[Snyk] Upgrade body-parser from 1.19.0 to 1.20.3

[alan-eicker]

Snyk has created this PR to upgrade body-parser from 1.19.0 to 1.20.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released a month ago, on 2024-09-09.

Release notes

Package name: body-parser

• 1.20.3 - 2024-09-09
  

  What's Changed

  Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

  Other changes

  • chore: add support for OSSF scorecard reporting by @ inigomarquinez in #522
  • ci: fix errors in ci github action for node 8 and 9 by @ inigomarquinez in #523
  • fix: pin to node@22.4.1 by @ wesleytodd in #527
  • deps: qs@6.12.3 by @ melikhov-dev in #521
  • Add OSSF Scorecard badge by @ bjohansebas in #531
  • Linter by @ UlisesGascon in #534
  • Release: 1.20.3 by @ UlisesGascon in #535

  New Contributors

  • @ inigomarquinez made their first contribution in #522
  • @ melikhov-dev made their first contribution in #521
  • @ bjohansebas made their first contribution in #531
  • @ UlisesGascon made their first contribution in #534

  Full Changelog: 1.20.2...1.20.3

• 1.20.2 - 2023-02-22
  
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2
• 1.20.1 - 2022-10-06
  
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• 1.20.0 - 2022-04-03
  
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
    • Replace internal eval usage with Function constructor
    • Use instance methods on process to check for listeners
  • deps: http-errors@2.0.0
    • deps: depd@2.0.0
    • deps: statuses@2.0.1
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
    • deps: http-errors@2.0.0
• 1.19.2 - 2022-02-16
  
  • deps: bytes@3.1.2
  • deps: qs@6.9.7
    • Fix handling of __proto__ keys
  • deps: raw-body@2.4.3
    • deps: bytes@3.1.2
• 1.19.1 - 2021-12-10
  
  • deps: bytes@3.1.1
  • deps: http-errors@1.8.1
    • deps: inherits@2.0.4
    • deps: toidentifier@1.0.1
    • deps: setprototypeof@1.2.0
  • deps: qs@6.9.6
  • deps: raw-body@2.4.2
    • deps: bytes@3.1.1
    • deps: http-errors@1.8.1
  • deps: safe-buffer@5.2.1
  • deps: type-is@~1.6.18
• 1.19.0 - 2019-04-26

from body-parser GitHub release notes

Commit messages

Package name: body-parser

• 1752951 1.20.3
• 39744cf chore: linter (#534)
• b2695c4 Merge commit from fork
• ade0f3f add scorecard to readme (#531)
• 99a1bd6 deps: qs@6.12.3 (#521)
• 9478591 fix: pin to node@22.4.1
• 83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
• 9d4e212 chore: add support for OSSF scorecard reporting (#522)
• ee91374 1.20.2
• 368a93a Fix strict json error message on Node.js 19+
• 0385872 deps: raw-body@2.5.2
• 2c35b41 build: eslint@8.34.0
• f0646c2 build: Node.js@18.14
• f345fb1 build: Node.js@14.21
• 6842efc deps: content-type@~1.0.5
• 5af7315 build: eslint-plugin-promise@6.1.1
• 8e605b3 build: supertest@6.3.3
• cba6e77 build: mocha@10.2.0
• 6a464ab build: eslint-plugin-import@2.27.5
• 7ebf276 build: eslint@8.32.0
• 69bb649 build: Node.js@16.19
• 8ff995f docs: switch badges to badgen
• 850832f build: Node.js@18.13
• dad8f34 build: actions/download-artifact@v3

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs