Bump the npm_and_yarn group across 1 directory with 51 updates

[dependabot]

Bumps the npm_and_yarn group with 43 updates in the / directory:

Package	From	To
body-parser	1.19.0	1.20.3
express	4.17.1	4.21.2
follow-redirects	1.11.0	1.15.6
jsonwebtoken	8.5.1	9.0.2
@parse/push-adapter	3.2.0	6.11.0
jwks-rsa	1.8.0	3.2.0
lodash	4.17.15	4.17.21
pg-promise	10.5.2	11.5.5
redis	3.0.2	3.1.1
semver	5.7.1	5.7.2
semver	7.3.2	7.7.2
semver	6.3.0	6.3.1
core-js-compat	3.6.5	3.45.1
ws	7.2.5	7.5.10
form-data	3.0.0	3.0.4
node-fetch	2.6.0	2.7.0
ajv	6.10.2	6.12.6
apollo-server-core	2.12.0	2.26.2
async	2.6.3	2.6.4
async	3.1.0	3.2.6
aws-sdk	2.59.0	2.907.0
@parse/s3-files-adapter	1.4.0	1.6.3
qs	6.5.2	6.5.3
bson	1.1.3	1.1.6
color-string	1.5.3	1.9.1
crypto-js	4.0.0	4.2.0
parse	2.13.0	6.1.1
decode-uri-component	0.2.0	0.2.2
ini	1.3.5	1.3.8
minimist	1.2.5	1.2.8
mongodb-runner	4.8.0	5.9.2
tar	4.4.13	removed
@parse/s3-files-adapter	1.6.3	4.2.0
bcrypt	4.0.1	6.0.0
fsevents	1.2.11	1.2.13
ip	1.1.5	removed
@parse/simple-mailgun-adapter	1.1.0	2.0.0
json-schema	0.2.3	0.4.0
jsprim	1.4.1	1.4.2
json5	2.1.3	2.2.3
moment	2.24.0	2.30.1
object-path	0.11.4	0.11.8
tmp	0.0.33	removed
eslint	6.8.0	9.34.0
underscore	1.9.1	1.13.7
jsdoc	3.6.3	3.6.11
y18n	4.0.0	4.0.3

Updates body-parser from 1.19.0 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

• deps: qs@6.13.0
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/body-parser#522
• ci: fix errors in ci github action for node 8 and 9 by @​inigomarquinez in expressjs/body-parser#523
• fix: pin to node@22.4.1 by @​wesleytodd in expressjs/body-parser#527
• deps: qs@6.12.3 by @​melikhov-dev in expressjs/body-parser#521
• Add OSSF Scorecard badge by @​bjohansebas in expressjs/body-parser#531
• Linter by @​UlisesGascon in expressjs/body-parser#534
• Release: 1.20.3 by @​UlisesGascon in expressjs/body-parser#535

New Contributors

• @​inigomarquinez made their first contribution in expressjs/body-parser#522
• @​melikhov-dev made their first contribution in expressjs/body-parser#521
• @​bjohansebas made their first contribution in expressjs/body-parser#531
• @​UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
  • perf: skip value escaping when unnecessary
• deps: raw-body@2.5.2

1.20.1

• deps: qs@6.11.0
• perf: remove unnecessary object clone

1.20.0

• Fix error message for json parse whitespace in strict
• Fix internal error when inflated body exceeds limit
• Prevent loss of async hooks context
• Prevent hanging when request already read
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: http-errors@2.0.0
  • deps: depd@2.0.0
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
• deps: qs@6.10.3

... (truncated)

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

• deps: qs@6.13.0
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
  • perf: skip value escaping when unnecessary
• deps: raw-body@2.5.2

1.20.1 / 2022-10-06

• deps: qs@6.11.0
• perf: remove unnecessary object clone

1.20.0 / 2022-04-02

• Fix error message for json parse whitespace in strict
• Fix internal error when inflated body exceeds limit
• Prevent loss of async hooks context
• Prevent hanging when request already read
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: http-errors@2.0.0
  • deps: depd@2.0.0
  • deps: statuses@2.0.1
• deps: on-finished@2.4.1
• deps: qs@6.10.3
• deps: raw-body@2.5.1
  • deps: http-errors@2.0.0

1.19.2 / 2022-02-15

• deps: bytes@3.1.2
• deps: qs@6.9.7
  • Fix handling of __proto__ keys
• deps: raw-body@2.4.3
  • deps: bytes@3.1.2

1.19.1 / 2021-12-10

... (truncated)

Commits

• 1752951 1.20.3
• 39744cf chore: linter (#534)
• b2695c4 Merge commit from fork
• ade0f3f add scorecard to readme (#531)
• 99a1bd6 deps: qs@6.12.3 (#521)
• 9478591 fix: pin to node@22.4.1
• 83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
• 9d4e212 chore: add support for OSSF scorecard reporting (#522)
• ee91374 1.20.2
• 368a93a Fix strict json error message on Node.js 19+
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates express from 4.17.1 to 4.21.2

Release notes

Sourced from express's releases.

4.21.2

What's Changed

• Add funding field (v4) by @​bjohansebas in expressjs/express#6065
• deps: path-to-regexp@0.1.11 by @​blakeembrey in expressjs/express#5956
• deps: bump path-to-regexp@0.1.12 by @​jonchurch in expressjs/express#6209
• Release: 4.21.2 by @​UlisesGascon in expressjs/express#6094

Full Changelog: expressjs/express@4.21.1...4.21.2

4.21.1

What's Changed

• Backport a fix for CVE-2024-47764 to the 4.x branch by @​joshbuker in expressjs/express#6029
• Release: 4.21.1 by @​UlisesGascon in expressjs/express#6031

Full Changelog: expressjs/express@4.21.0...4.21.1

4.21.0

What's Changed

• Deprecate "back" magic string in redirects by @​blakeembrey in expressjs/express#5935
• finalhandler@1.3.1 by @​wesleytodd in expressjs/express#5954
• fix(deps): serve-static@1.16.2 by @​wesleytodd in expressjs/express#5951
• Upgraded dependency qs to 6.13.0 to match qs in body-parser by @​agadzinski93 in expressjs/express#5946

New Contributors

• @​agadzinski93 made their first contribution in expressjs/express#5946

Full Changelog: expressjs/express@4.20.0...4.21.0

4.20.0

What's Changed

Important

• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect

Other Changes

• 4.19.2 Staging by @​wesleytodd in expressjs/express#5561
• remove duplicate location test for data uri by @​wesleytodd in expressjs/express#5562
• feat: document beta releases expectations by @​marco-ippolito in expressjs/express#5565
• Cut down on duplicated CI runs by @​jonchurch in expressjs/express#5564
• Add a Threat Model by @​UlisesGascon in expressjs/express#5526
• Assign captain of encodeurl by @​blakeembrey in expressjs/express#5579
• Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @​jonchurch in expressjs/express#5587
• docs: update Security.md by @​inigomarquinez in expressjs/express#5590
• docs: update triage nomination policy by @​UlisesGascon in expressjs/express#5600
• Add CodeQL (SAST) by @​UlisesGascon in expressjs/express#5433
• docs: add UlisesGascon as triage initiative captain by @​UlisesGascon in expressjs/express#5605

... (truncated)

Changelog

Sourced from express's changelog.

4.21.2 / 2024-11-06

• deps: path-to-regexp@0.1.12
  • Fix backtracking protection
• deps: path-to-regexp@0.1.11
  • Throws an error on invalid path values

4.21.1 / 2024-10-08

• Backported a fix for CVE-2024-47764

4.21.0 / 2024-09-11

• Deprecate res.location("back") and res.redirect("back") magic string
• deps: serve-static@1.16.2
  • includes send@0.19.0
• deps: finalhandler@1.3.1
• deps: qs@6.13.0

4.20.0 / 2024-09-10

• deps: serve-static@0.16.0
  • Remove link renderization in html while redirecting
• deps: send@0.19.0
  • Remove link renderization in html while redirecting
• deps: body-parser@0.6.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)
• Remove link renderization in html while using res.redirect
• deps: path-to-regexp@0.1.10
  • Adds support for named matching groups in the routes using a regex
  • Adds backtracking protection to parameters without regexes defined
• deps: encodeurl@~2.0.0
  • Removes encoding of \, |, and ^ to align better with URL spec
• Deprecate passing options.maxAge and options.expires to res.clearCookie
  • Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

• Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

• Allow passing non-strings to res.location with new encoding handling checks

... (truncated)

Commits

• 1faf228 4.21.2
• 2e0fb64 deps: bump path-to-regexp@0.1.12 (#6209)
• 59fc270 deps: path-to-regexp@0.1.11 (#5956)
• 51fc39c docs: add funding (#6065)
• 8e229f9 4.21.1
• a024c8a fix(deps): cookie@0.7.1
• 7e562c6 4.21.0
• 1bcde96 fix(deps): qs@6.13.0 (#5946)
• 7d36477 fix(deps): serve-static@1.16.2 (#5951)
• 40d2d8f fix(deps): finalhandler@1.3.1
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by jonchurch, a new releaser for express since your current version.

Updates follow-redirects from 1.11.0 to 1.15.6

Commits

• 35a517c Release version 1.15.6 of the npm package.
• c4f847f Drop Proxy-Authorization across hosts.
• 8526b4a Use GitHub for disclosure.
• b1677ce Release version 1.15.5 of the npm package.
• d8914f7 Preserve fragment in responseUrl.
• 6585820 Release version 1.15.4 of the npm package.
• 7a6567e Disallow bracketed hostnames.
• 05629af Prefer native URL instead of deprecated url.parse.
• 1cba8e8 Prefer native URL instead of legacy url.resolve.
• 72bc2a4 Simplify _processResponse error handling.
• Additional commits viewable in compare view

Updates jsonwebtoken from 8.5.1 to 9.0.2

Changelog

Sourced from jsonwebtoken's changelog.

9.0.2 - 2023-08-30

• security: updating semver to 7.5.4 to resolve CVE-2022-25883, closes #921.
• refactor: reduce library size by using lodash specific dependencies, closes #878.

9.0.1 - 2023-07-05

• fix(stubs): allow decode method to be stubbed

9.0.0 - 2022-12-21

Breaking changes: See Migration from v8 to v9

Breaking changes

• Removed support for Node versions 11 and below.
• The verify() function no longer accepts unsigned tokens by default. ([834503079514b72264fd13023a3b8d648afd6a16]auth0/node-jsonwebtoken@8345030)
• RSA key size must be 2048 bits or greater. ([ecdf6cc6073ea13a7e71df5fad043550f08d0fa6]auth0/node-jsonwebtoken@ecdf6cc)
• Key types must be valid for the signing / verification algorithm

Security fixes

• security: fixes Arbitrary File Write via verify function - CVE-2022-23529
• security: fixes Insecure default algorithm in jwt.verify() could lead to signature validation bypass - CVE-2022-23540
• security: fixes Insecure implementation of key retrieval function could lead to Forgeable Public/Private Tokens from RSA to HMAC - CVE-2022-23541
• security: fixes Unrestricted key type could lead to legacy keys usage - CVE-2022-23539

Commits

• bc28861 Release 9.0.2 (#935)
• 96b8906 refactor: use specific lodash packages (#933)
• ed35062 security: Updating semver to 7.5.4 to resolve CVE-2022-25883 (#932)
• 84539b2 Updating package version to 9.0.1 (#920)
• a99fd4b fix(stubs): allow decode method to be stubbed (#876)
• e1fa9dc Merge pull request from GHSA-8cf7-32gw-wr33
• 5eaedbf chore(ci): remove github test actions job (#861)
• cd4163e chore(ci): configure Github Actions jobs for Tests & Security Scanning (#856)
• ecdf6cc fix!: Prevent accidental use of insecure key sizes & misconfiguration of secr...
• 8345030 fix(sign&verify)!: Remove default none support from sign and verify met...
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by charlesrea, a new releaser for jsonwebtoken since your current version.

Updates @parse/push-adapter from 3.2.0 to 6.11.0

Release notes

Sourced from @​parse/push-adapter's releases.

6.11.0

6.11.0 (2025-03-16)

Features

• Bump @​parse/node-apn from 6.4.3 to 6.5.0 (#382) (3995754)

6.10.0

6.10.0 (2025-01-18)

Features

• Add support for watchOS push notifications (#360) (97f14ca)

6.9.1

6.9.1 (2025-01-01)

Bug Fixes

• APN notification topic not composed based on push type (#347) (9905c34)

6.9.0

6.9.0 (2024-12-30)

Features

• Update node-apn from 6.2.1 to 6.3.0 (#349) (9697842)

6.8.0

6.8.0 (2024-12-14)

Features

• Add FCM option resolveUnhandledClientError to resolve or reject push promise on FCM server response GOAWAY (#341) (6d72f8a)

6.7.1

6.7.1 (2024-11-19)

Bug Fixes

• Security upgrade @​parse/node-apn from 6.2.0 to 6.2.1 (#329) (5cd5170)

6.7.0

6.7.0 (2024-09-27)

... (truncated)

Changelog

Sourced from @​parse/push-adapter's changelog.

6.11.0 (2025-03-16)

Features

• Bump @​parse/node-apn from 6.4.3 to 6.5.0 (#382) (3995754)

6.10.0 (2025-01-18)

Features

• Add support for watchOS push notifications (#360) (97f14ca)

6.9.1 (2025-01-01)

Bug Fixes

• APN notification topic not composed based on push type (#347) (9905c34)

6.9.0 (2024-12-30)

Features

• Update node-apn from 6.2.1 to 6.3.0 (#349) (9697842)

6.8.0 (2024-12-14)

Features

• Add FCM option resolveUnhandledClientError to resolve or reject push promise on FCM server response GOAWAY (#341) (6d72f8a)

6.7.1 (2024-11-19)

Bug Fixes

• Security upgrade @​parse/node-apn from 6.2.0 to 6.2.1 (#329) (5cd5170)

6.7.0 (2024-09-27)

Features

• Upgrade @​parse/node-apn from 6.1.0 to 6.2.0 (#310) (c71e167)

6.6.0 (2024-09-24)

... (truncated)

Commits

• a27865f chore(release): 6.11.0 [skip ci]
• a4a1c6d ci: Fix auto-release (#384)
• 6c26629 refactor: Bump eslint from 9.21.0 to 9.22.0 (#380)
• 3995754 feat: Bump @​parse/node-apn from 6.4.3 to 6.5.0 (#382)
• 16efdb3 refactor: Bump parse from 5.3.0 to 6.0.0 (#378)
• 10c1c85 refactor: Bump firebase-admin from 13.1.0 to 13.2.0 (#379)
• 17748f4 refactor: Bump @​eslint/js from 9.20.0 to 9.21.0 (#375)
• ce753d8 refactor: Bump eslint from 9.20.1 to 9.21.0 (#376)
• 4bd2c53 refactor: Bump semantic-release from 24.2.2 to 24.2.3 (#374)
• 3776b77 refactor: Bump @​parse/node-apn from 6.4.0 to 6.4.3 (#372)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by parseadmin, a new releaser for @​parse/push-adapter since your current version.

Updates jwks-rsa from 1.8.0 to 3.2.0

Release notes

Sourced from jwks-rsa's releases.

v3.2.0

Changed

• Bump express from 4.18.2 to 4.19.2 #408 (dependabot[bot])
• Bump braces from 3.0.2 to 3.0.3 #413 (dependabot[bot])
• Bump jose from 4.15.4 to 4.15.5 #402 (dependabot[bot])
• Bump codecov/codecov-action from 3.1.4 to 3.1.5 #396 (dependabot[bot])
• Bump actions/cache from 3 to 4 #395 (dependabot[bot])
• Update automated release process to latest version #391 (frederikprijck)
• Bump actions/github-script from 6 to 7 #387 (dependabot[bot])
• chore(deps): Update Lockfile #386 (evansims)
• Bump actions/setup-node from 3 to 4 #382 (dependabot[bot])
• Bump @​babel/traverse from 7.10.1 to 7.23.2 #381 (dependabot[bot])

Fixed

• [Fix] Change type of unused req param to unknown to resolve type conflicts #394 (zackdotcomputer)
• fix(compat): ensure WebCryptoAPI runtime imported keys are re-exportable #409 (panva)
• fix: express-jwt types #412 (jfromaniello)

v3.1.0

Added

• feat: resolve bun/deno compat issues #374 (panva)

v3.0.1

Fixed

• update types/jsonwebtoken update v9.0.0 #349 (ToshihitoKon)
• Bump jsonwebtoken from 8.5.1 to 9.0.0 #344 (dependabot[bot])

v3.0.0

⚠️ BREAKING CHANGES

This release drops support for Node 10 and 12

• [major] bump jose #333 (panva)

v2.1.5

Fixed

• Fix GetVerificationKey typing to include undefined #329 (AaronMoat)

fixes #325

v2.1.4

Fixed

• Type definitions depend on jsonwebtoken #314 (adamjmcgrath)

v2.1.3

Fixed

• Fix issue with ES Express import #310 (adamjmcgrath)

... (truncated)

Changelog

Sourced from jwks-rsa's changelog.

v3.2.0 (2025-03-18)

Full Changelog

Changed

• Bump express from 4.18.2 to 4.19.2 #408 (dependabot[bot])
• Bump braces from 3.0.2 to 3.0.3 #413 (dependabot[bot])
• Bump jose from 4.15.4 to 4.15.5 #402 (dependabot[bot])
• Bump codecov/codecov-action from 3.1.4 to 3.1.5 #396 (dependabot[bot])
• Bump actions/cache from 3 to 4 #395 (dependabot[bot])
• Update automated release process to latest version #391 (frederikprijck)
• Bump actions/github-script from 6 to 7 #387 (dependabot[bot])
• chore(deps): Update Lockfile #386 (evansims)
• Bump actions/setup-node from 3 to 4 #382 (dependabot[bot])
• Bump @​babel/traverse from 7.10.1 to 7.23.2 #381 (dependabot[bot])

Fixed

• [Fix] Change type of unused req param to unknown to resolve type conflicts #394 (zackdotcomputer)
• fix(compat): ensure WebCryptoAPI runtime imported keys are re-exportable #409 (panva)
• fix: express-jwt types #412 (jfromaniello)

v3.1.0 (2023-10-05)

Full Changelog

Added

• feat: resolve bun/deno compat issues #374 (panva)

v3.0.1 (2023-01-12)

Full Changelog

Fixed

• update types/jsonwebtoken update v9.0.0 #349 (ToshihitoKon)
• Bump jsonwebtoken from 8.5.1 to 9.0.0 #344 (dependabot[bot])

v3.0.0 (2022-11-01)

Full Changelog

⚠️ BREAKING CHANGES

This release drops support for Node 10 and 12

• [major] bump jose #333 (panva)

v2.1.5 (2022-10-10)

Full Changelog

Fixed

• Fix GetVerificationKey typing to include undefined #329 (AaronMoat)

v2.1.4 (2022-06-07)

Full Changelog

... (truncated)

Commits

• 8cb4bd9 Release v3.2.0 (#437)
• c4767cd ci: changed pull_request_target to pull_request and removed the authorize ste...
• b2ec8a8 Update codeowner file with new GitHub team name (#414)
• 3a4ffb6 Update codeowner file with new GitHub team name
• b83da97 [Fix] Change type of unused req param to unknown to resolve type conflicts (#...
• cb0d808 Merge branch 'master' into master
• e056e51 fix(compat): ensure WebCryptoAPI runtime imported keys are re-exportable (#409)
• dbe0804 Merge branch 'master' into compat-2
• aff09ba Bump express from 4.18.2 to 4.19.2 (#408)
• 44ae692 Bump express from 4.18.2 to 4.19.2
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by auth0-oss, a new releaser for jwks-rsa since your current version.

Updates lodash from 4.17.15 to 4.17.21

Commits

• f299b52 Bump to v4.17.21
• c4847eb Improve performance of toNumber, trim and trimEnd on large input strings
• 3469357 Prevent command injection through _.template's variable option
• ded9bc6 Bump to v4.17.20.
• 63150ef Documentation fixes.
• 00f0f62 test.js: Remove trailing comma.
• 846e434 Temporarily use a custom fork of lodash-cli.
• 5d046f3 Re-enable Travis tests on 4.17 branch.
• aa816b3 Remove /npm-package.
• d7fbc52 Bump to v4.17.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by bnjmnt4n, a new releaser for lodash since your current version.

Updates pg-promise from 10.5.2 to 11.5.5

Release notes

Sourced from pg-promise's releases.

11.5.5

• Addressing sql injection issue; All negative numbers are now wrapped in parentheses.
• Dev dependencies updated.

Thanks to @​paul-gerste-sonarsource!

11.5.4

• Dependencies updated, including the driver, to v8.11.3

11.5.3

• Following up on driver fix-update, see issue #888

11.5.2

This update is to clarify the full range of environments officially supported:

• PostgreSql v10 - v15
• NodeJS v14 - v18

It is worth noting that:

• It may work with PostgreSql v9, but it is no longer officially supported.
• It should work with NodeJS v20, but it is not officially supported yet (we support LTS versions of NodeJS only).

The CI has been updated accordingly. No functional changes.

11.5.1

• Updated dependencies, including the driver, to v8.11.1
• Fixed #884 - CI build issue in test

11.5.0

• Many dependencies updated, including Postgres driver.
• Minor documentation updates.

Please note that at the time of publishing this, GitHub CI started showing problems again, unrelated to the project. All tests pass locally fine, disregard Failed Build status for the time being.

11.4.3

• Updated dependencies
• Marked method batch as deprecated.

11.4.2

• Dev dependencies updated
• Semantic refactoring of the code

11.4.1

• Corrected TypeScript signature for the Pool's property log.

11.4.0

• Updated dependencies: "pg" -> "8.10.0" and "pg-query-stream" -> "4.4.0"
• Extended IPool TypeScript declaration with properties expiredCount + log. The latter in case you want to log what the pool is doing:

... (truncated)

Commits

• 1a4dfe6 Fixing issue Vulnerability: SQL Injection via Line Comment Creation vitaly-t/pg-promise#911 (comment)...
• 79199d4 update the package
• 8f30428 Fix node-postgres.com/apis/... links (#912)
• 8343d4b update deps
• 00cd486 updating deps
• e86ef61 update node ver
• 40311c3 add version check
• ab150f2 add pg11 tests
• b58bfcc downgrade supported pg to v10
• 7b71768 Update README.md
• Additional commits viewable in compare view

Updates redis from 3.0.2 to 3.1.1

Changelog

Sourced from redis's changelog.

v3.1.1

Enhancements

• Upgrade node and dependencies

Fixes

• Fix a potential exponential regex in monitor mode

v3.1.0 - 31 Mar, 2021

Enhancements

• Upgrade node and dependencies and redis-commands to support Redis 6
• Add support for Redis 6 auth pass [user]

v3.0.0 - 09 Feb, 2020

This version is mainly a release to distribute all the unreleased changes on master since 2017 and additionally removes a lot of old deprecated features and old internals in preparation for an upcoming modernization refactor (v4).

Breaking Changes

• Dropped support for Node.js < 6
• Dropped support for hiredis (no longer required)
• Removed previously deprecated drain event
• Removed previously deprecated idle event
• Removed previously deprecated parser option
• Removed previously deprecated max_delay option
• Removed previously deprecated max_attempts option
• Removed previously deprecated socket_no_delay option

Bug Fixes

• Removed development files from published package (#1370)
• Duplicate function now allows db param to be passed (#1311)

Features

• Upgraded to latest redis-commands package
• Upgraded to latest redis-parser package, v3.0.0, which brings performance improvements
• Replaced double-ended-queue with denque, which brings performance improvements
• Add timestamps to debug traces
• Add socket_initial_delay option for socket.setKeepAlive (#1396)
• Add support for rediss protocol in url (#1282)

v2.8.0 - 31 Jul, 2017

Features

... (truncated)

Commits

• fc28860 Bump version to 3.1.1 (#1597)
• 2d11b6d fix #1569 - improve monitor_regex (#1595)
• 7e77de8 Add Chat (#1594)
• 5d3e995 Merge branch 'master' of https://github.com/NodeRedis/node-redis
• b797cf2 add user to README.md
• 79f34c2 Bump version to 3.1.0 (#1590)
• 7fdc54e fix for 428e1c8a7b2322c2650294638cb1663ac5692728 - fix auth retry when redis ...
• 09f0fe8 "fix" tests
• 428e1c8 Add support for Redis 6 auth pass [user] (#1508)
• bb208d0 Add codeclimate badge (#1572)
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by leibale, a new releaser for redis since your current version.

Updates semver from 5.7.1 to 5.7.2

Release notes

Sourced from semver's releases.

v5.7.2

5.7.2 (2023-07-10)

Bug Fixes

• 2f8fd41