History.md
1 5.1.0 / 2025-03-31 2 ======================== 3 4 * Add support for `Uint8Array` in `res.send()` 5 * Add support for ETag option in `res.sendFile()` 6 * Add support for multiple links with the same rel in `res.links()` 7 * Add funding field to package.json 8 * perf: use loop for acceptParams 9 * refactor: prefix built-in node module imports 10 * deps: remove `setprototypeof` 11 * deps: remove `safe-buffer` 12 * deps: remove `utils-merge` 13 * deps: remove `methods` 14 * deps: remove `depd` 15 * deps: `debug@^4.4.0` 16 * deps: `body-parser@^2.2.0` 17 * deps: `router@^2.2.0` 18 * deps: `content-type@^1.0.5` 19 * deps: `finalhandler@^2.1.0` 20 * deps: `qs@^6.14.0` 21 * deps: `server-static@2.2.0` 22 * deps: `type-is@2.0.1` 23 24 5.0.1 / 2024-10-08 25 ========== 26 27 * Update `cookie` semver lock to address [CVE-2024-47764](https://nvd.nist.gov/vuln/detail/CVE-2024-47764) 28 29 5.0.0 / 2024-09-10 30 ========================= 31 * remove: 32 - `path-is-absolute` dependency - use `path.isAbsolute` instead 33 * breaking: 34 * `res.status()` accepts only integers, and input must be greater than 99 and less than 1000 35 * will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range 36 * will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs 37 * deps: send@1.0.0 38 * `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'`. 39 * change: 40 - `res.clearCookie` will ignore user provided `maxAge` and `expires` options 41 * deps: cookie-signature@^1.2.1 42 * deps: debug@4.3.6 43 * deps: merge-descriptors@^2.0.0 44 * deps: serve-static@^2.1.0 45 * deps: qs@6.13.0 46 * deps: accepts@^2.0.0 47 * deps: mime-types@^3.0.0 48 - `application/javascript` => `text/javascript` 49 * deps: type-is@^2.0.0 50 * deps: content-disposition@^1.0.0 51 * deps: finalhandler@^2.0.0 52 * deps: fresh@^2.0.0 53 * deps: body-parser@^2.0.1 54 * deps: send@^1.1.0 55 56 5.0.0-beta.3 / 2024-03-25 57 ========================= 58 59 This incorporates all changes after 4.19.1 up to 4.19.2. 60 61 5.0.0-beta.2 / 2024-03-20 62 ========================= 63 64 This incorporates all changes after 4.17.2 up to 4.19.1. 65 66 5.0.0-beta.1 / 2022-02-14 67 ========================= 68 69 This is the first Express 5.0 beta release, based off 4.17.2 and includes 70 changes from 5.0.0-alpha.8. 71 72 * change: 73 - Default "query parser" setting to `'simple'` 74 - Requires Node.js 4+ 75 - Use `mime-types` for file to content type mapping 76 * deps: array-flatten@3.0.0 77 * deps: body-parser@2.0.0-beta.1 78 - `req.body` is no longer always initialized to `{}` 79 - `urlencoded` parser now defaults `extended` to `false` 80 - Use `on-finished` to determine when body read 81 * deps: router@2.0.0-beta.1 82 - Add new `?`, `*`, and `+` parameter modifiers 83 - Internalize private `router.process_params` method 84 - Matching group expressions are only RegExp syntax 85 - Named matching groups no longer available by position in `req.params` 86 - Regular expressions can only be used in a matching group 87 - Remove `debug` dependency 88 - Special `*` path segment behavior removed 89 - deps: array-flatten@3.0.0 90 - deps: parseurl@~1.3.3 91 - deps: path-to-regexp@3.2.0 92 - deps: setprototypeof@1.2.0 93 * deps: send@1.0.0-beta.1 94 - Change `dotfiles` option default to `'ignore'` 95 - Remove `hidden` option; use `dotfiles` option instead 96 - Use `mime-types` for file to content type mapping 97 - deps: debug@3.1.0 98 * deps: serve-static@2.0.0-beta.1 99 - Change `dotfiles` option default to `'ignore'` 100 - Remove `hidden` option; use `dotfiles` option instead 101 - Use `mime-types` for file to content type mapping 102 - Remove `express.static.mime` export; use `mime-types` package instead 103 - deps: send@1.0.0-beta.1 104 105 5.0.0-alpha.8 / 2020-03-25 106 ========================== 107 108 This is the eighth Express 5.0 alpha release, based off 4.17.1 and includes 109 changes from 5.0.0-alpha.7. 110 111 5.0.0-alpha.7 / 2018-10-26 112 ========================== 113 114 This is the seventh Express 5.0 alpha release, based off 4.16.4 and includes 115 changes from 5.0.0-alpha.6. 116 117 The major change with this alpha is the basic support for returned, rejected 118 Promises in the router. 119 120 * remove: 121 - `path-to-regexp` dependency 122 * deps: debug@3.1.0 123 - Add `DEBUG_HIDE_DATE` environment variable 124 - Change timer to per-namespace instead of global 125 - Change non-TTY date format 126 - Remove `DEBUG_FD` environment variable support 127 - Support 256 namespace colors 128 * deps: router@2.0.0-alpha.1 129 - Add basic support for returned, rejected Promises 130 - Fix JSDoc for `Router` constructor 131 - deps: debug@3.1.0 132 - deps: parseurl@~1.3.2 133 - deps: setprototypeof@1.1.0 134 - deps: utils-merge@1.0.1 135 136 5.0.0-alpha.6 / 2017-09-24 137 ========================== 138 139 This is the sixth Express 5.0 alpha release, based off 4.15.5 and includes 140 changes from 5.0.0-alpha.5. 141 142 * remove: 143 - `res.redirect(url, status)` signature - use `res.redirect(status, url)` 144 - `res.send(status, body)` signature - use `res.status(status).send(body)` 145 * deps: router@~1.3.1 146 - deps: debug@2.6.8 147 148 5.0.0-alpha.5 / 2017-03-06 149 ========================== 150 151 This is the fifth Express 5.0 alpha release, based off 4.15.2 and includes 152 changes from 5.0.0-alpha.4. 153 154 5.0.0-alpha.4 / 2017-03-01 155 ========================== 156 157 This is the fourth Express 5.0 alpha release, based off 4.15.0 and includes 158 changes from 5.0.0-alpha.3. 159 160 * remove: 161 - Remove Express 3.x middleware error stubs 162 * deps: router@~1.3.0 163 - Add `next("router")` to exit from router 164 - Fix case where `router.use` skipped requests routes did not 165 - Skip routing when `req.url` is not set 166 - Use `%o` in path debug to tell types apart 167 - deps: debug@2.6.1 168 - deps: setprototypeof@1.0.3 169 - perf: add fast match path for `*` route 170 171 5.0.0-alpha.3 / 2017-01-28 172 ========================== 173 174 This is the third Express 5.0 alpha release, based off 4.14.1 and includes 175 changes from 5.0.0-alpha.2. 176 177 * remove: 178 - `res.json(status, obj)` signature - use `res.status(status).json(obj)` 179 - `res.jsonp(status, obj)` signature - use `res.status(status).jsonp(obj)` 180 - `res.vary()` (no arguments) -- provide a field name as an argument 181 * deps: array-flatten@2.1.1 182 * deps: path-is-absolute@1.0.1 183 * deps: router@~1.1.5 184 - deps: array-flatten@2.0.1 185 - deps: methods@~1.1.2 186 - deps: parseurl@~1.3.1 187 - deps: setprototypeof@1.0.2 188 189 5.0.0-alpha.2 / 2015-07-06 190 ========================== 191 192 This is the second Express 5.0 alpha release, based off 4.13.1 and includes 193 changes from 5.0.0-alpha.1. 194 195 * remove: 196 - `app.param(fn)` 197 - `req.param()` -- use `req.params`, `req.body`, or `req.query` instead 198 * change: 199 - `res.render` callback is always async, even for sync view engines 200 - The leading `:` character in `name` for `app.param(name, fn)` is no longer removed 201 - Use `router` module for routing 202 - Use `path-is-absolute` module for absolute path detection 203 204 5.0.0-alpha.1 / 2014-11-06 205 ========================== 206 207 This is the first Express 5.0 alpha release, based off 4.10.1. 208 209 * remove: 210 - `app.del` - use `app.delete` 211 - `req.acceptsCharset` - use `req.acceptsCharsets` 212 - `req.acceptsEncoding` - use `req.acceptsEncodings` 213 - `req.acceptsLanguage` - use `req.acceptsLanguages` 214 - `res.json(obj, status)` signature - use `res.json(status, obj)` 215 - `res.jsonp(obj, status)` signature - use `res.jsonp(status, obj)` 216 - `res.send(body, status)` signature - use `res.send(status, body)` 217 - `res.send(status)` signature - use `res.sendStatus(status)` 218 - `res.sendfile` - use `res.sendFile` instead 219 - `express.query` middleware 220 * change: 221 - `req.host` now returns host (`hostname:port`) - use `req.hostname` for only hostname 222 - `req.query` is now a getter instead of a plain property 223 * add: 224 - `app.router` is a reference to the base router 225 226 4.20.0 / 2024-09-10 227 ========== 228 * deps: serve-static@0.16.0 229 * Remove link renderization in html while redirecting 230 * deps: send@0.19.0 231 * Remove link renderization in html while redirecting 232 * deps: body-parser@0.6.0 233 * add `depth` option to customize the depth level in the parser 234 * IMPORTANT: The default `depth` level for parsing URL-encoded data is now `32` (previously was `Infinity`) 235 * Remove link renderization in html while using `res.redirect` 236 * deps: path-to-regexp@0.1.10 237 - Adds support for named matching groups in the routes using a regex 238 - Adds backtracking protection to parameters without regexes defined 239 * deps: encodeurl@~2.0.0 240 - Removes encoding of `\`, `|`, and `^` to align better with URL spec 241 * Deprecate passing `options.maxAge` and `options.expires` to `res.clearCookie` 242 - Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie 243 244 4.19.2 / 2024-03-25 245 ========== 246 247 * Improved fix for open redirect allow list bypass 248 249 4.19.1 / 2024-03-20 250 ========== 251 252 * Allow passing non-strings to res.location with new encoding handling checks 253 254 4.19.0 / 2024-03-20 255 ========== 256 257 * Prevent open redirect allow list bypass due to encodeurl 258 * deps: cookie@0.6.0 259 260 4.18.3 / 2024-02-29 261 ========== 262 263 * Fix routing requests without method 264 * deps: body-parser@1.20.2 265 - Fix strict json error message on Node.js 19+ 266 - deps: content-type@~1.0.5 267 - deps: raw-body@2.5.2 268 * deps: cookie@0.6.0 269 - Add `partitioned` option 270 271 4.18.2 / 2022-10-08 272 =================== 273 274 * Fix regression routing a large stack in a single route 275 * deps: body-parser@1.20.1 276 - deps: qs@6.11.0 277 - perf: remove unnecessary object clone 278 * deps: qs@6.11.0 279 280 4.18.1 / 2022-04-29 281 =================== 282 283 * Fix hanging on large stack of sync routes 284 285 4.18.0 / 2022-04-25 286 =================== 287 288 * Add "root" option to `res.download` 289 * Allow `options` without `filename` in `res.download` 290 * Deprecate string and non-integer arguments to `res.status` 291 * Fix behavior of `null`/`undefined` as `maxAge` in `res.cookie` 292 * Fix handling very large stacks of sync middleware 293 * Ignore `Object.prototype` values in settings through `app.set`/`app.get` 294 * Invoke `default` with same arguments as types in `res.format` 295 * Support proper 205 responses using `res.send` 296 * Use `http-errors` for `res.format` error 297 * deps: body-parser@1.20.0 298 - Fix error message for json parse whitespace in `strict` 299 - Fix internal error when inflated body exceeds limit 300 - Prevent loss of async hooks context 301 - Prevent hanging when request already read 302 - deps: depd@2.0.0 303 - deps: http-errors@2.0.0 304 - deps: on-finished@2.4.1 305 - deps: qs@6.10.3 306 - deps: raw-body@2.5.1 307 * deps: cookie@0.5.0 308 - Add `priority` option 309 - Fix `expires` option to reject invalid dates 310 * deps: depd@2.0.0 311 - Replace internal `eval` usage with `Function` constructor 312 - Use instance methods on `process` to check for listeners 313 * deps: finalhandler@1.2.0 314 - Remove set content headers that break response 315 - deps: on-finished@2.4.1 316 - deps: statuses@2.0.1 317 * deps: on-finished@2.4.1 318 - Prevent loss of async hooks context 319 * deps: qs@6.10.3 320 * deps: send@0.18.0 321 - Fix emitted 416 error missing headers property 322 - Limit the headers removed for 304 response 323 - deps: depd@2.0.0 324 - deps: destroy@1.2.0 325 - deps: http-errors@2.0.0 326 - deps: on-finished@2.4.1 327 - deps: statuses@2.0.1 328 * deps: serve-static@1.15.0 329 - deps: send@0.18.0 330 * deps: statuses@2.0.1 331 - Remove code 306 332 - Rename `425 Unordered Collection` to standard `425 Too Early` 333 334 4.17.3 / 2022-02-16 335 =================== 336 337 * deps: accepts@~1.3.8 338 - deps: mime-types@~2.1.34 339 - deps: negotiator@0.6.3 340 * deps: body-parser@1.19.2 341 - deps: bytes@3.1.2 342 - deps: qs@6.9.7 343 - deps: raw-body@2.4.3 344 * deps: cookie@0.4.2 345 * deps: qs@6.9.7 346 * Fix handling of `__proto__` keys 347 * pref: remove unnecessary regexp for trust proxy 348 349 4.17.2 / 2021-12-16 350 =================== 351 352 * Fix handling of `undefined` in `res.jsonp` 353 * Fix handling of `undefined` when `"json escape"` is enabled 354 * Fix incorrect middleware execution with unanchored `RegExp`s 355 * Fix `res.jsonp(obj, status)` deprecation message 356 * Fix typo in `res.is` JSDoc 357 * deps: body-parser@1.19.1 358 - deps: bytes@3.1.1 359 - deps: http-errors@1.8.1 360 - deps: qs@6.9.6 361 - deps: raw-body@2.4.2 362 - deps: safe-buffer@5.2.1 363 - deps: type-is@~1.6.18 364 * deps: content-disposition@0.5.4 365 - deps: safe-buffer@5.2.1 366 * deps: cookie@0.4.1 367 - Fix `maxAge` option to reject invalid values 368 * deps: proxy-addr@~2.0.7 369 - Use `req.socket` over deprecated `req.connection` 370 - deps: forwarded@0.2.0 371 - deps: ipaddr.js@1.9.1 372 * deps: qs@6.9.6 373 * deps: safe-buffer@5.2.1 374 * deps: send@0.17.2 375 - deps: http-errors@1.8.1 376 - deps: ms@2.1.3 377 - pref: ignore empty http tokens 378 * deps: serve-static@1.14.2 379 - deps: send@0.17.2 380 * deps: setprototypeof@1.2.0 381 382 4.17.1 / 2019-05-25 383 =================== 384 385 * Revert "Improve error message for `null`/`undefined` to `res.status`" 386 387 4.17.0 / 2019-05-16 388 =================== 389 390 * Add `express.raw` to parse bodies into `Buffer` 391 * Add `express.text` to parse bodies into string 392 * Improve error message for non-strings to `res.sendFile` 393 * Improve error message for `null`/`undefined` to `res.status` 394 * Support multiple hosts in `X-Forwarded-Host` 395 * deps: accepts@~1.3.7 396 * deps: body-parser@1.19.0 397 - Add encoding MIK 398 - Add petabyte (`pb`) support 399 - Fix parsing array brackets after index 400 - deps: bytes@3.1.0 401 - deps: http-errors@1.7.2 402 - deps: iconv-lite@0.4.24 403 - deps: qs@6.7.0 404 - deps: raw-body@2.4.0 405 - deps: type-is@~1.6.17 406 * deps: content-disposition@0.5.3 407 * deps: cookie@0.4.0 408 - Add `SameSite=None` support 409 * deps: finalhandler@~1.1.2 410 - Set stricter `Content-Security-Policy` header 411 - deps: parseurl@~1.3.3 412 - deps: statuses@~1.5.0 413 * deps: parseurl@~1.3.3 414 * deps: proxy-addr@~2.0.5 415 - deps: ipaddr.js@1.9.0 416 * deps: qs@6.7.0 417 - Fix parsing array brackets after index 418 * deps: range-parser@~1.2.1 419 * deps: send@0.17.1 420 - Set stricter CSP header in redirect & error responses 421 - deps: http-errors@~1.7.2 422 - deps: mime@1.6.0 423 - deps: ms@2.1.1 424 - deps: range-parser@~1.2.1 425 - deps: statuses@~1.5.0 426 - perf: remove redundant `path.normalize` call 427 * deps: serve-static@1.14.1 428 - Set stricter CSP header in redirect response 429 - deps: parseurl@~1.3.3 430 - deps: send@0.17.1 431 * deps: setprototypeof@1.1.1 432 * deps: statuses@~1.5.0 433 - Add `103 Early Hints` 434 * deps: type-is@~1.6.18 435 - deps: mime-types@~2.1.24 436 - perf: prevent internal `throw` on invalid type 437 438 4.16.4 / 2018-10-10 439 =================== 440 441 * Fix issue where `"Request aborted"` may be logged in `res.sendfile` 442 * Fix JSDoc for `Router` constructor 443 * deps: body-parser@1.18.3 444 - Fix deprecation warnings on Node.js 10+ 445 - Fix stack trace for strict json parse error 446 - deps: depd@~1.1.2 447 - deps: http-errors@~1.6.3 448 - deps: iconv-lite@0.4.23 449 - deps: qs@6.5.2 450 - deps: raw-body@2.3.3 451 - deps: type-is@~1.6.16 452 * deps: proxy-addr@~2.0.4 453 - deps: ipaddr.js@1.8.0 454 * deps: qs@6.5.2 455 * deps: safe-buffer@5.1.2 456 457 4.16.3 / 2018-03-12 458 =================== 459 460 * deps: accepts@~1.3.5 461 - deps: mime-types@~2.1.18 462 * deps: depd@~1.1.2 463 - perf: remove argument reassignment 464 * deps: encodeurl@~1.0.2 465 - Fix encoding `%` as last character 466 * deps: finalhandler@1.1.1 467 - Fix 404 output for bad / missing pathnames 468 - deps: encodeurl@~1.0.2 469 - deps: statuses@~1.4.0 470 * deps: proxy-addr@~2.0.3 471 - deps: ipaddr.js@1.6.0 472 * deps: send@0.16.2 473 - Fix incorrect end tag in default error & redirects 474 - deps: depd@~1.1.2 475 - deps: encodeurl@~1.0.2 476 - deps: statuses@~1.4.0 477 * deps: serve-static@1.13.2 478 - Fix incorrect end tag in redirects 479 - deps: encodeurl@~1.0.2 480 - deps: send@0.16.2 481 * deps: statuses@~1.4.0 482 * deps: type-is@~1.6.16 483 - deps: mime-types@~2.1.18 484 485 4.16.2 / 2017-10-09 486 =================== 487 488 * Fix `TypeError` in `res.send` when given `Buffer` and `ETag` header set 489 * perf: skip parsing of entire `X-Forwarded-Proto` header 490 491 4.16.1 / 2017-09-29 492 =================== 493 494 * deps: send@0.16.1 495 * deps: serve-static@1.13.1 496 - Fix regression when `root` is incorrectly set to a file 497 - deps: send@0.16.1 498 499 4.16.0 / 2017-09-28 500 =================== 501 502 * Add `"json escape"` setting for `res.json` and `res.jsonp` 503 * Add `express.json` and `express.urlencoded` to parse bodies 504 * Add `options` argument to `res.download` 505 * Improve error message when autoloading invalid view engine 506 * Improve error messages when non-function provided as middleware 507 * Skip `Buffer` encoding when not generating ETag for small response 508 * Use `safe-buffer` for improved Buffer API 509 * deps: accepts@~1.3.4 510 - deps: mime-types@~2.1.16 511 * deps: content-type@~1.0.4 512 - perf: remove argument reassignment 513 - perf: skip parameter parsing when no parameters 514 * deps: etag@~1.8.1 515 - perf: replace regular expression with substring 516 * deps: finalhandler@1.1.0 517 - Use `res.headersSent` when available 518 * deps: parseurl@~1.3.2 519 - perf: reduce overhead for full URLs 520 - perf: unroll the "fast-path" `RegExp` 521 * deps: proxy-addr@~2.0.2 522 - Fix trimming leading / trailing OWS in `X-Forwarded-For` 523 - deps: forwarded@~0.1.2 524 - deps: ipaddr.js@1.5.2 525 - perf: reduce overhead when no `X-Forwarded-For` header 526 * deps: qs@6.5.1 527 - Fix parsing & compacting very deep objects 528 * deps: send@0.16.0 529 - Add 70 new types for file extensions 530 - Add `immutable` option 531 - Fix missing `</html>` in default error & redirects 532 - Set charset as "UTF-8" for .js and .json 533 - Use instance methods on steam to check for listeners 534 - deps: mime@1.4.1 535 - perf: improve path validation speed 536 * deps: serve-static@1.13.0 537 - Add 70 new types for file extensions 538 - Add `immutable` option 539 - Set charset as "UTF-8" for .js and .json 540 - deps: send@0.16.0 541 * deps: setprototypeof@1.1.0 542 * deps: utils-merge@1.0.1 543 * deps: vary@~1.1.2 544 - perf: improve header token parsing speed 545 * perf: re-use options object when generating ETags 546 * perf: remove dead `.charset` set in `res.jsonp` 547 548 4.15.5 / 2017-09-24 549 =================== 550 551 * deps: debug@2.6.9 552 * deps: finalhandler@~1.0.6 553 - deps: debug@2.6.9 554 - deps: parseurl@~1.3.2 555 * deps: fresh@0.5.2 556 - Fix handling of modified headers with invalid dates 557 - perf: improve ETag match loop 558 - perf: improve `If-None-Match` token parsing 559 * deps: send@0.15.6 560 - Fix handling of modified headers with invalid dates 561 - deps: debug@2.6.9 562 - deps: etag@~1.8.1 563 - deps: fresh@0.5.2 564 - perf: improve `If-Match` token parsing 565 * deps: serve-static@1.12.6 566 - deps: parseurl@~1.3.2 567 - deps: send@0.15.6 568 - perf: improve slash collapsing 569 570 4.15.4 / 2017-08-06 571 =================== 572 573 * deps: debug@2.6.8 574 * deps: depd@~1.1.1 575 - Remove unnecessary `Buffer` loading 576 * deps: finalhandler@~1.0.4 577 - deps: debug@2.6.8 578 * deps: proxy-addr@~1.1.5 579 - Fix array argument being altered 580 - deps: ipaddr.js@1.4.0 581 * deps: qs@6.5.0 582 * deps: send@0.15.4 583 - deps: debug@2.6.8 584 - deps: depd@~1.1.1 585 - deps: http-errors@~1.6.2 586 * deps: serve-static@1.12.4 587 - deps: send@0.15.4 588 589 4.15.3 / 2017-05-16 590 =================== 591 592 * Fix error when `res.set` cannot add charset to `Content-Type` 593 * deps: debug@2.6.7 594 - Fix `DEBUG_MAX_ARRAY_LENGTH` 595 - deps: ms@2.0.0 596 * deps: finalhandler@~1.0.3 597 - Fix missing `</html>` in HTML document 598 - deps: debug@2.6.7 599 * deps: proxy-addr@~1.1.4 600 - deps: ipaddr.js@1.3.0 601 * deps: send@0.15.3 602 - deps: debug@2.6.7 603 - deps: ms@2.0.0 604 * deps: serve-static@1.12.3 605 - deps: send@0.15.3 606 * deps: type-is@~1.6.15 607 - deps: mime-types@~2.1.15 608 * deps: vary@~1.1.1 609 - perf: hoist regular expression 610 611 4.15.2 / 2017-03-06 612 =================== 613 614 * deps: qs@6.4.0 615 - Fix regression parsing keys starting with `[` 616 617 4.15.1 / 2017-03-05 618 =================== 619 620 * deps: send@0.15.1 621 - Fix issue when `Date.parse` does not return `NaN` on invalid date 622 - Fix strict violation in broken environments 623 * deps: serve-static@1.12.1 624 - Fix issue when `Date.parse` does not return `NaN` on invalid date 625 - deps: send@0.15.1 626 627 4.15.0 / 2017-03-01 628 =================== 629 630 * Add debug message when loading view engine 631 * Add `next("router")` to exit from router 632 * Fix case where `router.use` skipped requests routes did not 633 * Remove usage of `res._headers` private field 634 - Improves compatibility with Node.js 8 nightly 635 * Skip routing when `req.url` is not set 636 * Use `%o` in path debug to tell types apart 637 * Use `Object.create` to setup request & response prototypes 638 * Use `setprototypeof` module to replace `__proto__` setting 639 * Use `statuses` instead of `http` module for status messages 640 * deps: debug@2.6.1 641 - Allow colors in workers 642 - Deprecated `DEBUG_FD` environment variable set to `3` or higher 643 - Fix error when running under React Native 644 - Use same color for same namespace 645 - deps: ms@0.7.2 646 * deps: etag@~1.8.0 647 - Use SHA1 instead of MD5 for ETag hashing 648 - Works with FIPS 140-2 OpenSSL configuration 649 * deps: finalhandler@~1.0.0 650 - Fix exception when `err` cannot be converted to a string 651 - Fully URL-encode the pathname in the 404 652 - Only include the pathname in the 404 message 653 - Send complete HTML document 654 - Set `Content-Security-Policy: default-src 'self'` header 655 - deps: debug@2.6.1 656 * deps: fresh@0.5.0 657 - Fix false detection of `no-cache` request directive 658 - Fix incorrect result when `If-None-Match` has both `*` and ETags 659 - Fix weak `ETag` matching to match spec 660 - perf: delay reading header values until needed 661 - perf: enable strict mode 662 - perf: hoist regular expressions 663 - perf: remove duplicate conditional 664 - perf: remove unnecessary boolean coercions 665 - perf: skip checking modified time if ETag check failed 666 - perf: skip parsing `If-None-Match` when no `ETag` header 667 - perf: use `Date.parse` instead of `new Date` 668 * deps: qs@6.3.1 669 - Fix array parsing from skipping empty values 670 - Fix compacting nested arrays 671 * deps: send@0.15.0 672 - Fix false detection of `no-cache` request directive 673 - Fix incorrect result when `If-None-Match` has both `*` and ETags 674 - Fix weak `ETag` matching to match spec 675 - Remove usage of `res._headers` private field 676 - Support `If-Match` and `If-Unmodified-Since` headers 677 - Use `res.getHeaderNames()` when available 678 - Use `res.headersSent` when available 679 - deps: debug@2.6.1 680 - deps: etag@~1.8.0 681 - deps: fresh@0.5.0 682 - deps: http-errors@~1.6.1 683 * deps: serve-static@1.12.0 684 - Fix false detection of `no-cache` request directive 685 - Fix incorrect result when `If-None-Match` has both `*` and ETags 686 - Fix weak `ETag` matching to match spec 687 - Remove usage of `res._headers` private field 688 - Send complete HTML document in redirect response 689 - Set default CSP header in redirect response 690 - Support `If-Match` and `If-Unmodified-Since` headers 691 - Use `res.getHeaderNames()` when available 692 - Use `res.headersSent` when available 693 - deps: send@0.15.0 694 * perf: add fast match path for `*` route 695 * perf: improve `req.ips` performance 696 697 4.14.1 / 2017-01-28 698 =================== 699 700 * deps: content-disposition@0.5.2 701 * deps: finalhandler@0.5.1 702 - Fix exception when `err.headers` is not an object 703 - deps: statuses@~1.3.1 704 - perf: hoist regular expressions 705 - perf: remove duplicate validation path 706 * deps: proxy-addr@~1.1.3 707 - deps: ipaddr.js@1.2.0 708 * deps: send@0.14.2 709 - deps: http-errors@~1.5.1 710 - deps: ms@0.7.2 711 - deps: statuses@~1.3.1 712 * deps: serve-static@~1.11.2 713 - deps: send@0.14.2 714 * deps: type-is@~1.6.14 715 - deps: mime-types@~2.1.13 716 717 4.14.0 / 2016-06-16 718 =================== 719 720 * Add `acceptRanges` option to `res.sendFile`/`res.sendfile` 721 * Add `cacheControl` option to `res.sendFile`/`res.sendfile` 722 * Add `options` argument to `req.range` 723 - Includes the `combine` option 724 * Encode URL in `res.location`/`res.redirect` if not already encoded 725 * Fix some redirect handling in `res.sendFile`/`res.sendfile` 726 * Fix Windows absolute path check using forward slashes 727 * Improve error with invalid arguments to `req.get()` 728 * Improve performance for `res.json`/`res.jsonp` in most cases 729 * Improve `Range` header handling in `res.sendFile`/`res.sendfile` 730 * deps: accepts@~1.3.3 731 - Fix including type extensions in parameters in `Accept` parsing 732 - Fix parsing `Accept` parameters with quoted equals 733 - Fix parsing `Accept` parameters with quoted semicolons 734 - Many performance improvements 735 - deps: mime-types@~2.1.11 736 - deps: negotiator@0.6.1 737 * deps: content-type@~1.0.2 738 - perf: enable strict mode 739 * deps: cookie@0.3.1 740 - Add `sameSite` option 741 - Fix cookie `Max-Age` to never be a floating point number 742 - Improve error message when `encode` is not a function 743 - Improve error message when `expires` is not a `Date` 744 - Throw better error for invalid argument to parse 745 - Throw on invalid values provided to `serialize` 746 - perf: enable strict mode 747 - perf: hoist regular expression 748 - perf: use for loop in parse 749 - perf: use string concatenation for serialization 750 * deps: finalhandler@0.5.0 751 - Change invalid or non-numeric status code to 500 752 - Overwrite status message to match set status code 753 - Prefer `err.statusCode` if `err.status` is invalid 754 - Set response headers from `err.headers` object 755 - Use `statuses` instead of `http` module for status messages 756 * deps: proxy-addr@~1.1.2 757 - Fix accepting various invalid netmasks 758 - Fix IPv6-mapped IPv4 validation edge cases 759 - IPv4 netmasks must be contiguous 760 - IPv6 addresses cannot be used as a netmask 761 - deps: ipaddr.js@1.1.1 762 * deps: qs@6.2.0 763 - Add `decoder` option in `parse` function 764 * deps: range-parser@~1.2.0 765 - Add `combine` option to combine overlapping ranges 766 - Fix incorrectly returning -1 when there is at least one valid range 767 - perf: remove internal function 768 * deps: send@0.14.1 769 - Add `acceptRanges` option 770 - Add `cacheControl` option 771 - Attempt to combine multiple ranges into single range 772 - Correctly inherit from `Stream` class 773 - Fix `Content-Range` header in 416 responses when using `start`/`end` options 774 - Fix `Content-Range` header missing from default 416 responses 775 - Fix redirect error when `path` contains raw non-URL characters 776 - Fix redirect when `path` starts with multiple forward slashes 777 - Ignore non-byte `Range` headers 778 - deps: http-errors@~1.5.0 779 - deps: range-parser@~1.2.0 780 - deps: statuses@~1.3.0 781 - perf: remove argument reassignment 782 * deps: serve-static@~1.11.1 783 - Add `acceptRanges` option 784 - Add `cacheControl` option 785 - Attempt to combine multiple ranges into single range 786 - Fix redirect error when `req.url` contains raw non-URL characters 787 - Ignore non-byte `Range` headers 788 - Use status code 301 for redirects 789 - deps: send@0.14.1 790 * deps: type-is@~1.6.13 791 - Fix type error when given invalid type to match against 792 - deps: mime-types@~2.1.11 793 * deps: vary@~1.1.0 794 - Only accept valid field names in the `field` argument 795 * perf: use strict equality when possible 796 797 4.13.4 / 2016-01-21 798 =================== 799 800 * deps: content-disposition@0.5.1 801 - perf: enable strict mode 802 * deps: cookie@0.1.5 803 - Throw on invalid values provided to `serialize` 804 * deps: depd@~1.1.0 805 - Support web browser loading 806 - perf: enable strict mode 807 * deps: escape-html@~1.0.3 808 - perf: enable strict mode 809 - perf: optimize string replacement 810 - perf: use faster string coercion 811 * deps: finalhandler@0.4.1 812 - deps: escape-html@~1.0.3 813 * deps: merge-descriptors@1.0.1 814 - perf: enable strict mode 815 * deps: methods@~1.1.2 816 - perf: enable strict mode 817 * deps: parseurl@~1.3.1 818 - perf: enable strict mode 819 * deps: proxy-addr@~1.0.10 820 - deps: ipaddr.js@1.0.5 821 - perf: enable strict mode 822 * deps: range-parser@~1.0.3 823 - perf: enable strict mode 824 * deps: send@0.13.1 825 - deps: depd@~1.1.0 826 - deps: destroy@~1.0.4 827 - deps: escape-html@~1.0.3 828 - deps: range-parser@~1.0.3 829 * deps: serve-static@~1.10.2 830 - deps: escape-html@~1.0.3 831 - deps: parseurl@~1.3.0 832 - deps: send@0.13.1 833 834 4.13.3 / 2015-08-02 835 =================== 836 837 * Fix infinite loop condition using `mergeParams: true` 838 * Fix inner numeric indices incorrectly altering parent `req.params` 839 840 4.13.2 / 2015-07-31 841 =================== 842 843 * deps: accepts@~1.2.12 844 - deps: mime-types@~2.1.4 845 * deps: array-flatten@1.1.1 846 - perf: enable strict mode 847 * deps: path-to-regexp@0.1.7 848 - Fix regression with escaped round brackets and matching groups 849 * deps: type-is@~1.6.6 850 - deps: mime-types@~2.1.4 851 852 4.13.1 / 2015-07-05 853 =================== 854 855 * deps: accepts@~1.2.10 856 - deps: mime-types@~2.1.2 857 * deps: qs@4.0.0 858 - Fix dropping parameters like `hasOwnProperty` 859 - Fix various parsing edge cases 860 * deps: type-is@~1.6.4 861 - deps: mime-types@~2.1.2 862 - perf: enable strict mode 863 - perf: remove argument reassignment 864 865 4.13.0 / 2015-06-20 866 =================== 867 868 * Add settings to debug output 869 * Fix `res.format` error when only `default` provided 870 * Fix issue where `next('route')` in `app.param` would incorrectly skip values 871 * Fix hiding platform issues with `decodeURIComponent` 872 - Only `URIError`s are a 400 873 * Fix using `*` before params in routes 874 * Fix using capture groups before params in routes 875 * Simplify `res.cookie` to call `res.append` 876 * Use `array-flatten` module for flattening arrays 877 * deps: accepts@~1.2.9 878 - deps: mime-types@~2.1.1 879 - perf: avoid argument reassignment & argument slice 880 - perf: avoid negotiator recursive construction 881 - perf: enable strict mode 882 - perf: remove unnecessary bitwise operator 883 * deps: cookie@0.1.3 884 - perf: deduce the scope of try-catch deopt 885 - perf: remove argument reassignments 886 * deps: escape-html@1.0.2 887 * deps: etag@~1.7.0 888 - Always include entity length in ETags for hash length extensions 889 - Generate non-Stats ETags using MD5 only (no longer CRC32) 890 - Improve stat performance by removing hashing 891 - Improve support for JXcore 892 - Remove base64 padding in ETags to shorten 893 - Support "fake" stats objects in environments without fs 894 - Use MD5 instead of MD4 in weak ETags over 1KB 895 * deps: finalhandler@0.4.0 896 - Fix a false-positive when unpiping in Node.js 0.8 897 - Support `statusCode` property on `Error` objects 898 - Use `unpipe` module for unpiping requests 899 - deps: escape-html@1.0.2 900 - deps: on-finished@~2.3.0 901 - perf: enable strict mode 902 - perf: remove argument reassignment 903 * deps: fresh@0.3.0 904 - Add weak `ETag` matching support 905 * deps: on-finished@~2.3.0 906 - Add defined behavior for HTTP `CONNECT` requests 907 - Add defined behavior for HTTP `Upgrade` requests 908 - deps: ee-first@1.1.1 909 * deps: path-to-regexp@0.1.6 910 * deps: send@0.13.0 911 - Allow Node.js HTTP server to set `Date` response header 912 - Fix incorrectly removing `Content-Location` on 304 response 913 - Improve the default redirect response headers 914 - Send appropriate headers on default error response 915 - Use `http-errors` for standard emitted errors 916 - Use `statuses` instead of `http` module for status messages 917 - deps: escape-html@1.0.2 918 - deps: etag@~1.7.0 919 - deps: fresh@0.3.0 920 - deps: on-finished@~2.3.0 921 - perf: enable strict mode 922 - perf: remove unnecessary array allocations 923 * deps: serve-static@~1.10.0 924 - Add `fallthrough` option 925 - Fix reading options from options prototype 926 - Improve the default redirect response headers 927 - Malformed URLs now `next()` instead of 400 928 - deps: escape-html@1.0.2 929 - deps: send@0.13.0 930 - perf: enable strict mode 931 - perf: remove argument reassignment 932 * deps: type-is@~1.6.3 933 - deps: mime-types@~2.1.1 934 - perf: reduce try block size 935 - perf: remove bitwise operations 936 * perf: enable strict mode 937 * perf: isolate `app.render` try block 938 * perf: remove argument reassignments in application 939 * perf: remove argument reassignments in request prototype 940 * perf: remove argument reassignments in response prototype 941 * perf: remove argument reassignments in routing 942 * perf: remove argument reassignments in `View` 943 * perf: skip attempting to decode zero length string 944 * perf: use saved reference to `http.STATUS_CODES` 945 946 4.12.4 / 2015-05-17 947 =================== 948 949 * deps: accepts@~1.2.7 950 - deps: mime-types@~2.0.11 951 - deps: negotiator@0.5.3 952 * deps: debug@~2.2.0 953 - deps: ms@0.7.1 954 * deps: depd@~1.0.1 955 * deps: etag@~1.6.0 956 - Improve support for JXcore 957 - Support "fake" stats objects in environments without `fs` 958 * deps: finalhandler@0.3.6 959 - deps: debug@~2.2.0 960 - deps: on-finished@~2.2.1 961 * deps: on-finished@~2.2.1 962 - Fix `isFinished(req)` when data buffered 963 * deps: proxy-addr@~1.0.8 964 - deps: ipaddr.js@1.0.1 965 * deps: qs@2.4.2 966 - Fix allowing parameters like `constructor` 967 * deps: send@0.12.3 968 - deps: debug@~2.2.0 969 - deps: depd@~1.0.1 970 - deps: etag@~1.6.0 971 - deps: ms@0.7.1 972 - deps: on-finished@~2.2.1 973 * deps: serve-static@~1.9.3 974 - deps: send@0.12.3 975 * deps: type-is@~1.6.2 976 - deps: mime-types@~2.0.11 977 978 4.12.3 / 2015-03-17 979 =================== 980 981 * deps: accepts@~1.2.5 982 - deps: mime-types@~2.0.10 983 * deps: debug@~2.1.3 984 - Fix high intensity foreground color for bold 985 - deps: ms@0.7.0 986 * deps: finalhandler@0.3.4 987 - deps: debug@~2.1.3 988 * deps: proxy-addr@~1.0.7 989 - deps: ipaddr.js@0.1.9 990 * deps: qs@2.4.1 991 - Fix error when parameter `hasOwnProperty` is present 992 * deps: send@0.12.2 993 - Throw errors early for invalid `extensions` or `index` options 994 - deps: debug@~2.1.3 995 * deps: serve-static@~1.9.2 996 - deps: send@0.12.2 997 * deps: type-is@~1.6.1 998 - deps: mime-types@~2.0.10 999 1000 4.12.2 / 2015-03-02 1001 =================== 1002 1003 * Fix regression where `"Request aborted"` is logged using `res.sendFile` 1004 1005 4.12.1 / 2015-03-01 1006 =================== 1007 1008 * Fix constructing application with non-configurable prototype properties 1009 * Fix `ECONNRESET` errors from `res.sendFile` usage 1010 * Fix `req.host` when using "trust proxy" hops count 1011 * Fix `req.protocol`/`req.secure` when using "trust proxy" hops count 1012 * Fix wrong `code` on aborted connections from `res.sendFile` 1013 * deps: merge-descriptors@1.0.0 1014 1015 4.12.0 / 2015-02-23 1016 =================== 1017 1018 * Fix `"trust proxy"` setting to inherit when app is mounted 1019 * Generate `ETag`s for all request responses 1020 - No longer restricted to only responses for `GET` and `HEAD` requests 1021 * Use `content-type` to parse `Content-Type` headers 1022 * deps: accepts@~1.2.4 1023 - Fix preference sorting to be stable for long acceptable lists 1024 - deps: mime-types@~2.0.9 1025 - deps: negotiator@0.5.1 1026 * deps: cookie-signature@1.0.6 1027 * deps: send@0.12.1 1028 - Always read the stat size from the file 1029 - Fix mutating passed-in `options` 1030 - deps: mime@1.3.4 1031 * deps: serve-static@~1.9.1 1032 - deps: send@0.12.1 1033 * deps: type-is@~1.6.0 1034 - fix argument reassignment 1035 - fix false-positives in `hasBody` `Transfer-Encoding` check 1036 - support wildcard for both type and subtype (`*/*`) 1037 - deps: mime-types@~2.0.9 1038 1039 4.11.2 / 2015-02-01 1040 =================== 1041 1042 * Fix `res.redirect` double-calling `res.end` for `HEAD` requests 1043 * deps: accepts@~1.2.3 1044 - deps: mime-types@~2.0.8 1045 * deps: proxy-addr@~1.0.6 1046 - deps: ipaddr.js@0.1.8 1047 * deps: type-is@~1.5.6 1048 - deps: mime-types@~2.0.8 1049 1050 4.11.1 / 2015-01-20 1051 =================== 1052 1053 * deps: send@0.11.1 1054 - Fix root path disclosure 1055 * deps: serve-static@~1.8.1 1056 - Fix redirect loop in Node.js 0.11.14 1057 - Fix root path disclosure 1058 - deps: send@0.11.1 1059 1060 4.11.0 / 2015-01-13 1061 =================== 1062 1063 * Add `res.append(field, val)` to append headers 1064 * Deprecate leading `:` in `name` for `app.param(name, fn)` 1065 * Deprecate `req.param()` -- use `req.params`, `req.body`, or `req.query` instead 1066 * Deprecate `app.param(fn)` 1067 * Fix `OPTIONS` responses to include the `HEAD` method properly 1068 * Fix `res.sendFile` not always detecting aborted connection 1069 * Match routes iteratively to prevent stack overflows 1070 * deps: accepts@~1.2.2 1071 - deps: mime-types@~2.0.7 1072 - deps: negotiator@0.5.0 1073 * deps: send@0.11.0 1074 - deps: debug@~2.1.1 1075 - deps: etag@~1.5.1 1076 - deps: ms@0.7.0 1077 - deps: on-finished@~2.2.0 1078 * deps: serve-static@~1.8.0 1079 - deps: send@0.11.0 1080 1081 4.10.8 / 2015-01-13 1082 =================== 1083 1084 * Fix crash from error within `OPTIONS` response handler 1085 * deps: proxy-addr@~1.0.5 1086 - deps: ipaddr.js@0.1.6 1087 1088 4.10.7 / 2015-01-04 1089 =================== 1090 1091 * Fix `Allow` header for `OPTIONS` to not contain duplicate methods 1092 * Fix incorrect "Request aborted" for `res.sendFile` when `HEAD` or 304 1093 * deps: debug@~2.1.1 1094 * deps: finalhandler@0.3.3 1095 - deps: debug@~2.1.1 1096 - deps: on-finished@~2.2.0 1097 * deps: methods@~1.1.1 1098 * deps: on-finished@~2.2.0 1099 * deps: serve-static@~1.7.2 1100 - Fix potential open redirect when mounted at root 1101 * deps: type-is@~1.5.5 1102 - deps: mime-types@~2.0.7 1103 1104 4.10.6 / 2014-12-12 1105 =================== 1106 1107 * Fix exception in `req.fresh`/`req.stale` without response headers 1108 1109 4.10.5 / 2014-12-10 1110 =================== 1111 1112 * Fix `res.send` double-calling `res.end` for `HEAD` requests 1113 * deps: accepts@~1.1.4 1114 - deps: mime-types@~2.0.4 1115 * deps: type-is@~1.5.4 1116 - deps: mime-types@~2.0.4 1117 1118 4.10.4 / 2014-11-24 1119 =================== 1120 1121 * Fix `res.sendfile` logging standard write errors 1122 1123 4.10.3 / 2014-11-23 1124 =================== 1125 1126 * Fix `res.sendFile` logging standard write errors 1127 * deps: etag@~1.5.1 1128 * deps: proxy-addr@~1.0.4 1129 - deps: ipaddr.js@0.1.5 1130 * deps: qs@2.3.3 1131 - Fix `arrayLimit` behavior 1132 1133 4.10.2 / 2014-11-09 1134 =================== 1135 1136 * Correctly invoke async router callback asynchronously 1137 * deps: accepts@~1.1.3 1138 - deps: mime-types@~2.0.3 1139 * deps: type-is@~1.5.3 1140 - deps: mime-types@~2.0.3 1141 1142 4.10.1 / 2014-10-28 1143 =================== 1144 1145 * Fix handling of URLs containing `://` in the path 1146 * deps: qs@2.3.2 1147 - Fix parsing of mixed objects and values 1148 1149 4.10.0 / 2014-10-23 1150 =================== 1151 1152 * Add support for `app.set('views', array)` 1153 - Views are looked up in sequence in array of directories 1154 * Fix `res.send(status)` to mention `res.sendStatus(status)` 1155 * Fix handling of invalid empty URLs 1156 * Use `content-disposition` module for `res.attachment`/`res.download` 1157 - Sends standards-compliant `Content-Disposition` header 1158 - Full Unicode support 1159 * Use `path.resolve` in view lookup 1160 * deps: debug@~2.1.0 1161 - Implement `DEBUG_FD` env variable support 1162 * deps: depd@~1.0.0 1163 * deps: etag@~1.5.0 1164 - Improve string performance 1165 - Slightly improve speed for weak ETags over 1KB 1166 * deps: finalhandler@0.3.2 1167 - Terminate in progress response only on error 1168 - Use `on-finished` to determine request status 1169 - deps: debug@~2.1.0 1170 - deps: on-finished@~2.1.1 1171 * deps: on-finished@~2.1.1 1172 - Fix handling of pipelined requests 1173 * deps: qs@2.3.0 1174 - Fix parsing of mixed implicit and explicit arrays 1175 * deps: send@0.10.1 1176 - deps: debug@~2.1.0 1177 - deps: depd@~1.0.0 1178 - deps: etag@~1.5.0 1179 - deps: on-finished@~2.1.1 1180 * deps: serve-static@~1.7.1 1181 - deps: send@0.10.1 1182 1183 4.9.8 / 2014-10-17 1184 ================== 1185 1186 * Fix `res.redirect` body when redirect status specified 1187 * deps: accepts@~1.1.2 1188 - Fix error when media type has invalid parameter 1189 - deps: negotiator@0.4.9 1190 1191 4.9.7 / 2014-10-10 1192 ================== 1193 1194 * Fix using same param name in array of paths 1195 1196 4.9.6 / 2014-10-08 1197 ================== 1198 1199 * deps: accepts@~1.1.1 1200 - deps: mime-types@~2.0.2 1201 - deps: negotiator@0.4.8 1202 * deps: serve-static@~1.6.4 1203 - Fix redirect loop when index file serving disabled 1204 * deps: type-is@~1.5.2 1205 - deps: mime-types@~2.0.2 1206 1207 4.9.5 / 2014-09-24 1208 ================== 1209 1210 * deps: etag@~1.4.0 1211 * deps: proxy-addr@~1.0.3 1212 - Use `forwarded` npm module 1213 * deps: send@0.9.3 1214 - deps: etag@~1.4.0 1215 * deps: serve-static@~1.6.3 1216 - deps: send@0.9.3 1217 1218 4.9.4 / 2014-09-19 1219 ================== 1220 1221 * deps: qs@2.2.4 1222 - Fix issue with object keys starting with numbers truncated 1223 1224 4.9.3 / 2014-09-18 1225 ================== 1226 1227 * deps: proxy-addr@~1.0.2 1228 - Fix a global leak when multiple subnets are trusted 1229 - deps: ipaddr.js@0.1.3 1230 1231 4.9.2 / 2014-09-17 1232 ================== 1233 1234 * Fix regression for empty string `path` in `app.use` 1235 * Fix `router.use` to accept array of middleware without path 1236 * Improve error message for bad `app.use` arguments 1237 1238 4.9.1 / 2014-09-16 1239 ================== 1240 1241 * Fix `app.use` to accept array of middleware without path 1242 * deps: depd@0.4.5 1243 * deps: etag@~1.3.1 1244 * deps: send@0.9.2 1245 - deps: depd@0.4.5 1246 - deps: etag@~1.3.1 1247 - deps: range-parser@~1.0.2 1248 * deps: serve-static@~1.6.2 1249 - deps: send@0.9.2 1250 1251 4.9.0 / 2014-09-08 1252 ================== 1253 1254 * Add `res.sendStatus` 1255 * Invoke callback for sendfile when client aborts 1256 - Applies to `res.sendFile`, `res.sendfile`, and `res.download` 1257 - `err` will be populated with request aborted error 1258 * Support IP address host in `req.subdomains` 1259 * Use `etag` to generate `ETag` headers 1260 * deps: accepts@~1.1.0 1261 - update `mime-types` 1262 * deps: cookie-signature@1.0.5 1263 * deps: debug@~2.0.0 1264 * deps: finalhandler@0.2.0 1265 - Set `X-Content-Type-Options: nosniff` header 1266 - deps: debug@~2.0.0 1267 * deps: fresh@0.2.4 1268 * deps: media-typer@0.3.0 1269 - Throw error when parameter format invalid on parse 1270 * deps: qs@2.2.3 1271 - Fix issue where first empty value in array is discarded 1272 * deps: range-parser@~1.0.2 1273 * deps: send@0.9.1 1274 - Add `lastModified` option 1275 - Use `etag` to generate `ETag` header 1276 - deps: debug@~2.0.0 1277 - deps: fresh@0.2.4 1278 * deps: serve-static@~1.6.1 1279 - Add `lastModified` option 1280 - deps: send@0.9.1 1281 * deps: type-is@~1.5.1 1282 - fix `hasbody` to be true for `content-length: 0` 1283 - deps: media-typer@0.3.0 1284 - deps: mime-types@~2.0.1 1285 * deps: vary@~1.0.0 1286 - Accept valid `Vary` header string as `field` 1287 1288 4.8.8 / 2014-09-04 1289 ================== 1290 1291 * deps: send@0.8.5 1292 - Fix a path traversal issue when using `root` 1293 - Fix malicious path detection for empty string path 1294 * deps: serve-static@~1.5.4 1295 - deps: send@0.8.5 1296 1297 4.8.7 / 2014-08-29 1298 ================== 1299 1300 * deps: qs@2.2.2 1301 - Remove unnecessary cloning 1302 1303 4.8.6 / 2014-08-27 1304 ================== 1305 1306 * deps: qs@2.2.0 1307 - Array parsing fix 1308 - Performance improvements 1309 1310 4.8.5 / 2014-08-18 1311 ================== 1312 1313 * deps: send@0.8.3 1314 - deps: destroy@1.0.3 1315 - deps: on-finished@2.1.0 1316 * deps: serve-static@~1.5.3 1317 - deps: send@0.8.3 1318 1319 4.8.4 / 2014-08-14 1320 ================== 1321 1322 * deps: qs@1.2.2 1323 * deps: send@0.8.2 1324 - Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` 1325 * deps: serve-static@~1.5.2 1326 - deps: send@0.8.2 1327 1328 4.8.3 / 2014-08-10 1329 ================== 1330 1331 * deps: parseurl@~1.3.0 1332 * deps: qs@1.2.1 1333 * deps: serve-static@~1.5.1 1334 - Fix parsing of weird `req.originalUrl` values 1335 - deps: parseurl@~1.3.0 1336 - deps: utils-merge@1.0.0 1337 1338 4.8.2 / 2014-08-07 1339 ================== 1340 1341 * deps: qs@1.2.0 1342 - Fix parsing array of objects 1343 1344 4.8.1 / 2014-08-06 1345 ================== 1346 1347 * fix incorrect deprecation warnings on `res.download` 1348 * deps: qs@1.1.0 1349 - Accept urlencoded square brackets 1350 - Accept empty values in implicit array notation 1351 1352 4.8.0 / 2014-08-05 1353 ================== 1354 1355 * add `res.sendFile` 1356 - accepts a file system path instead of a URL 1357 - requires an absolute path or `root` option specified 1358 * deprecate `res.sendfile` -- use `res.sendFile` instead 1359 * support mounted app as any argument to `app.use()` 1360 * deps: qs@1.0.2 1361 - Complete rewrite 1362 - Limits array length to 20 1363 - Limits object depth to 5 1364 - Limits parameters to 1,000 1365 * deps: send@0.8.1 1366 - Add `extensions` option 1367 * deps: serve-static@~1.5.0 1368 - Add `extensions` option 1369 - deps: send@0.8.1 1370 1371 4.7.4 / 2014-08-04 1372 ================== 1373 1374 * fix `res.sendfile` regression for serving directory index files 1375 * deps: send@0.7.4 1376 - Fix incorrect 403 on Windows and Node.js 0.11 1377 - Fix serving index files without root dir 1378 * deps: serve-static@~1.4.4 1379 - deps: send@0.7.4 1380 1381 4.7.3 / 2014-08-04 1382 ================== 1383 1384 * deps: send@0.7.3 1385 - Fix incorrect 403 on Windows and Node.js 0.11 1386 * deps: serve-static@~1.4.3 1387 - Fix incorrect 403 on Windows and Node.js 0.11 1388 - deps: send@0.7.3 1389 1390 4.7.2 / 2014-07-27 1391 ================== 1392 1393 * deps: depd@0.4.4 1394 - Work-around v8 generating empty stack traces 1395 * deps: send@0.7.2 1396 - deps: depd@0.4.4 1397 * deps: serve-static@~1.4.2 1398 1399 4.7.1 / 2014-07-26 1400 ================== 1401 1402 * deps: depd@0.4.3 1403 - Fix exception when global `Error.stackTraceLimit` is too low 1404 * deps: send@0.7.1 1405 - deps: depd@0.4.3 1406 * deps: serve-static@~1.4.1 1407 1408 4.7.0 / 2014-07-25 1409 ================== 1410 1411 * fix `req.protocol` for proxy-direct connections 1412 * configurable query parser with `app.set('query parser', parser)` 1413 - `app.set('query parser', 'extended')` parse with "qs" module 1414 - `app.set('query parser', 'simple')` parse with "querystring" core module 1415 - `app.set('query parser', false)` disable query string parsing 1416 - `app.set('query parser', true)` enable simple parsing 1417 * deprecate `res.json(status, obj)` -- use `res.status(status).json(obj)` instead 1418 * deprecate `res.jsonp(status, obj)` -- use `res.status(status).jsonp(obj)` instead 1419 * deprecate `res.send(status, body)` -- use `res.status(status).send(body)` instead 1420 * deps: debug@1.0.4 1421 * deps: depd@0.4.2 1422 - Add `TRACE_DEPRECATION` environment variable 1423 - Remove non-standard grey color from color output 1424 - Support `--no-deprecation` argument 1425 - Support `--trace-deprecation` argument 1426 * deps: finalhandler@0.1.0 1427 - Respond after request fully read 1428 - deps: debug@1.0.4 1429 * deps: parseurl@~1.2.0 1430 - Cache URLs based on original value 1431 - Remove no-longer-needed URL mis-parse work-around 1432 - Simplify the "fast-path" `RegExp` 1433 * deps: send@0.7.0 1434 - Add `dotfiles` option 1435 - Cap `maxAge` value to 1 year 1436 - deps: debug@1.0.4 1437 - deps: depd@0.4.2 1438 * deps: serve-static@~1.4.0 1439 - deps: parseurl@~1.2.0 1440 - deps: send@0.7.0 1441 * perf: prevent multiple `Buffer` creation in `res.send` 1442 1443 4.6.1 / 2014-07-12 1444 ================== 1445 1446 * fix `subapp.mountpath` regression for `app.use(subapp)` 1447 1448 4.6.0 / 2014-07-11 1449 ================== 1450 1451 * accept multiple callbacks to `app.use()` 1452 * add explicit "Rosetta Flash JSONP abuse" protection 1453 - previous versions are not vulnerable; this is just explicit protection 1454 * catch errors in multiple `req.param(name, fn)` handlers 1455 * deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead 1456 * fix `res.send(status, num)` to send `num` as json (not error) 1457 * remove unnecessary escaping when `res.jsonp` returns JSON response 1458 * support non-string `path` in `app.use(path, fn)` 1459 - supports array of paths 1460 - supports `RegExp` 1461 * router: fix optimization on router exit 1462 * router: refactor location of `try` blocks 1463 * router: speed up standard `app.use(fn)` 1464 * deps: debug@1.0.3 1465 - Add support for multiple wildcards in namespaces 1466 * deps: finalhandler@0.0.3 1467 - deps: debug@1.0.3 1468 * deps: methods@1.1.0 1469 - add `CONNECT` 1470 * deps: parseurl@~1.1.3 1471 - faster parsing of href-only URLs 1472 * deps: path-to-regexp@0.1.3 1473 * deps: send@0.6.0 1474 - deps: debug@1.0.3 1475 * deps: serve-static@~1.3.2 1476 - deps: parseurl@~1.1.3 1477 - deps: send@0.6.0 1478 * perf: fix arguments reassign deopt in some `res` methods 1479 1480 4.5.1 / 2014-07-06 1481 ================== 1482 1483 * fix routing regression when altering `req.method` 1484 1485 4.5.0 / 2014-07-04 1486 ================== 1487 1488 * add deprecation message to non-plural `req.accepts*` 1489 * add deprecation message to `res.send(body, status)` 1490 * add deprecation message to `res.vary()` 1491 * add `headers` option to `res.sendfile` 1492 - use to set headers on successful file transfer 1493 * add `mergeParams` option to `Router` 1494 - merges `req.params` from parent routes 1495 * add `req.hostname` -- correct name for what `req.host` returns 1496 * deprecate things with `depd` module 1497 * deprecate `req.host` -- use `req.hostname` instead 1498 * fix behavior when handling request without routes 1499 * fix handling when `route.all` is only route 1500 * invoke `router.param()` only when route matches 1501 * restore `req.params` after invoking router 1502 * use `finalhandler` for final response handling 1503 * use `media-typer` to alter content-type charset 1504 * deps: accepts@~1.0.7 1505 * deps: send@0.5.0 1506 - Accept string for `maxage` (converted by `ms`) 1507 - Include link in default redirect response 1508 * deps: serve-static@~1.3.0 1509 - Accept string for `maxAge` (converted by `ms`) 1510 - Add `setHeaders` option 1511 - Include HTML link in redirect response 1512 - deps: send@0.5.0 1513 * deps: type-is@~1.3.2 1514 1515 4.4.5 / 2014-06-26 1516 ================== 1517 1518 * deps: cookie-signature@1.0.4 1519 - fix for timing attacks 1520 1521 4.4.4 / 2014-06-20 1522 ================== 1523 1524 * fix `res.attachment` Unicode filenames in Safari 1525 * fix "trim prefix" debug message in `express:router` 1526 * deps: accepts@~1.0.5 1527 * deps: buffer-crc32@0.2.3 1528 1529 4.4.3 / 2014-06-11 1530 ================== 1531 1532 * fix persistence of modified `req.params[name]` from `app.param()` 1533 * deps: accepts@1.0.3 1534 - deps: negotiator@0.4.6 1535 * deps: debug@1.0.2 1536 * deps: send@0.4.3 1537 - Do not throw uncatchable error on file open race condition 1538 - Use `escape-html` for HTML escaping 1539 - deps: debug@1.0.2 1540 - deps: finished@1.2.2 1541 - deps: fresh@0.2.2 1542 * deps: serve-static@1.2.3 1543 - Do not throw uncatchable error on file open race condition 1544 - deps: send@0.4.3 1545 1546 4.4.2 / 2014-06-09 1547 ================== 1548 1549 * fix catching errors from top-level handlers 1550 * use `vary` module for `res.vary` 1551 * deps: debug@1.0.1 1552 * deps: proxy-addr@1.0.1 1553 * deps: send@0.4.2 1554 - fix "event emitter leak" warnings 1555 - deps: debug@1.0.1 1556 - deps: finished@1.2.1 1557 * deps: serve-static@1.2.2 1558 - fix "event emitter leak" warnings 1559 - deps: send@0.4.2 1560 * deps: type-is@1.2.1 1561 1562 4.4.1 / 2014-06-02 1563 ================== 1564 1565 * deps: methods@1.0.1 1566 * deps: send@0.4.1 1567 - Send `max-age` in `Cache-Control` in correct format 1568 * deps: serve-static@1.2.1 1569 - use `escape-html` for escaping 1570 - deps: send@0.4.1 1571 1572 4.4.0 / 2014-05-30 1573 ================== 1574 1575 * custom etag control with `app.set('etag', val)` 1576 - `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation 1577 - `app.set('etag', 'weak')` weak tag 1578 - `app.set('etag', 'strong')` strong etag 1579 - `app.set('etag', false)` turn off 1580 - `app.set('etag', true)` standard etag 1581 * mark `res.send` ETag as weak and reduce collisions 1582 * update accepts to 1.0.2 1583 - Fix interpretation when header not in request 1584 * update send to 0.4.0 1585 - Calculate ETag with md5 for reduced collisions 1586 - Ignore stream errors after request ends 1587 - deps: debug@0.8.1 1588 * update serve-static to 1.2.0 1589 - Calculate ETag with md5 for reduced collisions 1590 - Ignore stream errors after request ends 1591 - deps: send@0.4.0 1592 1593 4.3.2 / 2014-05-28 1594 ================== 1595 1596 * fix handling of errors from `router.param()` callbacks 1597 1598 4.3.1 / 2014-05-23 1599 ================== 1600 1601 * revert "fix behavior of multiple `app.VERB` for the same path" 1602 - this caused a regression in the order of route execution 1603 1604 4.3.0 / 2014-05-21 1605 ================== 1606 1607 * add `req.baseUrl` to access the path stripped from `req.url` in routes 1608 * fix behavior of multiple `app.VERB` for the same path 1609 * fix issue routing requests among sub routers 1610 * invoke `router.param()` only when necessary instead of every match 1611 * proper proxy trust with `app.set('trust proxy', trust)` 1612 - `app.set('trust proxy', 1)` trust first hop 1613 - `app.set('trust proxy', 'loopback')` trust loopback addresses 1614 - `app.set('trust proxy', '10.0.0.1')` trust single IP 1615 - `app.set('trust proxy', '10.0.0.1/16')` trust subnet 1616 - `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list 1617 - `app.set('trust proxy', false)` turn off 1618 - `app.set('trust proxy', true)` trust everything 1619 * set proper `charset` in `Content-Type` for `res.send` 1620 * update type-is to 1.2.0 1621 - support suffix matching 1622 1623 4.2.0 / 2014-05-11 1624 ================== 1625 1626 * deprecate `app.del()` -- use `app.delete()` instead 1627 * deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead 1628 - the edge-case `res.json(status, num)` requires `res.status(status).json(num)` 1629 * deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead 1630 - the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` 1631 * fix `req.next` when inside router instance 1632 * include `ETag` header in `HEAD` requests 1633 * keep previous `Content-Type` for `res.jsonp` 1634 * support PURGE method 1635 - add `app.purge` 1636 - add `router.purge` 1637 - include PURGE in `app.all` 1638 * update debug to 0.8.0 1639 - add `enable()` method 1640 - change from stderr to stdout 1641 * update methods to 1.0.0 1642 - add PURGE 1643 1644 4.1.2 / 2014-05-08 1645 ================== 1646 1647 * fix `req.host` for IPv6 literals 1648 * fix `res.jsonp` error if callback param is object 1649 1650 4.1.1 / 2014-04-27 1651 ================== 1652 1653 * fix package.json to reflect supported node version 1654 1655 4.1.0 / 2014-04-24 1656 ================== 1657 1658 * pass options from `res.sendfile` to `send` 1659 * preserve casing of headers in `res.header` and `res.set` 1660 * support unicode file names in `res.attachment` and `res.download` 1661 * update accepts to 1.0.1 1662 - deps: negotiator@0.4.0 1663 * update cookie to 0.1.2 1664 - Fix for maxAge == 0 1665 - made compat with expires field 1666 * update send to 0.3.0 1667 - Accept API options in options object 1668 - Coerce option types 1669 - Control whether to generate etags 1670 - Default directory access to 403 when index disabled 1671 - Fix sending files with dots without root set 1672 - Include file path in etag 1673 - Make "Can't set headers after they are sent." catchable 1674 - Send full entity-body for multi range requests 1675 - Set etags to "weak" 1676 - Support "If-Range" header 1677 - Support multiple index paths 1678 - deps: mime@1.2.11 1679 * update serve-static to 1.1.0 1680 - Accept options directly to `send` module 1681 - Resolve relative paths at middleware setup 1682 - Use parseurl to parse the URL from request 1683 - deps: send@0.3.0 1684 * update type-is to 1.1.0 1685 - add non-array values support 1686 - add `multipart` as a shorthand 1687 1688 4.0.0 / 2014-04-09 1689 ================== 1690 1691 * remove: 1692 - node 0.8 support 1693 - connect and connect's patches except for charset handling 1694 - express(1) - moved to [express-generator](https://github.com/expressjs/generator) 1695 - `express.createServer()` - it has been deprecated for a long time. Use `express()` 1696 - `app.configure` - use logic in your own app code 1697 - `app.router` - is removed 1698 - `req.auth` - use `basic-auth` instead 1699 - `req.accepted*` - use `req.accepts*()` instead 1700 - `res.location` - relative URL resolution is removed 1701 - `res.charset` - include the charset in the content type when using `res.set()` 1702 - all bundled middleware except `static` 1703 * change: 1704 - `app.route` -> `app.mountpath` when mounting an express app in another express app 1705 - `json spaces` no longer enabled by default in development 1706 - `req.accepts*` -> `req.accepts*s` - i.e. `req.acceptsEncoding` -> `req.acceptsEncodings` 1707 - `req.params` is now an object instead of an array 1708 - `res.locals` is no longer a function. It is a plain js object. Treat it as such. 1709 - `res.headerSent` -> `res.headersSent` to match node.js ServerResponse object 1710 * refactor: 1711 - `req.accepts*` with [accepts](https://github.com/expressjs/accepts) 1712 - `req.is` with [type-is](https://github.com/expressjs/type-is) 1713 - [path-to-regexp](https://github.com/component/path-to-regexp) 1714 * add: 1715 - `app.router()` - returns the app Router instance 1716 - `app.route()` - Proxy to the app's `Router#route()` method to create a new route 1717 - Router & Route - public API 1718 1719 3.21.2 / 2015-07-31 1720 =================== 1721 1722 * deps: connect@2.30.2 1723 - deps: body-parser@~1.13.3 1724 - deps: compression@~1.5.2 1725 - deps: errorhandler@~1.4.2 1726 - deps: method-override@~2.3.5 1727 - deps: serve-index@~1.7.2 1728 - deps: type-is@~1.6.6 1729 - deps: vhost@~3.0.1 1730 * deps: vary@~1.0.1 1731 - Fix setting empty header from empty `field` 1732 - perf: enable strict mode 1733 - perf: remove argument reassignments 1734 1735 3.21.1 / 2015-07-05 1736 =================== 1737 1738 * deps: basic-auth@~1.0.3 1739 * deps: connect@2.30.1 1740 - deps: body-parser@~1.13.2 1741 - deps: compression@~1.5.1 1742 - deps: errorhandler@~1.4.1 1743 - deps: morgan@~1.6.1 1744 - deps: pause@0.1.0 1745 - deps: qs@4.0.0 1746 - deps: serve-index@~1.7.1 1747 - deps: type-is@~1.6.4 1748 1749 3.21.0 / 2015-06-18 1750 =================== 1751 1752 * deps: basic-auth@1.0.2 1753 - perf: enable strict mode 1754 - perf: hoist regular expression 1755 - perf: parse with regular expressions 1756 - perf: remove argument reassignment 1757 * deps: connect@2.30.0 1758 - deps: body-parser@~1.13.1 1759 - deps: bytes@2.1.0 1760 - deps: compression@~1.5.0 1761 - deps: cookie@0.1.3 1762 - deps: cookie-parser@~1.3.5 1763 - deps: csurf@~1.8.3 1764 - deps: errorhandler@~1.4.0 1765 - deps: express-session@~1.11.3 1766 - deps: finalhandler@0.4.0 1767 - deps: fresh@0.3.0 1768 - deps: morgan@~1.6.0 1769 - deps: serve-favicon@~2.3.0 1770 - deps: serve-index@~1.7.0 1771 - deps: serve-static@~1.10.0 1772 - deps: type-is@~1.6.3 1773 * deps: cookie@0.1.3 1774 - perf: deduce the scope of try-catch deopt 1775 - perf: remove argument reassignments 1776 * deps: escape-html@1.0.2 1777 * deps: etag@~1.7.0 1778 - Always include entity length in ETags for hash length extensions 1779 - Generate non-Stats ETags using MD5 only (no longer CRC32) 1780 - Improve stat performance by removing hashing 1781 - Improve support for JXcore 1782 - Remove base64 padding in ETags to shorten 1783 - Support "fake" stats objects in environments without fs 1784 - Use MD5 instead of MD4 in weak ETags over 1KB 1785 * deps: fresh@0.3.0 1786 - Add weak `ETag` matching support 1787 * deps: mkdirp@0.5.1 1788 - Work in global strict mode 1789 * deps: send@0.13.0 1790 - Allow Node.js HTTP server to set `Date` response header 1791 - Fix incorrectly removing `Content-Location` on 304 response 1792 - Improve the default redirect response headers 1793 - Send appropriate headers on default error response 1794 - Use `http-errors` for standard emitted errors 1795 - Use `statuses` instead of `http` module for status messages 1796 - deps: escape-html@1.0.2 1797 - deps: etag@~1.7.0 1798 - deps: fresh@0.3.0 1799 - deps: on-finished@~2.3.0 1800 - perf: enable strict mode 1801 - perf: remove unnecessary array allocations 1802 1803 3.20.3 / 2015-05-17 1804 =================== 1805 1806 * deps: connect@2.29.2 1807 - deps: body-parser@~1.12.4 1808 - deps: compression@~1.4.4 1809 - deps: connect-timeout@~1.6.2 1810 - deps: debug@~2.2.0 1811 - deps: depd@~1.0.1 1812 - deps: errorhandler@~1.3.6 1813 - deps: finalhandler@0.3.6 1814 - deps: method-override@~2.3.3 1815 - deps: morgan@~1.5.3 1816 - deps: qs@2.4.2 1817 - deps: response-time@~2.3.1 1818 - deps: serve-favicon@~2.2.1 1819 - deps: serve-index@~1.6.4 1820 - deps: serve-static@~1.9.3 1821 - deps: type-is@~1.6.2 1822 * deps: debug@~2.2.0 1823 - deps: ms@0.7.1 1824 * deps: depd@~1.0.1 1825 * deps: proxy-addr@~1.0.8 1826 - deps: ipaddr.js@1.0.1 1827 * deps: send@0.12.3 1828 - deps: debug@~2.2.0 1829 - deps: depd@~1.0.1 1830 - deps: etag@~1.6.0 1831 - deps: ms@0.7.1 1832 - deps: on-finished@~2.2.1 1833 1834 3.20.2 / 2015-03-16 1835 =================== 1836 1837 * deps: connect@2.29.1 1838 - deps: body-parser@~1.12.2 1839 - deps: compression@~1.4.3 1840 - deps: connect-timeout@~1.6.1 1841 - deps: debug@~2.1.3 1842 - deps: errorhandler@~1.3.5 1843 - deps: express-session@~1.10.4 1844 - deps: finalhandler@0.3.4 1845 - deps: method-override@~2.3.2 1846 - deps: morgan@~1.5.2 1847 - deps: qs@2.4.1 1848 - deps: serve-index@~1.6.3 1849 - deps: serve-static@~1.9.2 1850 - deps: type-is@~1.6.1 1851 * deps: debug@~2.1.3 1852 - Fix high intensity foreground color for bold 1853 - deps: ms@0.7.0 1854 * deps: merge-descriptors@1.0.0 1855 * deps: proxy-addr@~1.0.7 1856 - deps: ipaddr.js@0.1.9 1857 * deps: send@0.12.2 1858 - Throw errors early for invalid `extensions` or `index` options 1859 - deps: debug@~2.1.3 1860 1861 3.20.1 / 2015-02-28 1862 =================== 1863 1864 * Fix `req.host` when using "trust proxy" hops count 1865 * Fix `req.protocol`/`req.secure` when using "trust proxy" hops count 1866 1867 3.20.0 / 2015-02-18 1868 =================== 1869 1870 * Fix `"trust proxy"` setting to inherit when app is mounted 1871 * Generate `ETag`s for all request responses 1872 - No longer restricted to only responses for `GET` and `HEAD` requests 1873 * Use `content-type` to parse `Content-Type` headers 1874 * deps: connect@2.29.0 1875 - Use `content-type` to parse `Content-Type` headers 1876 - deps: body-parser@~1.12.0 1877 - deps: compression@~1.4.1 1878 - deps: connect-timeout@~1.6.0 1879 - deps: cookie-parser@~1.3.4 1880 - deps: cookie-signature@1.0.6 1881 - deps: csurf@~1.7.0 1882 - deps: errorhandler@~1.3.4 1883 - deps: express-session@~1.10.3 1884 - deps: http-errors@~1.3.1 1885 - deps: response-time@~2.3.0 1886 - deps: serve-index@~1.6.2 1887 - deps: serve-static@~1.9.1 1888 - deps: type-is@~1.6.0 1889 * deps: cookie-signature@1.0.6 1890 * deps: send@0.12.1 1891 - Always read the stat size from the file 1892 - Fix mutating passed-in `options` 1893 - deps: mime@1.3.4 1894 1895 3.19.2 / 2015-02-01 1896 =================== 1897 1898 * deps: connect@2.28.3 1899 - deps: compression@~1.3.1 1900 - deps: csurf@~1.6.6 1901 - deps: errorhandler@~1.3.3 1902 - deps: express-session@~1.10.2 1903 - deps: serve-index@~1.6.1 1904 - deps: type-is@~1.5.6 1905 * deps: proxy-addr@~1.0.6 1906 - deps: ipaddr.js@0.1.8 1907 1908 3.19.1 / 2015-01-20 1909 =================== 1910 1911 * deps: connect@2.28.2 1912 - deps: body-parser@~1.10.2 1913 - deps: serve-static@~1.8.1 1914 * deps: send@0.11.1 1915 - Fix root path disclosure 1916 1917 3.19.0 / 2015-01-09 1918 =================== 1919 1920 * Fix `OPTIONS` responses to include the `HEAD` method property 1921 * Use `readline` for prompt in `express(1)` 1922 * deps: commander@2.6.0 1923 * deps: connect@2.28.1 1924 - deps: body-parser@~1.10.1 1925 - deps: compression@~1.3.0 1926 - deps: connect-timeout@~1.5.0 1927 - deps: csurf@~1.6.4 1928 - deps: debug@~2.1.1 1929 - deps: errorhandler@~1.3.2 1930 - deps: express-session@~1.10.1 1931 - deps: finalhandler@0.3.3 1932 - deps: method-override@~2.3.1 1933 - deps: morgan@~1.5.1 1934 - deps: serve-favicon@~2.2.0 1935 - deps: serve-index@~1.6.0 1936 - deps: serve-static@~1.8.0 1937 - deps: type-is@~1.5.5 1938 * deps: debug@~2.1.1 1939 * deps: methods@~1.1.1 1940 * deps: proxy-addr@~1.0.5 1941 - deps: ipaddr.js@0.1.6 1942 * deps: send@0.11.0 1943 - deps: debug@~2.1.1 1944 - deps: etag@~1.5.1 1945 - deps: ms@0.7.0 1946 - deps: on-finished@~2.2.0 1947 1948 3.18.6 / 2014-12-12 1949 =================== 1950 1951 * Fix exception in `req.fresh`/`req.stale` without response headers 1952 1953 3.18.5 / 2014-12-11 1954 =================== 1955 1956 * deps: connect@2.27.6 1957 - deps: compression@~1.2.2 1958 - deps: express-session@~1.9.3 1959 - deps: http-errors@~1.2.8 1960 - deps: serve-index@~1.5.3 1961 - deps: type-is@~1.5.4 1962 1963 3.18.4 / 2014-11-23 1964 =================== 1965 1966 * deps: connect@2.27.4 1967 - deps: body-parser@~1.9.3 1968 - deps: compression@~1.2.1 1969 - deps: errorhandler@~1.2.3 1970 - deps: express-session@~1.9.2 1971 - deps: qs@2.3.3 1972 - deps: serve-favicon@~2.1.7 1973 - deps: serve-static@~1.5.1 1974 - deps: type-is@~1.5.3 1975 * deps: etag@~1.5.1 1976 * deps: proxy-addr@~1.0.4 1977 - deps: ipaddr.js@0.1.5 1978 1979 3.18.3 / 2014-11-09 1980 =================== 1981 1982 * deps: connect@2.27.3 1983 - Correctly invoke async callback asynchronously 1984 - deps: csurf@~1.6.3 1985 1986 3.18.2 / 2014-10-28 1987 =================== 1988 1989 * deps: connect@2.27.2 1990 - Fix handling of URLs containing `://` in the path 1991 - deps: body-parser@~1.9.2 1992 - deps: qs@2.3.2 1993 1994 3.18.1 / 2014-10-22 1995 =================== 1996 1997 * Fix internal `utils.merge` deprecation warnings 1998 * deps: connect@2.27.1 1999 - deps: body-parser@~1.9.1 2000 - deps: express-session@~1.9.1 2001 - deps: finalhandler@0.3.2 2002 - deps: morgan@~1.4.1 2003 - deps: qs@2.3.0 2004 - deps: serve-static@~1.7.1 2005 * deps: send@0.10.1 2006 - deps: on-finished@~2.1.1 2007 2008 3.18.0 / 2014-10-17 2009 =================== 2010 2011 * Use `content-disposition` module for `res.attachment`/`res.download` 2012 - Sends standards-compliant `Content-Disposition` header 2013 - Full Unicode support 2014 * Use `etag` module to generate `ETag` headers 2015 * deps: connect@2.27.0 2016 - Use `http-errors` module for creating errors 2017 - Use `utils-merge` module for merging objects 2018 - deps: body-parser@~1.9.0 2019 - deps: compression@~1.2.0 2020 - deps: connect-timeout@~1.4.0 2021 - deps: debug@~2.1.0 2022 - deps: depd@~1.0.0 2023 - deps: express-session@~1.9.0 2024 - deps: finalhandler@0.3.1 2025 - deps: method-override@~2.3.0 2026 - deps: morgan@~1.4.0 2027 - deps: response-time@~2.2.0 2028 - deps: serve-favicon@~2.1.6 2029 - deps: serve-index@~1.5.0 2030 - deps: serve-static@~1.7.0 2031 * deps: debug@~2.1.0 2032 - Implement `DEBUG_FD` env variable support 2033 * deps: depd@~1.0.0 2034 * deps: send@0.10.0 2035 - deps: debug@~2.1.0 2036 - deps: depd@~1.0.0 2037 - deps: etag@~1.5.0 2038 2039 3.17.8 / 2014-10-15 2040 =================== 2041 2042 * deps: connect@2.26.6 2043 - deps: compression@~1.1.2 2044 - deps: csurf@~1.6.2 2045 - deps: errorhandler@~1.2.2 2046 2047 3.17.7 / 2014-10-08 2048 =================== 2049 2050 * deps: connect@2.26.5 2051 - Fix accepting non-object arguments to `logger` 2052 - deps: serve-static@~1.6.4 2053 2054 3.17.6 / 2014-10-02 2055 =================== 2056 2057 * deps: connect@2.26.4 2058 - deps: morgan@~1.3.2 2059 - deps: type-is@~1.5.2 2060 2061 3.17.5 / 2014-09-24 2062 =================== 2063 2064 * deps: connect@2.26.3 2065 - deps: body-parser@~1.8.4 2066 - deps: serve-favicon@~2.1.5 2067 - deps: serve-static@~1.6.3 2068 * deps: proxy-addr@~1.0.3 2069 - Use `forwarded` npm module 2070 * deps: send@0.9.3 2071 - deps: etag@~1.4.0 2072 2073 3.17.4 / 2014-09-19 2074 =================== 2075 2076 * deps: connect@2.26.2 2077 - deps: body-parser@~1.8.3 2078 - deps: qs@2.2.4 2079 2080 3.17.3 / 2014-09-18 2081 =================== 2082 2083 * deps: proxy-addr@~1.0.2 2084 - Fix a global leak when multiple subnets are trusted 2085 - deps: ipaddr.js@0.1.3 2086 2087 3.17.2 / 2014-09-15 2088 =================== 2089 2090 * Use `crc` instead of `buffer-crc32` for speed 2091 * deps: connect@2.26.1 2092 - deps: body-parser@~1.8.2 2093 - deps: depd@0.4.5 2094 - deps: express-session@~1.8.2 2095 - deps: morgan@~1.3.1 2096 - deps: serve-favicon@~2.1.3 2097 - deps: serve-static@~1.6.2 2098 * deps: depd@0.4.5 2099 * deps: send@0.9.2 2100 - deps: depd@0.4.5 2101 - deps: etag@~1.3.1 2102 - deps: range-parser@~1.0.2 2103 2104 3.17.1 / 2014-09-08 2105 =================== 2106 2107 * Fix error in `req.subdomains` on empty host 2108 2109 3.17.0 / 2014-09-08 2110 =================== 2111 2112 * Support `X-Forwarded-Host` in `req.subdomains` 2113 * Support IP address host in `req.subdomains` 2114 * deps: connect@2.26.0 2115 - deps: body-parser@~1.8.1 2116 - deps: compression@~1.1.0 2117 - deps: connect-timeout@~1.3.0 2118 - deps: cookie-parser@~1.3.3 2119 - deps: cookie-signature@1.0.5 2120 - deps: csurf@~1.6.1 2121 - deps: debug@~2.0.0 2122 - deps: errorhandler@~1.2.0 2123 - deps: express-session@~1.8.1 2124 - deps: finalhandler@0.2.0 2125 - deps: fresh@0.2.4 2126 - deps: media-typer@0.3.0 2127 - deps: method-override@~2.2.0 2128 - deps: morgan@~1.3.0 2129 - deps: qs@2.2.3 2130 - deps: serve-favicon@~2.1.3 2131 - deps: serve-index@~1.2.1 2132 - deps: serve-static@~1.6.1 2133 - deps: type-is@~1.5.1 2134 - deps: vhost@~3.0.0 2135 * deps: cookie-signature@1.0.5 2136 * deps: debug@~2.0.0 2137 * deps: fresh@0.2.4 2138 * deps: media-typer@0.3.0 2139 - Throw error when parameter format invalid on parse 2140 * deps: range-parser@~1.0.2 2141 * deps: send@0.9.1 2142 - Add `lastModified` option 2143 - Use `etag` to generate `ETag` header 2144 - deps: debug@~2.0.0 2145 - deps: fresh@0.2.4 2146 * deps: vary@~1.0.0 2147 - Accept valid `Vary` header string as `field` 2148 2149 3.16.10 / 2014-09-04 2150 ==================== 2151 2152 * deps: connect@2.25.10 2153 - deps: serve-static@~1.5.4 2154 * deps: send@0.8.5 2155 - Fix a path traversal issue when using `root` 2156 - Fix malicious path detection for empty string path 2157 2158 3.16.9 / 2014-08-29 2159 =================== 2160 2161 * deps: connect@2.25.9 2162 - deps: body-parser@~1.6.7 2163 - deps: qs@2.2.2 2164 2165 3.16.8 / 2014-08-27 2166 =================== 2167 2168 * deps: connect@2.25.8 2169 - deps: body-parser@~1.6.6 2170 - deps: csurf@~1.4.1 2171 - deps: qs@2.2.0 2172 2173 3.16.7 / 2014-08-18 2174 =================== 2175 2176 * deps: connect@2.25.7 2177 - deps: body-parser@~1.6.5 2178 - deps: express-session@~1.7.6 2179 - deps: morgan@~1.2.3 2180 - deps: serve-static@~1.5.3 2181 * deps: send@0.8.3 2182 - deps: destroy@1.0.3 2183 - deps: on-finished@2.1.0 2184 2185 3.16.6 / 2014-08-14 2186 =================== 2187 2188 * deps: connect@2.25.6 2189 - deps: body-parser@~1.6.4 2190 - deps: qs@1.2.2 2191 - deps: serve-static@~1.5.2 2192 * deps: send@0.8.2 2193 - Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` 2194 2195 3.16.5 / 2014-08-11 2196 =================== 2197 2198 * deps: connect@2.25.5 2199 - Fix backwards compatibility in `logger` 2200 2201 3.16.4 / 2014-08-10 2202 =================== 2203 2204 * Fix original URL parsing in `res.location` 2205 * deps: connect@2.25.4 2206 - Fix `query` middleware breaking with argument 2207 - deps: body-parser@~1.6.3 2208 - deps: compression@~1.0.11 2209 - deps: connect-timeout@~1.2.2 2210 - deps: express-session@~1.7.5 2211 - deps: method-override@~2.1.3 2212 - deps: on-headers@~1.0.0 2213 - deps: parseurl@~1.3.0 2214 - deps: qs@1.2.1 2215 - deps: response-time@~2.0.1 2216 - deps: serve-index@~1.1.6 2217 - deps: serve-static@~1.5.1 2218 * deps: parseurl@~1.3.0 2219 2220 3.16.3 / 2014-08-07 2221 =================== 2222 2223 * deps: connect@2.25.3 2224 - deps: multiparty@3.3.2 2225 2226 3.16.2 / 2014-08-07 2227 =================== 2228 2229 * deps: connect@2.25.2 2230 - deps: body-parser@~1.6.2 2231 - deps: qs@1.2.0 2232 2233 3.16.1 / 2014-08-06 2234 =================== 2235 2236 * deps: connect@2.25.1 2237 - deps: body-parser@~1.6.1 2238 - deps: qs@1.1.0 2239 2240 3.16.0 / 2014-08-05 2241 =================== 2242 2243 * deps: connect@2.25.0 2244 - deps: body-parser@~1.6.0 2245 - deps: compression@~1.0.10 2246 - deps: csurf@~1.4.0 2247 - deps: express-session@~1.7.4 2248 - deps: qs@1.0.2 2249 - deps: serve-static@~1.5.0 2250 * deps: send@0.8.1 2251 - Add `extensions` option 2252 2253 3.15.3 / 2014-08-04 2254 =================== 2255 2256 * fix `res.sendfile` regression for serving directory index files 2257 * deps: connect@2.24.3 2258 - deps: serve-index@~1.1.5 2259 - deps: serve-static@~1.4.4 2260 * deps: send@0.7.4 2261 - Fix incorrect 403 on Windows and Node.js 0.11 2262 - Fix serving index files without root dir 2263 2264 3.15.2 / 2014-07-27 2265 =================== 2266 2267 * deps: connect@2.24.2 2268 - deps: body-parser@~1.5.2 2269 - deps: depd@0.4.4 2270 - deps: express-session@~1.7.2 2271 - deps: morgan@~1.2.2 2272 - deps: serve-static@~1.4.2 2273 * deps: depd@0.4.4 2274 - Work-around v8 generating empty stack traces 2275 * deps: send@0.7.2 2276 - deps: depd@0.4.4 2277 2278 3.15.1 / 2014-07-26 2279 =================== 2280 2281 * deps: connect@2.24.1 2282 - deps: body-parser@~1.5.1 2283 - deps: depd@0.4.3 2284 - deps: express-session@~1.7.1 2285 - deps: morgan@~1.2.1 2286 - deps: serve-index@~1.1.4 2287 - deps: serve-static@~1.4.1 2288 * deps: depd@0.4.3 2289 - Fix exception when global `Error.stackTraceLimit` is too low 2290 * deps: send@0.7.1 2291 - deps: depd@0.4.3 2292 2293 3.15.0 / 2014-07-22 2294 =================== 2295 2296 * Fix `req.protocol` for proxy-direct connections 2297 * Pass options from `res.sendfile` to `send` 2298 * deps: connect@2.24.0 2299 - deps: body-parser@~1.5.0 2300 - deps: compression@~1.0.9 2301 - deps: connect-timeout@~1.2.1 2302 - deps: debug@1.0.4 2303 - deps: depd@0.4.2 2304 - deps: express-session@~1.7.0 2305 - deps: finalhandler@0.1.0 2306 - deps: method-override@~2.1.2 2307 - deps: morgan@~1.2.0 2308 - deps: multiparty@3.3.1 2309 - deps: parseurl@~1.2.0 2310 - deps: serve-static@~1.4.0 2311 * deps: debug@1.0.4 2312 * deps: depd@0.4.2 2313 - Add `TRACE_DEPRECATION` environment variable 2314 - Remove non-standard grey color from color output 2315 - Support `--no-deprecation` argument 2316 - Support `--trace-deprecation` argument 2317 * deps: parseurl@~1.2.0 2318 - Cache URLs based on original value 2319 - Remove no-longer-needed URL mis-parse work-around 2320 - Simplify the "fast-path" `RegExp` 2321 * deps: send@0.7.0 2322 - Add `dotfiles` option 2323 - Cap `maxAge` value to 1 year 2324 - deps: debug@1.0.4 2325 - deps: depd@0.4.2 2326 2327 3.14.0 / 2014-07-11 2328 =================== 2329 2330 * add explicit "Rosetta Flash JSONP abuse" protection 2331 - previous versions are not vulnerable; this is just explicit protection 2332 * deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead 2333 * fix `res.send(status, num)` to send `num` as json (not error) 2334 * remove unnecessary escaping when `res.jsonp` returns JSON response 2335 * deps: basic-auth@1.0.0 2336 - support empty password 2337 - support empty username 2338 * deps: connect@2.23.0 2339 - deps: debug@1.0.3 2340 - deps: express-session@~1.6.4 2341 - deps: method-override@~2.1.0 2342 - deps: parseurl@~1.1.3 2343 - deps: serve-static@~1.3.1 2344 * deps: debug@1.0.3 2345 - Add support for multiple wildcards in namespaces 2346 * deps: methods@1.1.0 2347 - add `CONNECT` 2348 * deps: parseurl@~1.1.3 2349 - faster parsing of href-only URLs 2350 2351 3.13.0 / 2014-07-03 2352 =================== 2353 2354 * add deprecation message to `app.configure` 2355 * add deprecation message to `req.auth` 2356 * use `basic-auth` to parse `Authorization` header 2357 * deps: connect@2.22.0 2358 - deps: csurf@~1.3.0 2359 - deps: express-session@~1.6.1 2360 - deps: multiparty@3.3.0 2361 - deps: serve-static@~1.3.0 2362 * deps: send@0.5.0 2363 - Accept string for `maxage` (converted by `ms`) 2364 - Include link in default redirect response 2365 2366 3.12.1 / 2014-06-26 2367 =================== 2368 2369 * deps: connect@2.21.1 2370 - deps: cookie-parser@1.3.2 2371 - deps: cookie-signature@1.0.4 2372 - deps: express-session@~1.5.2 2373 - deps: type-is@~1.3.2 2374 * deps: cookie-signature@1.0.4 2375 - fix for timing attacks 2376 2377 3.12.0 / 2014-06-21 2378 =================== 2379 2380 * use `media-typer` to alter content-type charset 2381 * deps: connect@2.21.0 2382 - deprecate `connect(middleware)` -- use `app.use(middleware)` instead 2383 - deprecate `connect.createServer()` -- use `connect()` instead 2384 - fix `res.setHeader()` patch to work with get -> append -> set pattern 2385 - deps: compression@~1.0.8 2386 - deps: errorhandler@~1.1.1 2387 - deps: express-session@~1.5.0 2388 - deps: serve-index@~1.1.3 2389 2390 3.11.0 / 2014-06-19 2391 =================== 2392 2393 * deprecate things with `depd` module 2394 * deps: buffer-crc32@0.2.3 2395 * deps: connect@2.20.2 2396 - deprecate `verify` option to `json` -- use `body-parser` npm module instead 2397 - deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead 2398 - deprecate things with `depd` module 2399 - use `finalhandler` for final response handling 2400 - use `media-typer` to parse `content-type` for charset 2401 - deps: body-parser@1.4.3 2402 - deps: connect-timeout@1.1.1 2403 - deps: cookie-parser@1.3.1 2404 - deps: csurf@1.2.2 2405 - deps: errorhandler@1.1.0 2406 - deps: express-session@1.4.0 2407 - deps: multiparty@3.2.9 2408 - deps: serve-index@1.1.2 2409 - deps: type-is@1.3.1 2410 - deps: vhost@2.0.0 2411 2412 3.10.5 / 2014-06-11 2413 =================== 2414 2415 * deps: connect@2.19.6 2416 - deps: body-parser@1.3.1 2417 - deps: compression@1.0.7 2418 - deps: debug@1.0.2 2419 - deps: serve-index@1.1.1 2420 - deps: serve-static@1.2.3 2421 * deps: debug@1.0.2 2422 * deps: send@0.4.3 2423 - Do not throw uncatchable error on file open race condition 2424 - Use `escape-html` for HTML escaping 2425 - deps: debug@1.0.2 2426 - deps: finished@1.2.2 2427 - deps: fresh@0.2.2 2428 2429 3.10.4 / 2014-06-09 2430 =================== 2431 2432 * deps: connect@2.19.5 2433 - fix "event emitter leak" warnings 2434 - deps: csurf@1.2.1 2435 - deps: debug@1.0.1 2436 - deps: serve-static@1.2.2 2437 - deps: type-is@1.2.1 2438 * deps: debug@1.0.1 2439 * deps: send@0.4.2 2440 - fix "event emitter leak" warnings 2441 - deps: finished@1.2.1 2442 - deps: debug@1.0.1 2443 2444 3.10.3 / 2014-06-05 2445 =================== 2446 2447 * use `vary` module for `res.vary` 2448 * deps: connect@2.19.4 2449 - deps: errorhandler@1.0.2 2450 - deps: method-override@2.0.2 2451 - deps: serve-favicon@2.0.1 2452 * deps: debug@1.0.0 2453 2454 3.10.2 / 2014-06-03 2455 =================== 2456 2457 * deps: connect@2.19.3 2458 - deps: compression@1.0.6 2459 2460 3.10.1 / 2014-06-03 2461 =================== 2462 2463 * deps: connect@2.19.2 2464 - deps: compression@1.0.4 2465 * deps: proxy-addr@1.0.1 2466 2467 3.10.0 / 2014-06-02 2468 =================== 2469 2470 * deps: connect@2.19.1 2471 - deprecate `methodOverride()` -- use `method-override` npm module instead 2472 - deps: body-parser@1.3.0 2473 - deps: method-override@2.0.1 2474 - deps: multiparty@3.2.8 2475 - deps: response-time@2.0.0 2476 - deps: serve-static@1.2.1 2477 * deps: methods@1.0.1 2478 * deps: send@0.4.1 2479 - Send `max-age` in `Cache-Control` in correct format 2480 2481 3.9.0 / 2014-05-30 2482 ================== 2483 2484 * custom etag control with `app.set('etag', val)` 2485 - `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation 2486 - `app.set('etag', 'weak')` weak tag 2487 - `app.set('etag', 'strong')` strong etag 2488 - `app.set('etag', false)` turn off 2489 - `app.set('etag', true)` standard etag 2490 * Include ETag in HEAD requests 2491 * mark `res.send` ETag as weak and reduce collisions 2492 * update connect to 2.18.0 2493 - deps: compression@1.0.3 2494 - deps: serve-index@1.1.0 2495 - deps: serve-static@1.2.0 2496 * update send to 0.4.0 2497 - Calculate ETag with md5 for reduced collisions 2498 - Ignore stream errors after request ends 2499 - deps: debug@0.8.1 2500 2501 3.8.1 / 2014-05-27 2502 ================== 2503 2504 * update connect to 2.17.3 2505 - deps: body-parser@1.2.2 2506 - deps: express-session@1.2.1 2507 - deps: method-override@1.0.2 2508 2509 3.8.0 / 2014-05-21 2510 ================== 2511 2512 * keep previous `Content-Type` for `res.jsonp` 2513 * set proper `charset` in `Content-Type` for `res.send` 2514 * update connect to 2.17.1 2515 - fix `res.charset` appending charset when `content-type` has one 2516 - deps: express-session@1.2.0 2517 - deps: morgan@1.1.1 2518 - deps: serve-index@1.0.3 2519 2520 3.7.0 / 2014-05-18 2521 ================== 2522 2523 * proper proxy trust with `app.set('trust proxy', trust)` 2524 - `app.set('trust proxy', 1)` trust first hop 2525 - `app.set('trust proxy', 'loopback')` trust loopback addresses 2526 - `app.set('trust proxy', '10.0.0.1')` trust single IP 2527 - `app.set('trust proxy', '10.0.0.1/16')` trust subnet 2528 - `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list 2529 - `app.set('trust proxy', false)` turn off 2530 - `app.set('trust proxy', true)` trust everything 2531 * update connect to 2.16.2 2532 - deprecate `res.headerSent` -- use `res.headersSent` 2533 - deprecate `res.on("header")` -- use on-headers module instead 2534 - fix edge-case in `res.appendHeader` that would append in wrong order 2535 - json: use body-parser 2536 - urlencoded: use body-parser 2537 - dep: bytes@1.0.0 2538 - dep: cookie-parser@1.1.0 2539 - dep: csurf@1.2.0 2540 - dep: express-session@1.1.0 2541 - dep: method-override@1.0.1 2542 2543 3.6.0 / 2014-05-09 2544 ================== 2545 2546 * deprecate `app.del()` -- use `app.delete()` instead 2547 * deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead 2548 - the edge-case `res.json(status, num)` requires `res.status(status).json(num)` 2549 * deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead 2550 - the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` 2551 * support PURGE method 2552 - add `app.purge` 2553 - add `router.purge` 2554 - include PURGE in `app.all` 2555 * update connect to 2.15.0 2556 * Add `res.appendHeader` 2557 * Call error stack even when response has been sent 2558 * Patch `res.headerSent` to return Boolean 2559 * Patch `res.headersSent` for node.js 0.8 2560 * Prevent default 404 handler after response sent 2561 * dep: compression@1.0.2 2562 * dep: connect-timeout@1.1.0 2563 * dep: debug@^0.8.0 2564 * dep: errorhandler@1.0.1 2565 * dep: express-session@1.0.4 2566 * dep: morgan@1.0.1 2567 * dep: serve-favicon@2.0.0 2568 * dep: serve-index@1.0.2 2569 * update debug to 0.8.0 2570 * add `enable()` method 2571 * change from stderr to stdout 2572 * update methods to 1.0.0 2573 - add PURGE 2574 * update mkdirp to 0.5.0 2575 2576 3.5.3 / 2014-05-08 2577 ================== 2578 2579 * fix `req.host` for IPv6 literals 2580 * fix `res.jsonp` error if callback param is object 2581 2582 3.5.2 / 2014-04-24 2583 ================== 2584 2585 * update connect to 2.14.5 2586 * update cookie to 0.1.2 2587 * update mkdirp to 0.4.0 2588 * update send to 0.3.0 2589 2590 3.5.1 / 2014-03-25 2591 ================== 2592 2593 * pin less-middleware in generated app 2594 2595 3.5.0 / 2014-03-06 2596 ================== 2597 2598 * bump deps 2599 2600 3.4.8 / 2014-01-13 2601 ================== 2602 2603 * prevent incorrect automatic OPTIONS responses #1868 @dpatti 2604 * update binary and examples for jade 1.0 #1876 @yossi, #1877 @reqshark, #1892 @matheusazzi 2605 * throw 400 in case of malformed paths @rlidwka 2606 2607 3.4.7 / 2013-12-10 2608 ================== 2609 2610 * update connect 2611 2612 3.4.6 / 2013-12-01 2613 ================== 2614 2615 * update connect (raw-body) 2616 2617 3.4.5 / 2013-11-27 2618 ================== 2619 2620 * update connect 2621 * res.location: remove leading ./ #1802 @kapouer 2622 * res.redirect: fix `res.redirect('toString') #1829 @michaelficarra 2623 * res.send: always send ETag when content-length > 0 2624 * router: add Router.all() method 2625 2626 3.4.4 / 2013-10-29 2627 ================== 2628 2629 * update connect 2630 * update supertest 2631 * update methods 2632 * express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04 2633 2634 3.4.3 / 2013-10-23 2635 ================== 2636 2637 * update connect 2638 2639 3.4.2 / 2013-10-18 2640 ================== 2641 2642 * update connect 2643 * downgrade commander 2644 2645 3.4.1 / 2013-10-15 2646 ================== 2647 2648 * update connect 2649 * update commander 2650 * jsonp: check if callback is a function 2651 * router: wrap encodeURIComponent in a try/catch #1735 (@lxe) 2652 * res.format: now includes charset @1747 (@sorribas) 2653 * res.links: allow multiple calls @1746 (@sorribas) 2654 2655 3.4.0 / 2013-09-07 2656 ================== 2657 2658 * add res.vary(). Closes #1682 2659 * update connect 2660 2661 3.3.8 / 2013-09-02 2662 ================== 2663 2664 * update connect 2665 2666 3.3.7 / 2013-08-28 2667 ================== 2668 2669 * update connect 2670 2671 3.3.6 / 2013-08-27 2672 ================== 2673 2674 * Revert "remove charset from json responses. Closes #1631" (causes issues in some clients) 2675 * add: req.accepts take an argument list 2676 2677 3.3.4 / 2013-07-08 2678 ================== 2679 2680 * update send and connect 2681 2682 3.3.3 / 2013-07-04 2683 ================== 2684 2685 * update connect 2686 2687 3.3.2 / 2013-07-03 2688 ================== 2689 2690 * update connect 2691 * update send 2692 * remove .version export 2693 2694 3.3.1 / 2013-06-27 2695 ================== 2696 2697 * update connect 2698 2699 3.3.0 / 2013-06-26 2700 ================== 2701 2702 * update connect 2703 * add support for multiple X-Forwarded-Proto values. Closes #1646 2704 * change: remove charset from json responses. Closes #1631 2705 * change: return actual booleans from req.accept* functions 2706 * fix jsonp callback array throw 2707 2708 3.2.6 / 2013-06-02 2709 ================== 2710 2711 * update connect 2712 2713 3.2.5 / 2013-05-21 2714 ================== 2715 2716 * update connect 2717 * update node-cookie 2718 * add: throw a meaningful error when there is no default engine 2719 * change generation of ETags with res.send() to GET requests only. Closes #1619 2720 2721 3.2.4 / 2013-05-09 2722 ================== 2723 2724 * fix `req.subdomains` when no Host is present 2725 * fix `req.host` when no Host is present, return undefined 2726 2727 3.2.3 / 2013-05-07 2728 ================== 2729 2730 * update connect / qs 2731 2732 3.2.2 / 2013-05-03 2733 ================== 2734 2735 * update qs 2736 2737 3.2.1 / 2013-04-29 2738 ================== 2739 2740 * add app.VERB() paths array deprecation warning 2741 * update connect 2742 * update qs and remove all ~ semver crap 2743 * fix: accept number as value of Signed Cookie 2744 2745 3.2.0 / 2013-04-15 2746 ================== 2747 2748 * add "view" constructor setting to override view behaviour 2749 * add req.acceptsEncoding(name) 2750 * add req.acceptedEncodings 2751 * revert cookie signature change causing session race conditions 2752 * fix sorting of Accept values of the same quality 2753 2754 3.1.2 / 2013-04-12 2755 ================== 2756 2757 * add support for custom Accept parameters 2758 * update cookie-signature 2759 2760 3.1.1 / 2013-04-01 2761 ================== 2762 2763 * add X-Forwarded-Host support to `req.host` 2764 * fix relative redirects 2765 * update mkdirp 2766 * update buffer-crc32 2767 * remove legacy app.configure() method from app template. 2768 2769 3.1.0 / 2013-01-25 2770 ================== 2771 2772 * add support for leading "." in "view engine" setting 2773 * add array support to `res.set()` 2774 * add node 0.8.x to travis.yml 2775 * add "subdomain offset" setting for tweaking `req.subdomains` 2776 * add `res.location(url)` implementing `res.redirect()`-like setting of Location 2777 * use app.get() for x-powered-by setting for inheritance 2778 * fix colons in passwords for `req.auth` 2779 2780 3.0.6 / 2013-01-04 2781 ================== 2782 2783 * add http verb methods to Router 2784 * update connect 2785 * fix mangling of the `res.cookie()` options object 2786 * fix jsonp whitespace escape. Closes #1132 2787 2788 3.0.5 / 2012-12-19 2789 ================== 2790 2791 * add throwing when a non-function is passed to a route 2792 * fix: explicitly remove Transfer-Encoding header from 204 and 304 responses 2793 * revert "add 'etag' option" 2794 2795 3.0.4 / 2012-12-05 2796 ================== 2797 2798 * add 'etag' option to disable `res.send()` Etags 2799 * add escaping of urls in text/plain in `res.redirect()` 2800 for old browsers interpreting as html 2801 * change crc32 module for a more liberal license 2802 * update connect 2803 2804 3.0.3 / 2012-11-13 2805 ================== 2806 2807 * update connect 2808 * update cookie module 2809 * fix cookie max-age 2810 2811 3.0.2 / 2012-11-08 2812 ================== 2813 2814 * add OPTIONS to cors example. Closes #1398 2815 * fix route chaining regression. Closes #1397 2816 2817 3.0.1 / 2012-11-01 2818 ================== 2819 2820 * update connect 2821 2822 3.0.0 / 2012-10-23 2823 ================== 2824 2825 * add `make clean` 2826 * add "Basic" check to req.auth 2827 * add `req.auth` test coverage 2828 * add cb && cb(payload) to `res.jsonp()`. Closes #1374 2829 * add backwards compat for `res.redirect()` status. Closes #1336 2830 * add support for `res.json()` to retain previously defined Content-Types. Closes #1349 2831 * update connect 2832 * change `res.redirect()` to utilize a pathname-relative Location again. Closes #1382 2833 * remove non-primitive string support for `res.send()` 2834 * fix view-locals example. Closes #1370 2835 * fix route-separation example 2836 2837 3.0.0rc5 / 2012-09-18 2838 ================== 2839 2840 * update connect 2841 * add redis search example 2842 * add static-files example 2843 * add "x-powered-by" setting (`app.disable('x-powered-by')`) 2844 * add "application/octet-stream" redirect Accept test case. Closes #1317 2845 2846 3.0.0rc4 / 2012-08-30 2847 ================== 2848 2849 * add `res.jsonp()`. Closes #1307 2850 * add "verbose errors" option to error-pages example 2851 * add another route example to express(1) so people are not so confused 2852 * add redis online user activity tracking example 2853 * update connect dep 2854 * fix etag quoting. Closes #1310 2855 * fix error-pages 404 status 2856 * fix jsonp callback char restrictions 2857 * remove old OPTIONS default response 2858 2859 3.0.0rc3 / 2012-08-13 2860 ================== 2861 2862 * update connect dep 2863 * fix signed cookies to work with `connect.cookieParser()` ("s:" prefix was missing) [tnydwrds] 2864 * fix `res.render()` clobbering of "locals" 2865 2866 3.0.0rc2 / 2012-08-03 2867 ================== 2868 2869 * add CORS example 2870 * update connect dep 2871 * deprecate `.createServer()` & remove old stale examples 2872 * fix: escape `res.redirect()` link 2873 * fix vhost example 2874 2875 3.0.0rc1 / 2012-07-24 2876 ================== 2877 2878 * add more examples to view-locals 2879 * add scheme-relative redirects (`res.redirect("//foo.com")`) support 2880 * update cookie dep 2881 * update connect dep 2882 * update send dep 2883 * fix `express(1)` -h flag, use -H for hogan. Closes #1245 2884 * fix `res.sendfile()` socket error handling regression 2885 2886 3.0.0beta7 / 2012-07-16 2887 ================== 2888 2889 * update connect dep for `send()` root normalization regression 2890 2891 3.0.0beta6 / 2012-07-13 2892 ================== 2893 2894 * add `err.view` property for view errors. Closes #1226 2895 * add "jsonp callback name" setting 2896 * add support for "/foo/:bar*" non-greedy matches 2897 * change `res.sendfile()` to use `send()` module 2898 * change `res.send` to use "response-send" module 2899 * remove `app.locals.use` and `res.locals.use`, use regular middleware 2900 2901 3.0.0beta5 / 2012-07-03 2902 ================== 2903 2904 * add "make check" support 2905 * add route-map example 2906 * add `res.json(obj, status)` support back for BC 2907 * add "methods" dep, remove internal methods module 2908 * update connect dep 2909 * update auth example to utilize cores pbkdf2 2910 * updated tests to use "supertest" 2911 2912 3.0.0beta4 / 2012-06-25 2913 ================== 2914 2915 * Added `req.auth` 2916 * Added `req.range(size)` 2917 * Added `res.links(obj)` 2918 * Added `res.send(body, status)` support back for backwards compat 2919 * Added `.default()` support to `res.format()` 2920 * Added 2xx / 304 check to `req.fresh` 2921 * Revert "Added + support to the router" 2922 * Fixed `res.send()` freshness check, respect res.statusCode 2923 2924 3.0.0beta3 / 2012-06-15 2925 ================== 2926 2927 * Added hogan `--hjs` to express(1) [nullfirm] 2928 * Added another example to content-negotiation 2929 * Added `fresh` dep 2930 * Changed: `res.send()` always checks freshness 2931 * Fixed: expose connects mime module. Closes #1165 2932 2933 3.0.0beta2 / 2012-06-06 2934 ================== 2935 2936 * Added `+` support to the router 2937 * Added `req.host` 2938 * Changed `req.param()` to check route first 2939 * Update connect dep 2940 2941 3.0.0beta1 / 2012-06-01 2942 ================== 2943 2944 * Added `res.format()` callback to override default 406 behaviour 2945 * Fixed `res.redirect()` 406. Closes #1154 2946 2947 3.0.0alpha5 / 2012-05-30 2948 ================== 2949 2950 * Added `req.ip` 2951 * Added `{ signed: true }` option to `res.cookie()` 2952 * Removed `res.signedCookie()` 2953 * Changed: dont reverse `req.ips` 2954 * Fixed "trust proxy" setting check for `req.ips` 2955 2956 3.0.0alpha4 / 2012-05-09 2957 ================== 2958 2959 * Added: allow `[]` in jsonp callback. Closes #1128 2960 * Added `PORT` env var support in generated template. Closes #1118 [benatkin] 2961 * Updated: connect 2.2.2 2962 2963 3.0.0alpha3 / 2012-05-04 2964 ================== 2965 2966 * Added public `app.routes`. Closes #887 2967 * Added _view-locals_ example 2968 * Added _mvc_ example 2969 * Added `res.locals.use()`. Closes #1120 2970 * Added conditional-GET support to `res.send()` 2971 * Added: coerce `res.set()` values to strings 2972 * Changed: moved `static()` in generated apps below router 2973 * Changed: `res.send()` only set ETag when not previously set 2974 * Changed connect 2.2.1 dep 2975 * Changed: `make test` now runs unit / acceptance tests 2976 * Fixed req/res proto inheritance 2977 2978 3.0.0alpha2 / 2012-04-26 2979 ================== 2980 2981 * Added `make benchmark` back 2982 * Added `res.send()` support for `String` objects 2983 * Added client-side data exposing example 2984 * Added `res.header()` and `req.header()` aliases for BC 2985 * Added `express.createServer()` for BC 2986 * Perf: memoize parsed urls 2987 * Perf: connect 2.2.0 dep 2988 * Changed: make `expressInit()` middleware self-aware 2989 * Fixed: use app.get() for all core settings 2990 * Fixed redis session example 2991 * Fixed session example. Closes #1105 2992 * Fixed generated express dep. Closes #1078 2993 2994 3.0.0alpha1 / 2012-04-15 2995 ================== 2996 2997 * Added `app.locals.use(callback)` 2998 * Added `app.locals` object 2999 * Added `app.locals(obj)` 3000 * Added `res.locals` object 3001 * Added `res.locals(obj)` 3002 * Added `res.format()` for content-negotiation 3003 * Added `app.engine()` 3004 * Added `res.cookie()` JSON cookie support 3005 * Added "trust proxy" setting 3006 * Added `req.subdomains` 3007 * Added `req.protocol` 3008 * Added `req.secure` 3009 * Added `req.path` 3010 * Added `req.ips` 3011 * Added `req.fresh` 3012 * Added `req.stale` 3013 * Added comma-delimited / array support for `req.accepts()` 3014 * Added debug instrumentation 3015 * Added `res.set(obj)` 3016 * Added `res.set(field, value)` 3017 * Added `res.get(field)` 3018 * Added `app.get(setting)`. Closes #842 3019 * Added `req.acceptsLanguage()` 3020 * Added `req.acceptsCharset()` 3021 * Added `req.accepted` 3022 * Added `req.acceptedLanguages` 3023 * Added `req.acceptedCharsets` 3024 * Added "json replacer" setting 3025 * Added "json spaces" setting 3026 * Added X-Forwarded-Proto support to `res.redirect()`. Closes #92 3027 * Added `--less` support to express(1) 3028 * Added `express.response` prototype 3029 * Added `express.request` prototype 3030 * Added `express.application` prototype 3031 * Added `app.path()` 3032 * Added `app.render()` 3033 * Added `res.type()` to replace `res.contentType()` 3034 * Changed: `res.redirect()` to add relative support 3035 * Changed: enable "jsonp callback" by default 3036 * Changed: renamed "case sensitive routes" to "case sensitive routing" 3037 * Rewrite of all tests with mocha 3038 * Removed "root" setting 3039 * Removed `res.redirect('home')` support 3040 * Removed `req.notify()` 3041 * Removed `app.register()` 3042 * Removed `app.redirect()` 3043 * Removed `app.is()` 3044 * Removed `app.helpers()` 3045 * Removed `app.dynamicHelpers()` 3046 * Fixed `res.sendfile()` with non-GET. Closes #723 3047 * Fixed express(1) public dir for windows. Closes #866 3048 3049 2.5.9/ 2012-04-02 3050 ================== 3051 3052 * Added support for PURGE request method [pbuyle] 3053 * Fixed `express(1)` generated app `app.address()` before `listening` [mmalecki] 3054 3055 2.5.8 / 2012-02-08 3056 ================== 3057 3058 * Update mkdirp dep. Closes #991 3059 3060 2.5.7 / 2012-02-06 3061 ================== 3062 3063 * Fixed `app.all` duplicate DELETE requests [mscdex] 3064 3065 2.5.6 / 2012-01-13 3066 ================== 3067 3068 * Updated hamljs dev dep. Closes #953 3069 3070 2.5.5 / 2012-01-08 3071 ================== 3072 3073 * Fixed: set `filename` on cached templates [matthewleon] 3074 3075 2.5.4 / 2012-01-02 3076 ================== 3077 3078 * Fixed `express(1)` eol on 0.4.x. Closes #947 3079 3080 2.5.3 / 2011-12-30 3081 ================== 3082 3083 * Fixed `req.is()` when a charset is present 3084 3085 2.5.2 / 2011-12-10 3086 ================== 3087 3088 * Fixed: express(1) LF -> CRLF for windows 3089 3090 2.5.1 / 2011-11-17 3091 ================== 3092 3093 * Changed: updated connect to 1.8.x 3094 * Removed sass.js support from express(1) 3095 3096 2.5.0 / 2011-10-24 3097 ================== 3098 3099 * Added ./routes dir for generated app by default 3100 * Added npm install reminder to express(1) app gen 3101 * Added 0.5.x support 3102 * Removed `make test-cov` since it wont work with node 0.5.x 3103 * Fixed express(1) public dir for windows. Closes #866 3104 3105 2.4.7 / 2011-10-05 3106 ================== 3107 3108 * Added mkdirp to express(1). Closes #795 3109 * Added simple _json-config_ example 3110 * Added shorthand for the parsed request's pathname via `req.path` 3111 * Changed connect dep to 1.7.x to fix npm issue... 3112 * Fixed `res.redirect()` __HEAD__ support. [reported by xerox] 3113 * Fixed `req.flash()`, only escape args 3114 * Fixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie] 3115 3116 2.4.6 / 2011-08-22 3117 ================== 3118 3119 * Fixed multiple param callback regression. Closes #824 [reported by TroyGoode] 3120 3121 2.4.5 / 2011-08-19 3122 ================== 3123 3124 * Added support for routes to handle errors. Closes #809 3125 * Added `app.routes.all()`. Closes #803 3126 * Added "basepath" setting to work in conjunction with reverse proxies etc. 3127 * Refactored `Route` to use a single array of callbacks 3128 * Added support for multiple callbacks for `app.param()`. Closes #801 3129 Closes #805 3130 * Changed: removed .call(self) for route callbacks 3131 * Dependency: `qs >= 0.3.1` 3132 * Fixed `res.redirect()` on windows due to `join()` usage. Closes #808 3133 3134 2.4.4 / 2011-08-05 3135 ================== 3136 3137 * Fixed `res.header()` intention of a set, even when `undefined` 3138 * Fixed `*`, value no longer required 3139 * Fixed `res.send(204)` support. Closes #771 3140 3141 2.4.3 / 2011-07-14 3142 ================== 3143 3144 * Added docs for `status` option special-case. Closes #739 3145 * Fixed `options.filename`, exposing the view path to template engines 3146 3147 2.4.2. / 2011-07-06 3148 ================== 3149 3150 * Revert "removed jsonp stripping" for XSS 3151 3152 2.4.1 / 2011-07-06 3153 ================== 3154 3155 * Added `res.json()` JSONP support. Closes #737 3156 * Added _extending-templates_ example. Closes #730 3157 * Added "strict routing" setting for trailing slashes 3158 * Added support for multiple envs in `app.configure()` calls. Closes #735 3159 * Changed: `res.send()` using `res.json()` 3160 * Changed: when cookie `path === null` don't default it 3161 * Changed; default cookie path to "home" setting. Closes #731 3162 * Removed _pids/logs_ creation from express(1) 3163 3164 2.4.0 / 2011-06-28 3165 ================== 3166 3167 * Added chainable `res.status(code)` 3168 * Added `res.json()`, an explicit version of `res.send(obj)` 3169 * Added simple web-service example 3170 3171 2.3.12 / 2011-06-22 3172 ================== 3173 3174 * \#express is now on freenode! come join! 3175 * Added `req.get(field, param)` 3176 * Added links to Japanese documentation, thanks @hideyukisaito! 3177 * Added; the `express(1)` generated app outputs the env 3178 * Added `content-negotiation` example 3179 * Dependency: connect >= 1.5.1 < 2.0.0 3180 * Fixed view layout bug. Closes #720 3181 * Fixed; ignore body on 304. Closes #701 3182 3183 2.3.11 / 2011-06-04 3184 ================== 3185 3186 * Added `npm test` 3187 * Removed generation of dummy test file from `express(1)` 3188 * Fixed; `express(1)` adds express as a dep 3189 * Fixed; prune on `prepublish` 3190 3191 2.3.10 / 2011-05-27 3192 ================== 3193 3194 * Added `req.route`, exposing the current route 3195 * Added _package.json_ generation support to `express(1)` 3196 * Fixed call to `app.param()` function for optional params. Closes #682 3197 3198 2.3.9 / 2011-05-25 3199 ================== 3200 3201 * Fixed bug-ish with `../' in `res.partial()` calls 3202 3203 2.3.8 / 2011-05-24 3204 ================== 3205 3206 * Fixed `app.options()` 3207 3208 2.3.7 / 2011-05-23 3209 ================== 3210 3211 * Added route `Collection`, ex: `app.get('/user/:id').remove();` 3212 * Added support for `app.param(fn)` to define param logic 3213 * Removed `app.param()` support for callback with return value 3214 * Removed module.parent check from express(1) generated app. Closes #670 3215 * Refactored router. Closes #639 3216 3217 2.3.6 / 2011-05-20 3218 ================== 3219 3220 * Changed; using devDependencies instead of git submodules 3221 * Fixed redis session example 3222 * Fixed markdown example 3223 * Fixed view caching, should not be enabled in development 3224 3225 2.3.5 / 2011-05-20 3226 ================== 3227 3228 * Added export `.view` as alias for `.View` 3229 3230 2.3.4 / 2011-05-08 3231 ================== 3232 3233 * Added `./examples/say` 3234 * Fixed `res.sendfile()` bug preventing the transfer of files with spaces 3235 3236 2.3.3 / 2011-05-03 3237 ================== 3238 3239 * Added "case sensitive routes" option. 3240 * Changed; split methods supported per rfc [slaskis] 3241 * Fixed route-specific middleware when using the same callback function several times 3242 3243 2.3.2 / 2011-04-27 3244 ================== 3245 3246 * Fixed view hints 3247 3248 2.3.1 / 2011-04-26 3249 ================== 3250 3251 * Added `app.match()` as `app.match.all()` 3252 * Added `app.lookup()` as `app.lookup.all()` 3253 * Added `app.remove()` for `app.remove.all()` 3254 * Added `app.remove.VERB()` 3255 * Fixed template caching collision issue. Closes #644 3256 * Moved router over from connect and started refactor 3257 3258 2.3.0 / 2011-04-25 3259 ================== 3260 3261 * Added options support to `res.clearCookie()` 3262 * Added `res.helpers()` as alias of `res.locals()` 3263 * Added; json defaults to UTF-8 with `res.send()`. Closes #632. [Daniel * Dependency `connect >= 1.4.0` 3264 * Changed; auto set Content-Type in res.attachement [Aaron Heckmann] 3265 * Renamed "cache views" to "view cache". Closes #628 3266 * Fixed caching of views when using several apps. Closes #637 3267 * Fixed gotcha invoking `app.param()` callbacks once per route middleware. 3268 Closes #638 3269 * Fixed partial lookup precedence. Closes #631 3270 Shaw] 3271 3272 2.2.2 / 2011-04-12 3273 ================== 3274 3275 * Added second callback support for `res.download()` connection errors 3276 * Fixed `filename` option passing to template engine 3277 3278 2.2.1 / 2011-04-04 3279 ================== 3280 3281 * Added `layout(path)` helper to change the layout within a view. Closes #610 3282 * Fixed `partial()` collection object support. 3283 Previously only anything with `.length` would work. 3284 When `.length` is present one must still be aware of holes, 3285 however now `{ collection: {foo: 'bar'}}` is valid, exposes 3286 `keyInCollection` and `keysInCollection`. 3287 3288 * Performance improved with better view caching 3289 * Removed `request` and `response` locals 3290 * Changed; errorHandler page title is now `Express` instead of `Connect` 3291 3292 2.2.0 / 2011-03-30 3293 ================== 3294 3295 * Added `app.lookup.VERB()`, ex `app.lookup.put('/user/:id')`. Closes #606 3296 * Added `app.match.VERB()`, ex `app.match.put('/user/12')`. Closes #606 3297 * Added `app.VERB(path)` as alias of `app.lookup.VERB()`. 3298 * Dependency `connect >= 1.2.0` 3299 3300 2.1.1 / 2011-03-29 3301 ================== 3302 3303 * Added; expose `err.view` object when failing to locate a view 3304 * Fixed `res.partial()` call `next(err)` when no callback is given [reported by aheckmann] 3305 * Fixed; `res.send(undefined)` responds with 204 [aheckmann] 3306 3307 2.1.0 / 2011-03-24 3308 ================== 3309 3310 * Added `<root>/_?<name>` partial lookup support. Closes #447 3311 * Added `request`, `response`, and `app` local variables 3312 * Added `settings` local variable, containing the app's settings 3313 * Added `req.flash()` exception if `req.session` is not available 3314 * Added `res.send(bool)` support (json response) 3315 * Fixed stylus example for latest version 3316 * Fixed; wrap try/catch around `res.render()` 3317 3318 2.0.0 / 2011-03-17 3319 ================== 3320 3321 * Fixed up index view path alternative. 3322 * Changed; `res.locals()` without object returns the locals 3323 3324 2.0.0rc3 / 2011-03-17 3325 ================== 3326 3327 * Added `res.locals(obj)` to compliment `res.local(key, val)` 3328 * Added `res.partial()` callback support 3329 * Fixed recursive error reporting issue in `res.render()` 3330 3331 2.0.0rc2 / 2011-03-17 3332 ================== 3333 3334 * Changed; `partial()` "locals" are now optional 3335 * Fixed `SlowBuffer` support. Closes #584 [reported by tyrda01] 3336 * Fixed .filename view engine option [reported by drudge] 3337 * Fixed blog example 3338 * Fixed `{req,res}.app` reference when mounting [Ben Weaver] 3339 3340 2.0.0rc / 2011-03-14 3341 ================== 3342 3343 * Fixed; expose `HTTPSServer` constructor 3344 * Fixed express(1) default test charset. Closes #579 [reported by secoif] 3345 * Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP] 3346 3347 2.0.0beta3 / 2011-03-09 3348 ================== 3349 3350 * Added support for `res.contentType()` literal 3351 The original `res.contentType('.json')`, 3352 `res.contentType('application/json')`, and `res.contentType('json')` 3353 will work now. 3354 * Added `res.render()` status option support back 3355 * Added charset option for `res.render()` 3356 * Added `.charset` support (via connect 1.0.4) 3357 * Added view resolution hints when in development and a lookup fails 3358 * Added layout lookup support relative to the page view. 3359 For example while rendering `./views/user/index.jade` if you create 3360 `./views/user/layout.jade` it will be used in favour of the root layout. 3361 * Fixed `res.redirect()`. RFC states absolute url [reported by unlink] 3362 * Fixed; default `res.send()` string charset to utf8 3363 * Removed `Partial` constructor (not currently used) 3364 3365 2.0.0beta2 / 2011-03-07 3366 ================== 3367 3368 * Added res.render() `.locals` support back to aid in migration process 3369 * Fixed flash example 3370 3371 2.0.0beta / 2011-03-03 3372 ================== 3373 3374 * Added HTTPS support 3375 * Added `res.cookie()` maxAge support 3376 * Added `req.header()` _Referrer_ / _Referer_ special-case, either works 3377 * Added mount support for `res.redirect()`, now respects the mount-point 3378 * Added `union()` util, taking place of `merge(clone())` combo 3379 * Added stylus support to express(1) generated app 3380 * Added secret to session middleware used in examples and generated app 3381 * Added `res.local(name, val)` for progressive view locals 3382 * Added default param support to `req.param(name, default)` 3383 * Added `app.disabled()` and `app.enabled()` 3384 * Added `app.register()` support for omitting leading ".", either works 3385 * Added `res.partial()`, using the same interface as `partial()` within a view. Closes #539 3386 * Added `app.param()` to map route params to async/sync logic 3387 * Added; aliased `app.helpers()` as `app.locals()`. Closes #481 3388 * Added extname with no leading "." support to `res.contentType()` 3389 * Added `cache views` setting, defaulting to enabled in "production" env 3390 * Added index file partial resolution, eg: partial('user') may try _views/user/index.jade_. 3391 * Added `req.accepts()` support for extensions 3392 * Changed; `res.download()` and `res.sendfile()` now utilize Connect's 3393 static file server `connect.static.send()`. 3394 * Changed; replaced `connect.utils.mime()` with npm _mime_ module 3395 * Changed; allow `req.query` to be pre-defined (via middleware or other parent 3396 * Changed view partial resolution, now relative to parent view 3397 * Changed view engine signature. no longer `engine.render(str, options, callback)`, now `engine.compile(str, options) -> Function`, the returned function accepts `fn(locals)`. 3398 * Fixed `req.param()` bug returning Array.prototype methods. Closes #552 3399 * Fixed; using `Stream#pipe()` instead of `sys.pump()` in `res.sendfile()` 3400 * Fixed; using _qs_ module instead of _querystring_ 3401 * Fixed; strip unsafe chars from jsonp callbacks 3402 * Removed "stream threshold" setting 3403 3404 1.0.8 / 2011-03-01 3405 ================== 3406 3407 * Allow `req.query` to be pre-defined (via middleware or other parent app) 3408 * "connect": ">= 0.5.0 < 1.0.0". Closes #547 3409 * Removed the long deprecated __EXPRESS_ENV__ support 3410 3411 1.0.7 / 2011-02-07 3412 ================== 3413 3414 * Fixed `render()` setting inheritance. 3415 Mounted apps would not inherit "view engine" 3416 3417 1.0.6 / 2011-02-07 3418 ================== 3419 3420 * Fixed `view engine` setting bug when period is in dirname 3421 3422 1.0.5 / 2011-02-05 3423 ================== 3424 3425 * Added secret to generated app `session()` call 3426 3427 1.0.4 / 2011-02-05 3428 ================== 3429 3430 * Added `qs` dependency to _package.json_ 3431 * Fixed namespaced `require()`s for latest connect support 3432 3433 1.0.3 / 2011-01-13 3434 ================== 3435 3436 * Remove unsafe characters from JSONP callback names [Ryan Grove] 3437 3438 1.0.2 / 2011-01-10 3439 ================== 3440 3441 * Removed nested require, using `connect.router` 3442 3443 1.0.1 / 2010-12-29 3444 ================== 3445 3446 * Fixed for middleware stacked via `createServer()` 3447 previously the `foo` middleware passed to `createServer(foo)` 3448 would not have access to Express methods such as `res.send()` 3449 or props like `req.query` etc. 3450 3451 1.0.0 / 2010-11-16 3452 ================== 3453 3454 * Added; deduce partial object names from the last segment. 3455 For example by default `partial('forum/post', postObject)` will 3456 give you the _post_ object, providing a meaningful default. 3457 * Added http status code string representation to `res.redirect()` body 3458 * Added; `res.redirect()` supporting _text/plain_ and _text/html_ via __Accept__. 3459 * Added `req.is()` to aid in content negotiation 3460 * Added partial local inheritance [suggested by masylum]. Closes #102 3461 providing access to parent template locals. 3462 * Added _-s, --session[s]_ flag to express(1) to add session related middleware 3463 * Added _--template_ flag to express(1) to specify the 3464 template engine to use. 3465 * Added _--css_ flag to express(1) to specify the 3466 stylesheet engine to use (or just plain css by default). 3467 * Added `app.all()` support [thanks aheckmann] 3468 * Added partial direct object support. 3469 You may now `partial('user', user)` providing the "user" local, 3470 vs previously `partial('user', { object: user })`. 3471 * Added _route-separation_ example since many people question ways 3472 to do this with CommonJS modules. Also view the _blog_ example for 3473 an alternative. 3474 * Performance; caching view path derived partial object names 3475 * Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454 3476 * Fixed jsonp support; _text/javascript_ as per mailinglist discussion 3477 3478 1.0.0rc4 / 2010-10-14 3479 ================== 3480 3481 * Added _NODE_ENV_ support, _EXPRESS_ENV_ is deprecated and will be removed in 1.0.0 3482 * Added route-middleware support (very helpful, see the [docs](http://expressjs.com/guide.html#Route-Middleware)) 3483 * Added _jsonp callback_ setting to enable/disable jsonp autowrapping [Dav Glass] 3484 * Added callback query check on response.send to autowrap JSON objects for simple webservice implementations [Dav Glass] 3485 * Added `partial()` support for array-like collections. Closes #434 3486 * Added support for swappable querystring parsers 3487 * Added session usage docs. Closes #443 3488 * Added dynamic helper caching. Closes #439 [suggested by maritz] 3489 * Added authentication example 3490 * Added basic Range support to `res.sendfile()` (and `res.download()` etc) 3491 * Changed; `express(1)` generated app using 2 spaces instead of 4 3492 * Default env to "development" again [aheckmann] 3493 * Removed _context_ option is no more, use "scope" 3494 * Fixed; exposing _./support_ libs to examples so they can run without installs 3495 * Fixed mvc example 3496 3497 1.0.0rc3 / 2010-09-20 3498 ================== 3499 3500 * Added confirmation for `express(1)` app generation. Closes #391 3501 * Added extending of flash formatters via `app.flashFormatters` 3502 * Added flash formatter support. Closes #411 3503 * Added streaming support to `res.sendfile()` using `sys.pump()` when >= "stream threshold" 3504 * Added _stream threshold_ setting for `res.sendfile()` 3505 * Added `res.send()` __HEAD__ support 3506 * Added `res.clearCookie()` 3507 * Added `res.cookie()` 3508 * Added `res.render()` headers option 3509 * Added `res.redirect()` response bodies 3510 * Added `res.render()` status option support. Closes #425 [thanks aheckmann] 3511 * Fixed `res.sendfile()` responding with 403 on malicious path 3512 * Fixed `res.download()` bug; when an error occurs remove _Content-Disposition_ 3513 * Fixed; mounted apps settings now inherit from parent app [aheckmann] 3514 * Fixed; stripping Content-Length / Content-Type when 204 3515 * Fixed `res.send()` 204. Closes #419 3516 * Fixed multiple _Set-Cookie_ headers via `res.header()`. Closes #402 3517 * Fixed bug messing with error handlers when `listenFD()` is called instead of `listen()`. [thanks guillermo] 3518 3519 3520 1.0.0rc2 / 2010-08-17 3521 ================== 3522 3523 * Added `app.register()` for template engine mapping. Closes #390 3524 * Added `res.render()` callback support as second argument (no options) 3525 * Added callback support to `res.download()` 3526 * Added callback support for `res.sendfile()` 3527 * Added support for middleware access via `express.middlewareName()` vs `connect.middlewareName()` 3528 * Added "partials" setting to docs 3529 * Added default expresso tests to `express(1)` generated app. Closes #384 3530 * Fixed `res.sendfile()` error handling, defer via `next()` 3531 * Fixed `res.render()` callback when a layout is used [thanks guillermo] 3532 * Fixed; `make install` creating ~/.node_libraries when not present 3533 * Fixed issue preventing error handlers from being defined anywhere. Closes #387 3534 3535 1.0.0rc / 2010-07-28 3536 ================== 3537 3538 * Added mounted hook. Closes #369 3539 * Added connect dependency to _package.json_ 3540 3541 * Removed "reload views" setting and support code 3542 development env never caches, production always caches. 3543 3544 * Removed _param_ in route callbacks, signature is now 3545 simply (req, res, next), previously (req, res, params, next). 3546 Use _req.params_ for path captures, _req.query_ for GET params. 3547 3548 * Fixed "home" setting 3549 * Fixed middleware/router precedence issue. Closes #366 3550 * Fixed; _configure()_ callbacks called immediately. Closes #368 3551 3552 1.0.0beta2 / 2010-07-23 3553 ================== 3554 3555 * Added more examples 3556 * Added; exporting `Server` constructor 3557 * Added `Server#helpers()` for view locals 3558 * Added `Server#dynamicHelpers()` for dynamic view locals. Closes #349 3559 * Added support for absolute view paths 3560 * Added; _home_ setting defaults to `Server#route` for mounted apps. Closes #363 3561 * Added Guillermo Rauch to the contributor list 3562 * Added support for "as" for non-collection partials. Closes #341 3563 * Fixed _install.sh_, ensuring _~/.node_libraries_ exists. Closes #362 [thanks jf] 3564 * Fixed `res.render()` exceptions, now passed to `next()` when no callback is given [thanks guillermo] 3565 * Fixed instanceof `Array` checks, now `Array.isArray()` 3566 * Fixed express(1) expansion of public dirs. Closes #348 3567 * Fixed middleware precedence. Closes #345 3568 * Fixed view watcher, now async [thanks aheckmann] 3569 3570 1.0.0beta / 2010-07-15 3571 ================== 3572 3573 * Re-write 3574 - much faster 3575 - much lighter 3576 - Check [ExpressJS.com](http://expressjs.com) for migration guide and updated docs 3577 3578 0.14.0 / 2010-06-15 3579 ================== 3580 3581 * Utilize relative requires 3582 * Added Static bufferSize option [aheckmann] 3583 * Fixed caching of view and partial subdirectories [aheckmann] 3584 * Fixed mime.type() comments now that ".ext" is not supported 3585 * Updated haml submodule 3586 * Updated class submodule 3587 * Removed bin/express 3588 3589 0.13.0 / 2010-06-01 3590 ================== 3591 3592 * Added node v0.1.97 compatibility 3593 * Added support for deleting cookies via Request#cookie('key', null) 3594 * Updated haml submodule 3595 * Fixed not-found page, now using charset utf-8 3596 * Fixed show-exceptions page, now using charset utf-8 3597 * Fixed view support due to fs.readFile Buffers 3598 * Changed; mime.type() no longer accepts ".type" due to node extname() changes 3599 3600 0.12.0 / 2010-05-22 3601 ================== 3602 3603 * Added node v0.1.96 compatibility 3604 * Added view `helpers` export which act as additional local variables 3605 * Updated haml submodule 3606 * Changed ETag; removed inode, modified time only 3607 * Fixed LF to CRLF for setting multiple cookies 3608 * Fixed cookie compilation; values are now urlencoded 3609 * Fixed cookies parsing; accepts quoted values and url escaped cookies 3610 3611 0.11.0 / 2010-05-06 3612 ================== 3613 3614 * Added support for layouts using different engines 3615 - this.render('page.html.haml', { layout: 'super-cool-layout.html.ejs' }) 3616 - this.render('page.html.haml', { layout: 'foo' }) // assumes 'foo.html.haml' 3617 - this.render('page.html.haml', { layout: false }) // no layout 3618 * Updated ext submodule 3619 * Updated haml submodule 3620 * Fixed EJS partial support by passing along the context. Issue #307 3621 3622 0.10.1 / 2010-05-03 3623 ================== 3624 3625 * Fixed binary uploads. 3626 3627 0.10.0 / 2010-04-30 3628 ================== 3629 3630 * Added charset support via Request#charset (automatically assigned to 'UTF-8' when respond()'s 3631 encoding is set to 'utf8' or 'utf-8'). 3632 * Added "encoding" option to Request#render(). Closes #299 3633 * Added "dump exceptions" setting, which is enabled by default. 3634 * Added simple ejs template engine support 3635 * Added error response support for text/plain, application/json. Closes #297 3636 * Added callback function param to Request#error() 3637 * Added Request#sendHead() 3638 * Added Request#stream() 3639 * Added support for Request#respond(304, null) for empty response bodies 3640 * Added ETag support to Request#sendfile() 3641 * Added options to Request#sendfile(), passed to fs.createReadStream() 3642 * Added filename arg to Request#download() 3643 * Performance enhanced due to pre-reversing plugins so that plugins.reverse() is not called on each request 3644 * Performance enhanced by preventing several calls to toLowerCase() in Router#match() 3645 * Changed; Request#sendfile() now streams 3646 * Changed; Renamed Request#halt() to Request#respond(). Closes #289 3647 * Changed; Using sys.inspect() instead of JSON.encode() for error output 3648 * Changed; run() returns the http.Server instance. Closes #298 3649 * Changed; Defaulting Server#host to null (INADDR_ANY) 3650 * Changed; Logger "common" format scale of 0.4f 3651 * Removed Logger "request" format 3652 * Fixed; Catching ENOENT in view caching, preventing error when "views/partials" is not found 3653 * Fixed several issues with http client 3654 * Fixed Logger Content-Length output 3655 * Fixed bug preventing Opera from retaining the generated session id. Closes #292 3656 3657 0.9.0 / 2010-04-14 3658 ================== 3659 3660 * Added DSL level error() route support 3661 * Added DSL level notFound() route support 3662 * Added Request#error() 3663 * Added Request#notFound() 3664 * Added Request#render() callback function. Closes #258 3665 * Added "max upload size" setting 3666 * Added "magic" variables to collection partials (\_\_index\_\_, \_\_length\_\_, \_\_isFirst\_\_, \_\_isLast\_\_). Closes #254 3667 * Added [haml.js](http://github.com/visionmedia/haml.js) submodule; removed haml-js 3668 * Added callback function support to Request#halt() as 3rd/4th arg 3669 * Added preprocessing of route param wildcards using param(). Closes #251 3670 * Added view partial support (with collections etc.) 3671 * Fixed bug preventing falsey params (such as ?page=0). Closes #286 3672 * Fixed setting of multiple cookies. Closes #199 3673 * Changed; view naming convention is now NAME.TYPE.ENGINE (for example page.html.haml) 3674 * Changed; session cookie is now httpOnly 3675 * Changed; Request is no longer global 3676 * Changed; Event is no longer global 3677 * Changed; "sys" module is no longer global 3678 * Changed; moved Request#download to Static plugin where it belongs 3679 * Changed; Request instance created before body parsing. Closes #262 3680 * Changed; Pre-caching views in memory when "cache view contents" is enabled. Closes #253 3681 * Changed; Pre-caching view partials in memory when "cache view partials" is enabled 3682 * Updated support to node --version 0.1.90 3683 * Updated dependencies 3684 * Removed set("session cookie") in favour of use(Session, { cookie: { ... }}) 3685 * Removed utils.mixin(); use Object#mergeDeep() 3686 3687 0.8.0 / 2010-03-19 3688 ================== 3689 3690 * Added coffeescript example app. Closes #242 3691 * Changed; cache api now async friendly. Closes #240 3692 * Removed deprecated 'express/static' support. Use 'express/plugins/static' 3693 3694 0.7.6 / 2010-03-19 3695 ================== 3696 3697 * Added Request#isXHR. Closes #229 3698 * Added `make install` (for the executable) 3699 * Added `express` executable for setting up simple app templates 3700 * Added "GET /public/*" to Static plugin, defaulting to <root>/public 3701 * Added Static plugin 3702 * Fixed; Request#render() only calls cache.get() once 3703 * Fixed; Namespacing View caches with "view:" 3704 * Fixed; Namespacing Static caches with "static:" 3705 * Fixed; Both example apps now use the Static plugin 3706 * Fixed set("views"). Closes #239 3707 * Fixed missing space for combined log format 3708 * Deprecated Request#sendfile() and 'express/static' 3709 * Removed Server#running 3710 3711 0.7.5 / 2010-03-16 3712 ================== 3713 3714 * Added Request#flash() support without args, now returns all flashes 3715 * Updated ext submodule 3716 3717 0.7.4 / 2010-03-16 3718 ================== 3719 3720 * Fixed session reaper 3721 * Changed; class.js replacing js-oo Class implementation (quite a bit faster, no browser cruft) 3722 3723 0.7.3 / 2010-03-16 3724 ================== 3725 3726 * Added package.json 3727 * Fixed requiring of haml / sass due to kiwi removal 3728 3729 0.7.2 / 2010-03-16 3730 ================== 3731 3732 * Fixed GIT submodules (HAH!) 3733 3734 0.7.1 / 2010-03-16 3735 ================== 3736 3737 * Changed; Express now using submodules again until a PM is adopted 3738 * Changed; chat example using millisecond conversions from ext 3739 3740 0.7.0 / 2010-03-15 3741 ================== 3742 3743 * Added Request#pass() support (finds the next matching route, or the given path) 3744 * Added Logger plugin (default "common" format replaces CommonLogger) 3745 * Removed Profiler plugin 3746 * Removed CommonLogger plugin 3747 3748 0.6.0 / 2010-03-11 3749 ================== 3750 3751 * Added seed.yml for kiwi package management support 3752 * Added HTTP client query string support when method is GET. Closes #205 3753 3754 * Added support for arbitrary view engines. 3755 For example "foo.engine.html" will now require('engine'), 3756 the exports from this module are cached after the first require(). 3757 3758 * Added async plugin support 3759 3760 * Removed usage of RESTful route funcs as http client 3761 get() etc, use http.get() and friends 3762 3763 * Removed custom exceptions 3764 3765 0.5.0 / 2010-03-10 3766 ================== 3767 3768 * Added ext dependency (library of js extensions) 3769 * Removed extname() / basename() utils. Use path module 3770 * Removed toArray() util. Use arguments.values 3771 * Removed escapeRegexp() util. Use RegExp.escape() 3772 * Removed process.mixin() dependency. Use utils.mixin() 3773 * Removed Collection 3774 * Removed ElementCollection 3775 * Shameless self promotion of ebook "Advanced JavaScript" (http://dev-mag.com) ;) 3776 3777 0.4.0 / 2010-02-11 3778 ================== 3779 3780 * Added flash() example to sample upload app 3781 * Added high level restful http client module (express/http) 3782 * Changed; RESTful route functions double as HTTP clients. Closes #69 3783 * Changed; throwing error when routes are added at runtime 3784 * Changed; defaulting render() context to the current Request. Closes #197 3785 * Updated haml submodule 3786 3787 0.3.0 / 2010-02-11 3788 ================== 3789 3790 * Updated haml / sass submodules. Closes #200 3791 * Added flash message support. Closes #64 3792 * Added accepts() now allows multiple args. fixes #117 3793 * Added support for plugins to halt. Closes #189 3794 * Added alternate layout support. Closes #119 3795 * Removed Route#run(). Closes #188 3796 * Fixed broken specs due to use(Cookie) missing 3797 3798 0.2.1 / 2010-02-05 3799 ================== 3800 3801 * Added "plot" format option for Profiler (for gnuplot processing) 3802 * Added request number to Profiler plugin 3803 * Fixed binary encoding for multipart file uploads, was previously defaulting to UTF8 3804 * Fixed issue with routes not firing when not files are present. Closes #184 3805 * Fixed process.Promise -> events.Promise 3806 3807 0.2.0 / 2010-02-03 3808 ================== 3809 3810 * Added parseParam() support for name[] etc. (allows for file inputs with "multiple" attr) Closes #180 3811 * Added Both Cache and Session option "reapInterval" may be "reapEvery". Closes #174 3812 * Added expiration support to cache api with reaper. Closes #133 3813 * Added cache Store.Memory#reap() 3814 * Added Cache; cache api now uses first class Cache instances 3815 * Added abstract session Store. Closes #172 3816 * Changed; cache Memory.Store#get() utilizing Collection 3817 * Renamed MemoryStore -> Store.Memory 3818 * Fixed use() of the same plugin several time will always use latest options. Closes #176 3819 3820 0.1.0 / 2010-02-03 3821 ================== 3822 3823 * Changed; Hooks (before / after) pass request as arg as well as evaluated in their context 3824 * Updated node support to 0.1.27 Closes #169 3825 * Updated dirname(__filename) -> __dirname 3826 * Updated libxmljs support to v0.2.0 3827 * Added session support with memory store / reaping 3828 * Added quick uid() helper 3829 * Added multi-part upload support 3830 * Added Sass.js support / submodule 3831 * Added production env caching view contents and static files 3832 * Added static file caching. Closes #136 3833 * Added cache plugin with memory stores 3834 * Added support to StaticFile so that it works with non-textual files. 3835 * Removed dirname() helper 3836 * Removed several globals (now their modules must be required) 3837 3838 0.0.2 / 2010-01-10 3839 ================== 3840 3841 * Added view benchmarks; currently haml vs ejs 3842 * Added Request#attachment() specs. Closes #116 3843 * Added use of node's parseQuery() util. Closes #123 3844 * Added `make init` for submodules 3845 * Updated Haml 3846 * Updated sample chat app to show messages on load 3847 * Updated libxmljs parseString -> parseHtmlString 3848 * Fixed `make init` to work with older versions of git 3849 * Fixed specs can now run independent specs for those who can't build deps. Closes #127 3850 * Fixed issues introduced by the node url module changes. Closes 126. 3851 * Fixed two assertions failing due to Collection#keys() returning strings 3852 * Fixed faulty Collection#toArray() spec due to keys() returning strings 3853 * Fixed `make test` now builds libxmljs.node before testing 3854 3855 0.0.1 / 2010-01-03 3856 ================== 3857 3858 * Initial release