Skip to content

[Snyk] Upgrade express-rate-limit from 6.8.1 to 6.11.2

Insidious Fiddler requested to merge snyk-upgrade-e6bb938a4597b8850e1ff7fdf5d3335a into main

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade express-rate-limit from 6.8.1 to 6.11.2.

Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 5 versions ahead of your current version.
  • The recommended version was released 3 months ago, on 2023-09-12.
Release notes
Package name: express-rate-limit
  • 6.11.2 - 2023-09-12

    Fixed

    • Restored IncrementResponse TypeScript type (See #397)
  • 6.11.1 - 2023-09-10

    Fixed

    • Check for prefixed keys when validating that the stores have single counted keys (See #395).
  • 6.11.0 - 2023-09-06

    Added

    • Support for retrieving the current hit count and reset time for a given key from a store (See #390).
  • 6.10.0 - 2023-08-30

    Added

    • Support for combined RateLimit header from the RateLimit header fields for HTTP standardization draft adopted by the IETF. Enable by setting standardHeaders: 'draft-7'
    • New standardHeaders: 'draft-6' option, treated equivalent to standardHeaders: true from previous releases. (true and false are still supported.)
    • New RateLimit-Policy header added when standardHeaders is set to 'draft-6', 'draft-7', or true
    • Warning when using deprecated draft_polli_ratelimit_headers option
    • Warning when using deprecated onLimitReached option
    • Warning when totalHits value returned from Store is invalid
  • 6.9.0 - 2023-08-06

    Added

    • New validaion check for double-counted requests
    • Added help link to each ValidationError, directing users to the appropriate wiki page for more info

    Changed

    • Miscaleanous documenation improvements

    You can view the full changelog here.

  • 6.8.1 - 2023-07-27

    Changed

    • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and dts-bundle-generator from 8.x to 7.x (See #360)

    You can view the full changelog here.

from express-rate-limit GitHub release notes
Commit messages
Package name: express-rate-limit
  • 1f7d05e 6.11.2
  • d57dd59 doc: 6.11.2 changelog
  • 82a1d46 fix: restore IncrementResponse type (#397)
  • 08f936d chore: release v6.11.1
  • aeb1088 docs: update changelog for v6.11.1
  • 23558f0 fix: consider store prefix in `singleCount` validation check (#394)
  • 625ce86 chore: release v6.11.0
  • a38ced9 docs: update changelog for v6.11.0
  • 6217b36 feat: add `get` method to the `Store` interface (#390)
  • b669e77 docs: update contributing guide
  • d3477c2 chore: use `.prettierignore` file
  • 57ee25c 6.10.0
  • fbd64df Update changelog for 6.10.0
  • 8716f5a feat: support combined `RateLimit` header from ietf draft 7 (#376)
  • 07bfc67 feat: validate `totalHits` value returned from store (#379)
  • 43cadd4 validations: add `draft_polli_ratelimit_headers` option deprecation warning (#377)
  • 0bdd5fc test: improve coverage
  • 3cb205d docs: precise-memory-store is modern as of v2
  • f8469d1 chore: remove unecessary meta files
  • a53350c chore: use extracted config packages
  • a118c69 docs: update ci badge in readme
  • 9ba2ed2 use named export in all readme examples
  • 7e7f74a validations: add onLimitReached deprecation warning (#373)
  • 7ad59d3 validations: add `max: 0` change warning (#370)

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Merge request reports