[Snyk] Upgrade express-fileupload from 1.1.7-alpha.4 to 1.5.0

[ezelf86]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade express-fileupload from 1.1.7-alpha.4 to 1.5.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 12 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-DICER-2311764	761	Mature
	Prototype Pollution SNYK-JS-EXPRESSFILEUPLOAD-595969	761	Proof of Concept

Release notes

Package name: express-fileupload

• 1.5.0 - 2024-03-14
  

  What's Changed

  • Ability to set custom logger for debug logging. See option logger.
  • Optimize upload timer.

  Full Changelog: v1.4.3...v.1.5.0

• 1.4.3 - 2023-11-21
  

  What's Changed

  • TypeError - Cannot read properties of undefined (reading 'includes') in lib/isEligibleRequest.js (issue #364).

  Full Changelog: v1.4.2...v.1.4.3

• 1.4.2 - 2023-11-01
  

  What's Changed

  • Fix TypeError: file.destroy is not a function (issue #259).
  • Stricter request method and headers checks (to comply with RFC 2046).
  • Do not run next after abortion on limit (issue #238).

  Full Changelog: v1.4.1...v.1.4.2

• 1.4.1 - 2023-09-24
  

  What's Changed

  • Fix processing file names with special characters(Issue #342 )
  • Significantly decreased package size due using generated files for tests.
  • Update dependencies.

  Full Changelog: v1.4.0...v.1.4.1

• 1.4.0 - 2022-05-24
  

  What's Changed

  • Bump minimist from 1.2.5 to 1.2.6 by @ dependabot in #310
  • Upgrade busboy version by @ duterte in #315

  New Contributors

  • @ dependabot made their first contribution in #310
  • @ duterte made their first contribution in #315

  Full Changelog: v1.3.1...v1.4.0

• 1.3.1 - 2022-02-02
  

  Updates

  • Have promiseCallback make callbacks and promises behave the same (#302)
  • Fix prototype pollution in utilities.js (#301)
  • Switch to CircleCI (ddf5530)
  • End support for Node versions < 12 (ab3d252)
• 1.3.0 - 2022-02-02
  

  1.3.0

• 1.2.1 - 2021-01-11
  

  Updates:

  • (Fix) Stopped additional responses from being sent if a limit handler exists (#264)
  • Unhandled promise rejection warning (#257)
  • Changed example (#255)
  • Passing a Buffer body will pollute req.body when used along with processNested (#291)
• 1.2.0 - 2020-08-14
• 1.1.10 - 2020-08-06
• 1.1.9 - 2020-07-31
• 1.1.8 - 2020-07-29
• 1.1.7-alpha.4 - 2020-07-16

from express-fileupload GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud