Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(deps): update dependency express-rate-limit to v7 #286

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(deps): update dependency express-rate-limit to v7 #286

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 17, 2023
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
express-rate-limit 6.7.0 -> 7.4.1 age adoption passing confidence

Release Notes

express-rate-limit/express-rate-limit (express-rate-limit)

v7.4.1

Compare Source

You can view the changelog here.

v7.4.0

Compare Source

You can view the changelog here.

v7.3.1

Compare Source

Fixed
  • Changed error displayed for the creationStack validation check when a store
    with localKeys set to false is used.
  • Improved documentation for the creationStack check.

You can view the full changelog here.

v7.3.0

Compare Source

You can view the changelog here.

v7.2.0

Compare Source

Added
  • Added a new creationStack validation check that looks for instances created
    in a request handler.

You can view the full changelog here.

v7.1.5

Compare Source

Fixed
  • Enable async requestWasSuccessful methods to work as documented.

You can view the full changelog here.

v7.1.4

Compare Source

Fixed
  • Ensure header values are strings rather than numbers, for compatibility with
    Bun.

You can view the full changelog here.

v7.1.3

Compare Source

Changed
  • Loosened peer dependencies to explicitly allow the Express 5 beta. (See
    #​415)

You can view the full changelog here.

v7.1.2

Compare Source

Changed
  • Re-organized documentation from readme into docs/ folder and added
    documentation website.

You can view the full changelog here.

v7.1.1

Compare Source

Misc

You can view the full changelog here.

v7.1.0

Compare Source

Changed
  • The getKey method is now always defined. If the store does not have the
    required get method, getKey will throw an error explaining this.

You can view the full changelog here.

v7.0.2

Compare Source

Added
  • Added cluster-memory-store to the readme and made a couple of other minor
    clarifications.

You can view the full changelog here.

v7.0.1

Compare Source

Added
  • Added rate-limit-postgresql to the stores list in the readme.

You can view the full changelog here.

v7.0.0

Compare Source

Breaking
  • Changed behavior when max is set to 0:
    • Previously, max: 0 was treated as a 'disable' flag and would allow all requests through.
    • Starting with v7, all requests will be blocked when max is set to 0.
    • To replicate the old behavior, use the skip function instead.
  • Renamed req.rateLimit.current to req.rateLimit.used.
    • current is now a hidden getter that will return the used value, but it will not appear when iterating over the keys or calling JSON.stringify().
  • Changed the minimum required Node version from v14 to v16.
    • express-rate-limit now targets es2022 in TypeScript/ESBuild.
  • Bumped TypeScript from v4 to v5 and dts-bundle-generator from v7 to v8.
Deprecated
  • Removed the draft_polli_ratelimit_headers option (it was deprecated in v6).
    • Use standardHeaders: 'draft-6' instead.
  • Removed the onLimitReached option (it was deprecated in v6).
    • This is an example of how to replicate it's behavior with a custom handler option.
Changed
  • The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
  • The limit configuration option is now prefered to max.
    • It still shows the same behavior, and max is still supported. The change was made to better align with terminology used in the IETF standard drafts.
Added
  • The validate config option can now be an object with keys to enable or disable specific validation checks. For more information, see this.

v6.11.2

Compare Source

Fixed
  • Restored IncrementResponse TypeScript type (See
    #​397)

v6.11.1

Compare Source

Fixed
  • Check for prefixed keys when validating that the stores have single counted
    keys (See
    #​395).

v6.11.0

Compare Source

Added
  • Support for retrieving the current hit count and reset time for a given key
    from a store (See
    #​390).

v6.10.0

Compare Source

Added
  • Support for combined RateLimit header from the
    RateLimit header fields for HTTP standardization draft
    adopted by the IETF. Enable by setting standardHeaders: 'draft-7'.
  • New standardHeaders: 'draft-6' option, treated equivalent to
    standardHeaders: true from previous releases. Note that true and false
    are still supported.
  • New RateLimit-Policy header added when standardHeaders is set to
    'draft-6', 'draft-7', or true.
  • Warning when using deprecated draft_polli_ratelimit_headers option.
  • Warning when using deprecated onLimitReached option.
  • Warning when totalHits value returned from Store is invalid.

v6.9.0

Compare Source

Added
  • New validaion check for double-counted requests.
  • Added help link to each validation error, directing users to the appropriate
    wiki page for more info.
Changed
  • Miscellaneous documenation improvements.

v6.8.1

Compare Source

Changed
  • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and
    dts-bundle-generator from 8.x to 7.x (See
    #​360).

v6.8.0

Compare Source

Added

v6.7.2

Compare Source

Changed
  • Revert 6.7.1 change that bumped typescript from 5.x to 4.x and
    dts-bundle-generator from 8.x to 7.x (See
    #​360).

v6.7.1

Compare Source

Fixed
  • Fixed compatibility with TypeScript's TypeScript new node16 module
    resolution strategy (See
    #​355).
Changed
  • Bumped development dependencies
    • This initially include bumping typescript from 4.x to 5.x and
      dts-bundle-generator from 7.x to 8.x
  • Added node 20 to list of versions the CI jobs run on.

No functional changes.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Oct 17, 2023
@socket-security
Copy link

socket-security bot commented Oct 17, 2023
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/express-rate-limit@7.4.1 None 0 117 kB gamemaker1, nfriedly

🚮 Removed packages: npm/express-rate-limit@6.7.0

View full report↗︎

@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch 2 times, most recently from fb532c9 to eb1f779 Compare October 27, 2023 16:31
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch from eb1f779 to c1269a2 Compare November 7, 2023 17:16
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch from c1269a2 to ad54c1f Compare November 28, 2023 20:47
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch from ad54c1f to 131ef33 Compare March 4, 2024 00:59
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch 2 times, most recently from d4e765d to afb02fc Compare June 8, 2024 19:08
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch from afb02fc to 87678a8 Compare July 24, 2024 18:51
@renovate renovate bot force-pushed the renovate_express-rate-limit-7.x branch from 87678a8 to 2e829b8 Compare October 5, 2024 15:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants