2025-03-27 20:13:27 -05:00
5.1.0 / 2025-03-31
2024-10-22 20:22:26 +02:00
========================
2025-03-27 20:13:27 -05:00
* Add support for `Uint8Array` in `res.send()`
* Add support for ETag option in `res.sendFile()`
* Add support for multiple links with the same rel in `res.links()`
* Add funding field to package.json
2024-11-20 14:40:39 -05:00
* perf: use loop for acceptParams
2024-12-21 22:58:33 +01:00
* refactor: prefix built-in node module imports
2025-03-27 20:13:27 -05:00
* deps: remove `setprototypeof`
* deps: remove `safe-buffer`
* deps: remove `utils-merge`
* deps: remove `methods`
* deps: remove `depd`
* deps: `debug@^4.4.0`
* deps: `body-parser@^2.2.0`
* deps: `router@^2.2.0`
* deps: `content-type@^1.0.5`
* deps: `finalhandler@^2.1.0`
* deps: `qs@^6.14.0`
* deps: `server-static@2.2.0`
* deps: `type-is@2.0.1`
2024-11-15 17:23:42 +01:00
2024-10-08 21:31:10 +02:00
5.0.1 / 2024-10-08
2024-10-08 10:10:56 +00:00
==========
2024-10-08 21:31:10 +02:00
* Update `cookie` semver lock to address [CVE-2024-47764 ](https://nvd.nist.gov/vuln/detail/CVE-2024-47764 )
2024-10-08 10:10:56 +00:00
2024-09-09 23:35:36 -05:00
5.0.0 / 2024-09-10
2024-07-30 17:49:13 -04:00
=========================
2024-09-09 18:03:32 -04:00
* remove:
2024-08-17 17:21:29 +02:00
- `path-is-absolute` dependency - use `path.isAbsolute` instead
2024-07-30 17:49:13 -04:00
* breaking:
* `res.status()` accepts only integers, and input must be greater than 99 and less than 1000
* will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range
* will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs
2024-08-09 09:59:53 -07:00
* deps: send@1 .0.0
2024-09-09 20:28:55 -07:00
* `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'` .
2024-08-02 16:26:45 -04:00
* change:
- `res.clearCookie` will ignore user provided `maxAge` and `expires` options
2024-08-24 05:17:12 +06:00
* deps: cookie-signature@^1.2.1
2024-08-17 17:20:25 +02:00
* deps: debug@4 .3.6
2024-08-23 22:37:27 +02:00
* deps: merge-descriptors@^2.0.0
2024-09-09 23:32:19 -05:00
* deps: serve-static@^2.1.0
2024-08-23 23:10:16 +02:00
* deps: qs@6 .13.0
2024-08-31 10:55:04 -05:00
* deps: accepts@^2.0.0
2024-08-31 11:06:25 -05:00
* deps: mime-types@^3.0.0
- `application/javascript` => `text/javascript`
2024-08-31 12:31:31 -05:00
* deps: type-is@^2.0.0
2024-08-31 13:09:21 -05:00
* deps: content-disposition@^1.0.0
2024-09-02 13:36:21 -05:00
* deps: finalhandler@^2.0.0
2024-09-09 18:03:32 -04:00
* deps: fresh@^2.0.0
2024-09-09 22:32:07 -05:00
* deps: body-parser@^2.0.1
2024-09-09 23:34:03 -05:00
* deps: send@^1.1.0
2024-07-30 17:49:13 -04:00
2024-03-25 09:41:30 -05:00
5.0.0-beta.3 / 2024-03-25
=========================
This incorporates all changes after 4.19.1 up to 4.19.2.
2024-03-20 22:00:19 -05:00
5.0.0-beta.2 / 2024-03-20
=========================
2022-02-17 00:27:11 -05:00
2024-03-25 09:41:30 -05:00
This incorporates all changes after 4.17.2 up to 4.19.1.
2022-02-17 00:27:11 -05:00
2022-02-14 19:13:14 -05:00
5.0.0-beta.1 / 2022-02-14
=========================
2021-12-16 23:01:28 -05:00
2022-02-14 19:13:14 -05:00
This is the first Express 5.0 beta release, based off 4.17.2 and includes
changes from 5.0.0-alpha.8.
2021-12-16 23:01:28 -05:00
2018-04-15 10:29:03 +02:00
* change:
2022-02-08 18:55:09 -05:00
- Default "query parser" setting to `'simple'`
2022-02-08 09:48:54 -05:00
- Requires Node.js 4+
2022-02-06 10:26:18 -05:00
- Use `mime-types` for file to content type mapping
2022-02-01 21:51:28 -05:00
* deps: array-flatten@3 .0.0
2021-12-17 23:02:38 -05:00
* deps: body-parser@2 .0.0-beta.1
- `req.body` is no longer always initialized to `{}`
- `urlencoded` parser now defaults `extended` to `false`
- Use `on-finished` to determine when body read
2021-12-15 21:35:34 -05:00
* deps: router@2 .0.0-beta.1
- Add new `?` , `*` , and `+` parameter modifiers
- Internalize private `router.process_params` method
- Matching group expressions are only RegExp syntax
- Named matching groups no longer available by position in `req.params`
- Regular expressions can only be used in a matching group
- Remove `debug` dependency
- Special `*` path segment behavior removed
- deps: array-flatten@3 .0.0
- deps: parseurl@~1.3.3
- deps: path-to-regexp@3 .2.0
- deps: setprototypeof@1 .2.0
2022-02-08 09:57:29 -05:00
* deps: send@1 .0.0-beta.1
- Change `dotfiles` option default to `'ignore'`
- Remove `hidden` option; use `dotfiles` option instead
- Use `mime-types` for file to content type mapping
- deps: debug@3 .1.0
2022-02-08 09:55:19 -05:00
* deps: serve-static@2 .0.0-beta.1
- Change `dotfiles` option default to `'ignore'`
- Remove `hidden` option; use `dotfiles` option instead
- Use `mime-types` for file to content type mapping
2025-02-12 09:38:10 -06:00
- Remove `express.static.mime` export; use `mime-types` package instead
2022-02-08 09:55:19 -05:00
- deps: send@1 .0.0-beta.1
2021-12-15 21:35:34 -05:00
2020-03-25 20:14:47 -04:00
5.0.0-alpha.8 / 2020-03-25
==========================
2019-06-08 19:43:21 -04:00
2020-06-27 00:42:49 +03:00
This is the eighth Express 5.0 alpha release, based off 4.17.1 and includes
2020-03-25 20:14:47 -04:00
changes from 5.0.0-alpha.7.
2019-06-08 19:43:21 -04:00
2018-10-26 22:29:15 -04:00
5.0.0-alpha.7 / 2018-10-26
==========================
This is the seventh Express 5.0 alpha release, based off 4.16.4 and includes
changes from 5.0.0-alpha.6.
2017-10-13 22:12:14 -04:00
2018-10-26 22:29:15 -04:00
The major change with this alpha is the basic support for returned, rejected
Promises in the router.
2017-10-13 22:27:30 -04:00
2017-10-13 22:12:14 -04:00
* remove:
- `path-to-regexp` dependency
2017-10-13 22:57:58 -04:00
* deps: debug@3 .1.0
- Add `DEBUG_HIDE_DATE` environment variable
- Change timer to per-namespace instead of global
- Change non-TTY date format
- Remove `DEBUG_FD` environment variable support
- Support 256 namespace colors
2018-10-23 21:02:44 -04:00
* deps: router@2 .0.0-alpha.1
- Add basic support for returned, rejected Promises
- Fix JSDoc for `Router` constructor
- deps: debug@3 .1.0
2017-10-13 22:59:21 -04:00
- deps: parseurl@~1.3.2
- deps: setprototypeof@1 .1.0
- deps: utils-merge@1 .0.1
2017-10-13 22:12:14 -04:00
2017-09-25 01:28:00 -04:00
5.0.0-alpha.6 / 2017-09-24
==========================
2017-08-07 17:49:33 -04:00
2017-09-25 01:28:00 -04:00
This is the sixth Express 5.0 alpha release, based off 4.15.5 and includes
changes from 5.0.0-alpha.5.
2017-08-07 17:49:33 -04:00
2016-03-14 12:32:35 +00:00
* remove:
2016-03-14 12:10:13 +00:00
- `res.redirect(url, status)` signature - use `res.redirect(status, url)`
2016-03-14 12:32:35 +00:00
- `res.send(status, body)` signature - use `res.status(status).send(body)`
2017-08-07 17:49:33 -04:00
* deps: router@~1.3.1
- deps: debug@2 .6.8
2017-03-06 08:43:58 -05:00
5.0.0-alpha.5 / 2017-03-06
==========================
2017-03-06 08:40:02 -05:00
2017-03-06 08:43:58 -05:00
This is the fifth Express 5.0 alpha release, based off 4.15.2 and includes
changes from 5.0.0-alpha.4.
2017-03-06 08:40:02 -05:00
2017-03-01 18:51:29 -05:00
5.0.0-alpha.4 / 2017-03-01
==========================
2017-03-01 18:11:44 -05:00
2017-03-01 18:51:29 -05:00
This is the fourth Express 5.0 alpha release, based off 4.15.0 and includes
changes from 5.0.0-alpha.3.
2017-03-01 18:11:44 -05:00
2017-02-20 18:34:45 -06:00
* remove:
- Remove Express 3.x middleware error stubs
2017-03-01 18:11:44 -05:00
* deps: router@~1.3.0
- Add `next("router")` to exit from router
- Fix case where `router.use` skipped requests routes did not
- Skip routing when `req.url` is not set
- Use `%o` in path debug to tell types apart
- deps: debug@2 .6.1
- deps: setprototypeof@1 .0.3
- perf: add fast match path for `*` route
2017-01-28 22:21:29 -05:00
5.0.0-alpha.3 / 2017-01-28
==========================
2016-06-20 00:37:34 -04:00
2017-01-28 22:21:29 -05:00
This is the third Express 5.0 alpha release, based off 4.14.1 and includes
changes from 5.0.0-alpha.2.
2016-06-20 00:37:34 -04:00
2016-03-14 13:11:00 +00:00
* remove:
2016-03-14 11:47:38 +00:00
- `res.json(status, obj)` signature - use `res.status(status).json(obj)`
2016-03-14 12:01:21 +00:00
- `res.jsonp(status, obj)` signature - use `res.status(status).jsonp(obj)`
2016-03-14 13:11:00 +00:00
- `res.vary()` (no arguments) -- provide a field name as an argument
2017-01-28 21:55:32 -05:00
* deps: array-flatten@2 .1.1
2017-01-28 21:56:53 -05:00
* deps: path-is-absolute@1 .0.1
2017-01-28 21:54:42 -05:00
* deps: router@~1.1.5
- deps: array-flatten@2 .0.1
- deps: methods@~1.1.2
- deps: parseurl@~1.3.1
- deps: setprototypeof@1 .0.2
2016-03-14 13:11:00 +00:00
2015-07-07 01:33:55 -04:00
5.0.0-alpha.2 / 2015-07-06
==========================
2015-01-21 03:58:41 -05:00
2015-07-07 01:33:55 -04:00
This is the second Express 5.0 alpha release, based off 4.13.1 and includes
changes from 5.0.0-alpha.1.
2015-01-21 03:58:41 -05:00
2015-07-06 16:45:09 -04:00
* remove:
- `app.param(fn)`
2015-07-06 21:15:16 -04:00
- `req.param()` -- use `req.params` , `req.body` , or `req.query` instead
2015-07-06 16:31:51 -04:00
* change:
2015-07-07 01:02:13 -04:00
- `res.render` callback is always async, even for sync view engines
2015-07-06 16:31:51 -04:00
- The leading `:` character in `name` for `app.param(name, fn)` is no longer removed
2015-07-06 23:46:00 -04:00
- Use `router` module for routing
2015-04-17 12:41:27 -04:00
- Use `path-is-absolute` module for absolute path detection
2015-07-06 16:31:51 -04:00
2014-11-06 21:52:29 -05:00
5.0.0-alpha.1 / 2014-11-06
==========================
2014-07-09 23:03:44 -04:00
2015-01-21 04:01:41 -05:00
This is the first Express 5.0 alpha release, based off 4.10.1.
2014-07-09 23:18:23 -04:00
* remove:
2014-11-06 20:41:42 -05:00
- `app.del` - use `app.delete`
2014-11-06 20:52:14 -05:00
- `req.acceptsCharset` - use `req.acceptsCharsets`
2014-11-06 20:53:17 -05:00
- `req.acceptsEncoding` - use `req.acceptsEncodings`
2014-11-06 20:54:29 -05:00
- `req.acceptsLanguage` - use `req.acceptsLanguages`
2014-07-09 23:20:49 -04:00
- `res.json(obj, status)` signature - use `res.json(status, obj)`
2014-07-09 23:22:03 -04:00
- `res.jsonp(obj, status)` signature - use `res.jsonp(status, obj)`
2014-07-09 23:18:23 -04:00
- `res.send(body, status)` signature - use `res.send(status, body)`
2014-11-06 21:20:46 -05:00
- `res.send(status)` signature - use `res.sendStatus(status)`
2014-11-06 21:03:04 -05:00
- `res.sendfile` - use `res.sendFile` instead
2014-07-13 23:56:37 -04:00
- `express.query` middleware
2014-07-09 23:03:44 -04:00
* change:
- `req.host` now returns host (`hostname:port` ) - use `req.hostname` for only hostname
2014-07-13 23:56:37 -04:00
- `req.query` is now a getter instead of a plain property
2014-07-14 00:27:25 -04:00
* add:
- `app.router` is a reference to the base router
2014-07-09 23:03:44 -04:00
2024-09-10 03:32:10 +02:00
4.20.0 / 2024-09-10
2024-05-04 13:53:09 -07:00
==========
2024-09-10 03:24:32 +02:00
* deps: serve-static@0 .16.0
* Remove link renderization in html while redirecting
2024-09-10 02:46:25 +02:00
* deps: send@0 .19.0
* Remove link renderization in html while redirecting
2024-09-10 01:36:30 +02:00
* deps: body-parser@0 .6.0
* add `depth` option to customize the depth level in the parser
* IMPORTANT: The default `depth` level for parsing URL-encoded data is now `32` (previously was `Infinity` )
* Remove link renderization in html while using `res.redirect`
2024-09-09 14:02:06 -07:00
* deps: path-to-regexp@0 .1.10
2024-08-21 20:15:02 -07:00
- Adds support for named matching groups in the routes using a regex
2024-09-09 14:02:06 -07:00
- Adds backtracking protection to parameters without regexes defined
2024-05-04 13:53:09 -07:00
* deps: encodeurl@~2.0.0
- Removes encoding of `\` , `|` , and `^` to align better with URL spec
2024-06-07 19:48:48 -04:00
* Deprecate passing `options.maxAge` and `options.expires` to `res.clearCookie`
- Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie
2024-05-04 13:53:09 -07:00
2024-03-25 09:26:03 -05:00
4.19.2 / 2024-03-25
2024-03-21 12:13:56 -05:00
==========
* Improved fix for open redirect allow list bypass
2024-03-20 17:17:59 -05:00
4.19.1 / 2024-03-20
2024-03-20 16:39:46 -05:00
==========
* Allow passing non-strings to res.location with new encoding handling checks
2024-03-20 16:39:46 -05:00
4.19.0 / 2024-03-20
2024-01-11 11:36:11 +00:00
==========
2024-03-20 10:09:10 -05:00
* Prevent open redirect allow list bypass due to encodeurl
2024-01-11 11:36:11 +00:00
* deps: cookie@0 .6.0
2024-03-10 20:04:02 +01:00
4.18.3 / 2024-02-29
2023-02-23 00:24:20 -05:00
==========
2023-02-23 17:23:22 -05:00
* Fix routing requests without method
2023-02-23 00:24:20 -05:00
* deps: body-parser@1 .20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2 .5.2
2024-01-11 11:36:11 +00:00
* deps: cookie@0 .6.0
- Add `partitioned` option
2023-02-23 00:24:20 -05:00
2022-10-08 16:11:42 -04:00
4.18.2 / 2022-10-08
===================
2022-05-20 09:37:20 -04:00
* Fix regression routing a large stack in a single route
2022-10-06 10:26:18 -04:00
* deps: body-parser@1 .20.1
- deps: qs@6 .11.0
- perf: remove unnecessary object clone
2022-10-06 10:27:01 -04:00
* deps: qs@6 .11.0
2022-05-20 09:37:20 -04:00
2022-04-29 15:32:26 -04:00
4.18.1 / 2022-04-29
===================
2022-04-29 13:34:47 -04:00
* Fix hanging on large stack of sync routes
2022-04-25 14:53:28 -04:00
4.18.0 / 2022-04-25
===================
2021-05-20 11:23:33 +07:00
2022-03-11 10:02:43 +01:00
* Add "root" option to `res.download`
2022-03-25 18:13:42 -04:00
* Allow `options` without `filename` in `res.download`
2020-03-21 05:04:16 -04:00
* Deprecate string and non-integer arguments to `res.status`
2019-04-18 09:12:33 -04:00
* Fix behavior of `null` /`undefined` as `maxAge` in `res.cookie`
2022-04-13 23:29:25 -04:00
* Fix handling very large stacks of sync middleware
2022-02-02 19:13:54 -06:00
* Ignore `Object.prototype` values in settings through `app.set` /`app.get`
2018-03-13 08:14:06 +02:00
* Invoke `default` with same arguments as types in `res.format`
2021-05-20 11:23:33 +07:00
* Support proper 205 responses using `res.send`
2022-03-27 23:41:31 -04:00
* Use `http-errors` for `res.format` error
2022-04-02 21:51:31 -04:00
* deps: body-parser@1 .20.0
- Fix error message for json parse whitespace in `strict`
- Fix internal error when inflated body exceeds limit
- Prevent loss of async hooks context
- Prevent hanging when request already read
- deps: depd@2 .0.0
- deps: http-errors@2 .0.0
- deps: on-finished@2 .4.1
- deps: qs@6 .10.3
- deps: raw-body@2 .5.1
2022-04-11 22:51:13 -04:00
* deps: cookie@0 .5.0
- Add `priority` option
- Fix `expires` option to reject invalid dates
2020-02-05 17:56:51 +01:00
* deps: depd@2 .0.0
- Replace internal `eval` usage with `Function` constructor
- Use instance methods on `process` to check for listeners
2022-03-25 01:46:32 -04:00
* deps: finalhandler@1 .2.0
- Remove set content headers that break response
- deps: on-finished@2 .4.1
- deps: statuses@2 .0.1
2022-04-03 01:15:37 -04:00
* deps: on-finished@2 .4.1
- Prevent loss of async hooks context
2022-04-02 21:56:41 -04:00
* deps: qs@6 .10.3
2022-03-25 01:43:45 -04:00
* deps: send@0 .18.0
- Fix emitted 416 error missing headers property
- Limit the headers removed for 304 response
- deps: depd@2 .0.0
- deps: destroy@1 .2.0
- deps: http-errors@2 .0.0
- deps: on-finished@2 .4.1
- deps: statuses@2 .0.1
2022-03-25 01:44:51 -04:00
* deps: serve-static@1 .15.0
- deps: send@0 .18.0
2020-07-03 05:38:59 +02:00
* deps: statuses@2 .0.1
- Remove code 306
- Rename `425 Unordered Collection` to standard `425 Too Early`
2021-05-20 11:23:33 +07:00
2022-02-16 21:03:42 -05:00
4.17.3 / 2022-02-16
===================
2022-02-04 16:21:11 -05:00
* deps: accepts@~1.3.8
- deps: mime-types@~2.1.34
- deps: negotiator@0 .6.3
2022-02-15 23:43:41 -05:00
* deps: body-parser@1 .19.2
- deps: bytes@3 .1.2
- deps: qs@6 .9.7
- deps: raw-body@2 .4.3
2022-02-04 16:35:50 -05:00
* deps: cookie@0 .4.2
2022-02-16 00:03:16 -05:00
* deps: qs@6 .9.7
* Fix handling of `__proto__` keys
2022-02-04 16:34:56 -05:00
* pref: remove unnecessary regexp for trust proxy
2022-02-04 16:21:11 -05:00
2021-12-16 22:40:49 -05:00
4.17.2 / 2021-12-16
===================
2020-07-03 07:56:39 +02:00
2021-11-16 23:58:17 -05:00
* Fix handling of `undefined` in `res.jsonp`
2021-11-03 10:58:25 +00:00
* Fix handling of `undefined` when `"json escape"` is enabled
2020-03-05 12:00:08 +01:00
* Fix incorrect middleware execution with unanchored `RegExp` s
2020-01-08 10:56:45 +09:00
* Fix `res.jsonp(obj, status)` deprecation message
2020-02-20 07:34:41 +01:00
* Fix typo in `res.is` JSDoc
2021-12-11 03:45:46 -05:00
* deps: body-parser@1 .19.1
- deps: bytes@3 .1.1
- deps: http-errors@1 .8.1
- deps: qs@6 .9.6
- deps: raw-body@2 .4.2
- deps: safe-buffer@5 .2.1
- deps: type-is@~1.6.18
2021-12-10 17:58:03 -05:00
* deps: content-disposition@0 .5.4
- deps: safe-buffer@5 .2.1
2020-07-03 05:56:52 +02:00
* deps: cookie@0 .4.1
- Fix `maxAge` option to reject invalid values
2021-11-17 16:16:04 -05:00
* deps: proxy-addr@~2.0.7
- Use `req.socket` over deprecated `req.connection`
- deps: forwarded@0 .2.0
2020-07-03 07:56:39 +02:00
- deps: ipaddr.js@1 .9.1
2021-12-15 20:48:00 -05:00
* deps: qs@6 .9.6
2021-12-10 17:56:56 -05:00
* deps: safe-buffer@5 .2.1
2021-12-11 20:19:38 -05:00
* deps: send@0 .17.2
- deps: http-errors@1 .8.1
- deps: ms@2 .1.3
- pref: ignore empty http tokens
2021-12-16 12:54:18 -05:00
* deps: serve-static@1 .14.2
- deps: send@0 .17.2
2019-07-17 22:09:17 -07:00
* deps: setprototypeof@1 .2.0
2020-07-03 07:56:39 +02:00
2019-05-26 00:24:55 -04:00
4.17.1 / 2019-05-25
===================
2019-05-25 18:15:13 -04:00
* Revert "Improve error message for `null` /`undefined` to `res.status` "
2019-05-16 21:25:42 -04:00
4.17.0 / 2019-05-16
===================
2018-03-04 04:56:32 +04:00
2018-08-08 07:42:00 +03:00
* Add `express.raw` to parse bodies into `Buffer`
2017-10-23 18:00:19 +03:00
* Add `express.text` to parse bodies into string
2018-03-04 04:56:32 +04:00
* Improve error message for non-strings to `res.sendFile`
2015-11-12 13:33:06 -05:00
* Improve error message for `null` /`undefined` to `res.status`
2017-12-03 19:52:46 +01:00
* Support multiple hosts in `X-Forwarded-Host`
2019-04-30 22:24:35 -04:00
* deps: accepts@~1.3.7
2019-04-30 23:31:32 -04:00
* deps: body-parser@1 .19.0
- Add encoding MIK
- Add petabyte (`pb` ) support
- Fix parsing array brackets after index
- deps: bytes@3 .1.0
- deps: http-errors@1 .7.2
- deps: iconv-lite@0 .4.24
- deps: qs@6 .7.0
- deps: raw-body@2 .4.0
- deps: type-is@~1.6.17
2019-04-17 16:00:02 -04:00
* deps: content-disposition@0 .5.3
2019-05-16 09:55:26 -04:00
* deps: cookie@0 .4.0
- Add `SameSite=None` support
2019-05-09 22:09:56 -04:00
* deps: finalhandler@~1.1.2
- Set stricter `Content-Security-Policy` header
- deps: parseurl@~1.3.3
- deps: statuses@~1.5.0
2019-04-17 16:06:35 -04:00
* deps: parseurl@~1.3.3
2019-04-17 16:05:17 -04:00
* deps: proxy-addr@~2.0.5
- deps: ipaddr.js@1 .9.0
2019-04-30 23:06:50 -04:00
* deps: qs@6 .7.0
- Fix parsing array brackets after index
2019-05-12 22:01:06 -04:00
* deps: range-parser@~1.2.1
2019-05-10 23:49:13 -04:00
* deps: send@0 .17.1
- Set stricter CSP header in redirect & error responses
2019-05-07 23:05:37 -04:00
- deps: http-errors@~1.7.2
- deps: mime@1 .6.0
- deps: ms@2 .1.1
2019-05-10 23:49:13 -04:00
- deps: range-parser@~1.2.1
2019-05-07 23:05:37 -04:00
- deps: statuses@~1.5.0
- perf: remove redundant `path.normalize` call
2019-05-11 19:29:33 -04:00
* deps: serve-static@1 .14.1
- Set stricter CSP header in redirect response
2019-05-07 23:42:36 -04:00
- deps: parseurl@~1.3.3
2019-05-11 19:29:33 -04:00
- deps: send@0 .17.1
2019-04-22 13:40:23 -04:00
* deps: setprototypeof@1 .1.1
2019-04-30 22:17:03 -04:00
* deps: statuses@~1.5.0
- Add `103 Early Hints`
2019-04-30 22:48:56 -04:00
* deps: type-is@~1.6.18
- deps: mime-types@~2.1.24
- perf: prevent internal `throw` on invalid type
2018-03-04 04:56:32 +04:00
2018-10-10 23:50:45 -04:00
4.16.4 / 2018-10-10
===================
2018-05-26 21:58:15 +02:00
2018-09-19 23:25:16 -04:00
* Fix issue where `"Request aborted"` may be logged in `res.sendfile`
2018-05-26 21:58:15 +02:00
* Fix JSDoc for `Router` constructor
2018-05-15 23:45:17 +02:00
* deps: body-parser@1 .18.3
- Fix deprecation warnings on Node.js 10+
- Fix stack trace for strict json parse error
- deps: depd@~1.1.2
- deps: http-errors@~1.6.3
- deps: iconv-lite@0 .4.23
- deps: qs@6 .5.2
- deps: raw-body@2 .3.3
- deps: type-is@~1.6.16
2018-09-19 12:40:40 -04:00
* deps: proxy-addr@~2.0.4
- deps: ipaddr.js@1 .8.0
2018-09-18 21:56:31 -04:00
* deps: qs@6 .5.2
2018-09-19 14:47:48 -04:00
* deps: safe-buffer@5 .1.2
2018-05-26 21:58:15 +02:00
2018-03-12 13:38:44 -04:00
4.16.3 / 2018-03-12
===================
2018-01-16 23:46:11 -05:00
2018-02-28 23:44:00 -05:00
* deps: accepts@~1.3.5
- deps: mime-types@~2.1.18
2018-01-16 23:46:11 -05:00
* deps: depd@~1.1.2
- perf: remove argument reassignment
2018-01-16 23:50:41 -05:00
* deps: encodeurl@~1.0.2
- Fix encoding `%` as last character
2018-03-12 11:20:19 -04:00
* deps: finalhandler@1 .1.1
- Fix 404 output for bad / missing pathnames
- deps: encodeurl@~1.0.2
- deps: statuses@~1.4.0
2018-02-26 23:18:07 -05:00
* deps: proxy-addr@~2.0.3
- deps: ipaddr.js@1 .6.0
2018-02-09 13:09:25 -05:00
* deps: send@0 .16.2
- Fix incorrect end tag in default error & redirects
- deps: depd@~1.1.2
- deps: encodeurl@~1.0.2
- deps: statuses@~1.4.0
2018-02-09 13:20:09 -05:00
* deps: serve-static@1 .13.2
- Fix incorrect end tag in redirects
- deps: encodeurl@~1.0.2
- deps: send@0 .16.2
2018-01-17 00:00:22 -05:00
* deps: statuses@~1.4.0
2018-02-28 19:55:34 -05:00
* deps: type-is@~1.6.16
- deps: mime-types@~2.1.18
2018-01-16 23:46:11 -05:00
2017-10-09 22:55:18 -04:00
4.16.2 / 2017-10-09
===================
2017-10-09 14:41:06 -05:00
* Fix `TypeError` in `res.send` when given `Buffer` and `ETag` header set
2017-10-09 22:43:23 -04:00
* perf: skip parsing of entire `X-Forwarded-Proto` header
2017-10-09 14:41:06 -05:00
2017-09-29 16:23:23 -04:00
4.16.1 / 2017-09-29
===================
2017-09-29 15:56:55 -04:00
* deps: send@0 .16.1
2017-09-29 16:12:06 -04:00
* deps: serve-static@1 .13.1
- Fix regression when `root` is incorrectly set to a file
- deps: send@0 .16.1
2017-09-29 15:56:55 -04:00
2017-09-28 13:57:23 -04:00
4.16.0 / 2017-09-28
===================
2017-09-25 21:11:33 -04:00
2017-04-05 17:42:09 -04:00
* Add `"json escape"` setting for `res.json` and `res.jsonp`
2017-09-28 13:22:36 -04:00
* Add `express.json` and `express.urlencoded` to parse bodies
2017-10-04 23:09:22 -04:00
* Add `options` argument to `res.download`
2017-09-25 21:11:33 -04:00
* Improve error message when autoloading invalid view engine
2017-09-26 16:00:53 +02:00
* Improve error messages when non-function provided as middleware
2017-09-25 21:12:47 -04:00
* Skip `Buffer` encoding when not generating ETag for small response
2017-09-28 08:26:39 -04:00
* Use `safe-buffer` for improved Buffer API
2017-09-27 21:28:25 -04:00
* deps: accepts@~1.3.4
- deps: mime-types@~2.1.16
2017-09-27 21:30:08 -04:00
* deps: content-type@~1.0.4
- perf: remove argument reassignment
- perf: skip parameter parsing when no parameters
2017-09-27 21:30:43 -04:00
* deps: etag@~1.8.1
- perf: replace regular expression with substring
2017-09-28 00:42:05 -04:00
* deps: finalhandler@1 .1.0
- Use `res.headersSent` when available
2017-09-28 00:04:47 -04:00
* deps: parseurl@~1.3.2
- perf: reduce overhead for full URLs
- perf: unroll the "fast-path" `RegExp`
2017-09-28 01:18:04 -04:00
* deps: proxy-addr@~2.0.2
- Fix trimming leading / trailing OWS in `X-Forwarded-For`
- deps: forwarded@~0.1.2
- deps: ipaddr.js@1 .5.2
- perf: reduce overhead when no `X-Forwarded-For` header
2017-09-27 21:31:39 -04:00
* deps: qs@6 .5.1
- Fix parsing & compacting very deep objects
2017-09-28 11:25:52 +02:00
* deps: send@0 .16.0
- Add 70 new types for file extensions
- Add `immutable` option
- Fix missing `</html>` in default error & redirects
- Set charset as "UTF-8" for .js and .json
- Use instance methods on steam to check for listeners
- deps: mime@1 .4.1
- perf: improve path validation speed
2017-09-28 13:08:38 -04:00
* deps: serve-static@1 .13.0
- Add 70 new types for file extensions
- Add `immutable` option
- Set charset as "UTF-8" for .js and .json
- deps: send@0 .16.0
2017-09-25 21:14:00 -04:00
* deps: setprototypeof@1 .1.0
2017-09-28 00:19:30 -04:00
* deps: utils-merge@1 .0.1
2017-09-28 12:25:27 +08:00
* deps: vary@~1.1.2
- perf: improve header token parsing speed
2017-05-18 11:04:27 -07:00
* perf: re-use options object when generating ETags
2017-09-28 10:30:10 -04:00
* perf: remove dead `.charset` set in `res.jsonp`
2017-09-25 21:11:33 -04:00
2017-09-25 01:04:38 -04:00
4.15.5 / 2017-09-24
===================
2017-09-21 20:45:32 -04:00
2017-09-22 20:25:18 -04:00
* deps: debug@2 .6.9
2017-09-22 20:26:30 -04:00
* deps: finalhandler@~1.0.6
- deps: debug@2 .6.9
- deps: parseurl@~1.3.2
2017-09-21 20:45:32 -04:00
* deps: fresh@0 .5.2
- Fix handling of modified headers with invalid dates
- perf: improve ETag match loop
- perf: improve `If-None-Match` token parsing
2017-09-22 20:27:37 -04:00
* deps: send@0 .15.6
2017-09-21 20:46:42 -04:00
- Fix handling of modified headers with invalid dates
2017-09-22 20:27:37 -04:00
- deps: debug@2 .6.9
2017-09-21 20:46:42 -04:00
- deps: etag@~1.8.1
- deps: fresh@0 .5.2
2017-09-22 20:27:37 -04:00
- perf: improve `If-Match` token parsing
2017-09-22 20:28:52 -04:00
* deps: serve-static@1 .12.6
2017-09-21 20:48:23 -04:00
- deps: parseurl@~1.3.2
2017-09-22 20:28:52 -04:00
- deps: send@0 .15.6
- perf: improve slash collapsing
2017-09-21 20:45:32 -04:00
2017-08-06 22:03:53 -04:00
4.15.4 / 2017-08-06
===================
2017-06-30 23:47:12 -04:00
2017-06-30 23:51:18 -04:00
* deps: debug@2 .6.8
2017-08-02 23:30:47 -04:00
* deps: depd@~1.1.1
- Remove unnecessary `Buffer` loading
2017-08-04 00:25:59 -04:00
* deps: finalhandler@~1.0.4
- deps: debug@2 .6.8
2017-07-26 13:09:46 -04:00
* deps: proxy-addr@~1.1.5
- Fix array argument being altered
- deps: ipaddr.js@1 .4.0
2017-06-30 23:47:12 -04:00
* deps: qs@6 .5.0
2017-08-06 02:37:10 -04:00
* deps: send@0 .15.4
- deps: debug@2 .6.8
- deps: depd@~1.1.1
- deps: http-errors@~1.6.2
2017-08-06 02:38:02 -04:00
* deps: serve-static@1 .12.4
- deps: send@0 .15.4
2017-06-30 23:47:12 -04:00
2017-05-17 02:14:11 -04:00
4.15.3 / 2017-05-16
===================
2017-03-14 23:53:19 -04:00
2017-05-10 16:23:55 -04:00
* Fix error when `res.set` cannot add charset to `Content-Type`
2017-05-17 02:08:50 -04:00
* deps: debug@2 .6.7
- Fix `DEBUG_MAX_ARRAY_LENGTH`
- deps: ms@2 .0.0
2017-05-17 01:56:36 -04:00
* deps: finalhandler@~1.0.3
2017-03-22 02:12:06 -04:00
- Fix missing `</html>` in HTML document
2017-05-17 01:56:36 -04:00
- deps: debug@2 .6.7
2017-03-28 22:56:32 -04:00
* deps: proxy-addr@~1.1.4
- deps: ipaddr.js@1 .3.0
2017-05-17 01:46:34 -04:00
* deps: send@0 .15.3
- deps: debug@2 .6.7
- deps: ms@2 .0.0
2017-05-17 01:47:17 -04:00
* deps: serve-static@1 .12.3
- deps: send@0 .15.3
2017-04-26 23:49:41 -04:00
* deps: type-is@~1.6.15
- deps: mime-types@~2.1.15
2017-03-22 02:10:43 -04:00
* deps: vary@~1.1.1
- perf: hoist regular expression
2017-03-14 23:53:19 -04:00
2017-03-06 08:34:38 -05:00
4.15.2 / 2017-03-06
===================
2017-03-06 08:32:13 -05:00
* deps: qs@6 .4.0
- Fix regression parsing keys starting with `[`
2017-03-05 23:19:32 -05:00
4.15.1 / 2017-03-05
===================
2017-03-05 00:06:59 -05:00
* deps: send@0 .15.1
- Fix issue when `Date.parse` does not return `NaN` on invalid date
- Fix strict violation in broken environments
2017-03-05 00:08:16 -05:00
* deps: serve-static@1 .12.1
- Fix issue when `Date.parse` does not return `NaN` on invalid date
- deps: send@0 .15.1
2017-03-05 00:06:59 -05:00
2017-03-01 17:22:18 -05:00
4.15.0 / 2017-03-01
===================
2016-12-25 19:28:15 +01:00
* Add debug message when loading view engine
2015-11-12 16:17:47 -08:00
* Add `next("router")` to exit from router
2017-02-26 13:59:47 -05:00
* Fix case where `router.use` skipped requests routes did not
2017-02-20 21:39:22 -05:00
* Remove usage of `res._headers` private field
- Improves compatibility with Node.js 8 nightly
2017-02-22 23:42:57 -05:00
* Skip routing when `req.url` is not set
2017-02-26 13:45:35 -05:00
* Use `%o` in path debug to tell types apart
2017-02-23 01:52:49 -05:00
* Use `Object.create` to setup request & response prototypes
2017-02-23 01:56:58 -05:00
* Use `setprototypeof` module to replace `__proto__` setting
2017-02-20 15:32:33 -06:00
* Use `statuses` instead of `http` module for status messages
2017-02-16 01:22:17 -05:00
* deps: debug@2 .6.1
- Allow colors in workers
- Deprecated `DEBUG_FD` environment variable set to `3` or higher
- Fix error when running under React Native
- Use same color for same namespace
- deps: ms@0 .7.2
2017-02-18 22:49:04 -05:00
* deps: etag@~1.8.0
- Use SHA1 instead of MD5 for ETag hashing
- Works with FIPS 140-2 OpenSSL configuration
2017-02-18 22:14:58 -05:00
* deps: finalhandler@~1.0.0
- Fix exception when `err` cannot be converted to a string
- Fully URL-encode the pathname in the 404
- Only include the pathname in the 404 message
- Send complete HTML document
- Set `Content-Security-Policy: default-src 'self'` header
- deps: debug@2 .6.1
2017-02-22 02:11:06 -05:00
* deps: fresh@0 .5.0
- Fix false detection of `no-cache` request directive
- Fix incorrect result when `If-None-Match` has both `*` and ETags
- Fix weak `ETag` matching to match spec
- perf: delay reading header values until needed
- perf: enable strict mode
- perf: hoist regular expressions
- perf: remove duplicate conditional
- perf: remove unnecessary boolean coercions
- perf: skip checking modified time if ETag check failed
- perf: skip parsing `If-None-Match` when no `ETag` header
- perf: use `Date.parse` instead of `new Date`
2017-02-16 01:23:51 -05:00
* deps: qs@6 .3.1
- Fix array parsing from skipping empty values
- Fix compacting nested arrays
2017-02-25 17:53:34 -05:00
* deps: send@0 .15.0
- Fix false detection of `no-cache` request directive
- Fix incorrect result when `If-None-Match` has both `*` and ETags
- Fix weak `ETag` matching to match spec
- Remove usage of `res._headers` private field
- Support `If-Match` and `If-Unmodified-Since` headers
- Use `res.getHeaderNames()` when available
- Use `res.headersSent` when available
- deps: debug@2 .6.1
- deps: etag@~1.8.0
- deps: fresh@0 .5.0
- deps: http-errors@~1.6.1
2017-02-25 19:31:39 -05:00
* deps: serve-static@1 .12.0
- Fix false detection of `no-cache` request directive
- Fix incorrect result when `If-None-Match` has both `*` and ETags
- Fix weak `ETag` matching to match spec
- Remove usage of `res._headers` private field
- Send complete HTML document in redirect response
- Set default CSP header in redirect response
- Support `If-Match` and `If-Unmodified-Since` headers
- Use `res.getHeaderNames()` when available
- Use `res.headersSent` when available
- deps: send@0 .15.0
2017-02-26 13:32:21 -05:00
* perf: add fast match path for `*` route
2015-08-04 00:28:54 +02:00
* perf: improve `req.ips` performance
2016-12-25 19:28:15 +01:00
2017-01-28 17:21:24 -05:00
4.14.1 / 2017-01-28
===================
2017-01-21 00:39:46 -05:00
* deps: content-disposition@0 .5.2
2017-01-21 01:05:17 -05:00
* deps: finalhandler@0 .5.1
- Fix exception when `err.headers` is not an object
- deps: statuses@~1.3.1
- perf: hoist regular expressions
- perf: remove duplicate validation path
2017-01-21 01:00:52 -05:00
* deps: proxy-addr@~1.1.3
- deps: ipaddr.js@1 .2.0
2017-01-23 10:43:11 -05:00
* deps: send@0 .14.2
- deps: http-errors@~1.5.1
- deps: ms@0 .7.2
- deps: statuses@~1.3.1
2017-01-24 07:40:20 -08:00
* deps: serve-static@~1.11.2
- deps: send@0 .14.2
2017-01-26 22:54:05 -05:00
* deps: type-is@~1.6.14
- deps: mime-types@~2.1.13
2017-01-21 00:39:46 -05:00
2016-06-16 11:03:44 -04:00
4.14.0 / 2016-06-16
===================
2016-05-23 23:15:52 -04:00
2016-06-12 22:33:44 -04:00
* Add `acceptRanges` option to `res.sendFile` /`res.sendfile`
* Add `cacheControl` option to `res.sendFile` /`res.sendfile`
2016-06-01 19:13:36 -04:00
* Add `options` argument to `req.range`
- Includes the `combine` option
2016-06-13 23:23:29 -04:00
* Encode URL in `res.location` /`res.redirect` if not already encoded
2016-06-12 22:33:44 -04:00
* Fix some redirect handling in `res.sendFile` /`res.sendfile`
2016-06-01 12:56:27 +08:00
* Fix Windows absolute path check using forward slashes
2016-06-03 00:07:34 -04:00
* Improve error with invalid arguments to `req.get()`
2016-02-22 06:22:35 +08:00
* Improve performance for `res.json` /`res.jsonp` in most cases
2016-06-12 22:33:44 -04:00
* Improve `Range` header handling in `res.sendFile` /`res.sendfile`
2016-05-23 23:15:52 -04:00
* deps: accepts@~1.3.3
- Fix including type extensions in parameters in `Accept` parsing
- Fix parsing `Accept` parameters with quoted equals
- Fix parsing `Accept` parameters with quoted semicolons
2018-11-26 20:00:47 -07:00
- Many performance improvements
2016-05-23 23:15:52 -04:00
- deps: mime-types@~2.1.11
- deps: negotiator@0 .6.1
2016-05-23 23:18:41 -04:00
* deps: content-type@~1.0.2
- perf: enable strict mode
2016-05-31 00:08:16 -04:00
* deps: cookie@0 .3.1
- Add `sameSite` option
- Fix cookie `Max-Age` to never be a floating point number
- Improve error message when `encode` is not a function
- Improve error message when `expires` is not a `Date`
- Throw better error for invalid argument to parse
- Throw on invalid values provided to `serialize`
- perf: enable strict mode
- perf: hoist regular expression
- perf: use for loop in parse
2018-11-26 20:00:47 -07:00
- perf: use string concatenation for serialization
2016-06-15 18:12:19 -04:00
* deps: finalhandler@0 .5.0
- Change invalid or non-numeric status code to 500
- Overwrite status message to match set status code
- Prefer `err.statusCode` if `err.status` is invalid
- Set response headers from `err.headers` object
- Use `statuses` instead of `http` module for status messages
2016-05-31 00:12:54 -04:00
* deps: proxy-addr@~1.1.2
- Fix accepting various invalid netmasks
- Fix IPv6-mapped IPv4 validation edge cases
2018-11-26 20:00:47 -07:00
- IPv4 netmasks must be contiguous
2016-05-31 00:12:54 -04:00
- IPv6 addresses cannot be used as a netmask
- deps: ipaddr.js@1 .1.1
2016-05-31 14:28:20 -04:00
* deps: qs@6 .2.0
- Add `decoder` option in `parse` function
2016-06-01 18:54:11 -04:00
* deps: range-parser@~1.2.0
- Add `combine` option to combine overlapping ranges
- Fix incorrectly returning -1 when there is at least one valid range
- perf: remove internal function
2016-06-12 22:33:44 -04:00
* deps: send@0 .14.1
- Add `acceptRanges` option
- Add `cacheControl` option
- Attempt to combine multiple ranges into single range
- Correctly inherit from `Stream` class
- Fix `Content-Range` header in 416 responses when using `start` /`end` options
- Fix `Content-Range` header missing from default 416 responses
- Fix redirect error when `path` contains raw non-URL characters
- Fix redirect when `path` starts with multiple forward slashes
- Ignore non-byte `Range` headers
- deps: http-errors@~1.5.0
- deps: range-parser@~1.2.0
- deps: statuses@~1.3.0
- perf: remove argument reassignment
2016-06-12 22:38:20 -04:00
* deps: serve-static@~1.11.1
- Add `acceptRanges` option
- Add `cacheControl` option
- Attempt to combine multiple ranges into single range
- Fix redirect error when `req.url` contains raw non-URL characters
- Ignore non-byte `Range` headers
- Use status code 301 for redirects
- deps: send@0 .14.1
2016-05-31 14:25:41 -04:00
* deps: type-is@~1.6.13
- Fix type error when given invalid type to match against
- deps: mime-types@~2.1.11
2016-05-29 14:25:27 -04:00
* deps: vary@~1.1.0
- Only accept valid field names in the `field` argument
2015-08-03 23:21:38 +02:00
* perf: use strict equality when possible
2016-05-23 23:15:52 -04:00
2016-01-21 21:10:45 -05:00
4.13.4 / 2016-01-21
===================
2015-11-13 10:04:40 +03:00
2016-01-17 18:00:59 -05:00
* deps: content-disposition@0 .5.1
- perf: enable strict mode
2015-11-13 10:04:40 +03:00
* deps: cookie@0 .1.5
- Throw on invalid values provided to `serialize`
2016-01-16 23:57:07 -05:00
* deps: depd@~1.1.0
- Support web browser loading
- perf: enable strict mode
2015-12-17 20:51:32 -05:00
* deps: escape-html@~1.0.3
- perf: enable strict mode
- perf: optimize string replacement
- perf: use faster string coercion
2015-12-17 20:56:04 -05:00
* deps: finalhandler@0 .4.1
- deps: escape-html@~1.0.3
2016-01-17 18:51:24 -05:00
* deps: merge-descriptors@1 .0.1
- perf: enable strict mode
2016-01-17 22:17:13 -05:00
* deps: methods@~1.1.2
- perf: enable strict mode
2016-01-20 00:58:09 -05:00
* deps: parseurl@~1.3.1
- perf: enable strict mode
2015-12-17 20:58:41 -05:00
* deps: proxy-addr@~1.0.10
- deps: ipaddr.js@1 .0.5
- perf: enable strict mode
2015-12-17 20:59:12 -05:00
* deps: range-parser@~1.0.3
- perf: enable strict mode
2016-01-16 23:56:09 -05:00
* deps: send@0 .13.1
- deps: depd@~1.1.0
- deps: destroy@~1.0.4
- deps: escape-html@~1.0.3
- deps: range-parser@~1.0.3
2016-01-20 00:56:56 -05:00
* deps: serve-static@~1.10.2
2016-01-16 23:54:41 -05:00
- deps: escape-html@~1.0.3
2016-01-20 00:56:56 -05:00
- deps: parseurl@~1.3.0
2016-01-16 23:54:41 -05:00
- deps: send@0 .13.1
2015-11-13 10:04:40 +03:00
2015-08-03 01:02:22 -04:00
4.13.3 / 2015-08-02
===================
2015-08-03 00:50:48 -04:00
* Fix infinite loop condition using `mergeParams: true`
2015-08-03 01:01:16 -04:00
* Fix inner numeric indices incorrectly altering parent `req.params`
2015-08-03 00:50:48 -04:00
2015-07-31 17:09:15 -04:00
4.13.2 / 2015-07-31
===================
2015-07-28 23:24:00 -04:00
2015-07-31 17:01:35 -04:00
* deps: accepts@~1.2.12
- deps: mime-types@~2.1.4
2015-07-28 23:24:00 -04:00
* deps: array-flatten@1 .1.1
- perf: enable strict mode
2015-07-28 13:15:34 +10:00
* deps: path-to-regexp@0 .1.7
- Fix regression with escaped round brackets and matching groups
2015-07-31 17:02:10 -04:00
* deps: type-is@~1.6.6
- deps: mime-types@~2.1.4
2015-07-28 23:24:00 -04:00
2015-07-06 01:38:44 -04:00
4.13.1 / 2015-07-05
===================
2015-07-06 00:59:27 -04:00
2015-07-06 01:00:12 -04:00
* deps: accepts@~1.2.10
- deps: mime-types@~2.1.2
2015-07-06 01:20:09 -04:00
* deps: qs@4 .0.0
- Fix dropping parameters like `hasOwnProperty`
- Fix various parsing edge cases
2015-07-06 00:59:27 -04:00
* deps: type-is@~1.6.4
- deps: mime-types@~2.1.2
- perf: enable strict mode
- perf: remove argument reassignment
2015-06-21 01:46:44 -04:00
4.13.0 / 2015-06-20
===================
2015-06-18 22:10:21 -04:00
2015-06-20 16:21:12 -04:00
* Add settings to debug output
2015-05-29 17:13:15 -04:00
* Fix `res.format` error when only `default` provided
2015-05-19 22:37:06 +03:00
* Fix issue where `next('route')` in `app.param` would incorrectly skip values
2015-06-20 15:20:35 -04:00
* Fix hiding platform issues with `decodeURIComponent`
- Only `URIError` s are a 400
2015-06-19 22:13:57 +10:00
* Fix using `*` before params in routes
* Fix using capture groups before params in routes
2015-06-20 14:38:30 -04:00
* Simplify `res.cookie` to call `res.append`
2015-04-22 17:36:55 +10:00
* Use `array-flatten` module for flattening arrays
2015-06-18 22:43:51 -04:00
* deps: accepts@~1.2.9
- deps: mime-types@~2.1.1
- perf: avoid argument reassignment & argument slice
- perf: avoid negotiator recursive construction
- perf: enable strict mode
- perf: remove unnecessary bitwise operator
2015-06-18 22:10:21 -04:00
* deps: cookie@0 .1.3
- perf: deduce the scope of try-catch deopt
- perf: remove argument reassignments
* deps: escape-html@1 .0.2
* deps: etag@~1.7.0
- Always include entity length in ETags for hash length extensions
- Generate non-Stats ETags using MD5 only (no longer CRC32)
- Improve stat performance by removing hashing
- Improve support for JXcore
- Remove base64 padding in ETags to shorten
- Support "fake" stats objects in environments without fs
- Use MD5 instead of MD4 in weak ETags over 1KB
2015-06-18 22:39:57 -04:00
* deps: finalhandler@0 .4.0
- Fix a false-positive when unpiping in Node.js 0.8
- Support `statusCode` property on `Error` objects
- Use `unpipe` module for unpiping requests
- deps: escape-html@1 .0.2
- deps: on-finished@~2.3.0
- perf: enable strict mode
- perf: remove argument reassignment
2015-06-18 22:10:21 -04:00
* deps: fresh@0 .3.0
- Add weak `ETag` matching support
2015-06-18 22:41:28 -04:00
* deps: on-finished@~2.3.0
- Add defined behavior for HTTP `CONNECT` requests
- Add defined behavior for HTTP `Upgrade` requests
- deps: ee-first@1 .1.1
2015-06-19 22:13:57 +10:00
* deps: path-to-regexp@0 .1.6
2015-06-18 22:10:21 -04:00
* deps: send@0 .13.0
- Allow Node.js HTTP server to set `Date` response header
- Fix incorrectly removing `Content-Location` on 304 response
- Improve the default redirect response headers
- Send appropriate headers on default error response
- Use `http-errors` for standard emitted errors
- Use `statuses` instead of `http` module for status messages
- deps: escape-html@1 .0.2
- deps: etag@~1.7.0
- deps: fresh@0 .3.0
- deps: on-finished@~2.3.0
- perf: enable strict mode
- perf: remove unnecessary array allocations
2015-06-18 22:26:48 -04:00
* deps: serve-static@~1.10.0
- Add `fallthrough` option
- Fix reading options from options prototype
- Improve the default redirect response headers
- Malformed URLs now `next()` instead of 400
- deps: escape-html@1 .0.2
- deps: send@0 .13.0
- perf: enable strict mode
- perf: remove argument reassignment
2015-06-18 22:42:19 -04:00
* deps: type-is@~1.6.3
- deps: mime-types@~2.1.1
- perf: reduce try block size
- perf: remove bitwise operations
2015-06-18 23:01:18 -04:00
* perf: enable strict mode
2015-06-20 13:36:40 -04:00
* perf: isolate `app.render` try block
2015-06-20 13:31:03 -04:00
* perf: remove argument reassignments in application
2015-06-20 13:48:58 -04:00
* perf: remove argument reassignments in request prototype
2015-06-20 14:36:48 -04:00
* perf: remove argument reassignments in response prototype
2015-06-20 16:13:59 -04:00
* perf: remove argument reassignments in routing
2015-06-20 13:06:08 -04:00
* perf: remove argument reassignments in `View`
2015-06-20 15:23:35 -04:00
* perf: skip attempting to decode zero length string
2015-03-23 07:31:21 -04:00
* perf: use saved reference to `http.STATUS_CODES`
2015-06-18 22:10:21 -04:00
2015-05-18 00:38:34 -04:00
4.12.4 / 2015-05-17
===================
2015-05-18 00:12:01 -04:00
2015-05-18 00:19:43 -04:00
* deps: accepts@~1.2.7
- deps: mime-types@~2.0.11
- deps: negotiator@0 .5.3
2015-05-18 00:12:01 -04:00
* deps: debug@~2.2.0
- deps: ms@0 .7.1
* deps: depd@~1.0.1
2015-05-18 00:24:03 -04:00
* deps: etag@~1.6.0
- Improve support for JXcore
- Support "fake" stats objects in environments without `fs`
2015-05-18 00:15:11 -04:00
* deps: finalhandler@0 .3.6
- deps: debug@~2.2.0
- deps: on-finished@~2.2.1
2015-05-18 00:18:19 -04:00
* deps: on-finished@~2.2.1
- Fix `isFinished(req)` when data buffered
2015-05-18 00:12:01 -04:00
* deps: proxy-addr@~1.0.8
- deps: ipaddr.js@1 .0.1
2015-05-18 00:17:10 -04:00
* deps: qs@2 .4.2
- Fix allowing parameters like `constructor`
2015-05-18 00:12:01 -04:00
* deps: send@0 .12.3
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: etag@~1.6.0
- deps: ms@0 .7.1
- deps: on-finished@~2.2.1
2015-05-18 00:13:48 -04:00
* deps: serve-static@~1.9.3
- deps: send@0 .12.3
2015-05-18 00:16:14 -04:00
* deps: type-is@~1.6.2
- deps: mime-types@~2.0.11
2015-05-18 00:12:01 -04:00
2015-03-17 10:59:48 -04:00
4.12.3 / 2015-03-17
===================
2015-03-17 01:52:23 -04:00
2015-03-17 02:00:03 -04:00
* deps: accepts@~1.2.5
- deps: mime-types@~2.0.10
2015-03-17 01:52:23 -04:00
* deps: debug@~2.1.3
- Fix high intensity foreground color for bold
- deps: ms@0 .7.0
2015-03-17 01:58:25 -04:00
* deps: finalhandler@0 .3.4
- deps: debug@~2.1.3
2015-03-17 01:52:23 -04:00
* deps: proxy-addr@~1.0.7
- deps: ipaddr.js@0 .1.9
2015-03-17 02:00:56 -04:00
* deps: qs@2 .4.1
- Fix error when parameter `hasOwnProperty` is present
2015-03-17 01:52:23 -04:00
* deps: send@0 .12.2
- Throw errors early for invalid `extensions` or `index` options
- deps: debug@~2.1.3
2015-03-17 01:57:36 -04:00
* deps: serve-static@~1.9.2
- deps: send@0 .12.2
2015-03-17 01:59:10 -04:00
* deps: type-is@~1.6.1
- deps: mime-types@~2.0.10
2015-03-17 01:52:23 -04:00
2015-03-03 00:06:24 -05:00
4.12.2 / 2015-03-02
===================
2015-03-02 13:11:31 -05:00
* Fix regression where `"Request aborted"` is logged using `res.sendFile`
2015-03-01 19:11:02 -05:00
4.12.1 / 2015-03-01
===================
2015-02-28 23:29:23 -05:00
2015-03-01 16:33:09 -05:00
* Fix constructing application with non-configurable prototype properties
2015-03-01 17:28:48 -05:00
* Fix `ECONNRESET` errors from `res.sendFile` usage
2015-02-28 23:29:23 -05:00
* Fix `req.host` when using "trust proxy" hops count
* Fix `req.protocol` /`req.secure` when using "trust proxy" hops count
2015-03-01 17:27:50 -05:00
* Fix wrong `code` on aborted connections from `res.sendFile`
2015-03-01 16:33:09 -05:00
* deps: merge-descriptors@1 .0.0
2015-02-28 23:29:23 -05:00
2015-02-23 00:56:49 -05:00
4.12.0 / 2015-02-23
===================
2015-02-18 22:33:47 -05:00
* Fix `"trust proxy"` setting to inherit when app is mounted
* Generate `ETag` s for all request responses
- No longer restricted to only responses for `GET` and `HEAD` requests
* Use `content-type` to parse `Content-Type` headers
2015-02-18 22:36:20 -05:00
* deps: accepts@~1.2.4
- Fix preference sorting to be stable for long acceptable lists
- deps: mime-types@~2.0.9
- deps: negotiator@0 .5.1
2015-02-18 22:33:47 -05:00
* deps: cookie-signature@1 .0.6
* deps: send@0 .12.1
- Always read the stat size from the file
- Fix mutating passed-in `options`
- deps: mime@1 .3.4
2015-02-18 22:48:25 -05:00
* deps: serve-static@~1.9.1
- deps: send@0 .12.1
2015-02-18 22:46:34 -05:00
* deps: type-is@~1.6.0
- fix argument reassignment
- fix false-positives in `hasBody` `Transfer-Encoding` check
- support wildcard for both type and subtype (`*/*` )
- deps: mime-types@~2.0.9
2015-02-18 22:33:47 -05:00
2015-02-01 15:39:08 -05:00
4.11.2 / 2015-02-01
===================
2015-01-31 17:26:35 -05:00
2015-01-31 16:23:18 -05:00
* Fix `res.redirect` double-calling `res.end` for `HEAD` requests
2015-02-01 15:26:04 -05:00
* deps: accepts@~1.2.3
- deps: mime-types@~2.0.8
2015-02-01 15:23:53 -05:00
* deps: proxy-addr@~1.0.6
- deps: ipaddr.js@0 .1.8
2015-01-31 17:26:35 -05:00
* deps: type-is@~1.5.6
- deps: mime-types@~2.0.8
2015-01-21 03:31:11 -05:00
4.11.1 / 2015-01-20
===================
2015-01-21 03:24:31 -05:00
* deps: send@0 .11.1
- Fix root path disclosure
2015-01-21 03:25:25 -05:00
* deps: serve-static@~1.8.1
- Fix redirect loop in Node.js 0.11.14
- Fix root path disclosure
- deps: send@0 .11.1
2015-01-21 03:24:31 -05:00
2015-01-13 22:51:55 -05:00
4.11.0 / 2015-01-13
===================
2014-11-23 22:30:58 -05:00
2015-01-13 21:05:43 -05:00
* Add `res.append(field, val)` to append headers
2014-11-23 22:30:58 -05:00
* Deprecate leading `:` in `name` for `app.param(name, fn)`
2015-01-13 19:17:33 -05:00
* Deprecate `req.param()` -- use `req.params` , `req.body` , or `req.query` instead
2015-01-13 19:28:06 -05:00
* Deprecate `app.param(fn)`
2015-01-13 13:26:19 -05:00
* Fix `OPTIONS` responses to include the `HEAD` method properly
2015-01-13 15:01:32 -05:00
* Fix `res.sendFile` not always detecting aborted connection
2014-10-24 01:04:41 -04:00
* Match routes iteratively to prevent stack overflows
2015-01-13 22:16:00 -05:00
* deps: accepts@~1.2.2
- deps: mime-types@~2.0.7
- deps: negotiator@0 .5.0
2015-01-13 22:14:26 -05:00
* deps: send@0 .11.0
- deps: debug@~2.1.1
- deps: etag@~1.5.1
- deps: ms@0 .7.0
- deps: on-finished@~2.2.0
2015-01-13 22:18:02 -05:00
* deps: serve-static@~1.8.0
- deps: send@0 .11.0
2014-11-23 22:30:58 -05:00
2015-01-13 12:38:09 -05:00
4.10.8 / 2015-01-13
===================
2015-01-11 12:09:34 -05:00
2015-01-12 18:00:49 -05:00
* Fix crash from error within `OPTIONS` response handler
2015-01-11 12:09:34 -05:00
* deps: proxy-addr@~1.0.5
- deps: ipaddr.js@0 .1.6
2015-01-04 19:33:31 -05:00
4.10.7 / 2015-01-04
===================
2015-01-04 17:40:22 -05:00
2015-01-04 19:07:21 -05:00
* Fix `Allow` header for `OPTIONS` to not contain duplicate methods
2015-01-04 18:26:15 -05:00
* Fix incorrect "Request aborted" for `res.sendFile` when `HEAD` or 304
2015-01-04 17:47:25 -05:00
* deps: debug@~2.1.1
2015-01-04 17:40:22 -05:00
* deps: finalhandler@0 .3.3
- deps: debug@~2.1.1
- deps: on-finished@~2.2.0
2015-01-04 17:42:57 -05:00
* deps: methods@~1.1.1
2015-01-04 17:46:41 -05:00
* deps: on-finished@~2.2.0
2015-01-04 17:49:39 -05:00
* deps: serve-static@~1.7.2
- Fix potential open redirect when mounted at root
2015-01-04 17:50:42 -05:00
* deps: type-is@~1.5.5
- deps: mime-types@~2.0.7
2015-01-04 17:40:22 -05:00
2014-12-12 23:13:34 -05:00
4.10.6 / 2014-12-12
===================
2014-12-12 22:06:21 -05:00
* Fix exception in `req.fresh` /`req.stale` without response headers
2014-12-10 23:53:31 -05:00
4.10.5 / 2014-12-10
===================
2014-12-10 12:25:43 -05:00
* Fix `res.send` double-calling `res.end` for `HEAD` requests
2014-12-10 23:49:34 -05:00
* deps: accepts@~1.1.4
2014-12-10 23:50:58 -05:00
- deps: mime-types@~2.0.4
* deps: type-is@~1.5.4
2014-12-10 23:49:34 -05:00
- deps: mime-types@~2.0.4
2014-12-10 12:25:43 -05:00
2014-11-25 00:17:24 -05:00
4.10.4 / 2014-11-24
===================
2014-11-24 23:28:37 -05:00
* Fix `res.sendfile` logging standard write errors
2014-11-23 18:48:55 -05:00
4.10.3 / 2014-11-23
===================
2014-11-23 15:54:20 -05:00
2014-11-23 16:53:11 -05:00
* Fix `res.sendFile` logging standard write errors
2014-11-23 15:54:20 -05:00
* deps: etag@~1.5.1
* deps: proxy-addr@~1.0.4
- deps: ipaddr.js@0 .1.5
2014-11-23 15:56:59 -05:00
* deps: qs@2 .3.3
- Fix `arrayLimit` behavior
2014-11-23 15:54:20 -05:00
2014-11-09 19:09:24 -05:00
4.10.2 / 2014-11-09
===================
2014-11-09 18:41:01 -05:00
2014-11-09 18:50:00 -05:00
* Correctly invoke async router callback asynchronously
2014-11-09 18:41:01 -05:00
* deps: accepts@~1.1.3
- deps: mime-types@~2.0.3
2014-11-09 18:42:33 -05:00
* deps: type-is@~1.5.3
- deps: mime-types@~2.0.3
2014-11-09 18:41:01 -05:00
2014-10-29 01:15:58 -04:00
4.10.1 / 2014-10-28
===================
2014-10-28 23:39:03 -04:00
* Fix handling of URLs containing `://` in the path
2014-10-29 01:14:44 -04:00
* deps: qs@2 .3.2
- Fix parsing of mixed objects and values
2014-10-28 23:39:03 -04:00
2014-10-23 22:27:45 -04:00
4.10.0 / 2014-10-23
===================
2014-10-17 21:13:06 -04:00
2014-10-23 17:18:26 -04:00
* Add support for `app.set('views', array)`
- Views are looked up in sequence in array of directories
2014-10-23 01:35:16 -04:00
* Fix `res.send(status)` to mention `res.sendStatus(status)`
2014-10-23 21:33:38 -04:00
* Fix handling of invalid empty URLs
2014-10-17 23:45:58 -04:00
* Use `content-disposition` module for `res.attachment` /`res.download`
- Sends standards-compliant `Content-Disposition` header
- Full Unicode support
2014-10-23 15:55:17 -04:00
* Use `path.resolve` in view lookup
2014-10-23 02:05:55 -04:00
* deps: debug@~2.1.0
- Implement `DEBUG_FD` env variable support
* deps: depd@~1.0.0
2014-10-17 21:13:06 -04:00
* deps: etag@~1.5.0
- Improve string performance
- Slightly improve speed for weak ETags over 1KB
2014-10-23 01:37:00 -04:00
* deps: finalhandler@0 .3.2
2014-10-17 21:26:47 -04:00
- Terminate in progress response only on error
- Use `on-finished` to determine request status
- deps: debug@~2.1.0
2014-10-23 01:37:00 -04:00
- deps: on-finished@~2.1.1
2014-10-23 01:45:58 -04:00
* deps: on-finished@~2.1.1
- Fix handling of pipelined requests
2014-10-23 01:38:48 -04:00
* deps: qs@2 .3.0
- Fix parsing of mixed implicit and explicit arrays
2014-10-23 02:05:55 -04:00
* deps: send@0 .10.1
- deps: debug@~2.1.0
- deps: depd@~1.0.0
- deps: etag@~1.5.0
- deps: on-finished@~2.1.1
2014-10-23 01:43:19 -04:00
* deps: serve-static@~1.7.1
- deps: send@0 .10.1
2014-10-17 21:13:06 -04:00
2014-10-17 22:01:51 -04:00
4.9.8 / 2014-10-17
==================
2014-10-16 01:29:00 -04:00
2014-10-18 01:12:47 +00:00
* Fix `res.redirect` body when redirect status specified
2014-10-16 01:29:00 -04:00
* deps: accepts@~1.1.2
- Fix error when media type has invalid parameter
- deps: negotiator@0 .4.9
2014-10-10 16:40:46 -04:00
4.9.7 / 2014-10-10
==================
2014-10-10 16:31:09 -04:00
* Fix using same param name in array of paths
2014-10-08 22:33:13 -04:00
4.9.6 / 2014-10-08
==================
2014-10-08 21:48:27 -04:00
* deps: accepts@~1.1.1
- deps: mime-types@~2.0.2
- deps: negotiator@0 .4.8
2014-10-08 21:50:08 -04:00
* deps: serve-static@~1.6.4
- Fix redirect loop when index file serving disabled
2014-10-08 21:51:10 -04:00
* deps: type-is@~1.5.2
- deps: mime-types@~2.0.2
2014-10-08 21:48:27 -04:00
2014-09-24 20:18:59 -04:00
4.9.5 / 2014-09-24
==================
2014-09-24 20:11:19 -04:00
2014-09-24 20:14:39 -04:00
* deps: etag@~1.4.0
2014-09-24 20:11:19 -04:00
* deps: proxy-addr@~1.0.3
- Use `forwarded` npm module
* deps: send@0 .9.3
- deps: etag@~1.4.0
2014-09-24 20:16:00 -04:00
* deps: serve-static@~1.6.3
- deps: send@0 .9.3
2014-09-24 20:11:19 -04:00
2014-09-19 23:07:58 -07:00
4.9.4 / 2014-09-19
==================
2014-09-19 23:06:31 -07:00
* deps: qs@2 .2.4
- Fix issue with object keys starting with numbers truncated
2014-09-18 10:45:35 -07:00
4.9.3 / 2014-09-18
==================
2014-09-18 10:43:35 -07:00
* deps: proxy-addr@~1.0.2
- Fix a global leak when multiple subnets are trusted
- deps: ipaddr.js@0 .1.3
2014-09-17 20:49:01 -07:00
4.9.2 / 2014-09-17
==================
2014-09-17 12:17:03 -07:00
* Fix regression for empty string `path` in `app.use`
2014-09-17 12:37:56 -07:00
* Fix `router.use` to accept array of middleware without path
2014-09-17 12:28:48 -07:00
* Improve error message for bad `app.use` arguments
2014-09-17 12:17:03 -07:00
2014-09-16 23:31:57 -07:00
4.9.1 / 2014-09-16
==================
2014-09-12 17:46:49 -04:00
* Fix `app.use` to accept array of middleware without path
2014-09-16 23:08:03 -07:00
* deps: depd@0 .4.5
2014-09-16 23:21:45 -07:00
* deps: etag@~1.3.1
2014-09-16 23:08:03 -07:00
* deps: send@0 .9.2
- deps: depd@0 .4.5
- deps: etag@~1.3.1
- deps: range-parser@~1.0.2
2014-09-16 23:23:14 -07:00
* deps: serve-static@~1.6.2
- deps: send@0 .9.2
2014-09-12 17:46:49 -04:00
2014-09-09 00:32:17 -04:00
4.9.0 / 2014-09-08
==================
2014-09-08 23:48:59 -04:00
2014-08-13 09:09:59 -04:00
* Add `res.sendStatus`
2014-08-21 14:43:38 -04:00
* Invoke callback for sendfile when client aborts
- Applies to `res.sendFile` , `res.sendfile` , and `res.download`
- `err` will be populated with request aborted error
2014-09-08 23:48:59 -04:00
* Support IP address host in `req.subdomains`
2014-08-25 01:07:01 -04:00
* Use `etag` to generate `ETag` headers
2014-09-09 00:12:10 -04:00
* deps: accepts@~1.1.0
- update `mime-types`
2014-09-08 23:48:59 -04:00
* deps: cookie-signature@1 .0.5
* deps: debug@~2.0.0
2014-09-09 00:08:07 -04:00
* deps: finalhandler@0 .2.0
- Set `X-Content-Type-Options: nosniff` header
- deps: debug@~2.0.0
2014-09-08 23:48:59 -04:00
* deps: fresh@0 .2.4
* deps: media-typer@0 .3.0
- Throw error when parameter format invalid on parse
2014-09-09 00:04:08 -04:00
* deps: qs@2 .2.3
- Fix issue where first empty value in array is discarded
2014-09-08 23:48:59 -04:00
* deps: range-parser@~1.0.2
* deps: send@0 .9.1
- Add `lastModified` option
- Use `etag` to generate `ETag` header
- deps: debug@~2.0.0
- deps: fresh@0 .2.4
2014-09-09 00:11:04 -04:00
* deps: serve-static@~1.6.1
- Add `lastModified` option
- deps: send@0 .9.1
2014-09-09 00:10:02 -04:00
* deps: type-is@~1.5.1
- fix `hasbody` to be true for `content-length: 0`
- deps: media-typer@0 .3.0
- deps: mime-types@~2.0.1
2014-09-08 23:48:59 -04:00
* deps: vary@~1.0.0
- Accept valid `Vary` header string as `field`
2014-09-05 02:26:12 -04:00
4.8.8 / 2014-09-04
==================
2014-09-05 02:20:02 -04:00
* deps: send@0 .8.5
- Fix a path traversal issue when using `root`
- Fix malicious path detection for empty string path
2014-09-05 02:21:17 -04:00
* deps: serve-static@~1.5.4
- deps: send@0 .8.5
2014-09-05 02:20:02 -04:00
2014-08-30 01:37:52 -04:00
4.8.7 / 2014-08-29
==================
2014-08-30 01:30:56 -04:00
* deps: qs@2 .2.2
- Remove unnecessary cloning
2014-08-27 21:51:37 -04:00
4.8.6 / 2014-08-27
==================
2014-08-27 21:22:41 -04:00
* deps: qs@2 .2.0
- Array parsing fix
- Performance improvements
2014-08-18 23:05:16 -04:00
4.8.5 / 2014-08-18
==================
2014-08-18 22:54:25 -04:00
* deps: send@0 .8.3
- deps: destroy@1 .0.3
- deps: on-finished@2 .1.0
2014-08-18 22:58:47 -04:00
* deps: serve-static@~1.5.3
- deps: send@0 .8.3
2014-08-18 22:54:25 -04:00
2014-08-15 00:26:39 -04:00
4.8.4 / 2014-08-14
==================
2014-08-15 00:14:42 -04:00
2014-08-15 00:16:20 -04:00
* deps: qs@1 .2.2
2014-08-15 00:14:42 -04:00
* deps: send@0 .8.2
- Work around `fd` leak in Node.js 0.10 for `fs.ReadStream`
2014-08-15 00:15:28 -04:00
* deps: serve-static@~1.5.2
- deps: send@0 .8.2
2014-08-15 00:14:42 -04:00
2014-08-10 22:30:07 -04:00
4.8.3 / 2014-08-10
==================
2014-08-10 22:26:49 -04:00
* deps: parseurl@~1.3.0
2014-08-10 22:27:42 -04:00
* deps: qs@1 .2.1
2014-08-10 22:29:24 -04:00
* deps: serve-static@~1.5.1
- Fix parsing of weird `req.originalUrl` values
- deps: parseurl@~1.3.0
- deps: utils-merge@1 .0.0
2014-08-10 22:26:49 -04:00
2014-08-07 12:05:02 -04:00
4.8.2 / 2014-08-07
==================
2014-08-07 12:03:53 -04:00
* deps: qs@1 .2.0
- Fix parsing array of objects
2014-08-06 18:21:55 -04:00
4.8.1 / 2014-08-06
==================
2014-08-06 17:48:36 -04:00
* fix incorrect deprecation warnings on `res.download`
2014-08-06 17:50:08 -04:00
* deps: qs@1 .1.0
- Accept urlencoded square brackets
- Accept empty values in implicit array notation
2014-08-06 17:48:36 -04:00
2014-08-06 02:50:59 -04:00
4.8.0 / 2014-08-05
==================
2014-08-06 01:55:45 -04:00
2014-08-06 02:09:25 -04:00
* add `res.sendFile`
- accepts a file system path instead of a URL
- requires an absolute path or `root` option specified
2014-08-06 02:27:16 -04:00
* deprecate `res.sendfile` -- use `res.sendFile` instead
2014-08-02 11:41:35 +02:00
* support mounted app as any argument to `app.use()`
2014-08-06 01:58:32 -04:00
* deps: qs@1 .0.2
- Complete rewrite
- Limits array length to 20
- Limits object depth to 5
- Limits parameters to 1,000
2014-08-06 01:55:45 -04:00
* deps: send@0 .8.1
- Add `extensions` option
2014-08-06 01:57:15 -04:00
* deps: serve-static@~1.5.0
- Add `extensions` option
- deps: send@0 .8.1
2014-08-06 01:55:45 -04:00
2014-08-04 17:36:37 -04:00
4.7.4 / 2014-08-04
==================
2014-08-04 17:14:32 -04:00
2014-08-04 17:35:42 -04:00
* fix `res.sendfile` regression for serving directory index files
* deps: send@0 .7.4
- Fix incorrect 403 on Windows and Node.js 0.11
- Fix serving index files without root dir
2014-08-04 17:14:32 -04:00
* deps: serve-static@~1.4.4
- deps: send@0 .7.4
2014-08-04 16:14:29 -04:00
4.7.3 / 2014-08-04
==================
2014-08-04 16:10:32 -04:00
* deps: send@0 .7.3
- Fix incorrect 403 on Windows and Node.js 0.11
2014-08-04 16:11:52 -04:00
* deps: serve-static@~1.4.3
- Fix incorrect 403 on Windows and Node.js 0.11
- deps: send@0 .7.3
2014-08-04 16:10:32 -04:00
2014-07-27 16:00:54 -04:00
4.7.2 / 2014-07-27
==================
2014-07-27 15:58:45 -04:00
* deps: depd@0 .4.4
- Work-around v8 generating empty stack traces
* deps: send@0 .7.2
- deps: depd@0 .4.4
2014-07-27 15:59:19 -04:00
* deps: serve-static@~1.4.2
2014-07-27 15:58:45 -04:00
2014-07-26 18:53:26 -04:00
4.7.1 / 2014-07-26
==================
2014-07-26 18:01:24 -04:00
* deps: depd@0 .4.3
- Fix exception when global `Error.stackTraceLimit` is too low
* deps: send@0 .7.1
- deps: depd@0 .4.3
2014-07-26 18:08:02 -04:00
* deps: serve-static@~1.4.1
2014-07-26 18:01:24 -04:00
2014-07-25 20:26:11 -04:00
4.7.0 / 2014-07-25
==================
2014-07-12 00:18:38 -04:00
2014-07-18 11:33:16 -04:00
* fix `req.protocol` for proxy-direct connections
2014-07-13 23:15:00 -04:00
* configurable query parser with `app.set('query parser', parser)`
- `app.set('query parser', 'extended')` parse with "qs" module
- `app.set('query parser', 'simple')` parse with "querystring" core module
- `app.set('query parser', false)` disable query string parsing
- `app.set('query parser', true)` enable simple parsing
2014-07-17 22:49:41 -04:00
* deprecate `res.json(status, obj)` -- use `res.status(status).json(obj)` instead
* deprecate `res.jsonp(status, obj)` -- use `res.status(status).jsonp(obj)` instead
* deprecate `res.send(status, body)` -- use `res.status(status).send(body)` instead
2014-07-16 20:44:17 -04:00
* deps: debug@1 .0.4
2014-07-22 23:52:44 -04:00
* deps: depd@0 .4.2
- Add `TRACE_DEPRECATION` environment variable
- Remove non-standard grey color from color output
- Support `--no-deprecation` argument
- Support `--trace-deprecation` argument
2014-07-16 20:47:24 -04:00
* deps: finalhandler@0 .1.0
- Respond after request fully read
- deps: debug@1 .0.4
2014-07-22 23:53:50 -04:00
* deps: parseurl@~1.2.0
- Cache URLs based on original value
- Remove no-longer-needed URL mis-parse work-around
- Simplify the "fast-path" `RegExp`
2014-07-22 23:55:17 -04:00
* deps: send@0 .7.0
- Add `dotfiles` option
- Cap `maxAge` value to 1 year
- deps: debug@1 .0.4
- deps: depd@0 .4.2
2014-07-23 14:56:27 -04:00
* deps: serve-static@~1.4.0
- deps: parseurl@~1.2.0
- deps: send@0 .7.0
2014-07-12 00:18:38 -04:00
* perf: prevent multiple `Buffer` creation in `res.send`
2014-07-12 22:11:48 -04:00
4.6.1 / 2014-07-12
==================
2014-07-12 22:07:43 -04:00
* fix `subapp.mountpath` regression for `app.use(subapp)`
2014-07-11 23:31:30 -04:00
4.6.0 / 2014-07-11
==================
2014-07-11 13:52:26 -04:00
2014-07-09 20:04:24 -04:00
* accept multiple callbacks to `app.use()`
2014-07-11 13:52:26 -04:00
* add explicit "Rosetta Flash JSONP abuse" protection
- previous versions are not vulnerable; this is just explicit protection
2014-07-08 01:15:31 -04:00
* catch errors in multiple `req.param(name, fn)` handlers
2014-07-11 13:52:26 -04:00
* deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead
* fix `res.send(status, num)` to send `num` as json (not error)
* remove unnecessary escaping when `res.jsonp` returns JSON response
2014-07-05 13:23:07 -04:00
* support non-string `path` in `app.use(path, fn)`
- supports array of paths
- supports `RegExp`
2014-07-07 22:50:05 -04:00
* router: fix optimization on router exit
2014-07-08 01:50:57 -04:00
* router: refactor location of `try` blocks
2014-07-08 00:16:39 -04:00
* router: speed up standard `app.use(fn)`
2014-07-11 13:52:26 -04:00
* deps: debug@1 .0.3
- Add support for multiple wildcards in namespaces
2014-07-11 23:00:09 -04:00
* deps: finalhandler@0 .0.3
- deps: debug@1 .0.3
2014-07-11 13:52:26 -04:00
* deps: methods@1 .1.0
- add `CONNECT`
* deps: parseurl@~1.1.3
- faster parsing of href-only URLs
2014-07-05 13:23:07 -04:00
* deps: path-to-regexp@0 .1.3
2014-07-11 22:48:42 -04:00
* deps: send@0 .6.0
- deps: debug@1 .0.3
2014-07-11 22:49:49 -04:00
* deps: serve-static@~1.3.2
- deps: parseurl@~1.1.3
- deps: send@0 .6.0
2014-07-10 01:02:57 -04:00
* perf: fix arguments reassign deopt in some `res` methods
2014-07-11 13:52:26 -04:00
2014-07-06 19:48:18 -04:00
4.5.1 / 2014-07-06
==================
2014-07-06 19:42:08 -04:00
* fix routing regression when altering `req.method`
2014-07-04 21:03:07 -04:00
4.5.0 / 2014-07-04
==================
2014-06-22 11:42:15 -04:00
2014-06-23 16:17:44 -04:00
* add deprecation message to non-plural `req.accepts*`
2014-06-23 16:26:00 -04:00
* add deprecation message to `res.send(body, status)`
2014-06-23 16:26:28 -04:00
* add deprecation message to `res.vary()`
2014-07-03 12:53:49 -04:00
* add `headers` option to `res.sendfile`
- use to set headers on successful file transfer
2014-07-03 01:06:21 -04:00
* add `mergeParams` option to `Router`
- merges `req.params` from parent routes
2014-07-04 13:59:01 -04:00
* add `req.hostname` -- correct name for what `req.host` returns
2014-06-22 11:42:15 -04:00
* deprecate things with `depd` module
2014-07-04 13:59:01 -04:00
* deprecate `req.host` -- use `req.hostname` instead
2014-06-02 15:43:19 -04:00
* fix behavior when handling request without routes
2014-06-06 22:16:39 -04:00
* fix handling when `route.all` is only route
2014-07-03 16:41:23 -04:00
* invoke `router.param()` only when route matches
2014-06-06 11:54:27 -04:00
* restore `req.params` after invoking router
2014-06-05 23:59:27 -04:00
* use `finalhandler` for final response handling
2014-06-22 11:42:15 -04:00
* use `media-typer` to alter content-type charset
2014-07-04 12:51:44 -04:00
* deps: accepts@~1.0.7
2014-07-03 11:18:35 -04:00
* deps: send@0 .5.0
- Accept string for `maxage` (converted by `ms` )
- Include link in default redirect response
2014-07-03 11:11:18 -04:00
* deps: serve-static@~1.3.0
- Accept string for `maxAge` (converted by `ms` )
- Add `setHeaders` option
- Include HTML link in redirect response
- deps: send@0 .5.0
2014-06-24 21:18:12 -04:00
* deps: type-is@~1.3.2
2014-06-22 11:42:15 -04:00
2014-06-26 20:26:43 -04:00
4.4.5 / 2014-06-26
==================
2014-06-26 20:25:20 -04:00
* deps: cookie-signature@1 .0.4
- fix for timing attacks
2014-06-20 16:56:51 -04:00
4.4.4 / 2014-06-20
==================
2014-06-14 12:57:32 -04:00
2014-06-20 12:37:22 +08:00
* fix `res.attachment` Unicode filenames in Safari
2014-06-14 12:57:32 -04:00
* fix "trim prefix" debug message in `express:router`
2014-06-20 16:44:50 -04:00
* deps: accepts@~1.0.5
2014-06-20 00:35:38 -04:00
* deps: buffer-crc32@0 .2.3
2014-06-14 12:57:32 -04:00
2014-06-12 00:41:24 -04:00
4.4.3 / 2014-06-11
==================
2014-06-11 17:53:56 -04:00
2014-06-11 18:15:09 -04:00
* fix persistence of modified `req.params[name]` from `app.param()`
2014-06-12 00:16:05 -04:00
* deps: accepts@1 .0.3
- deps: negotiator@0 .4.6
2014-06-11 17:53:56 -04:00
* deps: debug@1 .0.2
2014-06-12 00:14:36 -04:00
* deps: send@0 .4.3
2018-11-26 20:00:47 -07:00
- Do not throw uncatchable error on file open race condition
2014-06-12 00:14:36 -04:00
- Use `escape-html` for HTML escaping
- deps: debug@1 .0.2
- deps: finished@1 .2.2
- deps: fresh@0 .2.2
2014-06-12 00:17:28 -04:00
* deps: serve-static@1 .2.3
2018-11-26 20:00:47 -07:00
- Do not throw uncatchable error on file open race condition
2014-06-12 00:17:28 -04:00
- deps: send@0 .4.3
2014-06-11 17:53:56 -04:00
2014-06-09 20:40:39 -04:00
4.4.2 / 2014-06-09
==================
2014-06-03 17:25:20 -04:00
2014-06-09 09:43:51 -04:00
* fix catching errors from top-level handlers
2014-06-05 23:45:31 -04:00
* use `vary` module for `res.vary`
2014-06-09 20:19:09 -04:00
* deps: debug@1 .0.1
2014-06-03 17:25:20 -04:00
* deps: proxy-addr@1 .0.1
2014-06-09 20:22:42 -04:00
* deps: send@0 .4.2
- fix "event emitter leak" warnings
- deps: debug@1 .0.1
- deps: finished@1 .2.1
2014-06-09 20:21:31 -04:00
* deps: serve-static@1 .2.2
- fix "event emitter leak" warnings
- deps: send@0 .4.2
2014-06-05 19:40:27 -04:00
* deps: type-is@1 .2.1
2014-06-03 17:25:20 -04:00
2014-06-02 21:13:50 -04:00
4.4.1 / 2014-06-02
==================
2014-06-02 20:48:18 -04:00
* deps: methods@1 .0.1
2014-06-02 20:49:11 -04:00
* deps: send@0 .4.1
- Send `max-age` in `Cache-Control` in correct format
2014-06-02 20:50:54 -04:00
* deps: serve-static@1 .2.1
- use `escape-html` for escaping
- deps: send@0 .4.1
2014-06-02 20:48:18 -04:00
2014-05-31 00:00:39 -04:00
4.4.0 / 2014-05-30
==================
2014-05-30 22:17:51 -04:00
* custom etag control with `app.set('etag', val)`
- `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation
- `app.set('etag', 'weak')` weak tag
- `app.set('etag', 'strong')` strong etag
- `app.set('etag', false)` turn off
- `app.set('etag', true)` standard etag
* mark `res.send` ETag as weak and reduce collisions
2014-05-30 22:48:32 -04:00
* update accepts to 1.0.2
- Fix interpretation when header not in request
2014-05-30 22:17:51 -04:00
* update send to 0.4.0
- Calculate ETag with md5 for reduced collisions
- Ignore stream errors after request ends
- deps: debug@0 .8.1
2014-05-30 22:53:02 -04:00
* update serve-static to 1.2.0
- Calculate ETag with md5 for reduced collisions
- Ignore stream errors after request ends
- deps: send@0 .4.0
2014-05-30 22:17:51 -04:00
2014-05-29 00:17:21 -04:00
4.3.2 / 2014-05-28
==================
2014-05-28 22:26:05 -04:00
* fix handling of errors from `router.param()` callbacks
2014-05-23 19:11:28 -04:00
4.3.1 / 2014-05-23
==================
2014-05-23 18:35:20 -04:00
* revert "fix behavior of multiple `app.VERB` for the same path"
- this caused a regression in the order of route execution
2014-05-21 02:13:03 -04:00
4.3.0 / 2014-05-21
==================
2014-05-14 00:25:39 -04:00
2014-05-19 00:39:26 -04:00
* add `req.baseUrl` to access the path stripped from `req.url` in routes
2014-05-15 10:30:52 -04:00
* fix behavior of multiple `app.VERB` for the same path
2014-05-18 15:27:28 -04:00
* fix issue routing requests among sub routers
2014-05-18 16:21:01 -04:00
* invoke `router.param()` only when necessary instead of every match
2014-05-18 11:17:37 -04:00
* proper proxy trust with `app.set('trust proxy', trust)`
- `app.set('trust proxy', 1)` trust first hop
- `app.set('trust proxy', 'loopback')` trust loopback addresses
- `app.set('trust proxy', '10.0.0.1')` trust single IP
- `app.set('trust proxy', '10.0.0.1/16')` trust subnet
- `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list
- `app.set('trust proxy', false)` turn off
- `app.set('trust proxy', true)` trust everything
2014-05-21 02:08:04 -04:00
* set proper `charset` in `Content-Type` for `res.send`
2014-05-14 00:25:39 -04:00
* update type-is to 1.2.0
- support suffix matching
2014-05-11 22:00:30 -04:00
4.2.0 / 2014-05-11
==================
2014-05-08 14:48:24 -04:00
2014-05-09 17:33:26 -04:00
* deprecate `app.del()` -- use `app.delete()` instead
* deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead
- the edge-case `res.json(status, num)` requires `res.status(status).json(num)`
* deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead
- the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)`
2014-05-09 16:53:15 -04:00
* fix `req.next` when inside router instance
2014-05-08 14:48:24 -04:00
* include `ETag` header in `HEAD` requests
* keep previous `Content-Type` for `res.jsonp`
2014-05-09 17:33:26 -04:00
* support PURGE method
- add `app.purge`
- add `router.purge`
- include PURGE in `app.all`
* update debug to 0.8.0
- add `enable()` method
- change from stderr to stdout
* update methods to 1.0.0
- add PURGE
2014-05-08 14:48:24 -04:00
2014-05-08 14:42:44 -04:00
4.1.2 / 2014-05-08
==================
2014-05-08 14:01:02 -04:00
* fix `req.host` for IPv6 literals
* fix `res.jsonp` error if callback param is object
2014-04-27 19:49:05 -04:00
4.1.1 / 2014-04-27
==================
* fix package.json to reflect supported node version
2014-04-24 18:08:41 -04:00
4.1.0 / 2014-04-24
==================
* pass options from `res.sendfile` to `send`
* preserve casing of headers in `res.header` and `res.set`
* support unicode file names in `res.attachment` and `res.download`
* update accepts to 1.0.1
2014-05-08 14:57:44 -04:00
- deps: negotiator@0 .4.0
2014-04-24 18:08:41 -04:00
* update cookie to 0.1.2
2014-05-08 14:57:44 -04:00
- Fix for maxAge == 0
- made compat with expires field
2014-04-24 18:08:41 -04:00
* update send to 0.3.0
2014-05-08 14:57:44 -04:00
- Accept API options in options object
- Coerce option types
- Control whether to generate etags
- Default directory access to 403 when index disabled
- Fix sending files with dots without root set
- Include file path in etag
- Make "Can't set headers after they are sent." catchable
- Send full entity-body for multi range requests
- Set etags to "weak"
- Support "If-Range" header
- Support multiple index paths
- deps: mime@1 .2.11
2014-04-24 18:08:41 -04:00
* update serve-static to 1.1.0
2014-05-08 14:57:44 -04:00
- Accept options directly to `send` module
- Resolve relative paths at middleware setup
- Use parseurl to parse the URL from request
- deps: send@0 .3.0
2014-04-24 18:08:41 -04:00
* update type-is to 1.1.0
2014-05-08 14:57:44 -04:00
- add non-array values support
- add `multipart` as a shorthand
2014-04-24 18:08:41 -04:00
2014-04-10 16:57:00 -04:00
4.0.0 / 2014-04-09
2014-01-03 02:33:00 -08:00
==================
2014-01-03 02:57:24 -08:00
* remove:
2014-03-05 22:45:36 -08:00
- node 0.8 support
- connect and connect's patches except for charset handling
2014-01-03 02:57:24 -08:00
- express(1) - moved to [express-generator ](https://github.com/expressjs/generator )
2014-01-19 14:05:12 -05:00
- `express.createServer()` - it has been deprecated for a long time. Use `express()`
2014-02-08 11:40:48 -08:00
- `app.configure` - use logic in your own app code
2014-01-25 17:57:25 -05:00
- `app.router` - is removed
2014-03-09 19:45:43 -07:00
- `req.auth` - use `basic-auth` instead
2014-02-08 11:40:48 -08:00
- `req.accepted*` - use `req.accepts*()` instead
- `res.location` - relative URL resolution is removed
2014-03-07 16:33:17 -08:00
- `res.charset` - include the charset in the content type when using `res.set()`
2014-02-15 20:20:12 -05:00
- all bundled middleware except `static`
2014-01-03 02:57:24 -08:00
* change:
2014-02-08 11:40:48 -08:00
- `app.route` -> `app.mountpath` when mounting an express app in another express app
- `json spaces` no longer enabled by default in development
2014-01-03 02:57:24 -08:00
- `req.accepts*` -> `req.accepts*s` - i.e. `req.acceptsEncoding` -> `req.acceptsEncodings`
2014-01-03 03:00:48 -08:00
- `req.params` is now an object instead of an array
2014-01-24 19:49:45 -05:00
- `res.locals` is no longer a function. It is a plain js object. Treat it as such.
2014-02-17 23:36:56 -05:00
- `res.headerSent` -> `res.headersSent` to match node.js ServerResponse object
2014-01-03 02:57:24 -08:00
* refactor:
2014-01-03 02:50:09 -08:00
- `req.accepts*` with [accepts ](https://github.com/expressjs/accepts )
- `req.is` with [type-is ](https://github.com/expressjs/type-is )
2014-03-06 14:59:36 -08:00
- [path-to-regexp ](https://github.com/component/path-to-regexp )
2014-01-25 17:57:25 -05:00
* add:
- `app.router()` - returns the app Router instance
- `app.route()` - Proxy to the app's `Router#route()` method to create a new route
- Router & Route - public API
2014-01-03 02:33:00 -08:00
2015-07-31 16:15:06 -04:00
3.21.2 / 2015-07-31
===================
2015-07-27 22:12:39 -04:00
2015-07-31 16:13:09 -04:00
* deps: connect@2 .30.2
- deps: body-parser@~1.13.3
- deps: compression@~1.5.2
- deps: errorhandler@~1.4.2
- deps: method-override@~2.3.5
- deps: serve-index@~1.7.2
- deps: type-is@~1.6.6
- deps: vhost@~3.0.1
2015-07-27 22:12:39 -04:00
* deps: vary@~1.0.1
- Fix setting empty header from empty `field`
- perf: enable strict mode
- perf: remove argument reassignments
2015-07-06 00:53:25 -04:00
3.21.1 / 2015-07-05
===================
2015-07-06 00:38:10 -04:00
2015-07-06 00:39:42 -04:00
* deps: basic-auth@~1.0.3
2015-07-06 00:38:10 -04:00
* deps: connect@2 .30.1
- deps: body-parser@~1.13.2
- deps: compression@~1.5.1
- deps: errorhandler@~1.4.1
- deps: morgan@~1.6.1
- deps: pause@0 .1.0
- deps: qs@4 .0.0
- deps: serve-index@~1.7.1
- deps: type-is@~1.6.4
2015-06-18 21:14:56 -04:00
3.21.0 / 2015-06-18
===================
2015-06-17 01:21:20 -04:00
2015-06-18 20:34:04 -04:00
* deps: basic-auth@1 .0.2
- perf: enable strict mode
- perf: hoist regular expression
- perf: parse with regular expressions
- perf: remove argument reassignment
2015-06-18 20:08:32 -04:00
* deps: connect@2 .30.0
- deps: body-parser@~1.13.1
- deps: bytes@2 .1.0
- deps: compression@~1.5.0
- deps: cookie@0 .1.3
- deps: cookie-parser@~1.3.5
- deps: csurf@~1.8.3
- deps: errorhandler@~1.4.0
- deps: express-session@~1.11.3
- deps: finalhandler@0 .4.0
- deps: fresh@0 .3.0
- deps: morgan@~1.6.0
- deps: serve-favicon@~2.3.0
- deps: serve-index@~1.7.0
- deps: serve-static@~1.10.0
- deps: type-is@~1.6.3
2015-06-18 20:35:56 -04:00
* deps: cookie@0 .1.3
- perf: deduce the scope of try-catch deopt
- perf: remove argument reassignments
2015-06-18 20:36:48 -04:00
* deps: escape-html@1 .0.2
2015-06-18 20:54:26 -04:00
* deps: etag@~1.7.0
- Always include entity length in ETags for hash length extensions
- Generate non-Stats ETags using MD5 only (no longer CRC32)
- Improve stat performance by removing hashing
- Improve support for JXcore
- Remove base64 padding in ETags to shorten
- Support "fake" stats objects in environments without fs
- Use MD5 instead of MD4 in weak ETags over 1KB
2015-06-18 20:56:48 -04:00
* deps: fresh@0 .3.0
- Add weak `ETag` matching support
2015-06-17 01:21:20 -04:00
* deps: mkdirp@0 .5.1
- Work in global strict mode
2015-06-18 20:56:03 -04:00
* deps: send@0 .13.0
- Allow Node.js HTTP server to set `Date` response header
- Fix incorrectly removing `Content-Location` on 304 response
- Improve the default redirect response headers
- Send appropriate headers on default error response
- Use `http-errors` for standard emitted errors
- Use `statuses` instead of `http` module for status messages
- deps: escape-html@1 .0.2
- deps: etag@~1.7.0
- deps: fresh@0 .3.0
- deps: on-finished@~2.3.0
- perf: enable strict mode
- perf: remove unnecessary array allocations
2015-06-17 01:21:20 -04:00
2015-05-18 00:04:41 -04:00
3.20.3 / 2015-05-17
===================
2015-05-17 20:56:52 -04:00
* deps: connect@2 .29.2
- deps: body-parser@~1.12.4
- deps: compression@~1.4.4
- deps: connect-timeout@~1.6.2
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: errorhandler@~1.3.6
- deps: finalhandler@0 .3.6
- deps: method-override@~2.3.3
- deps: morgan@~1.5.3
- deps: qs@2 .4.2
- deps: response-time@~2.3.1
- deps: serve-favicon@~2.2.1
- deps: serve-index@~1.6.4
- deps: serve-static@~1.9.3
- deps: type-is@~1.6.2
2015-05-17 23:54:59 -04:00
* deps: debug@~2.2.0
- deps: ms@0 .7.1
2015-05-17 23:38:35 -04:00
* deps: depd@~1.0.1
2015-05-17 21:04:02 -04:00
* deps: proxy-addr@~1.0.8
- deps: ipaddr.js@1 .0.1
2015-05-17 21:07:06 -04:00
* deps: send@0 .12.3
- deps: debug@~2.2.0
- deps: depd@~1.0.1
- deps: etag@~1.6.0
- deps: ms@0 .7.1
- deps: on-finished@~2.2.1
2015-05-17 20:56:52 -04:00
2015-03-17 01:03:53 -04:00
3.20.2 / 2015-03-16
===================
2015-03-17 00:17:34 -04:00
* deps: connect@2 .29.1
- deps: body-parser@~1.12.2
- deps: compression@~1.4.3
- deps: connect-timeout@~1.6.1
- deps: debug@~2.1.3
- deps: errorhandler@~1.3.5
- deps: express-session@~1.10.4
- deps: finalhandler@0 .3.4
- deps: method-override@~2.3.2
- deps: morgan@~1.5.2
- deps: qs@2 .4.1
- deps: serve-index@~1.6.3
- deps: serve-static@~1.9.2
- deps: type-is@~1.6.1
2015-03-17 00:25:00 -04:00
* deps: debug@~2.1.3
- Fix high intensity foreground color for bold
- deps: ms@0 .7.0
2015-03-17 00:23:23 -04:00
* deps: merge-descriptors@1 .0.0
2015-03-17 00:47:15 -04:00
* deps: proxy-addr@~1.0.7
- deps: ipaddr.js@0 .1.9
2015-03-17 00:21:58 -04:00
* deps: send@0 .12.2
- Throw errors early for invalid `extensions` or `index` options
- deps: debug@~2.1.3
2015-03-17 00:17:34 -04:00
2015-02-28 23:16:27 -05:00
3.20.1 / 2015-02-28
===================
2015-02-28 17:06:37 +00:00
2015-02-28 21:32:51 -05:00
* Fix `req.host` when using "trust proxy" hops count
2015-02-28 17:06:37 +00:00
* Fix `req.protocol` /`req.secure` when using "trust proxy" hops count
2015-02-18 21:25:55 -05:00
3.20.0 / 2015-02-18
===================
2015-02-17 22:32:18 -05:00
2015-02-18 00:59:56 -05:00
* Fix `"trust proxy"` setting to inherit when app is mounted
2015-02-18 00:12:28 -05:00
* Generate `ETag` s for all request responses
- No longer restricted to only responses for `GET` and `HEAD` requests
2015-02-17 22:49:24 -05:00
* Use `content-type` to parse `Content-Type` headers
2015-02-17 22:32:18 -05:00
* deps: connect@2 .29.0
- Use `content-type` to parse `Content-Type` headers
- deps: body-parser@~1.12.0
- deps: compression@~1.4.1
- deps: connect-timeout@~1.6.0
- deps: cookie-parser@~1.3.4
- deps: cookie-signature@1 .0.6
- deps: csurf@~1.7.0
- deps: errorhandler@~1.3.4
- deps: express-session@~1.10.3
- deps: http-errors@~1.3.1
- deps: response-time@~2.3.0
- deps: serve-index@~1.6.2
- deps: serve-static@~1.9.1
- deps: type-is@~1.6.0
2015-02-17 22:40:51 -05:00
* deps: cookie-signature@1 .0.6
2015-02-17 22:42:02 -05:00
* deps: send@0 .12.1
- Always read the stat size from the file
- Fix mutating passed-in `options`
- deps: mime@1 .3.4
2015-02-17 22:32:18 -05:00
2015-02-01 15:15:53 -05:00
3.19.2 / 2015-02-01
===================
2015-02-01 14:54:46 -05:00
* deps: connect@2 .28.3
- deps: compression@~1.3.1
- deps: csurf@~1.6.6
- deps: errorhandler@~1.3.3
- deps: express-session@~1.10.2
- deps: serve-index@~1.6.1
- deps: type-is@~1.5.6
2015-02-01 14:55:42 -05:00
* deps: proxy-addr@~1.0.6
- deps: ipaddr.js@0 .1.8
2015-02-01 14:54:46 -05:00
2015-01-21 03:18:16 -05:00
3.19.1 / 2015-01-20
===================
2015-01-21 02:03:28 -05:00
* deps: connect@2 .28.2
- deps: body-parser@~1.10.2
- deps: serve-static@~1.8.1
2015-01-21 02:05:03 -05:00
* deps: send@0 .11.1
- Fix root path disclosure
2015-01-21 02:03:28 -05:00
2015-01-09 01:07:12 -05:00
3.19.0 / 2015-01-09
===================
2015-01-08 21:18:56 -05:00
2015-01-08 23:30:42 -05:00
* Fix `OPTIONS` responses to include the `HEAD` method property
2015-01-08 22:21:50 -05:00
* Use `readline` for prompt in `express(1)`
2015-01-08 22:23:04 -05:00
* deps: commander@2 .6.0
2015-01-08 21:18:56 -05:00
* deps: connect@2 .28.1
- deps: body-parser@~1.10.1
- deps: compression@~1.3.0
- deps: connect-timeout@~1.5.0
- deps: csurf@~1.6.4
- deps: debug@~2.1.1
- deps: errorhandler@~1.3.2
- deps: express-session@~1.10.1
- deps: finalhandler@0 .3.3
- deps: method-override@~2.3.1
- deps: morgan@~1.5.1
- deps: serve-favicon@~2.2.0
- deps: serve-index@~1.6.0
- deps: serve-static@~1.8.0
- deps: type-is@~1.5.5
2015-01-09 01:05:41 -05:00
* deps: debug@~2.1.1
2015-01-08 21:31:32 -05:00
* deps: methods@~1.1.1
2015-01-08 22:14:46 -05:00
* deps: proxy-addr@~1.0.5
- deps: ipaddr.js@0 .1.6
2015-01-08 22:15:53 -05:00
* deps: send@0 .11.0
- deps: debug@~2.1.1
- deps: etag@~1.5.1
- deps: ms@0 .7.0
- deps: on-finished@~2.2.0
2015-01-08 21:18:56 -05:00
2014-12-12 21:39:47 -05:00
3.18.6 / 2014-12-12
===================
2014-12-11 20:34:26 -08:00
* Fix exception in `req.fresh` /`req.stale` without response headers
2014-12-11 23:10:34 -05:00
3.18.5 / 2014-12-11
===================
2014-12-10 22:55:36 -05:00
* deps: connect@2 .27.6
- deps: compression@~1.2.2
- deps: express-session@~1.9.3
- deps: http-errors@~1.2.8
- deps: serve-index@~1.5.3
- deps: type-is@~1.5.4
2014-11-23 15:42:03 -05:00
3.18.4 / 2014-11-23
===================
2014-11-23 14:53:23 -05:00
* deps: connect@2 .27.4
- deps: body-parser@~1.9.3
- deps: compression@~1.2.1
- deps: errorhandler@~1.2.3
- deps: express-session@~1.9.2
- deps: qs@2 .3.3
- deps: serve-favicon@~2.1.7
- deps: serve-static@~1.5.1
- deps: type-is@~1.5.3
2014-11-23 14:58:22 -05:00
* deps: etag@~1.5.1
2014-11-23 15:34:57 -05:00
* deps: proxy-addr@~1.0.4
- deps: ipaddr.js@0 .1.5
2014-11-23 14:53:23 -05:00
2014-11-09 18:35:34 -05:00
3.18.3 / 2014-11-09
===================
2014-11-09 18:32:43 -05:00
* deps: connect@2 .27.3
- Correctly invoke async callback asynchronously
- deps: csurf@~1.6.3
2014-10-29 01:10:45 -04:00
3.18.2 / 2014-10-28
===================
2014-10-29 01:08:36 -04:00
* deps: connect@2 .27.2
- Fix handling of URLs containing `://` in the path
- deps: body-parser@~1.9.2
- deps: qs@2 .3.2
2014-10-23 01:26:21 -04:00
3.18.1 / 2014-10-22
===================
2014-10-22 15:18:10 -04:00
* Fix internal `utils.merge` deprecation warnings
2014-10-23 01:23:54 -04:00
* deps: connect@2 .27.1
- deps: body-parser@~1.9.1
- deps: express-session@~1.9.1
- deps: finalhandler@0 .3.2
- deps: morgan@~1.4.1
- deps: qs@2 .3.0
- deps: serve-static@~1.7.1
2014-10-23 01:25:07 -04:00
* deps: send@0 .10.1
- deps: on-finished@~2.1.1
2014-10-22 15:18:10 -04:00
2014-10-18 00:57:48 -04:00
3.18.0 / 2014-10-17
===================
2014-10-17 20:42:12 -04:00
2014-10-17 21:08:05 -04:00
* Use `content-disposition` module for `res.attachment` /`res.download`
- Sends standards-compliant `Content-Disposition` header
- Full Unicode support
2014-10-18 00:53:17 -04:00
* Use `etag` module to generate `ETag` headers
2014-10-17 20:42:12 -04:00
* deps: connect@2 .27.0
- Use `http-errors` module for creating errors
- Use `utils-merge` module for merging objects
- deps: body-parser@~1.9.0
- deps: compression@~1.2.0
- deps: connect-timeout@~1.4.0
- deps: debug@~2.1.0
- deps: depd@~1.0.0
- deps: express-session@~1.9.0
- deps: finalhandler@0 .3.1
- deps: method-override@~2.3.0
- deps: morgan@~1.4.0
- deps: response-time@~2.2.0
- deps: serve-favicon@~2.1.6
- deps: serve-index@~1.5.0
- deps: serve-static@~1.7.0
2014-10-17 20:43:23 -04:00
* deps: debug@~2.1.0
- Implement `DEBUG_FD` env variable support
2014-10-17 20:44:07 -04:00
* deps: depd@~1.0.0
2014-10-17 20:45:09 -04:00
* deps: send@0 .10.0
- deps: debug@~2.1.0
- deps: depd@~1.0.0
- deps: etag@~1.5.0
2014-10-17 20:42:12 -04:00
2014-10-16 00:29:56 -04:00
3.17.8 / 2014-10-15
===================
2014-10-16 00:24:28 -04:00
* deps: connect@2 .26.6
- deps: compression@~1.1.2
- deps: csurf@~1.6.2
- deps: errorhandler@~1.2.2
2014-10-08 17:00:45 -04:00
3.17.7 / 2014-10-08
===================
2014-10-08 16:43:02 -04:00
* deps: connect@2 .26.5
- Fix accepting non-object arguments to `logger`
- deps: serve-static@~1.6.4
2014-10-02 23:29:40 -04:00
3.17.6 / 2014-10-02
===================
2014-10-02 23:27:41 -04:00
* deps: connect@2 .26.4
- deps: morgan@~1.3.2
- deps: type-is@~1.5.2
2014-09-24 19:38:35 -04:00
3.17.5 / 2014-09-24
===================
2014-09-24 19:12:43 -04:00
* deps: connect@2 .26.3
- deps: body-parser@~1.8.4
- deps: serve-favicon@~2.1.5
- deps: serve-static@~1.6.3
2014-09-24 19:14:33 -04:00
* deps: proxy-addr@~1.0.3
- Use `forwarded` npm module
2014-09-24 19:15:46 -04:00
* deps: send@0 .9.3
- deps: etag@~1.4.0
2014-09-24 19:12:43 -04:00
2014-09-19 22:57:07 -07:00
3.17.4 / 2014-09-19
===================
2014-09-19 22:54:39 -07:00
* deps: connect@2 .26.2
- deps: body-parser@~1.8.3
- deps: qs@2 .2.4
2014-09-18 10:38:31 -07:00
3.17.3 / 2014-09-18
===================
2014-09-18 10:36:21 -07:00
* deps: proxy-addr@~1.0.2
- Fix a global leak when multiple subnets are trusted
- deps: ipaddr.js@0 .1.3
2014-09-16 00:14:41 -07:00
3.17.2 / 2014-09-15
===================
2014-09-15 23:56:36 -07:00
2014-09-16 00:11:08 -07:00
* Use `crc` instead of `buffer-crc32` for speed
2014-09-15 23:56:36 -07:00
* deps: connect@2 .26.1
- deps: body-parser@~1.8.2
- deps: depd@0 .4.5
- deps: express-session@~1.8.2
- deps: morgan@~1.3.1
- deps: serve-favicon@~2.1.3
- deps: serve-static@~1.6.2
2014-09-15 23:57:41 -07:00
* deps: depd@0 .4.5
2014-09-15 23:59:02 -07:00
* deps: send@0 .9.2
- deps: depd@0 .4.5
- deps: etag@~1.3.1
- deps: range-parser@~1.0.2
2014-09-15 23:56:36 -07:00
2014-09-08 23:45:38 -04:00
3.17.1 / 2014-09-08
===================
2014-09-08 23:45:34 -04:00
* Fix error in `req.subdomains` on empty host
2014-09-08 23:07:02 -04:00
3.17.0 / 2014-09-08
===================
2014-09-08 21:09:22 -04:00
2014-09-08 23:48:59 -04:00
* Support `X-Forwarded-Host` in `req.subdomains`
2014-09-08 23:03:48 -04:00
* Support IP address host in `req.subdomains`
2014-09-08 21:09:22 -04:00
* deps: connect@2 .26.0
- deps: body-parser@~1.8.1
- deps: compression@~1.1.0
- deps: connect-timeout@~1.3.0
- deps: cookie-parser@~1.3.3
- deps: cookie-signature@1 .0.5
- deps: csurf@~1.6.1
- deps: debug@~2.0.0
- deps: errorhandler@~1.2.0
- deps: express-session@~1.8.1
- deps: finalhandler@0 .2.0
- deps: fresh@0 .2.4
- deps: media-typer@0 .3.0
- deps: method-override@~2.2.0
- deps: morgan@~1.3.0
- deps: qs@2 .2.3
- deps: serve-favicon@~2.1.3
- deps: serve-index@~1.2.1
- deps: serve-static@~1.6.1
- deps: type-is@~1.5.1
- deps: vhost@~3.0.0
2014-09-08 21:17:03 -04:00
* deps: cookie-signature@1 .0.5
2014-09-08 21:11:41 -04:00
* deps: debug@~2.0.0
2014-09-08 21:14:27 -04:00
* deps: fresh@0 .2.4
2014-09-08 21:10:57 -04:00
* deps: media-typer@0 .3.0
- Throw error when parameter format invalid on parse
2014-09-08 22:47:54 -04:00
* deps: range-parser@~1.0.2
2014-09-08 21:13:20 -04:00
* deps: send@0 .9.1
- Add `lastModified` option
- Use `etag` to generate `ETag` header
- deps: debug@~2.0.0
- deps: fresh@0 .2.4
2014-09-08 21:18:28 -04:00
* deps: vary@~1.0.0
- Accept valid `Vary` header string as `field`
2014-09-08 21:09:22 -04:00
2014-09-05 02:17:55 -04:00
3.16.10 / 2014-09-04
====================
2014-09-05 01:55:24 -04:00
* deps: connect@2 .25.10
- deps: serve-static@~1.5.4
2014-09-05 01:56:27 -04:00
* deps: send@0 .8.5
- Fix a path traversal issue when using `root`
- Fix malicious path detection for empty string path
2014-09-05 01:55:24 -04:00
2014-08-30 01:22:06 -04:00
3.16.9 / 2014-08-29
===================
2014-08-30 01:19:53 -04:00
* deps: connect@2 .25.9
- deps: body-parser@~1.6.7
- deps: qs@2 .2.2
2014-08-27 21:09:18 -04:00
3.16.8 / 2014-08-27
===================
2014-08-27 21:04:41 -04:00
* deps: connect@2 .25.8
- deps: body-parser@~1.6.6
- deps: csurf@~1.4.1
- deps: qs@2 .2.0
2014-08-18 22:45:17 -04:00
3.16.7 / 2014-08-18
===================
2014-08-18 21:41:14 -04:00
* deps: connect@2 .25.7
- deps: body-parser@~1.6.5
- deps: express-session@~1.7.6
- deps: morgan@~1.2.3
- deps: serve-static@~1.5.3
2014-08-18 21:57:29 -04:00
* deps: send@0 .8.3
- deps: destroy@1 .0.3
- deps: on-finished@2 .1.0
2014-08-18 21:41:14 -04:00
2014-08-14 23:53:32 -04:00
3.16.6 / 2014-08-14
===================
2014-08-14 23:49:39 -04:00
* deps: connect@2 .25.6
- deps: body-parser@~1.6.4
- deps: qs@1 .2.2
- deps: serve-static@~1.5.2
2014-08-14 23:50:31 -04:00
* deps: send@0 .8.2
- Work around `fd` leak in Node.js 0.10 for `fs.ReadStream`
2014-08-14 23:49:39 -04:00
2014-08-11 22:30:09 -04:00
3.16.5 / 2014-08-11
===================
2014-08-11 22:29:35 -04:00
* deps: connect@2 .25.5
- Fix backwards compatibility in `logger`
2014-08-10 22:22:58 -04:00
3.16.4 / 2014-08-10
===================
2014-08-10 22:18:12 -04:00
2014-08-10 22:20:54 -04:00
* Fix original URL parsing in `res.location`
2014-08-10 22:18:12 -04:00
* deps: connect@2 .25.4
- Fix `query` middleware breaking with argument
- deps: body-parser@~1.6.3
- deps: compression@~1.0.11
- deps: connect-timeout@~1.2.2
- deps: express-session@~1.7.5
- deps: method-override@~2.1.3
- deps: on-headers@~1.0.0
- deps: parseurl@~1.3.0
- deps: qs@1 .2.1
- deps: response-time@~2.0.1
- deps: serve-index@~1.1.6
- deps: serve-static@~1.5.1
2014-08-10 22:19:10 -04:00
* deps: parseurl@~1.3.0
2014-08-10 22:18:12 -04:00
2014-08-07 22:32:16 -04:00
3.16.3 / 2014-08-07
===================
2014-08-07 22:31:53 -04:00
* deps: connect@2 .25.3
- deps: multiparty@3 .3.2
2014-08-07 11:59:54 -04:00
3.16.2 / 2014-08-07
===================
2014-08-07 11:53:40 -04:00
* deps: connect@2 .25.2
- deps: body-parser@~1.6.2
- deps: qs@1 .2.0
2014-08-06 18:07:31 -04:00
3.16.1 / 2014-08-06
===================
2014-08-06 18:05:50 -04:00
* deps: connect@2 .25.1
- deps: body-parser@~1.6.1
- deps: qs@1 .1.0
2014-08-06 01:40:46 -04:00
3.16.0 / 2014-08-05
===================
2014-08-06 01:35:00 -04:00
* deps: connect@2 .25.0
- deps: body-parser@~1.6.0
- deps: compression@~1.0.10
- deps: csurf@~1.4.0
- deps: express-session@~1.7.4
- deps: qs@1 .0.2
- deps: serve-static@~1.5.0
2014-08-06 01:37:13 -04:00
* deps: send@0 .8.1
- Add `extensions` option
2014-08-06 01:35:00 -04:00
2014-08-04 17:31:52 -04:00
3.15.3 / 2014-08-04
===================
2014-08-04 17:26:43 -04:00
2014-08-04 17:09:48 -04:00
* fix `res.sendfile` regression for serving directory index files
2014-08-04 17:26:43 -04:00
* deps: connect@2 .24.3
- deps: serve-index@~1.1.5
- deps: serve-static@~1.4.4
2014-08-04 17:09:48 -04:00
* deps: send@0 .7.4
- Fix incorrect 403 on Windows and Node.js 0.11
- Fix serving index files without root dir
2014-08-04 17:26:43 -04:00
2014-07-27 15:53:45 -04:00
3.15.2 / 2014-07-27
===================
2014-07-27 15:40:19 -04:00
* deps: connect@2 .24.2
- deps: body-parser@~1.5.2
- deps: depd@0 .4.4
- deps: express-session@~1.7.2
- deps: morgan@~1.2.2
- deps: serve-static@~1.4.2
2014-07-27 15:41:19 -04:00
* deps: depd@0 .4.4
- Work-around v8 generating empty stack traces
2014-07-27 15:41:54 -04:00
* deps: send@0 .7.2
- deps: depd@0 .4.4
2014-07-27 15:40:19 -04:00
2014-07-26 17:42:18 -04:00
3.15.1 / 2014-07-26
===================
2014-07-26 17:30:13 -04:00
* deps: connect@2 .24.1
2014-07-27 15:40:19 -04:00
- deps: body-parser@~1.5.1
2014-07-26 17:30:13 -04:00
- deps: depd@0 .4.3
- deps: express-session@~1.7.1
- deps: morgan@~1.2.1
- deps: serve-index@~1.1.4
- deps: serve-static@~1.4.1
2014-07-26 17:31:22 -04:00
* deps: depd@0 .4.3
- Fix exception when global `Error.stackTraceLimit` is too low
2014-07-26 17:34:29 -04:00
* deps: send@0 .7.1
- deps: depd@0 .4.3
2014-07-26 17:30:13 -04:00
2014-07-23 00:53:19 -04:00
3.15.0 / 2014-07-22
===================
2014-07-18 14:18:35 -04:00
2014-07-18 11:33:16 -04:00
* Fix `req.protocol` for proxy-direct connections
2014-07-23 00:08:15 -04:00
* Pass options from `res.sendfile` to `send`
2014-07-22 23:50:36 -04:00
* deps: connect@2 .24.0
- deps: body-parser@~1.5.0
- deps: compression@~1.0.9
- deps: connect-timeout@~1.2.1
- deps: debug@1 .0.4
- deps: depd@0 .4.2
- deps: express-session@~1.7.0
- deps: finalhandler@0 .1.0
- deps: method-override@~2.1.2
- deps: morgan@~1.2.0
- deps: multiparty@3 .3.1
- deps: parseurl@~1.2.0
- deps: serve-static@~1.4.0
2014-07-18 14:18:35 -04:00
* deps: debug@1 .0.4
2014-07-22 23:52:44 -04:00
* deps: depd@0 .4.2
- Add `TRACE_DEPRECATION` environment variable
- Remove non-standard grey color from color output
- Support `--no-deprecation` argument
- Support `--trace-deprecation` argument
2014-07-22 23:53:50 -04:00
* deps: parseurl@~1.2.0
- Cache URLs based on original value
- Remove no-longer-needed URL mis-parse work-around
- Simplify the "fast-path" `RegExp`
2014-07-22 23:55:17 -04:00
* deps: send@0 .7.0
- Add `dotfiles` option
- Cap `maxAge` value to 1 year
- deps: debug@1 .0.4
- deps: depd@0 .4.2
2014-07-18 14:18:35 -04:00
2014-07-11 13:11:31 -04:00
3.14.0 / 2014-07-11
===================
2014-07-10 22:56:31 -04:00
2014-07-11 00:05:33 -04:00
* add explicit "Rosetta Flash JSONP abuse" protection
- previous versions are not vulnerable; this is just explicit protection
2014-07-10 01:15:40 -04:00
* deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead
2014-07-10 11:44:47 +08:00
* fix `res.send(status, num)` to send `num` as json (not error)
2014-07-11 00:20:11 -04:00
* remove unnecessary escaping when `res.jsonp` returns JSON response
2014-07-10 23:07:45 -04:00
* deps: basic-auth@1 .0.0
- support empty password
- support empty username
2014-07-10 22:56:31 -04:00
* deps: connect@2 .23.0
- deps: debug@1 .0.3
- deps: express-session@~1.6.4
- deps: method-override@~2.1.0
- deps: parseurl@~1.1.3
- deps: serve-static@~1.3.1
2014-07-10 23:02:24 -04:00
* deps: debug@1 .0.3
- Add support for multiple wildcards in namespaces
2014-07-10 23:06:15 -04:00
* deps: methods@1 .1.0
- add `CONNECT`
2014-07-10 23:03:26 -04:00
* deps: parseurl@~1.1.3
- faster parsing of href-only URLs
2014-07-10 22:56:31 -04:00
2014-07-04 00:40:01 -04:00
3.13.0 / 2014-07-03
===================
2014-07-03 11:18:35 -04:00
2014-07-03 14:13:39 -04:00
* add deprecation message to `app.configure`
2014-07-04 00:24:01 -04:00
* add deprecation message to `req.auth`
* use `basic-auth` to parse `Authorization` header
2014-07-03 23:09:44 -04:00
* deps: connect@2 .22.0
- deps: csurf@~1.3.0
- deps: express-session@~1.6.1
- deps: multiparty@3 .3.0
- deps: serve-static@~1.3.0
2014-07-03 11:18:35 -04:00
* deps: send@0 .5.0
- Accept string for `maxage` (converted by `ms` )
- Include link in default redirect response
2014-06-26 18:35:54 -04:00
3.12.1 / 2014-06-26
===================
2014-06-26 18:25:48 -04:00
* deps: connect@2 .21.1
- deps: cookie-parser@1 .3.2
- deps: cookie-signature@1 .0.4
- deps: express-session@~1.5.2
- deps: type-is@~1.3.2
2014-06-26 18:26:34 -04:00
* deps: cookie-signature@1 .0.4
- fix for timing attacks
2014-06-26 18:25:48 -04:00
2014-06-21 21:57:02 -04:00
3.12.0 / 2014-06-21
===================
2014-06-21 17:25:50 -04:00
2014-06-21 19:32:18 -04:00
* use `media-typer` to alter content-type charset
2014-06-21 17:25:50 -04:00
* deps: connect@2 .21.0
- deprecate `connect(middleware)` -- use `app.use(middleware)` instead
- deprecate `connect.createServer()` -- use `connect()` instead
2023-02-23 11:36:40 +05:30
- fix `res.setHeader()` patch to work with get -> append -> set pattern
2014-06-21 17:25:50 -04:00
- deps: compression@~1.0.8
- deps: errorhandler@~1.1.1
- deps: express-session@~1.5.0
- deps: serve-index@~1.1.3
2014-06-19 23:36:00 -04:00
3.11.0 / 2014-06-19
===================
2014-06-19 22:55:21 -04:00
2014-06-19 23:33:56 -04:00
* deprecate things with `depd` module
2014-06-19 22:55:21 -04:00
* deps: buffer-crc32@0 .2.3
2014-06-19 23:24:07 -04:00
* deps: connect@2 .20.2
2014-07-26 17:33:12 -04:00
- deprecate `verify` option to `json` -- use `body-parser` npm module instead
- deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead
2014-06-19 23:24:07 -04:00
- deprecate things with `depd` module
- use `finalhandler` for final response handling
- use `media-typer` to parse `content-type` for charset
- deps: body-parser@1 .4.3
- deps: connect-timeout@1 .1.1
- deps: cookie-parser@1 .3.1
- deps: csurf@1 .2.2
- deps: errorhandler@1 .1.0
- deps: express-session@1 .4.0
- deps: multiparty@3 .2.9
- deps: serve-index@1 .1.2
- deps: type-is@1 .3.1
- deps: vhost@2 .0.0
2014-06-19 22:55:21 -04:00
2014-06-12 00:28:08 -04:00
3.10.5 / 2014-06-11
===================
2014-06-12 00:20:30 -04:00
* deps: connect@2 .19.6
- deps: body-parser@1 .3.1
- deps: compression@1 .0.7
- deps: debug@1 .0.2
- deps: serve-index@1 .1.1
- deps: serve-static@1 .2.3
2014-06-12 00:23:15 -04:00
* deps: debug@1 .0.2
2014-06-12 00:24:21 -04:00
* deps: send@0 .4.3
2018-11-26 20:00:47 -07:00
- Do not throw uncatchable error on file open race condition
2014-06-12 00:24:21 -04:00
- Use `escape-html` for HTML escaping
- deps: debug@1 .0.2
- deps: finished@1 .2.2
- deps: fresh@0 .2.2
2014-06-12 00:20:30 -04:00
2014-06-09 18:53:52 -04:00
3.10.4 / 2014-06-09
===================
2014-06-09 18:50:00 -04:00
* deps: connect@2 .19.5
- fix "event emitter leak" warnings
- deps: csurf@1 .2.1
- deps: debug@1 .0.1
- deps: serve-static@1 .2.2
- deps: type-is@1 .2.1
2014-06-09 18:50:36 -04:00
* deps: debug@1 .0.1
2014-06-09 18:51:55 -04:00
* deps: send@0 .4.2
- fix "event emitter leak" warnings
- deps: finished@1 .2.1
- deps: debug@1 .0.1
2014-06-09 18:50:00 -04:00
2014-06-05 23:38:58 -04:00
3.10.3 / 2014-06-05
===================
2014-06-05 16:10:58 -07:00
* use `vary` module for `res.vary`
2014-06-05 23:37:22 -04:00
* deps: connect@2 .19.4
- deps: errorhandler@1 .0.2
- deps: method-override@2 .0.2
- deps: serve-favicon@2 .0.1
2014-06-05 19:34:05 -04:00
* deps: debug@1 .0.0
2014-06-05 16:10:58 -07:00
2014-06-03 21:35:34 -04:00
3.10.2 / 2014-06-03
===================
2014-06-03 21:33:55 -04:00
* deps: connect@2 .19.3
- deps: compression@1 .0.6
2014-06-03 16:45:09 -04:00
3.10.1 / 2014-06-03
===================
2014-06-03 16:42:49 -04:00
2014-06-03 16:44:29 -04:00
* deps: connect@2 .19.2
- deps: compression@1 .0.4
2014-06-03 16:42:49 -04:00
* deps: proxy-addr@1 .0.1
2014-06-03 00:40:27 -04:00
3.10.0 / 2014-06-02
===================
2014-06-02 19:19:56 -04:00
2014-06-03 00:37:57 -04:00
* deps: connect@2 .19.1
2014-07-26 17:33:12 -04:00
- deprecate `methodOverride()` -- use `method-override` npm module instead
2014-06-03 00:37:57 -04:00
- deps: body-parser@1 .3.0
- deps: method-override@2 .0.1
- deps: multiparty@3 .2.8
- deps: response-time@2 .0.0
- deps: serve-static@1 .2.1
2014-06-02 19:19:56 -04:00
* deps: methods@1 .0.1
2014-06-02 20:49:11 -04:00
* deps: send@0 .4.1
- Send `max-age` in `Cache-Control` in correct format
2014-06-02 19:19:56 -04:00
2014-05-30 21:35:12 -04:00
3.9.0 / 2014-05-30
==================
2014-04-28 10:54:51 +01:00
2014-05-30 21:02:21 -04:00
* custom etag control with `app.set('etag', val)`
- `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation
- `app.set('etag', 'weak')` weak tag
- `app.set('etag', 'strong')` strong etag
- `app.set('etag', false)` turn off
- `app.set('etag', true)` standard etag
2014-04-28 10:54:51 +01:00
* Include ETag in HEAD requests
2014-05-29 23:10:25 -04:00
* mark `res.send` ETag as weak and reduce collisions
2014-05-29 22:18:38 -04:00
* update connect to 2.18.0
- deps: compression@1 .0.3
- deps: serve-index@1 .1.0
- deps: serve-static@1 .2.0
2014-05-29 22:31:29 -04:00
* update send to 0.4.0
- Calculate ETag with md5 for reduced collisions
- Ignore stream errors after request ends
- deps: debug@0 .8.1
2014-04-28 10:54:51 +01:00
2014-05-27 23:43:13 -04:00
3.8.1 / 2014-05-27
==================
2014-05-27 23:02:27 -04:00
* update connect to 2.17.3
- deps: body-parser@1 .2.2
- deps: express-session@1 .2.1
- deps: method-override@1 .0.2
2014-05-21 01:52:14 -04:00
3.8.0 / 2014-05-21
==================
2014-05-20 21:20:56 -04:00
2014-05-02 15:33:09 -03:00
* keep previous `Content-Type` for `res.jsonp`
2014-05-08 23:27:21 -04:00
* set proper `charset` in `Content-Type` for `res.send`
2014-05-21 00:55:10 -04:00
* update connect to 2.17.1
- fix `res.charset` appending charset when `content-type` has one
2014-05-20 21:20:56 -04:00
- deps: express-session@1 .2.0
- deps: morgan@1 .1.1
- deps: serve-index@1 .0.3
2014-05-18 10:40:13 -04:00
3.7.0 / 2014-05-18
==================
2014-05-17 14:30:52 -04:00
2014-05-09 00:53:47 -04:00
* proper proxy trust with `app.set('trust proxy', trust)`
- `app.set('trust proxy', 1)` trust first hop
- `app.set('trust proxy', 'loopback')` trust loopback addresses
- `app.set('trust proxy', '10.0.0.1')` trust single IP
- `app.set('trust proxy', '10.0.0.1/16')` trust subnet
- `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list
- `app.set('trust proxy', false)` turn off
- `app.set('trust proxy', true)` trust everything
2014-05-18 01:30:44 -04:00
* update connect to 2.16.2
2014-05-17 14:30:52 -04:00
- deprecate `res.headerSent` -- use `res.headersSent`
- deprecate `res.on("header")` -- use on-headers module instead
2014-05-18 01:30:44 -04:00
- fix edge-case in `res.appendHeader` that would append in wrong order
2014-05-17 14:30:52 -04:00
- json: use body-parser
- urlencoded: use body-parser
- dep: bytes@1 .0.0
- dep: cookie-parser@1 .1.0
- dep: csurf@1 .2.0
- dep: express-session@1 .1.0
2014-05-18 01:30:44 -04:00
- dep: method-override@1 .0.1
2014-05-17 14:30:52 -04:00
2014-05-09 17:03:23 -04:00
3.6.0 / 2014-05-09
==================
2014-05-05 00:42:30 -04:00
2014-05-08 19:16:15 -04:00
* deprecate `app.del()` -- use `app.delete()` instead
2014-05-08 20:30:12 -04:00
* deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead
- the edge-case `res.json(status, num)` requires `res.status(status).json(num)`
* deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead
- the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)`
2014-05-09 10:19:20 -04:00
* support PURGE method
- add `app.purge`
- add `router.purge`
- include PURGE in `app.all`
2014-05-05 00:42:30 -04:00
* update connect to 2.15.0
* Add `res.appendHeader`
* Call error stack even when response has been sent
* Patch `res.headerSent` to return Boolean
* Patch `res.headersSent` for node.js 0.8
* Prevent default 404 handler after response sent
* dep: compression@1 .0.2
* dep: connect-timeout@1 .1.0
* dep: debug@^0.8.0
* dep: errorhandler@1 .0.1
* dep: express-session@1 .0.4
* dep: morgan@1 .0.1
* dep: serve-favicon@2 .0.0
* dep: serve-index@1 .0.2
* update debug to 0.8.0
* add `enable()` method
* change from stderr to stdout
2014-05-09 10:19:20 -04:00
* update methods to 1.0.0
- add PURGE
2014-05-08 16:25:06 -04:00
* update mkdirp to 0.5.0
2014-05-05 00:42:30 -04:00
2014-05-08 13:51:26 -04:00
3.5.3 / 2014-05-08
==================
2014-05-07 14:07:59 -04:00
* fix `req.host` for IPv6 literals
2014-05-08 13:42:19 -04:00
* fix `res.jsonp` error if callback param is object
2014-05-07 14:07:59 -04:00
2014-04-24 16:36:37 -04:00
3.5.2 / 2014-04-24
2014-01-13 20:50:51 -08:00
==================
2014-04-24 16:36:37 -04:00
* update connect to 2.14.5
* update cookie to 0.1.2
* update mkdirp to 0.4.0
* update send to 0.3.0
3.5.1 / 2014-03-25
==================
* pin less-middleware in generated app
2014-01-13 20:50:51 -08:00
2014-03-06 14:59:36 -08:00
3.5.0 / 2014-03-06
==================
* bump deps
3.4.8 / 2014-01-13
==================
* prevent incorrect automatic OPTIONS responses #1868 @dpatti
* update binary and examples for jade 1.0 #1876 @yossi , #1877 @reqshark , #1892 @matheusazzi
* throw 400 in case of malformed paths @rlidwka
2013-12-10 23:57:39 -08:00
3.4.7 / 2013-12-10
==================
* update connect
2013-12-01 12:21:08 -08:00
3.4.6 / 2013-12-01
==================
* update connect (raw-body)
2013-11-27 15:54:41 -08:00
3.4.5 / 2013-11-27
==================
* update connect
* res.location: remove leading ./ #1802 @kapouer
* res.redirect: fix `res.redirect('toString') #1829 @michaelficarra
* res.send: always send ETag when content-length > 0
* router: add Router.all() method
2013-10-29 10:33:32 -07:00
3.4.4 / 2013-10-29
==================
* update connect
* update supertest
* update methods
* express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04
2013-10-25 14:28:24 +02:00
3.4.3 / 2013-10-23
2013-10-29 10:33:32 -07:00
==================
2013-10-23 11:19:48 -07:00
* update connect
2013-10-18 19:02:21 -07:00
3.4.2 / 2013-10-18
==================
2013-10-23 11:19:48 -07:00
2013-10-18 19:02:21 -07:00
* update connect
* downgrade commander
2013-10-15 18:28:49 -07:00
3.4.1 / 2013-10-15
==================
2013-10-23 11:19:48 -07:00
2013-10-15 18:28:49 -07:00
* update connect
* update commander
* jsonp: check if callback is a function
* router: wrap encodeURIComponent in a try/catch #1735 (@lxe )
2015-06-17 01:24:21 -04:00
* res.format: now includes charset @1747 (@sorribas )
2013-10-15 18:28:49 -07:00
* res.links: allow multiple calls @1746 (@sorribas )
2010-07-30 10:16:30 -07:00
2013-10-15 18:28:49 -07:00
3.4.0 / 2013-09-07
2013-09-07 12:25:00 -07:00
==================
* add res.vary(). Closes #1682
* update connect
2013-10-15 18:28:49 -07:00
3.3.8 / 2013-09-02
2013-09-02 08:01:07 -07:00
==================
* update connect
2013-10-15 18:28:49 -07:00
3.3.7 / 2013-08-28
2013-08-28 09:39:31 -07:00
==================
* update connect
2013-10-15 18:28:49 -07:00
3.3.6 / 2013-08-27
2013-08-27 13:49:09 -07:00
==================
* Revert "remove charset from json responses. Closes #1631 " (causes issues in some clients)
* add: req.accepts take an argument list
2013-10-15 18:28:49 -07:00
3.3.4 / 2013-07-08
2013-07-08 14:42:45 -07:00
==================
* update send and connect
2013-10-15 18:28:49 -07:00
3.3.3 / 2013-07-04
2013-07-04 07:37:17 -07:00
==================
* update connect
2013-10-15 18:28:49 -07:00
3.3.2 / 2013-07-03
2013-07-03 11:25:54 -07:00
==================
* update connect
* update send
* remove .version export
2013-10-15 18:28:49 -07:00
3.3.1 / 2013-06-27
2013-06-27 08:32:37 -07:00
==================
* update connect
2013-10-15 18:28:49 -07:00
3.3.0 / 2013-06-26
2013-06-26 10:07:34 -07:00
==================
* update connect
* add support for multiple X-Forwarded-Proto values. Closes #1646
* change: remove charset from json responses. Closes #1631
* change: return actual booleans from req.accept* functions
* fix jsonp callback array throw
2013-10-15 18:28:49 -07:00
3.2.6 / 2013-06-02
2013-06-02 17:15:39 -07:00
==================
* update connect
2013-10-15 18:28:49 -07:00
3.2.5 / 2013-05-21
2013-05-21 21:01:24 -07:00
==================
* update connect
* update node-cookie
* add: throw a meaningful error when there is no default engine
* change generation of ETags with res.send() to GET requests only. Closes #1619
2013-10-15 18:28:49 -07:00
3.2.4 / 2013-05-09
2013-05-09 09:17:48 -07:00
==================
2013-10-15 18:28:49 -07:00
2013-05-09 09:17:48 -07:00
* fix `req.subdomains` when no Host is present
* fix `req.host` when no Host is present, return undefined
2013-10-15 18:28:49 -07:00
3.2.3 / 2013-05-07
2013-05-07 07:55:06 -07:00
==================
* update connect / qs
2013-10-15 18:28:49 -07:00
3.2.2 / 2013-05-03
2013-05-03 12:54:52 -07:00
==================
* update qs
2013-10-15 18:28:49 -07:00
3.2.1 / 2013-04-29
2013-04-29 19:17:08 -07:00
==================
* add app.VERB() paths array deprecation warning
* update connect
* update qs and remove all ~ semver crap
* fix: accept number as value of Signed Cookie
2013-10-15 18:28:49 -07:00
3.2.0 / 2013-04-15
2013-04-15 12:34:41 -07:00
==================
* add "view" constructor setting to override view behaviour
* add req.acceptsEncoding(name)
* add req.acceptedEncodings
* revert cookie signature change causing session race conditions
2013-10-15 18:28:49 -07:00
* fix sorting of Accept values of the same quality
2013-04-15 12:34:41 -07:00
2013-10-15 18:28:49 -07:00
3.1.2 / 2013-04-12
2013-04-12 12:14:02 -07:00
==================
* add support for custom Accept parameters
* update cookie-signature
2013-10-15 18:28:49 -07:00
3.1.1 / 2013-04-01
2013-04-01 11:25:58 -07:00
==================
* add X-Forwarded-Host support to `req.host`
2013-10-15 18:28:49 -07:00
* fix relative redirects
* update mkdirp
2013-04-01 11:25:58 -07:00
* update buffer-crc32
* remove legacy app.configure() method from app template.
2013-01-25 20:28:58 -08:00
3.1.0 / 2013-01-25
==================
* add support for leading "." in "view engine" setting
* add array support to `res.set()`
* add node 0.8.x to travis.yml
* add "subdomain offset" setting for tweaking `req.subdomains`
* add `res.location(url)` implementing `res.redirect()` -like setting of Location
* use app.get() for x-powered-by setting for inheritance
* fix colons in passwords for `req.auth`
2013-01-04 18:52:04 -08:00
3.0.6 / 2013-01-04
==================
* add http verb methods to Router
* update connect
* fix mangling of the `res.cookie()` options object
* fix jsonp whitespace escape. Closes #1132
3.0.5 / 2012-12-19
2012-12-19 13:46:16 -08:00
==================
* add throwing when a non-function is passed to a route
* fix: explicitly remove Transfer-Encoding header from 204 and 304 responses
* revert "add 'etag' option"
2013-01-04 18:52:04 -08:00
3.0.4 / 2012-12-05
2012-12-05 17:10:59 -08:00
==================
* add 'etag' option to disable `res.send()` Etags
* add escaping of urls in text/plain in `res.redirect()`
for old browsers interpreting as html
* change crc32 module for a more liberal license
* update connect
2013-01-04 18:52:04 -08:00
3.0.3 / 2012-11-13
2012-11-13 09:14:13 -08:00
==================
* update connect
* update cookie module
* fix cookie max-age
2013-01-04 18:52:04 -08:00
3.0.2 / 2012-11-08
2012-11-08 09:15:59 -08:00
==================
* add OPTIONS to cors example. Closes #1398
* fix route chaining regression. Closes #1397
2013-01-04 18:52:04 -08:00
3.0.1 / 2012-11-01
2012-11-01 17:27:53 -07:00
==================
* update connect
2013-01-04 18:52:04 -08:00
3.0.0 / 2012-10-23
2012-10-23 15:29:20 -07:00
==================
* add `make clean`
* add "Basic" check to req.auth
* add `req.auth` test coverage
* add cb && cb(payload) to `res.jsonp()` . Closes #1374
* add backwards compat for `res.redirect()` status. Closes #1336
* add support for `res.json()` to retain previously defined Content-Types. Closes #1349
* update connect
* change `res.redirect()` to utilize a pathname-relative Location again. Closes #1382
* remove non-primitive string support for `res.send()`
* fix view-locals example. Closes #1370
* fix route-separation example
2013-01-04 18:52:04 -08:00
3.0.0rc5 / 2012-09-18
2012-09-18 11:48:20 -07:00
==================
* update connect
* add redis search example
* add static-files example
* add "x-powered-by" setting (`app.disable('x-powered-by')` )
* add "application/octet-stream" redirect Accept test case. Closes #1317
2013-01-04 18:52:04 -08:00
3.0.0rc4 / 2012-08-30
2012-08-30 22:13:38 -07:00
==================
* add `res.jsonp()` . Closes #1307
* add "verbose errors" option to error-pages example
* add another route example to express(1) so people are not so confused
* add redis online user activity tracking example
* update connect dep
* fix etag quoting. Closes #1310
* fix error-pages 404 status
* fix jsonp callback char restrictions
* remove old OPTIONS default response
2013-01-04 18:52:04 -08:00
3.0.0rc3 / 2012-08-13
2012-08-13 20:23:59 -07:00
==================
* update connect dep
* fix signed cookies to work with `connect.cookieParser()` ("s:" prefix was missing) [tnydwrds]
* fix `res.render()` clobbering of "locals"
2013-01-04 18:52:04 -08:00
3.0.0rc2 / 2012-08-03
2012-08-03 13:32:53 -07:00
==================
* add CORS example
* update connect dep
* deprecate `.createServer()` & remove old stale examples
* fix: escape `res.redirect()` link
* fix vhost example
2013-01-04 18:52:04 -08:00
3.0.0rc1 / 2012-07-24
2012-07-24 13:32:49 -07:00
==================
* add more examples to view-locals
* add scheme-relative redirects (`res.redirect("//foo.com")` ) support
* update cookie dep
* update connect dep
* update send dep
* fix `express(1)` -h flag, use -H for hogan. Closes #1245
* fix `res.sendfile()` socket error handling regression
2013-01-04 18:52:04 -08:00
3.0.0beta7 / 2012-07-16
2012-07-16 09:25:03 -07:00
==================
* update connect dep for `send()` root normalization regression
2013-01-04 18:52:04 -08:00
3.0.0beta6 / 2012-07-13
2012-07-13 09:19:24 -07:00
==================
* add `err.view` property for view errors. Closes #1226
* add "jsonp callback name" setting
* add support for "/foo/:bar*" non-greedy matches
* change `res.sendfile()` to use `send()` module
* change `res.send` to use "response-send" module
* remove `app.locals.use` and `res.locals.use` , use regular middleware
2013-01-04 18:52:04 -08:00
3.0.0beta5 / 2012-07-03
2012-07-03 10:20:19 -07:00
==================
* add "make check" support
* add route-map example
* add `res.json(obj, status)` support back for BC
* add "methods" dep, remove internal methods module
* update connect dep
* update auth example to utilize cores pbkdf2
* updated tests to use "supertest"
2013-01-04 18:52:04 -08:00
3.0.0beta4 / 2012-06-25
2012-06-25 12:08:22 -07:00
==================
* Added `req.auth`
* Added `req.range(size)`
* Added `res.links(obj)`
* Added `res.send(body, status)` support back for backwards compat
* Added `.default()` support to `res.format()`
* Added 2xx / 304 check to `req.fresh`
* Revert "Added + support to the router"
* Fixed `res.send()` freshness check, respect res.statusCode
2013-01-04 18:52:04 -08:00
3.0.0beta3 / 2012-06-15
2012-06-15 11:40:49 -07:00
==================
* Added hogan `--hjs` to express(1) [nullfirm]
* Added another example to content-negotiation
* Added `fresh` dep
* Changed: `res.send()` always checks freshness
2015-06-17 01:24:21 -04:00
* Fixed: expose connects mime module. Closes #1165
2012-06-15 11:40:49 -07:00
2013-01-04 18:52:04 -08:00
3.0.0beta2 / 2012-06-06
2012-06-06 14:46:52 -07:00
==================
* Added `+` support to the router
* Added `req.host`
* Changed `req.param()` to check route first
* Update connect dep
2013-01-04 18:52:04 -08:00
3.0.0beta1 / 2012-06-01
2012-06-01 12:27:19 -07:00
==================
* Added `res.format()` callback to override default 406 behaviour
* Fixed `res.redirect()` 406. Closes #1154
2013-01-04 18:52:04 -08:00
3.0.0alpha5 / 2012-05-30
2012-05-30 16:48:22 -07:00
==================
* Added `req.ip`
* Added `{ signed: true }` option to `res.cookie()`
* Removed `res.signedCookie()`
* Changed: dont reverse `req.ips`
* Fixed "trust proxy" setting check for `req.ips`
2013-01-04 18:52:04 -08:00
3.0.0alpha4 / 2012-05-09
2012-05-09 15:18:21 -07:00
==================
* Added: allow `[]` in jsonp callback. Closes #1128
* Added `PORT` env var support in generated template. Closes #1118 [benatkin]
* Updated: connect 2.2.2
2013-01-04 18:52:04 -08:00
3.0.0alpha3 / 2012-05-04
2012-05-04 17:19:27 -07:00
==================
* Added public `app.routes` . Closes #887
* Added _ view-locals _ example
* Added _ mvc _ example
* Added `res.locals.use()` . Closes #1120
* Added conditional-GET support to `res.send()`
* Added: coerce `res.set()` values to strings
* Changed: moved `static()` in generated apps below router
* Changed: `res.send()` only set ETag when not previously set
* Changed connect 2.2.1 dep
* Changed: `make test` now runs unit / acceptance tests
* Fixed req/res proto inheritance
2013-01-04 18:52:04 -08:00
3.0.0alpha2 / 2012-04-26
2012-04-26 03:10:07 -07:00
==================
* Added `make benchmark` back
* Added `res.send()` support for `String` objects
* Added client-side data exposing example
* Added `res.header()` and `req.header()` aliases for BC
* Added `express.createServer()` for BC
* Perf: memoize parsed urls
* Perf: connect 2.2.0 dep
* Changed: make `expressInit()` middleware self-aware
* Fixed: use app.get() for all core settings
* Fixed redis session example
* Fixed session example. Closes #1105
* Fixed generated express dep. Closes #1078
2013-01-04 18:52:04 -08:00
3.0.0alpha1 / 2012-04-15
2012-04-15 11:40:31 -07:00
==================
* Added `app.locals.use(callback)`
* Added `app.locals` object
* Added `app.locals(obj)`
* Added `res.locals` object
* Added `res.locals(obj)`
* Added `res.format()` for content-negotiation
* Added `app.engine()`
* Added `res.cookie()` JSON cookie support
* Added "trust proxy" setting
* Added `req.subdomains`
* Added `req.protocol`
* Added `req.secure`
* Added `req.path`
* Added `req.ips`
* Added `req.fresh`
* Added `req.stale`
2015-06-17 01:24:21 -04:00
* Added comma-delimited / array support for `req.accepts()`
2012-04-15 11:40:31 -07:00
* Added debug instrumentation
* Added `res.set(obj)`
* Added `res.set(field, value)`
* Added `res.get(field)`
* Added `app.get(setting)` . Closes #842
* Added `req.acceptsLanguage()`
* Added `req.acceptsCharset()`
* Added `req.accepted`
* Added `req.acceptedLanguages`
* Added `req.acceptedCharsets`
* Added "json replacer" setting
* Added "json spaces" setting
* Added X-Forwarded-Proto support to `res.redirect()` . Closes #92
* Added `--less` support to express(1)
* Added `express.response` prototype
* Added `express.request` prototype
* Added `express.application` prototype
* Added `app.path()`
* Added `app.render()`
* Added `res.type()` to replace `res.contentType()`
* Changed: `res.redirect()` to add relative support
* Changed: enable "jsonp callback" by default
* Changed: renamed "case sensitive routes" to "case sensitive routing"
* Rewrite of all tests with mocha
* Removed "root" setting
* Removed `res.redirect('home')` support
* Removed `req.notify()`
* Removed `app.register()`
* Removed `app.redirect()`
* Removed `app.is()`
* Removed `app.helpers()`
* Removed `app.dynamicHelpers()`
* Fixed `res.sendfile()` with non-GET. Closes #723
* Fixed express(1) public dir for windows. Closes #866
2013-01-04 18:52:04 -08:00
2.5.9/ 2012-04-02
2012-04-15 11:24:08 -07:00
==================
* Added support for PURGE request method [pbuyle]
* Fixed `express(1)` generated app `app.address()` before `listening` [mmalecki]
2013-01-04 18:52:04 -08:00
2.5.8 / 2012-02-08
2012-04-15 11:24:08 -07:00
==================
* Update mkdirp dep. Closes #991
2013-01-04 18:52:04 -08:00
2.5.7 / 2012-02-06
2012-04-15 11:24:08 -07:00
==================
* Fixed `app.all` duplicate DELETE requests [mscdex]
2013-01-04 18:52:04 -08:00
2.5.6 / 2012-01-13
2012-04-15 11:24:08 -07:00
==================
* Updated hamljs dev dep. Closes #953
2013-01-04 18:52:04 -08:00
2.5.5 / 2012-01-08
2012-04-15 11:24:08 -07:00
==================
* Fixed: set `filename` on cached templates [matthewleon]
2013-01-04 18:52:04 -08:00
2.5.4 / 2012-01-02
2012-04-15 11:24:08 -07:00
==================
* Fixed `express(1)` eol on 0.4.x. Closes #947
2013-01-04 18:52:04 -08:00
2.5.3 / 2011-12-30
2012-04-15 11:24:08 -07:00
==================
* Fixed `req.is()` when a charset is present
2013-01-04 18:52:04 -08:00
2.5.2 / 2011-12-10
2012-04-15 11:24:08 -07:00
==================
* Fixed: express(1) LF -> CRLF for windows
2013-01-04 18:52:04 -08:00
2.5.1 / 2011-11-17
2012-04-15 11:24:08 -07:00
==================
* Changed: updated connect to 1.8.x
* Removed sass.js support from express(1)
2013-01-04 18:52:04 -08:00
2.5.0 / 2011-10-24
2012-04-15 11:24:08 -07:00
==================
* Added ./routes dir for generated app by default
* Added npm install reminder to express(1) app gen
* Added 0.5.x support
* Removed `make test-cov` since it wont work with node 0.5.x
* Fixed express(1) public dir for windows. Closes #866
2013-01-04 18:52:04 -08:00
2.4.7 / 2011-10-05
2012-04-15 11:24:08 -07:00
==================
* Added mkdirp to express(1). Closes #795
* Added simple _ json-config _ example
* Added shorthand for the parsed request's pathname via `req.path`
* Changed connect dep to 1.7.x to fix npm issue...
* Fixed `res.redirect()` __HEAD __ support. [reported by xerox]
* Fixed `req.flash()` , only escape args
* Fixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie]
2013-01-04 18:52:04 -08:00
2.4.6 / 2011-08-22
2012-04-15 11:24:08 -07:00
==================
* Fixed multiple param callback regression. Closes #824 [reported by TroyGoode]
2013-01-04 18:52:04 -08:00
2.4.5 / 2011-08-19
2011-08-19 10:12:38 -07:00
==================
* Added support for routes to handle errors. Closes #809
* Added `app.routes.all()` . Closes #803
2013-01-04 18:52:04 -08:00
* Added "basepath" setting to work in conjunction with reverse proxies etc.
2012-04-15 11:24:08 -07:00
* Refactored `Route` to use a single array of callbacks
2011-08-19 10:12:38 -07:00
* Added support for multiple callbacks for `app.param()` . Closes #801
Closes #805
* Changed: removed .call(self) for route callbacks
* Dependency: `qs >= 0.3.1`
* Fixed `res.redirect()` on windows due to `join()` usage. Closes #808
2013-01-04 18:52:04 -08:00
2.4.4 / 2011-08-05
2011-08-19 10:12:38 -07:00
==================
* Fixed `res.header()` intention of a set, even when `undefined`
* Fixed `*` , value no longer required
* Fixed `res.send(204)` support. Closes #771
2013-01-04 18:52:04 -08:00
2.4.3 / 2011-07-14
2011-07-14 12:58:24 -07:00
==================
* Added docs for `status` option special-case. Closes #739
* Fixed `options.filename` , exposing the view path to template engines
2013-01-04 18:52:04 -08:00
2.4.2. / 2011-07-06
2011-07-06 20:15:44 -07:00
==================
* Revert "removed jsonp stripping" for XSS
2013-01-04 18:52:04 -08:00
2.4.1 / 2011-07-06
2011-07-06 09:57:06 -07:00
==================
* Added `res.json()` JSONP support. Closes #737
* Added _ extending-templates _ example. Closes #730
* Added "strict routing" setting for trailing slashes
* Added support for multiple envs in `app.configure()` calls. Closes #735
* Changed: `res.send()` using `res.json()`
* Changed: when cookie `path === null` don't default it
* Changed; default cookie path to "home" setting. Closes #731
* Removed _ pids/logs _ creation from express(1)
2013-01-04 18:52:04 -08:00
2.4.0 / 2011-06-28
2011-06-28 09:41:21 -07:00
==================
* Added chainable `res.status(code)`
* Added `res.json()` , an explicit version of `res.send(obj)`
* Added simple web-service example
2013-01-04 18:52:04 -08:00
2.3.12 / 2011-06-22
2011-06-22 13:56:13 -07:00
==================
* \#express is now on freenode! come join!
* Added `req.get(field, param)`
* Added links to Japanese documentation, thanks @hideyukisaito !
* Added; the `express(1)` generated app outputs the env
* Added `content-negotiation` example
* Dependency: connect >= 1.5.1 < 2.0.0
* Fixed view layout bug. Closes #720
* Fixed; ignore body on 304. Closes #701
2013-01-04 18:52:04 -08:00
2.3.11 / 2011-06-04
2011-06-04 10:50:10 -07:00
==================
* Added `npm test`
* Removed generation of dummy test file from `express(1)`
* Fixed; `express(1)` adds express as a dep
* Fixed; prune on `prepublish`
2013-01-04 18:52:04 -08:00
2.3.10 / 2011-05-27
2011-05-27 09:20:03 -07:00
==================
* Added `req.route` , exposing the current route
* Added _ package.json _ generation support to `express(1)`
* Fixed call to `app.param()` function for optional params. Closes #682
2013-01-04 18:52:04 -08:00
2.3.9 / 2011-05-25
2011-05-25 10:18:26 -07:00
==================
* Fixed bug-ish with `../' in ` res.partial()` calls
2.3.8 / 2011-05-24
==================
* Fixed `app.options()`
2.3.7 / 2011-05-23
2011-05-23 15:54:17 -07:00
==================
* Added route `Collection` , ex: `app.get('/user/:id').remove();`
* Added support for `app.param(fn)` to define param logic
* Removed `app.param()` support for callback with return value
* Removed module.parent check from express(1) generated app. Closes #670
* Refactored router. Closes #639
2013-01-04 18:52:04 -08:00
2.3.6 / 2011-05-20
2011-05-20 09:42:01 -07:00
==================
* Changed; using devDependencies instead of git submodules
* Fixed redis session example
* Fixed markdown example
* Fixed view caching, should not be enabled in development
2013-01-04 18:52:04 -08:00
2.3.5 / 2011-05-20
2011-05-20 07:32:16 -07:00
==================
* Added export `.view` as alias for `.View`
2013-01-04 18:52:04 -08:00
2.3.4 / 2011-05-08
2011-05-08 10:53:57 -07:00
==================
* Added `./examples/say`
* Fixed `res.sendfile()` bug preventing the transfer of files with spaces
2013-01-04 18:52:04 -08:00
2.3.3 / 2011-05-03
2011-05-03 11:31:16 -07:00
==================
* Added "case sensitive routes" option.
* Changed; split methods supported per rfc [slaskis]
* Fixed route-specific middleware when using the same callback function several times
2013-01-04 18:52:04 -08:00
2.3.2 / 2011-04-27
2011-04-27 09:12:54 -07:00
==================
* Fixed view hints
2013-01-04 18:52:04 -08:00
2.3.1 / 2011-04-26
2011-04-26 15:26:04 -07:00
==================
* Added `app.match()` as `app.match.all()`
* Added `app.lookup()` as `app.lookup.all()`
* Added `app.remove()` for `app.remove.all()`
* Added `app.remove.VERB()`
* Fixed template caching collision issue. Closes #644
* Moved router over from connect and started refactor
2013-01-04 18:52:04 -08:00
2.3.0 / 2011-04-25
2011-04-25 09:49:54 -07:00
==================
* Added options support to `res.clearCookie()`
* Added `res.helpers()` as alias of `res.locals()`
* Added; json defaults to UTF-8 with `res.send()` . Closes #632 . [Daniel * Dependency `connect >= 1.4.0`
* Changed; auto set Content-Type in res.attachement [Aaron Heckmann]
* Renamed "cache views" to "view cache". Closes #628
* Fixed caching of views when using several apps. Closes #637
2013-01-04 18:52:04 -08:00
* Fixed gotcha invoking `app.param()` callbacks once per route middleware.
2011-04-25 09:49:54 -07:00
Closes #638
* Fixed partial lookup precedence. Closes #631
Shaw]
2013-01-04 18:52:04 -08:00
2.2.2 / 2011-04-12
2011-04-12 02:44:47 -07:00
==================
* Added second callback support for `res.download()` connection errors
* Fixed `filename` option passing to template engine
2013-01-04 18:52:04 -08:00
2.2.1 / 2011-04-04
2011-04-04 12:23:37 -07:00
==================
* Added `layout(path)` helper to change the layout within a view. Closes #610
* Fixed `partial()` collection object support.
Previously only anything with `.length` would work.
When `.length` is present one must still be aware of holes,
however now `{ collection: {foo: 'bar'}}` is valid, exposes
`keyInCollection` and `keysInCollection` .
* Performance improved with better view caching
* Removed `request` and `response` locals
* Changed; errorHandler page title is now `Express` instead of `Connect`
2013-01-04 18:52:04 -08:00
2.2.0 / 2011-03-30
2011-03-30 11:40:47 -07:00
==================
* Added `app.lookup.VERB()` , ex `app.lookup.put('/user/:id')` . Closes #606
* Added `app.match.VERB()` , ex `app.match.put('/user/12')` . Closes #606
* Added `app.VERB(path)` as alias of `app.lookup.VERB()` .
2011-03-30 11:58:26 -07:00
* Dependency `connect >= 1.2.0`
2011-03-30 11:40:47 -07:00
2013-01-04 18:52:04 -08:00
2.1.1 / 2011-03-29
2011-03-29 10:40:26 -07:00
==================
* Added; expose `err.view` object when failing to locate a view
* Fixed `res.partial()` call `next(err)` when no callback is given [reported by aheckmann]
* Fixed; `res.send(undefined)` responds with 204 [aheckmann]
2013-01-04 18:52:04 -08:00
2.1.0 / 2011-03-24
2011-03-18 09:18:29 -07:00
==================
2011-03-24 13:47:38 -07:00
* Added `<root>/_?<name>` partial lookup support. Closes #447
* Added `request` , `response` , and `app` local variables
* Added `settings` local variable, containing the app's settings
* Added `req.flash()` exception if `req.session` is not available
* Added `res.send(bool)` support (json response)
* Fixed stylus example for latest version
* Fixed; wrap try/catch around `res.render()`
2011-03-18 09:18:29 -07:00
2013-01-04 18:52:04 -08:00
2.0.0 / 2011-03-17
2011-03-17 18:06:30 -07:00
==================
* Fixed up index view path alternative.
* Changed; `res.locals()` without object returns the locals
2013-01-04 18:52:04 -08:00
2.0.0rc3 / 2011-03-17
2011-03-17 13:01:59 -07:00
==================
* Added `res.locals(obj)` to compliment `res.local(key, val)`
* Added `res.partial()` callback support
* Fixed recursive error reporting issue in `res.render()`
2013-01-04 18:52:04 -08:00
2.0.0rc2 / 2011-03-17
2011-03-17 11:01:20 -07:00
==================
* Changed; `partial()` "locals" are now optional
* Fixed `SlowBuffer` support. Closes #584 [reported by tyrda01]
* Fixed .filename view engine option [reported by drudge]
* Fixed blog example
* Fixed `{req,res}.app` reference when mounting [Ben Weaver]
2013-01-04 18:52:04 -08:00
2.0.0rc / 2011-03-14
2011-03-14 15:01:37 -07:00
==================
* Fixed; expose `HTTPSServer` constructor
* Fixed express(1) default test charset. Closes #579 [reported by secoif]
* Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP]
2013-01-04 18:52:04 -08:00
2.0.0beta3 / 2011-03-09
2011-03-09 15:45:55 -08:00
==================
* Added support for `res.contentType()` literal
The original `res.contentType('.json')` ,
`res.contentType('application/json')` , and `res.contentType('json')`
will work now.
* Added `res.render()` status option support back
* Added charset option for `res.render()`
* Added `.charset` support (via connect 1.0.4)
* Added view resolution hints when in development and a lookup fails
* Added layout lookup support relative to the page view.
For example while rendering `./views/user/index.jade` if you create
`./views/user/layout.jade` it will be used in favour of the root layout.
* Fixed `res.redirect()` . RFC states absolute url [reported by unlink]
* Fixed; default `res.send()` string charset to utf8
* Removed `Partial` constructor (not currently used)
2013-01-04 18:52:04 -08:00
2.0.0beta2 / 2011-03-07
2011-03-07 09:40:39 -08:00
==================
* Added res.render() `.locals` support back to aid in migration process
* Fixed flash example
2013-01-04 18:52:04 -08:00
2.0.0beta / 2011-03-03
2011-03-03 10:00:56 -08:00
==================
* Added HTTPS support
2011-03-03 15:30:43 -08:00
* Added `res.cookie()` maxAge support
2011-03-03 10:00:56 -08:00
* Added `req.header()` _ Referrer _ / _ Referer _ special-case, either works
* Added mount support for `res.redirect()` , now respects the mount-point
* Added `union()` util, taking place of `merge(clone())` combo
* Added stylus support to express(1) generated app
* Added secret to session middleware used in examples and generated app
* Added `res.local(name, val)` for progressive view locals
* Added default param support to `req.param(name, default)`
* Added `app.disabled()` and `app.enabled()`
* Added `app.register()` support for omitting leading ".", either works
* Added `res.partial()` , using the same interface as `partial()` within a view. Closes #539
* Added `app.param()` to map route params to async/sync logic
* Added; aliased `app.helpers()` as `app.locals()` . Closes #481
* Added extname with no leading "." support to `res.contentType()`
* Added `cache views` setting, defaulting to enabled in "production" env
* Added index file partial resolution, eg: partial('user') may try _ views/user/index.jade _ .
* Added `req.accepts()` support for extensions
* Changed; `res.download()` and `res.sendfile()` now utilize Connect's
static file server `connect.static.send()` .
* Changed; replaced `connect.utils.mime()` with npm _ mime _ module
* Changed; allow `req.query` to be pre-defined (via middleware or other parent
* Changed view partial resolution, now relative to parent view
* Changed view engine signature. no longer `engine.render(str, options, callback)` , now `engine.compile(str, options) -> Function` , the returned function accepts `fn(locals)` .
* Fixed `req.param()` bug returning Array.prototype methods. Closes #552
2011-03-03 16:34:05 -08:00
* Fixed; using `Stream#pipe()` instead of `sys.pump()` in `res.sendfile()`
2011-03-03 10:00:56 -08:00
* Fixed; using _ qs _ module instead of _ querystring _
* Fixed; strip unsafe chars from jsonp callbacks
* Removed "stream threshold" setting
2013-01-04 18:52:04 -08:00
1.0.8 / 2011-03-01
2011-03-03 09:36:38 -08:00
==================
* Allow `req.query` to be pre-defined (via middleware or other parent app)
* "connect": ">= 0.5.0 < 1.0.0". Closes #547
* Removed the long deprecated __EXPRESS_ENV __ support
2013-01-04 18:52:04 -08:00
1.0.7 / 2011-02-07
2011-03-03 09:36:38 -08:00
==================
* Fixed `render()` setting inheritance.
Mounted apps would not inherit "view engine"
2013-01-04 18:52:04 -08:00
1.0.6 / 2011-02-07
2011-03-03 09:36:38 -08:00
==================
* Fixed `view engine` setting bug when period is in dirname
2013-01-04 18:52:04 -08:00
1.0.5 / 2011-02-05
2011-03-03 09:36:38 -08:00
==================
* Added secret to generated app `session()` call
2013-01-04 18:52:04 -08:00
1.0.4 / 2011-02-05
2011-03-03 09:36:38 -08:00
==================
* Added `qs` dependency to _ package.json _
* Fixed namespaced `require()` s for latest connect support
2013-01-04 18:52:04 -08:00
1.0.3 / 2011-01-13
2011-01-20 08:39:29 -08:00
==================
* Remove unsafe characters from JSONP callback names [Ryan Grove]
2013-01-04 18:52:04 -08:00
1.0.2 / 2011-01-10
2011-01-20 08:39:29 -08:00
==================
* Removed nested require, using `connect.router`
2013-01-04 18:52:04 -08:00
1.0.1 / 2010-12-29
2011-01-20 08:39:29 -08:00
==================
* Fixed for middleware stacked via `createServer()`
previously the `foo` middleware passed to `createServer(foo)`
would not have access to Express methods such as `res.send()`
or props like `req.query` etc.
2013-01-04 18:52:04 -08:00
1.0.0 / 2010-11-16
2010-11-16 17:54:58 -08:00
==================
* Added; deduce partial object names from the last segment.
For example by default `partial('forum/post', postObject)` will
give you the _ post _ object, providing a meaningful default.
* Added http status code string representation to `res.redirect()` body
* Added; `res.redirect()` supporting _ text/plain _ and _ text/html _ via __Accept __ .
* Added `req.is()` to aid in content negotiation
* Added partial local inheritance [suggested by masylum]. Closes #102
providing access to parent template locals.
* Added _ -s, --session[s] _ flag to express(1) to add session related middleware
* Added _ --template _ flag to express(1) to specify the
template engine to use.
2013-01-04 18:52:04 -08:00
* Added _ --css _ flag to express(1) to specify the
2010-11-16 17:54:58 -08:00
stylesheet engine to use (or just plain css by default).
* Added `app.all()` support [thanks aheckmann]
* Added partial direct object support.
You may now `partial('user', user)` providing the "user" local,
vs previously `partial('user', { object: user })` .
* Added _ route-separation _ example since many people question ways
to do this with CommonJS modules. Also view the _ blog _ example for
an alternative.
* Performance; caching view path derived partial object names
* Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454
* Fixed jsonp support; _ text/javascript _ as per mailinglist discussion
2013-01-04 18:52:04 -08:00
1.0.0rc4 / 2010-10-14
2010-10-14 03:50:10 -07:00
==================
* Added _NODE_ENV_ support, _EXPRESS_ENV_ is deprecated and will be removed in 1.0.0
* Added route-middleware support (very helpful, see the [docs ](http://expressjs.com/guide.html#Route-Middleware ))
* Added _ jsonp callback _ setting to enable/disable jsonp autowrapping [Dav Glass]
* Added callback query check on response.send to autowrap JSON objects for simple webservice implementations [Dav Glass]
* Added `partial()` support for array-like collections. Closes #434
* Added support for swappable querystring parsers
* Added session usage docs. Closes #443
* Added dynamic helper caching. Closes #439 [suggested by maritz]
* Added authentication example
* Added basic Range support to `res.sendfile()` (and `res.download()` etc)
* Changed; `express(1)` generated app using 2 spaces instead of 4
* Default env to "development" again [aheckmann]
* Removed _ context _ option is no more, use "scope"
* Fixed; exposing _ ./support _ libs to examples so they can run without installs
* Fixed mvc example
2013-01-04 18:52:04 -08:00
1.0.0rc3 / 2010-09-20
2010-09-20 09:50:38 -07:00
==================
* Added confirmation for `express(1)` app generation. Closes #391
* Added extending of flash formatters via `app.flashFormatters`
* Added flash formatter support. Closes #411
* Added streaming support to `res.sendfile()` using `sys.pump()` when >= "stream threshold"
* Added _ stream threshold _ setting for `res.sendfile()`
* Added `res.send()` __HEAD __ support
* Added `res.clearCookie()`
* Added `res.cookie()`
* Added `res.render()` headers option
* Added `res.redirect()` response bodies
* Added `res.render()` status option support. Closes #425 [thanks aheckmann]
* Fixed `res.sendfile()` responding with 403 on malicious path
* Fixed `res.download()` bug; when an error occurs remove _ Content-Disposition _
* Fixed; mounted apps settings now inherit from parent app [aheckmann]
* Fixed; stripping Content-Length / Content-Type when 204
* Fixed `res.send()` 204. Closes #419
* Fixed multiple _ Set-Cookie _ headers via `res.header()` . Closes #402
* Fixed bug messing with error handlers when `listenFD()` is called instead of `listen()` . [thanks guillermo]
2013-01-04 18:52:04 -08:00
1.0.0rc2 / 2010-08-17
2010-08-17 13:09:17 -07:00
==================
* Added `app.register()` for template engine mapping. Closes #390
* Added `res.render()` callback support as second argument (no options)
* Added callback support to `res.download()`
* Added callback support for `res.sendfile()`
* Added support for middleware access via `express.middlewareName()` vs `connect.middlewareName()`
* Added "partials" setting to docs
* Added default expresso tests to `express(1)` generated app. Closes #384
* Fixed `res.sendfile()` error handling, defer via `next()`
* Fixed `res.render()` callback when a layout is used [thanks guillermo]
* Fixed; `make install` creating ~/.node_libraries when not present
2013-01-04 18:52:04 -08:00
* Fixed issue preventing error handlers from being defined anywhere. Closes #387
2010-08-17 13:09:17 -07:00
2010-07-30 10:16:30 -07:00
1.0.0rc / 2010-07-28
==================
* Added mounted hook. Closes #369
* Added connect dependency to _ package.json _
* Removed "reload views" setting and support code
development env never caches, production always caches.
* Removed _ param _ in route callbacks, signature is now
simply (req, res, next), previously (req, res, params, next).
Use _ req.params _ for path captures, _ req.query _ for GET params.
* Fixed "home" setting
* Fixed middleware/router precedence issue. Closes #366
* Fixed; _ configure() _ callbacks called immediately. Closes #368
2013-01-04 18:52:04 -08:00
2010-07-23 17:06:47 -07:00
1.0.0beta2 / 2010-07-23
==================
* Added more examples
* Added; exporting `Server` constructor
* Added `Server#helpers()` for view locals
* Added `Server#dynamicHelpers()` for dynamic view locals. Closes #349
* Added support for absolute view paths
* Added; _ home _ setting defaults to `Server#route` for mounted apps. Closes #363
* Added Guillermo Rauch to the contributor list
* Added support for "as" for non-collection partials. Closes #341
2010-07-23 17:09:57 -07:00
* Fixed _ install.sh _ , ensuring _~/.node_libraries_ exists. Closes #362 [thanks jf]
2010-07-23 17:06:47 -07:00
* Fixed `res.render()` exceptions, now passed to `next()` when no callback is given [thanks guillermo]
* Fixed instanceof `Array` checks, now `Array.isArray()`
* Fixed express(1) expansion of public dirs. Closes #348
* Fixed middleware precedence. Closes #345
* Fixed view watcher, now async [thanks aheckmann]
2009-10-01 13:19:18 -07:00
2010-07-15 14:48:55 -07:00
1.0.0beta / 2010-07-15
==================
2010-07-15 16:45:11 -07:00
* Re-write
- much faster
- much lighter
- Check [ExpressJS.com ](http://expressjs.com ) for migration guide and updated docs
2010-07-15 14:48:55 -07:00
2010-06-15 14:22:51 -07:00
0.14.0 / 2010-06-15
==================
* Utilize relative requires
* Added Static bufferSize option [aheckmann]
* Fixed caching of view and partial subdirectories [aheckmann]
* Fixed mime.type() comments now that ".ext" is not supported
* Updated haml submodule
* Updated class submodule
* Removed bin/express
2010-06-01 08:49:04 -07:00
0.13.0 / 2010-06-01
==================
* Added node v0.1.97 compatibility
* Added support for deleting cookies via Request#cookie ('key', null)
* Updated haml submodule
2023-02-23 11:36:40 +05:30
* Fixed not-found page, now using charset utf-8
* Fixed show-exceptions page, now using charset utf-8
2010-06-01 08:49:04 -07:00
* Fixed view support due to fs.readFile Buffers
* Changed; mime.type() no longer accepts ".type" due to node extname() changes
2010-05-22 08:24:22 -07:00
0.12.0 / 2010-05-22
==================
* Added node v0.1.96 compatibility
* Added view `helpers` export which act as additional local variables
* Updated haml submodule
* Changed ETag; removed inode, modified time only
* Fixed LF to CRLF for setting multiple cookies
2018-11-26 20:00:47 -07:00
* Fixed cookie compilation; values are now urlencoded
2010-05-22 08:24:22 -07:00
* Fixed cookies parsing; accepts quoted values and url escaped cookies
2010-05-06 15:41:15 -07:00
0.11.0 / 2010-05-06
==================
* Added support for layouts using different engines
- this.render('page.html.haml', { layout: 'super-cool-layout.html.ejs' })
- this.render('page.html.haml', { layout: 'foo' }) // assumes 'foo.html.haml'
- this.render('page.html.haml', { layout: false }) // no layout
* Updated ext submodule
* Updated haml submodule
* Fixed EJS partial support by passing along the context. Issue #307
2010-05-03 08:42:01 -07:00
0.10.1 / 2010-05-03
==================
* Fixed binary uploads.
2010-04-30 10:46:24 -07:00
0.10.0 / 2010-04-30
==================
* Added charset support via Request#charset (automatically assigned to 'UTF-8' when respond()'s
2023-02-23 11:36:40 +05:30
encoding is set to 'utf8' or 'utf-8').
2010-04-30 10:46:24 -07:00
* Added "encoding" option to Request#render (). Closes #299
* Added "dump exceptions" setting, which is enabled by default.
* Added simple ejs template engine support
2014-08-21 23:34:19 -04:00
* Added error response support for text/plain, application/json. Closes #297
2010-04-30 10:46:24 -07:00
* Added callback function param to Request#error ()
* Added Request#sendHead ()
* Added Request#stream ()
* Added support for Request#respond (304, null) for empty response bodies
* Added ETag support to Request#sendfile ()
* Added options to Request#sendfile (), passed to fs.createReadStream()
* Added filename arg to Request#download ()
* Performance enhanced due to pre-reversing plugins so that plugins.reverse() is not called on each request
* Performance enhanced by preventing several calls to toLowerCase() in Router#match ()
* Changed; Request#sendfile () now streams
* Changed; Renamed Request#halt () to Request#respond (). Closes #289
* Changed; Using sys.inspect() instead of JSON.encode() for error output
* Changed; run() returns the http.Server instance. Closes #298
* Changed; Defaulting Server#host to null (INADDR_ANY)
* Changed; Logger "common" format scale of 0.4f
* Removed Logger "request" format
* Fixed; Catching ENOENT in view caching, preventing error when "views/partials" is not found
* Fixed several issues with http client
* Fixed Logger Content-Length output
* Fixed bug preventing Opera from retaining the generated session id. Closes #292
2010-04-14 16:56:13 -07:00
0.9.0 / 2010-04-14
==================
2010-04-14 17:03:57 -07:00
* Added DSL level error() route support
* Added DSL level notFound() route support
* Added Request#error ()
* Added Request#notFound ()
* Added Request#render () callback function. Closes #258
* Added "max upload size" setting
* Added "magic" variables to collection partials (\_\_index\_\_, \_\_length\_\_, \_\_isFirst\_\_, \_\_isLast\_\_). Closes #254
2010-04-14 16:56:13 -07:00
* Added [haml.js ](http://github.com/visionmedia/haml.js ) submodule; removed haml-js
2010-04-14 17:03:57 -07:00
* Added callback function support to Request#halt () as 3rd/4th arg
* Added preprocessing of route param wildcards using param(). Closes #251
2023-02-23 11:36:40 +05:30
* Added view partial support (with collections etc.)
2010-04-14 16:56:13 -07:00
* Fixed bug preventing falsey params (such as ?page=0). Closes #286
* Fixed setting of multiple cookies. Closes #199
* Changed; view naming convention is now NAME.TYPE.ENGINE (for example page.html.haml)
* Changed; session cookie is now httpOnly
* Changed; Request is no longer global
* Changed; Event is no longer global
* Changed; "sys" module is no longer global
* Changed; moved Request#download to Static plugin where it belongs
2010-04-14 17:03:57 -07:00
* Changed; Request instance created before body parsing. Closes #262
* Changed; Pre-caching views in memory when "cache view contents" is enabled. Closes #253
* Changed; Pre-caching view partials in memory when "cache view partials" is enabled
2010-04-14 16:56:13 -07:00
* Updated support to node --version 0.1.90
* Updated dependencies
* Removed set("session cookie") in favour of use(Session, { cookie: { ... }})
2010-04-14 17:03:57 -07:00
* Removed utils.mixin(); use Object#mergeDeep ()
2013-01-04 18:52:04 -08:00
2010-03-19 16:51:43 -07:00
0.8.0 / 2010-03-19
==================
* Added coffeescript example app. Closes #242
* Changed; cache api now async friendly. Closes #240
* Removed deprecated 'express/static' support. Use 'express/plugins/static'
2010-03-19 08:55:52 -07:00
0.7.6 / 2010-03-19
==================
* Added Request#isXHR . Closes #229
* Added `make install` (for the executable)
* Added `express` executable for setting up simple app templates
* Added "GET /public/*" to Static plugin, defaulting to <root>/public
* Added Static plugin
* Fixed; Request#render () only calls cache.get() once
* Fixed; Namespacing View caches with "view:"
* Fixed; Namespacing Static caches with "static:"
* Fixed; Both example apps now use the Static plugin
* Fixed set("views"). Closes #239
* Fixed missing space for combined log format
* Deprecated Request#sendfile () and 'express/static'
* Removed Server#running
2010-03-16 19:38:21 -07:00
0.7.5 / 2010-03-16
==================
* Added Request#flash () support without args, now returns all flashes
* Updated ext submodule
2010-03-16 16:14:48 -07:00
0.7.4 / 2010-03-16
==================
* Fixed session reaper
* Changed; class.js replacing js-oo Class implementation (quite a bit faster, no browser cruft)
2010-03-16 13:17:41 -07:00
0.7.3 / 2010-03-16
==================
* Added package.json
* Fixed requiring of haml / sass due to kiwi removal
2010-03-16 08:08:17 -07:00
0.7.2 / 2010-03-16
==================
* Fixed GIT submodules (HAH!)
2010-03-16 08:03:06 -07:00
0.7.1 / 2010-03-16
==================
* Changed; Express now using submodules again until a PM is adopted
* Changed; chat example using millisecond conversions from ext
2010-03-15 09:13:18 -07:00
0.7.0 / 2010-03-15
==================
* Added Request#pass () support (finds the next matching route, or the given path)
* Added Logger plugin (default "common" format replaces CommonLogger)
* Removed Profiler plugin
* Removed CommonLogger plugin
2010-03-11 10:57:26 -08:00
0.6.0 / 2010-03-11
==================
* Added seed.yml for kiwi package management support
* Added HTTP client query string support when method is GET. Closes #205
2013-01-04 18:52:04 -08:00
2010-03-11 10:57:26 -08:00
* Added support for arbitrary view engines.
For example "foo.engine.html" will now require('engine'),
the exports from this module are cached after the first require().
2013-01-04 18:52:04 -08:00
2010-03-11 10:57:26 -08:00
* Added async plugin support
2013-01-04 18:52:04 -08:00
2010-03-11 10:57:26 -08:00
* Removed usage of RESTful route funcs as http client
get() etc, use http.get() and friends
2013-01-04 18:52:04 -08:00
2010-03-11 10:57:26 -08:00
* Removed custom exceptions
2010-03-10 13:17:57 -08:00
0.5.0 / 2010-03-10
==================
* Added ext dependency (library of js extensions)
* Removed extname() / basename() utils. Use path module
* Removed toArray() util. Use arguments.values
* Removed escapeRegexp() util. Use RegExp.escape()
* Removed process.mixin() dependency. Use utils.mixin()
* Removed Collection
* Removed ElementCollection
* Shameless self promotion of ebook "Advanced JavaScript" (http://dev-mag.com) ;)
2010-02-11 17:02:30 -08:00
0.4.0 / 2010-02-11
==================
* Added flash() example to sample upload app
* Added high level restful http client module (express/http)
* Changed; RESTful route functions double as HTTP clients. Closes #69
* Changed; throwing error when routes are added at runtime
* Changed; defaulting render() context to the current Request. Closes #197
* Updated haml submodule
2010-02-11 07:12:08 -08:00
0.3.0 / 2010-02-11
==================
* Updated haml / sass submodules. Closes #200
* Added flash message support. Closes #64
* Added accepts() now allows multiple args. fixes #117
* Added support for plugins to halt. Closes #189
* Added alternate layout support. Closes #119
* Removed Route#run (). Closes #188
* Fixed broken specs due to use(Cookie) missing
2010-02-05 09:03:55 -08:00
0.2.1 / 2010-02-05
==================
* Added "plot" format option for Profiler (for gnuplot processing)
* Added request number to Profiler plugin
2018-11-26 20:00:47 -07:00
* Fixed binary encoding for multipart file uploads, was previously defaulting to UTF8
2010-02-05 09:03:55 -08:00
* Fixed issue with routes not firing when not files are present. Closes #184
* Fixed process.Promise -> events.Promise
2010-02-03 19:28:31 -08:00
0.2.0 / 2010-02-03
==================
* Added parseParam() support for name[] etc. (allows for file inputs with "multiple" attr) Closes #180
* Added Both Cache and Session option "reapInterval" may be "reapEvery". Closes #174
* Added expiration support to cache api with reaper. Closes #133
* Added cache Store.Memory#reap ()
* Added Cache; cache api now uses first class Cache instances
* Added abstract session Store. Closes #172
* Changed; cache Memory.Store#get () utilizing Collection
* Renamed MemoryStore -> Store.Memory
* Fixed use() of the same plugin several time will always use latest options. Closes #176
2010-02-03 15:27:58 -08:00
0.1.0 / 2010-02-03
==================
* Changed; Hooks (before / after) pass request as arg as well as evaluated in their context
* Updated node support to 0.1.27 Closes #169
* Updated dirname(__filename) -> __dirname
* Updated libxmljs support to v0.2.0
* Added session support with memory store / reaping
* Added quick uid() helper
* Added multi-part upload support
* Added Sass.js support / submodule
* Added production env caching view contents and static files
* Added static file caching. Closes #136
* Added cache plugin with memory stores
* Added support to StaticFile so that it works with non-textual files.
* Removed dirname() helper
* Removed several globals (now their modules must be required)
2010-01-10 19:54:44 -08:00
0.0.2 / 2010-01-10
==================
* Added view benchmarks; currently haml vs ejs
* Added Request#attachment () specs. Closes #116
* Added use of node's parseQuery() util. Closes #123
* Added `make init` for submodules
* Updated Haml
* Updated sample chat app to show messages on load
* Updated libxmljs parseString -> parseHtmlString
* Fixed `make init` to work with older versions of git
2018-11-26 20:00:47 -07:00
* Fixed specs can now run independent specs for those who can't build deps. Closes #127
2010-01-10 19:54:44 -08:00
* Fixed issues introduced by the node url module changes. Closes 126.
* Fixed two assertions failing due to Collection#keys () returning strings
* Fixed faulty Collection#toArray () spec due to keys() returning strings
* Fixed `make test` now builds libxmljs.node before testing
2010-01-03 06:47:49 -08:00
0.0.1 / 2010-01-03
2009-10-01 13:19:18 -07:00
==================
* Initial release
