Update dependency body-parser to v1.20.4 #12

mend-for-github-com · 2022-11-29T02:04:50Z

This PR contains the following updates:

Package	Type	Update	Change
body-parser	dependencies	minor	`1.19.0` -> `1.20.4`

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	Vulnerability
High	7.5	CVE-2022-24999
High	7.5	CVE-2024-45590
High	7.5	CVE-2025-15284

Release Notes

expressjs/body-parser (body-parser)

`v1.20.4`

Compare Source

===================

deps: qs@~6.14.0
deps: use tilde notation for dependencies
deps: http-errors@~2.0.1
deps: raw-body@~2.5.3

`v1.20.3`

Compare Source

===================

deps: qs@6.13.0
add depth option to customize the depth level in the parser
IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

`v1.20.2`

Compare Source

===================

Fix strict json error message on Node.js 19+
deps: content-type@~1.0.5
- perf: skip value escaping when unnecessary
deps: raw-body@2.5.2

`v1.20.1`

Compare Source

===================

deps: qs@6.11.0
perf: remove unnecessary object clone

`v1.20.0`

Compare Source

===================

Fix error message for json parse whitespace in strict
Fix internal error when inflated body exceeds limit
Prevent loss of async hooks context
Prevent hanging when request already read
deps: depd@2.0.0
- Replace internal eval usage with Function constructor
- Use instance methods on process to check for listeners
deps: http-errors@2.0.0
- deps: depd@2.0.0
- deps: statuses@2.0.1
deps: on-finished@2.4.1
deps: qs@6.10.3
deps: raw-body@2.5.1
- deps: http-errors@2.0.0

`v1.19.2`

Compare Source

===================

deps: bytes@3.1.2
deps: qs@6.9.7
- Fix handling of __proto__ keys
deps: raw-body@2.4.3
- deps: bytes@3.1.2

`v1.19.1`

Compare Source

===================

deps: bytes@3.1.1
deps: http-errors@1.8.1
- deps: inherits@2.0.4
- deps: toidentifier@1.0.1
- deps: setprototypeof@1.2.0
deps: qs@6.9.6
deps: raw-body@2.4.2
- deps: bytes@3.1.1
- deps: http-errors@1.8.1
deps: safe-buffer@5.2.1
deps: type-is@~1.6.18

If you want to rebase/retry this PR, check this box

mend-for-github-com bot added the security fix Security fix generated by Mend label Nov 29, 2022

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1~~ Update dependency body-parser to v1.19.1 - autoclosed Mar 27, 2023

mend-for-github-com bot closed this Mar 27, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch March 27, 2023 09:24

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1 - autoclosed~~ Update dependency body-parser to v1.19.1 Mar 31, 2023

mend-for-github-com bot reopened this Mar 31, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch March 31, 2023 04:33

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1~~ Update dependency body-parser to v1.19.1 - autoclosed Jun 16, 2023

mend-for-github-com bot closed this Jun 16, 2023

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch June 16, 2023 03:58

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1 - autoclosed~~ Update dependency body-parser to v1.19.1 Jun 19, 2023

mend-for-github-com bot reopened this Jun 19, 2023

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch June 19, 2023 20:24

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 6abeaf3 to 0a75c57 Compare June 19, 2023 20:24

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 4 times, most recently from b8f7311 to 0706f98 Compare July 28, 2023 21:46

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 6 times, most recently from eb9d648 to 0cfeb7e Compare August 6, 2023 05:55

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 2 times, most recently from bc3e65c to 306ef60 Compare August 13, 2023 03:27

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 2 times, most recently from 56ea6c9 to 4cc6f1f Compare September 13, 2023 19:32

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 4cc6f1f to b729967 Compare November 24, 2023 04:08

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1~~ Update dependency body-parser to v1.19.1 - autoclosed Apr 3, 2024

mend-for-github-com bot closed this Apr 3, 2024

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch April 3, 2024 03:53

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1 - autoclosed~~ Update dependency body-parser to v1.19.1 Apr 4, 2024

mend-for-github-com bot reopened this Apr 4, 2024

mend-for-github-com bot restored the whitesource-remediate/body-parser-1.x-lockfile branch April 4, 2024 19:15

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from b729967 to d3b8f85 Compare April 4, 2024 19:16

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1~~ Update dependency body-parser to v1.19.1 - autoclosed Mar 20, 2025

mend-for-github-com bot closed this Mar 20, 2025

mend-for-github-com bot deleted the whitesource-remediate/body-parser-1.x-lockfile branch March 20, 2025 16:54

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1 - autoclosed~~ Update dependency body-parser to v1.19.1 Mar 25, 2025

mend-for-github-com bot reopened this Mar 25, 2025

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 49664bf to d3b8f85 Compare March 25, 2025 18:25

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1~~ Update dependency body-parser to v1.19.1 - autoclosed Nov 26, 2025

mend-for-github-com bot closed this Nov 26, 2025

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.19.1 - autoclosed~~ Update dependency body-parser to v1.20.3 Nov 26, 2025

mend-for-github-com bot reopened this Nov 26, 2025

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch 2 times, most recently from d3b8f85 to 595ef1f Compare November 26, 2025 20:01

Update dependency body-parser to v1.20.4

b687999

mend-for-github-com bot force-pushed the whitesource-remediate/body-parser-1.x-lockfile branch from 595ef1f to b687999 Compare December 30, 2025 14:50

mend-for-github-com bot changed the title ~~Update dependency body-parser to v1.20.3~~ Update dependency body-parser to v1.20.4 Dec 30, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Update dependency body-parser to v1.20.4 #12

Update dependency body-parser to v1.20.4 #12

Uh oh!

mend-for-github-com bot commented Nov 29, 2022 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Update dependency body-parser to v1.20.4 #12

Are you sure you want to change the base?

Update dependency body-parser to v1.20.4 #12

Uh oh!

Conversation

mend-for-github-com bot commented Nov 29, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Release Notes

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.2

v1.19.1

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

mend-for-github-com bot commented Nov 29, 2022 •

edited

Loading

`v1.20.4`

`v1.20.3`

`v1.20.2`

`v1.20.1`

`v1.20.0`

`v1.19.2`

`v1.19.1`