Spaces:
Runtime error
Runtime error
4.19.2 / 2024-03-25 | |
========== | |
* Improved fix for open redirect allow list bypass | |
4.19.1 / 2024-03-20 | |
========== | |
* Allow passing non-strings to res.location with new encoding handling checks | |
4.19.0 / 2024-03-20 | |
========== | |
* Prevent open redirect allow list bypass due to encodeurl | |
* deps: cookie@0.6.0 | |
4.18.3 / 2024-02-29 | |
========== | |
* Fix routing requests without method | |
* deps: body-parser@1.20.2 | |
- Fix strict json error message on Node.js 19+ | |
- deps: content-type@~1.0.5 | |
- deps: raw-body@2.5.2 | |
* deps: cookie@0.6.0 | |
- Add `partitioned` option | |
4.18.2 / 2022-10-08 | |
=================== | |
* Fix regression routing a large stack in a single route | |
* deps: body-parser@1.20.1 | |
- deps: qs@6.11.0 | |
- perf: remove unnecessary object clone | |
* deps: qs@6.11.0 | |
4.18.1 / 2022-04-29 | |
=================== | |
* Fix hanging on large stack of sync routes | |
4.18.0 / 2022-04-25 | |
=================== | |
* Add "root" option to `res.download` | |
* Allow `options` without `filename` in `res.download` | |
* Deprecate string and non-integer arguments to `res.status` | |
* Fix behavior of `null`/`undefined` as `maxAge` in `res.cookie` | |
* Fix handling very large stacks of sync middleware | |
* Ignore `Object.prototype` values in settings through `app.set`/`app.get` | |
* Invoke `default` with same arguments as types in `res.format` | |
* Support proper 205 responses using `res.send` | |
* Use `http-errors` for `res.format` error | |
* deps: body-parser@1.20.0 | |
- Fix error message for json parse whitespace in `strict` | |
- Fix internal error when inflated body exceeds limit | |
- Prevent loss of async hooks context | |
- Prevent hanging when request already read | |
- deps: depd@2.0.0 | |
- deps: http-errors@2.0.0 | |
- deps: on-finished@2.4.1 | |
- deps: qs@6.10.3 | |
- deps: raw-body@2.5.1 | |
* deps: cookie@0.5.0 | |
- Add `priority` option | |
- Fix `expires` option to reject invalid dates | |
* deps: depd@2.0.0 | |
- Replace internal `eval` usage with `Function` constructor | |
- Use instance methods on `process` to check for listeners | |
* deps: finalhandler@1.2.0 | |
- Remove set content headers that break response | |
- deps: on-finished@2.4.1 | |
- deps: statuses@2.0.1 | |
* deps: on-finished@2.4.1 | |
- Prevent loss of async hooks context | |
* deps: qs@6.10.3 | |
* deps: send@0.18.0 | |
- Fix emitted 416 error missing headers property | |
- Limit the headers removed for 304 response | |
- deps: depd@2.0.0 | |
- deps: destroy@1.2.0 | |
- deps: http-errors@2.0.0 | |
- deps: on-finished@2.4.1 | |
- deps: statuses@2.0.1 | |
* deps: serve-static@1.15.0 | |
- deps: send@0.18.0 | |
* deps: statuses@2.0.1 | |
- Remove code 306 | |
- Rename `425 Unordered Collection` to standard `425 Too Early` | |
4.17.3 / 2022-02-16 | |
=================== | |
* deps: accepts@~1.3.8 | |
- deps: mime-types@~2.1.34 | |
- deps: negotiator@0.6.3 | |
* deps: body-parser@1.19.2 | |
- deps: bytes@3.1.2 | |
- deps: qs@6.9.7 | |
- deps: raw-body@2.4.3 | |
* deps: cookie@0.4.2 | |
* deps: qs@6.9.7 | |
* Fix handling of `__proto__` keys | |
* pref: remove unnecessary regexp for trust proxy | |
4.17.2 / 2021-12-16 | |
=================== | |
* Fix handling of `undefined` in `res.jsonp` | |
* Fix handling of `undefined` when `"json escape"` is enabled | |
* Fix incorrect middleware execution with unanchored `RegExp`s | |
* Fix `res.jsonp(obj, status)` deprecation message | |
* Fix typo in `res.is` JSDoc | |
* deps: body-parser@1.19.1 | |
- deps: bytes@3.1.1 | |
- deps: http-errors@1.8.1 | |
- deps: qs@6.9.6 | |
- deps: raw-body@2.4.2 | |
- deps: safe-buffer@5.2.1 | |
- deps: type-is@~1.6.18 | |
* deps: content-disposition@0.5.4 | |
- deps: safe-buffer@5.2.1 | |
* deps: cookie@0.4.1 | |
- Fix `maxAge` option to reject invalid values | |
* deps: proxy-addr@~2.0.7 | |
- Use `req.socket` over deprecated `req.connection` | |
- deps: forwarded@0.2.0 | |
- deps: ipaddr.js@1.9.1 | |
* deps: qs@6.9.6 | |
* deps: safe-buffer@5.2.1 | |
* deps: send@0.17.2 | |
- deps: http-errors@1.8.1 | |
- deps: ms@2.1.3 | |
- pref: ignore empty http tokens | |
* deps: serve-static@1.14.2 | |
- deps: send@0.17.2 | |
* deps: setprototypeof@1.2.0 | |
4.17.1 / 2019-05-25 | |
=================== | |
* Revert "Improve error message for `null`/`undefined` to `res.status`" | |
4.17.0 / 2019-05-16 | |
=================== | |
* Add `express.raw` to parse bodies into `Buffer` | |
* Add `express.text` to parse bodies into string | |
* Improve error message for non-strings to `res.sendFile` | |
* Improve error message for `null`/`undefined` to `res.status` | |
* Support multiple hosts in `X-Forwarded-Host` | |
* deps: accepts@~1.3.7 | |
* deps: body-parser@1.19.0 | |
- Add encoding MIK | |
- Add petabyte (`pb`) support | |
- Fix parsing array brackets after index | |
- deps: bytes@3.1.0 | |
- deps: http-errors@1.7.2 | |
- deps: iconv-lite@0.4.24 | |
- deps: qs@6.7.0 | |
- deps: raw-body@2.4.0 | |
- deps: type-is@~1.6.17 | |
* deps: content-disposition@0.5.3 | |
* deps: cookie@0.4.0 | |
- Add `SameSite=None` support | |
* deps: finalhandler@~1.1.2 | |
- Set stricter `Content-Security-Policy` header | |
- deps: parseurl@~1.3.3 | |
- deps: statuses@~1.5.0 | |
* deps: parseurl@~1.3.3 | |
* deps: proxy-addr@~2.0.5 | |
- deps: ipaddr.js@1.9.0 | |
* deps: qs@6.7.0 | |
- Fix parsing array brackets after index | |
* deps: range-parser@~1.2.1 | |
* deps: send@0.17.1 | |
- Set stricter CSP header in redirect & error responses | |
- deps: http-errors@~1.7.2 | |
- deps: mime@1.6.0 | |
- deps: ms@2.1.1 | |
- deps: range-parser@~1.2.1 | |
- deps: statuses@~1.5.0 | |
- perf: remove redundant `path.normalize` call | |
* deps: serve-static@1.14.1 | |
- Set stricter CSP header in redirect response | |
- deps: parseurl@~1.3.3 | |
- deps: send@0.17.1 | |
* deps: setprototypeof@1.1.1 | |
* deps: statuses@~1.5.0 | |
- Add `103 Early Hints` | |
* deps: type-is@~1.6.18 | |
- deps: mime-types@~2.1.24 | |
- perf: prevent internal `throw` on invalid type | |
4.16.4 / 2018-10-10 | |
=================== | |
* Fix issue where `"Request aborted"` may be logged in `res.sendfile` | |
* Fix JSDoc for `Router` constructor | |
* deps: body-parser@1.18.3 | |
- Fix deprecation warnings on Node.js 10+ | |
- Fix stack trace for strict json parse error | |
- deps: depd@~1.1.2 | |
- deps: http-errors@~1.6.3 | |
- deps: iconv-lite@0.4.23 | |
- deps: qs@6.5.2 | |
- deps: raw-body@2.3.3 | |
- deps: type-is@~1.6.16 | |
* deps: proxy-addr@~2.0.4 | |
- deps: ipaddr.js@1.8.0 | |
* deps: qs@6.5.2 | |
* deps: safe-buffer@5.1.2 | |
4.16.3 / 2018-03-12 | |
=================== | |
* deps: accepts@~1.3.5 | |
- deps: mime-types@~2.1.18 | |
* deps: depd@~1.1.2 | |
- perf: remove argument reassignment | |
* deps: encodeurl@~1.0.2 | |
- Fix encoding `%` as last character | |
* deps: finalhandler@1.1.1 | |
- Fix 404 output for bad / missing pathnames | |
- deps: encodeurl@~1.0.2 | |
- deps: statuses@~1.4.0 | |
* deps: proxy-addr@~2.0.3 | |
- deps: ipaddr.js@1.6.0 | |
* deps: send@0.16.2 | |
- Fix incorrect end tag in default error & redirects | |
- deps: depd@~1.1.2 | |
- deps: encodeurl@~1.0.2 | |
- deps: statuses@~1.4.0 | |
* deps: serve-static@1.13.2 | |
- Fix incorrect end tag in redirects | |
- deps: encodeurl@~1.0.2 | |
- deps: send@0.16.2 | |
* deps: statuses@~1.4.0 | |
* deps: type-is@~1.6.16 | |
- deps: mime-types@~2.1.18 | |
4.16.2 / 2017-10-09 | |
=================== | |
* Fix `TypeError` in `res.send` when given `Buffer` and `ETag` header set | |
* perf: skip parsing of entire `X-Forwarded-Proto` header | |
4.16.1 / 2017-09-29 | |
=================== | |
* deps: send@0.16.1 | |
* deps: serve-static@1.13.1 | |
- Fix regression when `root` is incorrectly set to a file | |
- deps: send@0.16.1 | |
4.16.0 / 2017-09-28 | |
=================== | |
* Add `"json escape"` setting for `res.json` and `res.jsonp` | |
* Add `express.json` and `express.urlencoded` to parse bodies | |
* Add `options` argument to `res.download` | |
* Improve error message when autoloading invalid view engine | |
* Improve error messages when non-function provided as middleware | |
* Skip `Buffer` encoding when not generating ETag for small response | |
* Use `safe-buffer` for improved Buffer API | |
* deps: accepts@~1.3.4 | |
- deps: mime-types@~2.1.16 | |
* deps: content-type@~1.0.4 | |
- perf: remove argument reassignment | |
- perf: skip parameter parsing when no parameters | |
* deps: etag@~1.8.1 | |
- perf: replace regular expression with substring | |
* deps: finalhandler@1.1.0 | |
- Use `res.headersSent` when available | |
* deps: parseurl@~1.3.2 | |
- perf: reduce overhead for full URLs | |
- perf: unroll the "fast-path" `RegExp` | |
* deps: proxy-addr@~2.0.2 | |
- Fix trimming leading / trailing OWS in `X-Forwarded-For` | |
- deps: forwarded@~0.1.2 | |
- deps: ipaddr.js@1.5.2 | |
- perf: reduce overhead when no `X-Forwarded-For` header | |
* deps: qs@6.5.1 | |
- Fix parsing & compacting very deep objects | |
* deps: send@0.16.0 | |
- Add 70 new types for file extensions | |
- Add `immutable` option | |
- Fix missing `</html>` in default error & redirects | |
- Set charset as "UTF-8" for .js and .json | |
- Use instance methods on steam to check for listeners | |
- deps: mime@1.4.1 | |
- perf: improve path validation speed | |
* deps: serve-static@1.13.0 | |
- Add 70 new types for file extensions | |
- Add `immutable` option | |
- Set charset as "UTF-8" for .js and .json | |
- deps: send@0.16.0 | |
* deps: setprototypeof@1.1.0 | |
* deps: utils-merge@1.0.1 | |
* deps: vary@~1.1.2 | |
- perf: improve header token parsing speed | |
* perf: re-use options object when generating ETags | |
* perf: remove dead `.charset` set in `res.jsonp` | |
4.15.5 / 2017-09-24 | |
=================== | |
* deps: debug@2.6.9 | |
* deps: finalhandler@~1.0.6 | |
- deps: debug@2.6.9 | |
- deps: parseurl@~1.3.2 | |
* deps: fresh@0.5.2 | |
- Fix handling of modified headers with invalid dates | |
- perf: improve ETag match loop | |
- perf: improve `If-None-Match` token parsing | |
* deps: send@0.15.6 | |
- Fix handling of modified headers with invalid dates | |
- deps: debug@2.6.9 | |
- deps: etag@~1.8.1 | |
- deps: fresh@0.5.2 | |
- perf: improve `If-Match` token parsing | |
* deps: serve-static@1.12.6 | |
- deps: parseurl@~1.3.2 | |
- deps: send@0.15.6 | |
- perf: improve slash collapsing | |
4.15.4 / 2017-08-06 | |
=================== | |
* deps: debug@2.6.8 | |
* deps: depd@~1.1.1 | |
- Remove unnecessary `Buffer` loading | |
* deps: finalhandler@~1.0.4 | |
- deps: debug@2.6.8 | |
* deps: proxy-addr@~1.1.5 | |
- Fix array argument being altered | |
- deps: ipaddr.js@1.4.0 | |
* deps: qs@6.5.0 | |
* deps: send@0.15.4 | |
- deps: debug@2.6.8 | |
- deps: depd@~1.1.1 | |
- deps: http-errors@~1.6.2 | |
* deps: serve-static@1.12.4 | |
- deps: send@0.15.4 | |
4.15.3 / 2017-05-16 | |
=================== | |
* Fix error when `res.set` cannot add charset to `Content-Type` | |
* deps: debug@2.6.7 | |
- Fix `DEBUG_MAX_ARRAY_LENGTH` | |
- deps: ms@2.0.0 | |
* deps: finalhandler@~1.0.3 | |
- Fix missing `</html>` in HTML document | |
- deps: debug@2.6.7 | |
* deps: proxy-addr@~1.1.4 | |
- deps: ipaddr.js@1.3.0 | |
* deps: send@0.15.3 | |
- deps: debug@2.6.7 | |
- deps: ms@2.0.0 | |
* deps: serve-static@1.12.3 | |
- deps: send@0.15.3 | |
* deps: type-is@~1.6.15 | |
- deps: mime-types@~2.1.15 | |
* deps: vary@~1.1.1 | |
- perf: hoist regular expression | |
4.15.2 / 2017-03-06 | |
=================== | |
* deps: qs@6.4.0 | |
- Fix regression parsing keys starting with `[` | |
4.15.1 / 2017-03-05 | |
=================== | |
* deps: send@0.15.1 | |
- Fix issue when `Date.parse` does not return `NaN` on invalid date | |
- Fix strict violation in broken environments | |
* deps: serve-static@1.12.1 | |
- Fix issue when `Date.parse` does not return `NaN` on invalid date | |
- deps: send@0.15.1 | |
4.15.0 / 2017-03-01 | |
=================== | |
* Add debug message when loading view engine | |
* Add `next("router")` to exit from router | |
* Fix case where `router.use` skipped requests routes did not | |
* Remove usage of `res._headers` private field | |
- Improves compatibility with Node.js 8 nightly | |
* Skip routing when `req.url` is not set | |
* Use `%o` in path debug to tell types apart | |
* Use `Object.create` to setup request & response prototypes | |
* Use `setprototypeof` module to replace `__proto__` setting | |
* Use `statuses` instead of `http` module for status messages | |
* deps: debug@2.6.1 | |
- Allow colors in workers | |
- Deprecated `DEBUG_FD` environment variable set to `3` or higher | |
- Fix error when running under React Native | |
- Use same color for same namespace | |
- deps: ms@0.7.2 | |
* deps: etag@~1.8.0 | |
- Use SHA1 instead of MD5 for ETag hashing | |
- Works with FIPS 140-2 OpenSSL configuration | |
* deps: finalhandler@~1.0.0 | |
- Fix exception when `err` cannot be converted to a string | |
- Fully URL-encode the pathname in the 404 | |
- Only include the pathname in the 404 message | |
- Send complete HTML document | |
- Set `Content-Security-Policy: default-src 'self'` header | |
- deps: debug@2.6.1 | |
* deps: fresh@0.5.0 | |
- Fix false detection of `no-cache` request directive | |
- Fix incorrect result when `If-None-Match` has both `*` and ETags | |
- Fix weak `ETag` matching to match spec | |
- perf: delay reading header values until needed | |
- perf: enable strict mode | |
- perf: hoist regular expressions | |
- perf: remove duplicate conditional | |
- perf: remove unnecessary boolean coercions | |
- perf: skip checking modified time if ETag check failed | |
- perf: skip parsing `If-None-Match` when no `ETag` header | |
- perf: use `Date.parse` instead of `new Date` | |
* deps: qs@6.3.1 | |
- Fix array parsing from skipping empty values | |
- Fix compacting nested arrays | |
* deps: send@0.15.0 | |
- Fix false detection of `no-cache` request directive | |
- Fix incorrect result when `If-None-Match` has both `*` and ETags | |
- Fix weak `ETag` matching to match spec | |
- Remove usage of `res._headers` private field | |
- Support `If-Match` and `If-Unmodified-Since` headers | |
- Use `res.getHeaderNames()` when available | |
- Use `res.headersSent` when available | |
- deps: debug@2.6.1 | |
- deps: etag@~1.8.0 | |
- deps: fresh@0.5.0 | |
- deps: http-errors@~1.6.1 | |
* deps: serve-static@1.12.0 | |
- Fix false detection of `no-cache` request directive | |
- Fix incorrect result when `If-None-Match` has both `*` and ETags | |
- Fix weak `ETag` matching to match spec | |
- Remove usage of `res._headers` private field | |
- Send complete HTML document in redirect response | |
- Set default CSP header in redirect response | |
- Support `If-Match` and `If-Unmodified-Since` headers | |
- Use `res.getHeaderNames()` when available | |
- Use `res.headersSent` when available | |
- deps: send@0.15.0 | |
* perf: add fast match path for `*` route | |
* perf: improve `req.ips` performance | |
4.14.1 / 2017-01-28 | |
=================== | |
* deps: content-disposition@0.5.2 | |
* deps: finalhandler@0.5.1 | |
- Fix exception when `err.headers` is not an object | |
- deps: statuses@~1.3.1 | |
- perf: hoist regular expressions | |
- perf: remove duplicate validation path | |
* deps: proxy-addr@~1.1.3 | |
- deps: ipaddr.js@1.2.0 | |
* deps: send@0.14.2 | |
- deps: http-errors@~1.5.1 | |
- deps: ms@0.7.2 | |
- deps: statuses@~1.3.1 | |
* deps: serve-static@~1.11.2 | |
- deps: send@0.14.2 | |
* deps: type-is@~1.6.14 | |
- deps: mime-types@~2.1.13 | |
4.14.0 / 2016-06-16 | |
=================== | |
* Add `acceptRanges` option to `res.sendFile`/`res.sendfile` | |
* Add `cacheControl` option to `res.sendFile`/`res.sendfile` | |
* Add `options` argument to `req.range` | |
- Includes the `combine` option | |
* Encode URL in `res.location`/`res.redirect` if not already encoded | |
* Fix some redirect handling in `res.sendFile`/`res.sendfile` | |
* Fix Windows absolute path check using forward slashes | |
* Improve error with invalid arguments to `req.get()` | |
* Improve performance for `res.json`/`res.jsonp` in most cases | |
* Improve `Range` header handling in `res.sendFile`/`res.sendfile` | |
* deps: accepts@~1.3.3 | |
- Fix including type extensions in parameters in `Accept` parsing | |
- Fix parsing `Accept` parameters with quoted equals | |
- Fix parsing `Accept` parameters with quoted semicolons | |
- Many performance improvements | |
- deps: mime-types@~2.1.11 | |
- deps: negotiator@0.6.1 | |
* deps: content-type@~1.0.2 | |
- perf: enable strict mode | |
* deps: cookie@0.3.1 | |
- Add `sameSite` option | |
- Fix cookie `Max-Age` to never be a floating point number | |
- Improve error message when `encode` is not a function | |
- Improve error message when `expires` is not a `Date` | |
- Throw better error for invalid argument to parse | |
- Throw on invalid values provided to `serialize` | |
- perf: enable strict mode | |
- perf: hoist regular expression | |
- perf: use for loop in parse | |
- perf: use string concatenation for serialization | |
* deps: finalhandler@0.5.0 | |
- Change invalid or non-numeric status code to 500 | |
- Overwrite status message to match set status code | |
- Prefer `err.statusCode` if `err.status` is invalid | |
- Set response headers from `err.headers` object | |
- Use `statuses` instead of `http` module for status messages | |
* deps: proxy-addr@~1.1.2 | |
- Fix accepting various invalid netmasks | |
- Fix IPv6-mapped IPv4 validation edge cases | |
- IPv4 netmasks must be contiguous | |
- IPv6 addresses cannot be used as a netmask | |
- deps: ipaddr.js@1.1.1 | |
* deps: qs@6.2.0 | |
- Add `decoder` option in `parse` function | |
* deps: range-parser@~1.2.0 | |
- Add `combine` option to combine overlapping ranges | |
- Fix incorrectly returning -1 when there is at least one valid range | |
- perf: remove internal function | |
* deps: send@0.14.1 | |
- Add `acceptRanges` option | |
- Add `cacheControl` option | |
- Attempt to combine multiple ranges into single range | |
- Correctly inherit from `Stream` class | |
- Fix `Content-Range` header in 416 responses when using `start`/`end` options | |
- Fix `Content-Range` header missing from default 416 responses | |
- Fix redirect error when `path` contains raw non-URL characters | |
- Fix redirect when `path` starts with multiple forward slashes | |
- Ignore non-byte `Range` headers | |
- deps: http-errors@~1.5.0 | |
- deps: range-parser@~1.2.0 | |
- deps: statuses@~1.3.0 | |
- perf: remove argument reassignment | |
* deps: serve-static@~1.11.1 | |
- Add `acceptRanges` option | |
- Add `cacheControl` option | |
- Attempt to combine multiple ranges into single range | |
- Fix redirect error when `req.url` contains raw non-URL characters | |
- Ignore non-byte `Range` headers | |
- Use status code 301 for redirects | |
- deps: send@0.14.1 | |
* deps: type-is@~1.6.13 | |
- Fix type error when given invalid type to match against | |
- deps: mime-types@~2.1.11 | |
* deps: vary@~1.1.0 | |
- Only accept valid field names in the `field` argument | |
* perf: use strict equality when possible | |
4.13.4 / 2016-01-21 | |
=================== | |
* deps: content-disposition@0.5.1 | |
- perf: enable strict mode | |
* deps: cookie@0.1.5 | |
- Throw on invalid values provided to `serialize` | |
* deps: depd@~1.1.0 | |
- Support web browser loading | |
- perf: enable strict mode | |
* deps: escape-html@~1.0.3 | |
- perf: enable strict mode | |
- perf: optimize string replacement | |
- perf: use faster string coercion | |
* deps: finalhandler@0.4.1 | |
- deps: escape-html@~1.0.3 | |
* deps: merge-descriptors@1.0.1 | |
- perf: enable strict mode | |
* deps: methods@~1.1.2 | |
- perf: enable strict mode | |
* deps: parseurl@~1.3.1 | |
- perf: enable strict mode | |
* deps: proxy-addr@~1.0.10 | |
- deps: ipaddr.js@1.0.5 | |
- perf: enable strict mode | |
* deps: range-parser@~1.0.3 | |
- perf: enable strict mode | |
* deps: send@0.13.1 | |
- deps: depd@~1.1.0 | |
- deps: destroy@~1.0.4 | |
- deps: escape-html@~1.0.3 | |
- deps: range-parser@~1.0.3 | |
* deps: serve-static@~1.10.2 | |
- deps: escape-html@~1.0.3 | |
- deps: parseurl@~1.3.0 | |
- deps: send@0.13.1 | |
4.13.3 / 2015-08-02 | |
=================== | |
* Fix infinite loop condition using `mergeParams: true` | |
* Fix inner numeric indices incorrectly altering parent `req.params` | |
4.13.2 / 2015-07-31 | |
=================== | |
* deps: accepts@~1.2.12 | |
- deps: mime-types@~2.1.4 | |
* deps: array-flatten@1.1.1 | |
- perf: enable strict mode | |
* deps: path-to-regexp@0.1.7 | |
- Fix regression with escaped round brackets and matching groups | |
* deps: type-is@~1.6.6 | |
- deps: mime-types@~2.1.4 | |
4.13.1 / 2015-07-05 | |
=================== | |
* deps: accepts@~1.2.10 | |
- deps: mime-types@~2.1.2 | |
* deps: qs@4.0.0 | |
- Fix dropping parameters like `hasOwnProperty` | |
- Fix various parsing edge cases | |
* deps: type-is@~1.6.4 | |
- deps: mime-types@~2.1.2 | |
- perf: enable strict mode | |
- perf: remove argument reassignment | |
4.13.0 / 2015-06-20 | |
=================== | |
* Add settings to debug output | |
* Fix `res.format` error when only `default` provided | |
* Fix issue where `next('route')` in `app.param` would incorrectly skip values | |
* Fix hiding platform issues with `decodeURIComponent` | |
- Only `URIError`s are a 400 | |
* Fix using `*` before params in routes | |
* Fix using capture groups before params in routes | |
* Simplify `res.cookie` to call `res.append` | |
* Use `array-flatten` module for flattening arrays | |
* deps: accepts@~1.2.9 | |
- deps: mime-types@~2.1.1 | |
- perf: avoid argument reassignment & argument slice | |
- perf: avoid negotiator recursive construction | |
- perf: enable strict mode | |
- perf: remove unnecessary bitwise operator | |
* deps: cookie@0.1.3 | |
- perf: deduce the scope of try-catch deopt | |
- perf: remove argument reassignments | |
* deps: escape-html@1.0.2 | |
* deps: etag@~1.7.0 | |
- Always include entity length in ETags for hash length extensions | |
- Generate non-Stats ETags using MD5 only (no longer CRC32) | |
- Improve stat performance by removing hashing | |
- Improve support for JXcore | |
- Remove base64 padding in ETags to shorten | |
- Support "fake" stats objects in environments without fs | |
- Use MD5 instead of MD4 in weak ETags over 1KB | |
* deps: finalhandler@0.4.0 | |
- Fix a false-positive when unpiping in Node.js 0.8 | |
- Support `statusCode` property on `Error` objects | |
- Use `unpipe` module for unpiping requests | |
- deps: escape-html@1.0.2 | |
- deps: on-finished@~2.3.0 | |
- perf: enable strict mode | |
- perf: remove argument reassignment | |
* deps: fresh@0.3.0 | |
- Add weak `ETag` matching support | |
* deps: on-finished@~2.3.0 | |
- Add defined behavior for HTTP `CONNECT` requests | |
- Add defined behavior for HTTP `Upgrade` requests | |
- deps: ee-first@1.1.1 | |
* deps: path-to-regexp@0.1.6 | |
* deps: send@0.13.0 | |
- Allow Node.js HTTP server to set `Date` response header | |
- Fix incorrectly removing `Content-Location` on 304 response | |
- Improve the default redirect response headers | |
- Send appropriate headers on default error response | |
- Use `http-errors` for standard emitted errors | |
- Use `statuses` instead of `http` module for status messages | |
- deps: escape-html@1.0.2 | |
- deps: etag@~1.7.0 | |
- deps: fresh@0.3.0 | |
- deps: on-finished@~2.3.0 | |
- perf: enable strict mode | |
- perf: remove unnecessary array allocations | |
* deps: serve-static@~1.10.0 | |
- Add `fallthrough` option | |
- Fix reading options from options prototype | |
- Improve the default redirect response headers | |
- Malformed URLs now `next()` instead of 400 | |
- deps: escape-html@1.0.2 | |
- deps: send@0.13.0 | |
- perf: enable strict mode | |
- perf: remove argument reassignment | |
* deps: type-is@~1.6.3 | |
- deps: mime-types@~2.1.1 | |
- perf: reduce try block size | |
- perf: remove bitwise operations | |
* perf: enable strict mode | |
* perf: isolate `app.render` try block | |
* perf: remove argument reassignments in application | |
* perf: remove argument reassignments in request prototype | |
* perf: remove argument reassignments in response prototype | |
* perf: remove argument reassignments in routing | |
* perf: remove argument reassignments in `View` | |
* perf: skip attempting to decode zero length string | |
* perf: use saved reference to `http.STATUS_CODES` | |
4.12.4 / 2015-05-17 | |
=================== | |
* deps: accepts@~1.2.7 | |
- deps: mime-types@~2.0.11 | |
- deps: negotiator@0.5.3 | |
* deps: debug@~2.2.0 | |
- deps: ms@0.7.1 | |
* deps: depd@~1.0.1 | |
* deps: etag@~1.6.0 | |
- Improve support for JXcore | |
- Support "fake" stats objects in environments without `fs` | |
* deps: finalhandler@0.3.6 | |
- deps: debug@~2.2.0 | |
- deps: on-finished@~2.2.1 | |
* deps: on-finished@~2.2.1 | |
- Fix `isFinished(req)` when data buffered | |
* deps: proxy-addr@~1.0.8 | |
- deps: ipaddr.js@1.0.1 | |
* deps: qs@2.4.2 | |
- Fix allowing parameters like `constructor` | |
* deps: send@0.12.3 | |
- deps: debug@~2.2.0 | |
- deps: depd@~1.0.1 | |
- deps: etag@~1.6.0 | |
- deps: ms@0.7.1 | |
- deps: on-finished@~2.2.1 | |
* deps: serve-static@~1.9.3 | |
- deps: send@0.12.3 | |
* deps: type-is@~1.6.2 | |
- deps: mime-types@~2.0.11 | |
4.12.3 / 2015-03-17 | |
=================== | |
* deps: accepts@~1.2.5 | |
- deps: mime-types@~2.0.10 | |
* deps: debug@~2.1.3 | |
- Fix high intensity foreground color for bold | |
- deps: ms@0.7.0 | |
* deps: finalhandler@0.3.4 | |
- deps: debug@~2.1.3 | |
* deps: proxy-addr@~1.0.7 | |
- deps: ipaddr.js@0.1.9 | |
* deps: qs@2.4.1 | |
- Fix error when parameter `hasOwnProperty` is present | |
* deps: send@0.12.2 | |
- Throw errors early for invalid `extensions` or `index` options | |
- deps: debug@~2.1.3 | |
* deps: serve-static@~1.9.2 | |
- deps: send@0.12.2 | |
* deps: type-is@~1.6.1 | |
- deps: mime-types@~2.0.10 | |
4.12.2 / 2015-03-02 | |
=================== | |
* Fix regression where `"Request aborted"` is logged using `res.sendFile` | |
4.12.1 / 2015-03-01 | |
=================== | |
* Fix constructing application with non-configurable prototype properties | |
* Fix `ECONNRESET` errors from `res.sendFile` usage | |
* Fix `req.host` when using "trust proxy" hops count | |
* Fix `req.protocol`/`req.secure` when using "trust proxy" hops count | |
* Fix wrong `code` on aborted connections from `res.sendFile` | |
* deps: merge-descriptors@1.0.0 | |
4.12.0 / 2015-02-23 | |
=================== | |
* Fix `"trust proxy"` setting to inherit when app is mounted | |
* Generate `ETag`s for all request responses | |
- No longer restricted to only responses for `GET` and `HEAD` requests | |
* Use `content-type` to parse `Content-Type` headers | |
* deps: accepts@~1.2.4 | |
- Fix preference sorting to be stable for long acceptable lists | |
- deps: mime-types@~2.0.9 | |
- deps: negotiator@0.5.1 | |
* deps: cookie-signature@1.0.6 | |
* deps: send@0.12.1 | |
- Always read the stat size from the file | |
- Fix mutating passed-in `options` | |
- deps: mime@1.3.4 | |
* deps: serve-static@~1.9.1 | |
- deps: send@0.12.1 | |
* deps: type-is@~1.6.0 | |
- fix argument reassignment | |
- fix false-positives in `hasBody` `Transfer-Encoding` check | |
- support wildcard for both type and subtype (`*/*`) | |
- deps: mime-types@~2.0.9 | |
4.11.2 / 2015-02-01 | |
=================== | |
* Fix `res.redirect` double-calling `res.end` for `HEAD` requests | |
* deps: accepts@~1.2.3 | |
- deps: mime-types@~2.0.8 | |
* deps: proxy-addr@~1.0.6 | |
- deps: ipaddr.js@0.1.8 | |
* deps: type-is@~1.5.6 | |
- deps: mime-types@~2.0.8 | |
4.11.1 / 2015-01-20 | |
=================== | |
* deps: send@0.11.1 | |
- Fix root path disclosure | |
* deps: serve-static@~1.8.1 | |
- Fix redirect loop in Node.js 0.11.14 | |
- Fix root path disclosure | |
- deps: send@0.11.1 | |
4.11.0 / 2015-01-13 | |
=================== | |
* Add `res.append(field, val)` to append headers | |
* Deprecate leading `:` in `name` for `app.param(name, fn)` | |
* Deprecate `req.param()` -- use `req.params`, `req.body`, or `req.query` instead | |
* Deprecate `app.param(fn)` | |
* Fix `OPTIONS` responses to include the `HEAD` method properly | |
* Fix `res.sendFile` not always detecting aborted connection | |
* Match routes iteratively to prevent stack overflows | |
* deps: accepts@~1.2.2 | |
- deps: mime-types@~2.0.7 | |
- deps: negotiator@0.5.0 | |
* deps: send@0.11.0 | |
- deps: debug@~2.1.1 | |
- deps: etag@~1.5.1 | |
- deps: ms@0.7.0 | |
- deps: on-finished@~2.2.0 | |
* deps: serve-static@~1.8.0 | |
- deps: send@0.11.0 | |
4.10.8 / 2015-01-13 | |
=================== | |
* Fix crash from error within `OPTIONS` response handler | |
* deps: proxy-addr@~1.0.5 | |
- deps: ipaddr.js@0.1.6 | |
4.10.7 / 2015-01-04 | |
=================== | |
* Fix `Allow` header for `OPTIONS` to not contain duplicate methods | |
* Fix incorrect "Request aborted" for `res.sendFile` when `HEAD` or 304 | |
* deps: debug@~2.1.1 | |
* deps: finalhandler@0.3.3 | |
- deps: debug@~2.1.1 | |
- deps: on-finished@~2.2.0 | |
* deps: methods@~1.1.1 | |
* deps: on-finished@~2.2.0 | |
* deps: serve-static@~1.7.2 | |
- Fix potential open redirect when mounted at root | |
* deps: type-is@~1.5.5 | |
- deps: mime-types@~2.0.7 | |
4.10.6 / 2014-12-12 | |
=================== | |
* Fix exception in `req.fresh`/`req.stale` without response headers | |
4.10.5 / 2014-12-10 | |
=================== | |
* Fix `res.send` double-calling `res.end` for `HEAD` requests | |
* deps: accepts@~1.1.4 | |
- deps: mime-types@~2.0.4 | |
* deps: type-is@~1.5.4 | |
- deps: mime-types@~2.0.4 | |
4.10.4 / 2014-11-24 | |
=================== | |
* Fix `res.sendfile` logging standard write errors | |
4.10.3 / 2014-11-23 | |
=================== | |
* Fix `res.sendFile` logging standard write errors | |
* deps: etag@~1.5.1 | |
* deps: proxy-addr@~1.0.4 | |
- deps: ipaddr.js@0.1.5 | |
* deps: qs@2.3.3 | |
- Fix `arrayLimit` behavior | |
4.10.2 / 2014-11-09 | |
=================== | |
* Correctly invoke async router callback asynchronously | |
* deps: accepts@~1.1.3 | |
- deps: mime-types@~2.0.3 | |
* deps: type-is@~1.5.3 | |
- deps: mime-types@~2.0.3 | |
4.10.1 / 2014-10-28 | |
=================== | |
* Fix handling of URLs containing `://` in the path | |
* deps: qs@2.3.2 | |
- Fix parsing of mixed objects and values | |
4.10.0 / 2014-10-23 | |
=================== | |
* Add support for `app.set('views', array)` | |
- Views are looked up in sequence in array of directories | |
* Fix `res.send(status)` to mention `res.sendStatus(status)` | |
* Fix handling of invalid empty URLs | |
* Use `content-disposition` module for `res.attachment`/`res.download` | |
- Sends standards-compliant `Content-Disposition` header | |
- Full Unicode support | |
* Use `path.resolve` in view lookup | |
* deps: debug@~2.1.0 | |
- Implement `DEBUG_FD` env variable support | |
* deps: depd@~1.0.0 | |
* deps: etag@~1.5.0 | |
- Improve string performance | |
- Slightly improve speed for weak ETags over 1KB | |
* deps: finalhandler@0.3.2 | |
- Terminate in progress response only on error | |
- Use `on-finished` to determine request status | |
- deps: debug@~2.1.0 | |
- deps: on-finished@~2.1.1 | |
* deps: on-finished@~2.1.1 | |
- Fix handling of pipelined requests | |
* deps: qs@2.3.0 | |
- Fix parsing of mixed implicit and explicit arrays | |
* deps: send@0.10.1 | |
- deps: debug@~2.1.0 | |
- deps: depd@~1.0.0 | |
- deps: etag@~1.5.0 | |
- deps: on-finished@~2.1.1 | |
* deps: serve-static@~1.7.1 | |
- deps: send@0.10.1 | |
4.9.8 / 2014-10-17 | |
================== | |
* Fix `res.redirect` body when redirect status specified | |
* deps: accepts@~1.1.2 | |
- Fix error when media type has invalid parameter | |
- deps: negotiator@0.4.9 | |
4.9.7 / 2014-10-10 | |
================== | |
* Fix using same param name in array of paths | |
4.9.6 / 2014-10-08 | |
================== | |
* deps: accepts@~1.1.1 | |
- deps: mime-types@~2.0.2 | |
- deps: negotiator@0.4.8 | |
* deps: serve-static@~1.6.4 | |
- Fix redirect loop when index file serving disabled | |
* deps: type-is@~1.5.2 | |
- deps: mime-types@~2.0.2 | |
4.9.5 / 2014-09-24 | |
================== | |
* deps: etag@~1.4.0 | |
* deps: proxy-addr@~1.0.3 | |
- Use `forwarded` npm module | |
* deps: send@0.9.3 | |
- deps: etag@~1.4.0 | |
* deps: serve-static@~1.6.3 | |
- deps: send@0.9.3 | |
4.9.4 / 2014-09-19 | |
================== | |
* deps: qs@2.2.4 | |
- Fix issue with object keys starting with numbers truncated | |
4.9.3 / 2014-09-18 | |
================== | |
* deps: proxy-addr@~1.0.2 | |
- Fix a global leak when multiple subnets are trusted | |
- deps: ipaddr.js@0.1.3 | |
4.9.2 / 2014-09-17 | |
================== | |
* Fix regression for empty string `path` in `app.use` | |
* Fix `router.use` to accept array of middleware without path | |
* Improve error message for bad `app.use` arguments | |
4.9.1 / 2014-09-16 | |
================== | |
* Fix `app.use` to accept array of middleware without path | |
* deps: depd@0.4.5 | |
* deps: etag@~1.3.1 | |
* deps: send@0.9.2 | |
- deps: depd@0.4.5 | |
- deps: etag@~1.3.1 | |
- deps: range-parser@~1.0.2 | |
* deps: serve-static@~1.6.2 | |
- deps: send@0.9.2 | |
4.9.0 / 2014-09-08 | |
================== | |
* Add `res.sendStatus` | |
* Invoke callback for sendfile when client aborts | |
- Applies to `res.sendFile`, `res.sendfile`, and `res.download` | |
- `err` will be populated with request aborted error | |
* Support IP address host in `req.subdomains` | |
* Use `etag` to generate `ETag` headers | |
* deps: accepts@~1.1.0 | |
- update `mime-types` | |
* deps: cookie-signature@1.0.5 | |
* deps: debug@~2.0.0 | |
* deps: finalhandler@0.2.0 | |
- Set `X-Content-Type-Options: nosniff` header | |
- deps: debug@~2.0.0 | |
* deps: fresh@0.2.4 | |
* deps: media-typer@0.3.0 | |
- Throw error when parameter format invalid on parse | |
* deps: qs@2.2.3 | |
- Fix issue where first empty value in array is discarded | |
* deps: range-parser@~1.0.2 | |
* deps: send@0.9.1 | |
- Add `lastModified` option | |
- Use `etag` to generate `ETag` header | |
- deps: debug@~2.0.0 | |
- deps: fresh@0.2.4 | |
* deps: serve-static@~1.6.1 | |
- Add `lastModified` option | |
- deps: send@0.9.1 | |
* deps: type-is@~1.5.1 | |
- fix `hasbody` to be true for `content-length: 0` | |
- deps: media-typer@0.3.0 | |
- deps: mime-types@~2.0.1 | |
* deps: vary@~1.0.0 | |
- Accept valid `Vary` header string as `field` | |
4.8.8 / 2014-09-04 | |
================== | |
* deps: send@0.8.5 | |
- Fix a path traversal issue when using `root` | |
- Fix malicious path detection for empty string path | |
* deps: serve-static@~1.5.4 | |
- deps: send@0.8.5 | |
4.8.7 / 2014-08-29 | |
================== | |
* deps: qs@2.2.2 | |
- Remove unnecessary cloning | |
4.8.6 / 2014-08-27 | |
================== | |
* deps: qs@2.2.0 | |
- Array parsing fix | |
- Performance improvements | |
4.8.5 / 2014-08-18 | |
================== | |
* deps: send@0.8.3 | |
- deps: destroy@1.0.3 | |
- deps: on-finished@2.1.0 | |
* deps: serve-static@~1.5.3 | |
- deps: send@0.8.3 | |
4.8.4 / 2014-08-14 | |
================== | |
* deps: qs@1.2.2 | |
* deps: send@0.8.2 | |
- Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` | |
* deps: serve-static@~1.5.2 | |
- deps: send@0.8.2 | |
4.8.3 / 2014-08-10 | |
================== | |
* deps: parseurl@~1.3.0 | |
* deps: qs@1.2.1 | |
* deps: serve-static@~1.5.1 | |
- Fix parsing of weird `req.originalUrl` values | |
- deps: parseurl@~1.3.0 | |
- deps: utils-merge@1.0.0 | |
4.8.2 / 2014-08-07 | |
================== | |
* deps: qs@1.2.0 | |
- Fix parsing array of objects | |
4.8.1 / 2014-08-06 | |
================== | |
* fix incorrect deprecation warnings on `res.download` | |
* deps: qs@1.1.0 | |
- Accept urlencoded square brackets | |
- Accept empty values in implicit array notation | |
4.8.0 / 2014-08-05 | |
================== | |
* add `res.sendFile` | |
- accepts a file system path instead of a URL | |
- requires an absolute path or `root` option specified | |
* deprecate `res.sendfile` -- use `res.sendFile` instead | |
* support mounted app as any argument to `app.use()` | |
* deps: qs@1.0.2 | |
- Complete rewrite | |
- Limits array length to 20 | |
- Limits object depth to 5 | |
- Limits parameters to 1,000 | |
* deps: send@0.8.1 | |
- Add `extensions` option | |
* deps: serve-static@~1.5.0 | |
- Add `extensions` option | |
- deps: send@0.8.1 | |
4.7.4 / 2014-08-04 | |
================== | |
* fix `res.sendfile` regression for serving directory index files | |
* deps: send@0.7.4 | |
- Fix incorrect 403 on Windows and Node.js 0.11 | |
- Fix serving index files without root dir | |
* deps: serve-static@~1.4.4 | |
- deps: send@0.7.4 | |
4.7.3 / 2014-08-04 | |
================== | |
* deps: send@0.7.3 | |
- Fix incorrect 403 on Windows and Node.js 0.11 | |
* deps: serve-static@~1.4.3 | |
- Fix incorrect 403 on Windows and Node.js 0.11 | |
- deps: send@0.7.3 | |
4.7.2 / 2014-07-27 | |
================== | |
* deps: depd@0.4.4 | |
- Work-around v8 generating empty stack traces | |
* deps: send@0.7.2 | |
- deps: depd@0.4.4 | |
* deps: serve-static@~1.4.2 | |
4.7.1 / 2014-07-26 | |
================== | |
* deps: depd@0.4.3 | |
- Fix exception when global `Error.stackTraceLimit` is too low | |
* deps: send@0.7.1 | |
- deps: depd@0.4.3 | |
* deps: serve-static@~1.4.1 | |
4.7.0 / 2014-07-25 | |
================== | |
* fix `req.protocol` for proxy-direct connections | |
* configurable query parser with `app.set('query parser', parser)` | |
- `app.set('query parser', 'extended')` parse with "qs" module | |
- `app.set('query parser', 'simple')` parse with "querystring" core module | |
- `app.set('query parser', false)` disable query string parsing | |
- `app.set('query parser', true)` enable simple parsing | |
* deprecate `res.json(status, obj)` -- use `res.status(status).json(obj)` instead | |
* deprecate `res.jsonp(status, obj)` -- use `res.status(status).jsonp(obj)` instead | |
* deprecate `res.send(status, body)` -- use `res.status(status).send(body)` instead | |
* deps: debug@1.0.4 | |
* deps: depd@0.4.2 | |
- Add `TRACE_DEPRECATION` environment variable | |
- Remove non-standard grey color from color output | |
- Support `--no-deprecation` argument | |
- Support `--trace-deprecation` argument | |
* deps: finalhandler@0.1.0 | |
- Respond after request fully read | |
- deps: debug@1.0.4 | |
* deps: parseurl@~1.2.0 | |
- Cache URLs based on original value | |
- Remove no-longer-needed URL mis-parse work-around | |
- Simplify the "fast-path" `RegExp` | |
* deps: send@0.7.0 | |
- Add `dotfiles` option | |
- Cap `maxAge` value to 1 year | |
- deps: debug@1.0.4 | |
- deps: depd@0.4.2 | |
* deps: serve-static@~1.4.0 | |
- deps: parseurl@~1.2.0 | |
- deps: send@0.7.0 | |
* perf: prevent multiple `Buffer` creation in `res.send` | |
4.6.1 / 2014-07-12 | |
================== | |
* fix `subapp.mountpath` regression for `app.use(subapp)` | |
4.6.0 / 2014-07-11 | |
================== | |
* accept multiple callbacks to `app.use()` | |
* add explicit "Rosetta Flash JSONP abuse" protection | |
- previous versions are not vulnerable; this is just explicit protection | |
* catch errors in multiple `req.param(name, fn)` handlers | |
* deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead | |
* fix `res.send(status, num)` to send `num` as json (not error) | |
* remove unnecessary escaping when `res.jsonp` returns JSON response | |
* support non-string `path` in `app.use(path, fn)` | |
- supports array of paths | |
- supports `RegExp` | |
* router: fix optimization on router exit | |
* router: refactor location of `try` blocks | |
* router: speed up standard `app.use(fn)` | |
* deps: debug@1.0.3 | |
- Add support for multiple wildcards in namespaces | |
* deps: finalhandler@0.0.3 | |
- deps: debug@1.0.3 | |
* deps: methods@1.1.0 | |
- add `CONNECT` | |
* deps: parseurl@~1.1.3 | |
- faster parsing of href-only URLs | |
* deps: path-to-regexp@0.1.3 | |
* deps: send@0.6.0 | |
- deps: debug@1.0.3 | |
* deps: serve-static@~1.3.2 | |
- deps: parseurl@~1.1.3 | |
- deps: send@0.6.0 | |
* perf: fix arguments reassign deopt in some `res` methods | |
4.5.1 / 2014-07-06 | |
================== | |
* fix routing regression when altering `req.method` | |
4.5.0 / 2014-07-04 | |
================== | |
* add deprecation message to non-plural `req.accepts*` | |
* add deprecation message to `res.send(body, status)` | |
* add deprecation message to `res.vary()` | |
* add `headers` option to `res.sendfile` | |
- use to set headers on successful file transfer | |
* add `mergeParams` option to `Router` | |
- merges `req.params` from parent routes | |
* add `req.hostname` -- correct name for what `req.host` returns | |
* deprecate things with `depd` module | |
* deprecate `req.host` -- use `req.hostname` instead | |
* fix behavior when handling request without routes | |
* fix handling when `route.all` is only route | |
* invoke `router.param()` only when route matches | |
* restore `req.params` after invoking router | |
* use `finalhandler` for final response handling | |
* use `media-typer` to alter content-type charset | |
* deps: accepts@~1.0.7 | |
* deps: send@0.5.0 | |
- Accept string for `maxage` (converted by `ms`) | |
- Include link in default redirect response | |
* deps: serve-static@~1.3.0 | |
- Accept string for `maxAge` (converted by `ms`) | |
- Add `setHeaders` option | |
- Include HTML link in redirect response | |
- deps: send@0.5.0 | |
* deps: type-is@~1.3.2 | |
4.4.5 / 2014-06-26 | |
================== | |
* deps: cookie-signature@1.0.4 | |
- fix for timing attacks | |
4.4.4 / 2014-06-20 | |
================== | |
* fix `res.attachment` Unicode filenames in Safari | |
* fix "trim prefix" debug message in `express:router` | |
* deps: accepts@~1.0.5 | |
* deps: buffer-crc32@0.2.3 | |
4.4.3 / 2014-06-11 | |
================== | |
* fix persistence of modified `req.params[name]` from `app.param()` | |
* deps: accepts@1.0.3 | |
- deps: negotiator@0.4.6 | |
* deps: debug@1.0.2 | |
* deps: send@0.4.3 | |
- Do not throw uncatchable error on file open race condition | |
- Use `escape-html` for HTML escaping | |
- deps: debug@1.0.2 | |
- deps: finished@1.2.2 | |
- deps: fresh@0.2.2 | |
* deps: serve-static@1.2.3 | |
- Do not throw uncatchable error on file open race condition | |
- deps: send@0.4.3 | |
4.4.2 / 2014-06-09 | |
================== | |
* fix catching errors from top-level handlers | |
* use `vary` module for `res.vary` | |
* deps: debug@1.0.1 | |
* deps: proxy-addr@1.0.1 | |
* deps: send@0.4.2 | |
- fix "event emitter leak" warnings | |
- deps: debug@1.0.1 | |
- deps: finished@1.2.1 | |
* deps: serve-static@1.2.2 | |
- fix "event emitter leak" warnings | |
- deps: send@0.4.2 | |
* deps: type-is@1.2.1 | |
4.4.1 / 2014-06-02 | |
================== | |
* deps: methods@1.0.1 | |
* deps: send@0.4.1 | |
- Send `max-age` in `Cache-Control` in correct format | |
* deps: serve-static@1.2.1 | |
- use `escape-html` for escaping | |
- deps: send@0.4.1 | |
4.4.0 / 2014-05-30 | |
================== | |
* custom etag control with `app.set('etag', val)` | |
- `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation | |
- `app.set('etag', 'weak')` weak tag | |
- `app.set('etag', 'strong')` strong etag | |
- `app.set('etag', false)` turn off | |
- `app.set('etag', true)` standard etag | |
* mark `res.send` ETag as weak and reduce collisions | |
* update accepts to 1.0.2 | |
- Fix interpretation when header not in request | |
* update send to 0.4.0 | |
- Calculate ETag with md5 for reduced collisions | |
- Ignore stream errors after request ends | |
- deps: debug@0.8.1 | |
* update serve-static to 1.2.0 | |
- Calculate ETag with md5 for reduced collisions | |
- Ignore stream errors after request ends | |
- deps: send@0.4.0 | |
4.3.2 / 2014-05-28 | |
================== | |
* fix handling of errors from `router.param()` callbacks | |
4.3.1 / 2014-05-23 | |
================== | |
* revert "fix behavior of multiple `app.VERB` for the same path" | |
- this caused a regression in the order of route execution | |
4.3.0 / 2014-05-21 | |
================== | |
* add `req.baseUrl` to access the path stripped from `req.url` in routes | |
* fix behavior of multiple `app.VERB` for the same path | |
* fix issue routing requests among sub routers | |
* invoke `router.param()` only when necessary instead of every match | |
* proper proxy trust with `app.set('trust proxy', trust)` | |
- `app.set('trust proxy', 1)` trust first hop | |
- `app.set('trust proxy', 'loopback')` trust loopback addresses | |
- `app.set('trust proxy', '10.0.0.1')` trust single IP | |
- `app.set('trust proxy', '10.0.0.1/16')` trust subnet | |
- `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list | |
- `app.set('trust proxy', false)` turn off | |
- `app.set('trust proxy', true)` trust everything | |
* set proper `charset` in `Content-Type` for `res.send` | |
* update type-is to 1.2.0 | |
- support suffix matching | |
4.2.0 / 2014-05-11 | |
================== | |
* deprecate `app.del()` -- use `app.delete()` instead | |
* deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead | |
- the edge-case `res.json(status, num)` requires `res.status(status).json(num)` | |
* deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead | |
- the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` | |
* fix `req.next` when inside router instance | |
* include `ETag` header in `HEAD` requests | |
* keep previous `Content-Type` for `res.jsonp` | |
* support PURGE method | |
- add `app.purge` | |
- add `router.purge` | |
- include PURGE in `app.all` | |
* update debug to 0.8.0 | |
- add `enable()` method | |
- change from stderr to stdout | |
* update methods to 1.0.0 | |
- add PURGE | |
4.1.2 / 2014-05-08 | |
================== | |
* fix `req.host` for IPv6 literals | |
* fix `res.jsonp` error if callback param is object | |
4.1.1 / 2014-04-27 | |
================== | |
* fix package.json to reflect supported node version | |
4.1.0 / 2014-04-24 | |
================== | |
* pass options from `res.sendfile` to `send` | |
* preserve casing of headers in `res.header` and `res.set` | |
* support unicode file names in `res.attachment` and `res.download` | |
* update accepts to 1.0.1 | |
- deps: negotiator@0.4.0 | |
* update cookie to 0.1.2 | |
- Fix for maxAge == 0 | |
- made compat with expires field | |
* update send to 0.3.0 | |
- Accept API options in options object | |
- Coerce option types | |
- Control whether to generate etags | |
- Default directory access to 403 when index disabled | |
- Fix sending files with dots without root set | |
- Include file path in etag | |
- Make "Can't set headers after they are sent." catchable | |
- Send full entity-body for multi range requests | |
- Set etags to "weak" | |
- Support "If-Range" header | |
- Support multiple index paths | |
- deps: mime@1.2.11 | |
* update serve-static to 1.1.0 | |
- Accept options directly to `send` module | |
- Resolve relative paths at middleware setup | |
- Use parseurl to parse the URL from request | |
- deps: send@0.3.0 | |
* update type-is to 1.1.0 | |
- add non-array values support | |
- add `multipart` as a shorthand | |
4.0.0 / 2014-04-09 | |
================== | |
* remove: | |
- node 0.8 support | |
- connect and connect's patches except for charset handling | |
- express(1) - moved to [express-generator](https://github.com/expressjs/generator) | |
- `express.createServer()` - it has been deprecated for a long time. Use `express()` | |
- `app.configure` - use logic in your own app code | |
- `app.router` - is removed | |
- `req.auth` - use `basic-auth` instead | |
- `req.accepted*` - use `req.accepts*()` instead | |
- `res.location` - relative URL resolution is removed | |
- `res.charset` - include the charset in the content type when using `res.set()` | |
- all bundled middleware except `static` | |
* change: | |
- `app.route` -> `app.mountpath` when mounting an express app in another express app | |
- `json spaces` no longer enabled by default in development | |
- `req.accepts*` -> `req.accepts*s` - i.e. `req.acceptsEncoding` -> `req.acceptsEncodings` | |
- `req.params` is now an object instead of an array | |
- `res.locals` is no longer a function. It is a plain js object. Treat it as such. | |
- `res.headerSent` -> `res.headersSent` to match node.js ServerResponse object | |
* refactor: | |
- `req.accepts*` with [accepts](https://github.com/expressjs/accepts) | |
- `req.is` with [type-is](https://github.com/expressjs/type-is) | |
- [path-to-regexp](https://github.com/component/path-to-regexp) | |
* add: | |
- `app.router()` - returns the app Router instance | |
- `app.route()` - Proxy to the app's `Router#route()` method to create a new route | |
- Router & Route - public API | |
3.21.2 / 2015-07-31 | |
=================== | |
* deps: connect@2.30.2 | |
- deps: body-parser@~1.13.3 | |
- deps: compression@~1.5.2 | |
- deps: errorhandler@~1.4.2 | |
- deps: method-override@~2.3.5 | |
- deps: serve-index@~1.7.2 | |
- deps: type-is@~1.6.6 | |
- deps: vhost@~3.0.1 | |
* deps: vary@~1.0.1 | |
- Fix setting empty header from empty `field` | |
- perf: enable strict mode | |
- perf: remove argument reassignments | |
3.21.1 / 2015-07-05 | |
=================== | |
* deps: basic-auth@~1.0.3 | |
* deps: connect@2.30.1 | |
- deps: body-parser@~1.13.2 | |
- deps: compression@~1.5.1 | |
- deps: errorhandler@~1.4.1 | |
- deps: morgan@~1.6.1 | |
- deps: pause@0.1.0 | |
- deps: qs@4.0.0 | |
- deps: serve-index@~1.7.1 | |
- deps: type-is@~1.6.4 | |
3.21.0 / 2015-06-18 | |
=================== | |
* deps: basic-auth@1.0.2 | |
- perf: enable strict mode | |
- perf: hoist regular expression | |
- perf: parse with regular expressions | |
- perf: remove argument reassignment | |
* deps: connect@2.30.0 | |
- deps: body-parser@~1.13.1 | |
- deps: bytes@2.1.0 | |
- deps: compression@~1.5.0 | |
- deps: cookie@0.1.3 | |
- deps: cookie-parser@~1.3.5 | |
- deps: csurf@~1.8.3 | |
- deps: errorhandler@~1.4.0 | |
- deps: express-session@~1.11.3 | |
- deps: finalhandler@0.4.0 | |
- deps: fresh@0.3.0 | |
- deps: morgan@~1.6.0 | |
- deps: serve-favicon@~2.3.0 | |
- deps: serve-index@~1.7.0 | |
- deps: serve-static@~1.10.0 | |
- deps: type-is@~1.6.3 | |
* deps: cookie@0.1.3 | |
- perf: deduce the scope of try-catch deopt | |
- perf: remove argument reassignments | |
* deps: escape-html@1.0.2 | |
* deps: etag@~1.7.0 | |
- Always include entity length in ETags for hash length extensions | |
- Generate non-Stats ETags using MD5 only (no longer CRC32) | |
- Improve stat performance by removing hashing | |
- Improve support for JXcore | |
- Remove base64 padding in ETags to shorten | |
- Support "fake" stats objects in environments without fs | |
- Use MD5 instead of MD4 in weak ETags over 1KB | |
* deps: fresh@0.3.0 | |
- Add weak `ETag` matching support | |
* deps: mkdirp@0.5.1 | |
- Work in global strict mode | |
* deps: send@0.13.0 | |
- Allow Node.js HTTP server to set `Date` response header | |
- Fix incorrectly removing `Content-Location` on 304 response | |
- Improve the default redirect response headers | |
- Send appropriate headers on default error response | |
- Use `http-errors` for standard emitted errors | |
- Use `statuses` instead of `http` module for status messages | |
- deps: escape-html@1.0.2 | |
- deps: etag@~1.7.0 | |
- deps: fresh@0.3.0 | |
- deps: on-finished@~2.3.0 | |
- perf: enable strict mode | |
- perf: remove unnecessary array allocations | |
3.20.3 / 2015-05-17 | |
=================== | |
* deps: connect@2.29.2 | |
- deps: body-parser@~1.12.4 | |
- deps: compression@~1.4.4 | |
- deps: connect-timeout@~1.6.2 | |
- deps: debug@~2.2.0 | |
- deps: depd@~1.0.1 | |
- deps: errorhandler@~1.3.6 | |
- deps: finalhandler@0.3.6 | |
- deps: method-override@~2.3.3 | |
- deps: morgan@~1.5.3 | |
- deps: qs@2.4.2 | |
- deps: response-time@~2.3.1 | |
- deps: serve-favicon@~2.2.1 | |
- deps: serve-index@~1.6.4 | |
- deps: serve-static@~1.9.3 | |
- deps: type-is@~1.6.2 | |
* deps: debug@~2.2.0 | |
- deps: ms@0.7.1 | |
* deps: depd@~1.0.1 | |
* deps: proxy-addr@~1.0.8 | |
- deps: ipaddr.js@1.0.1 | |
* deps: send@0.12.3 | |
- deps: debug@~2.2.0 | |
- deps: depd@~1.0.1 | |
- deps: etag@~1.6.0 | |
- deps: ms@0.7.1 | |
- deps: on-finished@~2.2.1 | |
3.20.2 / 2015-03-16 | |
=================== | |
* deps: connect@2.29.1 | |
- deps: body-parser@~1.12.2 | |
- deps: compression@~1.4.3 | |
- deps: connect-timeout@~1.6.1 | |
- deps: debug@~2.1.3 | |
- deps: errorhandler@~1.3.5 | |
- deps: express-session@~1.10.4 | |
- deps: finalhandler@0.3.4 | |
- deps: method-override@~2.3.2 | |
- deps: morgan@~1.5.2 | |
- deps: qs@2.4.1 | |
- deps: serve-index@~1.6.3 | |
- deps: serve-static@~1.9.2 | |
- deps: type-is@~1.6.1 | |
* deps: debug@~2.1.3 | |
- Fix high intensity foreground color for bold | |
- deps: ms@0.7.0 | |
* deps: merge-descriptors@1.0.0 | |
* deps: proxy-addr@~1.0.7 | |
- deps: ipaddr.js@0.1.9 | |
* deps: send@0.12.2 | |
- Throw errors early for invalid `extensions` or `index` options | |
- deps: debug@~2.1.3 | |
3.20.1 / 2015-02-28 | |
=================== | |
* Fix `req.host` when using "trust proxy" hops count | |
* Fix `req.protocol`/`req.secure` when using "trust proxy" hops count | |
3.20.0 / 2015-02-18 | |
=================== | |
* Fix `"trust proxy"` setting to inherit when app is mounted | |
* Generate `ETag`s for all request responses | |
- No longer restricted to only responses for `GET` and `HEAD` requests | |
* Use `content-type` to parse `Content-Type` headers | |
* deps: connect@2.29.0 | |
- Use `content-type` to parse `Content-Type` headers | |
- deps: body-parser@~1.12.0 | |
- deps: compression@~1.4.1 | |
- deps: connect-timeout@~1.6.0 | |
- deps: cookie-parser@~1.3.4 | |
- deps: cookie-signature@1.0.6 | |
- deps: csurf@~1.7.0 | |
- deps: errorhandler@~1.3.4 | |
- deps: express-session@~1.10.3 | |
- deps: http-errors@~1.3.1 | |
- deps: response-time@~2.3.0 | |
- deps: serve-index@~1.6.2 | |
- deps: serve-static@~1.9.1 | |
- deps: type-is@~1.6.0 | |
* deps: cookie-signature@1.0.6 | |
* deps: send@0.12.1 | |
- Always read the stat size from the file | |
- Fix mutating passed-in `options` | |
- deps: mime@1.3.4 | |
3.19.2 / 2015-02-01 | |
=================== | |
* deps: connect@2.28.3 | |
- deps: compression@~1.3.1 | |
- deps: csurf@~1.6.6 | |
- deps: errorhandler@~1.3.3 | |
- deps: express-session@~1.10.2 | |
- deps: serve-index@~1.6.1 | |
- deps: type-is@~1.5.6 | |
* deps: proxy-addr@~1.0.6 | |
- deps: ipaddr.js@0.1.8 | |
3.19.1 / 2015-01-20 | |
=================== | |
* deps: connect@2.28.2 | |
- deps: body-parser@~1.10.2 | |
- deps: serve-static@~1.8.1 | |
* deps: send@0.11.1 | |
- Fix root path disclosure | |
3.19.0 / 2015-01-09 | |
=================== | |
* Fix `OPTIONS` responses to include the `HEAD` method property | |
* Use `readline` for prompt in `express(1)` | |
* deps: commander@2.6.0 | |
* deps: connect@2.28.1 | |
- deps: body-parser@~1.10.1 | |
- deps: compression@~1.3.0 | |
- deps: connect-timeout@~1.5.0 | |
- deps: csurf@~1.6.4 | |
- deps: debug@~2.1.1 | |
- deps: errorhandler@~1.3.2 | |
- deps: express-session@~1.10.1 | |
- deps: finalhandler@0.3.3 | |
- deps: method-override@~2.3.1 | |
- deps: morgan@~1.5.1 | |
- deps: serve-favicon@~2.2.0 | |
- deps: serve-index@~1.6.0 | |
- deps: serve-static@~1.8.0 | |
- deps: type-is@~1.5.5 | |
* deps: debug@~2.1.1 | |
* deps: methods@~1.1.1 | |
* deps: proxy-addr@~1.0.5 | |
- deps: ipaddr.js@0.1.6 | |
* deps: send@0.11.0 | |
- deps: debug@~2.1.1 | |
- deps: etag@~1.5.1 | |
- deps: ms@0.7.0 | |
- deps: on-finished@~2.2.0 | |
3.18.6 / 2014-12-12 | |
=================== | |
* Fix exception in `req.fresh`/`req.stale` without response headers | |
3.18.5 / 2014-12-11 | |
=================== | |
* deps: connect@2.27.6 | |
- deps: compression@~1.2.2 | |
- deps: express-session@~1.9.3 | |
- deps: http-errors@~1.2.8 | |
- deps: serve-index@~1.5.3 | |
- deps: type-is@~1.5.4 | |
3.18.4 / 2014-11-23 | |
=================== | |
* deps: connect@2.27.4 | |
- deps: body-parser@~1.9.3 | |
- deps: compression@~1.2.1 | |
- deps: errorhandler@~1.2.3 | |
- deps: express-session@~1.9.2 | |
- deps: qs@2.3.3 | |
- deps: serve-favicon@~2.1.7 | |
- deps: serve-static@~1.5.1 | |
- deps: type-is@~1.5.3 | |
* deps: etag@~1.5.1 | |
* deps: proxy-addr@~1.0.4 | |
- deps: ipaddr.js@0.1.5 | |
3.18.3 / 2014-11-09 | |
=================== | |
* deps: connect@2.27.3 | |
- Correctly invoke async callback asynchronously | |
- deps: csurf@~1.6.3 | |
3.18.2 / 2014-10-28 | |
=================== | |
* deps: connect@2.27.2 | |
- Fix handling of URLs containing `://` in the path | |
- deps: body-parser@~1.9.2 | |
- deps: qs@2.3.2 | |
3.18.1 / 2014-10-22 | |
=================== | |
* Fix internal `utils.merge` deprecation warnings | |
* deps: connect@2.27.1 | |
- deps: body-parser@~1.9.1 | |
- deps: express-session@~1.9.1 | |
- deps: finalhandler@0.3.2 | |
- deps: morgan@~1.4.1 | |
- deps: qs@2.3.0 | |
- deps: serve-static@~1.7.1 | |
* deps: send@0.10.1 | |
- deps: on-finished@~2.1.1 | |
3.18.0 / 2014-10-17 | |
=================== | |
* Use `content-disposition` module for `res.attachment`/`res.download` | |
- Sends standards-compliant `Content-Disposition` header | |
- Full Unicode support | |
* Use `etag` module to generate `ETag` headers | |
* deps: connect@2.27.0 | |
- Use `http-errors` module for creating errors | |
- Use `utils-merge` module for merging objects | |
- deps: body-parser@~1.9.0 | |
- deps: compression@~1.2.0 | |
- deps: connect-timeout@~1.4.0 | |
- deps: debug@~2.1.0 | |
- deps: depd@~1.0.0 | |
- deps: express-session@~1.9.0 | |
- deps: finalhandler@0.3.1 | |
- deps: method-override@~2.3.0 | |
- deps: morgan@~1.4.0 | |
- deps: response-time@~2.2.0 | |
- deps: serve-favicon@~2.1.6 | |
- deps: serve-index@~1.5.0 | |
- deps: serve-static@~1.7.0 | |
* deps: debug@~2.1.0 | |
- Implement `DEBUG_FD` env variable support | |
* deps: depd@~1.0.0 | |
* deps: send@0.10.0 | |
- deps: debug@~2.1.0 | |
- deps: depd@~1.0.0 | |
- deps: etag@~1.5.0 | |
3.17.8 / 2014-10-15 | |
=================== | |
* deps: connect@2.26.6 | |
- deps: compression@~1.1.2 | |
- deps: csurf@~1.6.2 | |
- deps: errorhandler@~1.2.2 | |
3.17.7 / 2014-10-08 | |
=================== | |
* deps: connect@2.26.5 | |
- Fix accepting non-object arguments to `logger` | |
- deps: serve-static@~1.6.4 | |
3.17.6 / 2014-10-02 | |
=================== | |
* deps: connect@2.26.4 | |
- deps: morgan@~1.3.2 | |
- deps: type-is@~1.5.2 | |
3.17.5 / 2014-09-24 | |
=================== | |
* deps: connect@2.26.3 | |
- deps: body-parser@~1.8.4 | |
- deps: serve-favicon@~2.1.5 | |
- deps: serve-static@~1.6.3 | |
* deps: proxy-addr@~1.0.3 | |
- Use `forwarded` npm module | |
* deps: send@0.9.3 | |
- deps: etag@~1.4.0 | |
3.17.4 / 2014-09-19 | |
=================== | |
* deps: connect@2.26.2 | |
- deps: body-parser@~1.8.3 | |
- deps: qs@2.2.4 | |
3.17.3 / 2014-09-18 | |
=================== | |
* deps: proxy-addr@~1.0.2 | |
- Fix a global leak when multiple subnets are trusted | |
- deps: ipaddr.js@0.1.3 | |
3.17.2 / 2014-09-15 | |
=================== | |
* Use `crc` instead of `buffer-crc32` for speed | |
* deps: connect@2.26.1 | |
- deps: body-parser@~1.8.2 | |
- deps: depd@0.4.5 | |
- deps: express-session@~1.8.2 | |
- deps: morgan@~1.3.1 | |
- deps: serve-favicon@~2.1.3 | |
- deps: serve-static@~1.6.2 | |
* deps: depd@0.4.5 | |
* deps: send@0.9.2 | |
- deps: depd@0.4.5 | |
- deps: etag@~1.3.1 | |
- deps: range-parser@~1.0.2 | |
3.17.1 / 2014-09-08 | |
=================== | |
* Fix error in `req.subdomains` on empty host | |
3.17.0 / 2014-09-08 | |
=================== | |
* Support `X-Forwarded-Host` in `req.subdomains` | |
* Support IP address host in `req.subdomains` | |
* deps: connect@2.26.0 | |
- deps: body-parser@~1.8.1 | |
- deps: compression@~1.1.0 | |
- deps: connect-timeout@~1.3.0 | |
- deps: cookie-parser@~1.3.3 | |
- deps: cookie-signature@1.0.5 | |
- deps: csurf@~1.6.1 | |
- deps: debug@~2.0.0 | |
- deps: errorhandler@~1.2.0 | |
- deps: express-session@~1.8.1 | |
- deps: finalhandler@0.2.0 | |
- deps: fresh@0.2.4 | |
- deps: media-typer@0.3.0 | |
- deps: method-override@~2.2.0 | |
- deps: morgan@~1.3.0 | |
- deps: qs@2.2.3 | |
- deps: serve-favicon@~2.1.3 | |
- deps: serve-index@~1.2.1 | |
- deps: serve-static@~1.6.1 | |
- deps: type-is@~1.5.1 | |
- deps: vhost@~3.0.0 | |
* deps: cookie-signature@1.0.5 | |
* deps: debug@~2.0.0 | |
* deps: fresh@0.2.4 | |
* deps: media-typer@0.3.0 | |
- Throw error when parameter format invalid on parse | |
* deps: range-parser@~1.0.2 | |
* deps: send@0.9.1 | |
- Add `lastModified` option | |
- Use `etag` to generate `ETag` header | |
- deps: debug@~2.0.0 | |
- deps: fresh@0.2.4 | |
* deps: vary@~1.0.0 | |
- Accept valid `Vary` header string as `field` | |
3.16.10 / 2014-09-04 | |
==================== | |
* deps: connect@2.25.10 | |
- deps: serve-static@~1.5.4 | |
* deps: send@0.8.5 | |
- Fix a path traversal issue when using `root` | |
- Fix malicious path detection for empty string path | |
3.16.9 / 2014-08-29 | |
=================== | |
* deps: connect@2.25.9 | |
- deps: body-parser@~1.6.7 | |
- deps: qs@2.2.2 | |
3.16.8 / 2014-08-27 | |
=================== | |
* deps: connect@2.25.8 | |
- deps: body-parser@~1.6.6 | |
- deps: csurf@~1.4.1 | |
- deps: qs@2.2.0 | |
3.16.7 / 2014-08-18 | |
=================== | |
* deps: connect@2.25.7 | |
- deps: body-parser@~1.6.5 | |
- deps: express-session@~1.7.6 | |
- deps: morgan@~1.2.3 | |
- deps: serve-static@~1.5.3 | |
* deps: send@0.8.3 | |
- deps: destroy@1.0.3 | |
- deps: on-finished@2.1.0 | |
3.16.6 / 2014-08-14 | |
=================== | |
* deps: connect@2.25.6 | |
- deps: body-parser@~1.6.4 | |
- deps: qs@1.2.2 | |
- deps: serve-static@~1.5.2 | |
* deps: send@0.8.2 | |
- Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` | |
3.16.5 / 2014-08-11 | |
=================== | |
* deps: connect@2.25.5 | |
- Fix backwards compatibility in `logger` | |
3.16.4 / 2014-08-10 | |
=================== | |
* Fix original URL parsing in `res.location` | |
* deps: connect@2.25.4 | |
- Fix `query` middleware breaking with argument | |
- deps: body-parser@~1.6.3 | |
- deps: compression@~1.0.11 | |
- deps: connect-timeout@~1.2.2 | |
- deps: express-session@~1.7.5 | |
- deps: method-override@~2.1.3 | |
- deps: on-headers@~1.0.0 | |
- deps: parseurl@~1.3.0 | |
- deps: qs@1.2.1 | |
- deps: response-time@~2.0.1 | |
- deps: serve-index@~1.1.6 | |
- deps: serve-static@~1.5.1 | |
* deps: parseurl@~1.3.0 | |
3.16.3 / 2014-08-07 | |
=================== | |
* deps: connect@2.25.3 | |
- deps: multiparty@3.3.2 | |
3.16.2 / 2014-08-07 | |
=================== | |
* deps: connect@2.25.2 | |
- deps: body-parser@~1.6.2 | |
- deps: qs@1.2.0 | |
3.16.1 / 2014-08-06 | |
=================== | |
* deps: connect@2.25.1 | |
- deps: body-parser@~1.6.1 | |
- deps: qs@1.1.0 | |
3.16.0 / 2014-08-05 | |
=================== | |
* deps: connect@2.25.0 | |
- deps: body-parser@~1.6.0 | |
- deps: compression@~1.0.10 | |
- deps: csurf@~1.4.0 | |
- deps: express-session@~1.7.4 | |
- deps: qs@1.0.2 | |
- deps: serve-static@~1.5.0 | |
* deps: send@0.8.1 | |
- Add `extensions` option | |
3.15.3 / 2014-08-04 | |
=================== | |
* fix `res.sendfile` regression for serving directory index files | |
* deps: connect@2.24.3 | |
- deps: serve-index@~1.1.5 | |
- deps: serve-static@~1.4.4 | |
* deps: send@0.7.4 | |
- Fix incorrect 403 on Windows and Node.js 0.11 | |
- Fix serving index files without root dir | |
3.15.2 / 2014-07-27 | |
=================== | |
* deps: connect@2.24.2 | |
- deps: body-parser@~1.5.2 | |
- deps: depd@0.4.4 | |
- deps: express-session@~1.7.2 | |
- deps: morgan@~1.2.2 | |
- deps: serve-static@~1.4.2 | |
* deps: depd@0.4.4 | |
- Work-around v8 generating empty stack traces | |
* deps: send@0.7.2 | |
- deps: depd@0.4.4 | |
3.15.1 / 2014-07-26 | |
=================== | |
* deps: connect@2.24.1 | |
- deps: body-parser@~1.5.1 | |
- deps: depd@0.4.3 | |
- deps: express-session@~1.7.1 | |
- deps: morgan@~1.2.1 | |
- deps: serve-index@~1.1.4 | |
- deps: serve-static@~1.4.1 | |
* deps: depd@0.4.3 | |
- Fix exception when global `Error.stackTraceLimit` is too low | |
* deps: send@0.7.1 | |
- deps: depd@0.4.3 | |
3.15.0 / 2014-07-22 | |
=================== | |
* Fix `req.protocol` for proxy-direct connections | |
* Pass options from `res.sendfile` to `send` | |
* deps: connect@2.24.0 | |
- deps: body-parser@~1.5.0 | |
- deps: compression@~1.0.9 | |
- deps: connect-timeout@~1.2.1 | |
- deps: debug@1.0.4 | |
- deps: depd@0.4.2 | |
- deps: express-session@~1.7.0 | |
- deps: finalhandler@0.1.0 | |
- deps: method-override@~2.1.2 | |
- deps: morgan@~1.2.0 | |
- deps: multiparty@3.3.1 | |
- deps: parseurl@~1.2.0 | |
- deps: serve-static@~1.4.0 | |
* deps: debug@1.0.4 | |
* deps: depd@0.4.2 | |
- Add `TRACE_DEPRECATION` environment variable | |
- Remove non-standard grey color from color output | |
- Support `--no-deprecation` argument | |
- Support `--trace-deprecation` argument | |
* deps: parseurl@~1.2.0 | |
- Cache URLs based on original value | |
- Remove no-longer-needed URL mis-parse work-around | |
- Simplify the "fast-path" `RegExp` | |
* deps: send@0.7.0 | |
- Add `dotfiles` option | |
- Cap `maxAge` value to 1 year | |
- deps: debug@1.0.4 | |
- deps: depd@0.4.2 | |
3.14.0 / 2014-07-11 | |
=================== | |
* add explicit "Rosetta Flash JSONP abuse" protection | |
- previous versions are not vulnerable; this is just explicit protection | |
* deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead | |
* fix `res.send(status, num)` to send `num` as json (not error) | |
* remove unnecessary escaping when `res.jsonp` returns JSON response | |
* deps: basic-auth@1.0.0 | |
- support empty password | |
- support empty username | |
* deps: connect@2.23.0 | |
- deps: debug@1.0.3 | |
- deps: express-session@~1.6.4 | |
- deps: method-override@~2.1.0 | |
- deps: parseurl@~1.1.3 | |
- deps: serve-static@~1.3.1 | |
* deps: debug@1.0.3 | |
- Add support for multiple wildcards in namespaces | |
* deps: methods@1.1.0 | |
- add `CONNECT` | |
* deps: parseurl@~1.1.3 | |
- faster parsing of href-only URLs | |
3.13.0 / 2014-07-03 | |
=================== | |
* add deprecation message to `app.configure` | |
* add deprecation message to `req.auth` | |
* use `basic-auth` to parse `Authorization` header | |
* deps: connect@2.22.0 | |
- deps: csurf@~1.3.0 | |
- deps: express-session@~1.6.1 | |
- deps: multiparty@3.3.0 | |
- deps: serve-static@~1.3.0 | |
* deps: send@0.5.0 | |
- Accept string for `maxage` (converted by `ms`) | |
- Include link in default redirect response | |
3.12.1 / 2014-06-26 | |
=================== | |
* deps: connect@2.21.1 | |
- deps: cookie-parser@1.3.2 | |
- deps: cookie-signature@1.0.4 | |
- deps: express-session@~1.5.2 | |
- deps: type-is@~1.3.2 | |
* deps: cookie-signature@1.0.4 | |
- fix for timing attacks | |
3.12.0 / 2014-06-21 | |
=================== | |
* use `media-typer` to alter content-type charset | |
* deps: connect@2.21.0 | |
- deprecate `connect(middleware)` -- use `app.use(middleware)` instead | |
- deprecate `connect.createServer()` -- use `connect()` instead | |
- fix `res.setHeader()` patch to work with get -> append -> set pattern | |
- deps: compression@~1.0.8 | |
- deps: errorhandler@~1.1.1 | |
- deps: express-session@~1.5.0 | |
- deps: serve-index@~1.1.3 | |
3.11.0 / 2014-06-19 | |
=================== | |
* deprecate things with `depd` module | |
* deps: buffer-crc32@0.2.3 | |
* deps: connect@2.20.2 | |
- deprecate `verify` option to `json` -- use `body-parser` npm module instead | |
- deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead | |
- deprecate things with `depd` module | |
- use `finalhandler` for final response handling | |
- use `media-typer` to parse `content-type` for charset | |
- deps: body-parser@1.4.3 | |
- deps: connect-timeout@1.1.1 | |
- deps: cookie-parser@1.3.1 | |
- deps: csurf@1.2.2 | |
- deps: errorhandler@1.1.0 | |
- deps: express-session@1.4.0 | |
- deps: multiparty@3.2.9 | |
- deps: serve-index@1.1.2 | |
- deps: type-is@1.3.1 | |
- deps: vhost@2.0.0 | |
3.10.5 / 2014-06-11 | |
=================== | |
* deps: connect@2.19.6 | |
- deps: body-parser@1.3.1 | |
- deps: compression@1.0.7 | |
- deps: debug@1.0.2 | |
- deps: serve-index@1.1.1 | |
- deps: serve-static@1.2.3 | |
* deps: debug@1.0.2 | |
* deps: send@0.4.3 | |
- Do not throw uncatchable error on file open race condition | |
- Use `escape-html` for HTML escaping | |
- deps: debug@1.0.2 | |
- deps: finished@1.2.2 | |
- deps: fresh@0.2.2 | |
3.10.4 / 2014-06-09 | |
=================== | |
* deps: connect@2.19.5 | |
- fix "event emitter leak" warnings | |
- deps: csurf@1.2.1 | |
- deps: debug@1.0.1 | |
- deps: serve-static@1.2.2 | |
- deps: type-is@1.2.1 | |
* deps: debug@1.0.1 | |
* deps: send@0.4.2 | |
- fix "event emitter leak" warnings | |
- deps: finished@1.2.1 | |
- deps: debug@1.0.1 | |
3.10.3 / 2014-06-05 | |
=================== | |
* use `vary` module for `res.vary` | |
* deps: connect@2.19.4 | |
- deps: errorhandler@1.0.2 | |
- deps: method-override@2.0.2 | |
- deps: serve-favicon@2.0.1 | |
* deps: debug@1.0.0 | |
3.10.2 / 2014-06-03 | |
=================== | |
* deps: connect@2.19.3 | |
- deps: compression@1.0.6 | |
3.10.1 / 2014-06-03 | |
=================== | |
* deps: connect@2.19.2 | |
- deps: compression@1.0.4 | |
* deps: proxy-addr@1.0.1 | |
3.10.0 / 2014-06-02 | |
=================== | |
* deps: connect@2.19.1 | |
- deprecate `methodOverride()` -- use `method-override` npm module instead | |
- deps: body-parser@1.3.0 | |
- deps: method-override@2.0.1 | |
- deps: multiparty@3.2.8 | |
- deps: response-time@2.0.0 | |
- deps: serve-static@1.2.1 | |
* deps: methods@1.0.1 | |
* deps: send@0.4.1 | |
- Send `max-age` in `Cache-Control` in correct format | |
3.9.0 / 2014-05-30 | |
================== | |
* custom etag control with `app.set('etag', val)` | |
- `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation | |
- `app.set('etag', 'weak')` weak tag | |
- `app.set('etag', 'strong')` strong etag | |
- `app.set('etag', false)` turn off | |
- `app.set('etag', true)` standard etag | |
* Include ETag in HEAD requests | |
* mark `res.send` ETag as weak and reduce collisions | |
* update connect to 2.18.0 | |
- deps: compression@1.0.3 | |
- deps: serve-index@1.1.0 | |
- deps: serve-static@1.2.0 | |
* update send to 0.4.0 | |
- Calculate ETag with md5 for reduced collisions | |
- Ignore stream errors after request ends | |
- deps: debug@0.8.1 | |
3.8.1 / 2014-05-27 | |
================== | |
* update connect to 2.17.3 | |
- deps: body-parser@1.2.2 | |
- deps: express-session@1.2.1 | |
- deps: method-override@1.0.2 | |
3.8.0 / 2014-05-21 | |
================== | |
* keep previous `Content-Type` for `res.jsonp` | |
* set proper `charset` in `Content-Type` for `res.send` | |
* update connect to 2.17.1 | |
- fix `res.charset` appending charset when `content-type` has one | |
- deps: express-session@1.2.0 | |
- deps: morgan@1.1.1 | |
- deps: serve-index@1.0.3 | |
3.7.0 / 2014-05-18 | |
================== | |
* proper proxy trust with `app.set('trust proxy', trust)` | |
- `app.set('trust proxy', 1)` trust first hop | |
- `app.set('trust proxy', 'loopback')` trust loopback addresses | |
- `app.set('trust proxy', '10.0.0.1')` trust single IP | |
- `app.set('trust proxy', '10.0.0.1/16')` trust subnet | |
- `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list | |
- `app.set('trust proxy', false)` turn off | |
- `app.set('trust proxy', true)` trust everything | |
* update connect to 2.16.2 | |
- deprecate `res.headerSent` -- use `res.headersSent` | |
- deprecate `res.on("header")` -- use on-headers module instead | |
- fix edge-case in `res.appendHeader` that would append in wrong order | |
- json: use body-parser | |
- urlencoded: use body-parser | |
- dep: bytes@1.0.0 | |
- dep: cookie-parser@1.1.0 | |
- dep: csurf@1.2.0 | |
- dep: express-session@1.1.0 | |
- dep: method-override@1.0.1 | |
3.6.0 / 2014-05-09 | |
================== | |
* deprecate `app.del()` -- use `app.delete()` instead | |
* deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead | |
- the edge-case `res.json(status, num)` requires `res.status(status).json(num)` | |
* deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead | |
- the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` | |
* support PURGE method | |
- add `app.purge` | |
- add `router.purge` | |
- include PURGE in `app.all` | |
* update connect to 2.15.0 | |
* Add `res.appendHeader` | |
* Call error stack even when response has been sent | |
* Patch `res.headerSent` to return Boolean | |
* Patch `res.headersSent` for node.js 0.8 | |
* Prevent default 404 handler after response sent | |
* dep: compression@1.0.2 | |
* dep: connect-timeout@1.1.0 | |
* dep: debug@^0.8.0 | |
* dep: errorhandler@1.0.1 | |
* dep: express-session@1.0.4 | |
* dep: morgan@1.0.1 | |
* dep: serve-favicon@2.0.0 | |
* dep: serve-index@1.0.2 | |
* update debug to 0.8.0 | |
* add `enable()` method | |
* change from stderr to stdout | |
* update methods to 1.0.0 | |
- add PURGE | |
* update mkdirp to 0.5.0 | |
3.5.3 / 2014-05-08 | |
================== | |
* fix `req.host` for IPv6 literals | |
* fix `res.jsonp` error if callback param is object | |
3.5.2 / 2014-04-24 | |
================== | |
* update connect to 2.14.5 | |
* update cookie to 0.1.2 | |
* update mkdirp to 0.4.0 | |
* update send to 0.3.0 | |
3.5.1 / 2014-03-25 | |
================== | |
* pin less-middleware in generated app | |
3.5.0 / 2014-03-06 | |
================== | |
* bump deps | |
3.4.8 / 2014-01-13 | |
================== | |
* prevent incorrect automatic OPTIONS responses #1868 @dpatti | |
* update binary and examples for jade 1.0 #1876 @yossi, #1877 @reqshark, #1892 @matheusazzi | |
* throw 400 in case of malformed paths @rlidwka | |
3.4.7 / 2013-12-10 | |
================== | |
* update connect | |
3.4.6 / 2013-12-01 | |
================== | |
* update connect (raw-body) | |
3.4.5 / 2013-11-27 | |
================== | |
* update connect | |
* res.location: remove leading ./ #1802 @kapouer | |
* res.redirect: fix `res.redirect('toString') #1829 @michaelficarra | |
* res.send: always send ETag when content-length > 0 | |
* router: add Router.all() method | |
3.4.4 / 2013-10-29 | |
================== | |
* update connect | |
* update supertest | |
* update methods | |
* express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04 | |
3.4.3 / 2013-10-23 | |
================== | |
* update connect | |
3.4.2 / 2013-10-18 | |
================== | |
* update connect | |
* downgrade commander | |
3.4.1 / 2013-10-15 | |
================== | |
* update connect | |
* update commander | |
* jsonp: check if callback is a function | |
* router: wrap encodeURIComponent in a try/catch #1735 (@lxe) | |
* res.format: now includes charset @1747 (@sorribas) | |
* res.links: allow multiple calls @1746 (@sorribas) | |
3.4.0 / 2013-09-07 | |
================== | |
* add res.vary(). Closes #1682 | |
* update connect | |
3.3.8 / 2013-09-02 | |
================== | |
* update connect | |
3.3.7 / 2013-08-28 | |
================== | |
* update connect | |
3.3.6 / 2013-08-27 | |
================== | |
* Revert "remove charset from json responses. Closes #1631" (causes issues in some clients) | |
* add: req.accepts take an argument list | |
3.3.4 / 2013-07-08 | |
================== | |
* update send and connect | |
3.3.3 / 2013-07-04 | |
================== | |
* update connect | |
3.3.2 / 2013-07-03 | |
================== | |
* update connect | |
* update send | |
* remove .version export | |
3.3.1 / 2013-06-27 | |
================== | |
* update connect | |
3.3.0 / 2013-06-26 | |
================== | |
* update connect | |
* add support for multiple X-Forwarded-Proto values. Closes #1646 | |
* change: remove charset from json responses. Closes #1631 | |
* change: return actual booleans from req.accept* functions | |
* fix jsonp callback array throw | |
3.2.6 / 2013-06-02 | |
================== | |
* update connect | |
3.2.5 / 2013-05-21 | |
================== | |
* update connect | |
* update node-cookie | |
* add: throw a meaningful error when there is no default engine | |
* change generation of ETags with res.send() to GET requests only. Closes #1619 | |
3.2.4 / 2013-05-09 | |
================== | |
* fix `req.subdomains` when no Host is present | |
* fix `req.host` when no Host is present, return undefined | |
3.2.3 / 2013-05-07 | |
================== | |
* update connect / qs | |
3.2.2 / 2013-05-03 | |
================== | |
* update qs | |
3.2.1 / 2013-04-29 | |
================== | |
* add app.VERB() paths array deprecation warning | |
* update connect | |
* update qs and remove all ~ semver crap | |
* fix: accept number as value of Signed Cookie | |
3.2.0 / 2013-04-15 | |
================== | |
* add "view" constructor setting to override view behaviour | |
* add req.acceptsEncoding(name) | |
* add req.acceptedEncodings | |
* revert cookie signature change causing session race conditions | |
* fix sorting of Accept values of the same quality | |
3.1.2 / 2013-04-12 | |
================== | |
* add support for custom Accept parameters | |
* update cookie-signature | |
3.1.1 / 2013-04-01 | |
================== | |
* add X-Forwarded-Host support to `req.host` | |
* fix relative redirects | |
* update mkdirp | |
* update buffer-crc32 | |
* remove legacy app.configure() method from app template. | |
3.1.0 / 2013-01-25 | |
================== | |
* add support for leading "." in "view engine" setting | |
* add array support to `res.set()` | |
* add node 0.8.x to travis.yml | |
* add "subdomain offset" setting for tweaking `req.subdomains` | |
* add `res.location(url)` implementing `res.redirect()`-like setting of Location | |
* use app.get() for x-powered-by setting for inheritance | |
* fix colons in passwords for `req.auth` | |
3.0.6 / 2013-01-04 | |
================== | |
* add http verb methods to Router | |
* update connect | |
* fix mangling of the `res.cookie()` options object | |
* fix jsonp whitespace escape. Closes #1132 | |
3.0.5 / 2012-12-19 | |
================== | |
* add throwing when a non-function is passed to a route | |
* fix: explicitly remove Transfer-Encoding header from 204 and 304 responses | |
* revert "add 'etag' option" | |
3.0.4 / 2012-12-05 | |
================== | |
* add 'etag' option to disable `res.send()` Etags | |
* add escaping of urls in text/plain in `res.redirect()` | |
for old browsers interpreting as html | |
* change crc32 module for a more liberal license | |
* update connect | |
3.0.3 / 2012-11-13 | |
================== | |
* update connect | |
* update cookie module | |
* fix cookie max-age | |
3.0.2 / 2012-11-08 | |
================== | |
* add OPTIONS to cors example. Closes #1398 | |
* fix route chaining regression. Closes #1397 | |
3.0.1 / 2012-11-01 | |
================== | |
* update connect | |
3.0.0 / 2012-10-23 | |
================== | |
* add `make clean` | |
* add "Basic" check to req.auth | |
* add `req.auth` test coverage | |
* add cb && cb(payload) to `res.jsonp()`. Closes #1374 | |
* add backwards compat for `res.redirect()` status. Closes #1336 | |
* add support for `res.json()` to retain previously defined Content-Types. Closes #1349 | |
* update connect | |
* change `res.redirect()` to utilize a pathname-relative Location again. Closes #1382 | |
* remove non-primitive string support for `res.send()` | |
* fix view-locals example. Closes #1370 | |
* fix route-separation example | |
3.0.0rc5 / 2012-09-18 | |
================== | |
* update connect | |
* add redis search example | |
* add static-files example | |
* add "x-powered-by" setting (`app.disable('x-powered-by')`) | |
* add "application/octet-stream" redirect Accept test case. Closes #1317 | |
3.0.0rc4 / 2012-08-30 | |
================== | |
* add `res.jsonp()`. Closes #1307 | |
* add "verbose errors" option to error-pages example | |
* add another route example to express(1) so people are not so confused | |
* add redis online user activity tracking example | |
* update connect dep | |
* fix etag quoting. Closes #1310 | |
* fix error-pages 404 status | |
* fix jsonp callback char restrictions | |
* remove old OPTIONS default response | |
3.0.0rc3 / 2012-08-13 | |
================== | |
* update connect dep | |
* fix signed cookies to work with `connect.cookieParser()` ("s:" prefix was missing) [tnydwrds] | |
* fix `res.render()` clobbering of "locals" | |
3.0.0rc2 / 2012-08-03 | |
================== | |
* add CORS example | |
* update connect dep | |
* deprecate `.createServer()` & remove old stale examples | |
* fix: escape `res.redirect()` link | |
* fix vhost example | |
3.0.0rc1 / 2012-07-24 | |
================== | |
* add more examples to view-locals | |
* add scheme-relative redirects (`res.redirect("//foo.com")`) support | |
* update cookie dep | |
* update connect dep | |
* update send dep | |
* fix `express(1)` -h flag, use -H for hogan. Closes #1245 | |
* fix `res.sendfile()` socket error handling regression | |
3.0.0beta7 / 2012-07-16 | |
================== | |
* update connect dep for `send()` root normalization regression | |
3.0.0beta6 / 2012-07-13 | |
================== | |
* add `err.view` property for view errors. Closes #1226 | |
* add "jsonp callback name" setting | |
* add support for "/foo/:bar*" non-greedy matches | |
* change `res.sendfile()` to use `send()` module | |
* change `res.send` to use "response-send" module | |
* remove `app.locals.use` and `res.locals.use`, use regular middleware | |
3.0.0beta5 / 2012-07-03 | |
================== | |
* add "make check" support | |
* add route-map example | |
* add `res.json(obj, status)` support back for BC | |
* add "methods" dep, remove internal methods module | |
* update connect dep | |
* update auth example to utilize cores pbkdf2 | |
* updated tests to use "supertest" | |
3.0.0beta4 / 2012-06-25 | |
================== | |
* Added `req.auth` | |
* Added `req.range(size)` | |
* Added `res.links(obj)` | |
* Added `res.send(body, status)` support back for backwards compat | |
* Added `.default()` support to `res.format()` | |
* Added 2xx / 304 check to `req.fresh` | |
* Revert "Added + support to the router" | |
* Fixed `res.send()` freshness check, respect res.statusCode | |
3.0.0beta3 / 2012-06-15 | |
================== | |
* Added hogan `--hjs` to express(1) [nullfirm] | |
* Added another example to content-negotiation | |
* Added `fresh` dep | |
* Changed: `res.send()` always checks freshness | |
* Fixed: expose connects mime module. Closes #1165 | |
3.0.0beta2 / 2012-06-06 | |
================== | |
* Added `+` support to the router | |
* Added `req.host` | |
* Changed `req.param()` to check route first | |
* Update connect dep | |
3.0.0beta1 / 2012-06-01 | |
================== | |
* Added `res.format()` callback to override default 406 behaviour | |
* Fixed `res.redirect()` 406. Closes #1154 | |
3.0.0alpha5 / 2012-05-30 | |
================== | |
* Added `req.ip` | |
* Added `{ signed: true }` option to `res.cookie()` | |
* Removed `res.signedCookie()` | |
* Changed: dont reverse `req.ips` | |
* Fixed "trust proxy" setting check for `req.ips` | |
3.0.0alpha4 / 2012-05-09 | |
================== | |
* Added: allow `[]` in jsonp callback. Closes #1128 | |
* Added `PORT` env var support in generated template. Closes #1118 [benatkin] | |
* Updated: connect 2.2.2 | |
3.0.0alpha3 / 2012-05-04 | |
================== | |
* Added public `app.routes`. Closes #887 | |
* Added _view-locals_ example | |
* Added _mvc_ example | |
* Added `res.locals.use()`. Closes #1120 | |
* Added conditional-GET support to `res.send()` | |
* Added: coerce `res.set()` values to strings | |
* Changed: moved `static()` in generated apps below router | |
* Changed: `res.send()` only set ETag when not previously set | |
* Changed connect 2.2.1 dep | |
* Changed: `make test` now runs unit / acceptance tests | |
* Fixed req/res proto inheritance | |
3.0.0alpha2 / 2012-04-26 | |
================== | |
* Added `make benchmark` back | |
* Added `res.send()` support for `String` objects | |
* Added client-side data exposing example | |
* Added `res.header()` and `req.header()` aliases for BC | |
* Added `express.createServer()` for BC | |
* Perf: memoize parsed urls | |
* Perf: connect 2.2.0 dep | |
* Changed: make `expressInit()` middleware self-aware | |
* Fixed: use app.get() for all core settings | |
* Fixed redis session example | |
* Fixed session example. Closes #1105 | |
* Fixed generated express dep. Closes #1078 | |
3.0.0alpha1 / 2012-04-15 | |
================== | |
* Added `app.locals.use(callback)` | |
* Added `app.locals` object | |
* Added `app.locals(obj)` | |
* Added `res.locals` object | |
* Added `res.locals(obj)` | |
* Added `res.format()` for content-negotiation | |
* Added `app.engine()` | |
* Added `res.cookie()` JSON cookie support | |
* Added "trust proxy" setting | |
* Added `req.subdomains` | |
* Added `req.protocol` | |
* Added `req.secure` | |
* Added `req.path` | |
* Added `req.ips` | |
* Added `req.fresh` | |
* Added `req.stale` | |
* Added comma-delimited / array support for `req.accepts()` | |
* Added debug instrumentation | |
* Added `res.set(obj)` | |
* Added `res.set(field, value)` | |
* Added `res.get(field)` | |
* Added `app.get(setting)`. Closes #842 | |
* Added `req.acceptsLanguage()` | |
* Added `req.acceptsCharset()` | |
* Added `req.accepted` | |
* Added `req.acceptedLanguages` | |
* Added `req.acceptedCharsets` | |
* Added "json replacer" setting | |
* Added "json spaces" setting | |
* Added X-Forwarded-Proto support to `res.redirect()`. Closes #92 | |
* Added `--less` support to express(1) | |
* Added `express.response` prototype | |
* Added `express.request` prototype | |
* Added `express.application` prototype | |
* Added `app.path()` | |
* Added `app.render()` | |
* Added `res.type()` to replace `res.contentType()` | |
* Changed: `res.redirect()` to add relative support | |
* Changed: enable "jsonp callback" by default | |
* Changed: renamed "case sensitive routes" to "case sensitive routing" | |
* Rewrite of all tests with mocha | |
* Removed "root" setting | |
* Removed `res.redirect('home')` support | |
* Removed `req.notify()` | |
* Removed `app.register()` | |
* Removed `app.redirect()` | |
* Removed `app.is()` | |
* Removed `app.helpers()` | |
* Removed `app.dynamicHelpers()` | |
* Fixed `res.sendfile()` with non-GET. Closes #723 | |
* Fixed express(1) public dir for windows. Closes #866 | |
2.5.9/ 2012-04-02 | |
================== | |
* Added support for PURGE request method [pbuyle] | |
* Fixed `express(1)` generated app `app.address()` before `listening` [mmalecki] | |
2.5.8 / 2012-02-08 | |
================== | |
* Update mkdirp dep. Closes #991 | |
2.5.7 / 2012-02-06 | |
================== | |
* Fixed `app.all` duplicate DELETE requests [mscdex] | |
2.5.6 / 2012-01-13 | |
================== | |
* Updated hamljs dev dep. Closes #953 | |
2.5.5 / 2012-01-08 | |
================== | |
* Fixed: set `filename` on cached templates [matthewleon] | |
2.5.4 / 2012-01-02 | |
================== | |
* Fixed `express(1)` eol on 0.4.x. Closes #947 | |
2.5.3 / 2011-12-30 | |
================== | |
* Fixed `req.is()` when a charset is present | |
2.5.2 / 2011-12-10 | |
================== | |
* Fixed: express(1) LF -> CRLF for windows | |
2.5.1 / 2011-11-17 | |
================== | |
* Changed: updated connect to 1.8.x | |
* Removed sass.js support from express(1) | |
2.5.0 / 2011-10-24 | |
================== | |
* Added ./routes dir for generated app by default | |
* Added npm install reminder to express(1) app gen | |
* Added 0.5.x support | |
* Removed `make test-cov` since it wont work with node 0.5.x | |
* Fixed express(1) public dir for windows. Closes #866 | |
2.4.7 / 2011-10-05 | |
================== | |
* Added mkdirp to express(1). Closes #795 | |
* Added simple _json-config_ example | |
* Added shorthand for the parsed request's pathname via `req.path` | |
* Changed connect dep to 1.7.x to fix npm issue... | |
* Fixed `res.redirect()` __HEAD__ support. [reported by xerox] | |
* Fixed `req.flash()`, only escape args | |
* Fixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie] | |
2.4.6 / 2011-08-22 | |
================== | |
* Fixed multiple param callback regression. Closes #824 [reported by TroyGoode] | |
2.4.5 / 2011-08-19 | |
================== | |
* Added support for routes to handle errors. Closes #809 | |
* Added `app.routes.all()`. Closes #803 | |
* Added "basepath" setting to work in conjunction with reverse proxies etc. | |
* Refactored `Route` to use a single array of callbacks | |
* Added support for multiple callbacks for `app.param()`. Closes #801 | |
Closes #805 | |
* Changed: removed .call(self) for route callbacks | |
* Dependency: `qs >= 0.3.1` | |
* Fixed `res.redirect()` on windows due to `join()` usage. Closes #808 | |
2.4.4 / 2011-08-05 | |
================== | |
* Fixed `res.header()` intention of a set, even when `undefined` | |
* Fixed `*`, value no longer required | |
* Fixed `res.send(204)` support. Closes #771 | |
2.4.3 / 2011-07-14 | |
================== | |
* Added docs for `status` option special-case. Closes #739 | |
* Fixed `options.filename`, exposing the view path to template engines | |
2.4.2. / 2011-07-06 | |
================== | |
* Revert "removed jsonp stripping" for XSS | |
2.4.1 / 2011-07-06 | |
================== | |
* Added `res.json()` JSONP support. Closes #737 | |
* Added _extending-templates_ example. Closes #730 | |
* Added "strict routing" setting for trailing slashes | |
* Added support for multiple envs in `app.configure()` calls. Closes #735 | |
* Changed: `res.send()` using `res.json()` | |
* Changed: when cookie `path === null` don't default it | |
* Changed; default cookie path to "home" setting. Closes #731 | |
* Removed _pids/logs_ creation from express(1) | |
2.4.0 / 2011-06-28 | |
================== | |
* Added chainable `res.status(code)` | |
* Added `res.json()`, an explicit version of `res.send(obj)` | |
* Added simple web-service example | |
2.3.12 / 2011-06-22 | |
================== | |
* \#express is now on freenode! come join! | |
* Added `req.get(field, param)` | |
* Added links to Japanese documentation, thanks @hideyukisaito! | |
* Added; the `express(1)` generated app outputs the env | |
* Added `content-negotiation` example | |
* Dependency: connect >= 1.5.1 < 2.0.0 | |
* Fixed view layout bug. Closes #720 | |
* Fixed; ignore body on 304. Closes #701 | |
2.3.11 / 2011-06-04 | |
================== | |
* Added `npm test` | |
* Removed generation of dummy test file from `express(1)` | |
* Fixed; `express(1)` adds express as a dep | |
* Fixed; prune on `prepublish` | |
2.3.10 / 2011-05-27 | |
================== | |
* Added `req.route`, exposing the current route | |
* Added _package.json_ generation support to `express(1)` | |
* Fixed call to `app.param()` function for optional params. Closes #682 | |
2.3.9 / 2011-05-25 | |
================== | |
* Fixed bug-ish with `../' in `res.partial()` calls | |
2.3.8 / 2011-05-24 | |
================== | |
* Fixed `app.options()` | |
2.3.7 / 2011-05-23 | |
================== | |
* Added route `Collection`, ex: `app.get('/user/:id').remove();` | |
* Added support for `app.param(fn)` to define param logic | |
* Removed `app.param()` support for callback with return value | |
* Removed module.parent check from express(1) generated app. Closes #670 | |
* Refactored router. Closes #639 | |
2.3.6 / 2011-05-20 | |
================== | |
* Changed; using devDependencies instead of git submodules | |
* Fixed redis session example | |
* Fixed markdown example | |
* Fixed view caching, should not be enabled in development | |
2.3.5 / 2011-05-20 | |
================== | |
* Added export `.view` as alias for `.View` | |
2.3.4 / 2011-05-08 | |
================== | |
* Added `./examples/say` | |
* Fixed `res.sendfile()` bug preventing the transfer of files with spaces | |
2.3.3 / 2011-05-03 | |
================== | |
* Added "case sensitive routes" option. | |
* Changed; split methods supported per rfc [slaskis] | |
* Fixed route-specific middleware when using the same callback function several times | |
2.3.2 / 2011-04-27 | |
================== | |
* Fixed view hints | |
2.3.1 / 2011-04-26 | |
================== | |
* Added `app.match()` as `app.match.all()` | |
* Added `app.lookup()` as `app.lookup.all()` | |
* Added `app.remove()` for `app.remove.all()` | |
* Added `app.remove.VERB()` | |
* Fixed template caching collision issue. Closes #644 | |
* Moved router over from connect and started refactor | |
2.3.0 / 2011-04-25 | |
================== | |
* Added options support to `res.clearCookie()` | |
* Added `res.helpers()` as alias of `res.locals()` | |
* Added; json defaults to UTF-8 with `res.send()`. Closes #632. [Daniel * Dependency `connect >= 1.4.0` | |
* Changed; auto set Content-Type in res.attachement [Aaron Heckmann] | |
* Renamed "cache views" to "view cache". Closes #628 | |
* Fixed caching of views when using several apps. Closes #637 | |
* Fixed gotcha invoking `app.param()` callbacks once per route middleware. | |
Closes #638 | |
* Fixed partial lookup precedence. Closes #631 | |
Shaw] | |
2.2.2 / 2011-04-12 | |
================== | |
* Added second callback support for `res.download()` connection errors | |
* Fixed `filename` option passing to template engine | |
2.2.1 / 2011-04-04 | |
================== | |
* Added `layout(path)` helper to change the layout within a view. Closes #610 | |
* Fixed `partial()` collection object support. | |
Previously only anything with `.length` would work. | |
When `.length` is present one must still be aware of holes, | |
however now `{ collection: {foo: 'bar'}}` is valid, exposes | |
`keyInCollection` and `keysInCollection`. | |
* Performance improved with better view caching | |
* Removed `request` and `response` locals | |
* Changed; errorHandler page title is now `Express` instead of `Connect` | |
2.2.0 / 2011-03-30 | |
================== | |
* Added `app.lookup.VERB()`, ex `app.lookup.put('/user/:id')`. Closes #606 | |
* Added `app.match.VERB()`, ex `app.match.put('/user/12')`. Closes #606 | |
* Added `app.VERB(path)` as alias of `app.lookup.VERB()`. | |
* Dependency `connect >= 1.2.0` | |
2.1.1 / 2011-03-29 | |
================== | |
* Added; expose `err.view` object when failing to locate a view | |
* Fixed `res.partial()` call `next(err)` when no callback is given [reported by aheckmann] | |
* Fixed; `res.send(undefined)` responds with 204 [aheckmann] | |
2.1.0 / 2011-03-24 | |
================== | |
* Added `<root>/_?<name>` partial lookup support. Closes #447 | |
* Added `request`, `response`, and `app` local variables | |
* Added `settings` local variable, containing the app's settings | |
* Added `req.flash()` exception if `req.session` is not available | |
* Added `res.send(bool)` support (json response) | |
* Fixed stylus example for latest version | |
* Fixed; wrap try/catch around `res.render()` | |
2.0.0 / 2011-03-17 | |
================== | |
* Fixed up index view path alternative. | |
* Changed; `res.locals()` without object returns the locals | |
2.0.0rc3 / 2011-03-17 | |
================== | |
* Added `res.locals(obj)` to compliment `res.local(key, val)` | |
* Added `res.partial()` callback support | |
* Fixed recursive error reporting issue in `res.render()` | |
2.0.0rc2 / 2011-03-17 | |
================== | |
* Changed; `partial()` "locals" are now optional | |
* Fixed `SlowBuffer` support. Closes #584 [reported by tyrda01] | |
* Fixed .filename view engine option [reported by drudge] | |
* Fixed blog example | |
* Fixed `{req,res}.app` reference when mounting [Ben Weaver] | |
2.0.0rc / 2011-03-14 | |
================== | |
* Fixed; expose `HTTPSServer` constructor | |
* Fixed express(1) default test charset. Closes #579 [reported by secoif] | |
* Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP] | |
2.0.0beta3 / 2011-03-09 | |
================== | |
* Added support for `res.contentType()` literal | |
The original `res.contentType('.json')`, | |
`res.contentType('application/json')`, and `res.contentType('json')` | |
will work now. | |
* Added `res.render()` status option support back | |
* Added charset option for `res.render()` | |
* Added `.charset` support (via connect 1.0.4) | |
* Added view resolution hints when in development and a lookup fails | |
* Added layout lookup support relative to the page view. | |
For example while rendering `./views/user/index.jade` if you create | |
`./views/user/layout.jade` it will be used in favour of the root layout. | |
* Fixed `res.redirect()`. RFC states absolute url [reported by unlink] | |
* Fixed; default `res.send()` string charset to utf8 | |
* Removed `Partial` constructor (not currently used) | |
2.0.0beta2 / 2011-03-07 | |
================== | |
* Added res.render() `.locals` support back to aid in migration process | |
* Fixed flash example | |
2.0.0beta / 2011-03-03 | |
================== | |
* Added HTTPS support | |
* Added `res.cookie()` maxAge support | |
* Added `req.header()` _Referrer_ / _Referer_ special-case, either works | |
* Added mount support for `res.redirect()`, now respects the mount-point | |
* Added `union()` util, taking place of `merge(clone())` combo | |
* Added stylus support to express(1) generated app | |
* Added secret to session middleware used in examples and generated app | |
* Added `res.local(name, val)` for progressive view locals | |
* Added default param support to `req.param(name, default)` | |
* Added `app.disabled()` and `app.enabled()` | |
* Added `app.register()` support for omitting leading ".", either works | |
* Added `res.partial()`, using the same interface as `partial()` within a view. Closes #539 | |
* Added `app.param()` to map route params to async/sync logic | |
* Added; aliased `app.helpers()` as `app.locals()`. Closes #481 | |
* Added extname with no leading "." support to `res.contentType()` | |
* Added `cache views` setting, defaulting to enabled in "production" env | |
* Added index file partial resolution, eg: partial('user') may try _views/user/index.jade_. | |
* Added `req.accepts()` support for extensions | |
* Changed; `res.download()` and `res.sendfile()` now utilize Connect's | |
static file server `connect.static.send()`. | |
* Changed; replaced `connect.utils.mime()` with npm _mime_ module | |
* Changed; allow `req.query` to be pre-defined (via middleware or other parent | |
* Changed view partial resolution, now relative to parent view | |
* Changed view engine signature. no longer `engine.render(str, options, callback)`, now `engine.compile(str, options) -> Function`, the returned function accepts `fn(locals)`. | |
* Fixed `req.param()` bug returning Array.prototype methods. Closes #552 | |
* Fixed; using `Stream#pipe()` instead of `sys.pump()` in `res.sendfile()` | |
* Fixed; using _qs_ module instead of _querystring_ | |
* Fixed; strip unsafe chars from jsonp callbacks | |
* Removed "stream threshold" setting | |
1.0.8 / 2011-03-01 | |
================== | |
* Allow `req.query` to be pre-defined (via middleware or other parent app) | |
* "connect": ">= 0.5.0 < 1.0.0". Closes #547 | |
* Removed the long deprecated __EXPRESS_ENV__ support | |
1.0.7 / 2011-02-07 | |
================== | |
* Fixed `render()` setting inheritance. | |
Mounted apps would not inherit "view engine" | |
1.0.6 / 2011-02-07 | |
================== | |
* Fixed `view engine` setting bug when period is in dirname | |
1.0.5 / 2011-02-05 | |
================== | |
* Added secret to generated app `session()` call | |
1.0.4 / 2011-02-05 | |
================== | |
* Added `qs` dependency to _package.json_ | |
* Fixed namespaced `require()`s for latest connect support | |
1.0.3 / 2011-01-13 | |
================== | |
* Remove unsafe characters from JSONP callback names [Ryan Grove] | |
1.0.2 / 2011-01-10 | |
================== | |
* Removed nested require, using `connect.router` | |
1.0.1 / 2010-12-29 | |
================== | |
* Fixed for middleware stacked via `createServer()` | |
previously the `foo` middleware passed to `createServer(foo)` | |
would not have access to Express methods such as `res.send()` | |
or props like `req.query` etc. | |
1.0.0 / 2010-11-16 | |
================== | |
* Added; deduce partial object names from the last segment. | |
For example by default `partial('forum/post', postObject)` will | |
give you the _post_ object, providing a meaningful default. | |
* Added http status code string representation to `res.redirect()` body | |
* Added; `res.redirect()` supporting _text/plain_ and _text/html_ via __Accept__. | |
* Added `req.is()` to aid in content negotiation | |
* Added partial local inheritance [suggested by masylum]. Closes #102 | |
providing access to parent template locals. | |
* Added _-s, --session[s]_ flag to express(1) to add session related middleware | |
* Added _--template_ flag to express(1) to specify the | |
template engine to use. | |
* Added _--css_ flag to express(1) to specify the | |
stylesheet engine to use (or just plain css by default). | |
* Added `app.all()` support [thanks aheckmann] | |
* Added partial direct object support. | |
You may now `partial('user', user)` providing the "user" local, | |
vs previously `partial('user', { object: user })`. | |
* Added _route-separation_ example since many people question ways | |
to do this with CommonJS modules. Also view the _blog_ example for | |
an alternative. | |
* Performance; caching view path derived partial object names | |
* Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454 | |
* Fixed jsonp support; _text/javascript_ as per mailinglist discussion | |
1.0.0rc4 / 2010-10-14 | |
================== | |
* Added _NODE_ENV_ support, _EXPRESS_ENV_ is deprecated and will be removed in 1.0.0 | |
* Added route-middleware support (very helpful, see the [docs](http://expressjs.com/guide.html#Route-Middleware)) | |
* Added _jsonp callback_ setting to enable/disable jsonp autowrapping [Dav Glass] | |
* Added callback query check on response.send to autowrap JSON objects for simple webservice implementations [Dav Glass] | |
* Added `partial()` support for array-like collections. Closes #434 | |
* Added support for swappable querystring parsers | |
* Added session usage docs. Closes #443 | |
* Added dynamic helper caching. Closes #439 [suggested by maritz] | |
* Added authentication example | |
* Added basic Range support to `res.sendfile()` (and `res.download()` etc) | |
* Changed; `express(1)` generated app using 2 spaces instead of 4 | |
* Default env to "development" again [aheckmann] | |
* Removed _context_ option is no more, use "scope" | |
* Fixed; exposing _./support_ libs to examples so they can run without installs | |
* Fixed mvc example | |
1.0.0rc3 / 2010-09-20 | |
================== | |
* Added confirmation for `express(1)` app generation. Closes #391 | |
* Added extending of flash formatters via `app.flashFormatters` | |
* Added flash formatter support. Closes #411 | |
* Added streaming support to `res.sendfile()` using `sys.pump()` when >= "stream threshold" | |
* Added _stream threshold_ setting for `res.sendfile()` | |
* Added `res.send()` __HEAD__ support | |
* Added `res.clearCookie()` | |
* Added `res.cookie()` | |
* Added `res.render()` headers option | |
* Added `res.redirect()` response bodies | |
* Added `res.render()` status option support. Closes #425 [thanks aheckmann] | |
* Fixed `res.sendfile()` responding with 403 on malicious path | |
* Fixed `res.download()` bug; when an error occurs remove _Content-Disposition_ | |
* Fixed; mounted apps settings now inherit from parent app [aheckmann] | |
* Fixed; stripping Content-Length / Content-Type when 204 | |
* Fixed `res.send()` 204. Closes #419 | |
* Fixed multiple _Set-Cookie_ headers via `res.header()`. Closes #402 | |
* Fixed bug messing with error handlers when `listenFD()` is called instead of `listen()`. [thanks guillermo] | |
1.0.0rc2 / 2010-08-17 | |
================== | |
* Added `app.register()` for template engine mapping. Closes #390 | |
* Added `res.render()` callback support as second argument (no options) | |
* Added callback support to `res.download()` | |
* Added callback support for `res.sendfile()` | |
* Added support for middleware access via `express.middlewareName()` vs `connect.middlewareName()` | |
* Added "partials" setting to docs | |
* Added default expresso tests to `express(1)` generated app. Closes #384 | |
* Fixed `res.sendfile()` error handling, defer via `next()` | |
* Fixed `res.render()` callback when a layout is used [thanks guillermo] | |
* Fixed; `make install` creating ~/.node_libraries when not present | |
* Fixed issue preventing error handlers from being defined anywhere. Closes #387 | |
1.0.0rc / 2010-07-28 | |
================== | |
* Added mounted hook. Closes #369 | |
* Added connect dependency to _package.json_ | |
* Removed "reload views" setting and support code | |
development env never caches, production always caches. | |
* Removed _param_ in route callbacks, signature is now | |
simply (req, res, next), previously (req, res, params, next). | |
Use _req.params_ for path captures, _req.query_ for GET params. | |
* Fixed "home" setting | |
* Fixed middleware/router precedence issue. Closes #366 | |
* Fixed; _configure()_ callbacks called immediately. Closes #368 | |
1.0.0beta2 / 2010-07-23 | |
================== | |
* Added more examples | |
* Added; exporting `Server` constructor | |
* Added `Server#helpers()` for view locals | |
* Added `Server#dynamicHelpers()` for dynamic view locals. Closes #349 | |
* Added support for absolute view paths | |
* Added; _home_ setting defaults to `Server#route` for mounted apps. Closes #363 | |
* Added Guillermo Rauch to the contributor list | |
* Added support for "as" for non-collection partials. Closes #341 | |
* Fixed _install.sh_, ensuring _~/.node_libraries_ exists. Closes #362 [thanks jf] | |
* Fixed `res.render()` exceptions, now passed to `next()` when no callback is given [thanks guillermo] | |
* Fixed instanceof `Array` checks, now `Array.isArray()` | |
* Fixed express(1) expansion of public dirs. Closes #348 | |
* Fixed middleware precedence. Closes #345 | |
* Fixed view watcher, now async [thanks aheckmann] | |
1.0.0beta / 2010-07-15 | |
================== | |
* Re-write | |
- much faster | |
- much lighter | |
- Check [ExpressJS.com](http://expressjs.com) for migration guide and updated docs | |
0.14.0 / 2010-06-15 | |
================== | |
* Utilize relative requires | |
* Added Static bufferSize option [aheckmann] | |
* Fixed caching of view and partial subdirectories [aheckmann] | |
* Fixed mime.type() comments now that ".ext" is not supported | |
* Updated haml submodule | |
* Updated class submodule | |
* Removed bin/express | |
0.13.0 / 2010-06-01 | |
================== | |
* Added node v0.1.97 compatibility | |
* Added support for deleting cookies via Request#cookie('key', null) | |
* Updated haml submodule | |
* Fixed not-found page, now using charset utf-8 | |
* Fixed show-exceptions page, now using charset utf-8 | |
* Fixed view support due to fs.readFile Buffers | |
* Changed; mime.type() no longer accepts ".type" due to node extname() changes | |
0.12.0 / 2010-05-22 | |
================== | |
* Added node v0.1.96 compatibility | |
* Added view `helpers` export which act as additional local variables | |
* Updated haml submodule | |
* Changed ETag; removed inode, modified time only | |
* Fixed LF to CRLF for setting multiple cookies | |
* Fixed cookie compilation; values are now urlencoded | |
* Fixed cookies parsing; accepts quoted values and url escaped cookies | |
0.11.0 / 2010-05-06 | |
================== | |
* Added support for layouts using different engines | |
- this.render('page.html.haml', { layout: 'super-cool-layout.html.ejs' }) | |
- this.render('page.html.haml', { layout: 'foo' }) // assumes 'foo.html.haml' | |
- this.render('page.html.haml', { layout: false }) // no layout | |
* Updated ext submodule | |
* Updated haml submodule | |
* Fixed EJS partial support by passing along the context. Issue #307 | |
0.10.1 / 2010-05-03 | |
================== | |
* Fixed binary uploads. | |
0.10.0 / 2010-04-30 | |
================== | |
* Added charset support via Request#charset (automatically assigned to 'UTF-8' when respond()'s | |
encoding is set to 'utf8' or 'utf-8'). | |
* Added "encoding" option to Request#render(). Closes #299 | |
* Added "dump exceptions" setting, which is enabled by default. | |
* Added simple ejs template engine support | |
* Added error response support for text/plain, application/json. Closes #297 | |
* Added callback function param to Request#error() | |
* Added Request#sendHead() | |
* Added Request#stream() | |
* Added support for Request#respond(304, null) for empty response bodies | |
* Added ETag support to Request#sendfile() | |
* Added options to Request#sendfile(), passed to fs.createReadStream() | |
* Added filename arg to Request#download() | |
* Performance enhanced due to pre-reversing plugins so that plugins.reverse() is not called on each request | |
* Performance enhanced by preventing several calls to toLowerCase() in Router#match() | |
* Changed; Request#sendfile() now streams | |
* Changed; Renamed Request#halt() to Request#respond(). Closes #289 | |
* Changed; Using sys.inspect() instead of JSON.encode() for error output | |
* Changed; run() returns the http.Server instance. Closes #298 | |
* Changed; Defaulting Server#host to null (INADDR_ANY) | |
* Changed; Logger "common" format scale of 0.4f | |
* Removed Logger "request" format | |
* Fixed; Catching ENOENT in view caching, preventing error when "views/partials" is not found | |
* Fixed several issues with http client | |
* Fixed Logger Content-Length output | |
* Fixed bug preventing Opera from retaining the generated session id. Closes #292 | |
0.9.0 / 2010-04-14 | |
================== | |
* Added DSL level error() route support | |
* Added DSL level notFound() route support | |
* Added Request#error() | |
* Added Request#notFound() | |
* Added Request#render() callback function. Closes #258 | |
* Added "max upload size" setting | |
* Added "magic" variables to collection partials (\_\_index\_\_, \_\_length\_\_, \_\_isFirst\_\_, \_\_isLast\_\_). Closes #254 | |
* Added [haml.js](http://github.com/visionmedia/haml.js) submodule; removed haml-js | |
* Added callback function support to Request#halt() as 3rd/4th arg | |
* Added preprocessing of route param wildcards using param(). Closes #251 | |
* Added view partial support (with collections etc.) | |
* Fixed bug preventing falsey params (such as ?page=0). Closes #286 | |
* Fixed setting of multiple cookies. Closes #199 | |
* Changed; view naming convention is now NAME.TYPE.ENGINE (for example page.html.haml) | |
* Changed; session cookie is now httpOnly | |
* Changed; Request is no longer global | |
* Changed; Event is no longer global | |
* Changed; "sys" module is no longer global | |
* Changed; moved Request#download to Static plugin where it belongs | |
* Changed; Request instance created before body parsing. Closes #262 | |
* Changed; Pre-caching views in memory when "cache view contents" is enabled. Closes #253 | |
* Changed; Pre-caching view partials in memory when "cache view partials" is enabled | |
* Updated support to node --version 0.1.90 | |
* Updated dependencies | |
* Removed set("session cookie") in favour of use(Session, { cookie: { ... }}) | |
* Removed utils.mixin(); use Object#mergeDeep() | |
0.8.0 / 2010-03-19 | |
================== | |
* Added coffeescript example app. Closes #242 | |
* Changed; cache api now async friendly. Closes #240 | |
* Removed deprecated 'express/static' support. Use 'express/plugins/static' | |
0.7.6 / 2010-03-19 | |
================== | |
* Added Request#isXHR. Closes #229 | |
* Added `make install` (for the executable) | |
* Added `express` executable for setting up simple app templates | |
* Added "GET /public/*" to Static plugin, defaulting to <root>/public | |
* Added Static plugin | |
* Fixed; Request#render() only calls cache.get() once | |
* Fixed; Namespacing View caches with "view:" | |
* Fixed; Namespacing Static caches with "static:" | |
* Fixed; Both example apps now use the Static plugin | |
* Fixed set("views"). Closes #239 | |
* Fixed missing space for combined log format | |
* Deprecated Request#sendfile() and 'express/static' | |
* Removed Server#running | |
0.7.5 / 2010-03-16 | |
================== | |
* Added Request#flash() support without args, now returns all flashes | |
* Updated ext submodule | |
0.7.4 / 2010-03-16 | |
================== | |
* Fixed session reaper | |
* Changed; class.js replacing js-oo Class implementation (quite a bit faster, no browser cruft) | |
0.7.3 / 2010-03-16 | |
================== | |
* Added package.json | |
* Fixed requiring of haml / sass due to kiwi removal | |
0.7.2 / 2010-03-16 | |
================== | |
* Fixed GIT submodules (HAH!) | |
0.7.1 / 2010-03-16 | |
================== | |
* Changed; Express now using submodules again until a PM is adopted | |
* Changed; chat example using millisecond conversions from ext | |
0.7.0 / 2010-03-15 | |
================== | |
* Added Request#pass() support (finds the next matching route, or the given path) | |
* Added Logger plugin (default "common" format replaces CommonLogger) | |
* Removed Profiler plugin | |
* Removed CommonLogger plugin | |
0.6.0 / 2010-03-11 | |
================== | |
* Added seed.yml for kiwi package management support | |
* Added HTTP client query string support when method is GET. Closes #205 | |
* Added support for arbitrary view engines. | |
For example "foo.engine.html" will now require('engine'), | |
the exports from this module are cached after the first require(). | |
* Added async plugin support | |
* Removed usage of RESTful route funcs as http client | |
get() etc, use http.get() and friends | |
* Removed custom exceptions | |
0.5.0 / 2010-03-10 | |
================== | |
* Added ext dependency (library of js extensions) | |
* Removed extname() / basename() utils. Use path module | |
* Removed toArray() util. Use arguments.values | |
* Removed escapeRegexp() util. Use RegExp.escape() | |
* Removed process.mixin() dependency. Use utils.mixin() | |
* Removed Collection | |
* Removed ElementCollection | |
* Shameless self promotion of ebook "Advanced JavaScript" (http://dev-mag.com) ;) | |
0.4.0 / 2010-02-11 | |
================== | |
* Added flash() example to sample upload app | |
* Added high level restful http client module (express/http) | |
* Changed; RESTful route functions double as HTTP clients. Closes #69 | |
* Changed; throwing error when routes are added at runtime | |
* Changed; defaulting render() context to the current Request. Closes #197 | |
* Updated haml submodule | |
0.3.0 / 2010-02-11 | |
================== | |
* Updated haml / sass submodules. Closes #200 | |
* Added flash message support. Closes #64 | |
* Added accepts() now allows multiple args. fixes #117 | |
* Added support for plugins to halt. Closes #189 | |
* Added alternate layout support. Closes #119 | |
* Removed Route#run(). Closes #188 | |
* Fixed broken specs due to use(Cookie) missing | |
0.2.1 / 2010-02-05 | |
================== | |
* Added "plot" format option for Profiler (for gnuplot processing) | |
* Added request number to Profiler plugin | |
* Fixed binary encoding for multipart file uploads, was previously defaulting to UTF8 | |
* Fixed issue with routes not firing when not files are present. Closes #184 | |
* Fixed process.Promise -> events.Promise | |
0.2.0 / 2010-02-03 | |
================== | |
* Added parseParam() support for name[] etc. (allows for file inputs with "multiple" attr) Closes #180 | |
* Added Both Cache and Session option "reapInterval" may be "reapEvery". Closes #174 | |
* Added expiration support to cache api with reaper. Closes #133 | |
* Added cache Store.Memory#reap() | |
* Added Cache; cache api now uses first class Cache instances | |
* Added abstract session Store. Closes #172 | |
* Changed; cache Memory.Store#get() utilizing Collection | |
* Renamed MemoryStore -> Store.Memory | |
* Fixed use() of the same plugin several time will always use latest options. Closes #176 | |
0.1.0 / 2010-02-03 | |
================== | |
* Changed; Hooks (before / after) pass request as arg as well as evaluated in their context | |
* Updated node support to 0.1.27 Closes #169 | |
* Updated dirname(__filename) -> __dirname | |
* Updated libxmljs support to v0.2.0 | |
* Added session support with memory store / reaping | |
* Added quick uid() helper | |
* Added multi-part upload support | |
* Added Sass.js support / submodule | |
* Added production env caching view contents and static files | |
* Added static file caching. Closes #136 | |
* Added cache plugin with memory stores | |
* Added support to StaticFile so that it works with non-textual files. | |
* Removed dirname() helper | |
* Removed several globals (now their modules must be required) | |
0.0.2 / 2010-01-10 | |
================== | |
* Added view benchmarks; currently haml vs ejs | |
* Added Request#attachment() specs. Closes #116 | |
* Added use of node's parseQuery() util. Closes #123 | |
* Added `make init` for submodules | |
* Updated Haml | |
* Updated sample chat app to show messages on load | |
* Updated libxmljs parseString -> parseHtmlString | |
* Fixed `make init` to work with older versions of git | |
* Fixed specs can now run independent specs for those who can't build deps. Closes #127 | |
* Fixed issues introduced by the node url module changes. Closes 126. | |
* Fixed two assertions failing due to Collection#keys() returning strings | |
* Fixed faulty Collection#toArray() spec due to keys() returning strings | |
* Fixed `make test` now builds libxmljs.node before testing | |
0.0.1 / 2010-01-03 | |
================== | |
* Initial release | |