You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

451 lines
9.8 KiB

4 years ago
  1. 1.14.1 / 2019-05-10
  2. ===================
  3. * Set stricter CSP header in redirect response
  4. * deps: send@0.17.1
  5. - deps: range-parser@~1.2.1
  6. 1.14.0 / 2019-05-07
  7. ===================
  8. * deps: parseurl@~1.3.3
  9. * deps: send@0.17.0
  10. - deps: http-errors@~1.7.2
  11. - deps: mime@1.6.0
  12. - deps: ms@2.1.1
  13. - deps: statuses@~1.5.0
  14. - perf: remove redundant `path.normalize` call
  15. 1.13.2 / 2018-02-07
  16. ===================
  17. * Fix incorrect end tag in redirects
  18. * deps: encodeurl@~1.0.2
  19. - Fix encoding `%` as last character
  20. * deps: send@0.16.2
  21. - deps: depd@~1.1.2
  22. - deps: encodeurl@~1.0.2
  23. - deps: statuses@~1.4.0
  24. 1.13.1 / 2017-09-29
  25. ===================
  26. * Fix regression when `root` is incorrectly set to a file
  27. * deps: send@0.16.1
  28. 1.13.0 / 2017-09-27
  29. ===================
  30. * deps: send@0.16.0
  31. - Add 70 new types for file extensions
  32. - Add `immutable` option
  33. - Fix missing `</html>` in default error & redirects
  34. - Set charset as "UTF-8" for .js and .json
  35. - Use instance methods on steam to check for listeners
  36. - deps: mime@1.4.1
  37. - perf: improve path validation speed
  38. 1.12.6 / 2017-09-22
  39. ===================
  40. * deps: send@0.15.6
  41. - deps: debug@2.6.9
  42. - perf: improve `If-Match` token parsing
  43. * perf: improve slash collapsing
  44. 1.12.5 / 2017-09-21
  45. ===================
  46. * deps: parseurl@~1.3.2
  47. - perf: reduce overhead for full URLs
  48. - perf: unroll the "fast-path" `RegExp`
  49. * deps: send@0.15.5
  50. - Fix handling of modified headers with invalid dates
  51. - deps: etag@~1.8.1
  52. - deps: fresh@0.5.2
  53. 1.12.4 / 2017-08-05
  54. ===================
  55. * deps: send@0.15.4
  56. - deps: debug@2.6.8
  57. - deps: depd@~1.1.1
  58. - deps: http-errors@~1.6.2
  59. 1.12.3 / 2017-05-16
  60. ===================
  61. * deps: send@0.15.3
  62. - deps: debug@2.6.7
  63. 1.12.2 / 2017-04-26
  64. ===================
  65. * deps: send@0.15.2
  66. - deps: debug@2.6.4
  67. 1.12.1 / 2017-03-04
  68. ===================
  69. * deps: send@0.15.1
  70. - Fix issue when `Date.parse` does not return `NaN` on invalid date
  71. - Fix strict violation in broken environments
  72. 1.12.0 / 2017-02-25
  73. ===================
  74. * Send complete HTML document in redirect response
  75. * Set default CSP header in redirect response
  76. * deps: send@0.15.0
  77. - Fix false detection of `no-cache` request directive
  78. - Fix incorrect result when `If-None-Match` has both `*` and ETags
  79. - Fix weak `ETag` matching to match spec
  80. - Remove usage of `res._headers` private field
  81. - Support `If-Match` and `If-Unmodified-Since` headers
  82. - Use `res.getHeaderNames()` when available
  83. - Use `res.headersSent` when available
  84. - deps: debug@2.6.1
  85. - deps: etag@~1.8.0
  86. - deps: fresh@0.5.0
  87. - deps: http-errors@~1.6.1
  88. 1.11.2 / 2017-01-23
  89. ===================
  90. * deps: send@0.14.2
  91. - deps: http-errors@~1.5.1
  92. - deps: ms@0.7.2
  93. - deps: statuses@~1.3.1
  94. 1.11.1 / 2016-06-10
  95. ===================
  96. * Fix redirect error when `req.url` contains raw non-URL characters
  97. * deps: send@0.14.1
  98. 1.11.0 / 2016-06-07
  99. ===================
  100. * Use status code 301 for redirects
  101. * deps: send@0.14.0
  102. - Add `acceptRanges` option
  103. - Add `cacheControl` option
  104. - Attempt to combine multiple ranges into single range
  105. - Correctly inherit from `Stream` class
  106. - Fix `Content-Range` header in 416 responses when using `start`/`end` options
  107. - Fix `Content-Range` header missing from default 416 responses
  108. - Ignore non-byte `Range` headers
  109. - deps: http-errors@~1.5.0
  110. - deps: range-parser@~1.2.0
  111. - deps: statuses@~1.3.0
  112. - perf: remove argument reassignment
  113. 1.10.3 / 2016-05-30
  114. ===================
  115. * deps: send@0.13.2
  116. - Fix invalid `Content-Type` header when `send.mime.default_type` unset
  117. 1.10.2 / 2016-01-19
  118. ===================
  119. * deps: parseurl@~1.3.1
  120. - perf: enable strict mode
  121. 1.10.1 / 2016-01-16
  122. ===================
  123. * deps: escape-html@~1.0.3
  124. - perf: enable strict mode
  125. - perf: optimize string replacement
  126. - perf: use faster string coercion
  127. * deps: send@0.13.1
  128. - deps: depd@~1.1.0
  129. - deps: destroy@~1.0.4
  130. - deps: escape-html@~1.0.3
  131. - deps: range-parser@~1.0.3
  132. 1.10.0 / 2015-06-17
  133. ===================
  134. * Add `fallthrough` option
  135. - Allows declaring this middleware is the final destination
  136. - Provides better integration with Express patterns
  137. * Fix reading options from options prototype
  138. * Improve the default redirect response headers
  139. * deps: escape-html@1.0.2
  140. * deps: send@0.13.0
  141. - Allow Node.js HTTP server to set `Date` response header
  142. - Fix incorrectly removing `Content-Location` on 304 response
  143. - Improve the default redirect response headers
  144. - Send appropriate headers on default error response
  145. - Use `http-errors` for standard emitted errors
  146. - Use `statuses` instead of `http` module for status messages
  147. - deps: escape-html@1.0.2
  148. - deps: etag@~1.7.0
  149. - deps: fresh@0.3.0
  150. - deps: on-finished@~2.3.0
  151. - perf: enable strict mode
  152. - perf: remove unnecessary array allocations
  153. * perf: enable strict mode
  154. * perf: remove argument reassignment
  155. 1.9.3 / 2015-05-14
  156. ==================
  157. * deps: send@0.12.3
  158. - deps: debug@~2.2.0
  159. - deps: depd@~1.0.1
  160. - deps: etag@~1.6.0
  161. - deps: ms@0.7.1
  162. - deps: on-finished@~2.2.1
  163. 1.9.2 / 2015-03-14
  164. ==================
  165. * deps: send@0.12.2
  166. - Throw errors early for invalid `extensions` or `index` options
  167. - deps: debug@~2.1.3
  168. 1.9.1 / 2015-02-17
  169. ==================
  170. * deps: send@0.12.1
  171. - Fix regression sending zero-length files
  172. 1.9.0 / 2015-02-16
  173. ==================
  174. * deps: send@0.12.0
  175. - Always read the stat size from the file
  176. - Fix mutating passed-in `options`
  177. - deps: mime@1.3.4
  178. 1.8.1 / 2015-01-20
  179. ==================
  180. * Fix redirect loop in Node.js 0.11.14
  181. * deps: send@0.11.1
  182. - Fix root path disclosure
  183. 1.8.0 / 2015-01-05
  184. ==================
  185. * deps: send@0.11.0
  186. - deps: debug@~2.1.1
  187. - deps: etag@~1.5.1
  188. - deps: ms@0.7.0
  189. - deps: on-finished@~2.2.0
  190. 1.7.2 / 2015-01-02
  191. ==================
  192. * Fix potential open redirect when mounted at root
  193. 1.7.1 / 2014-10-22
  194. ==================
  195. * deps: send@0.10.1
  196. - deps: on-finished@~2.1.1
  197. 1.7.0 / 2014-10-15
  198. ==================
  199. * deps: send@0.10.0
  200. - deps: debug@~2.1.0
  201. - deps: depd@~1.0.0
  202. - deps: etag@~1.5.0
  203. 1.6.5 / 2015-02-04
  204. ==================
  205. * Fix potential open redirect when mounted at root
  206. - Back-ported from v1.7.2
  207. 1.6.4 / 2014-10-08
  208. ==================
  209. * Fix redirect loop when index file serving disabled
  210. 1.6.3 / 2014-09-24
  211. ==================
  212. * deps: send@0.9.3
  213. - deps: etag@~1.4.0
  214. 1.6.2 / 2014-09-15
  215. ==================
  216. * deps: send@0.9.2
  217. - deps: depd@0.4.5
  218. - deps: etag@~1.3.1
  219. - deps: range-parser@~1.0.2
  220. 1.6.1 / 2014-09-07
  221. ==================
  222. * deps: send@0.9.1
  223. - deps: fresh@0.2.4
  224. 1.6.0 / 2014-09-07
  225. ==================
  226. * deps: send@0.9.0
  227. - Add `lastModified` option
  228. - Use `etag` to generate `ETag` header
  229. - deps: debug@~2.0.0
  230. 1.5.4 / 2014-09-04
  231. ==================
  232. * deps: send@0.8.5
  233. - Fix a path traversal issue when using `root`
  234. - Fix malicious path detection for empty string path
  235. 1.5.3 / 2014-08-17
  236. ==================
  237. * deps: send@0.8.3
  238. 1.5.2 / 2014-08-14
  239. ==================
  240. * deps: send@0.8.2
  241. - Work around `fd` leak in Node.js 0.10 for `fs.ReadStream`
  242. 1.5.1 / 2014-08-09
  243. ==================
  244. * Fix parsing of weird `req.originalUrl` values
  245. * deps: parseurl@~1.3.0
  246. * deps: utils-merge@1.0.0
  247. 1.5.0 / 2014-08-05
  248. ==================
  249. * deps: send@0.8.1
  250. - Add `extensions` option
  251. 1.4.4 / 2014-08-04
  252. ==================
  253. * deps: send@0.7.4
  254. - Fix serving index files without root dir
  255. 1.4.3 / 2014-07-29
  256. ==================
  257. * deps: send@0.7.3
  258. - Fix incorrect 403 on Windows and Node.js 0.11
  259. 1.4.2 / 2014-07-27
  260. ==================
  261. * deps: send@0.7.2
  262. - deps: depd@0.4.4
  263. 1.4.1 / 2014-07-26
  264. ==================
  265. * deps: send@0.7.1
  266. - deps: depd@0.4.3
  267. 1.4.0 / 2014-07-21
  268. ==================
  269. * deps: parseurl@~1.2.0
  270. - Cache URLs based on original value
  271. - Remove no-longer-needed URL mis-parse work-around
  272. - Simplify the "fast-path" `RegExp`
  273. * deps: send@0.7.0
  274. - Add `dotfiles` option
  275. - deps: debug@1.0.4
  276. - deps: depd@0.4.2
  277. 1.3.2 / 2014-07-11
  278. ==================
  279. * deps: send@0.6.0
  280. - Cap `maxAge` value to 1 year
  281. - deps: debug@1.0.3
  282. 1.3.1 / 2014-07-09
  283. ==================
  284. * deps: parseurl@~1.1.3
  285. - faster parsing of href-only URLs
  286. 1.3.0 / 2014-06-28
  287. ==================
  288. * Add `setHeaders` option
  289. * Include HTML link in redirect response
  290. * deps: send@0.5.0
  291. - Accept string for `maxAge` (converted by `ms`)
  292. 1.2.3 / 2014-06-11
  293. ==================
  294. * deps: send@0.4.3
  295. - Do not throw un-catchable error on file open race condition
  296. - Use `escape-html` for HTML escaping
  297. - deps: debug@1.0.2
  298. - deps: finished@1.2.2
  299. - deps: fresh@0.2.2
  300. 1.2.2 / 2014-06-09
  301. ==================
  302. * deps: send@0.4.2
  303. - fix "event emitter leak" warnings
  304. - deps: debug@1.0.1
  305. - deps: finished@1.2.1
  306. 1.2.1 / 2014-06-02
  307. ==================
  308. * use `escape-html` for escaping
  309. * deps: send@0.4.1
  310. - Send `max-age` in `Cache-Control` in correct format
  311. 1.2.0 / 2014-05-29
  312. ==================
  313. * deps: send@0.4.0
  314. - Calculate ETag with md5 for reduced collisions
  315. - Fix wrong behavior when index file matches directory
  316. - Ignore stream errors after request ends
  317. - Skip directories in index file search
  318. - deps: debug@0.8.1
  319. 1.1.0 / 2014-04-24
  320. ==================
  321. * Accept options directly to `send` module
  322. * deps: send@0.3.0
  323. 1.0.4 / 2014-04-07
  324. ==================
  325. * Resolve relative paths at middleware setup
  326. * Use parseurl to parse the URL from request
  327. 1.0.3 / 2014-03-20
  328. ==================
  329. * Do not rely on connect-like environments
  330. 1.0.2 / 2014-03-06
  331. ==================
  332. * deps: send@0.2.0
  333. 1.0.1 / 2014-03-05
  334. ==================
  335. * Add mime export for back-compat
  336. 1.0.0 / 2014-03-05
  337. ==================
  338. * Genesis from `connect`