[Snyk] Upgrade express-session from 1.15.6 to 1.17.2

[snyk-bot]

Snyk has created this PR to upgrade express-session from 1.15.6 to 1.17.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 7 months ago, on 2021-05-19.

Release notes

Package name: express-session

• 1.17.2 - 2021-05-19
  
  • Fix res.end patch to always commit headers
  • deps: cookie@0.4.1
  • deps: safe-buffer@5.2.1
• 1.17.1 - 2020-04-17
  
  • Fix internal method wrapping error on failed reloads
• 1.17.0 - 2019-10-11
  
  • deps: cookie@0.4.0
    • Add SameSite=None support
  • deps: safe-buffer@5.2.0
• 1.16.2 - 2019-06-12
  
  • Fix restoring cookie.originalMaxAge when store returns Date
  • deps: parseurl@~1.3.3
• 1.16.1 - 2019-04-11
  
  • Fix error passing data option to Cookie constructor
  • Fix uncaught error from bad session data
• 1.16.0 - 2019-04-11
  
  • Catch invalid cookie.maxAge value earlier
  • Deprecate setting cookie.maxAge to a Date object
  • Fix issue where resave: false may not save altered sessions
  • Remove utils-merge dependency
  • Use safe-buffer for improved Buffer API
  • Use Set-Cookie as cookie header name for compatibility
  • deps: depd@~2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
    • perf: remove argument reassignment
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value
• 1.15.6 - 2017-09-26
  
  • deps: debug@2.6.9
  • deps: parseurl@~1.3.2
    • perf: reduce overhead for full URLs
    • perf: unroll the "fast-path" RegExp
  • deps: uid-safe@~2.1.5
    • perf: remove only trailing =
  • deps: utils-merge@1.0.1

from express-session GitHub release notes

Commit messages

Package name: express-session

• 0048bca 1.17.2
• 4baea4a build: Node.js@16.2
• 45cbbf4 bulid: eslint-plugin-markdown@2.1.0
• 9a1cc15 build: eslint@7.26.0
• 7ff50af build: use GitHub Actions instead of Travis CI
• b23ec4f docs: note about samesite attribute and secure requirements
• 034fd4e build: supertest@6.1.3
• a811b59 docs: add @ databunker/session-store to the list of session stores
• 5cf60e2 docs: add better-sqlite3-session-store to the list of session stores
• 579154a build: Node.js@12.22
• 657e3c0 build: mocha@8.4.0
• f44f0e4 build: support Node.js 16.x
• e007c85 build: Node.js@15.12
• 373514d build: mocha@8.3.1
• 6e4052d build: Node.js@15.10
• c1df7c5 build: Node.js@14.16
• 3acbb81 build: Node.js@10.24
• 7a6c479 build: Node.js@12.21
• acca908 build: Node.js@15.6
• 54e4193 build: supertest@6.1.1
• a26b4d3 build: Node.js@10.23
• 1813cd4 build: Node.js@14.15
• 7452225 build: Node.js@15.4
• 8914d60 build: Node.js@12.20

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs