1 | 3.7.0 / 2019-05-17
|
2 | ==================
|
3 |
|
4 | * deps: finalhandler@1.1.2
|
5 | - Set stricter `Content-Security-Policy` header
|
6 | - Fix 404 output for bad / missing pathnames
|
7 | - deps: encodeurl@~1.0.2
|
8 | - deps: parseurl@~1.3.3
|
9 | - deps: statuses@~1.4.0
|
10 | * deps: parseurl@~1.3.3
|
11 | * perf: remove substr call from FQDN mapping
|
12 |
|
13 | 3.6.6 / 2018-02-14
|
14 | ==================
|
15 |
|
16 | * deps: finalhandler@1.1.0
|
17 | - Use `res.headersSent` when available
|
18 | * perf: remove array read-past-end
|
19 |
|
20 | 3.6.5 / 2017-09-22
|
21 | ==================
|
22 |
|
23 | * deps: debug@2.6.9
|
24 | * deps: finalhandler@1.0.6
|
25 | - deps: debug@2.6.9
|
26 |
|
27 | 3.6.4 / 2017-09-20
|
28 | ==================
|
29 |
|
30 | * deps: finalhandler@1.0.5
|
31 | - deps: parseurl@~1.3.2
|
32 | * deps: parseurl@~1.3.2
|
33 | - perf: reduce overhead for full URLs
|
34 | - perf: unroll the "fast-path" `RegExp`
|
35 | * deps: utils-merge@1.0.1
|
36 |
|
37 | 3.6.3 / 2017-08-03
|
38 | ==================
|
39 |
|
40 | * deps: debug@2.6.8
|
41 | * deps: finalhandler@1.0.4
|
42 | - deps: debug@2.6.8
|
43 |
|
44 | 3.6.2 / 2017-05-16
|
45 | ==================
|
46 |
|
47 | * deps: finalhandler@1.0.3
|
48 | - deps: debug@2.6.7
|
49 | * deps: debug@2.6.7
|
50 | - deps: ms@2.0.0
|
51 |
|
52 | 3.6.1 / 2017-04-19
|
53 | ==================
|
54 |
|
55 | * deps: debug@2.6.3
|
56 | - Fix `DEBUG_MAX_ARRAY_LENGTH`
|
57 | * deps: finalhandler@1.0.1
|
58 | - Fix missing `</html>` in HTML document
|
59 | - deps: debug@2.6.3
|
60 |
|
61 | 3.6.0 / 2017-02-17
|
62 | ==================
|
63 |
|
64 | * deps: debug@2.6.1
|
65 | - Allow colors in workers
|
66 | - Deprecated `DEBUG_FD` environment variable set to `3` or higher
|
67 | - Fix error when running under React Native
|
68 | - Use same color for same namespace
|
69 | - deps: ms@0.7.2
|
70 | * deps: finalhandler@1.0.0
|
71 | - Fix exception when `err` cannot be converted to a string
|
72 | - Fully URL-encode the pathname in the 404
|
73 | - Only include the pathname in the 404 message
|
74 | - Send complete HTML document
|
75 | - Set `Content-Security-Policy: default-src 'self'` header
|
76 | - deps: debug@2.6.1
|
77 |
|
78 | 3.5.1 / 2017-02-12
|
79 | ==================
|
80 |
|
81 | * deps: finalhandler@0.5.1
|
82 | - Fix exception when `err.headers` is not an object
|
83 | - deps: statuses@~1.3.1
|
84 | - perf: hoist regular expressions
|
85 | - perf: remove duplicate validation path
|
86 |
|
87 | 3.5.0 / 2016-09-09
|
88 | ==================
|
89 |
|
90 | * deps: finalhandler@0.5.0
|
91 | - Change invalid or non-numeric status code to 500
|
92 | - Overwrite status message to match set status code
|
93 | - Prefer `err.statusCode` if `err.status` is invalid
|
94 | - Set response headers from `err.headers` object
|
95 | - Use `statuses` instead of `http` module for status messages
|
96 |
|
97 | 3.4.1 / 2016-01-23
|
98 | ==================
|
99 |
|
100 | * deps: finalhandler@0.4.1
|
101 | - deps: escape-html@~1.0.3
|
102 | * deps: parseurl@~1.3.1
|
103 | - perf: enable strict mode
|
104 |
|
105 | 3.4.0 / 2015-06-18
|
106 | ==================
|
107 |
|
108 | * deps: debug@~2.2.0
|
109 | - deps: ms@0.7.1
|
110 | * deps: finalhandler@0.4.0
|
111 | - Fix a false-positive when unpiping in Node.js 0.8
|
112 | - Support `statusCode` property on `Error` objects
|
113 | - Use `unpipe` module for unpiping requests
|
114 | - deps: debug@~2.2.0
|
115 | - deps: escape-html@1.0.2
|
116 | - deps: on-finished@~2.3.0
|
117 | - perf: enable strict mode
|
118 | - perf: remove argument reassignment
|
119 | * perf: enable strict mode
|
120 | * perf: remove argument reassignments
|
121 |
|
122 | 3.3.5 / 2015-03-16
|
123 | ==================
|
124 |
|
125 | * deps: debug@~2.1.3
|
126 | - Fix high intensity foreground color for bold
|
127 | - deps: ms@0.7.0
|
128 | * deps: finalhandler@0.3.4
|
129 | - deps: debug@~2.1.3
|
130 |
|
131 | 3.3.4 / 2015-01-07
|
132 | ==================
|
133 |
|
134 | * deps: debug@~2.1.1
|
135 | * deps: finalhandler@0.3.3
|
136 | - deps: debug@~2.1.1
|
137 | - deps: on-finished@~2.2.0
|
138 |
|
139 | 3.3.3 / 2014-11-09
|
140 | ==================
|
141 |
|
142 | * Correctly invoke async callback asynchronously
|
143 |
|
144 | 3.3.2 / 2014-10-28
|
145 | ==================
|
146 |
|
147 | * Fix handling of URLs containing `://` in the path
|
148 |
|
149 | 3.3.1 / 2014-10-22
|
150 | ==================
|
151 |
|
152 | * deps: finalhandler@0.3.2
|
153 | - deps: on-finished@~2.1.1
|
154 |
|
155 | 3.3.0 / 2014-10-17
|
156 | ==================
|
157 |
|
158 | * deps: debug@~2.1.0
|
159 | - Implement `DEBUG_FD` env variable support
|
160 | * deps: finalhandler@0.3.1
|
161 | - Terminate in progress response only on error
|
162 | - Use `on-finished` to determine request status
|
163 | - deps: debug@~2.1.0
|
164 |
|
165 | 3.2.0 / 2014-09-08
|
166 | ==================
|
167 |
|
168 | * deps: debug@~2.0.0
|
169 | * deps: finalhandler@0.2.0
|
170 | - Set `X-Content-Type-Options: nosniff` header
|
171 | - deps: debug@~2.0.0
|
172 |
|
173 | 3.1.1 / 2014-08-10
|
174 | ==================
|
175 |
|
176 | * deps: parseurl@~1.3.0
|
177 |
|
178 | 3.1.0 / 2014-07-22
|
179 | ==================
|
180 |
|
181 | * deps: debug@1.0.4
|
182 | * deps: finalhandler@0.1.0
|
183 | - Respond after request fully read
|
184 | - deps: debug@1.0.4
|
185 | * deps: parseurl@~1.2.0
|
186 | - Cache URLs based on original value
|
187 | - Remove no-longer-needed URL mis-parse work-around
|
188 | - Simplify the "fast-path" `RegExp`
|
189 | * perf: reduce executed logic in routing
|
190 | * perf: refactor location of `try` block
|
191 |
|
192 | 3.0.2 / 2014-07-10
|
193 | ==================
|
194 |
|
195 | * deps: debug@1.0.3
|
196 | - Add support for multiple wildcards in namespaces
|
197 | * deps: parseurl@~1.1.3
|
198 | - faster parsing of href-only URLs
|
199 |
|
200 | 3.0.1 / 2014-06-19
|
201 | ==================
|
202 |
|
203 | * use `finalhandler` for final response handling
|
204 | * deps: debug@1.0.2
|
205 |
|
206 | 3.0.0 / 2014-05-29
|
207 | ==================
|
208 |
|
209 | * No changes
|
210 |
|
211 | 3.0.0-rc.2 / 2014-05-04
|
212 | =======================
|
213 |
|
214 | * Call error stack even when response has been sent
|
215 | * Prevent default 404 handler after response sent
|
216 | * dep: debug@0.8.1
|
217 | * encode stack in HTML for default error handler
|
218 | * remove `proto` export
|
219 |
|
220 | 3.0.0-rc.1 / 2014-03-06
|
221 | =======================
|
222 |
|
223 | * move middleware to separate repos
|
224 | * remove docs
|
225 | * remove node patches
|
226 | * remove connect(middleware...)
|
227 | * remove the old `connect.createServer()` method
|
228 | * remove various private `connect.utils` functions
|
229 | * drop node.js 0.8 support
|
230 |
|
231 | 2.30.2 / 2015-07-31
|
232 | ===================
|
233 |
|
234 | * deps: body-parser@~1.13.3
|
235 | - deps: type-is@~1.6.6
|
236 | * deps: compression@~1.5.2
|
237 | - deps: accepts@~1.2.12
|
238 | - deps: compressible@~2.0.5
|
239 | - deps: vary@~1.0.1
|
240 | * deps: errorhandler@~1.4.2
|
241 | - deps: accepts@~1.2.12
|
242 | * deps: method-override@~2.3.5
|
243 | - deps: vary@~1.0.1
|
244 | - perf: enable strict mode
|
245 | * deps: serve-index@~1.7.2
|
246 | - deps: accepts@~1.2.12
|
247 | - deps: mime-types@~2.1.4
|
248 | * deps: type-is@~1.6.6
|
249 | - deps: mime-types@~2.1.4
|
250 | * deps: vhost@~3.0.1
|
251 | - perf: enable strict mode
|
252 |
|
253 | 2.30.1 / 2015-07-05
|
254 | ===================
|
255 |
|
256 | * deps: body-parser@~1.13.2
|
257 | - deps: iconv-lite@0.4.11
|
258 | - deps: qs@4.0.0
|
259 | - deps: raw-body@~2.1.2
|
260 | - deps: type-is@~1.6.4
|
261 | * deps: compression@~1.5.1
|
262 | - deps: accepts@~1.2.10
|
263 | - deps: compressible@~2.0.4
|
264 | * deps: errorhandler@~1.4.1
|
265 | - deps: accepts@~1.2.10
|
266 | * deps: qs@4.0.0
|
267 | - Fix dropping parameters like `hasOwnProperty`
|
268 | - Fix various parsing edge cases
|
269 | * deps: morgan@~1.6.1
|
270 | - deps: basic-auth@~1.0.3
|
271 | * deps: pause@0.1.0
|
272 | - Re-emit events with all original arguments
|
273 | - Refactor internals
|
274 | - perf: enable strict mode
|
275 | * deps: serve-index@~1.7.1
|
276 | - deps: accepts@~1.2.10
|
277 | - deps: mime-types@~2.1.2
|
278 | * deps: type-is@~1.6.4
|
279 | - deps: mime-types@~2.1.2
|
280 | - perf: enable strict mode
|
281 | - perf: remove argument reassignment
|
282 |
|
283 | 2.30.0 / 2015-06-18
|
284 | ===================
|
285 |
|
286 | * deps: body-parser@~1.13.1
|
287 | - Add `statusCode` property on `Error`s, in addition to `status`
|
288 | - Change `type` default to `application/json` for JSON parser
|
289 | - Change `type` default to `application/x-www-form-urlencoded` for urlencoded parser
|
290 | - Provide static `require` analysis
|
291 | - Use the `http-errors` module to generate errors
|
292 | - deps: bytes@2.1.0
|
293 | - deps: iconv-lite@0.4.10
|
294 | - deps: on-finished@~2.3.0
|
295 | - deps: raw-body@~2.1.1
|
296 | - deps: type-is@~1.6.3
|
297 | - perf: enable strict mode
|
298 | - perf: remove argument reassignment
|
299 | - perf: remove delete call
|
300 | * deps: bytes@2.1.0
|
301 | - Slight optimizations
|
302 | - Units no longer case sensitive when parsing
|
303 | * deps: compression@~1.5.0
|
304 | - Fix return value from `.end` and `.write` after end
|
305 | - Improve detection of zero-length body without `Content-Length`
|
306 | - deps: accepts@~1.2.9
|
307 | - deps: bytes@2.1.0
|
308 | - deps: compressible@~2.0.3
|
309 | - perf: enable strict mode
|
310 | - perf: remove flush reassignment
|
311 | - perf: simplify threshold detection
|
312 | * deps: cookie@0.1.3
|
313 | - Slight optimizations
|
314 | * deps: cookie-parser@~1.3.5
|
315 | - deps: cookie@0.1.3
|
316 | * deps: csurf@~1.8.3
|
317 | - Add `sessionKey` option
|
318 | - deps: cookie@0.1.3
|
319 | - deps: csrf@~3.0.0
|
320 | * deps: errorhandler@~1.4.0
|
321 | - Add charset to the `Content-Type` header
|
322 | - Support `statusCode` property on `Error` objects
|
323 | - deps: accepts@~1.2.9
|
324 | - deps: escape-html@1.0.2
|
325 | * deps: express-session@~1.11.3
|
326 | - Support an array in `secret` option for key rotation
|
327 | - deps: cookie@0.1.3
|
328 | - deps: crc@3.3.0
|
329 | - deps: debug@~2.2.0
|
330 | - deps: depd@~1.0.1
|
331 | - deps: uid-safe@~2.0.0
|
332 | * deps: finalhandler@0.4.0
|
333 | - Fix a false-positive when unpiping in Node.js 0.8
|
334 | - Support `statusCode` property on `Error` objects
|
335 | - Use `unpipe` module for unpiping requests
|
336 | - deps: escape-html@1.0.2
|
337 | - deps: on-finished@~2.3.0
|
338 | - perf: enable strict mode
|
339 | - perf: remove argument reassignment
|
340 | * deps: fresh@0.3.0
|
341 | - Add weak `ETag` matching support
|
342 | * deps: morgan@~1.6.0
|
343 | - Add `morgan.compile(format)` export
|
344 | - Do not color 1xx status codes in `dev` format
|
345 | - Fix `response-time` token to not include response latency
|
346 | - Fix `status` token incorrectly displaying before response in `dev` format
|
347 | - Fix token return values to be `undefined` or a string
|
348 | - Improve representation of multiple headers in `req` and `res` tokens
|
349 | - Use `res.getHeader` in `res` token
|
350 | - deps: basic-auth@~1.0.2
|
351 | - deps: on-finished@~2.3.0
|
352 | - pref: enable strict mode
|
353 | - pref: reduce function closure scopes
|
354 | - pref: remove dynamic compile on every request for `dev` format
|
355 | - pref: remove an argument reassignment
|
356 | - pref: skip function call without `skip` option
|
357 | * deps: serve-favicon@~2.3.0
|
358 | - Send non-chunked response for `OPTIONS`
|
359 | - deps: etag@~1.7.0
|
360 | - deps: fresh@0.3.0
|
361 | - perf: enable strict mode
|
362 | - perf: remove argument reassignment
|
363 | - perf: remove bitwise operations
|
364 | * deps: serve-index@~1.7.0
|
365 | - Accept `function` value for `template` option
|
366 | - Send non-chunked response for `OPTIONS`
|
367 | - Stat parent directory when necessary
|
368 | - Use `Date.prototype.toLocaleDateString` to format date
|
369 | - deps: accepts@~1.2.9
|
370 | - deps: escape-html@1.0.2
|
371 | - deps: mime-types@~2.1.1
|
372 | - perf: enable strict mode
|
373 | - perf: remove argument reassignment
|
374 | * deps: serve-static@~1.10.0
|
375 | - Add `fallthrough` option
|
376 | - Fix reading options from options prototype
|
377 | - Improve the default redirect response headers
|
378 | - Malformed URLs now `next()` instead of 400
|
379 | - deps: escape-html@1.0.2
|
380 | - deps: send@0.13.0
|
381 | - perf: enable strict mode
|
382 | - perf: remove argument reassignment
|
383 | * deps: type-is@~1.6.3
|
384 | - deps: mime-types@~2.1.1
|
385 | - perf: reduce try block size
|
386 | - perf: remove bitwise operations
|
387 |
|
388 | 2.29.2 / 2015-05-14
|
389 | ===================
|
390 |
|
391 | * deps: body-parser@~1.12.4
|
392 | - Slight efficiency improvement when not debugging
|
393 | - deps: debug@~2.2.0
|
394 | - deps: depd@~1.0.1
|
395 | - deps: iconv-lite@0.4.8
|
396 | - deps: on-finished@~2.2.1
|
397 | - deps: qs@2.4.2
|
398 | - deps: raw-body@~2.0.1
|
399 | - deps: type-is@~1.6.2
|
400 | * deps: compression@~1.4.4
|
401 | - deps: accepts@~1.2.7
|
402 | - deps: debug@~2.2.0
|
403 | * deps: connect-timeout@~1.6.2
|
404 | - deps: debug@~2.2.0
|
405 | - deps: ms@0.7.1
|
406 | * deps: debug@~2.2.0
|
407 | - deps: ms@0.7.1
|
408 | * deps: depd@~1.0.1
|
409 | * deps: errorhandler@~1.3.6
|
410 | - deps: accepts@~1.2.7
|
411 | * deps: finalhandler@0.3.6
|
412 | - deps: debug@~2.2.0
|
413 | - deps: on-finished@~2.2.1
|
414 | * deps: method-override@~2.3.3
|
415 | - deps: debug@~2.2.0
|
416 | * deps: morgan@~1.5.3
|
417 | - deps: basic-auth@~1.0.1
|
418 | - deps: debug@~2.2.0
|
419 | - deps: depd@~1.0.1
|
420 | - deps: on-finished@~2.2.1
|
421 | * deps: qs@2.4.2
|
422 | - Fix allowing parameters like `constructor`
|
423 | * deps: response-time@~2.3.1
|
424 | - deps: depd@~1.0.1
|
425 | * deps: serve-favicon@~2.2.1
|
426 | - deps: etag@~1.6.0
|
427 | - deps: ms@0.7.1
|
428 | * deps: serve-index@~1.6.4
|
429 | - deps: accepts@~1.2.7
|
430 | - deps: debug@~2.2.0
|
431 | - deps: mime-types@~2.0.11
|
432 | * deps: serve-static@~1.9.3
|
433 | - deps: send@0.12.3
|
434 | * deps: type-is@~1.6.2
|
435 | - deps: mime-types@~2.0.11
|
436 |
|
437 | 2.29.1 / 2015-03-16
|
438 | ===================
|
439 |
|
440 | * deps: body-parser@~1.12.2
|
441 | - deps: debug@~2.1.3
|
442 | - deps: qs@2.4.1
|
443 | - deps: type-is@~1.6.1
|
444 | * deps: compression@~1.4.3
|
445 | - Fix error when code calls `res.end(str, encoding)`
|
446 | - deps: accepts@~1.2.5
|
447 | - deps: debug@~2.1.3
|
448 | * deps: connect-timeout@~1.6.1
|
449 | - deps: debug@~2.1.3
|
450 | * deps: debug@~2.1.3
|
451 | - Fix high intensity foreground color for bold
|
452 | - deps: ms@0.7.0
|
453 | * deps: errorhandler@~1.3.5
|
454 | - deps: accepts@~1.2.5
|
455 | * deps: express-session@~1.10.4
|
456 | - deps: debug@~2.1.3
|
457 | * deps: finalhandler@0.3.4
|
458 | - deps: debug@~2.1.3
|
459 | * deps: method-override@~2.3.2
|
460 | - deps: debug@~2.1.3
|
461 | * deps: morgan@~1.5.2
|
462 | - deps: debug@~2.1.3
|
463 | * deps: qs@2.4.1
|
464 | - Fix error when parameter `hasOwnProperty` is present
|
465 | * deps: serve-index@~1.6.3
|
466 | - Properly escape file names in HTML
|
467 | - deps: accepts@~1.2.5
|
468 | - deps: debug@~2.1.3
|
469 | - deps: escape-html@1.0.1
|
470 | - deps: mime-types@~2.0.10
|
471 | * deps: serve-static@~1.9.2
|
472 | - deps: send@0.12.2
|
473 | * deps: type-is@~1.6.1
|
474 | - deps: mime-types@~2.0.10
|
475 |
|
476 | 2.29.0 / 2015-02-17
|
477 | ===================
|
478 |
|
479 | * Use `content-type` to parse `Content-Type` headers
|
480 | * deps: body-parser@~1.12.0
|
481 | - add `debug` messages
|
482 | - accept a function for the `type` option
|
483 | - make internal `extended: true` depth limit infinity
|
484 | - use `content-type` to parse `Content-Type` headers
|
485 | - deps: iconv-lite@0.4.7
|
486 | - deps: raw-body@1.3.3
|
487 | - deps: type-is@~1.6.0
|
488 | * deps: compression@~1.4.1
|
489 | - Prefer `gzip` over `deflate` on the server
|
490 | - deps: accepts@~1.2.4
|
491 | * deps: connect-timeout@~1.6.0
|
492 | - deps: http-errors@~1.3.1
|
493 | * deps: cookie-parser@~1.3.4
|
494 | - deps: cookie-signature@1.0.6
|
495 | * deps: cookie-signature@1.0.6
|
496 | * deps: csurf@~1.7.0
|
497 | - Accept `CSRF-Token` and `XSRF-Token` request headers
|
498 | - Default `cookie.path` to `'/'`, if using cookies
|
499 | - deps: cookie-signature@1.0.6
|
500 | - deps: csrf@~2.0.6
|
501 | - deps: http-errors@~1.3.1
|
502 | * deps: errorhandler@~1.3.4
|
503 | - deps: accepts@~1.2.4
|
504 | * deps: express-session@~1.10.3
|
505 | - deps: cookie-signature@1.0.6
|
506 | - deps: uid-safe@1.1.0
|
507 | * deps: http-errors@~1.3.1
|
508 | - Construct errors using defined constructors from `createError`
|
509 | - Fix error names that are not identifiers
|
510 | - Set a meaningful `name` property on constructed errors
|
511 | * deps: response-time@~2.3.0
|
512 | - Add function argument to support recording of response time
|
513 | * deps: serve-index@~1.6.2
|
514 | - deps: accepts@~1.2.4
|
515 | - deps: http-errors@~1.3.1
|
516 | - deps: mime-types@~2.0.9
|
517 | * deps: serve-static@~1.9.1
|
518 | - deps: send@0.12.1
|
519 | * deps: type-is@~1.6.0
|
520 | - fix argument reassignment
|
521 | - fix false-positives in `hasBody` `Transfer-Encoding` check
|
522 | - support wildcard for both type and subtype (`*/*`)
|
523 | - deps: mime-types@~2.0.9
|
524 |
|
525 | 2.28.3 / 2015-01-31
|
526 | ===================
|
527 |
|
528 | * deps: compression@~1.3.1
|
529 | - deps: accepts@~1.2.3
|
530 | - deps: compressible@~2.0.2
|
531 | * deps: csurf@~1.6.6
|
532 | - deps: csrf@~2.0.5
|
533 | * deps: errorhandler@~1.3.3
|
534 | - deps: accepts@~1.2.3
|
535 | * deps: express-session@~1.10.2
|
536 | - deps: uid-safe@1.0.3
|
537 | * deps: serve-index@~1.6.1
|
538 | - deps: accepts@~1.2.3
|
539 | - deps: mime-types@~2.0.8
|
540 | * deps: type-is@~1.5.6
|
541 | - deps: mime-types@~2.0.8
|
542 |
|
543 | 2.28.2 / 2015-01-20
|
544 | ===================
|
545 |
|
546 | * deps: body-parser@~1.10.2
|
547 | - deps: iconv-lite@0.4.6
|
548 | - deps: raw-body@1.3.2
|
549 | * deps: serve-static@~1.8.1
|
550 | - Fix redirect loop in Node.js 0.11.14
|
551 | - Fix root path disclosure
|
552 | - deps: send@0.11.1
|
553 |
|
554 | 2.28.1 / 2015-01-08
|
555 | ===================
|
556 |
|
557 | * deps: csurf@~1.6.5
|
558 | - deps: csrf@~2.0.4
|
559 | * deps: express-session@~1.10.1
|
560 | - deps: uid-safe@~1.0.2
|
561 |
|
562 | 2.28.0 / 2015-01-05
|
563 | ===================
|
564 |
|
565 | * deps: body-parser@~1.10.1
|
566 | - Make internal `extended: true` array limit dynamic
|
567 | - deps: on-finished@~2.2.0
|
568 | - deps: type-is@~1.5.5
|
569 | * deps: compression@~1.3.0
|
570 | - Export the default `filter` function for wrapping
|
571 | - deps: accepts@~1.2.2
|
572 | - deps: debug@~2.1.1
|
573 | * deps: connect-timeout@~1.5.0
|
574 | - deps: debug@~2.1.1
|
575 | - deps: http-errors@~1.2.8
|
576 | - deps: ms@0.7.0
|
577 | * deps: csurf@~1.6.4
|
578 | - deps: csrf@~2.0.3
|
579 | - deps: http-errors@~1.2.8
|
580 | * deps: debug@~2.1.1
|
581 | * deps: errorhandler@~1.3.2
|
582 | - Add `log` option
|
583 | - Fix heading content to not include stack
|
584 | - deps: accepts@~1.2.2
|
585 | * deps: express-session@~1.10.0
|
586 | - Add `store.touch` interface for session stores
|
587 | - Fix `MemoryStore` expiration with `resave: false`
|
588 | - deps: debug@~2.1.1
|
589 | * deps: finalhandler@0.3.3
|
590 | - deps: debug@~2.1.1
|
591 | - deps: on-finished@~2.2.0
|
592 | * deps: method-override@~2.3.1
|
593 | - deps: debug@~2.1.1
|
594 | - deps: methods@~1.1.1
|
595 | * deps: morgan@~1.5.1
|
596 | - Add multiple date formats `clf`, `iso`, and `web`
|
597 | - Deprecate `buffer` option
|
598 | - Fix date format in `common` and `combined` formats
|
599 | - Fix token arguments to accept values with `"`
|
600 | - deps: debug@~2.1.1
|
601 | - deps: on-finished@~2.2.0
|
602 | * deps: serve-favicon@~2.2.0
|
603 | - Support query string in the URL
|
604 | - deps: etag@~1.5.1
|
605 | - deps: ms@0.7.0
|
606 | * deps: serve-index@~1.6.0
|
607 | - Add link to root directory
|
608 | - deps: accepts@~1.2.2
|
609 | - deps: batch@0.5.2
|
610 | - deps: debug@~2.1.1
|
611 | - deps: mime-types@~2.0.7
|
612 | * deps: serve-static@~1.8.0
|
613 | - Fix potential open redirect when mounted at root
|
614 | - deps: send@0.11.0
|
615 | * deps: type-is@~1.5.5
|
616 | - deps: mime-types@~2.0.7
|
617 |
|
618 | 2.27.6 / 2014-12-10
|
619 | ===================
|
620 |
|
621 | * deps: serve-index@~1.5.3
|
622 | - deps: accepts@~1.1.4
|
623 | - deps: http-errors@~1.2.8
|
624 | - deps: mime-types@~2.0.4
|
625 |
|
626 | 2.27.5 / 2014-12-10
|
627 | ===================
|
628 |
|
629 | * deps: compression@~1.2.2
|
630 | - Fix `.end` to only proxy to `.end`
|
631 | - deps: accepts@~1.1.4
|
632 | * deps: express-session@~1.9.3
|
633 | - Fix error when `req.sessionID` contains a non-string value
|
634 | * deps: http-errors@~1.2.8
|
635 | - Fix stack trace from exported function
|
636 | - Remove `arguments.callee` usage
|
637 | * deps: serve-index@~1.5.2
|
638 | - Fix icon name background alignment on mobile view
|
639 | * deps: type-is@~1.5.4
|
640 | - deps: mime-types@~2.0.4
|
641 |
|
642 | 2.27.4 / 2014-11-23
|
643 | ===================
|
644 |
|
645 | * deps: body-parser@~1.9.3
|
646 | - deps: iconv-lite@0.4.5
|
647 | - deps: qs@2.3.3
|
648 | - deps: raw-body@1.3.1
|
649 | - deps: type-is@~1.5.3
|
650 | * deps: compression@~1.2.1
|
651 | - deps: accepts@~1.1.3
|
652 | * deps: errorhandler@~1.2.3
|
653 | - deps: accepts@~1.1.3
|
654 | * deps: express-session@~1.9.2
|
655 | - deps: crc@3.2.1
|
656 | * deps: qs@2.3.3
|
657 | - Fix `arrayLimit` behavior
|
658 | * deps: serve-favicon@~2.1.7
|
659 | - Avoid errors from enumerables on `Object.prototype`
|
660 | * deps: serve-index@~1.5.1
|
661 | - deps: accepts@~1.1.3
|
662 | - deps: mime-types@~2.0.3
|
663 | * deps: type-is@~1.5.3
|
664 | - deps: mime-types@~2.0.3
|
665 |
|
666 | 2.27.3 / 2014-11-09
|
667 | ===================
|
668 |
|
669 | * Correctly invoke async callback asynchronously
|
670 | * deps: csurf@~1.6.3
|
671 | - bump csrf
|
672 | - bump http-errors
|
673 |
|
674 | 2.27.2 / 2014-10-28
|
675 | ===================
|
676 |
|
677 | * Fix handling of URLs containing `://` in the path
|
678 | * deps: body-parser@~1.9.2
|
679 | - deps: qs@2.3.2
|
680 | * deps: qs@2.3.2
|
681 | - Fix parsing of mixed objects and values
|
682 |
|
683 | 2.27.1 / 2014-10-22
|
684 | ===================
|
685 |
|
686 | * deps: body-parser@~1.9.1
|
687 | - deps: on-finished@~2.1.1
|
688 | - deps: qs@2.3.0
|
689 | - deps: type-is@~1.5.2
|
690 | * deps: express-session@~1.9.1
|
691 | - Remove unnecessary empty write call
|
692 | * deps: finalhandler@0.3.2
|
693 | - deps: on-finished@~2.1.1
|
694 | * deps: morgan@~1.4.1
|
695 | - deps: on-finished@~2.1.1
|
696 | * deps: qs@2.3.0
|
697 | - Fix parsing of mixed implicit and explicit arrays
|
698 | * deps: serve-static@~1.7.1
|
699 | - deps: send@0.10.1
|
700 |
|
701 | 2.27.0 / 2014-10-16
|
702 | ===================
|
703 |
|
704 | * Use `http-errors` module for creating errors
|
705 | * Use `utils-merge` module for merging objects
|
706 | * deps: body-parser@~1.9.0
|
707 | - include the charset in "unsupported charset" error message
|
708 | - include the encoding in "unsupported content encoding" error message
|
709 | - deps: depd@~1.0.0
|
710 | * deps: compression@~1.2.0
|
711 | - deps: debug@~2.1.0
|
712 | * deps: connect-timeout@~1.4.0
|
713 | - Create errors with `http-errors`
|
714 | - deps: debug@~2.1.0
|
715 | * deps: debug@~2.1.0
|
716 | - Implement `DEBUG_FD` env variable support
|
717 | * deps: depd@~1.0.0
|
718 | * deps: express-session@~1.9.0
|
719 | - deps: debug@~2.1.0
|
720 | - deps: depd@~1.0.0
|
721 | * deps: finalhandler@0.3.1
|
722 | - Terminate in progress response only on error
|
723 | - Use `on-finished` to determine request status
|
724 | - deps: debug@~2.1.0
|
725 | * deps: method-override@~2.3.0
|
726 | - deps: debug@~2.1.0
|
727 | * deps: morgan@~1.4.0
|
728 | - Add `debug` messages
|
729 | - deps: depd@~1.0.0
|
730 | * deps: response-time@~2.2.0
|
731 | - Add `header` option for custom header name
|
732 | - Add `suffix` option
|
733 | - Change `digits` argument to an `options` argument
|
734 | - deps: depd@~1.0.0
|
735 | * deps: serve-favicon@~2.1.6
|
736 | - deps: etag@~1.5.0
|
737 | * deps: serve-index@~1.5.0
|
738 | - Add `dir` argument to `filter` function
|
739 | - Add icon for mkv files
|
740 | - Create errors with `http-errors`
|
741 | - Fix incorrect 403 on Windows and Node.js 0.11
|
742 | - Lookup icon by mime type for greater icon support
|
743 | - Support using tokens multiple times
|
744 | - deps: accepts@~1.1.2
|
745 | - deps: debug@~2.1.0
|
746 | - deps: mime-types@~2.0.2
|
747 | * deps: serve-static@~1.7.0
|
748 | - deps: send@0.10.0
|
749 |
|
750 | 2.26.6 / 2014-10-15
|
751 | ===================
|
752 |
|
753 | * deps: compression@~1.1.2
|
754 | - deps: accepts@~1.1.2
|
755 | - deps: compressible@~2.0.1
|
756 | * deps: csurf@~1.6.2
|
757 | - bump http-errors
|
758 | - fix cookie name when using `cookie: true`
|
759 | * deps: errorhandler@~1.2.2
|
760 | - deps: accepts@~1.1.2
|
761 |
|
762 | 2.26.5 / 2014-10-08
|
763 | ===================
|
764 |
|
765 | * Fix accepting non-object arguments to `logger`
|
766 | * deps: serve-static@~1.6.4
|
767 | - Fix redirect loop when index file serving disabled
|
768 |
|
769 | 2.26.4 / 2014-10-02
|
770 | ===================
|
771 |
|
772 | * deps: morgan@~1.3.2
|
773 | - Fix `req.ip` integration when `immediate: false`
|
774 | * deps: type-is@~1.5.2
|
775 | - deps: mime-types@~2.0.2
|
776 |
|
777 | 2.26.3 / 2014-09-24
|
778 | ===================
|
779 |
|
780 | * deps: body-parser@~1.8.4
|
781 | - fix content encoding to be case-insensitive
|
782 | * deps: serve-favicon@~2.1.5
|
783 | - deps: etag@~1.4.0
|
784 | * deps: serve-static@~1.6.3
|
785 | - deps: send@0.9.3
|
786 |
|
787 | 2.26.2 / 2014-09-19
|
788 | ===================
|
789 |
|
790 | * deps: body-parser@~1.8.3
|
791 | - deps: qs@2.2.4
|
792 | * deps: qs@2.2.4
|
793 | - Fix issue with object keys starting with numbers truncated
|
794 |
|
795 | 2.26.1 / 2014-09-15
|
796 | ===================
|
797 |
|
798 | * deps: body-parser@~1.8.2
|
799 | - deps: depd@0.4.5
|
800 | * deps: depd@0.4.5
|
801 | * deps: express-session@~1.8.2
|
802 | - Use `crc` instead of `buffer-crc32` for speed
|
803 | - deps: depd@0.4.5
|
804 | * deps: morgan@~1.3.1
|
805 | - Remove un-used `bytes` dependency
|
806 | - deps: depd@0.4.5
|
807 | * deps: serve-favicon@~2.1.4
|
808 | - Fix content headers being sent in 304 response
|
809 | - deps: etag@~1.3.1
|
810 | * deps: serve-static@~1.6.2
|
811 | - deps: send@0.9.2
|
812 |
|
813 | 2.26.0 / 2014-09-08
|
814 | ===================
|
815 |
|
816 | * deps: body-parser@~1.8.1
|
817 | - add `parameterLimit` option to `urlencoded` parser
|
818 | - change `urlencoded` extended array limit to 100
|
819 | - make empty-body-handling consistent between chunked requests
|
820 | - respond with 415 when over `parameterLimit` in `urlencoded`
|
821 | - deps: media-typer@0.3.0
|
822 | - deps: qs@2.2.3
|
823 | - deps: type-is@~1.5.1
|
824 | * deps: compression@~1.1.0
|
825 | - deps: accepts@~1.1.0
|
826 | - deps: compressible@~2.0.0
|
827 | - deps: debug@~2.0.0
|
828 | * deps: connect-timeout@~1.3.0
|
829 | - deps: debug@~2.0.0
|
830 | * deps: cookie-parser@~1.3.3
|
831 | - deps: cookie-signature@1.0.5
|
832 | * deps: cookie-signature@1.0.5
|
833 | * deps: csurf@~1.6.1
|
834 | - add `ignoreMethods` option
|
835 | - bump cookie-signature
|
836 | - csrf-tokens -> csrf
|
837 | - set `code` property on CSRF token errors
|
838 | * deps: debug@~2.0.0
|
839 | * deps: errorhandler@~1.2.0
|
840 | - Display error using `util.inspect` if no other representation
|
841 | - deps: accepts@~1.1.0
|
842 | * deps: express-session@~1.8.1
|
843 | - Do not resave already-saved session at end of request
|
844 | - Prevent session prototype methods from being overwritten
|
845 | - deps: cookie-signature@1.0.5
|
846 | - deps: debug@~2.0.0
|
847 | * deps: finalhandler@0.2.0
|
848 | - Set `X-Content-Type-Options: nosniff` header
|
849 | - deps: debug@~2.0.0
|
850 | * deps: fresh@0.2.4
|
851 | * deps: media-typer@0.3.0
|
852 | - Throw error when parameter format invalid on parse
|
853 | * deps: method-override@~2.2.0
|
854 | - deps: debug@~2.0.0
|
855 | * deps: morgan@~1.3.0
|
856 | - Assert if `format` is not a function or string
|
857 | * deps: qs@2.2.3
|
858 | - Fix issue where first empty value in array is discarded
|
859 | * deps: serve-favicon@~2.1.3
|
860 | - Accept string for `maxAge` (converted by `ms`)
|
861 | - Use `etag` to generate `ETag` header
|
862 | - deps: fresh@0.2.4
|
863 | * deps: serve-index@~1.2.1
|
864 | - Add `debug` messages
|
865 | - Resolve relative paths at middleware setup
|
866 | - deps: accepts@~1.1.0
|
867 | * deps: serve-static@~1.6.1
|
868 | - Add `lastModified` option
|
869 | - deps: send@0.9.1
|
870 | * deps: type-is@~1.5.1
|
871 | - fix `hasbody` to be true for `content-length: 0`
|
872 | - deps: media-typer@0.3.0
|
873 | - deps: mime-types@~2.0.1
|
874 | * deps: vhost@~3.0.0
|
875 |
|
876 | 2.25.10 / 2014-09-04
|
877 | ====================
|
878 |
|
879 | * deps: serve-static@~1.5.4
|
880 | - deps: send@0.8.5
|
881 |
|
882 | 2.25.9 / 2014-08-29
|
883 | ===================
|
884 |
|
885 | * deps: body-parser@~1.6.7
|
886 | - deps: qs@2.2.2
|
887 | * deps: qs@2.2.2
|
888 |
|
889 | 2.25.8 / 2014-08-27
|
890 | ===================
|
891 |
|
892 | * deps: body-parser@~1.6.6
|
893 | - deps: qs@2.2.0
|
894 | * deps: csurf@~1.4.1
|
895 | * deps: qs@2.2.0
|
896 | - Array parsing fix
|
897 | - Performance improvements
|
898 |
|
899 | 2.25.7 / 2014-08-18
|
900 | ===================
|
901 |
|
902 | * deps: body-parser@~1.6.5
|
903 | - deps: on-finished@2.1.0
|
904 | * deps: express-session@~1.7.6
|
905 | - Fix exception on `res.end(null)` calls
|
906 | * deps: morgan@~1.2.3
|
907 | - deps: on-finished@2.1.0
|
908 | * deps: serve-static@~1.5.3
|
909 | - deps: send@0.8.3
|
910 |
|
911 | 2.25.6 / 2014-08-14
|
912 | ===================
|
913 |
|
914 | * deps: body-parser@~1.6.4
|
915 | - deps: qs@1.2.2
|
916 | * deps: qs@1.2.2
|
917 | * deps: serve-static@~1.5.2
|
918 | - deps: send@0.8.2
|
919 |
|
920 | 2.25.5 / 2014-08-11
|
921 | ===================
|
922 |
|
923 | * Fix backwards compatibility in `logger`
|
924 |
|
925 | 2.25.4 / 2014-08-10
|
926 | ===================
|
927 |
|
928 | * Fix `query` middleware breaking with argument
|
929 | - It never really took one in the first place
|
930 | * deps: body-parser@~1.6.3
|
931 | - deps: qs@1.2.1
|
932 | * deps: compression@~1.0.11
|
933 | - deps: on-headers@~1.0.0
|
934 | - deps: parseurl@~1.3.0
|
935 | * deps: connect-timeout@~1.2.2
|
936 | - deps: on-headers@~1.0.0
|
937 | * deps: express-session@~1.7.5
|
938 | - Fix parsing original URL
|
939 | - deps: on-headers@~1.0.0
|
940 | - deps: parseurl@~1.3.0
|
941 | * deps: method-override@~2.1.3
|
942 | * deps: on-headers@~1.0.0
|
943 | * deps: parseurl@~1.3.0
|
944 | * deps: qs@1.2.1
|
945 | * deps: response-time@~2.0.1
|
946 | - deps: on-headers@~1.0.0
|
947 | * deps: serve-index@~1.1.6
|
948 | - Fix URL parsing
|
949 | * deps: serve-static@~1.5.1
|
950 | - Fix parsing of weird `req.originalUrl` values
|
951 | - deps: parseurl@~1.3.0
|
952 | = deps: utils-merge@1.0.0
|
953 |
|
954 | 2.25.3 / 2014-08-07
|
955 | ===================
|
956 |
|
957 | * deps: multiparty@3.3.2
|
958 | - Fix potential double-callback
|
959 |
|
960 | 2.25.2 / 2014-08-07
|
961 | ===================
|
962 |
|
963 | * deps: body-parser@~1.6.2
|
964 | - deps: qs@1.2.0
|
965 | * deps: qs@1.2.0
|
966 | - Fix parsing array of objects
|
967 |
|
968 | 2.25.1 / 2014-08-06
|
969 | ===================
|
970 |
|
971 | * deps: body-parser@~1.6.1
|
972 | - deps: qs@1.1.0
|
973 | * deps: qs@1.1.0
|
974 | - Accept urlencoded square brackets
|
975 | - Accept empty values in implicit array notation
|
976 |
|
977 | 2.25.0 / 2014-08-05
|
978 | ===================
|
979 |
|
980 | * deps: body-parser@~1.6.0
|
981 | - deps: qs@1.0.2
|
982 | * deps: compression@~1.0.10
|
983 | - Fix upper-case Content-Type characters prevent compression
|
984 | - deps: compressible@~1.1.1
|
985 | * deps: csurf@~1.4.0
|
986 | - Support changing `req.session` after `csurf` middleware
|
987 | - Calling `res.csrfToken()` after `req.session.destroy()` will now work
|
988 | * deps: express-session@~1.7.4
|
989 | - Fix `res.end` patch to call correct upstream `res.write`
|
990 | - Fix response end delay for non-chunked responses
|
991 | * deps: qs@1.0.2
|
992 | - Complete rewrite
|
993 | - Limits array length to 20
|
994 | - Limits object depth to 5
|
995 | - Limits parameters to 1,000
|
996 | * deps: serve-static@~1.5.0
|
997 | - Add `extensions` option
|
998 | - deps: send@0.8.1
|
999 |
|
1000 | 2.24.3 / 2014-08-04
|
1001 | ===================
|
1002 |
|
1003 | * deps: serve-index@~1.1.5
|
1004 | - Fix Content-Length calculation for multi-byte file names
|
1005 | - deps: accepts@~1.0.7
|
1006 | * deps: serve-static@~1.4.4
|
1007 | - Fix incorrect 403 on Windows and Node.js 0.11
|
1008 | - deps: send@0.7.4
|
1009 |
|
1010 | 2.24.2 / 2014-07-27
|
1011 | ===================
|
1012 |
|
1013 | * deps: body-parser@~1.5.2
|
1014 | * deps: depd@0.4.4
|
1015 | - Work-around v8 generating empty stack traces
|
1016 | * deps: express-session@~1.7.2
|
1017 | * deps: morgan@~1.2.2
|
1018 | * deps: serve-static@~1.4.2
|
1019 |
|
1020 | 2.24.1 / 2014-07-26
|
1021 | ===================
|
1022 |
|
1023 | * deps: body-parser@~1.5.1
|
1024 | * deps: depd@0.4.3
|
1025 | - Fix exception when global `Error.stackTraceLimit` is too low
|
1026 | * deps: express-session@~1.7.1
|
1027 | * deps: morgan@~1.2.1
|
1028 | * deps: serve-index@~1.1.4
|
1029 | * deps: serve-static@~1.4.1
|
1030 |
|
1031 | 2.24.0 / 2014-07-22
|
1032 | ===================
|
1033 |
|
1034 | * deps: body-parser@~1.5.0
|
1035 | - deps: depd@0.4.2
|
1036 | - deps: iconv-lite@0.4.4
|
1037 | - deps: raw-body@1.3.0
|
1038 | - deps: type-is@~1.3.2
|
1039 | * deps: compression@~1.0.9
|
1040 | - Add `debug` messages
|
1041 | - deps: accepts@~1.0.7
|
1042 | * deps: connect-timeout@~1.2.1
|
1043 | - Accept string for `time` (converted by `ms`)
|
1044 | - deps: debug@1.0.4
|
1045 | * deps: debug@1.0.4
|
1046 | * deps: depd@0.4.2
|
1047 | - Add `TRACE_DEPRECATION` environment variable
|
1048 | - Remove non-standard grey color from color output
|
1049 | - Support `--no-deprecation` argument
|
1050 | - Support `--trace-deprecation` argument
|
1051 | * deps: express-session@~1.7.0
|
1052 | - Improve session-ending error handling
|
1053 | - deps: debug@1.0.4
|
1054 | - deps: depd@0.4.2
|
1055 | * deps: finalhandler@0.1.0
|
1056 | - Respond after request fully read
|
1057 | - deps: debug@1.0.4
|
1058 | * deps: method-override@~2.1.2
|
1059 | - deps: debug@1.0.4
|
1060 | - deps: parseurl@~1.2.0
|
1061 | * deps: morgan@~1.2.0
|
1062 | - Add `:remote-user` token
|
1063 | - Add `combined` log format
|
1064 | - Add `common` log format
|
1065 | - Remove non-standard grey color from `dev` format
|
1066 | * deps: multiparty@3.3.1
|
1067 | * deps: parseurl@~1.2.0
|
1068 | - Cache URLs based on original value
|
1069 | - Remove no-longer-needed URL mis-parse work-around
|
1070 | - Simplify the "fast-path" `RegExp`
|
1071 | * deps: serve-static@~1.4.0
|
1072 | - Add `dotfiles` option
|
1073 | - deps: parseurl@~1.2.0
|
1074 | - deps: send@0.7.0
|
1075 |
|
1076 | 2.23.0 / 2014-07-10
|
1077 | ===================
|
1078 |
|
1079 | * deps: debug@1.0.3
|
1080 | - Add support for multiple wildcards in namespaces
|
1081 | * deps: express-session@~1.6.4
|
1082 | * deps: method-override@~2.1.0
|
1083 | - add simple debug output
|
1084 | - deps: methods@1.1.0
|
1085 | - deps: parseurl@~1.1.3
|
1086 | * deps: parseurl@~1.1.3
|
1087 | - faster parsing of href-only URLs
|
1088 | * deps: serve-static@~1.3.1
|
1089 | - deps: parseurl@~1.1.3
|
1090 |
|
1091 | 2.22.0 / 2014-07-03
|
1092 | ===================
|
1093 |
|
1094 | * deps: csurf@~1.3.0
|
1095 | - Fix `cookie.signed` option to actually sign cookie
|
1096 | * deps: express-session@~1.6.1
|
1097 | - Fix `res.end` patch to return correct value
|
1098 | - Fix `res.end` patch to handle multiple `res.end` calls
|
1099 | - Reject cookies with missing signatures
|
1100 | * deps: multiparty@3.3.0
|
1101 | - Always emit close after all parts ended
|
1102 | - Fix callback hang in node.js 0.8 on errors
|
1103 | * deps: serve-static@~1.3.0
|
1104 | - Accept string for `maxAge` (converted by `ms`)
|
1105 | - Add `setHeaders` option
|
1106 | - Include HTML link in redirect response
|
1107 | - deps: send@0.5.0
|
1108 |
|
1109 | 2.21.1 / 2014-06-26
|
1110 | ===================
|
1111 |
|
1112 | * deps: cookie-parser@1.3.2
|
1113 | - deps: cookie-signature@1.0.4
|
1114 | * deps: cookie-signature@1.0.4
|
1115 | - fix for timing attacks
|
1116 | * deps: express-session@~1.5.2
|
1117 | - deps: cookie-signature@1.0.4
|
1118 | * deps: type-is@~1.3.2
|
1119 | - more mime types
|
1120 |
|
1121 | 2.21.0 / 2014-06-20
|
1122 | ===================
|
1123 |
|
1124 | * deprecate `connect(middleware)` -- use `app.use(middleware)` instead
|
1125 | * deprecate `connect.createServer()` -- use `connect()` instead
|
1126 | * fix `res.setHeader()` patch to work with get -> append -> set pattern
|
1127 | * deps: compression@~1.0.8
|
1128 | * deps: errorhandler@~1.1.1
|
1129 | * deps: express-session@~1.5.0
|
1130 | - Deprecate integration with `cookie-parser` middleware
|
1131 | - Deprecate looking for secret in `req.secret`
|
1132 | - Directly read cookies; `cookie-parser` no longer required
|
1133 | - Directly set cookies; `res.cookie` no longer required
|
1134 | - Generate session IDs with `uid-safe`, faster and even less collisions
|
1135 | * deps: serve-index@~1.1.3
|
1136 |
|
1137 | 2.20.2 / 2014-06-19
|
1138 | ===================
|
1139 |
|
1140 | * deps: body-parser@1.4.3
|
1141 | - deps: type-is@1.3.1
|
1142 |
|
1143 | 2.20.1 / 2014-06-19
|
1144 | ===================
|
1145 |
|
1146 | * deps: type-is@1.3.1
|
1147 | - fix global variable leak
|
1148 |
|
1149 | 2.20.0 / 2014-06-19
|
1150 | ===================
|
1151 |
|
1152 | * deprecate `verify` option to `json` -- use `body-parser` npm module instead
|
1153 | * deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead
|
1154 | * deprecate things with `depd` module
|
1155 | * use `finalhandler` for final response handling
|
1156 | * use `media-typer` to parse `content-type` for charset
|
1157 | * deps: body-parser@1.4.2
|
1158 | - check accepted charset in content-type (accepts utf-8)
|
1159 | - check accepted encoding in content-encoding (accepts identity)
|
1160 | - deprecate `urlencoded()` without provided `extended` option
|
1161 | - lazy-load urlencoded parsers
|
1162 | - support gzip and deflate bodies
|
1163 | - set `inflate: false` to turn off
|
1164 | - deps: raw-body@1.2.2
|
1165 | - deps: type-is@1.3.0
|
1166 | - Support all encodings from `iconv-lite`
|
1167 | * deps: connect-timeout@1.1.1
|
1168 | - deps: debug@1.0.2
|
1169 | * deps: cookie-parser@1.3.1
|
1170 | - export parsing functions
|
1171 | - `req.cookies` and `req.signedCookies` are now plain objects
|
1172 | - slightly faster parsing of many cookies
|
1173 | * deps: csurf@1.2.2
|
1174 | * deps: errorhandler@1.1.0
|
1175 | - Display error on console formatted like `throw`
|
1176 | - Escape HTML in stack trace
|
1177 | - Escape HTML in title
|
1178 | - Fix up edge cases with error sent in response
|
1179 | - Set `X-Content-Type-Options: nosniff` header
|
1180 | - Use accepts for negotiation
|
1181 | * deps: express-session@1.4.0
|
1182 | - Add `genid` option to generate custom session IDs
|
1183 | - Add `saveUninitialized` option to control saving uninitialized sessions
|
1184 | - Add `unset` option to control unsetting `req.session`
|
1185 | - Generate session IDs with `rand-token` by default; reduce collisions
|
1186 | - Integrate with express "trust proxy" by default
|
1187 | - deps: buffer-crc32@0.2.3
|
1188 | - deps: debug@1.0.2
|
1189 | * deps: multiparty@3.2.9
|
1190 | * deps: serve-index@1.1.2
|
1191 | - deps: batch@0.5.1
|
1192 | * deps: type-is@1.3.0
|
1193 | - improve type parsing
|
1194 | * deps: vhost@2.0.0
|
1195 | - Accept `RegExp` object for `hostname`
|
1196 | - Provide `req.vhost` object
|
1197 | - Support IPv6 literal in `Host` header
|
1198 |
|
1199 | 2.19.6 / 2014-06-11
|
1200 | ===================
|
1201 |
|
1202 | * deps: body-parser@1.3.1
|
1203 | - deps: type-is@1.2.1
|
1204 | * deps: compression@1.0.7
|
1205 | - use vary module for better `Vary` behavior
|
1206 | - deps: accepts@1.0.3
|
1207 | - deps: compressible@1.1.0
|
1208 | * deps: debug@1.0.2
|
1209 | * deps: serve-index@1.1.1
|
1210 | - deps: accepts@1.0.3
|
1211 | * deps: serve-static@1.2.3
|
1212 | - Do not throw un-catchable error on file open race condition
|
1213 | - deps: send@0.4.3
|
1214 |
|
1215 | 2.19.5 / 2014-06-09
|
1216 | ===================
|
1217 |
|
1218 | * deps: csurf@1.2.1
|
1219 | - refactor to use csrf-tokens@~1.0.2
|
1220 | * deps: debug@1.0.1
|
1221 | * deps: serve-static@1.2.2
|
1222 | - fix "event emitter leak" warnings
|
1223 | - deps: send@0.4.2
|
1224 | * deps: type-is@1.2.1
|
1225 | - Switch dependency from `mime` to `mime-types@1.0.0`
|
1226 |
|
1227 | 2.19.4 / 2014-06-05
|
1228 | ===================
|
1229 |
|
1230 | * deps: errorhandler@1.0.2
|
1231 | - Pass on errors from reading error files
|
1232 | * deps: method-override@2.0.2
|
1233 | - use vary module for better `Vary` behavior
|
1234 | * deps: serve-favicon@2.0.1
|
1235 | - Reduce byte size of `ETag` header
|
1236 |
|
1237 | 2.19.3 / 2014-06-03
|
1238 | ===================
|
1239 |
|
1240 | * deps: compression@1.0.6
|
1241 | - fix listeners for delayed stream creation
|
1242 | - fix regression for certain `stream.pipe(res)` situations
|
1243 | - fix regression when negotiation fails
|
1244 |
|
1245 | 2.19.2 / 2014-06-03
|
1246 | ===================
|
1247 |
|
1248 | * deps: compression@1.0.4
|
1249 | - fix adding `Vary` when value stored as array
|
1250 | - fix back-pressure behavior
|
1251 | - fix length check for `res.end`
|
1252 |
|
1253 | 2.19.1 / 2014-06-02
|
1254 | ===================
|
1255 |
|
1256 | * fix deprecated `utils.escape`
|
1257 |
|
1258 | 2.19.0 / 2014-06-02
|
1259 | ===================
|
1260 |
|
1261 | * deprecate `methodOverride()` -- use `method-override` npm module instead
|
1262 | * deps: body-parser@1.3.0
|
1263 | - add `extended` option to urlencoded parser
|
1264 | * deps: method-override@2.0.1
|
1265 | - set `Vary` header
|
1266 | - deps: methods@1.0.1
|
1267 | * deps: multiparty@3.2.8
|
1268 | * deps: response-time@2.0.0
|
1269 | - add `digits` argument
|
1270 | - do not override existing `X-Response-Time` header
|
1271 | - timer not subject to clock drift
|
1272 | - timer resolution down to nanoseconds
|
1273 | * deps: serve-static@1.2.1
|
1274 | - send max-age in Cache-Control in correct format
|
1275 | - use `escape-html` for escaping
|
1276 | - deps: send@0.4.1
|
1277 |
|
1278 | 2.18.0 / 2014-05-29
|
1279 | ===================
|
1280 |
|
1281 | * deps: compression@1.0.3
|
1282 | * deps: serve-index@1.1.0
|
1283 | - Fix content negotiation when no `Accept` header
|
1284 | - Properly support all HTTP methods
|
1285 | - Support vanilla node.js http servers
|
1286 | - Treat `ENAMETOOLONG` as code 414
|
1287 | - Use accepts for negotiation
|
1288 | * deps: serve-static@1.2.0
|
1289 | - Calculate ETag with md5 for reduced collisions
|
1290 | - Fix wrong behavior when index file matches directory
|
1291 | - Ignore stream errors after request ends
|
1292 | - Skip directories in index file search
|
1293 | - deps: send@0.4.0
|
1294 |
|
1295 | 2.17.3 / 2014-05-27
|
1296 | ===================
|
1297 |
|
1298 | * deps: express-session@1.2.1
|
1299 | - Fix `resave` such that `resave: true` works
|
1300 |
|
1301 | 2.17.2 / 2014-05-27
|
1302 | ===================
|
1303 |
|
1304 | * deps: body-parser@1.2.2
|
1305 | - invoke `next(err)` after request fully read
|
1306 | - deps: raw-body@1.1.6
|
1307 | * deps: method-override@1.0.2
|
1308 | - Handle `req.body` key referencing array or object
|
1309 | - Handle multiple HTTP headers
|
1310 |
|
1311 | 2.17.1 / 2014-05-21
|
1312 | ===================
|
1313 |
|
1314 | * fix `res.charset` appending charset when `content-type` has one
|
1315 |
|
1316 | 2.17.0 / 2014-05-20
|
1317 | ===================
|
1318 |
|
1319 | * deps: express-session@1.2.0
|
1320 | - Add `resave` option to control saving unmodified sessions
|
1321 | * deps: morgan@1.1.1
|
1322 | - "dev" format will use same tokens as other formats
|
1323 | - `:response-time` token is now empty when immediate used
|
1324 | - `:response-time` token is now monotonic
|
1325 | - `:response-time` token has precision to 1 μs
|
1326 | - fix `:status` + immediate output in node.js 0.8
|
1327 | - improve `buffer` option to prevent indefinite event loop holding
|
1328 | - simplify method to get remote address
|
1329 | - deps: bytes@1.0.0
|
1330 | * deps: serve-index@1.0.3
|
1331 | - Fix error from non-statable files in HTML view
|
1332 |
|
1333 | 2.16.2 / 2014-05-18
|
1334 | ===================
|
1335 |
|
1336 | * fix edge-case in `res.appendHeader` that would append in wrong order
|
1337 | * deps: method-override@1.0.1
|
1338 |
|
1339 | 2.16.1 / 2014-05-17
|
1340 | ===================
|
1341 |
|
1342 | * remove usages of `res.headerSent` from core
|
1343 |
|
1344 | 2.16.0 / 2014-05-17
|
1345 | ===================
|
1346 |
|
1347 | * deprecate `res.headerSent` -- use `res.headersSent`
|
1348 | * deprecate `res.on("header")` -- use on-headers module instead
|
1349 | * fix `connect.version` to reflect the actual version
|
1350 | * json: use body-parser
|
1351 | - add `type` option
|
1352 | - fix repeated limit parsing with every request
|
1353 | - improve parser speed
|
1354 | * urlencoded: use body-parser
|
1355 | - add `type` option
|
1356 | - fix repeated limit parsing with every request
|
1357 | * dep: bytes@1.0.0
|
1358 | * add negative support
|
1359 | * dep: cookie-parser@1.1.0
|
1360 | - deps: cookie@0.1.2
|
1361 | * dep: csurf@1.2.0
|
1362 | - add support for double-submit cookie
|
1363 | * dep: express-session@1.1.0
|
1364 | - Add `name` option; replacement for `key` option
|
1365 | - Use `setImmediate` in MemoryStore for node.js >= 0.10
|
1366 |
|
1367 | 2.15.0 / 2014-05-04
|
1368 | ===================
|
1369 |
|
1370 | * Add simple `res.cookie` support
|
1371 | * Add `res.appendHeader`
|
1372 | * Call error stack even when response has been sent
|
1373 | * Patch `res.headerSent` to return Boolean
|
1374 | * Patch `res.headersSent` for node.js 0.8
|
1375 | * Prevent default 404 handler after response sent
|
1376 | * dep: compression@1.0.2
|
1377 | * support headers given to `res.writeHead`
|
1378 | * deps: bytes@0.3.0
|
1379 | * deps: negotiator@0.4.3
|
1380 | * dep: connect-timeout@1.1.0
|
1381 | * Add `req.timedout` property
|
1382 | * Add `respond` option to constructor
|
1383 | * Clear timer on socket destroy
|
1384 | * deps: debug@0.8.1
|
1385 | * dep: debug@^0.8.0
|
1386 | * add `enable()` method
|
1387 | * change from stderr to stdout
|
1388 | * dep: errorhandler@1.0.1
|
1389 | * Clean up error CSS
|
1390 | * Do not respond after headers sent
|
1391 | * dep: express-session@1.0.4
|
1392 | * Remove import of `setImmediate`
|
1393 | * Use `res.cookie()` instead of `res.setHeader()`
|
1394 | * deps: cookie@0.1.2
|
1395 | * deps: debug@0.8.1
|
1396 | * dep: morgan@1.0.1
|
1397 | * Make buffer unique per morgan instance
|
1398 | * deps: bytes@0.3.0
|
1399 | * dep: serve-favicon@2.0.0
|
1400 | * Accept `Buffer` of icon as first argument
|
1401 | * Non-GET and HEAD requests are denied
|
1402 | * Send valid max-age value
|
1403 | * Support conditional requests
|
1404 | * Support max-age=0
|
1405 | * Support OPTIONS method
|
1406 | * Throw if `path` argument is directory
|
1407 | * dep: serve-index@1.0.2
|
1408 | * Add stylesheet option
|
1409 | * deps: negotiator@0.4.3
|
1410 |
|
1411 | 2.14.5 / 2014-04-24
|
1412 | ===================
|
1413 |
|
1414 | * dep: raw-body@1.1.4
|
1415 | * allow true as an option
|
1416 | * deps: bytes@0.3.0
|
1417 | * dep: serve-static@1.1.0
|
1418 | * Accept options directly to `send` module
|
1419 | * deps: send@0.3.0
|
1420 |
|
1421 | 2.14.4 / 2014-04-07
|
1422 | ===================
|
1423 |
|
1424 | * dep: bytes@0.3.0
|
1425 | * added terabyte support
|
1426 | * dep: csurf@1.1.0
|
1427 | * add constant-time string compare
|
1428 | * dep: serve-static@1.0.4
|
1429 | * Resolve relative paths at middleware setup
|
1430 | * Use parseurl to parse the URL from request
|
1431 | * fix node.js 0.8 compatibility with memory session
|
1432 |
|
1433 | 2.14.3 / 2014-03-18
|
1434 | ===================
|
1435 |
|
1436 | * dep: static-favicon@1.0.2
|
1437 | * Fixed content of default icon
|
1438 |
|
1439 | 2.14.2 / 2014-03-11
|
1440 | ===================
|
1441 |
|
1442 | * dep: static-favicon@1.0.1
|
1443 | * Fixed path to default icon
|
1444 |
|
1445 | 2.14.1 / 2014-03-06
|
1446 | ===================
|
1447 |
|
1448 | * dep: fresh@0.2.2
|
1449 | * no real changes
|
1450 | * dep: serve-index@1.0.1
|
1451 | * deps: negotiator@0.4.2
|
1452 | * dep: serve-static@1.0.2
|
1453 | * deps: send@0.2.0
|
1454 |
|
1455 | 2.14.0 / 2014-03-05
|
1456 | ===================
|
1457 |
|
1458 | * basicAuth: use basic-auth-connect
|
1459 | * cookieParser: use cookie-parser
|
1460 | * compress: use compression
|
1461 | * csrf: use csurf
|
1462 | * dep: cookie-signature@1.0.3
|
1463 | * directory: use serve-index
|
1464 | * errorHandler: use errorhandler
|
1465 | * favicon: use static-favicon
|
1466 | * logger: use morgan
|
1467 | * methodOverride: use method-override
|
1468 | * responseTime: use response-time
|
1469 | * session: use express-session
|
1470 | * static: use serve-static
|
1471 | * timeout: use connect-timeout
|
1472 | * vhost: use vhost
|
1473 |
|
1474 | 2.13.1 / 2014-03-05
|
1475 | ===================
|
1476 |
|
1477 | * cookieSession: compare full value rather than crc32
|
1478 | * deps: raw-body@1.1.3
|
1479 |
|
1480 | 2.13.0 / 2014-02-14
|
1481 | ===================
|
1482 |
|
1483 | * fix typo in memory store warning #974 @rvagg
|
1484 | * compress: use compressible
|
1485 | * directory: add template option #990 @gottaloveit @Earl-Brown
|
1486 | * csrf: prevent deprecated warning with old sessions
|
1487 |
|
1488 | 2.12.0 / 2013-12-10
|
1489 | ===================
|
1490 |
|
1491 | * bump qs
|
1492 | * directory: sort folders before files
|
1493 | * directory: add folder icons
|
1494 | * directory: de-duplicate icons, details/mobile views #968 @simov
|
1495 | * errorHandler: end default 404 handler with a newline #972 @rlidwka
|
1496 | * session: remove long cookie expire check #870 @undoZen
|
1497 |
|
1498 | 2.11.2 / 2013-12-01
|
1499 | ===================
|
1500 |
|
1501 | * bump raw-body
|
1502 |
|
1503 | 2.11.1 / 2013-11-27
|
1504 | ===================
|
1505 |
|
1506 | * bump raw-body
|
1507 | * errorHandler: use `res.setHeader()` instead of `res.writeHead()` #949 @lo1tuma
|
1508 |
|
1509 | 2.11.0 / 2013-10-29
|
1510 | ===================
|
1511 |
|
1512 | * update bytes
|
1513 | * update uid2
|
1514 | * update negotiator
|
1515 | * sessions: add rolling session option #944 @ilmeo
|
1516 | * sessions: property set cookies when given FQDN
|
1517 | * cookieSessions: properly set cookies when given FQDN #948 @bmancini55
|
1518 | * proto: fix FQDN mounting when multiple handlers #945 @bmancini55
|
1519 |
|
1520 | 2.10.1 / 2013-10-23
|
1521 | ===================
|
1522 |
|
1523 | * fixed; fixed a bug with static middleware at root and trailing slashes #942 (@dougwilson)
|
1524 |
|
1525 | 2.10.0 / 2013-10-22
|
1526 | ===================
|
1527 |
|
1528 | * fixed: set headers written by writeHead before emitting 'header'
|
1529 | * fixed: mounted path should ignore querystrings on FQDNs #940 (@dougwilson)
|
1530 | * fixed: parsing protocol-relative URLs with @ as pathnames #938 (@dougwilson)
|
1531 | * fixed: fix static directory redirect for mount's root #937 (@dougwilson)
|
1532 | * fixed: setting set-cookie header when mixing arrays and strings #893 (@anuj123)
|
1533 | * bodyParser: optional verify function for urlencoded and json parsers for signing request bodies
|
1534 | * compress: compress checks content-length to check threshold
|
1535 | * compress: expose `res.flush()` for flushing responses
|
1536 | * cookieParser: pass options into node-cookie #803 (@cauldrath)
|
1537 | * errorHandler: replace `\n`s with `<br/>`s in error handler
|
1538 |
|
1539 | 2.9.2 / 2013-10-18
|
1540 | ==================
|
1541 |
|
1542 | * warn about multiparty and limit middleware deprecation for v3
|
1543 | * fix fully qualified domain name mounting. #920 (@dougwilson)
|
1544 | * directory: Fix potential security issue with serving files outside the root. #929 (@dougwilson)
|
1545 | * logger: store IP at beginning in case socket prematurely closes #930 (@dougwilson)
|
1546 |
|
1547 | 2.9.1 / 2013-10-15
|
1548 | ==================
|
1549 |
|
1550 | * update multiparty
|
1551 | * compress: Set vary header only if Content-Type passes filter #904
|
1552 | * directory: Fix directory middleware URI escaping #917 (@dougwilson)
|
1553 | * directory: Fix directory seperators for Windows #914 (@dougwilson)
|
1554 | * directory: Keep query string intact during directory redirect #913 (@dougwilson)
|
1555 | * directory: Fix paths in links #730 (@JacksonTian)
|
1556 | * errorHandler: Don't escape text/plain as HTML #875 (@johan)
|
1557 | * logger: Write '0' instead of '-' when response time is zero #910 (@dougwilson)
|
1558 | * logger: Log even when connections are aborted #760 (@dylanahsmith)
|
1559 | * methodOverride: Check req.body is an object #907 (@kbjr)
|
1560 | * multipart: Add .type back to file parts for backwards compatibility #912 (@dougwilson)
|
1561 | * multipart: Allow passing options to the Multiparty constructor #902 (@niftylettuce)
|
1562 |
|
1563 | 2.9.0 / 2013-09-07
|
1564 | ==================
|
1565 |
|
1566 | * multipart: add docs regarding tmpfiles
|
1567 | * multipart: add .name back to file parts
|
1568 | * multipart: use multiparty instead of formidable
|
1569 |
|
1570 | 2.8.8 / 2013-09-02
|
1571 | ==================
|
1572 |
|
1573 | * csrf: change to math.random() salt and remove csrfToken() callback
|
1574 |
|
1575 | 2.8.7 / 2013-08-28
|
1576 | ==================
|
1577 |
|
1578 | * csrf: prevent salt generation on every request, and add async req.csrfToken(fn)
|
1579 |
|
1580 | 2.8.6 / 2013-08-28
|
1581 | ==================
|
1582 |
|
1583 | * csrf: refactor to use HMAC tokens (BREACH attack)
|
1584 | * compress: add compression of SVG and common font files by default.
|
1585 |
|
1586 | 2.8.5 / 2013-08-11
|
1587 | ==================
|
1588 |
|
1589 | * add: compress Dart source files by default
|
1590 | * update fresh
|
1591 |
|
1592 | 2.8.4 / 2013-07-08
|
1593 | ==================
|
1594 |
|
1595 | * update send
|
1596 |
|
1597 | 2.8.3 / 2013-07-04
|
1598 | ==================
|
1599 |
|
1600 | * add a name back to static middleware ("staticMiddleware")
|
1601 | * fix .hasBody() utility to require transfer-encoding or content-length
|
1602 |
|
1603 | 2.8.2 / 2013-07-03
|
1604 | ==================
|
1605 |
|
1606 | * update send
|
1607 | * update cookie dep.
|
1608 | * add better debug() for middleware
|
1609 | * add whitelisting of supported methods to methodOverride()
|
1610 |
|
1611 | 2.8.1 / 2013-06-27
|
1612 | ==================
|
1613 |
|
1614 | * fix: escape req.method in 404 response
|
1615 |
|
1616 | 2.8.0 / 2013-06-26
|
1617 | ==================
|
1618 |
|
1619 | * add `threshold` option to `compress()` to prevent compression of small responses
|
1620 | * add support for vendor JSON mime types in json()
|
1621 | * add X-Forwarded-Proto initial https proxy support
|
1622 | * change static redirect to 303
|
1623 | * change octal escape sequences for strict mode
|
1624 | * change: replace utils.uid() with uid2 lib
|
1625 | * remove other "static" function name. Fixes #794
|
1626 | * fix: hasBody() should return false if Content-Length: 0
|
1627 |
|
1628 | 2.7.11 / 2013-06-02
|
1629 | ==================
|
1630 |
|
1631 | * update send
|
1632 |
|
1633 | 2.7.10 / 2013-05-21
|
1634 | ==================
|
1635 |
|
1636 | * update qs
|
1637 | * update formidable
|
1638 | * fix: write/end to noop() when request aborted
|
1639 |
|
1640 | 2.7.9 / 2013-05-07
|
1641 | ==================
|
1642 |
|
1643 | * update qs
|
1644 | * drop support for node < v0.8
|
1645 |
|
1646 | 2.7.8 / 2013-05-03
|
1647 | ==================
|
1648 |
|
1649 | * update qs
|
1650 |
|
1651 | 2.7.7 / 2013-04-29
|
1652 | ==================
|
1653 |
|
1654 | * update qs dependency
|
1655 | * remove "static" function name. Closes #794
|
1656 | * update node-formidable
|
1657 | * update buffer-crc32
|
1658 |
|
1659 | 2.7.6 / 2013-04-15
|
1660 | ==================
|
1661 |
|
1662 | * revert cookie signature which was creating session race conditions
|
1663 |
|
1664 | 2.7.5 / 2013-04-12
|
1665 | ==================
|
1666 |
|
1667 | * update cookie-signature
|
1668 | * limit: do not consume request in node 0.10.x
|
1669 |
|
1670 | 2.7.4 / 2013-04-01
|
1671 | ==================
|
1672 |
|
1673 | * session: add long expires check and prevent excess set-cookie
|
1674 | * session: add console.error() of session#save() errors
|
1675 |
|
1676 | 2.7.3 / 2013-02-19
|
1677 | ==================
|
1678 |
|
1679 | * add name to compress middleware
|
1680 | * add appending Accept-Encoding to Vary when set but missing
|
1681 | * add tests for csrf middleware
|
1682 | * add 'next' support for connect() server handler
|
1683 | * change utils.uid() to return url-safe chars. Closes #753
|
1684 | * fix treating '.' as a regexp in vhost()
|
1685 | * fix duplicate bytes dep in package.json. Closes #743
|
1686 | * fix #733 - parse x-forwarded-proto in a more generally compatibly way
|
1687 | * revert "add support for `next(status[, msg])`"; makes composition hard
|
1688 |
|
1689 | 2.7.2 / 2013-01-04
|
1690 | ==================
|
1691 |
|
1692 | * add support for `next(status[, msg])` back
|
1693 | * add utf-8 meta tag to support foreign characters in filenames/directories
|
1694 | * change `timeout()` 408 to 503
|
1695 | * replace 'node-crc' with 'buffer-crc32', fixes licensing
|
1696 | * fix directory.html IE support
|
1697 |
|
1698 | 2.7.1 / 2012-12-05
|
1699 | ==================
|
1700 |
|
1701 | * add directory() tests
|
1702 | * add support for bodyParser to ignore Content-Type if no body is present (jquery primarily does this poorely)
|
1703 | * fix errorHandler signature
|
1704 |
|
1705 | 2.7.0 / 2012-11-13
|
1706 | ==================
|
1707 |
|
1708 | * add support for leading JSON whitespace
|
1709 | * add logging of `req.ip` when present
|
1710 | * add basicAuth support for `:`-delimited string
|
1711 | * update cookie module. Closes #688
|
1712 |
|
1713 | 2.6.2 / 2012-11-01
|
1714 | ==================
|
1715 |
|
1716 | * add `debug()` for disconnected session store
|
1717 | * fix session regeneration bug. Closes #681
|
1718 |
|
1719 | 2.6.1 / 2012-10-25
|
1720 | ==================
|
1721 |
|
1722 | * add passing of `connect.timeout()` errors to `next()`
|
1723 | * replace signature utils with cookie-signature module
|
1724 |
|
1725 | 2.6.0 / 2012-10-09
|
1726 | ==================
|
1727 |
|
1728 | * add `defer` option to `multipart()` [Blake Miner]
|
1729 | * fix mount path case sensitivity. Closes #663
|
1730 | * fix default of ascii encoding from `logger()`, now utf8. Closes #293
|
1731 |
|
1732 | 2.5.0 / 2012-09-27
|
1733 | ==================
|
1734 |
|
1735 | * add `err.status = 400` to multipart() errors
|
1736 | * add double-encoding protection to `compress()`. Closes #659
|
1737 | * add graceful handling cookie parsing errors [shtylman]
|
1738 | * fix typo X-Response-time to X-Response-Time
|
1739 |
|
1740 | 2.4.6 / 2012-09-18
|
1741 | ==================
|
1742 |
|
1743 | * update qs
|
1744 |
|
1745 | 2.4.5 / 2012-09-03
|
1746 | ==================
|
1747 |
|
1748 | * add session store "connect" / "disconnect" support [louischatriot]
|
1749 | * fix `:url` log token
|
1750 |
|
1751 | 2.4.4 / 2012-08-21
|
1752 | ==================
|
1753 |
|
1754 | * fix `static()` pause regression from "send" integration
|
1755 |
|
1756 | 2.4.3 / 2012-08-07
|
1757 | ==================
|
1758 |
|
1759 | * fix `.write()` encoding for zlib inconstancy. Closes #561
|
1760 |
|
1761 | 2.4.2 / 2012-07-25
|
1762 | ==================
|
1763 |
|
1764 | * remove limit default from `urlencoded()`
|
1765 | * remove limit default from `json()`
|
1766 | * remove limit default from `multipart()`
|
1767 | * fix `cookieSession()` clear cookie path / domain bug. Closes #636
|
1768 |
|
1769 | 2.4.1 / 2012-07-24
|
1770 | ==================
|
1771 |
|
1772 | * fix `options` mutation in `static()`
|
1773 |
|
1774 | 2.4.0 / 2012-07-23
|
1775 | ==================
|
1776 |
|
1777 | * add `connect.timeout()`
|
1778 | * add __GET__ / __HEAD__ check to `directory()`. Closes #634
|
1779 | * add "pause" util dep
|
1780 | * update send dep for normalization bug
|
1781 |
|
1782 | 2.3.9 / 2012-07-16
|
1783 | ==================
|
1784 |
|
1785 | * add more descriptive invalid json error message
|
1786 | * update send dep for root normalization regression
|
1787 | * fix staticCache fresh dep
|
1788 |
|
1789 | 2.3.8 / 2012-07-12
|
1790 | ==================
|
1791 |
|
1792 | * fix `connect.static()` 404 regression, pass `next()`. Closes #629
|
1793 |
|
1794 | 2.3.7 / 2012-07-05
|
1795 | ==================
|
1796 |
|
1797 | * add `json()` utf-8 illustration test. Closes #621
|
1798 | * add "send" dependency
|
1799 | * change `connect.static()` internals to use "send"
|
1800 | * fix `session()` req.session generation with pathname mismatch
|
1801 | * fix `cookieSession()` req.session generation with pathname mismatch
|
1802 | * fix mime export. Closes #618
|
1803 |
|
1804 | 2.3.6 / 2012-07-03
|
1805 | ==================
|
1806 |
|
1807 | * Fixed cookieSession() with cookieParser() secret regression. Closes #602
|
1808 | * Fixed set-cookie header fields on cookie.path mismatch. Closes #615
|
1809 |
|
1810 | 2.3.5 / 2012-06-28
|
1811 | ==================
|
1812 |
|
1813 | * Remove `logger()` mount check
|
1814 | * Fixed `staticCache()` dont cache responses with set-cookie. Closes #607
|
1815 | * Fixed `staticCache()` when Cookie is present
|
1816 |
|
1817 | 2.3.4 / 2012-06-22
|
1818 | ==================
|
1819 |
|
1820 | * Added `err.buf` to urlencoded() and json()
|
1821 | * Update cookie to 0.0.4. Closes #604
|
1822 | * Fixed: only send 304 if original response in 2xx or 304 [timkuijsten]
|
1823 |
|
1824 | 2.3.3 / 2012-06-11
|
1825 | ==================
|
1826 |
|
1827 | * Added ETags back to `static()` [timkuijsten]
|
1828 | * Replaced `utils.parseRange()` with `range-parser` module
|
1829 | * Replaced `utils.parseBytes()` with `bytes` module
|
1830 | * Replaced `utils.modified()` with `fresh` module
|
1831 | * Fixed `cookieSession()` regression with invalid cookie signing [shtylman]
|
1832 |
|
1833 | 2.3.2 / 2012-06-08
|
1834 | ==================
|
1835 |
|
1836 | * expose mime module
|
1837 | * Update crc dep (which bundled nodeunit)
|
1838 |
|
1839 | 2.3.1 / 2012-06-06
|
1840 | ==================
|
1841 |
|
1842 | * Added `secret` option to `cookieSession` middleware [shtylman]
|
1843 | * Added `secret` option to `session` middleware [shtylman]
|
1844 | * Added `req.remoteUser` back to `basicAuth()` as alias of `req.user`
|
1845 | * Performance: improve signed cookie parsing
|
1846 | * Update `cookie` dependency [shtylman]
|
1847 |
|
1848 | 2.3.0 / 2012-05-20
|
1849 | ==================
|
1850 |
|
1851 | * Added limit option to `json()`
|
1852 | * Added limit option to `urlencoded()`
|
1853 | * Added limit option to `multipart()`
|
1854 | * Fixed: remove socket error event listener on callback
|
1855 | * Fixed __ENOTDIR__ error on `static` middleware
|
1856 |
|
1857 | 2.2.2 / 2012-05-07
|
1858 | ==================
|
1859 |
|
1860 | * Added support to csrf middle for pre-flight CORS requests
|
1861 | * Updated `engines` to allow newer version of node
|
1862 | * Removed duplicate repo prop. Closes #560
|
1863 |
|
1864 | 2.2.1 / 2012-04-28
|
1865 | ==================
|
1866 |
|
1867 | * Fixed `static()` redirect when mounted. Closes #554
|
1868 |
|
1869 | 2.2.0 / 2012-04-25
|
1870 | ==================
|
1871 |
|
1872 | * Added `make benchmark`
|
1873 | * Perf: memoize url parsing (~20% increase)
|
1874 | * Fixed `connect(fn, fn2, ...)`. Closes #549
|
1875 |
|
1876 | 2.1.3 / 2012-04-20
|
1877 | ==================
|
1878 |
|
1879 | * Added optional json() `reviver` function to be passed to JSON.parse [jed]
|
1880 | * Fixed: emit drain in compress middleware [nsabovic]
|
1881 |
|
1882 | 2.1.2 / 2012-04-11
|
1883 | ==================
|
1884 |
|
1885 | * Fixed cookieParser() `req.cookies` regression
|
1886 |
|
1887 | 2.1.1 / 2012-04-11
|
1888 | ==================
|
1889 |
|
1890 | * Fixed `session()` browser-session length cookies & examples
|
1891 | * Fixed: make `query()` "self-aware" [jed]
|
1892 |
|
1893 | 2.1.0 / 2012-04-05
|
1894 | ==================
|
1895 |
|
1896 | * Added `debug()` calls to `.use()` (`DEBUG=connect:displatcher`)
|
1897 | * Added `urlencoded()` support for GET
|
1898 | * Added `json()` support for GET. Closes #497
|
1899 | * Added `strict` option to `json()`
|
1900 | * Changed: `session()` only set-cookie when modified
|
1901 | * Removed `Session#lastAccess` property. Closes #399
|
1902 |
|
1903 | 2.0.3 / 2012-03-20
|
1904 | ==================
|
1905 |
|
1906 | * Added: `cookieSession()` only sets cookie on change. Closes #442
|
1907 | * Added `connect:dispatcher` debug() probes
|
1908 |
|
1909 | 2.0.2 / 2012-03-04
|
1910 | ==================
|
1911 |
|
1912 | * Added test for __ENAMETOOLONG__ now that node is fixed
|
1913 | * Fixed static() index "/" check on windows. Closes #498
|
1914 | * Fixed Content-Range behaviour to match RFC2616 [matthiasdg / visionmedia]
|
1915 |
|
1916 | 2.0.1 / 2012-02-29
|
1917 | ==================
|
1918 |
|
1919 | * Added test coverage for `vhost()` middleware
|
1920 | * Changed `cookieParser()` signed cookie support to use SHA-2 [senotrusov]
|
1921 | * Fixed `static()` Range: respond with 416 when unsatisfiable
|
1922 | * Fixed `vhost()` middleware. Closes #494
|
1923 |
|
1924 | 2.0.0 / 2011-10-05
|
1925 | ==================
|
1926 |
|
1927 | * Added `cookieSession()` middleware for cookie-only sessions
|
1928 | * Added `compress()` middleware for gzip / deflate support
|
1929 | * Added `session()` "proxy" setting to trust `X-Forwarded-Proto`
|
1930 | * Added `json()` middleware to parse "application/json"
|
1931 | * Added `urlencoded()` middleware to parse "application/x-www-form-urlencoded"
|
1932 | * Added `multipart()` middleware to parse "multipart/form-data"
|
1933 | * Added `cookieParser(secret)` support so anything using this middleware may access signed cookies
|
1934 | * Added signed cookie support to `cookieParser()`
|
1935 | * Added support for JSON-serialized cookies to `cookieParser()`
|
1936 | * Added `err.status` support in Connect's default end-point
|
1937 | * Added X-Cache MISS / HIT to `staticCache()`
|
1938 | * Added public `res.headerSent` checking nodes `res._headerSent` until node does
|
1939 | * Changed `basicAuth()` req.remoteUser to req.user
|
1940 | * Changed: default `session()` to a browser-session cookie. Closes #475
|
1941 | * Changed: no longer lowercase cookie names
|
1942 | * Changed `bodyParser()` to use `json()`, `urlencoded()`, and `multipart()`
|
1943 | * Changed: `errorHandler()` is now a development-only middleware
|
1944 | * Changed middleware to `next()` errors when possible so applications can unify logging / handling
|
1945 | * Removed `http[s].Server` inheritance, now just a function, making it easy to have an app providing both http and https
|
1946 | * Removed `.createServer()` (use `connect()`)
|
1947 | * Removed `secret` option from `session()`, use `cookieParser(secret)`
|
1948 | * Removed `connect.session.ignore` array support
|
1949 | * Removed `router()` middleware. Closes #262
|
1950 | * Fixed: set-cookie only once for browser-session cookies
|
1951 | * Fixed FQDN support. dont add leading "/"
|
1952 | * Fixed 404 XSS attack vector. Closes #473
|
1953 | * Fixed __HEAD__ support for 404s and 500s generated by Connect's end-point
|
1954 |
|
1955 | 1.8.5 / 2011-12-22
|
1956 | ==================
|
1957 |
|
1958 | * Fixed: actually allow empty body for json
|
1959 |
|
1960 | 1.8.4 / 2011-12-22
|
1961 | ==================
|
1962 |
|
1963 | * Changed: allow empty body for json/urlencoded requests. Backport for #443
|
1964 |
|
1965 | 1.8.3 / 2011-12-16
|
1966 | ==================
|
1967 |
|
1968 | * Fixed `static()` _index.html_ support on windows
|
1969 |
|
1970 | 1.8.2 / 2011-12-03
|
1971 | ==================
|
1972 |
|
1973 | * Fixed potential security issue, store files in req.files. Closes #431 [reported by dobesv]
|
1974 |
|
1975 | 1.8.1 / 2011-11-21
|
1976 | ==================
|
1977 |
|
1978 | * Added nesting support for _multipart/form-data_ [jackyz]
|
1979 |
|
1980 | 1.8.0 / 2011-11-17
|
1981 | ==================
|
1982 |
|
1983 | * Added _multipart/form-data_ support to `bodyParser()` using formidable
|
1984 |
|
1985 | 1.7.3 / 2011-11-11
|
1986 | ==================
|
1987 |
|
1988 | * Fixed `req.body`, always default to {}
|
1989 | * Fixed HEAD support for 404s and 500s
|
1990 |
|
1991 | 1.7.2 / 2011-10-24
|
1992 | ==================
|
1993 |
|
1994 | * "node": ">= 0.4.1 < 0.7.0"
|
1995 | * Added `static()` redirect option. Closes #398
|
1996 | * Changed `limit()`: respond with 413 when content-length exceeds the limit
|
1997 | * Removed socket error listener in static(). Closes #389
|
1998 | * Fixed `staticCache()` Age header field
|
1999 | * Fixed race condition causing errors reported in #329.
|
2000 |
|
2001 | 1.7.1 / 2011-09-12
|
2002 | ==================
|
2003 |
|
2004 | * Added: make `Store` inherit from `EventEmitter`
|
2005 | * Added session `Store#load(sess, fn)` to fetch a `Session` instance
|
2006 | * Added backpressure support to `staticCache()`
|
2007 | * Changed `res.socket.destroy()` to `req.socket.destroy()`
|
2008 |
|
2009 | 1.7.0 / 2011-08-31
|
2010 | ==================
|
2011 |
|
2012 | * Added `staticCache()` middleware, a memory cache for `static()`
|
2013 | * Added public `res.headerSent` checking nodes `res._headerSent` (remove when node adds this)
|
2014 | * Changed: ignore error handling middleware when header is sent
|
2015 | * Changed: dispatcher errors after header is sent destroy the sock
|
2016 |
|
2017 | 1.6.4 / 2011-08-26
|
2018 | ==================
|
2019 |
|
2020 | * Revert "Added double-next reporting"
|
2021 |
|
2022 | 1.6.3 / 2011-08-26
|
2023 | ==================
|
2024 |
|
2025 | * Added double-`next()` reporting
|
2026 | * Added `immediate` option to `logger()`. Closes #321
|
2027 | * Dependency `qs >= 0.3.1`
|
2028 |
|
2029 | 1.6.2 / 2011-08-11
|
2030 | ==================
|
2031 |
|
2032 | * Fixed `connect.static()` null byte vulnerability
|
2033 | * Fixed `connect.directory()` null byte vulnerability
|
2034 | * Changed: 301 redirect in `static()` to postfix "/" on directory. Closes #289
|
2035 |
|
2036 | 1.6.1 / 2011-08-03
|
2037 | ==================
|
2038 |
|
2039 | * Added: allow retval `== null` from logger callback to ignore line
|
2040 | * Added `getOnly` option to `connect.static.send()`
|
2041 | * Added response "header" event allowing augmentation
|
2042 | * Added `X-CSRF-Token` header field check
|
2043 | * Changed dep `qs >= 0.3.0`
|
2044 | * Changed: persist csrf token. Closes #322
|
2045 | * Changed: sort directory middleware files alphabetically
|
2046 |
|
2047 | 1.6.0 / 2011-07-10
|
2048 | ==================
|
2049 |
|
2050 | * Added :response-time to "dev" logger format
|
2051 | * Added simple `csrf()` middleware. Closes #315
|
2052 | * Fixed `res._headers` logger regression. Closes #318
|
2053 | * Removed support for multiple middleware being passed to `.use()`
|
2054 |
|
2055 | 1.5.2 / 2011-07-06
|
2056 | ==================
|
2057 |
|
2058 | * Added `filter` function option to `directory()` [David Rio Deiros]
|
2059 | * Changed: re-write of the `logger()` middleware, with extensible tokens and formats
|
2060 | * Changed: `static.send()` ".." in path without root considered malicious
|
2061 | * Fixed quotes in docs. Closes #312
|
2062 | * Fixed urls when mounting `directory()`, use `originalUrl` [Daniel Dickison]
|
2063 |
|
2064 |
|
2065 | 1.5.1 / 2011-06-20
|
2066 | ==================
|
2067 |
|
2068 | * Added malicious path check to `directory()` middleware
|
2069 | * Added `utils.forbidden(res)`
|
2070 | * Added `connect.query()` middleware
|
2071 |
|
2072 | 1.5.0 / 2011-06-20
|
2073 | ==================
|
2074 |
|
2075 | * Added `connect.directory()` middleware for serving directory listings
|
2076 |
|
2077 | 1.4.6 / 2011-06-18
|
2078 | ==================
|
2079 |
|
2080 | * Fixed `connect.static()` root with `..`
|
2081 | * Fixed `connect.static()` __EBADF__
|
2082 |
|
2083 | 1.4.5 / 2011-06-17
|
2084 | ==================
|
2085 |
|
2086 | * Fixed EBADF in `connect.static()`. Closes #297
|
2087 |
|
2088 | 1.4.4 / 2011-06-16
|
2089 | ==================
|
2090 |
|
2091 | * Changed `connect.static()` to check resolved dirname. Closes #294
|
2092 |
|
2093 | 1.4.3 / 2011-06-06
|
2094 | ==================
|
2095 |
|
2096 | * Fixed fd leak in `connect.static()` when the socket is closed
|
2097 | * Fixed; `bodyParser()` ignoring __GET/HEAD__. Closes #285
|
2098 |
|
2099 | 1.4.2 / 2011-05-27
|
2100 | ==================
|
2101 |
|
2102 | * Changed to `devDependencies`
|
2103 | * Fixed stream creation on `static()` __HEAD__ request. [Andreas Lind Petersen]
|
2104 | * Fixed Win32 support for `static()`
|
2105 | * Fixed monkey-patch issue. Closes #261
|
2106 |
|
2107 | 1.4.1 / 2011-05-08
|
2108 | ==================
|
2109 |
|
2110 | * Added "hidden" option to `static()`. ignores hidden files by default. Closes * Added; expose `connect.static.mime.define()`. Closes #251
|
2111 | * Fixed `errorHandler` middleware for missing stack traces. [aseemk]
|
2112 | #274
|
2113 |
|
2114 | 1.4.0 / 2011-04-25
|
2115 | ==================
|
2116 |
|
2117 | * Added route-middleware `next('route')` support to jump passed the route itself
|
2118 | * Added Content-Length support to `limit()`
|
2119 | * Added route-specific middleware support (used to be in express)
|
2120 | * Changed; refactored duplicate session logic
|
2121 | * Changed; prevent redefining `store.generate` per request
|
2122 | * Fixed; `static()` does not set Content-Type when explicitly set [nateps]
|
2123 | * Fixed escape `errorHandler()` {error} contents
|
2124 | * NOTE: `router` will be removed in 2.0
|
2125 |
|
2126 |
|
2127 | 1.3.0 / 2011-04-06
|
2128 | ==================
|
2129 |
|
2130 | * Added `router.remove(path[, method])` to remove a route
|
2131 |
|
2132 | 1.2.3 / 2011-04-05
|
2133 | ==================
|
2134 |
|
2135 | * Fixed basicAuth realm issue when passing strings. Closes #253
|
2136 |
|
2137 | 1.2.2 / 2011-04-05
|
2138 | ==================
|
2139 |
|
2140 | * Added `basicAuth(username, password)` support
|
2141 | * Added `errorHandler.title` defaulting to "Connect"
|
2142 | * Changed `errorHandler` css
|
2143 |
|
2144 | 1.2.1 / 2011-03-30
|
2145 | ==================
|
2146 |
|
2147 | * Fixed `logger()` https `remoteAddress` logging [Alexander Simmerl]
|
2148 |
|
2149 | 1.2.0 / 2011-03-30
|
2150 | ==================
|
2151 |
|
2152 | * Added `router.lookup(path[, method])`
|
2153 | * Added `router.match(url[, method])`
|
2154 | * Added basicAuth async support. Closes #223
|
2155 |
|
2156 | 1.1.5 / 2011-03-27
|
2157 | ==================
|
2158 |
|
2159 | * Added; allow `logger()` callback function to return an empty string to ignore logging
|
2160 | * Fixed; utilizing `mime.charsets.lookup()` for `static()`. Closes 245
|
2161 |
|
2162 | 1.1.4 / 2011-03-23
|
2163 | ==================
|
2164 |
|
2165 | * Added `logger()` support for format function
|
2166 | * Fixed `logger()` to support mess of writeHead()/progressive api for node 0.4.x
|
2167 |
|
2168 | 1.1.3 / 2011-03-21
|
2169 | ==================
|
2170 |
|
2171 | * Changed; `limit()` now calls `req.destroy()`
|
2172 |
|
2173 | 1.1.2 / 2011-03-21
|
2174 | ==================
|
2175 |
|
2176 | * Added request "limit" event to `limit()` middleware
|
2177 | * Changed; `limit()` middleware will `next(err)` on failure
|
2178 |
|
2179 | 1.1.1 / 2011-03-18
|
2180 | ==================
|
2181 |
|
2182 | * Fixed session middleware for HTTPS. Closes #241 [reported by mt502]
|
2183 |
|
2184 | 1.1.0 / 2011-03-17
|
2185 | ==================
|
2186 |
|
2187 | * Added `Session#reload(fn)`
|
2188 |
|
2189 | 1.0.6 / 2011-03-09
|
2190 | ==================
|
2191 |
|
2192 | * Fixed `res.setHeader()` patch, preserve casing
|
2193 |
|
2194 | 1.0.5 / 2011-03-09
|
2195 | ==================
|
2196 |
|
2197 | * Fixed; `logger()` using `req.originalUrl` instead of `req.url`
|
2198 |
|
2199 | 1.0.4 / 2011-03-09
|
2200 | ==================
|
2201 |
|
2202 | * Added `res.charset`
|
2203 | * Added conditional sessions example
|
2204 | * Added support for `session.ignore` to be replaced. Closes #227
|
2205 | * Fixed `Cache-Control` delimiters. Closes #228
|
2206 |
|
2207 | 1.0.3 / 2011-03-03
|
2208 | ==================
|
2209 |
|
2210 | * Fixed; `static.send()` invokes callback with connection error
|
2211 |
|
2212 | 1.0.2 / 2011-03-02
|
2213 | ==================
|
2214 |
|
2215 | * Fixed exported connect function
|
2216 | * Fixed package.json; node ">= 0.4.1 < 0.5.0"
|
2217 |
|
2218 | 1.0.1 / 2011-03-02
|
2219 | ==================
|
2220 |
|
2221 | * Added `Session#save(fn)`. Closes #213
|
2222 | * Added callback support to `connect.static.send()` for express
|
2223 | * Added `connect.static.send()` "path" option
|
2224 | * Fixed content-type in `static()` for _index.html_
|
2225 |
|
2226 | 1.0.0 / 2011-03-01
|
2227 | ==================
|
2228 |
|
2229 | * Added `stack`, `message`, and `dump` errorHandler option aliases
|
2230 | * Added `req.originalMethod` to methodOverride
|
2231 | * Added `favicon()` maxAge option support
|
2232 | * Added `connect()` alternative to `connect.createServer()`
|
2233 | * Added new [documentation](http://senchalabs.github.com/connect)
|
2234 | * Added Range support to `static()`
|
2235 | * Added HTTPS support
|
2236 | * Rewrote session middleware. The session API now allows for
|
2237 | session-specific cookies, so you may alter each individually.
|
2238 | Click to view the new [session api](http://senchalabs.github.com/connect/middleware-session.html).
|
2239 | * Added middleware self-awareness. This helps prevent
|
2240 | middleware breakage when used within mounted servers.
|
2241 | For example `cookieParser()` will not parse cookies more
|
2242 | than once even when within a mounted server.
|
2243 | * Added new examples in the `./examples` directory
|
2244 | * Added [limit()](http://senchalabs.github.com/connect/middleware-limit.html) middleware
|
2245 | * Added [profiler()](http://senchalabs.github.com/connect/middleware-profiler.html) middleware
|
2246 | * Added [responseTime()](http://senchalabs.github.com/connect/middleware-responseTime.html) middleware
|
2247 | * Renamed `staticProvider` to `static`
|
2248 | * Renamed `bodyDecoder` to `bodyParser`
|
2249 | * Renamed `cookieDecoder` to `cookieParser`
|
2250 | * Fixed ETag quotes. [reported by papandreou]
|
2251 | * Fixed If-None-Match comma-delimited ETag support. [reported by papandreou]
|
2252 | * Fixed; only set req.originalUrl once. Closes #124
|
2253 | * Fixed symlink support for `static()`. Closes #123
|
2254 |
|
2255 | 0.5.10 / 2011-02-14
|
2256 | ==================
|
2257 |
|
2258 | * Fixed SID space issue. Closes #196
|
2259 | * Fixed; proxy `res.end()` to commit session data
|
2260 | * Fixed directory traversal attack in `staticProvider`. Closes #198
|
2261 |
|
2262 | 0.5.9 / 2011-02-09
|
2263 | ==================
|
2264 |
|
2265 | * qs >= 0.0.4
|
2266 |
|
2267 | 0.5.8 / 2011-02-04
|
2268 | ==================
|
2269 |
|
2270 | * Added `qs` dependency
|
2271 | * Fixed router race-condition causing possible failure
|
2272 | when `next()`ing to one or more routes with parallel
|
2273 | requests
|
2274 |
|
2275 | 0.5.7 / 2011-02-01
|
2276 | ==================
|
2277 |
|
2278 | * Added `onvhost()` call so Express (and others) can know when they are
|
2279 | * Revert "Added stylus support" (use the middleware which ships with stylus)
|
2280 | * Removed custom `Server#listen()` to allow regular `http.Server#listen()` args to work properly
|
2281 | * Fixed long standing router issue (#83) that causes '.' to be disallowed within named placeholders in routes [Andreas Lind Petersen]
|
2282 | * Fixed `utils.uid()` length error [Jxck]
|
2283 | mounted
|
2284 |
|
2285 | 0.5.6 / 2011-01-23
|
2286 | ==================
|
2287 |
|
2288 | * Added stylus support to `compiler`
|
2289 | * _favicon.js_ cleanup
|
2290 | * _compiler.js_ cleanup
|
2291 | * _bodyDecoder.js_ cleanup
|
2292 |
|
2293 | 0.5.5 / 2011-01-13
|
2294 | ==================
|
2295 |
|
2296 | * Changed; using sha256 HMAC instead of md5. [Paul Querna]
|
2297 | * Changed; generated a longer random UID, without time influence. [Paul Querna]
|
2298 | * Fixed; session middleware throws when secret is not present. [Paul Querna]
|
2299 |
|
2300 | 0.5.4 / 2011-01-07
|
2301 | ==================
|
2302 |
|
2303 | * Added; throw when router path or callback is missing
|
2304 | * Fixed; `next(err)` on cookie parse exception instead of ignoring
|
2305 | * Revert "Added utils.pathname(), memoized url.parse(str).pathname"
|
2306 |
|
2307 | 0.5.3 / 2011-01-05
|
2308 | ==================
|
2309 |
|
2310 | * Added _docs/api.html_
|
2311 | * Added `utils.pathname()`, memoized url.parse(str).pathname
|
2312 | * Fixed `session.id` issue. Closes #183
|
2313 | * Changed; Defaulting `staticProvider` maxAge to 0 not 1 year. Closes #179
|
2314 | * Removed bad outdated docs, we need something new / automated eventually
|
2315 |
|
2316 | 0.5.2 / 2010-12-28
|
2317 | ==================
|
2318 |
|
2319 | * Added default __OPTIONS__ support to _router_ middleware
|
2320 |
|
2321 | 0.5.1 / 2010-12-28
|
2322 | ==================
|
2323 |
|
2324 | * Added `req.session.id` mirroring `req.sessionID`
|
2325 | * Refactored router, exposing `connect.router.methods`
|
2326 | * Exclude non-lib files from npm
|
2327 | * Removed imposed headers `X-Powered-By`, `Server`, etc
|
2328 |
|
2329 | 0.5.0 / 2010-12-06
|
2330 | ==================
|
2331 |
|
2332 | * Added _./index.js_
|
2333 | * Added route segment precondition support and example
|
2334 | * Added named capture group support to router
|
2335 |
|
2336 | 0.4.0 / 2010-11-29
|
2337 | ==================
|
2338 |
|
2339 | * Added `basicAuth` middleware
|
2340 | * Added more HTTP methods to the `router` middleware
|
2341 |
|
2342 | 0.3.0 / 2010-07-21
|
2343 | ==================
|
2344 |
|
2345 | * Added _staticGzip_ middleware
|
2346 | * Added `connect.utils` to expose utils
|
2347 | * Added `connect.session.Session`
|
2348 | * Added `connect.session.Store`
|
2349 | * Added `connect.session.MemoryStore`
|
2350 | * Added `connect.middleware` to expose the middleware getters
|
2351 | * Added `buffer` option to _logger_ for performance increase
|
2352 | * Added _favicon_ middleware for serving your own favicon or the connect default
|
2353 | * Added option support to _staticProvider_, can now pass _root_ and _lifetime_.
|
2354 | * Added; mounted `Server` instances now have the `route` property exposed for reflection
|
2355 | * Added support for callback as first arg to `Server#use()`
|
2356 | * Added support for `next(true)` in _router_ to bypass match attempts
|
2357 | * Added `Server#listen()` _host_ support
|
2358 | * Added `Server#route` when `Server#use()` is called with a route on a `Server` instance
|
2359 | * Added _methodOverride_ X-HTTP-Method-Override support
|
2360 | * Refactored session internals, adds _secret_ option
|
2361 | * Renamed `lifetime` option to `maxAge` in _staticProvider_
|
2362 | * Removed connect(1), it is now [spark(1)](http://github.com/senchalabs/spark)
|
2363 | * Removed connect(1) dependency on examples, they can all now run with node(1)
|
2364 | * Remove a typo that was leaking a global.
|
2365 | * Removed `Object.prototype` forEach() and map() methods
|
2366 | * Removed a few utils not used
|
2367 | * Removed `connect.createApp()`
|
2368 | * Removed `res.simpleBody()`
|
2369 | * Removed _format_ middleware
|
2370 | * Removed _flash_ middleware
|
2371 | * Removed _redirect_ middleware
|
2372 | * Removed _jsonrpc_ middleware, use [visionmedia/connect-jsonrpc](http://github.com/visionmedia/connect-jsonrpc)
|
2373 | * Removed _pubsub_ middleware
|
2374 | * Removed need for `params.{captures,splat}` in _router_ middleware, `params` is an array
|
2375 | * Changed; _compiler_ no longer 404s
|
2376 | * Changed; _router_ signature now matches connect middleware signature
|
2377 | * Fixed a require in _session_ for default `MemoryStore`
|
2378 | * Fixed nasty request body bug in _router_. Closes #54
|
2379 | * Fixed _less_ support in _compiler_
|
2380 | * Fixed bug preventing proper bubbling of exceptions in mounted servers
|
2381 | * Fixed bug in `Server#use()` preventing `Server` instances as the first arg
|
2382 | * Fixed **ENOENT** special case, is now treated as any other exception
|
2383 | * Fixed spark env support
|
2384 |
|
2385 | 0.2.1 / 2010-07-09
|
2386 | ==================
|
2387 |
|
2388 | * Added support for _router_ `next()` to continue calling matched routes
|
2389 | * Added mime type for _cache.manifest_ files.
|
2390 | * Changed _compiler_ middleware to use async require
|
2391 | * Changed session api, stores now only require `#get()`, and `#set()`
|
2392 | * Fixed _cacheManifest_ by adding `utils.find()` back
|
2393 |
|
2394 | 0.2.0 / 2010-07-01
|
2395 | ==================
|
2396 |
|
2397 | * Added calls to `Session()` casts the given object as a `Session` instance
|
2398 | * Added passing of `next()` to _router_ callbacks. Closes #46
|
2399 | * Changed; `MemoryStore#destroy()` removes `req.session`
|
2400 | * Changed `res.redirect("back")` to default to "/" when Referr?er is not present
|
2401 | * Fixed _staticProvider_ urlencoded paths issue. Closes #47
|
2402 | * Fixed _staticProvider_ middleware responding to **GET** requests
|
2403 | * Fixed _jsonrpc_ middleware `Accept` header check. Closes #43
|
2404 | * Fixed _logger_ format option
|
2405 | * Fixed typo in _compiler_ middleware preventing the _dest_ option from working
|
2406 |
|
2407 | 0.1.0 / 2010-06-25
|
2408 | ==================
|
2409 |
|
2410 | * Revamped the api, view the [Connect documentation](http://extjs.github.com/Connect/index.html#Middleware-Authoring) for more info (hover on the right for menu)
|
2411 | * Added [extended api docs](http://extjs.github.com/Connect/api.html)
|
2412 | * Added docs for several more middleware layers
|
2413 | * Added `connect.Server#use()`
|
2414 | * Added _compiler_ middleware which provides arbitrary static compilation
|
2415 | * Added `req.originalUrl`
|
2416 | * Removed _blog_ example
|
2417 | * Removed _sass_ middleware (use _compiler_)
|
2418 | * Removed _less_ middleware (use _compiler_)
|
2419 | * Renamed middleware to be camelcase, _body-decoder_ is now _bodyDecoder_ etc.
|
2420 | * Fixed `req.url` mutation bug when matching `connect.Server#use()` routes
|
2421 | * Fixed `mkdir -p` implementation used in _bin/connect_. Closes #39
|
2422 | * Fixed bug in _bodyDecoder_ throwing exceptions on request empty bodies
|
2423 | * `make install` installing lib to $LIB_PREFIX aka $HOME/.node_libraries
|
2424 |
|
2425 | 0.0.6 / 2010-06-22
|
2426 | ==================
|
2427 |
|
2428 | * Added _static_ middleware usage example
|
2429 | * Added support for regular expressions as paths for _router_
|
2430 | * Added `util.merge()`
|
2431 | * Increased performance of _static_ by ~ 200 rps
|
2432 | * Renamed the _rest_ middleware to _router_
|
2433 | * Changed _rest_ api to accept a callback function
|
2434 | * Removed _router_ middleware
|
2435 | * Removed _proto.js_, only `Object#forEach()` remains
|
2436 |
|
2437 | 0.0.5 / 2010-06-21
|
2438 | ==================
|
2439 |
|
2440 | * Added Server#use() which contains the Layer normalization logic
|
2441 | * Added documentation for several middleware
|
2442 | * Added several new examples
|
2443 | * Added _less_ middleware
|
2444 | * Added _repl_ middleware
|
2445 | * Added _vhost_ middleware
|
2446 | * Added _flash_ middleware
|
2447 | * Added _cookie_ middleware
|
2448 | * Added _session_ middleware
|
2449 | * Added `utils.htmlEscape()`
|
2450 | * Added `utils.base64Decode()`
|
2451 | * Added `utils.base64Encode()`
|
2452 | * Added `utils.uid()`
|
2453 | * Added bin/connect app path and --config path support for .js suffix, although optional. Closes #26
|
2454 | * Moved mime code to `utils.mime`, ex `utils.mime.types`, and `utils.mime.type()`
|
2455 | * Renamed req.redirect() to res.redirect(). Closes #29
|
2456 | * Fixed _sass_ 404 on **ENOENT**
|
2457 | * Fixed +new Date duplication. Closes #24
|
2458 |
|
2459 | 0.0.4 / 2010-06-16
|
2460 | ==================
|
2461 |
|
2462 | * Added workerPidfile() to bin/connect
|
2463 | * Added --workers support to bin/connect stop and status commands
|
2464 | * Added _redirect_ middleware
|
2465 | * Added better --config support to bin/connect. All flags can be utilized
|
2466 | * Added auto-detection of _./config.js_
|
2467 | * Added config example
|
2468 | * Added `net.Server` support to bin/connect
|
2469 | * Writing worker pids relative to `env.pidfile`
|
2470 | * s/parseQuery/parse/g
|
2471 | * Fixed npm support
|
2472 |
|
2473 | 0.0.3 / 2010-06-16
|
2474 | ==================
|
2475 |
|
2476 | * Fixed node dependency in package.json, now _">= 0.1.98-0"_ to support __HEAD__
|
2477 |
|
2478 | 0.0.2 / 2010-06-15
|
2479 | ==================
|
2480 |
|
2481 | * Added `-V, --version` to bin/connect
|
2482 | * Added `utils.parseCookie()`
|
2483 | * Added `utils.serializeCookie()`
|
2484 | * Added `utils.toBoolean()`
|
2485 | * Added _sass_ middleware
|
2486 | * Added _cookie_ middleware
|
2487 | * Added _format_ middleware
|
2488 | * Added _lint_ middleware
|
2489 | * Added _rest_ middleware
|
2490 | * Added _./package.json_ (npm install connect)
|
2491 | * Added `handleError()` support
|
2492 | * Added `process.connectEnv`
|
2493 | * Added custom log format support to _log_ middleware
|
2494 | * Added arbitrary env variable support to bin/connect (ext: --logFormat ":method :url")
|
2495 | * Added -w, --workers to bin/connect
|
2496 | * Added bin/connect support for --user NAME and --group NAME
|
2497 | * Fixed url re-writing support
|
2498 |
|
2499 | 0.0.1 / 2010-06-03
|
2500 | ==================
|
2501 |
|
2502 | * Initial release
|
2503 |
|