[Snyk] Upgrade express-rate-limit from 5.4.1 to 6.0.5

[snyk-bot]

Snyk has created this PR to upgrade express-rate-limit from 5.4.1 to 6.0.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 8 versions ahead of your current version.
• The recommended version was released 21 days ago, on 2022-01-06.

Release notes

Package name: express-rate-limit

• 6.0.5 - 2022-01-06
  

  Fixed

  • Use named imports for ExpressJS types so users do not need to enable the esModuleInterop flag in their Typescript compiler configuration.
• 6.0.4 - 2022-01-02
  

  Fixed

  • Upload the built package as a .tgz to GitHub releases.

  Changed

  • Add main and module fields to package.json. This helps tools such as ESLint that do not yet support the exports field.
  • Bumped the minimum node.js version in package-lock.json to match package.json
• 6.0.3 - 2021-12-30
  

  Changed

  • Bumped minimum Node version from 12.9 to 14.5 because the transpiled output uses the nullish coalescing operator (??), which isn't supported in Node prior to 14.x.
• 6.0.2 - 2021-12-30
  

  Fixed

  • Ensure CommonJS projects can import the module.

  Added

  • Add additional tests that test:
    • importing the library in js-cjs, js-esm, ts-cjs, ts-esm environments.
    • usage of the library with external stores (redis, mongo, memcached, precise).

  Changed

  • Use esbuild to generate ESM and CJS output. This reduces the size of the built package from 138 kb to 13kb and build time to 4 ms! 🚀
  • Use dts-bundle-generator to generate a single Typescript declaration file.
• 6.0.1 - 2021-12-25
  

  Fixed

  • Ensure CommonJS projects can import the module.
• 6.0.0 - 2021-12-24
  

  Added

  • express 4.x as a peer dependency.
  • Better Typescript support (the library was rewritten in Typescript).
  • Export the package as both ESM and CJS.
  • Publish the built package (.tgz file) on GitHub releases as well as the npm registry.
  • Issue and PR templates.
  • A contributing guide.
  • A changelog.

  Changed

  • Rename the draft_polli_ratelimit_headers option to standardHeaders.
  • Rename the headers option to legacyHeaders.
  • Retry-After header is now sent if either legacyHeaders or standardHeaders is set.
  • Allow keyGenerator to be an async function/return a promise.
  • Change the way custom stores are defined.
    • Add the init method for stores to set themselves up using options passed to the middleware.
    • Rename the incr method to increment.
    • Allow the increment, decrement, resetKey and resetAll methods to return a promise.
    • Old stores will automatically be promisified and used.
  • The package can now only be used with NodeJS version 12.9.0 or greater.
  • The onLimitReached configuration option is now deprecated. Replace it with a custom handler that checks the number of hits.

  Removed

  • Remove the deprecated limiter.resetIp method (use the limiter.resetKey method instead).
  • Remove the deprecated options delayMs, delayAfter (the delay functionality was moved to the express-slow-down package) and global (use a key generator that returns a constant value).
• 5.5.1 - 2021-11-06
  

  5.5.1

• 5.5.0 - 2021-10-12
  

  5.5.0

• 5.4.1 - 2021-10-05
  

  5.4.1

from express-rate-limit GitHub release notes

Commit messages

Package name: express-rate-limit

• 2fdc2ff 6.0.5
• f71867c docs: update documentation on importing the library
• 013d60c style: fix import order
• 3717b99 test: use named import from `supertest` in tests
• ece892d fix: remove unneccessary fields in tsconfigs
• 618474f test: keep import test tsconfigs minimal
• 63800e7 fix: use named imports for express types
• 99dba37 docs: add note about built package on releases to changelog
• 9d43ddf doc: update 6.0.4 changelog to mention engines.node change in package-lock.json
• 2eabd3f 6.0.4 changelog
• 2ac0274 6.0.4
• 5dccfb6 Merge pull request [Snyk] Upgrade: @babel/node, @babel/preset-env #279 from nfriedly/meta/eslint-tests
• 8c4c39e npm install in the ts/js/cjs/esm tests
• 2333f98 test: try fixing failing eslint tests
• 27de69f meta: fail test if lint job fails
• 52507a0 meta: run eslint tests along with import tests
• 5a16de1 meta: restructure `exports`, add `main` and `module` fields to package.json
• 05ad6b5 meta: remove unused lint rule exceptions
• 4bd1d89 chore: also bump min node.js version in package-lock.json
• bc73e71 docs: fix incorrect description of esm vs commonjs
• 2d09cfe docs: correct typo in readme
• 6b88ce0 style: format the readme
• e95152e docs: add more details on importing in ts-cjs projects
• b85c2e1 docs: add note about node 14+ requirement to readme

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs