • 6.9.0 - 2023-08-06

    Added

    • New validaion check for double-counted requests
    • Added help link to each ValidationError, directing users to the appropriate wiki page for more info

    Changed

    • Miscaleanous documenation improvements

    You can view the full changelog here.

  • 6.8.1 - 2023-07-27

    Changed

    • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and dts-bundle-generator from 8.x to 7.x (See #360)

    You can view the full changelog here.

from express-rate-limit GitHub release notes
Commit messages
Package name: express-rate-limit
  • 242e224 6.9.0
  • 0388f87 doc: 6.9.0 changelog
  • 56de27b doc: add use-cases section to readme (#367)
  • a081a87 docs: tweak wording around linting/testing in contributing.md (#368)
  • 07b76db fix: don't lowercase err code in short URLs
  • 6919f7f fix: include url in `ValidationError` (#365)
  • 81affa1 feat: validation check for double-counting hits for a single request (#364)
  • a013a23 ci: drop node 19
  • da02f8a docs: update pull request template
  • 4268a1a docs: update contributing guide
  • 8dc8642 build: run `test:ext` only on ci

Compare


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Merge request reports

Loading