Skip to content

Commit dec5817

Browse files
mredelemredele
authored
fix: bump dependencies to fix vulnerabilities (#2)
* fix: bump dependencies to fix vulnerabilities Tests are broken above node 18.18. There were significant changes in the path support (e.g. dropped support for regex). * specific minor node version in .nvmrc
1 parent 12a3794 commit dec5817

File tree

7 files changed

+45
-146
lines changed

7 files changed

+45
-146
lines changed

.nvmrc

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1 @@
1+
v18.12

index.js

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -482,7 +482,7 @@ Router.prototype.use = function use(handler) {
482482

483483
var layer = new Layer(path, {
484484
sensitive: this.caseSensitive,
485-
strict: false,
485+
trailing: !this.strict,
486486
end: false
487487
}, fn)
488488

@@ -512,7 +512,7 @@ Router.prototype.route = function route(path) {
512512

513513
var layer = new Layer(path, {
514514
sensitive: this.caseSensitive,
515-
strict: this.strict,
515+
trailing: !this.strict,
516516
end: true
517517
}, handle)
518518

lib/layer.js

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@
1212
* @private
1313
*/
1414

15-
var pathRegexp = require('path-to-regexp')
15+
var {pathToRegexp} = require('path-to-regexp')
1616
var debug = require('debug')('router:layer')
1717

1818
/**
@@ -40,7 +40,9 @@ function Layer(path, options, fn) {
4040
this.name = fn.name || '<anonymous>'
4141
this.params = undefined
4242
this.path = undefined
43-
this.regexp = pathRegexp(path, this.keys = [], opts)
43+
var regexpResult = pathToRegexp(path, opts)
44+
this.keys = regexpResult.keys
45+
this.regexp = regexpResult.regexp
4446

4547
// set fast path flags
4648
this.regexp.fast_star = path === '*'

package.json

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -13,18 +13,18 @@
1313
"debug": "2.6.9",
1414
"methods": "~1.1.2",
1515
"parseurl": "~1.3.2",
16-
"path-to-regexp": "0.1.7",
16+
"path-to-regexp": "8.2.0",
1717
"setprototypeof": "1.1.1",
1818
"utils-merge": "1.0.1"
1919
},
2020
"devDependencies": {
2121
"after": "0.8.2",
22-
"eslint": "3.19.0",
23-
"eslint-plugin-markdown": "1.0.0-beta.6",
24-
"finalhandler": "1.1.2",
22+
"eslint": "8.57.1",
23+
"eslint-plugin-markdown": "3.0.1",
24+
"finalhandler": "2.1.0",
2525
"istanbul": "0.4.5",
26-
"mocha": "2.5.3",
27-
"supertest": "1.1.0"
26+
"mocha": "10.8.2",
27+
"supertest": "7.1.1"
2828
},
2929
"files": [
3030
"lib/",
@@ -34,7 +34,7 @@
3434
"index.js"
3535
],
3636
"engines": {
37-
"node": ">= 0.8"
37+
"node": ">= 18"
3838
},
3939
"scripts": {
4040
"lint": "eslint --plugin markdown --ext js,md .",

test/req.params.js

Lines changed: 3 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -136,33 +136,15 @@ describe('req.params', function () {
136136
sawParams(req, res)
137137
})
138138
})
139-
140-
router.get('/*', hitParams(1))
139+
// https://expressjs.com/en/guide/migrating-5.html#path-syntax
140+
router.get('/*asdf', hitParams(1))
141141

142142
request(server)
143143
.get('/buzz')
144-
.expect('x-params-1', '{"0":"foo","1":"bar","2":"buzz"}')
144+
.expect('x-params-1', '{"0":"foo","1":"bar","asdf":"buzz"}')
145145
.expect(200, '{"0":"foo","1":"bar"}', done)
146146
})
147147

148-
it('should merge with same numeric properties', function (done) {
149-
var router = Router({ mergeParams: true })
150-
var server = createServer(function (req, res, next) {
151-
req.params = {'0': 'foo'}
152-
153-
router(req, res, function (err) {
154-
if (err) return next(err)
155-
sawParams(req, res)
156-
})
157-
})
158-
159-
router.get('/*', hitParams(1))
160-
161-
request(server)
162-
.get('/bar')
163-
.expect('x-params-1', '{"0":"foo","1":"bar"}')
164-
.expect(200, '{"0":"foo"}', done)
165-
})
166148
})
167149
})
168150
})

test/route.js

Lines changed: 20 additions & 36 deletions
Original file line numberDiff line numberDiff line change
@@ -192,7 +192,7 @@ describe('Router', function () {
192192

193193
var body = method !== 'head'
194194
? 'hello, world'
195-
: ''
195+
: undefined
196196

197197
describe('.' + method + '(...fn)', function () {
198198
it('should respond to a ' + method.toUpperCase() + ' request', function (done) {
@@ -508,18 +508,19 @@ describe('Router', function () {
508508
it('should work following a partial capture group', function (done) {
509509
var cb = after(2, done)
510510
var router = new Router()
511-
var route = router.route('/user(s)?/:user/:op')
511+
var route = router.route('/user{s}/:user/:op')
512512
var server = createServer(router)
513513

514514
route.all(sendParams)
515515

516+
// https://expressjs.com/en/guide/migrating-5.html#path-syntax
516517
request(server)
517518
.get('/user/tj/edit')
518519
.expect(200, {'user': 'tj', 'op': 'edit'}, cb)
519520

520521
request(server)
521522
.get('/users/tj/edit')
522-
.expect(200, {'0': 's', 'user': 'tj', 'op': 'edit'}, cb)
523+
.expect(200, {'user': 'tj', 'op': 'edit'}, cb)
523524
})
524525

525526
it('should work inside literal paranthesis', function (done) {
@@ -555,68 +556,68 @@ describe('Router', function () {
555556
describe('using "*"', function () {
556557
it('should capture everything', function (done) {
557558
var router = new Router()
558-
var route = router.route('*')
559+
var route = router.route('*name')
559560
var server = createServer(router)
560561

561562
route.all(sendParams)
562563

563564
request(server)
564565
.get('/foo/bar/baz')
565-
.expect(200, {'0': '/foo/bar/baz'}, done)
566+
.expect(200, {'name': '/foo/bar/baz'}, done)
566567
})
567568

568569
it('should decode the capture', function (done) {
569570
var router = new Router()
570-
var route = router.route('*')
571+
var route = router.route('*name')
571572
var server = createServer(router)
572573

573574
route.all(sendParams)
574575

575576
request(server)
576577
.get('/foo/%20/baz')
577-
.expect(200, {'0': '/foo/ /baz'}, done)
578+
.expect(200, {'name': '/foo/ /baz'}, done)
578579
})
579580

580581
it('should capture everything with pre- and post-fixes', function (done) {
581582
var router = new Router()
582-
var route = router.route('/foo/*/bar')
583+
var route = router.route('/foo/*name/bar')
583584
var server = createServer(router)
584585

585586
route.all(sendParams)
586587

587588
request(server)
588589
.get('/foo/1/2/3/bar')
589-
.expect(200, {'0': '1/2/3'}, done)
590+
.expect(200, {'name': '1/2/3'}, done)
590591
})
591592

592593
it('should capture greedly', function (done) {
593594
var router = new Router()
594-
var route = router.route('/foo/*/bar')
595+
var route = router.route('/foo/*name/bar')
595596
var server = createServer(router)
596597

597598
route.all(sendParams)
598599

599600
request(server)
600601
.get('/foo/bar/bar/bar')
601-
.expect(200, {'0': 'bar/bar'}, done)
602+
.expect(200, {'name': 'bar/bar'}, done)
602603
})
603604

604-
it('should be an optional capture', function (done) {
605+
it('regex characters are not supported', function (done) {
605606
var router = new Router()
606-
var route = router.route('/foo*')
607+
var route = router.route('/foo*name')
607608
var server = createServer(router)
608609

609610
route.all(sendParams)
610611

611612
request(server)
612613
.get('/foo')
613-
.expect(200, {'0': ''}, done)
614+
.expect(404, done)
614615
})
615616

616617
it('should require preceeding /', function (done) {
617618
var cb = after(2, done)
618619
var router = new Router()
619-
var route = router.route('/foo/*')
620+
var route = router.route('/foo/{*name}')
620621
var server = createServer(router)
621622

622623
route.all(sendParams)
@@ -630,39 +631,22 @@ describe('Router', function () {
630631
.expect(200, cb)
631632
})
632633

633-
it('should work in a named parameter', function (done) {
634-
var cb = after(2, done)
635-
var router = new Router()
636-
var route = router.route('/:foo(*)')
637-
var server = createServer(router)
638-
639-
route.all(sendParams)
640-
641-
request(server)
642-
.get('/bar')
643-
.expect(200, {'0': 'bar', 'foo': 'bar'}, cb)
644-
645-
request(server)
646-
.get('/fizz/buzz')
647-
.expect(200, {'0': 'fizz/buzz', 'foo': 'fizz/buzz'}, cb)
648-
})
649-
650634
it('should work before a named parameter', function (done) {
651635
var router = new Router()
652-
var route = router.route('/*/user/:id')
636+
var route = router.route('/*name/user/:id')
653637
var server = createServer(router)
654638

655639
route.all(sendParams)
656640

657641
request(server)
658642
.get('/poke/user/42')
659-
.expect(200, {'0': 'poke', 'id': '42'}, done)
643+
.expect(200, {'name': 'poke', 'id': '42'}, done)
660644
})
661645

662646
it('should work within arrays', function (done) {
663647
var cb = after(3, done)
664648
var router = new Router()
665-
var route = router.route(['/user/:id', '/foo/*', '/:action'])
649+
var route = router.route(['/user/:id', '/foo/*name', '/:action'])
666650
var server = createServer(router)
667651

668652
route.all(sendParams)
@@ -673,7 +657,7 @@ describe('Router', function () {
673657

674658
request(server)
675659
.get('/foo/bar')
676-
.expect(200, {'0': 'bar'}, cb)
660+
.expect(200, {'name': 'bar'}, cb)
677661

678662
request(server)
679663
.get('/poke')

0 commit comments

Comments
 (0)