Bump express-rate-limit from 5.5.1 to 6.0.1 #268

Merged

dependabot[bot] merged 2 commits from dependabot/npm_and_yarn/express-rate-limit-6.0.1 into main 2021-12-27 08:05:27 +00:00

Conversation 0 Commits 2 Files Changed 3 +28 -9

dependabot[bot] commented 2021-12-27 07:05:07 +00:00 (Migrated from github.com)

Copy Link

Bumps express-rate-limit from 5.5.1 to 6.0.1.

Release notes

Sourced from express-rate-limit's releases.

v6.0.1

Fixed

• Ensure CommonJS projects can import the module.

v6.0.0

Added

• express 4.x as a peer dependency.
• Better Typescript support (the library was rewritten in Typescript).
• Export the package as both ESM and CJS.
• Publish the built package (.tgz file) on GitHub releases as well as the npm registry.
• Issue and PR templates.
• A contributing guide.

Changed

• Rename the draft_polli_ratelimit_headers option to standardHeaders.
• Rename the headers option to legacyHeaders.
• Retry-After header is now sent if either legacyHeaders or standardHeaders is set.
• Allow keyGenerator to be an async function/return a promise.
• Change the way custom stores are defined.
  • Add the init method for stores to set themselves up using options passed to the middleware.
  • Rename the incr method to increment.
  • Allow the increment, decrement, resetKey and resetAll methods to return a promise.
  • Old stores will automatically be promisified and used.
• The package can now only be used with NodeJS version 12.9.0 or greater.
• The onLimitReached configuration option is now deprecated. Replace it with a custom handler that checks the number of hits.

Removed

• Remove the deprecated limiter.resetIp method (use the limiter.resetKey method instead).
• Remove the deprecated options delayMs, delayAfter (the delay functionality was moved to the express-slow-down package) and global (use a key generator that returns a constant value).

Changelog

Sourced from express-rate-limit's changelog.

6.0.1

Fixed

• Ensure CommonJS projects can import the module.

6.0.0

Added

• express 4.x as a peer dependency.
• Better Typescript support (the library was rewritten in Typescript).
• Export the package as both ESM and CJS.
• Publish the built package (.tgz file) on GitHub releases as well as the npm registry.
• Issue and PR templates.
• A contributing guide.

Changed

• Rename the draft_polli_ratelimit_headers option to standardHeaders.
• Rename the headers option to legacyHeaders.
• Retry-After header is now sent if either legacyHeaders or standardHeaders is set.
• Allow keyGenerator to be an async function/return a promise.
• Change the way custom stores are defined.
  • Add the init method for stores to set themselves up using options passed to the middleware.
  • Rename the incr method to increment.
  • Allow the increment, decrement, resetKey and resetAll methods to return a promise.
  • Old stores will automatically be promisified and used.
• The package can now only be used with NodeJS version 12.9.0 or greater.
• The onLimitReached configuration option is now deprecated. Replace it with a custom handler that checks the number of hits.

Removed

• Remove the deprecated limiter.resetIp method (use the limiter.resetKey method instead).
• Remove the deprecated options delayMs, delayAfter (the delay functionality was moved to the express-slow-down package) and global (use a key generator that returns a constant value).

Commits

• b160f00 6.0.1
• 76a4213 fix: allow cjs modules to use this package
• e9a06dc docs: add keyGenerator is allowed to be async note to changelog
• f6014e4 typo fix
• 81346ba disable flakey test
• 6f90be2 Remove docs for deprecated onLimitReached method
• 00f38ff Call out onLimitReached deprecation
• 4786948 Merge pull request #263 from gamemaker1/opiniated-improvements
• 4d64399 style: use named import for process.platform
• b576907 test: disable server hang test on macos
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [express-rate-limit](https://github.com/nfriedly/express-rate-limit) from 5.5.1 to 6.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/nfriedly/express-rate-limit/releases">express-rate-limit's releases</a>.</em></p> <blockquote> <h2>v6.0.1</h2> <h3>Fixed</h3> <ul> <li>Ensure CommonJS projects can import the module.</li> </ul> <h2>v6.0.0</h2> <h3>Added</h3> <ul> <li><code>express</code> 4.x as a peer dependency.</li> <li>Better Typescript support (the library was rewritten in Typescript).</li> <li>Export the package as both ESM and CJS.</li> <li>Publish the built package (<code>.tgz</code> file) on GitHub releases as well as the npm registry.</li> <li>Issue and PR templates.</li> <li>A contributing guide.</li> </ul> <h3>Changed</h3> <ul> <li>Rename the <code>draft_polli_ratelimit_headers</code> option to <code>standardHeaders</code>.</li> <li>Rename the <code>headers</code> option to <code>legacyHeaders</code>.</li> <li><code>Retry-After</code> header is now sent if either <code>legacyHeaders</code> or <code>standardHeaders</code> is set.</li> <li>Allow <code>keyGenerator</code> to be an async function/return a promise.</li> <li>Change the way custom stores are defined. <ul> <li>Add the <code>init</code> method for stores to set themselves up using options passed to the middleware.</li> <li>Rename the <code>incr</code> method to <code>increment</code>.</li> <li>Allow the <code>increment</code>, <code>decrement</code>, <code>resetKey</code> and <code>resetAll</code> methods to return a promise.</li> <li>Old stores will automatically be promisified and used.</li> </ul> </li> <li>The package can now only be used with NodeJS version 12.9.0 or greater.</li> <li>The <code>onLimitReached</code> configuration option is now deprecated. Replace it with a custom <code>handler</code> that checks the number of hits.</li> </ul> <h3>Removed</h3> <ul> <li>Remove the deprecated <code>limiter.resetIp</code> method (use the <code>limiter.resetKey</code> method instead).</li> <li>Remove the deprecated options <code>delayMs</code>, <code>delayAfter</code> (the delay functionality was moved to the <a href="https://github.com/nfriedly/express-slow-down"><code>express-slow-down</code></a> package) and <code>global</code> (use a key generator that returns a constant value).</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nfriedly/express-rate-limit/blob/master/changelog.md">express-rate-limit's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/nfriedly/express-rate-limit/releases/v6.0.1">6.0.1</a></h2> <h3>Fixed</h3> <ul> <li>Ensure CommonJS projects can import the module.</li> </ul> <h2><a href="https://github.com/nfriedly/express-rate-limit/releases/v6.0.0">6.0.0</a></h2> <h3>Added</h3> <ul> <li><code>express</code> 4.x as a peer dependency.</li> <li>Better Typescript support (the library was rewritten in Typescript).</li> <li>Export the package as both ESM and CJS.</li> <li>Publish the built package (<code>.tgz</code> file) on GitHub releases as well as the npm registry.</li> <li>Issue and PR templates.</li> <li>A contributing guide.</li> </ul> <h3>Changed</h3> <ul> <li>Rename the <code>draft_polli_ratelimit_headers</code> option to <code>standardHeaders</code>.</li> <li>Rename the <code>headers</code> option to <code>legacyHeaders</code>.</li> <li><code>Retry-After</code> header is now sent if either <code>legacyHeaders</code> or <code>standardHeaders</code> is set.</li> <li>Allow <code>keyGenerator</code> to be an async function/return a promise.</li> <li>Change the way custom stores are defined. <ul> <li>Add the <code>init</code> method for stores to set themselves up using options passed to the middleware.</li> <li>Rename the <code>incr</code> method to <code>increment</code>.</li> <li>Allow the <code>increment</code>, <code>decrement</code>, <code>resetKey</code> and <code>resetAll</code> methods to return a promise.</li> <li>Old stores will automatically be promisified and used.</li> </ul> </li> <li>The package can now only be used with NodeJS version 12.9.0 or greater.</li> <li>The <code>onLimitReached</code> configuration option is now deprecated. Replace it with a custom <code>handler</code> that checks the number of hits.</li> </ul> <h3>Removed</h3> <ul> <li>Remove the deprecated <code>limiter.resetIp</code> method (use the <code>limiter.resetKey</code> method instead).</li> <li>Remove the deprecated options <code>delayMs</code>, <code>delayAfter</code> (the delay functionality was moved to the <a href="https://github.com/nfriedly/express-slow-down"><code>express-slow-down</code></a> package) and <code>global</code> (use a key generator that returns a constant value).</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/b160f0086d761e4cfc2b613768670e45947e270f"><code>b160f00</code></a> 6.0.1</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/76a4213b0024d98ac653ffd0521c2c074e4e38e8"><code>76a4213</code></a> fix: allow cjs modules to use this package</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/e9a06dc8bac3cc349ccbdbb098d97d2e5ca0fdb4"><code>e9a06dc</code></a> docs: add <code>keyGenerator</code> is allowed to be async note to changelog</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/f6014e4ad428df14ff081bee9470a2bd35d4c66c"><code>f6014e4</code></a> typo fix</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/81346ba9af65447673525fa47f28e77b3a7c9b8e"><code>81346ba</code></a> disable flakey test</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/6f90be210e4e2a658248071c1ff08ddf6fe35993"><code>6f90be2</code></a> Remove docs for deprecated onLimitReached method</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/00f38ff42e3b047f05c9ef401dee3da2237d060f"><code>00f38ff</code></a> Call out onLimitReached deprecation</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/4786948b54d2232a9730cc8cdf6d4bfda48656fa"><code>4786948</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/nfriedly/express-rate-limit/issues/263">#263</a> from gamemaker1/opiniated-improvements</li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/4d643996885797a57d47e5c754d4cf3cb9c32efc"><code>4d64399</code></a> style: use named import for <code>process.platform</code></li> <li><a href="https://github.com/nfriedly/express-rate-limit/commit/b576907fac2ee08292e75b236e5ddbec366112d8"><code>b576907</code></a> test: disable server hang test on macos</li> <li>Additional commits viewable in <a href="https://github.com/nfriedly/express-rate-limit/compare/v5.5.1...v6.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>

This repo is archived. You cannot comment on pull requests.

Reviewers

No Reviewers

Labels

Clear labels

bug

Something isn't working

dependencies

Pull requests that update a dependency file

documentation

Improvements or additions to documentation

duplicate

This issue or pull request already exists

enhancement

New feature or request

github_actions

Pull requests that update Github_actions code

good first issue

Good for newcomers

help wanted

Extra attention is needed

invalid

This doesn't seem right

javascript

Pull requests that update Javascript code

question

Further information is requested

Sirherobrine23

Sirherobrine23 Developments and features

wontfix

This will not be worked on

Compat/Breaking

Breaking change that won't be backward compatible

Kind/Bug

Something is not working

Kind/Documentation

Documentation changes

Kind/Enhancement

Improve existing functionality

Kind/Feature

New functionality

Kind/Security

This is security issue

Kind/Testing

Issue or pull request related to testing

Priority

Critical

The priority is critical

Priority

High

The priority is high

Priority

Low

The priority is low

Priority

Medium

The priority is medium

Reviewed

Confirmed

Issue has been confirmed

Reviewed

Duplicate

This issue or pull request already exists

Reviewed

Invalid

Invalid issue

Reviewed

Won't Fix

This issue won't be fixed

Status

Abandoned

Somebody has started to work on this but abandoned work

Status

Blocked

Something is blocking this issue or pull request

Status

Need More Info

Feedback is required to reproduce issue or to continue work

No Label

dependencies

javascript

Milestone

No items

No Milestone

Assignees

Clear assignees

Sirherobrine23

No Assignees

1 Participants

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: go-bds/Maneger#268

No description provided.