History
4.17.1 / 2019-05-25
Revert "Improve error message for
null
/undefined
tores.status
"
4.17.0 / 2019-05-16
Add
express.raw
to parse bodies intoBuffer
Add
express.text
to parse bodies into stringImprove error message for non-strings to
res.sendFile
Improve error message for
null
/undefined
tores.status
Support multiple hosts in
X-Forwarded-Host
deps: accepts@~1.3.7
deps: body-parser@1.19.0
Add encoding MIK
Add petabyte (
pb
) supportFix parsing array brackets after index
deps: bytes@3.1.0
deps: http-errors@1.7.2
deps: iconv-lite@0.4.24
deps: qs@6.7.0
deps: raw-body@2.4.0
deps: type-is@~1.6.17
deps: content-disposition@0.5.3
deps: cookie@0.4.0
Add
SameSite=None
support
deps: finalhandler@~1.1.2
Set stricter
Content-Security-Policy
headerdeps: parseurl@~1.3.3
deps: statuses@~1.5.0
deps: parseurl@~1.3.3
deps: proxy-addr@~2.0.5
deps: ipaddr.js@1.9.0
deps: qs@6.7.0
Fix parsing array brackets after index
deps: range-parser@~1.2.1
deps: send@0.17.1
Set stricter CSP header in redirect & error responses
deps: http-errors@~1.7.2
deps: mime@1.6.0
deps: ms@2.1.1
deps: range-parser@~1.2.1
deps: statuses@~1.5.0
perf: remove redundant
path.normalize
call
deps: serve-static@1.14.1
Set stricter CSP header in redirect response
deps: parseurl@~1.3.3
deps: send@0.17.1
deps: setprototypeof@1.1.1
deps: statuses@~1.5.0
Add
103 Early Hints
deps: type-is@~1.6.18
deps: mime-types@~2.1.24
perf: prevent internal
throw
on invalid type
4.16.4 / 2018-10-10
Fix issue where
"Request aborted"
may be logged inres.sendfile
Fix JSDoc for
Router
constructordeps: body-parser@1.18.3
Fix deprecation warnings on Node.js 10+
Fix stack trace for strict json parse error
deps: depd@~1.1.2
deps: http-errors@~1.6.3
deps: iconv-lite@0.4.23
deps: qs@6.5.2
deps: raw-body@2.3.3
deps: type-is@~1.6.16
deps: proxy-addr@~2.0.4
deps: ipaddr.js@1.8.0
deps: qs@6.5.2
deps: safe-buffer@5.1.2
4.16.3 / 2018-03-12
deps: accepts@~1.3.5
deps: mime-types@~2.1.18
deps: depd@~1.1.2
perf: remove argument reassignment
deps: encodeurl@~1.0.2
Fix encoding
%
as last character
deps: finalhandler@1.1.1
Fix 404 output for bad / missing pathnames
deps: encodeurl@~1.0.2
deps: statuses@~1.4.0
deps: proxy-addr@~2.0.3
deps: ipaddr.js@1.6.0
deps: send@0.16.2
Fix incorrect end tag in default error & redirects
deps: depd@~1.1.2
deps: encodeurl@~1.0.2
deps: statuses@~1.4.0
deps: serve-static@1.13.2
Fix incorrect end tag in redirects
deps: encodeurl@~1.0.2
deps: send@0.16.2
deps: statuses@~1.4.0
deps: type-is@~1.6.16
deps: mime-types@~2.1.18
4.16.2 / 2017-10-09
Fix
TypeError
inres.send
when givenBuffer
andETag
header setperf: skip parsing of entire
X-Forwarded-Proto
header
4.16.1 / 2017-09-29
deps: send@0.16.1
deps: serve-static@1.13.1
Fix regression when
root
is incorrectly set to a filedeps: send@0.16.1
4.16.0 / 2017-09-28
Add
"json escape"
setting forres.json
andres.jsonp
Add
express.json
andexpress.urlencoded
to parse bodiesAdd
options
argument tores.download
Improve error message when autoloading invalid view engine
Improve error messages when non-function provided as middleware
Skip
Buffer
encoding when not generating ETag for small responseUse
safe-buffer
for improved Buffer APIdeps: accepts@~1.3.4
deps: mime-types@~2.1.16
deps: content-type@~1.0.4
perf: remove argument reassignment
perf: skip parameter parsing when no parameters
deps: etag@~1.8.1
perf: replace regular expression with substring
deps: finalhandler@1.1.0
Use
res.headersSent
when available
deps: parseurl@~1.3.2
perf: reduce overhead for full URLs
perf: unroll the "fast-path"
RegExp
deps: proxy-addr@~2.0.2
Fix trimming leading / trailing OWS in
X-Forwarded-For
deps: forwarded@~0.1.2
deps: ipaddr.js@1.5.2
perf: reduce overhead when no
X-Forwarded-For
header
deps: qs@6.5.1
Fix parsing & compacting very deep objects
deps: send@0.16.0
Add 70 new types for file extensions
Add
immutable
optionFix missing
</html>
in default error & redirectsSet charset as "UTF-8" for .js and .json
Use instance methods on steam to check for listeners
deps: mime@1.4.1
perf: improve path validation speed
deps: serve-static@1.13.0
Add 70 new types for file extensions
Add
immutable
optionSet charset as "UTF-8" for .js and .json
deps: send@0.16.0
deps: setprototypeof@1.1.0
deps: utils-merge@1.0.1
deps: vary@~1.1.2
perf: improve header token parsing speed
perf: re-use options object when generating ETags
perf: remove dead
.charset
set inres.jsonp
4.15.5 / 2017-09-24
deps: debug@2.6.9
deps: finalhandler@~1.0.6
deps: debug@2.6.9
deps: parseurl@~1.3.2
deps: fresh@0.5.2
Fix handling of modified headers with invalid dates
perf: improve ETag match loop
perf: improve
If-None-Match
token parsing
deps: send@0.15.6
Fix handling of modified headers with invalid dates
deps: debug@2.6.9
deps: etag@~1.8.1
deps: fresh@0.5.2
perf: improve
If-Match
token parsing
deps: serve-static@1.12.6
deps: parseurl@~1.3.2
deps: send@0.15.6
perf: improve slash collapsing
4.15.4 / 2017-08-06
deps: debug@2.6.8
deps: depd@~1.1.1
Remove unnecessary
Buffer
loading
deps: finalhandler@~1.0.4
deps: debug@2.6.8
deps: proxy-addr@~1.1.5
Fix array argument being altered
deps: ipaddr.js@1.4.0
deps: qs@6.5.0
deps: send@0.15.4
deps: debug@2.6.8
deps: depd@~1.1.1
deps: http-errors@~1.6.2
deps: serve-static@1.12.4
deps: send@0.15.4
4.15.3 / 2017-05-16
Fix error when
res.set
cannot add charset toContent-Type
deps: debug@2.6.7
Fix
DEBUG_MAX_ARRAY_LENGTH
deps: ms@2.0.0
deps: finalhandler@~1.0.3
Fix missing
</html>
in HTML documentdeps: debug@2.6.7
deps: proxy-addr@~1.1.4
deps: ipaddr.js@1.3.0
deps: send@0.15.3
deps: debug@2.6.7
deps: ms@2.0.0
deps: serve-static@1.12.3
deps: send@0.15.3
deps: type-is@~1.6.15
deps: mime-types@~2.1.15
deps: vary@~1.1.1
perf: hoist regular expression
4.15.2 / 2017-03-06
deps: qs@6.4.0
Fix regression parsing keys starting with
[
4.15.1 / 2017-03-05
deps: send@0.15.1
Fix issue when
Date.parse
does not returnNaN
on invalid dateFix strict violation in broken environments
deps: serve-static@1.12.1
Fix issue when
Date.parse
does not returnNaN
on invalid datedeps: send@0.15.1
4.15.0 / 2017-03-01
Add debug message when loading view engine
Add
next("router")
to exit from routerFix case where
router.use
skipped requests routes did notRemove usage of
res._headers
private fieldImproves compatibility with Node.js 8 nightly
Skip routing when
req.url
is not setUse
%o
in path debug to tell types apartUse
Object.create
to setup request & response prototypesUse
setprototypeof
module to replace__proto__
settingUse
statuses
instead ofhttp
module for status messagesdeps: debug@2.6.1
Allow colors in workers
Deprecated
DEBUG_FD
environment variable set to3
or higherFix error when running under React Native
Use same color for same namespace
deps: ms@0.7.2
deps: etag@~1.8.0
Use SHA1 instead of MD5 for ETag hashing
Works with FIPS 140-2 OpenSSL configuration
deps: finalhandler@~1.0.0
Fix exception when
err
cannot be converted to a stringFully URL-encode the pathname in the 404
Only include the pathname in the 404 message
Send complete HTML document
Set
Content-Security-Policy: default-src 'self'
headerdeps: debug@2.6.1
deps: fresh@0.5.0
Fix false detection of
no-cache
request directiveFix incorrect result when
If-None-Match
has both*
and ETagsFix weak
ETag
matching to match specperf: delay reading header values until needed
perf: enable strict mode
perf: hoist regular expressions
perf: remove duplicate conditional
perf: remove unnecessary boolean coercions
perf: skip checking modified time if ETag check failed
perf: skip parsing
If-None-Match
when noETag
headerperf: use
Date.parse
instead ofnew Date
deps: qs@6.3.1
Fix array parsing from skipping empty values
Fix compacting nested arrays
deps: send@0.15.0
Fix false detection of
no-cache
request directiveFix incorrect result when
If-None-Match
has both*
and ETagsFix weak
ETag
matching to match specRemove usage of
res._headers
private fieldSupport
If-Match
andIf-Unmodified-Since
headersUse
res.getHeaderNames()
when availableUse
res.headersSent
when availabledeps: debug@2.6.1
deps: etag@~1.8.0
deps: fresh@0.5.0
deps: http-errors@~1.6.1
deps: serve-static@1.12.0
Fix false detection of
no-cache
request directiveFix incorrect result when
If-None-Match
has both*
and ETagsFix weak
ETag
matching to match specRemove usage of
res._headers
private fieldSend complete HTML document in redirect response
Set default CSP header in redirect response
Support
If-Match
andIf-Unmodified-Since
headersUse
res.getHeaderNames()
when availableUse
res.headersSent
when availabledeps: send@0.15.0
perf: add fast match path for
*
routeperf: improve
req.ips
performance
4.14.1 / 2017-01-28
deps: content-disposition@0.5.2
deps: finalhandler@0.5.1
Fix exception when
err.headers
is not an objectdeps: statuses@~1.3.1
perf: hoist regular expressions
perf: remove duplicate validation path
deps: proxy-addr@~1.1.3
deps: ipaddr.js@1.2.0
deps: send@0.14.2
deps: http-errors@~1.5.1
deps: ms@0.7.2
deps: statuses@~1.3.1
deps: serve-static@~1.11.2
deps: send@0.14.2
deps: type-is@~1.6.14
deps: mime-types@~2.1.13
4.14.0 / 2016-06-16
Add
acceptRanges
option tores.sendFile
/res.sendfile
Add
cacheControl
option tores.sendFile
/res.sendfile
Add
options
argument toreq.range
Includes the
combine
option
Encode URL in
res.location
/res.redirect
if not already encodedFix some redirect handling in
res.sendFile
/res.sendfile
Fix Windows absolute path check using forward slashes
Improve error with invalid arguments to
req.get()
Improve performance for
res.json
/res.jsonp
in most casesImprove
Range
header handling inres.sendFile
/res.sendfile
deps: accepts@~1.3.3
Fix including type extensions in parameters in
Accept
parsingFix parsing
Accept
parameters with quoted equalsFix parsing
Accept
parameters with quoted semicolonsMany performance improvements
deps: mime-types@~2.1.11
deps: negotiator@0.6.1
deps: content-type@~1.0.2
perf: enable strict mode
deps: cookie@0.3.1
Add
sameSite
optionFix cookie
Max-Age
to never be a floating point numberImprove error message when
encode
is not a functionImprove error message when
expires
is not aDate
Throw better error for invalid argument to parse
Throw on invalid values provided to
serialize
perf: enable strict mode
perf: hoist regular expression
perf: use for loop in parse
perf: use string concatenation for serialization
deps: finalhandler@0.5.0
Change invalid or non-numeric status code to 500
Overwrite status message to match set status code
Prefer
err.statusCode
iferr.status
is invalidSet response headers from
err.headers
objectUse
statuses
instead ofhttp
module for status messages
deps: proxy-addr@~1.1.2
Fix accepting various invalid netmasks
Fix IPv6-mapped IPv4 validation edge cases
IPv4 netmasks must be contiguous
IPv6 addresses cannot be used as a netmask
deps: ipaddr.js@1.1.1
deps: qs@6.2.0
Add
decoder
option inparse
function
deps: range-parser@~1.2.0
Add
combine
option to combine overlapping rangesFix incorrectly returning -1 when there is at least one valid range
perf: remove internal function
deps: send@0.14.1
Add
acceptRanges
optionAdd
cacheControl
optionAttempt to combine multiple ranges into single range
Correctly inherit from
Stream
classFix
Content-Range
header in 416 responses when usingstart
/end
optionsFix
Content-Range
header missing from default 416 responsesFix redirect error when
path
contains raw non-URL charactersFix redirect when
path
starts with multiple forward slashesIgnore non-byte
Range
headersdeps: http-errors@~1.5.0
deps: range-parser@~1.2.0
deps: statuses@~1.3.0
perf: remove argument reassignment
deps: serve-static@~1.11.1
Add
acceptRanges
optionAdd
cacheControl
optionAttempt to combine multiple ranges into single range
Fix redirect error when
req.url
contains raw non-URL charactersIgnore non-byte
Range
headersUse status code 301 for redirects
deps: send@0.14.1
deps: type-is@~1.6.13
Fix type error when given invalid type to match against
deps: mime-types@~2.1.11
deps: vary@~1.1.0
Only accept valid field names in the
field
argument
perf: use strict equality when possible
4.13.4 / 2016-01-21
deps: content-disposition@0.5.1
perf: enable strict mode
deps: cookie@0.1.5
Throw on invalid values provided to
serialize
deps: depd@~1.1.0
Support web browser loading
perf: enable strict mode
deps: escape-html@~1.0.3
perf: enable strict mode
perf: optimize string replacement
perf: use faster string coercion
deps: finalhandler@0.4.1
deps: escape-html@~1.0.3
deps: merge-descriptors@1.0.1
perf: enable strict mode
deps: methods@~1.1.2
perf: enable strict mode
deps: parseurl@~1.3.1
perf: enable strict mode
deps: proxy-addr@~1.0.10
deps: ipaddr.js@1.0.5
perf: enable strict mode
deps: range-parser@~1.0.3
perf: enable strict mode
deps: send@0.13.1
deps: depd@~1.1.0
deps: destroy@~1.0.4
deps: escape-html@~1.0.3
deps: range-parser@~1.0.3
deps: serve-static@~1.10.2
deps: escape-html@~1.0.3
deps: parseurl@~1.3.0
deps: send@0.13.1
4.13.3 / 2015-08-02
Fix infinite loop condition using
mergeParams: true
Fix inner numeric indices incorrectly altering parent
req.params
4.13.2 / 2015-07-31
deps: accepts@~1.2.12
deps: mime-types@~2.1.4
deps: array-flatten@1.1.1
perf: enable strict mode
deps: path-to-regexp@0.1.7
Fix regression with escaped round brackets and matching groups
deps: type-is@~1.6.6
deps: mime-types@~2.1.4
4.13.1 / 2015-07-05
deps: accepts@~1.2.10
deps: mime-types@~2.1.2
deps: qs@4.0.0
Fix dropping parameters like
hasOwnProperty
Fix various parsing edge cases
deps: type-is@~1.6.4
deps: mime-types@~2.1.2
perf: enable strict mode
perf: remove argument reassignment
4.13.0 / 2015-06-20
Add settings to debug output
Fix
res.format
error when onlydefault
providedFix issue where
next('route')
inapp.param
would incorrectly skip valuesFix hiding platform issues with
decodeURIComponent
Only
URIError
s are a 400
Fix using
*
before params in routesFix using capture groups before params in routes
Simplify
res.cookie
to callres.append
Use
array-flatten
module for flattening arraysdeps: accepts@~1.2.9
deps: mime-types@~2.1.1
perf: avoid argument reassignment & argument slice
perf: avoid negotiator recursive construction
perf: enable strict mode
perf: remove unnecessary bitwise operator
deps: cookie@0.1.3
perf: deduce the scope of try-catch deopt
perf: remove argument reassignments
deps: escape-html@1.0.2
deps: etag@~1.7.0
Always include entity length in ETags for hash length extensions
Generate non-Stats ETags using MD5 only (no longer CRC32)
Improve stat performance by removing hashing
Improve support for JXcore
Remove base64 padding in ETags to shorten
Support "fake" stats objects in environments without fs
Use MD5 instead of MD4 in weak ETags over 1KB
deps: finalhandler@0.4.0
Fix a false-positive when unpiping in Node.js 0.8
Support
statusCode
property onError
objectsUse
unpipe
module for unpiping requestsdeps: escape-html@1.0.2
deps: on-finished@~2.3.0
perf: enable strict mode
perf: remove argument reassignment
deps: fresh@0.3.0
Add weak
ETag
matching support
deps: on-finished@~2.3.0
Add defined behavior for HTTP
CONNECT
requestsAdd defined behavior for HTTP
Upgrade
requestsdeps: ee-first@1.1.1
deps: path-to-regexp@0.1.6
deps: send@0.13.0
Allow Node.js HTTP server to set
Date
response headerFix incorrectly removing
Content-Location
on 304 responseImprove the default redirect response headers
Send appropriate headers on default error response
Use
http-errors
for standard emitted errorsUse
statuses
instead ofhttp
module for status messagesdeps: escape-html@1.0.2
deps: etag@~1.7.0
deps: fresh@0.3.0
deps: on-finished@~2.3.0
perf: enable strict mode
perf: remove unnecessary array allocations
deps: serve-static@~1.10.0
Add
fallthrough
optionFix reading options from options prototype
Improve the default redirect response headers
Malformed URLs now
next()
instead of 400deps: escape-html@1.0.2
deps: send@0.13.0
perf: enable strict mode
perf: remove argument reassignment
deps: type-is@~1.6.3
deps: mime-types@~2.1.1
perf: reduce try block size
perf: remove bitwise operations
perf: enable strict mode
perf: isolate
app.render
try blockperf: remove argument reassignments in application
perf: remove argument reassignments in request prototype
perf: remove argument reassignments in response prototype
perf: remove argument reassignments in routing
perf: remove argument reassignments in
View
perf: skip attempting to decode zero length string
perf: use saved reference to
http.STATUS_CODES
4.12.4 / 2015-05-17
deps: accepts@~1.2.7
deps: mime-types@~2.0.11
deps: negotiator@0.5.3
deps: debug@~2.2.0
deps: ms@0.7.1
deps: depd@~1.0.1
deps: etag@~1.6.0
Improve support for JXcore
Support "fake" stats objects in environments without
fs
deps: finalhandler@0.3.6
deps: debug@~2.2.0
deps: on-finished@~2.2.1
deps: on-finished@~2.2.1
Fix
isFinished(req)
when data buffered
deps: proxy-addr@~1.0.8
deps: ipaddr.js@1.0.1
deps: qs@2.4.2
Fix allowing parameters like
constructor
deps: send@0.12.3
deps: debug@~2.2.0
deps: depd@~1.0.1
deps: etag@~1.6.0
deps: ms@0.7.1
deps: on-finished@~2.2.1
deps: serve-static@~1.9.3
deps: send@0.12.3
deps: type-is@~1.6.2
deps: mime-types@~2.0.11
4.12.3 / 2015-03-17
deps: accepts@~1.2.5
deps: mime-types@~2.0.10
deps: debug@~2.1.3
Fix high intensity foreground color for bold
deps: ms@0.7.0
deps: finalhandler@0.3.4
deps: debug@~2.1.3
deps: proxy-addr@~1.0.7
deps: ipaddr.js@0.1.9
deps: qs@2.4.1
Fix error when parameter
hasOwnProperty
is present
deps: send@0.12.2
Throw errors early for invalid
extensions
orindex
optionsdeps: debug@~2.1.3
deps: serve-static@~1.9.2
deps: send@0.12.2
deps: type-is@~1.6.1
deps: mime-types@~2.0.10
4.12.2 / 2015-03-02
Fix regression where
"Request aborted"
is logged usingres.sendFile
4.12.1 / 2015-03-01
Fix constructing application with non-configurable prototype properties
Fix
ECONNRESET
errors fromres.sendFile
usageFix
req.host
when using "trust proxy" hops countFix
req.protocol
/req.secure
when using "trust proxy" hops countFix wrong
code
on aborted connections fromres.sendFile
deps: merge-descriptors@1.0.0
4.12.0 / 2015-02-23
Fix
"trust proxy"
setting to inherit when app is mountedGenerate
ETag
s for all request responsesNo longer restricted to only responses for
GET
andHEAD
requests
Use
content-type
to parseContent-Type
headersdeps: accepts@~1.2.4
Fix preference sorting to be stable for long acceptable lists
deps: mime-types@~2.0.9
deps: negotiator@0.5.1
deps: cookie-signature@1.0.6
deps: send@0.12.1
Always read the stat size from the file
Fix mutating passed-in
options
deps: mime@1.3.4
deps: serve-static@~1.9.1
deps: send@0.12.1
deps: type-is@~1.6.0
fix argument reassignment
fix false-positives in
hasBody
Transfer-Encoding
checksupport wildcard for both type and subtype (
*/*
)deps: mime-types@~2.0.9
4.11.2 / 2015-02-01
Fix
res.redirect
double-callingres.end
forHEAD
requestsdeps: accepts@~1.2.3
deps: mime-types@~2.0.8
deps: proxy-addr@~1.0.6
deps: ipaddr.js@0.1.8
deps: type-is@~1.5.6
deps: mime-types@~2.0.8
4.11.1 / 2015-01-20
deps: send@0.11.1
Fix root path disclosure
deps: serve-static@~1.8.1
Fix redirect loop in Node.js 0.11.14
Fix root path disclosure
deps: send@0.11.1
4.11.0 / 2015-01-13
Add
res.append(field, val)
to append headersDeprecate leading
:
inname
forapp.param(name, fn)
Deprecate
req.param()
-- usereq.params
,req.body
, orreq.query
insteadDeprecate
app.param(fn)
Fix
OPTIONS
responses to include theHEAD
method properlyFix
res.sendFile
not always detecting aborted connectionMatch routes iteratively to prevent stack overflows
deps: accepts@~1.2.2
deps: mime-types@~2.0.7
deps: negotiator@0.5.0
deps: send@0.11.0
deps: debug@~2.1.1
deps: etag@~1.5.1
deps: ms@0.7.0
deps: on-finished@~2.2.0
deps: serve-static@~1.8.0
deps: send@0.11.0
4.10.8 / 2015-01-13
Fix crash from error within
OPTIONS
response handlerdeps: proxy-addr@~1.0.5
deps: ipaddr.js@0.1.6
4.10.7 / 2015-01-04
Fix
Allow
header forOPTIONS
to not contain duplicate methodsFix incorrect "Request aborted" for
res.sendFile
whenHEAD
or 304deps: debug@~2.1.1
deps: finalhandler@0.3.3
deps: debug@~2.1.1
deps: on-finished@~2.2.0
deps: methods@~1.1.1
deps: on-finished@~2.2.0
deps: serve-static@~1.7.2
Fix potential open redirect when mounted at root
deps: type-is@~1.5.5
deps: mime-types@~2.0.7
4.10.6 / 2014-12-12
Fix exception in
req.fresh
/req.stale
without response headers
4.10.5 / 2014-12-10
Fix
res.send
double-callingres.end
forHEAD
requestsdeps: accepts@~1.1.4
deps: mime-types@~2.0.4
deps: type-is@~1.5.4
deps: mime-types@~2.0.4
4.10.4 / 2014-11-24
Fix
res.sendfile
logging standard write errors
4.10.3 / 2014-11-23
Fix
res.sendFile
logging standard write errorsdeps: etag@~1.5.1
deps: proxy-addr@~1.0.4
deps: ipaddr.js@0.1.5
deps: qs@2.3.3
Fix
arrayLimit
behavior
4.10.2 / 2014-11-09
Correctly invoke async router callback asynchronously
deps: accepts@~1.1.3
deps: mime-types@~2.0.3
deps: type-is@~1.5.3
deps: mime-types@~2.0.3
4.10.1 / 2014-10-28
Fix handling of URLs containing
://
in the pathdeps: qs@2.3.2
Fix parsing of mixed objects and values
4.10.0 / 2014-10-23
Add support for
app.set('views', array)
Views are looked up in sequence in array of directories
Fix
res.send(status)
to mentionres.sendStatus(status)
Fix handling of invalid empty URLs
Use
content-disposition
module forres.attachment
/res.download
Sends standards-compliant
Content-Disposition
headerFull Unicode support
Use
path.resolve
in view lookupdeps: debug@~2.1.0
Implement
DEBUG_FD
env variable support
deps: depd@~1.0.0
deps: etag@~1.5.0
Improve string performance
Slightly improve speed for weak ETags over 1KB
deps: finalhandler@0.3.2
Terminate in progress response only on error
Use
on-finished
to determine request statusdeps: debug@~2.1.0
deps: on-finished@~2.1.1
deps: on-finished@~2.1.1
Fix handling of pipelined requests
deps: qs@2.3.0
Fix parsing of mixed implicit and explicit arrays
deps: send@0.10.1
deps: debug@~2.1.0
deps: depd@~1.0.0
deps: etag@~1.5.0
deps: on-finished@~2.1.1
deps: serve-static@~1.7.1
deps: send@0.10.1
4.9.8 / 2014-10-17
Fix
res.redirect
body when redirect status specifieddeps: accepts@~1.1.2
Fix error when media type has invalid parameter
deps: negotiator@0.4.9
4.9.7 / 2014-10-10
Fix using same param name in array of paths
4.9.6 / 2014-10-08
deps: accepts@~1.1.1
deps: mime-types@~2.0.2
deps: negotiator@0.4.8
deps: serve-static@~1.6.4
Fix redirect loop when index file serving disabled
deps: type-is@~1.5.2
deps: mime-types@~2.0.2
4.9.5 / 2014-09-24
deps: etag@~1.4.0
deps: proxy-addr@~1.0.3
Use
forwarded
npm module
deps: send@0.9.3
deps: etag@~1.4.0
deps: serve-static@~1.6.3
deps: send@0.9.3
4.9.4 / 2014-09-19
deps: qs@2.2.4
Fix issue with object keys starting with numbers truncated
4.9.3 / 2014-09-18
deps: proxy-addr@~1.0.2
Fix a global leak when multiple subnets are trusted
deps: ipaddr.js@0.1.3
4.9.2 / 2014-09-17
Fix regression for empty string
path
inapp.use
Fix
router.use
to accept array of middleware without pathImprove error message for bad
app.use
arguments
4.9.1 / 2014-09-16
Fix
app.use
to accept array of middleware without pathdeps: depd@0.4.5
deps: etag@~1.3.1
deps: send@0.9.2
deps: depd@0.4.5
deps: etag@~1.3.1
deps: range-parser@~1.0.2
deps: serve-static@~1.6.2
deps: send@0.9.2
4.9.0 / 2014-09-08
Add
res.sendStatus
Invoke callback for sendfile when client aborts
Applies to
res.sendFile
,res.sendfile
, andres.download
err
will be populated with request aborted error
Support IP address host in
req.subdomains
Use
etag
to generateETag
headersdeps: accepts@~1.1.0
update
mime-types
deps: cookie-signature@1.0.5
deps: debug@~2.0.0
deps: finalhandler@0.2.0
Set
X-Content-Type-Options: nosniff
headerdeps: debug@~2.0.0
deps: fresh@0.2.4
deps: media-typer@0.3.0
Throw error when parameter format invalid on parse
deps: qs@2.2.3
Fix issue where first empty value in array is discarded
deps: range-parser@~1.0.2
deps: send@0.9.1
Add
lastModified
optionUse
etag
to generateETag
headerdeps: debug@~2.0.0
deps: fresh@0.2.4
deps: serve-static@~1.6.1
Add
lastModified
optiondeps: send@0.9.1
deps: type-is@~1.5.1
fix
hasbody
to be true forcontent-length: 0
deps: media-typer@0.3.0
deps: mime-types@~2.0.1
deps: vary@~1.0.0
Accept valid
Vary
header string asfield
4.8.8 / 2014-09-04
deps: send@0.8.5
Fix a path traversal issue when using
root
Fix malicious path detection for empty string path
deps: serve-static@~1.5.4
deps: send@0.8.5
4.8.7 / 2014-08-29
deps: qs@2.2.2
Remove unnecessary cloning
4.8.6 / 2014-08-27
deps: qs@2.2.0
Array parsing fix
Performance improvements
4.8.5 / 2014-08-18
deps: send@0.8.3
deps: destroy@1.0.3
deps: on-finished@2.1.0
deps: serve-static@~1.5.3
deps: send@0.8.3
4.8.4 / 2014-08-14
deps: qs@1.2.2
deps: send@0.8.2
Work around
fd
leak in Node.js 0.10 forfs.ReadStream
deps: serve-static@~1.5.2
deps: send@0.8.2
4.8.3 / 2014-08-10
deps: parseurl@~1.3.0
deps: qs@1.2.1
deps: serve-static@~1.5.1
Fix parsing of weird
req.originalUrl
valuesdeps: parseurl@~1.3.0
deps: utils-merge@1.0.0
4.8.2 / 2014-08-07
deps: qs@1.2.0
Fix parsing array of objects
4.8.1 / 2014-08-06
fix incorrect deprecation warnings on
res.download
deps: qs@1.1.0
Accept urlencoded square brackets
Accept empty values in implicit array notation
4.8.0 / 2014-08-05
add
res.sendFile
accepts a file system path instead of a URL
requires an absolute path or
root
option specified
deprecate
res.sendfile
-- useres.sendFile
insteadsupport mounted app as any argument to
app.use()
deps: qs@1.0.2
Complete rewrite
Limits array length to 20
Limits object depth to 5
Limits parameters to 1,000
deps: send@0.8.1
Add
extensions
option
deps: serve-static@~1.5.0
Add
extensions
optiondeps: send@0.8.1
4.7.4 / 2014-08-04
fix
res.sendfile
regression for serving directory index filesdeps: send@0.7.4
Fix incorrect 403 on Windows and Node.js 0.11
Fix serving index files without root dir
deps: serve-static@~1.4.4
deps: send@0.7.4
4.7.3 / 2014-08-04
deps: send@0.7.3
Fix incorrect 403 on Windows and Node.js 0.11
deps: serve-static@~1.4.3
Fix incorrect 403 on Windows and Node.js 0.11
deps: send@0.7.3
4.7.2 / 2014-07-27
deps: depd@0.4.4
Work-around v8 generating empty stack traces
deps: send@0.7.2
deps: depd@0.4.4
deps: serve-static@~1.4.2
4.7.1 / 2014-07-26
deps: depd@0.4.3
Fix exception when global
Error.stackTraceLimit
is too low
deps: send@0.7.1
deps: depd@0.4.3
deps: serve-static@~1.4.1
4.7.0 / 2014-07-25
fix
req.protocol
for proxy-direct connectionsconfigurable query parser with
app.set('query parser', parser)
app.set('query parser', 'extended')
parse with "qs" moduleapp.set('query parser', 'simple')
parse with "querystring" core moduleapp.set('query parser', false)
disable query string parsingapp.set('query parser', true)
enable simple parsing
deprecate
res.json(status, obj)
-- useres.status(status).json(obj)
insteaddeprecate
res.jsonp(status, obj)
-- useres.status(status).jsonp(obj)
insteaddeprecate
res.send(status, body)
-- useres.status(status).send(body)
insteaddeps: debug@1.0.4
deps: depd@0.4.2
Add
TRACE_DEPRECATION
environment variableRemove non-standard grey color from color output
Support
--no-deprecation
argumentSupport
--trace-deprecation
argument
deps: finalhandler@0.1.0
Respond after request fully read
deps: debug@1.0.4
deps: parseurl@~1.2.0
Cache URLs based on original value
Remove no-longer-needed URL mis-parse work-around
Simplify the "fast-path"
RegExp
deps: send@0.7.0
Add
dotfiles
optionCap
maxAge
value to 1 yeardeps: debug@1.0.4
deps: depd@0.4.2
deps: serve-static@~1.4.0
deps: parseurl@~1.2.0
deps: send@0.7.0
perf: prevent multiple
Buffer
creation inres.send
4.6.1 / 2014-07-12
fix
subapp.mountpath
regression forapp.use(subapp)
4.6.0 / 2014-07-11
accept multiple callbacks to
app.use()
add explicit "Rosetta Flash JSONP abuse" protection
previous versions are not vulnerable; this is just explicit protection
catch errors in multiple
req.param(name, fn)
handlersdeprecate
res.redirect(url, status)
-- useres.redirect(status, url)
insteadfix
res.send(status, num)
to sendnum
as json (not error)remove unnecessary escaping when
res.jsonp
returns JSON responsesupport non-string
path
inapp.use(path, fn)
supports array of paths
supports
RegExp
router: fix optimization on router exit
router: refactor location of
try
blocksrouter: speed up standard
app.use(fn)
deps: debug@1.0.3
Add support for multiple wildcards in namespaces
deps: finalhandler@0.0.3
deps: debug@1.0.3
deps: methods@1.1.0
add
CONNECT
deps: parseurl@~1.1.3
faster parsing of href-only URLs
deps: path-to-regexp@0.1.3
deps: send@0.6.0
deps: debug@1.0.3
deps: serve-static@~1.3.2
deps: parseurl@~1.1.3
deps: send@0.6.0
perf: fix arguments reassign deopt in some
res
methods
4.5.1 / 2014-07-06
fix routing regression when altering
req.method
4.5.0 / 2014-07-04
add deprecation message to non-plural
req.accepts*
add deprecation message to
res.send(body, status)
add deprecation message to
res.vary()
add
headers
option tores.sendfile
use to set headers on successful file transfer
add
mergeParams
option toRouter
merges
req.params
from parent routes
add
req.hostname
-- correct name for whatreq.host
returnsdeprecate things with
depd
moduledeprecate
req.host
-- usereq.hostname
insteadfix behavior when handling request without routes
fix handling when
route.all
is only routeinvoke
router.param()
only when route matchesrestore
req.params
after invoking routeruse
finalhandler
for final response handlinguse
media-typer
to alter content-type charsetdeps: accepts@~1.0.7
deps: send@0.5.0
Accept string for
maxage
(converted byms
)Include link in default redirect response
deps: serve-static@~1.3.0
Accept string for
maxAge
(converted byms
)Add
setHeaders
optionInclude HTML link in redirect response
deps: send@0.5.0
deps: type-is@~1.3.2
4.4.5 / 2014-06-26
deps: cookie-signature@1.0.4
fix for timing attacks
4.4.4 / 2014-06-20
fix
res.attachment
Unicode filenames in Safarifix "trim prefix" debug message in
express:router
deps: accepts@~1.0.5
deps: buffer-crc32@0.2.3
4.4.3 / 2014-06-11
fix persistence of modified
req.params[name]
fromapp.param()
deps: accepts@1.0.3
deps: negotiator@0.4.6
deps: debug@1.0.2
deps: send@0.4.3
Do not throw uncatchable error on file open race condition
Use
escape-html
for HTML escapingdeps: debug@1.0.2
deps: finished@1.2.2
deps: fresh@0.2.2
deps: serve-static@1.2.3
Do not throw uncatchable error on file open race condition
deps: send@0.4.3
4.4.2 / 2014-06-09
fix catching errors from top-level handlers
use
vary
module forres.vary
deps: debug@1.0.1
deps: proxy-addr@1.0.1
deps: send@0.4.2
fix "event emitter leak" warnings
deps: debug@1.0.1
deps: finished@1.2.1
deps: serve-static@1.2.2
fix "event emitter leak" warnings
deps: send@0.4.2
deps: type-is@1.2.1
4.4.1 / 2014-06-02
deps: methods@1.0.1
deps: send@0.4.1
Send
max-age
inCache-Control
in correct format
deps: serve-static@1.2.1
use
escape-html
for escapingdeps: send@0.4.1
4.4.0 / 2014-05-30
custom etag control with
app.set('etag', val)
app.set('etag', function(body, encoding){ return '"etag"' })
custom etag generationapp.set('etag', 'weak')
weak tagapp.set('etag', 'strong')
strong etagapp.set('etag', false)
turn offapp.set('etag', true)
standard etag
mark
res.send
ETag as weak and reduce collisionsupdate accepts to 1.0.2
Fix interpretation when header not in request
update send to 0.4.0
Calculate ETag with md5 for reduced collisions
Ignore stream errors after request ends
deps: debug@0.8.1
update serve-static to 1.2.0
Calculate ETag with md5 for reduced collisions
Ignore stream errors after request ends
deps: send@0.4.0
4.3.2 / 2014-05-28
fix handling of errors from
router.param()
callbacks
4.3.1 / 2014-05-23
revert "fix behavior of multiple
app.VERB
for the same path"this caused a regression in the order of route execution
4.3.0 / 2014-05-21
add
req.baseUrl
to access the path stripped fromreq.url
in routesfix behavior of multiple
app.VERB
for the same pathfix issue routing requests among sub routers
invoke
router.param()
only when necessary instead of every matchproper proxy trust with
app.set('trust proxy', trust)
app.set('trust proxy', 1)
trust first hopapp.set('trust proxy', 'loopback')
trust loopback addressesapp.set('trust proxy', '10.0.0.1')
trust single IPapp.set('trust proxy', '10.0.0.1/16')
trust subnetapp.set('trust proxy', '10.0.0.1, 10.0.0.2')
trust listapp.set('trust proxy', false)
turn offapp.set('trust proxy', true)
trust everything
set proper
charset
inContent-Type
forres.send
update type-is to 1.2.0
support suffix matching
4.2.0 / 2014-05-11
deprecate
app.del()
-- useapp.delete()
insteaddeprecate
res.json(obj, status)
-- useres.json(status, obj)
insteadthe edge-case
res.json(status, num)
requiresres.status(status).json(num)
deprecate
res.jsonp(obj, status)
-- useres.jsonp(status, obj)
insteadthe edge-case
res.jsonp(status, num)
requiresres.status(status).jsonp(num)
fix
req.next
when inside router instanceinclude
ETag
header inHEAD
requestskeep previous
Content-Type
forres.jsonp
support PURGE method
add
app.purge
add
router.purge
include PURGE in
app.all
update debug to 0.8.0
add
enable()
methodchange from stderr to stdout
update methods to 1.0.0
add PURGE
4.1.2 / 2014-05-08
fix
req.host
for IPv6 literalsfix
res.jsonp
error if callback param is object
4.1.1 / 2014-04-27
fix package.json to reflect supported node version
4.1.0 / 2014-04-24
pass options from
res.sendfile
tosend
preserve casing of headers in
res.header
andres.set
support unicode file names in
res.attachment
andres.download
update accepts to 1.0.1
deps: negotiator@0.4.0
update cookie to 0.1.2
Fix for maxAge == 0
made compat with expires field
update send to 0.3.0
Accept API options in options object
Coerce option types
Control whether to generate etags
Default directory access to 403 when index disabled
Fix sending files with dots without root set
Include file path in etag
Make "Can't set headers after they are sent." catchable
Send full entity-body for multi range requests
Set etags to "weak"
Support "If-Range" header
Support multiple index paths
deps: mime@1.2.11
update serve-static to 1.1.0
Accept options directly to
send
moduleResolve relative paths at middleware setup
Use parseurl to parse the URL from request
deps: send@0.3.0
update type-is to 1.1.0
add non-array values support
add
multipart
as a shorthand
4.0.0 / 2014-04-09
remove:
node 0.8 support
connect and connect's patches except for charset handling
express(1) - moved to express-generator
express.createServer()
- it has been deprecated for a long time. Useexpress()
app.configure
- use logic in your own app codeapp.router
- is removedreq.auth
- usebasic-auth
insteadreq.accepted*
- usereq.accepts*()
insteadres.location
- relative URL resolution is removedres.charset
- include the charset in the content type when usingres.set()
all bundled middleware except
static
change:
app.route
->app.mountpath
when mounting an express app in another express appjson spaces
no longer enabled by default in developmentreq.accepts*
->req.accepts*s
- i.e.req.acceptsEncoding
->req.acceptsEncodings
req.params
is now an object instead of an arrayres.locals
is no longer a function. It is a plain js object. Treat it as such.res.headerSent
->res.headersSent
to match node.js ServerResponse object
refactor:
add:
app.router()
- returns the app Router instanceapp.route()
- Proxy to the app'sRouter#route()
method to create a new routeRouter & Route - public API
3.21.2 / 2015-07-31
deps: connect@2.30.2
deps: body-parser@~1.13.3
deps: compression@~1.5.2
deps: errorhandler@~1.4.2
deps: method-override@~2.3.5
deps: serve-index@~1.7.2
deps: type-is@~1.6.6
deps: vhost@~3.0.1
deps: vary@~1.0.1
Fix setting empty header from empty
field
perf: enable strict mode
perf: remove argument reassignments
3.21.1 / 2015-07-05
deps: basic-auth@~1.0.3
deps: connect@2.30.1
deps: body-parser@~1.13.2
deps: compression@~1.5.1
deps: errorhandler@~1.4.1
deps: morgan@~1.6.1
deps: pause@0.1.0
deps: qs@4.0.0
deps: serve-index@~1.7.1
deps: type-is@~1.6.4
3.21.0 / 2015-06-18
deps: basic-auth@1.0.2
perf: enable strict mode
perf: hoist regular expression
perf: parse with regular expressions
perf: remove argument reassignment
deps: connect@2.30.0
deps: body-parser@~1.13.1
deps: bytes@2.1.0
deps: compression@~1.5.0
deps: cookie@0.1.3
deps: cookie-parser@~1.3.5
deps: csurf@~1.8.3
deps: errorhandler@~1.4.0
deps: express-session@~1.11.3
deps: finalhandler@0.4.0
deps: fresh@0.3.0
deps: morgan@~1.6.0
deps: serve-favicon@~2.3.0
deps: serve-index@~1.7.0
deps: serve-static@~1.10.0
deps: type-is@~1.6.3
deps: cookie@0.1.3
perf: deduce the scope of try-catch deopt
perf: remove argument reassignments
deps: escape-html@1.0.2
deps: etag@~1.7.0
Always include entity length in ETags for hash length extensions
Generate non-Stats ETags using MD5 only (no longer CRC32)
Improve stat performance by removing hashing
Improve support for JXcore
Remove base64 padding in ETags to shorten
Support "fake" stats objects in environments without fs
Use MD5 instead of MD4 in weak ETags over 1KB
deps: fresh@0.3.0
Add weak
ETag
matching support
deps: mkdirp@0.5.1
Work in global strict mode
deps: send@0.13.0
Allow Node.js HTTP server to set
Date
response headerFix incorrectly removing
Content-Location
on 304 responseImprove the default redirect response headers
Send appropriate headers on default error response
Use
http-errors
for standard emitted errorsUse
statuses
instead ofhttp
module for status messagesdeps: escape-html@1.0.2
deps: etag@~1.7.0
deps: fresh@0.3.0
deps: on-finished@~2.3.0
perf: enable strict mode
perf: remove unnecessary array allocations
3.20.3 / 2015-05-17
deps: connect@2.29.2
deps: body-parser@~1.12.4
deps: compression@~1.4.4
deps: connect-timeout@~1.6.2
deps: debug@~2.2.0
deps: depd@~1.0.1
deps: errorhandler@~1.3.6
deps: finalhandler@0.3.6
deps: method-override@~2.3.3
deps: morgan@~1.5.3
deps: qs@2.4.2
deps: response-time@~2.3.1
deps: serve-favicon@~2.2.1
deps: serve-index@~1.6.4
deps: serve-static@~1.9.3
deps: type-is@~1.6.2
deps: debug@~2.2.0
deps: ms@0.7.1
deps: depd@~1.0.1
deps: proxy-addr@~1.0.8
deps: ipaddr.js@1.0.1
deps: send@0.12.3
deps: debug@~2.2.0
deps: depd@~1.0.1
deps: etag@~1.6.0
deps: ms@0.7.1
deps: on-finished@~2.2.1
3.20.2 / 2015-03-16
deps: connect@2.29.1
deps: body-parser@~1.12.2
deps: compression@~1.4.3
deps: connect-timeout@~1.6.1
deps: debug@~2.1.3
deps: errorhandler@~1.3.5
deps: express-session@~1.10.4
deps: finalhandler@0.3.4
deps: method-override@~2.3.2
deps: morgan@~1.5.2
deps: qs@2.4.1
deps: serve-index@~1.6.3
deps: serve-static@~1.9.2
deps: type-is@~1.6.1
deps: debug@~2.1.3
Fix high intensity foreground color for bold
deps: ms@0.7.0
deps: merge-descriptors@1.0.0
deps: proxy-addr@~1.0.7
deps: ipaddr.js@0.1.9
deps: send@0.12.2
Throw errors early for invalid
extensions
orindex
optionsdeps: debug@~2.1.3
3.20.1 / 2015-02-28
Fix
req.host
when using "trust proxy" hops countFix
req.protocol
/req.secure
when using "trust proxy" hops count
3.20.0 / 2015-02-18
Fix
"trust proxy"
setting to inherit when app is mountedGenerate
ETag
s for all request responsesNo longer restricted to only responses for
GET
andHEAD
requests
Use
content-type
to parseContent-Type
headersdeps: connect@2.29.0
Use
content-type
to parseContent-Type
headersdeps: body-parser@~1.12.0
deps: compression@~1.4.1
deps: connect-timeout@~1.6.0
deps: cookie-parser@~1.3.4
deps: cookie-signature@1.0.6
deps: csurf@~1.7.0
deps: errorhandler@~1.3.4
deps: express-session@~1.10.3
deps: http-errors@~1.3.1
deps: response-time@~2.3.0
deps: serve-index@~1.6.2
deps: serve-static@~1.9.1
deps: type-is@~1.6.0
deps: cookie-signature@1.0.6
deps: send@0.12.1
Always read the stat size from the file
Fix mutating passed-in
options
deps: mime@1.3.4
3.19.2 / 2015-02-01
deps: connect@2.28.3
deps: compression@~1.3.1
deps: csurf@~1.6.6
deps: errorhandler@~1.3.3
deps: express-session@~1.10.2
deps: serve-index@~1.6.1
deps: type-is@~1.5.6
deps: proxy-addr@~1.0.6
deps: ipaddr.js@0.1.8
3.19.1 / 2015-01-20
deps: connect@2.28.2
deps: body-parser@~1.10.2
deps: serve-static@~1.8.1
deps: send@0.11.1
Fix root path disclosure
3.19.0 / 2015-01-09
Fix
OPTIONS
responses to include theHEAD
method propertyUse
readline
for prompt inexpress(1)
deps: commander@2.6.0
deps: connect@2.28.1
deps: body-parser@~1.10.1
deps: compression@~1.3.0
deps: connect-timeout@~1.5.0
deps: csurf@~1.6.4
deps: debug@~2.1.1
deps: errorhandler@~1.3.2
deps: express-session@~1.10.1
deps: finalhandler@0.3.3
deps: method-override@~2.3.1
deps: morgan@~1.5.1
deps: serve-favicon@~2.2.0
deps: serve-index@~1.6.0
deps: serve-static@~1.8.0
deps: type-is@~1.5.5
deps: debug@~2.1.1
deps: methods@~1.1.1
deps: proxy-addr@~1.0.5
deps: ipaddr.js@0.1.6
deps: send@0.11.0
deps: debug@~2.1.1
deps: etag@~1.5.1
deps: ms@0.7.0
deps: on-finished@~2.2.0
3.18.6 / 2014-12-12
Fix exception in
req.fresh
/req.stale
without response headers
3.18.5 / 2014-12-11
deps: connect@2.27.6
deps: compression@~1.2.2
deps: express-session@~1.9.3
deps: http-errors@~1.2.8
deps: serve-index@~1.5.3
deps: type-is@~1.5.4
3.18.4 / 2014-11-23
deps: connect@2.27.4
deps: body-parser@~1.9.3
deps: compression@~1.2.1
deps: errorhandler@~1.2.3
deps: express-session@~1.9.2
deps: qs@2.3.3
deps: serve-favicon@~2.1.7
deps: serve-static@~1.5.1
deps: type-is@~1.5.3
deps: etag@~1.5.1
deps: proxy-addr@~1.0.4
deps: ipaddr.js@0.1.5
3.18.3 / 2014-11-09
deps: connect@2.27.3
Correctly invoke async callback asynchronously
deps: csurf@~1.6.3
3.18.2 / 2014-10-28
deps: connect@2.27.2
Fix handling of URLs containing
://
in the pathdeps: body-parser@~1.9.2
deps: qs@2.3.2
3.18.1 / 2014-10-22
Fix internal
utils.merge
deprecation warningsdeps: connect@2.27.1
deps: body-parser@~1.9.1
deps: express-session@~1.9.1
deps: finalhandler@0.3.2
deps: morgan@~1.4.1
deps: qs@2.3.0
deps: serve-static@~1.7.1
deps: send@0.10.1
deps: on-finished@~2.1.1
3.18.0 / 2014-10-17
Use
content-disposition
module forres.attachment
/res.download
Sends standards-compliant
Content-Disposition
headerFull Unicode support
Use
etag
module to generateETag
headersdeps: connect@2.27.0
Use
http-errors
module for creating errorsUse
utils-merge
module for merging objectsdeps: body-parser@~1.9.0
deps: compression@~1.2.0
deps: connect-timeout@~1.4.0
deps: debug@~2.1.0
deps: depd@~1.0.0
deps: express-session@~1.9.0
deps: finalhandler@0.3.1
deps: method-override@~2.3.0
deps: morgan@~1.4.0
deps: response-time@~2.2.0
deps: serve-favicon@~2.1.6
deps: serve-index@~1.5.0
deps: serve-static@~1.7.0
deps: debug@~2.1.0
Implement
DEBUG_FD
env variable support
deps: depd@~1.0.0
deps: send@0.10.0
deps: debug@~2.1.0
deps: depd@~1.0.0
deps: etag@~1.5.0
3.17.8 / 2014-10-15
deps: connect@2.26.6
deps: compression@~1.1.2
deps: csurf@~1.6.2
deps: errorhandler@~1.2.2
3.17.7 / 2014-10-08
deps: connect@2.26.5
Fix accepting non-object arguments to
logger
deps: serve-static@~1.6.4
3.17.6 / 2014-10-02
deps: connect@2.26.4
deps: morgan@~1.3.2
deps: type-is@~1.5.2
3.17.5 / 2014-09-24
deps: connect@2.26.3
deps: body-parser@~1.8.4
deps: serve-favicon@~2.1.5
deps: serve-static@~1.6.3
deps: proxy-addr@~1.0.3
Use
forwarded
npm module
deps: send@0.9.3
deps: etag@~1.4.0
3.17.4 / 2014-09-19
deps: connect@2.26.2
deps: body-parser@~1.8.3
deps: qs@2.2.4
3.17.3 / 2014-09-18
deps: proxy-addr@~1.0.2
Fix a global leak when multiple subnets are trusted
deps: ipaddr.js@0.1.3
3.17.2 / 2014-09-15
Use
crc
instead ofbuffer-crc32
for speeddeps: connect@2.26.1
deps: body-parser@~1.8.2
deps: depd@0.4.5
deps: express-session@~1.8.2
deps: morgan@~1.3.1
deps: serve-favicon@~2.1.3
deps: serve-static@~1.6.2
deps: depd@0.4.5
deps: send@0.9.2
deps: depd@0.4.5
deps: etag@~1.3.1
deps: range-parser@~1.0.2
3.17.1 / 2014-09-08
Fix error in
req.subdomains
on empty host
3.17.0 / 2014-09-08
Support
X-Forwarded-Host
inreq.subdomains
Support IP address host in
req.subdomains
deps: connect@2.26.0
deps: body-parser@~1.8.1
deps: compression@~1.1.0
deps: connect-timeout@~1.3.0
deps: cookie-parser@~1.3.3
deps: cookie-signature@1.0.5
deps: csurf@~1.6.1
deps: debug@~2.0.0
deps: errorhandler@~1.2.0
deps: express-session@~1.8.1
deps: finalhandler@0.2.0
deps: fresh@0.2.4
deps: media-typer@0.3.0
deps: method-override@~2.2.0
deps: morgan@~1.3.0
deps: qs@2.2.3
deps: serve-favicon@~2.1.3
deps: serve-index@~1.2.1
deps: serve-static@~1.6.1
deps: type-is@~1.5.1
deps: vhost@~3.0.0
deps: cookie-signature@1.0.5
deps: debug@~2.0.0
deps: fresh@0.2.4
deps: media-typer@0.3.0
Throw error when parameter format invalid on parse
deps: range-parser@~1.0.2
deps: send@0.9.1
Add
lastModified
optionUse
etag
to generateETag
headerdeps: debug@~2.0.0
deps: fresh@0.2.4
deps: vary@~1.0.0
Accept valid
Vary
header string asfield
3.16.10 / 2014-09-04
deps: connect@2.25.10
deps: serve-static@~1.5.4
deps: send@0.8.5
Fix a path traversal issue when using
root
Fix malicious path detection for empty string path
3.16.9 / 2014-08-29
deps: connect@2.25.9
deps: body-parser@~1.6.7
deps: qs@2.2.2
3.16.8 / 2014-08-27
deps: connect@2.25.8
deps: body-parser@~1.6.6
deps: csurf@~1.4.1
deps: qs@2.2.0
3.16.7 / 2014-08-18
deps: connect@2.25.7
deps: body-parser@~1.6.5
deps: express-session@~1.7.6
deps: morgan@~1.2.3
deps: serve-static@~1.5.3
deps: send@0.8.3
deps: destroy@1.0.3
deps: on-finished@2.1.0
3.16.6 / 2014-08-14
deps: connect@2.25.6
deps: body-parser@~1.6.4
deps: qs@1.2.2
deps: serve-static@~1.5.2
deps: send@0.8.2
Work around
fd
leak in Node.js 0.10 forfs.ReadStream
3.16.5 / 2014-08-11
deps: connect@2.25.5
Fix backwards compatibility in
logger
3.16.4 / 2014-08-10
Fix original URL parsing in
res.location
deps: connect@2.25.4
Fix
query
middleware breaking with argumentdeps: body-parser@~1.6.3
deps: compression@~1.0.11
deps: connect-timeout@~1.2.2
deps: express-session@~1.7.5
deps: method-override@~2.1.3
deps: on-headers@~1.0.0
deps: parseurl@~1.3.0
deps: qs@1.2.1
deps: response-time@~2.0.1
deps: serve-index@~1.1.6
deps: serve-static@~1.5.1
deps: parseurl@~1.3.0
3.16.3 / 2014-08-07
deps: connect@2.25.3
deps: multiparty@3.3.2
3.16.2 / 2014-08-07
deps: connect@2.25.2
deps: body-parser@~1.6.2
deps: qs@1.2.0
3.16.1 / 2014-08-06
deps: connect@2.25.1
deps: body-parser@~1.6.1
deps: qs@1.1.0
3.16.0 / 2014-08-05
deps: connect@2.25.0
deps: body-parser@~1.6.0
deps: compression@~1.0.10
deps: csurf@~1.4.0
deps: express-session@~1.7.4
deps: qs@1.0.2
deps: serve-static@~1.5.0
deps: send@0.8.1
Add
extensions
option
3.15.3 / 2014-08-04
fix
res.sendfile
regression for serving directory index filesdeps: connect@2.24.3
deps: serve-index@~1.1.5
deps: serve-static@~1.4.4
deps: send@0.7.4
Fix incorrect 403 on Windows and Node.js 0.11
Fix serving index files without root dir
3.15.2 / 2014-07-27
deps: connect@2.24.2
deps: body-parser@~1.5.2
deps: depd@0.4.4
deps: express-session@~1.7.2
deps: morgan@~1.2.2
deps: serve-static@~1.4.2
deps: depd@0.4.4
Work-around v8 generating empty stack traces
deps: send@0.7.2
deps: depd@0.4.4
3.15.1 / 2014-07-26
deps: connect@2.24.1
deps: body-parser@~1.5.1
deps: depd@0.4.3
deps: express-session@~1.7.1
deps: morgan@~1.2.1
deps: serve-index@~1.1.4
deps: serve-static@~1.4.1
deps: depd@0.4.3
Fix exception when global
Error.stackTraceLimit
is too low
deps: send@0.7.1
deps: depd@0.4.3
3.15.0 / 2014-07-22
Fix
req.protocol
for proxy-direct connectionsPass options from
res.sendfile
tosend
deps: connect@2.24.0
deps: body-parser@~1.5.0
deps: compression@~1.0.9
deps: connect-timeout@~1.2.1
deps: debug@1.0.4
deps: depd@0.4.2
deps: express-session@~1.7.0
deps: finalhandler@0.1.0
deps: method-override@~2.1.2
deps: morgan@~1.2.0
deps: multiparty@3.3.1
deps: parseurl@~1.2.0
deps: serve-static@~1.4.0
deps: debug@1.0.4
deps: depd@0.4.2
Add
TRACE_DEPRECATION
environment variableRemove non-standard grey color from color output
Support
--no-deprecation
argumentSupport
--trace-deprecation
argument
deps: parseurl@~1.2.0
Cache URLs based on original value
Remove no-longer-needed URL mis-parse work-around
Simplify the "fast-path"
RegExp
deps: send@0.7.0
Add
dotfiles
optionCap
maxAge
value to 1 yeardeps: debug@1.0.4
deps: depd@0.4.2
3.14.0 / 2014-07-11
add explicit "Rosetta Flash JSONP abuse" protection
previous versions are not vulnerable; this is just explicit protection
deprecate
res.redirect(url, status)
-- useres.redirect(status, url)
insteadfix
res.send(status, num)
to sendnum
as json (not error)remove unnecessary escaping when
res.jsonp
returns JSON responsedeps: basic-auth@1.0.0
support empty password
support empty username
deps: connect@2.23.0
deps: debug@1.0.3
deps: express-session@~1.6.4
deps: method-override@~2.1.0
deps: parseurl@~1.1.3
deps: serve-static@~1.3.1
deps: debug@1.0.3
Add support for multiple wildcards in namespaces
deps: methods@1.1.0
add
CONNECT
deps: parseurl@~1.1.3
faster parsing of href-only URLs
3.13.0 / 2014-07-03
add deprecation message to
app.configure
add deprecation message to
req.auth
use
basic-auth
to parseAuthorization
headerdeps: connect@2.22.0
deps: csurf@~1.3.0
deps: express-session@~1.6.1
deps: multiparty@3.3.0
deps: serve-static@~1.3.0
deps: send@0.5.0
Accept string for
maxage
(converted byms
)Include link in default redirect response
3.12.1 / 2014-06-26
deps: connect@2.21.1
deps: cookie-parser@1.3.2
deps: cookie-signature@1.0.4
deps: express-session@~1.5.2
deps: type-is@~1.3.2
deps: cookie-signature@1.0.4
fix for timing attacks
3.12.0 / 2014-06-21
use
media-typer
to alter content-type charsetdeps: connect@2.21.0
deprecate
connect(middleware)
-- useapp.use(middleware)
insteaddeprecate
connect.createServer()
-- useconnect()
insteadfix
res.setHeader()
patch to work with with get -> append -> set patterndeps: compression@~1.0.8
deps: errorhandler@~1.1.1
deps: express-session@~1.5.0
deps: serve-index@~1.1.3
3.11.0 / 2014-06-19
deprecate things with
depd
moduledeps: buffer-crc32@0.2.3
deps: connect@2.20.2
deprecate
verify
option tojson
-- usebody-parser
npm module insteaddeprecate
verify
option tourlencoded
-- usebody-parser
npm module insteaddeprecate things with
depd
moduleuse
finalhandler
for final response handlinguse
media-typer
to parsecontent-type
for charsetdeps: body-parser@1.4.3
deps: connect-timeout@1.1.1
deps: cookie-parser@1.3.1
deps: csurf@1.2.2
deps: errorhandler@1.1.0
deps: express-session@1.4.0
deps: multiparty@3.2.9
deps: serve-index@1.1.2
deps: type-is@1.3.1
deps: vhost@2.0.0
3.10.5 / 2014-06-11
deps: connect@2.19.6
deps: body-parser@1.3.1
deps: compression@1.0.7
deps: debug@1.0.2
deps: serve-index@1.1.1
deps: serve-static@1.2.3
deps: debug@1.0.2
deps: send@0.4.3
Do not throw uncatchable error on file open race condition
Use
escape-html
for HTML escapingdeps: debug@1.0.2
deps: finished@1.2.2
deps: fresh@0.2.2
3.10.4 / 2014-06-09
deps: connect@2.19.5
fix "event emitter leak" warnings
deps: csurf@1.2.1
deps: debug@1.0.1
deps: serve-static@1.2.2
deps: type-is@1.2.1
deps: debug@1.0.1
deps: send@0.4.2
fix "event emitter leak" warnings
deps: finished@1.2.1
deps: debug@1.0.1
3.10.3 / 2014-06-05
use
vary
module forres.vary
deps: connect@2.19.4
deps: errorhandler@1.0.2
deps: method-override@2.0.2
deps: serve-favicon@2.0.1
deps: debug@1.0.0
3.10.2 / 2014-06-03
deps: connect@2.19.3
deps: compression@1.0.6
3.10.1 / 2014-06-03
deps: connect@2.19.2
deps: compression@1.0.4
deps: proxy-addr@1.0.1
3.10.0 / 2014-06-02
deps: connect@2.19.1
deprecate
methodOverride()
-- usemethod-override
npm module insteaddeps: body-parser@1.3.0
deps: method-override@2.0.1
deps: multiparty@3.2.8
deps: response-time@2.0.0
deps: serve-static@1.2.1
deps: methods@1.0.1
deps: send@0.4.1
Send
max-age
inCache-Control
in correct format
3.9.0 / 2014-05-30
custom etag control with
app.set('etag', val)
app.set('etag', function(body, encoding){ return '"etag"' })
custom etag generationapp.set('etag', 'weak')
weak tagapp.set('etag', 'strong')
strong etagapp.set('etag', false)
turn offapp.set('etag', true)
standard etag
Include ETag in HEAD requests
mark
res.send
ETag as weak and reduce collisionsupdate connect to 2.18.0
deps: compression@1.0.3
deps: serve-index@1.1.0
deps: serve-static@1.2.0
update send to 0.4.0
Calculate ETag with md5 for reduced collisions
Ignore stream errors after request ends
deps: debug@0.8.1
3.8.1 / 2014-05-27
update connect to 2.17.3
deps: body-parser@1.2.2
deps: express-session@1.2.1
deps: method-override@1.0.2
3.8.0 / 2014-05-21
keep previous
Content-Type
forres.jsonp
set proper
charset
inContent-Type
forres.send
update connect to 2.17.1
fix
res.charset
appending charset whencontent-type
has onedeps: express-session@1.2.0
deps: morgan@1.1.1
deps: serve-index@1.0.3
3.7.0 / 2014-05-18
proper proxy trust with
app.set('trust proxy', trust)
app.set('trust proxy', 1)
trust first hopapp.set('trust proxy', 'loopback')
trust loopback addressesapp.set('trust proxy', '10.0.0.1')
trust single IPapp.set('trust proxy', '10.0.0.1/16')
trust subnetapp.set('trust proxy', '10.0.0.1, 10.0.0.2')
trust listapp.set('trust proxy', false)
turn offapp.set('trust proxy', true)
trust everything
update connect to 2.16.2
deprecate
res.headerSent
-- useres.headersSent
deprecate
res.on("header")
-- use on-headers module insteadfix edge-case in
res.appendHeader
that would append in wrong orderjson: use body-parser
urlencoded: use body-parser
dep: bytes@1.0.0
dep: cookie-parser@1.1.0
dep: csurf@1.2.0
dep: express-session@1.1.0
dep: method-override@1.0.1
3.6.0 / 2014-05-09
deprecate
app.del()
-- useapp.delete()
insteaddeprecate
res.json(obj, status)
-- useres.json(status, obj)
insteadthe edge-case
res.json(status, num)
requiresres.status(status).json(num)
deprecate
res.jsonp(obj, status)
-- useres.jsonp(status, obj)
insteadthe edge-case
res.jsonp(status, num)
requiresres.status(status).jsonp(num)
support PURGE method
add
app.purge
add
router.purge
include PURGE in
app.all
update connect to 2.15.0
Add
res.appendHeader
Call error stack even when response has been sent
Patch
res.headerSent
to return BooleanPatch
res.headersSent
for node.js 0.8Prevent default 404 handler after response sent
dep: compression@1.0.2
dep: connect-timeout@1.1.0
dep: debug@^0.8.0
dep: errorhandler@1.0.1
dep: express-session@1.0.4
dep: morgan@1.0.1
dep: serve-favicon@2.0.0
dep: serve-index@1.0.2
update debug to 0.8.0
add
enable()
methodchange from stderr to stdout
update methods to 1.0.0
add PURGE
update mkdirp to 0.5.0
3.5.3 / 2014-05-08
fix
req.host
for IPv6 literalsfix
res.jsonp
error if callback param is object
3.5.2 / 2014-04-24
update connect to 2.14.5
update cookie to 0.1.2
update mkdirp to 0.4.0
update send to 0.3.0
3.5.1 / 2014-03-25
pin less-middleware in generated app
3.5.0 / 2014-03-06
bump deps
3.4.8 / 2014-01-13
prevent incorrect automatic OPTIONS responses #1868 @dpatti
update binary and examples for jade 1.0 #1876 @yossi, #1877 @reqshark, #1892 @matheusazzi
throw 400 in case of malformed paths @rlidwka
3.4.7 / 2013-12-10
update connect
3.4.6 / 2013-12-01
update connect (raw-body)
3.4.5 / 2013-11-27
update connect
res.location: remove leading ./ #1802 @kapouer
res.redirect: fix `res.redirect('toString') #1829 @michaelficarra
res.send: always send ETag when content-length > 0
router: add Router.all() method
3.4.4 / 2013-10-29
update connect
update supertest
update methods
express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04
3.4.3 / 2013-10-23
update connect
3.4.2 / 2013-10-18
update connect
downgrade commander
3.4.1 / 2013-10-15
update connect
update commander
jsonp: check if callback is a function
router: wrap encodeURIComponent in a try/catch #1735 (@lxe)
res.format: now includes charset @1747 (@sorribas)
res.links: allow multiple calls @1746 (@sorribas)
3.4.0 / 2013-09-07
add res.vary(). Closes #1682
update connect
3.3.8 / 2013-09-02
update connect
3.3.7 / 2013-08-28
update connect
3.3.6 / 2013-08-27
Revert "remove charset from json responses. Closes #1631" (causes issues in some clients)
add: req.accepts take an argument list
3.3.4 / 2013-07-08
update send and connect
3.3.3 / 2013-07-04
update connect
3.3.2 / 2013-07-03
update connect
update send
remove .version export
3.3.1 / 2013-06-27
update connect
3.3.0 / 2013-06-26
update connect
add support for multiple X-Forwarded-Proto values. Closes #1646
change: remove charset from json responses. Closes #1631
change: return actual booleans from req.accept* functions
fix jsonp callback array throw
3.2.6 / 2013-06-02
update connect
3.2.5 / 2013-05-21
update connect
update node-cookie
add: throw a meaningful error when there is no default engine
change generation of ETags with res.send() to GET requests only. Closes #1619
3.2.4 / 2013-05-09
fix
req.subdomains
when no Host is presentfix
req.host
when no Host is present, return undefined
3.2.3 / 2013-05-07
update connect / qs
3.2.2 / 2013-05-03
update qs
3.2.1 / 2013-04-29
add app.VERB() paths array deprecation warning
update connect
update qs and remove all ~ semver crap
fix: accept number as value of Signed Cookie
3.2.0 / 2013-04-15
add "view" constructor setting to override view behaviour
add req.acceptsEncoding(name)
add req.acceptedEncodings
revert cookie signature change causing session race conditions
fix sorting of Accept values of the same quality
3.1.2 / 2013-04-12
add support for custom Accept parameters
update cookie-signature
3.1.1 / 2013-04-01
add X-Forwarded-Host support to
req.host
fix relative redirects
update mkdirp
update buffer-crc32
remove legacy app.configure() method from app template.
3.1.0 / 2013-01-25
add support for leading "." in "view engine" setting
add array support to
res.set()
add node 0.8.x to travis.yml
add "subdomain offset" setting for tweaking
req.subdomains
add
res.location(url)
implementingres.redirect()
-like setting of Locationuse app.get() for x-powered-by setting for inheritance
fix colons in passwords for
req.auth
3.0.6 / 2013-01-04
add http verb methods to Router
update connect
fix mangling of the
res.cookie()
options objectfix jsonp whitespace escape. Closes #1132
3.0.5 / 2012-12-19
add throwing when a non-function is passed to a route
fix: explicitly remove Transfer-Encoding header from 204 and 304 responses
revert "add 'etag' option"
3.0.4 / 2012-12-05
add 'etag' option to disable
res.send()
Etagsadd escaping of urls in text/plain in
res.redirect()
for old browsers interpreting as htmlchange crc32 module for a more liberal license
update connect
3.0.3 / 2012-11-13
update connect
update cookie module
fix cookie max-age
3.0.2 / 2012-11-08
add OPTIONS to cors example. Closes #1398
fix route chaining regression. Closes #1397
3.0.1 / 2012-11-01
update connect
3.0.0 / 2012-10-23
add
make clean
add "Basic" check to req.auth
add
req.auth
test coverageadd cb && cb(payload) to
res.jsonp()
. Closes #1374add backwards compat for
res.redirect()
status. Closes #1336add support for
res.json()
to retain previously defined Content-Types. Closes #1349update connect
change
res.redirect()
to utilize a pathname-relative Location again. Closes #1382remove non-primitive string support for
res.send()
fix view-locals example. Closes #1370
fix route-separation example
3.0.0rc5 / 2012-09-18
update connect
add redis search example
add static-files example
add "x-powered-by" setting (
app.disable('x-powered-by')
)add "application/octet-stream" redirect Accept test case. Closes #1317
3.0.0rc4 / 2012-08-30
add
res.jsonp()
. Closes #1307add "verbose errors" option to error-pages example
add another route example to express(1) so people are not so confused
add redis online user activity tracking example
update connect dep
fix etag quoting. Closes #1310
fix error-pages 404 status
fix jsonp callback char restrictions
remove old OPTIONS default response
3.0.0rc3 / 2012-08-13
update connect dep
fix signed cookies to work with
connect.cookieParser()
("s:" prefix was missing) [tnydwrds]fix
res.render()
clobbering of "locals"
3.0.0rc2 / 2012-08-03
add CORS example
update connect dep
deprecate
.createServer()
& remove old stale examplesfix: escape
res.redirect()
linkfix vhost example
3.0.0rc1 / 2012-07-24
add more examples to view-locals
add scheme-relative redirects (
res.redirect("//foo.com")
) supportupdate cookie dep
update connect dep
update send dep
fix
express(1)
-h flag, use -H for hogan. Closes #1245fix
res.sendfile()
socket error handling regression
3.0.0beta7 / 2012-07-16
update connect dep for
send()
root normalization regression
3.0.0beta6 / 2012-07-13
add
err.view
property for view errors. Closes #1226add "jsonp callback name" setting
add support for "/foo/:bar*" non-greedy matches
change
res.sendfile()
to usesend()
modulechange
res.send
to use "response-send" moduleremove
app.locals.use
andres.locals.use
, use regular middleware
3.0.0beta5 / 2012-07-03
add "make check" support
add route-map example
add
res.json(obj, status)
support back for BCadd "methods" dep, remove internal methods module
update connect dep
update auth example to utilize cores pbkdf2
updated tests to use "supertest"
3.0.0beta4 / 2012-06-25
Added
req.auth
Added
req.range(size)
Added
res.links(obj)
Added
res.send(body, status)
support back for backwards compatAdded
.default()
support tores.format()
Added 2xx / 304 check to
req.fresh
Revert "Added + support to the router"
Fixed
res.send()
freshness check, respect res.statusCode
3.0.0beta3 / 2012-06-15
Added hogan
--hjs
to express(1) [nullfirm]Added another example to content-negotiation
Added
fresh
depChanged:
res.send()
always checks freshnessFixed: expose connects mime module. Closes #1165
3.0.0beta2 / 2012-06-06
Added
+
support to the routerAdded
req.host
Changed
req.param()
to check route firstUpdate connect dep
3.0.0beta1 / 2012-06-01
Added
res.format()
callback to override default 406 behaviourFixed
res.redirect()
406. Closes #1154
3.0.0alpha5 / 2012-05-30
Added
req.ip
Added
{ signed: true }
option tores.cookie()
Removed
res.signedCookie()
Changed: dont reverse
req.ips
Fixed "trust proxy" setting check for
req.ips
3.0.0alpha4 / 2012-05-09
Added: allow
[]
in jsonp callback. Closes #1128Added
PORT
env var support in generated template. Closes #1118 [benatkin]Updated: connect 2.2.2
3.0.0alpha3 / 2012-05-04
Added public
app.routes
. Closes #887Added view-locals example
Added mvc example
Added
res.locals.use()
. Closes #1120Added conditional-GET support to
res.send()
Added: coerce
res.set()
values to stringsChanged: moved
static()
in generated apps below routerChanged:
res.send()
only set ETag when not previously setChanged connect 2.2.1 dep
Changed:
make test
now runs unit / acceptance testsFixed req/res proto inheritance
3.0.0alpha2 / 2012-04-26
Added
make benchmark
backAdded
res.send()
support forString
objectsAdded client-side data exposing example
Added
res.header()
andreq.header()
aliases for BCAdded
express.createServer()
for BCPerf: memoize parsed urls
Perf: connect 2.2.0 dep
Changed: make
expressInit()
middleware self-awareFixed: use app.get() for all core settings
Fixed redis session example
Fixed session example. Closes #1105
Fixed generated express dep. Closes #1078
3.0.0alpha1 / 2012-04-15
Added
app.locals.use(callback)
Added
app.locals
objectAdded
app.locals(obj)
Added
res.locals
objectAdded
res.locals(obj)
Added
res.format()
for content-negotiationAdded
app.engine()
Added
res.cookie()
JSON cookie supportAdded "trust proxy" setting
Added
req.subdomains
Added
req.protocol
Added
req.secure
Added
req.path
Added
req.ips
Added
req.fresh
Added
req.stale
Added comma-delimited / array support for
req.accepts()
Added debug instrumentation
Added
res.set(obj)
Added
res.set(field, value)
Added
res.get(field)
Added
app.get(setting)
. Closes #842Added
req.acceptsLanguage()
Added
req.acceptsCharset()
Added
req.accepted
Added
req.acceptedLanguages
Added
req.acceptedCharsets
Added "json replacer" setting
Added "json spaces" setting
Added X-Forwarded-Proto support to
res.redirect()
. Closes #92Added
--less
support to express(1)Added
express.response
prototypeAdded
express.request
prototypeAdded
express.application
prototypeAdded
app.path()
Added
app.render()
Added
res.type()
to replaceres.contentType()
Changed:
res.redirect()
to add relative supportChanged: enable "jsonp callback" by default
Changed: renamed "case sensitive routes" to "case sensitive routing"
Rewrite of all tests with mocha
Removed "root" setting
Removed
res.redirect('home')
supportRemoved
req.notify()
Removed
app.register()
Removed
app.redirect()
Removed
app.is()
Removed
app.helpers()
Removed
app.dynamicHelpers()
Fixed
res.sendfile()
with non-GET. Closes #723Fixed express(1) public dir for windows. Closes #866
2.5.9/ 2012-04-02
Added support for PURGE request method [pbuyle]
Fixed
express(1)
generated appapp.address()
beforelistening
[mmalecki]
2.5.8 / 2012-02-08
Update mkdirp dep. Closes #991
2.5.7 / 2012-02-06
Fixed
app.all
duplicate DELETE requests [mscdex]
2.5.6 / 2012-01-13
Updated hamljs dev dep. Closes #953
2.5.5 / 2012-01-08
Fixed: set
filename
on cached templates [matthewleon]
2.5.4 / 2012-01-02
Fixed
express(1)
eol on 0.4.x. Closes #947
2.5.3 / 2011-12-30
Fixed
req.is()
when a charset is present
2.5.2 / 2011-12-10
Fixed: express(1) LF -> CRLF for windows
2.5.1 / 2011-11-17
Changed: updated connect to 1.8.x
Removed sass.js support from express(1)
2.5.0 / 2011-10-24
Added ./routes dir for generated app by default
Added npm install reminder to express(1) app gen
Added 0.5.x support
Removed
make test-cov
since it wont work with node 0.5.xFixed express(1) public dir for windows. Closes #866
2.4.7 / 2011-10-05
Added mkdirp to express(1). Closes #795
Added simple json-config example
Added shorthand for the parsed request's pathname via
req.path
Changed connect dep to 1.7.x to fix npm issue...
Fixed
res.redirect()
HEAD support. [reported by xerox]Fixed
req.flash()
, only escape argsFixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie]
2.4.6 / 2011-08-22
Fixed multiple param callback regression. Closes #824 [reported by TroyGoode]
2.4.5 / 2011-08-19
Added support for routes to handle errors. Closes #809
Added
app.routes.all()
. Closes #803Added "basepath" setting to work in conjunction with reverse proxies etc.
Refactored
Route
to use a single array of callbacksAdded support for multiple callbacks for
app.param()
. Closes #801 Closes #805Changed: removed .call(self) for route callbacks
Dependency:
qs >= 0.3.1
Fixed
res.redirect()
on windows due tojoin()
usage. Closes #808
2.4.4 / 2011-08-05
Fixed
res.header()
intention of a set, even whenundefined
Fixed
*
, value no longer requiredFixed
res.send(204)
support. Closes #771
2.4.3 / 2011-07-14
Added docs for
status
option special-case. Closes #739Fixed
options.filename
, exposing the view path to template engines
2.4.2. / 2011-07-06
Revert "removed jsonp stripping" for XSS
2.4.1 / 2011-07-06
Added
res.json()
JSONP support. Closes #737Added extending-templates example. Closes #730
Added "strict routing" setting for trailing slashes
Added support for multiple envs in
app.configure()
calls. Closes #735Changed:
res.send()
usingres.json()
Changed: when cookie
path === null
don't default itChanged; default cookie path to "home" setting. Closes #731
Removed pids/logs creation from express(1)
2.4.0 / 2011-06-28
Added chainable
res.status(code)
Added
res.json()
, an explicit version ofres.send(obj)
Added simple web-service example
2.3.12 / 2011-06-22
#express is now on freenode! come join!
Added
req.get(field, param)
Added links to Japanese documentation, thanks @hideyukisaito!
Added; the
express(1)
generated app outputs the envAdded
content-negotiation
exampleDependency: connect >= 1.5.1 < 2.0.0
Fixed view layout bug. Closes #720
Fixed; ignore body on 304. Closes #701
2.3.11 / 2011-06-04
Added
npm test
Removed generation of dummy test file from
express(1)
Fixed;
express(1)
adds express as a depFixed; prune on
prepublish
2.3.10 / 2011-05-27
Added
req.route
, exposing the current routeAdded package.json generation support to
express(1)
Fixed call to
app.param()
function for optional params. Closes #682
2.3.9 / 2011-05-25
Fixed bug-ish with
../' in
res.partial()` calls
2.3.8 / 2011-05-24
Fixed
app.options()
2.3.7 / 2011-05-23
Added route
Collection
, ex:app.get('/user/:id').remove();
Added support for
app.param(fn)
to define param logicRemoved
app.param()
support for callback with return valueRemoved module.parent check from express(1) generated app. Closes #670
Refactored router. Closes #639
2.3.6 / 2011-05-20
Changed; using devDependencies instead of git submodules
Fixed redis session example
Fixed markdown example
Fixed view caching, should not be enabled in development
2.3.5 / 2011-05-20
Added export
.view
as alias for.View
2.3.4 / 2011-05-08
Added
./examples/say
Fixed
res.sendfile()
bug preventing the transfer of files with spaces
2.3.3 / 2011-05-03
Added "case sensitive routes" option.
Changed; split methods supported per rfc [slaskis]
Fixed route-specific middleware when using the same callback function several times
2.3.2 / 2011-04-27
Fixed view hints
2.3.1 / 2011-04-26
Added
app.match()
asapp.match.all()
Added
app.lookup()
asapp.lookup.all()
Added
app.remove()
forapp.remove.all()
Added
app.remove.VERB()
Fixed template caching collision issue. Closes #644
Moved router over from connect and started refactor
2.3.0 / 2011-04-25
Added options support to
res.clearCookie()
Added
res.helpers()
as alias ofres.locals()
Added; json defaults to UTF-8 with
res.send()
. Closes #632. [Daniel * Dependencyconnect >= 1.4.0
Changed; auto set Content-Type in res.attachement [Aaron Heckmann]
Renamed "cache views" to "view cache". Closes #628
Fixed caching of views when using several apps. Closes #637
Fixed gotcha invoking
app.param()
callbacks once per route middleware. Closes #638Fixed partial lookup precedence. Closes #631 Shaw]
2.2.2 / 2011-04-12
Added second callback support for
res.download()
connection errorsFixed
filename
option passing to template engine
2.2.1 / 2011-04-04
Added
layout(path)
helper to change the layout within a view. Closes #610Fixed
partial()
collection object support. Previously only anything with.length
would work. When.length
is present one must still be aware of holes, however now{ collection: {foo: 'bar'}}
is valid, exposeskeyInCollection
andkeysInCollection
.Performance improved with better view caching
Removed
request
andresponse
localsChanged; errorHandler page title is now
Express
instead ofConnect
2.2.0 / 2011-03-30
Added
app.lookup.VERB()
, exapp.lookup.put('/user/:id')
. Closes #606Added
app.match.VERB()
, exapp.match.put('/user/12')
. Closes #606Added
app.VERB(path)
as alias ofapp.lookup.VERB()
.Dependency
connect >= 1.2.0
2.1.1 / 2011-03-29
Added; expose
err.view
object when failing to locate a viewFixed
res.partial()
callnext(err)
when no callback is given [reported by aheckmann]Fixed;
res.send(undefined)
responds with 204 [aheckmann]
2.1.0 / 2011-03-24
Added
<root>/_?<name>
partial lookup support. Closes #447Added
request
,response
, andapp
local variablesAdded
settings
local variable, containing the app's settingsAdded
req.flash()
exception ifreq.session
is not availableAdded
res.send(bool)
support (json response)Fixed stylus example for latest version
Fixed; wrap try/catch around
res.render()
2.0.0 / 2011-03-17
Fixed up index view path alternative.
Changed;
res.locals()
without object returns the locals
2.0.0rc3 / 2011-03-17
Added
res.locals(obj)
to complimentres.local(key, val)
Added
res.partial()
callback supportFixed recursive error reporting issue in
res.render()
2.0.0rc2 / 2011-03-17
Changed;
partial()
"locals" are now optionalFixed
SlowBuffer
support. Closes #584 [reported by tyrda01]Fixed .filename view engine option [reported by drudge]
Fixed blog example
Fixed
{req,res}.app
reference when mounting [Ben Weaver]
2.0.0rc / 2011-03-14
Fixed; expose
HTTPSServer
constructorFixed express(1) default test charset. Closes #579 [reported by secoif]
Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP]
2.0.0beta3 / 2011-03-09
Added support for
res.contentType()
literal The originalres.contentType('.json')
,res.contentType('application/json')
, andres.contentType('json')
will work now.Added
res.render()
status option support backAdded charset option for
res.render()
Added
.charset
support (via connect 1.0.4)Added view resolution hints when in development and a lookup fails
Added layout lookup support relative to the page view. For example while rendering
./views/user/index.jade
if you create./views/user/layout.jade
it will be used in favour of the root layout.Fixed
res.redirect()
. RFC states absolute url [reported by unlink]Fixed; default
res.send()
string charset to utf8Removed
Partial
constructor (not currently used)
2.0.0beta2 / 2011-03-07
Added res.render()
.locals
support back to aid in migration processFixed flash example
2.0.0beta / 2011-03-03
Added HTTPS support
Added
res.cookie()
maxAge supportAdded
req.header()
Referrer / Referer special-case, either worksAdded mount support for
res.redirect()
, now respects the mount-pointAdded
union()
util, taking place ofmerge(clone())
comboAdded stylus support to express(1) generated app
Added secret to session middleware used in examples and generated app
Added
res.local(name, val)
for progressive view localsAdded default param support to
req.param(name, default)
Added
app.disabled()
andapp.enabled()
Added
app.register()
support for omitting leading ".", either worksAdded
res.partial()
, using the same interface aspartial()
within a view. Closes #539Added
app.param()
to map route params to async/sync logicAdded; aliased
app.helpers()
asapp.locals()
. Closes #481Added extname with no leading "." support to
res.contentType()
Added
cache views
setting, defaulting to enabled in "production" envAdded index file partial resolution, eg: partial('user') may try views/user/index.jade.
Added
req.accepts()
support for extensionsChanged;
res.download()
andres.sendfile()
now utilize Connect's static file serverconnect.static.send()
.Changed; replaced
connect.utils.mime()
with npm mime moduleChanged; allow
req.query
to be pre-defined (via middleware or other parentChanged view partial resolution, now relative to parent view
Changed view engine signature. no longer
engine.render(str, options, callback)
, nowengine.compile(str, options) -> Function
, the returned function acceptsfn(locals)
.Fixed
req.param()
bug returning Array.prototype methods. Closes #552Fixed; using
Stream#pipe()
instead ofsys.pump()
inres.sendfile()
Fixed; using qs module instead of querystring
Fixed; strip unsafe chars from jsonp callbacks
Removed "stream threshold" setting
1.0.8 / 2011-03-01
Allow
req.query
to be pre-defined (via middleware or other parent app)"connect": ">= 0.5.0 < 1.0.0". Closes #547
Removed the long deprecated EXPRESS_ENV support
1.0.7 / 2011-02-07
Fixed
render()
setting inheritance. Mounted apps would not inherit "view engine"
1.0.6 / 2011-02-07
Fixed
view engine
setting bug when period is in dirname
1.0.5 / 2011-02-05
Added secret to generated app
session()
call
1.0.4 / 2011-02-05
Added
qs
dependency to package.jsonFixed namespaced
require()
s for latest connect support
1.0.3 / 2011-01-13
Remove unsafe characters from JSONP callback names [Ryan Grove]
1.0.2 / 2011-01-10
Removed nested require, using
connect.router
1.0.1 / 2010-12-29
Fixed for middleware stacked via
createServer()
previously thefoo
middleware passed tocreateServer(foo)
would not have access to Express methods such asres.send()
or props likereq.query
etc.
1.0.0 / 2010-11-16
Added; deduce partial object names from the last segment. For example by default
partial('forum/post', postObject)
will give you the post object, providing a meaningful default.Added http status code string representation to
res.redirect()
bodyAdded;
res.redirect()
supporting text/plain and text/html via Accept.Added
req.is()
to aid in content negotiationAdded partial local inheritance [suggested by masylum]. Closes #102 providing access to parent template locals.
Added -s, --session[s] flag to express(1) to add session related middleware
Added --template flag to express(1) to specify the template engine to use.
Added --css flag to express(1) to specify the stylesheet engine to use (or just plain css by default).
Added
app.all()
support [thanks aheckmann]Added partial direct object support. You may now
partial('user', user)
providing the "user" local, vs previouslypartial('user', { object: user })
.Added route-separation example since many people question ways to do this with CommonJS modules. Also view the blog example for an alternative.
Performance; caching view path derived partial object names
Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454
Fixed jsonp support; text/javascript as per mailinglist discussion
1.0.0rc4 / 2010-10-14
Added NODE_ENV support, EXPRESS_ENV is deprecated and will be removed in 1.0.0
Added route-middleware support (very helpful, see the docs)
Added jsonp callback setting to enable/disable jsonp autowrapping [Dav Glass]
Added callback query check on response.send to autowrap JSON objects for simple webservice implementations [Dav Glass]
Added
partial()
support for array-like collections. Closes #434Added support for swappable querystring parsers
Added session usage docs. Closes #443
Added dynamic helper caching. Closes #439 [suggested by maritz]
Added authentication example
Added basic Range support to
res.sendfile()
(andres.download()
etc)Changed;
express(1)
generated app using 2 spaces instead of 4Default env to "development" again [aheckmann]
Removed context option is no more, use "scope"
Fixed; exposing ./support libs to examples so they can run without installs
Fixed mvc example
1.0.0rc3 / 2010-09-20
Added confirmation for
express(1)
app generation. Closes #391Added extending of flash formatters via
app.flashFormatters
Added flash formatter support. Closes #411
Added streaming support to
res.sendfile()
usingsys.pump()
when >= "stream threshold"Added stream threshold setting for
res.sendfile()
Added
res.send()
HEAD supportAdded
res.clearCookie()
Added
res.cookie()
Added
res.render()
headers optionAdded
res.redirect()
response bodiesAdded
res.render()
status option support. Closes #425 [thanks aheckmann]Fixed
res.sendfile()
responding with 403 on malicious pathFixed
res.download()
bug; when an error occurs remove Content-DispositionFixed; mounted apps settings now inherit from parent app [aheckmann]
Fixed; stripping Content-Length / Content-Type when 204
Fixed
res.send()
204. Closes #419Fixed multiple Set-Cookie headers via
res.header()
. Closes #402Fixed bug messing with error handlers when
listenFD()
is called instead oflisten()
. [thanks guillermo]
1.0.0rc2 / 2010-08-17
Added
app.register()
for template engine mapping. Closes #390Added
res.render()
callback support as second argument (no options)Added callback support to
res.download()
Added callback support for
res.sendfile()
Added support for middleware access via
express.middlewareName()
vsconnect.middlewareName()
Added "partials" setting to docs
Added default expresso tests to
express(1)
generated app. Closes #384Fixed
res.sendfile()
error handling, defer vianext()
Fixed
res.render()
callback when a layout is used [thanks guillermo]Fixed;
make install
creating ~/.node_libraries when not presentFixed issue preventing error handlers from being defined anywhere. Closes #387
1.0.0rc / 2010-07-28
Added mounted hook. Closes #369
Added connect dependency to package.json
Removed "reload views" setting and support code development env never caches, production always caches.
Removed param in route callbacks, signature is now simply (req, res, next), previously (req, res, params, next). Use req.params for path captures, req.query for GET params.
Fixed "home" setting
Fixed middleware/router precedence issue. Closes #366
Fixed; configure() callbacks called immediately. Closes #368
1.0.0beta2 / 2010-07-23
Added more examples
Added; exporting
Server
constructorAdded
Server#helpers()
for view localsAdded
Server#dynamicHelpers()
for dynamic view locals. Closes #349Added support for absolute view paths
Added; home setting defaults to
Server#route
for mounted apps. Closes #363Added Guillermo Rauch to the contributor list
Added support for "as" for non-collection partials. Closes #341
Fixed install.sh, ensuring ~/.node_libraries exists. Closes #362 [thanks jf]
Fixed
res.render()
exceptions, now passed tonext()
when no callback is given [thanks guillermo]Fixed instanceof
Array
checks, nowArray.isArray()
Fixed express(1) expansion of public dirs. Closes #348
Fixed middleware precedence. Closes #345
Fixed view watcher, now async [thanks aheckmann]
1.0.0beta / 2010-07-15
Re-write
much faster
much lighter
Check ExpressJS.com for migration guide and updated docs
0.14.0 / 2010-06-15
Utilize relative requires
Added Static bufferSize option [aheckmann]
Fixed caching of view and partial subdirectories [aheckmann]
Fixed mime.type() comments now that ".ext" is not supported
Updated haml submodule
Updated class submodule
Removed bin/express
0.13.0 / 2010-06-01
Added node v0.1.97 compatibility
Added support for deleting cookies via Request#cookie('key', null)
Updated haml submodule
Fixed not-found page, now using using charset utf-8
Fixed show-exceptions page, now using using charset utf-8
Fixed view support due to fs.readFile Buffers
Changed; mime.type() no longer accepts ".type" due to node extname() changes
0.12.0 / 2010-05-22
Added node v0.1.96 compatibility
Added view
helpers
export which act as additional local variablesUpdated haml submodule
Changed ETag; removed inode, modified time only
Fixed LF to CRLF for setting multiple cookies
Fixed cookie compilation; values are now urlencoded
Fixed cookies parsing; accepts quoted values and url escaped cookies
0.11.0 / 2010-05-06
Added support for layouts using different engines
this.render('page.html.haml', { layout: 'super-cool-layout.html.ejs' })
this.render('page.html.haml', { layout: 'foo' }) // assumes 'foo.html.haml'
this.render('page.html.haml', { layout: false }) // no layout
Updated ext submodule
Updated haml submodule
Fixed EJS partial support by passing along the context. Issue #307
0.10.1 / 2010-05-03
Fixed binary uploads.
0.10.0 / 2010-04-30
Added charset support via Request#charset (automatically assigned to 'UTF-8' when respond()'s encoding is set to 'utf8' or 'utf-8'.
Added "encoding" option to Request#render(). Closes #299
Added "dump exceptions" setting, which is enabled by default.
Added simple ejs template engine support
Added error response support for text/plain, application/json. Closes #297
Added callback function param to Request#error()
Added Request#sendHead()
Added Request#stream()
Added support for Request#respond(304, null) for empty response bodies
Added ETag support to Request#sendfile()
Added options to Request#sendfile(), passed to fs.createReadStream()
Added filename arg to Request#download()
Performance enhanced due to pre-reversing plugins so that plugins.reverse() is not called on each request
Performance enhanced by preventing several calls to toLowerCase() in Router#match()
Changed; Request#sendfile() now streams
Changed; Renamed Request#halt() to Request#respond(). Closes #289
Changed; Using sys.inspect() instead of JSON.encode() for error output
Changed; run() returns the http.Server instance. Closes #298
Changed; Defaulting Server#host to null (INADDR_ANY)
Changed; Logger "common" format scale of 0.4f
Removed Logger "request" format
Fixed; Catching ENOENT in view caching, preventing error when "views/partials" is not found
Fixed several issues with http client
Fixed Logger Content-Length output
Fixed bug preventing Opera from retaining the generated session id. Closes #292
0.9.0 / 2010-04-14
Added DSL level error() route support
Added DSL level notFound() route support
Added Request#error()
Added Request#notFound()
Added Request#render() callback function. Closes #258
Added "max upload size" setting
Added "magic" variables to collection partials (__index__, __length__, __isFirst__, __isLast__). Closes #254
Added haml.js submodule; removed haml-js
Added callback function support to Request#halt() as 3rd/4th arg
Added preprocessing of route param wildcards using param(). Closes #251
Added view partial support (with collections etc)
Fixed bug preventing falsey params (such as ?page=0). Closes #286
Fixed setting of multiple cookies. Closes #199
Changed; view naming convention is now NAME.TYPE.ENGINE (for example page.html.haml)
Changed; session cookie is now httpOnly
Changed; Request is no longer global
Changed; Event is no longer global
Changed; "sys" module is no longer global
Changed; moved Request#download to Static plugin where it belongs
Changed; Request instance created before body parsing. Closes #262
Changed; Pre-caching views in memory when "cache view contents" is enabled. Closes #253
Changed; Pre-caching view partials in memory when "cache view partials" is enabled
Updated support to node --version 0.1.90
Updated dependencies
Removed set("session cookie") in favour of use(Session, { cookie: { ... }})
Removed utils.mixin(); use Object#mergeDeep()
0.8.0 / 2010-03-19
Added coffeescript example app. Closes #242
Changed; cache api now async friendly. Closes #240
Removed deprecated 'express/static' support. Use 'express/plugins/static'
0.7.6 / 2010-03-19
Added Request#isXHR. Closes #229
Added
make install
(for the executable)Added
express
executable for setting up simple app templatesAdded "GET /public/*" to Static plugin, defaulting to /public
Added Static plugin
Fixed; Request#render() only calls cache.get() once
Fixed; Namespacing View caches with "view:"
Fixed; Namespacing Static caches with "static:"
Fixed; Both example apps now use the Static plugin
Fixed set("views"). Closes #239
Fixed missing space for combined log format
Deprecated Request#sendfile() and 'express/static'
Removed Server#running
0.7.5 / 2010-03-16
Added Request#flash() support without args, now returns all flashes
Updated ext submodule
0.7.4 / 2010-03-16
Fixed session reaper
Changed; class.js replacing js-oo Class implementation (quite a bit faster, no browser cruft)
0.7.3 / 2010-03-16
Added package.json
Fixed requiring of haml / sass due to kiwi removal
0.7.2 / 2010-03-16
Fixed GIT submodules (HAH!)
0.7.1 / 2010-03-16
Changed; Express now using submodules again until a PM is adopted
Changed; chat example using millisecond conversions from ext
0.7.0 / 2010-03-15
Added Request#pass() support (finds the next matching route, or the given path)
Added Logger plugin (default "common" format replaces CommonLogger)
Removed Profiler plugin
Removed CommonLogger plugin
0.6.0 / 2010-03-11
Added seed.yml for kiwi package management support
Added HTTP client query string support when method is GET. Closes #205
Added support for arbitrary view engines. For example "foo.engine.html" will now require('engine'), the exports from this module are cached after the first require().
Added async plugin support
Removed usage of RESTful route funcs as http client get() etc, use http.get() and friends
Removed custom exceptions
0.5.0 / 2010-03-10
Added ext dependency (library of js extensions)
Removed extname() / basename() utils. Use path module
Removed toArray() util. Use arguments.values
Removed escapeRegexp() util. Use RegExp.escape()
Removed process.mixin() dependency. Use utils.mixin()
Removed Collection
Removed ElementCollection
Shameless self promotion of ebook "Advanced JavaScript" (http://dev-mag.com) ;)
0.4.0 / 2010-02-11
Added flash() example to sample upload app
Added high level restful http client module (express/http)
Changed; RESTful route functions double as HTTP clients. Closes #69
Changed; throwing error when routes are added at runtime
Changed; defaulting render() context to the current Request. Closes #197
Updated haml submodule
0.3.0 / 2010-02-11
Updated haml / sass submodules. Closes #200
Added flash message support. Closes #64
Added accepts() now allows multiple args. fixes #117
Added support for plugins to halt. Closes #189
Added alternate layout support. Closes #119
Removed Route#run(). Closes #188
Fixed broken specs due to use(Cookie) missing
0.2.1 / 2010-02-05
Added "plot" format option for Profiler (for gnuplot processing)
Added request number to Profiler plugin
Fixed binary encoding for multipart file uploads, was previously defaulting to UTF8
Fixed issue with routes not firing when not files are present. Closes #184
Fixed process.Promise -> events.Promise
0.2.0 / 2010-02-03
Added parseParam() support for name[] etc. (allows for file inputs with "multiple" attr) Closes #180
Added Both Cache and Session option "reapInterval" may be "reapEvery". Closes #174
Added expiration support to cache api with reaper. Closes #133
Added cache Store.Memory#reap()
Added Cache; cache api now uses first class Cache instances
Added abstract session Store. Closes #172
Changed; cache Memory.Store#get() utilizing Collection
Renamed MemoryStore -> Store.Memory
Fixed use() of the same plugin several time will always use latest options. Closes #176
0.1.0 / 2010-02-03
Changed; Hooks (before / after) pass request as arg as well as evaluated in their context
Updated node support to 0.1.27 Closes #169
Updated dirname(__filename) -> __dirname
Updated libxmljs support to v0.2.0
Added session support with memory store / reaping
Added quick uid() helper
Added multi-part upload support
Added Sass.js support / submodule
Added production env caching view contents and static files
Added static file caching. Closes #136
Added cache plugin with memory stores
Added support to StaticFile so that it works with non-textual files.
Removed dirname() helper
Removed several globals (now their modules must be required)
0.0.2 / 2010-01-10
Added view benchmarks; currently haml vs ejs
Added Request#attachment() specs. Closes #116
Added use of node's parseQuery() util. Closes #123
Added
make init
for submodulesUpdated Haml
Updated sample chat app to show messages on load
Updated libxmljs parseString -> parseHtmlString
Fixed
make init
to work with older versions of gitFixed specs can now run independent specs for those who can't build deps. Closes #127
Fixed issues introduced by the node url module changes. Closes 126.
Fixed two assertions failing due to Collection#keys() returning strings
Fixed faulty Collection#toArray() spec due to keys() returning strings
Fixed
make test
now builds libxmljs.node before testing
0.0.1 / 2010-01-03
Initial release
Last updated