[Snyk] Security upgrade express-fileupload from 0.0.5 to 0.2.0

[Omrisnyk]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
  • package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	125/1000 Why? Confidentiality impact: None, Integrity impact: None, Availability impact: High, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: Low, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 0, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: High, Package Popularity Score: 99, Impact: 5.99, Likelihood: 2.08, Score Version: V5	Missing Release of Resource after Effective Lifetime SNYK-JS-INFLIGHT-6095116	No	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: express-fileupload

• 0.2.0 - 2017-08-28
  

  Breaking Changes

  • Support for Node.js v6 and above. No longer supporting versions of Node older than 6
  • .mv() now returns a Promise when callback argument is not provided

  New Features

  • Promise returned in .mv() (#42) (9bf6e61)
• 0.1.4 - 2017-06-30
  

  Bugfixes

  • #36 Add error handlers for parser errors (0713f6f) @ dries
• 0.1.3 - 2017-04-30
  

  Bugfixes

  • #21 safeFileName: Extensions are unexpectedly stripped out

  New Features

  • preserveExtension (PR #27) (8f599b4) @ pronein
  • fix readme (PR #26) (63c759a) @ cactucs
• 0.1.2 - 2017-03-09
  

  Bugfixes

  • #16 Upload Large file

  New Features

  • Improve performance for large files (PR #22) (e23f337) @ targos
• 0.1.1 - 2017-02-18
  

  Breaking Changes

  Breaking Change 1.) No more urlencoded support

  As of v0.1.0, there is NO MORE application/x-www-form-urlencoded SUPPORT! Moving forward, express-fileupload is considered a "multipart" solution only. If you want to parse urlencoded requests, use body-parser.

  Breaking Change 2.) Support for Node v4.x.x and above now

  Usage with Node <4 is no longer supported. Use at your own risk.

  Bugfixes

  • #6 Crashes when multipart request is empty (3d72084)
  • #9 & #11 body-parser interferes with express-fileupload and vice versa (92d7ad5)
  • #19 TypeError: callback is not a function (df3df26)

  New Features

  • Unit testing and test coverage. Addresses #5 (266c10d)
  • Field array parsing (PR #20)
• 0.1.0 - 2017-02-18
  

  markdown update

• 0.0.7 - 2017-02-10
  

  Bugfixes

  • #17 multiple input file input doesn't work (ec6270d)
• 0.0.6 - 2017-01-14
  

  Bugfixes

  • #14 empty file input results in file object with empty buffer. @ r3wt (10e90ff)

  New Features

  • Better documentation. Addresses #10 (eb7f3ab)
  • Better documentation. Addresses #12 (a1090b8)
  • New option: safeFileNames. Addresses #13 (06da130)
• 0.0.5 - 2016-04-22

from express-fileupload GitHub release notes

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.