History.md (109589B)
1 4.17.1 / 2019-05-25 2 =================== 3 4 * Revert "Improve error message for `null`/`undefined` to `res.status`" 5 6 4.17.0 / 2019-05-16 7 =================== 8 9 * Add `express.raw` to parse bodies into `Buffer` 10 * Add `express.text` to parse bodies into string 11 * Improve error message for non-strings to `res.sendFile` 12 * Improve error message for `null`/`undefined` to `res.status` 13 * Support multiple hosts in `X-Forwarded-Host` 14 * deps: accepts@~1.3.7 15 * deps: body-parser@1.19.0 16 - Add encoding MIK 17 - Add petabyte (`pb`) support 18 - Fix parsing array brackets after index 19 - deps: bytes@3.1.0 20 - deps: http-errors@1.7.2 21 - deps: iconv-lite@0.4.24 22 - deps: qs@6.7.0 23 - deps: raw-body@2.4.0 24 - deps: type-is@~1.6.17 25 * deps: content-disposition@0.5.3 26 * deps: cookie@0.4.0 27 - Add `SameSite=None` support 28 * deps: finalhandler@~1.1.2 29 - Set stricter `Content-Security-Policy` header 30 - deps: parseurl@~1.3.3 31 - deps: statuses@~1.5.0 32 * deps: parseurl@~1.3.3 33 * deps: proxy-addr@~2.0.5 34 - deps: ipaddr.js@1.9.0 35 * deps: qs@6.7.0 36 - Fix parsing array brackets after index 37 * deps: range-parser@~1.2.1 38 * deps: send@0.17.1 39 - Set stricter CSP header in redirect & error responses 40 - deps: http-errors@~1.7.2 41 - deps: mime@1.6.0 42 - deps: ms@2.1.1 43 - deps: range-parser@~1.2.1 44 - deps: statuses@~1.5.0 45 - perf: remove redundant `path.normalize` call 46 * deps: serve-static@1.14.1 47 - Set stricter CSP header in redirect response 48 - deps: parseurl@~1.3.3 49 - deps: send@0.17.1 50 * deps: setprototypeof@1.1.1 51 * deps: statuses@~1.5.0 52 - Add `103 Early Hints` 53 * deps: type-is@~1.6.18 54 - deps: mime-types@~2.1.24 55 - perf: prevent internal `throw` on invalid type 56 57 4.16.4 / 2018-10-10 58 =================== 59 60 * Fix issue where `"Request aborted"` may be logged in `res.sendfile` 61 * Fix JSDoc for `Router` constructor 62 * deps: body-parser@1.18.3 63 - Fix deprecation warnings on Node.js 10+ 64 - Fix stack trace for strict json parse error 65 - deps: depd@~1.1.2 66 - deps: http-errors@~1.6.3 67 - deps: iconv-lite@0.4.23 68 - deps: qs@6.5.2 69 - deps: raw-body@2.3.3 70 - deps: type-is@~1.6.16 71 * deps: proxy-addr@~2.0.4 72 - deps: ipaddr.js@1.8.0 73 * deps: qs@6.5.2 74 * deps: safe-buffer@5.1.2 75 76 4.16.3 / 2018-03-12 77 =================== 78 79 * deps: accepts@~1.3.5 80 - deps: mime-types@~2.1.18 81 * deps: depd@~1.1.2 82 - perf: remove argument reassignment 83 * deps: encodeurl@~1.0.2 84 - Fix encoding `%` as last character 85 * deps: finalhandler@1.1.1 86 - Fix 404 output for bad / missing pathnames 87 - deps: encodeurl@~1.0.2 88 - deps: statuses@~1.4.0 89 * deps: proxy-addr@~2.0.3 90 - deps: ipaddr.js@1.6.0 91 * deps: send@0.16.2 92 - Fix incorrect end tag in default error & redirects 93 - deps: depd@~1.1.2 94 - deps: encodeurl@~1.0.2 95 - deps: statuses@~1.4.0 96 * deps: serve-static@1.13.2 97 - Fix incorrect end tag in redirects 98 - deps: encodeurl@~1.0.2 99 - deps: send@0.16.2 100 * deps: statuses@~1.4.0 101 * deps: type-is@~1.6.16 102 - deps: mime-types@~2.1.18 103 104 4.16.2 / 2017-10-09 105 =================== 106 107 * Fix `TypeError` in `res.send` when given `Buffer` and `ETag` header set 108 * perf: skip parsing of entire `X-Forwarded-Proto` header 109 110 4.16.1 / 2017-09-29 111 =================== 112 113 * deps: send@0.16.1 114 * deps: serve-static@1.13.1 115 - Fix regression when `root` is incorrectly set to a file 116 - deps: send@0.16.1 117 118 4.16.0 / 2017-09-28 119 =================== 120 121 * Add `"json escape"` setting for `res.json` and `res.jsonp` 122 * Add `express.json` and `express.urlencoded` to parse bodies 123 * Add `options` argument to `res.download` 124 * Improve error message when autoloading invalid view engine 125 * Improve error messages when non-function provided as middleware 126 * Skip `Buffer` encoding when not generating ETag for small response 127 * Use `safe-buffer` for improved Buffer API 128 * deps: accepts@~1.3.4 129 - deps: mime-types@~2.1.16 130 * deps: content-type@~1.0.4 131 - perf: remove argument reassignment 132 - perf: skip parameter parsing when no parameters 133 * deps: etag@~1.8.1 134 - perf: replace regular expression with substring 135 * deps: finalhandler@1.1.0 136 - Use `res.headersSent` when available 137 * deps: parseurl@~1.3.2 138 - perf: reduce overhead for full URLs 139 - perf: unroll the "fast-path" `RegExp` 140 * deps: proxy-addr@~2.0.2 141 - Fix trimming leading / trailing OWS in `X-Forwarded-For` 142 - deps: forwarded@~0.1.2 143 - deps: ipaddr.js@1.5.2 144 - perf: reduce overhead when no `X-Forwarded-For` header 145 * deps: qs@6.5.1 146 - Fix parsing & compacting very deep objects 147 * deps: send@0.16.0 148 - Add 70 new types for file extensions 149 - Add `immutable` option 150 - Fix missing `</html>` in default error & redirects 151 - Set charset as "UTF-8" for .js and .json 152 - Use instance methods on steam to check for listeners 153 - deps: mime@1.4.1 154 - perf: improve path validation speed 155 * deps: serve-static@1.13.0 156 - Add 70 new types for file extensions 157 - Add `immutable` option 158 - Set charset as "UTF-8" for .js and .json 159 - deps: send@0.16.0 160 * deps: setprototypeof@1.1.0 161 * deps: utils-merge@1.0.1 162 * deps: vary@~1.1.2 163 - perf: improve header token parsing speed 164 * perf: re-use options object when generating ETags 165 * perf: remove dead `.charset` set in `res.jsonp` 166 167 4.15.5 / 2017-09-24 168 =================== 169 170 * deps: debug@2.6.9 171 * deps: finalhandler@~1.0.6 172 - deps: debug@2.6.9 173 - deps: parseurl@~1.3.2 174 * deps: fresh@0.5.2 175 - Fix handling of modified headers with invalid dates 176 - perf: improve ETag match loop 177 - perf: improve `If-None-Match` token parsing 178 * deps: send@0.15.6 179 - Fix handling of modified headers with invalid dates 180 - deps: debug@2.6.9 181 - deps: etag@~1.8.1 182 - deps: fresh@0.5.2 183 - perf: improve `If-Match` token parsing 184 * deps: serve-static@1.12.6 185 - deps: parseurl@~1.3.2 186 - deps: send@0.15.6 187 - perf: improve slash collapsing 188 189 4.15.4 / 2017-08-06 190 =================== 191 192 * deps: debug@2.6.8 193 * deps: depd@~1.1.1 194 - Remove unnecessary `Buffer` loading 195 * deps: finalhandler@~1.0.4 196 - deps: debug@2.6.8 197 * deps: proxy-addr@~1.1.5 198 - Fix array argument being altered 199 - deps: ipaddr.js@1.4.0 200 * deps: qs@6.5.0 201 * deps: send@0.15.4 202 - deps: debug@2.6.8 203 - deps: depd@~1.1.1 204 - deps: http-errors@~1.6.2 205 * deps: serve-static@1.12.4 206 - deps: send@0.15.4 207 208 4.15.3 / 2017-05-16 209 =================== 210 211 * Fix error when `res.set` cannot add charset to `Content-Type` 212 * deps: debug@2.6.7 213 - Fix `DEBUG_MAX_ARRAY_LENGTH` 214 - deps: ms@2.0.0 215 * deps: finalhandler@~1.0.3 216 - Fix missing `</html>` in HTML document 217 - deps: debug@2.6.7 218 * deps: proxy-addr@~1.1.4 219 - deps: ipaddr.js@1.3.0 220 * deps: send@0.15.3 221 - deps: debug@2.6.7 222 - deps: ms@2.0.0 223 * deps: serve-static@1.12.3 224 - deps: send@0.15.3 225 * deps: type-is@~1.6.15 226 - deps: mime-types@~2.1.15 227 * deps: vary@~1.1.1 228 - perf: hoist regular expression 229 230 4.15.2 / 2017-03-06 231 =================== 232 233 * deps: qs@6.4.0 234 - Fix regression parsing keys starting with `[` 235 236 4.15.1 / 2017-03-05 237 =================== 238 239 * deps: send@0.15.1 240 - Fix issue when `Date.parse` does not return `NaN` on invalid date 241 - Fix strict violation in broken environments 242 * deps: serve-static@1.12.1 243 - Fix issue when `Date.parse` does not return `NaN` on invalid date 244 - deps: send@0.15.1 245 246 4.15.0 / 2017-03-01 247 =================== 248 249 * Add debug message when loading view engine 250 * Add `next("router")` to exit from router 251 * Fix case where `router.use` skipped requests routes did not 252 * Remove usage of `res._headers` private field 253 - Improves compatibility with Node.js 8 nightly 254 * Skip routing when `req.url` is not set 255 * Use `%o` in path debug to tell types apart 256 * Use `Object.create` to setup request & response prototypes 257 * Use `setprototypeof` module to replace `__proto__` setting 258 * Use `statuses` instead of `http` module for status messages 259 * deps: debug@2.6.1 260 - Allow colors in workers 261 - Deprecated `DEBUG_FD` environment variable set to `3` or higher 262 - Fix error when running under React Native 263 - Use same color for same namespace 264 - deps: ms@0.7.2 265 * deps: etag@~1.8.0 266 - Use SHA1 instead of MD5 for ETag hashing 267 - Works with FIPS 140-2 OpenSSL configuration 268 * deps: finalhandler@~1.0.0 269 - Fix exception when `err` cannot be converted to a string 270 - Fully URL-encode the pathname in the 404 271 - Only include the pathname in the 404 message 272 - Send complete HTML document 273 - Set `Content-Security-Policy: default-src 'self'` header 274 - deps: debug@2.6.1 275 * deps: fresh@0.5.0 276 - Fix false detection of `no-cache` request directive 277 - Fix incorrect result when `If-None-Match` has both `*` and ETags 278 - Fix weak `ETag` matching to match spec 279 - perf: delay reading header values until needed 280 - perf: enable strict mode 281 - perf: hoist regular expressions 282 - perf: remove duplicate conditional 283 - perf: remove unnecessary boolean coercions 284 - perf: skip checking modified time if ETag check failed 285 - perf: skip parsing `If-None-Match` when no `ETag` header 286 - perf: use `Date.parse` instead of `new Date` 287 * deps: qs@6.3.1 288 - Fix array parsing from skipping empty values 289 - Fix compacting nested arrays 290 * deps: send@0.15.0 291 - Fix false detection of `no-cache` request directive 292 - Fix incorrect result when `If-None-Match` has both `*` and ETags 293 - Fix weak `ETag` matching to match spec 294 - Remove usage of `res._headers` private field 295 - Support `If-Match` and `If-Unmodified-Since` headers 296 - Use `res.getHeaderNames()` when available 297 - Use `res.headersSent` when available 298 - deps: debug@2.6.1 299 - deps: etag@~1.8.0 300 - deps: fresh@0.5.0 301 - deps: http-errors@~1.6.1 302 * deps: serve-static@1.12.0 303 - Fix false detection of `no-cache` request directive 304 - Fix incorrect result when `If-None-Match` has both `*` and ETags 305 - Fix weak `ETag` matching to match spec 306 - Remove usage of `res._headers` private field 307 - Send complete HTML document in redirect response 308 - Set default CSP header in redirect response 309 - Support `If-Match` and `If-Unmodified-Since` headers 310 - Use `res.getHeaderNames()` when available 311 - Use `res.headersSent` when available 312 - deps: send@0.15.0 313 * perf: add fast match path for `*` route 314 * perf: improve `req.ips` performance 315 316 4.14.1 / 2017-01-28 317 =================== 318 319 * deps: content-disposition@0.5.2 320 * deps: finalhandler@0.5.1 321 - Fix exception when `err.headers` is not an object 322 - deps: statuses@~1.3.1 323 - perf: hoist regular expressions 324 - perf: remove duplicate validation path 325 * deps: proxy-addr@~1.1.3 326 - deps: ipaddr.js@1.2.0 327 * deps: send@0.14.2 328 - deps: http-errors@~1.5.1 329 - deps: ms@0.7.2 330 - deps: statuses@~1.3.1 331 * deps: serve-static@~1.11.2 332 - deps: send@0.14.2 333 * deps: type-is@~1.6.14 334 - deps: mime-types@~2.1.13 335 336 4.14.0 / 2016-06-16 337 =================== 338 339 * Add `acceptRanges` option to `res.sendFile`/`res.sendfile` 340 * Add `cacheControl` option to `res.sendFile`/`res.sendfile` 341 * Add `options` argument to `req.range` 342 - Includes the `combine` option 343 * Encode URL in `res.location`/`res.redirect` if not already encoded 344 * Fix some redirect handling in `res.sendFile`/`res.sendfile` 345 * Fix Windows absolute path check using forward slashes 346 * Improve error with invalid arguments to `req.get()` 347 * Improve performance for `res.json`/`res.jsonp` in most cases 348 * Improve `Range` header handling in `res.sendFile`/`res.sendfile` 349 * deps: accepts@~1.3.3 350 - Fix including type extensions in parameters in `Accept` parsing 351 - Fix parsing `Accept` parameters with quoted equals 352 - Fix parsing `Accept` parameters with quoted semicolons 353 - Many performance improvements 354 - deps: mime-types@~2.1.11 355 - deps: negotiator@0.6.1 356 * deps: content-type@~1.0.2 357 - perf: enable strict mode 358 * deps: cookie@0.3.1 359 - Add `sameSite` option 360 - Fix cookie `Max-Age` to never be a floating point number 361 - Improve error message when `encode` is not a function 362 - Improve error message when `expires` is not a `Date` 363 - Throw better error for invalid argument to parse 364 - Throw on invalid values provided to `serialize` 365 - perf: enable strict mode 366 - perf: hoist regular expression 367 - perf: use for loop in parse 368 - perf: use string concatenation for serialization 369 * deps: finalhandler@0.5.0 370 - Change invalid or non-numeric status code to 500 371 - Overwrite status message to match set status code 372 - Prefer `err.statusCode` if `err.status` is invalid 373 - Set response headers from `err.headers` object 374 - Use `statuses` instead of `http` module for status messages 375 * deps: proxy-addr@~1.1.2 376 - Fix accepting various invalid netmasks 377 - Fix IPv6-mapped IPv4 validation edge cases 378 - IPv4 netmasks must be contiguous 379 - IPv6 addresses cannot be used as a netmask 380 - deps: ipaddr.js@1.1.1 381 * deps: qs@6.2.0 382 - Add `decoder` option in `parse` function 383 * deps: range-parser@~1.2.0 384 - Add `combine` option to combine overlapping ranges 385 - Fix incorrectly returning -1 when there is at least one valid range 386 - perf: remove internal function 387 * deps: send@0.14.1 388 - Add `acceptRanges` option 389 - Add `cacheControl` option 390 - Attempt to combine multiple ranges into single range 391 - Correctly inherit from `Stream` class 392 - Fix `Content-Range` header in 416 responses when using `start`/`end` options 393 - Fix `Content-Range` header missing from default 416 responses 394 - Fix redirect error when `path` contains raw non-URL characters 395 - Fix redirect when `path` starts with multiple forward slashes 396 - Ignore non-byte `Range` headers 397 - deps: http-errors@~1.5.0 398 - deps: range-parser@~1.2.0 399 - deps: statuses@~1.3.0 400 - perf: remove argument reassignment 401 * deps: serve-static@~1.11.1 402 - Add `acceptRanges` option 403 - Add `cacheControl` option 404 - Attempt to combine multiple ranges into single range 405 - Fix redirect error when `req.url` contains raw non-URL characters 406 - Ignore non-byte `Range` headers 407 - Use status code 301 for redirects 408 - deps: send@0.14.1 409 * deps: type-is@~1.6.13 410 - Fix type error when given invalid type to match against 411 - deps: mime-types@~2.1.11 412 * deps: vary@~1.1.0 413 - Only accept valid field names in the `field` argument 414 * perf: use strict equality when possible 415 416 4.13.4 / 2016-01-21 417 =================== 418 419 * deps: content-disposition@0.5.1 420 - perf: enable strict mode 421 * deps: cookie@0.1.5 422 - Throw on invalid values provided to `serialize` 423 * deps: depd@~1.1.0 424 - Support web browser loading 425 - perf: enable strict mode 426 * deps: escape-html@~1.0.3 427 - perf: enable strict mode 428 - perf: optimize string replacement 429 - perf: use faster string coercion 430 * deps: finalhandler@0.4.1 431 - deps: escape-html@~1.0.3 432 * deps: merge-descriptors@1.0.1 433 - perf: enable strict mode 434 * deps: methods@~1.1.2 435 - perf: enable strict mode 436 * deps: parseurl@~1.3.1 437 - perf: enable strict mode 438 * deps: proxy-addr@~1.0.10 439 - deps: ipaddr.js@1.0.5 440 - perf: enable strict mode 441 * deps: range-parser@~1.0.3 442 - perf: enable strict mode 443 * deps: send@0.13.1 444 - deps: depd@~1.1.0 445 - deps: destroy@~1.0.4 446 - deps: escape-html@~1.0.3 447 - deps: range-parser@~1.0.3 448 * deps: serve-static@~1.10.2 449 - deps: escape-html@~1.0.3 450 - deps: parseurl@~1.3.0 451 - deps: send@0.13.1 452 453 4.13.3 / 2015-08-02 454 =================== 455 456 * Fix infinite loop condition using `mergeParams: true` 457 * Fix inner numeric indices incorrectly altering parent `req.params` 458 459 4.13.2 / 2015-07-31 460 =================== 461 462 * deps: accepts@~1.2.12 463 - deps: mime-types@~2.1.4 464 * deps: array-flatten@1.1.1 465 - perf: enable strict mode 466 * deps: path-to-regexp@0.1.7 467 - Fix regression with escaped round brackets and matching groups 468 * deps: type-is@~1.6.6 469 - deps: mime-types@~2.1.4 470 471 4.13.1 / 2015-07-05 472 =================== 473 474 * deps: accepts@~1.2.10 475 - deps: mime-types@~2.1.2 476 * deps: qs@4.0.0 477 - Fix dropping parameters like `hasOwnProperty` 478 - Fix various parsing edge cases 479 * deps: type-is@~1.6.4 480 - deps: mime-types@~2.1.2 481 - perf: enable strict mode 482 - perf: remove argument reassignment 483 484 4.13.0 / 2015-06-20 485 =================== 486 487 * Add settings to debug output 488 * Fix `res.format` error when only `default` provided 489 * Fix issue where `next('route')` in `app.param` would incorrectly skip values 490 * Fix hiding platform issues with `decodeURIComponent` 491 - Only `URIError`s are a 400 492 * Fix using `*` before params in routes 493 * Fix using capture groups before params in routes 494 * Simplify `res.cookie` to call `res.append` 495 * Use `array-flatten` module for flattening arrays 496 * deps: accepts@~1.2.9 497 - deps: mime-types@~2.1.1 498 - perf: avoid argument reassignment & argument slice 499 - perf: avoid negotiator recursive construction 500 - perf: enable strict mode 501 - perf: remove unnecessary bitwise operator 502 * deps: cookie@0.1.3 503 - perf: deduce the scope of try-catch deopt 504 - perf: remove argument reassignments 505 * deps: escape-html@1.0.2 506 * deps: etag@~1.7.0 507 - Always include entity length in ETags for hash length extensions 508 - Generate non-Stats ETags using MD5 only (no longer CRC32) 509 - Improve stat performance by removing hashing 510 - Improve support for JXcore 511 - Remove base64 padding in ETags to shorten 512 - Support "fake" stats objects in environments without fs 513 - Use MD5 instead of MD4 in weak ETags over 1KB 514 * deps: finalhandler@0.4.0 515 - Fix a false-positive when unpiping in Node.js 0.8 516 - Support `statusCode` property on `Error` objects 517 - Use `unpipe` module for unpiping requests 518 - deps: escape-html@1.0.2 519 - deps: on-finished@~2.3.0 520 - perf: enable strict mode 521 - perf: remove argument reassignment 522 * deps: fresh@0.3.0 523 - Add weak `ETag` matching support 524 * deps: on-finished@~2.3.0 525 - Add defined behavior for HTTP `CONNECT` requests 526 - Add defined behavior for HTTP `Upgrade` requests 527 - deps: ee-first@1.1.1 528 * deps: path-to-regexp@0.1.6 529 * deps: send@0.13.0 530 - Allow Node.js HTTP server to set `Date` response header 531 - Fix incorrectly removing `Content-Location` on 304 response 532 - Improve the default redirect response headers 533 - Send appropriate headers on default error response 534 - Use `http-errors` for standard emitted errors 535 - Use `statuses` instead of `http` module for status messages 536 - deps: escape-html@1.0.2 537 - deps: etag@~1.7.0 538 - deps: fresh@0.3.0 539 - deps: on-finished@~2.3.0 540 - perf: enable strict mode 541 - perf: remove unnecessary array allocations 542 * deps: serve-static@~1.10.0 543 - Add `fallthrough` option 544 - Fix reading options from options prototype 545 - Improve the default redirect response headers 546 - Malformed URLs now `next()` instead of 400 547 - deps: escape-html@1.0.2 548 - deps: send@0.13.0 549 - perf: enable strict mode 550 - perf: remove argument reassignment 551 * deps: type-is@~1.6.3 552 - deps: mime-types@~2.1.1 553 - perf: reduce try block size 554 - perf: remove bitwise operations 555 * perf: enable strict mode 556 * perf: isolate `app.render` try block 557 * perf: remove argument reassignments in application 558 * perf: remove argument reassignments in request prototype 559 * perf: remove argument reassignments in response prototype 560 * perf: remove argument reassignments in routing 561 * perf: remove argument reassignments in `View` 562 * perf: skip attempting to decode zero length string 563 * perf: use saved reference to `http.STATUS_CODES` 564 565 4.12.4 / 2015-05-17 566 =================== 567 568 * deps: accepts@~1.2.7 569 - deps: mime-types@~2.0.11 570 - deps: negotiator@0.5.3 571 * deps: debug@~2.2.0 572 - deps: ms@0.7.1 573 * deps: depd@~1.0.1 574 * deps: etag@~1.6.0 575 - Improve support for JXcore 576 - Support "fake" stats objects in environments without `fs` 577 * deps: finalhandler@0.3.6 578 - deps: debug@~2.2.0 579 - deps: on-finished@~2.2.1 580 * deps: on-finished@~2.2.1 581 - Fix `isFinished(req)` when data buffered 582 * deps: proxy-addr@~1.0.8 583 - deps: ipaddr.js@1.0.1 584 * deps: qs@2.4.2 585 - Fix allowing parameters like `constructor` 586 * deps: send@0.12.3 587 - deps: debug@~2.2.0 588 - deps: depd@~1.0.1 589 - deps: etag@~1.6.0 590 - deps: ms@0.7.1 591 - deps: on-finished@~2.2.1 592 * deps: serve-static@~1.9.3 593 - deps: send@0.12.3 594 * deps: type-is@~1.6.2 595 - deps: mime-types@~2.0.11 596 597 4.12.3 / 2015-03-17 598 =================== 599 600 * deps: accepts@~1.2.5 601 - deps: mime-types@~2.0.10 602 * deps: debug@~2.1.3 603 - Fix high intensity foreground color for bold 604 - deps: ms@0.7.0 605 * deps: finalhandler@0.3.4 606 - deps: debug@~2.1.3 607 * deps: proxy-addr@~1.0.7 608 - deps: ipaddr.js@0.1.9 609 * deps: qs@2.4.1 610 - Fix error when parameter `hasOwnProperty` is present 611 * deps: send@0.12.2 612 - Throw errors early for invalid `extensions` or `index` options 613 - deps: debug@~2.1.3 614 * deps: serve-static@~1.9.2 615 - deps: send@0.12.2 616 * deps: type-is@~1.6.1 617 - deps: mime-types@~2.0.10 618 619 4.12.2 / 2015-03-02 620 =================== 621 622 * Fix regression where `"Request aborted"` is logged using `res.sendFile` 623 624 4.12.1 / 2015-03-01 625 =================== 626 627 * Fix constructing application with non-configurable prototype properties 628 * Fix `ECONNRESET` errors from `res.sendFile` usage 629 * Fix `req.host` when using "trust proxy" hops count 630 * Fix `req.protocol`/`req.secure` when using "trust proxy" hops count 631 * Fix wrong `code` on aborted connections from `res.sendFile` 632 * deps: merge-descriptors@1.0.0 633 634 4.12.0 / 2015-02-23 635 =================== 636 637 * Fix `"trust proxy"` setting to inherit when app is mounted 638 * Generate `ETag`s for all request responses 639 - No longer restricted to only responses for `GET` and `HEAD` requests 640 * Use `content-type` to parse `Content-Type` headers 641 * deps: accepts@~1.2.4 642 - Fix preference sorting to be stable for long acceptable lists 643 - deps: mime-types@~2.0.9 644 - deps: negotiator@0.5.1 645 * deps: cookie-signature@1.0.6 646 * deps: send@0.12.1 647 - Always read the stat size from the file 648 - Fix mutating passed-in `options` 649 - deps: mime@1.3.4 650 * deps: serve-static@~1.9.1 651 - deps: send@0.12.1 652 * deps: type-is@~1.6.0 653 - fix argument reassignment 654 - fix false-positives in `hasBody` `Transfer-Encoding` check 655 - support wildcard for both type and subtype (`*/*`) 656 - deps: mime-types@~2.0.9 657 658 4.11.2 / 2015-02-01 659 =================== 660 661 * Fix `res.redirect` double-calling `res.end` for `HEAD` requests 662 * deps: accepts@~1.2.3 663 - deps: mime-types@~2.0.8 664 * deps: proxy-addr@~1.0.6 665 - deps: ipaddr.js@0.1.8 666 * deps: type-is@~1.5.6 667 - deps: mime-types@~2.0.8 668 669 4.11.1 / 2015-01-20 670 =================== 671 672 * deps: send@0.11.1 673 - Fix root path disclosure 674 * deps: serve-static@~1.8.1 675 - Fix redirect loop in Node.js 0.11.14 676 - Fix root path disclosure 677 - deps: send@0.11.1 678 679 4.11.0 / 2015-01-13 680 =================== 681 682 * Add `res.append(field, val)` to append headers 683 * Deprecate leading `:` in `name` for `app.param(name, fn)` 684 * Deprecate `req.param()` -- use `req.params`, `req.body`, or `req.query` instead 685 * Deprecate `app.param(fn)` 686 * Fix `OPTIONS` responses to include the `HEAD` method properly 687 * Fix `res.sendFile` not always detecting aborted connection 688 * Match routes iteratively to prevent stack overflows 689 * deps: accepts@~1.2.2 690 - deps: mime-types@~2.0.7 691 - deps: negotiator@0.5.0 692 * deps: send@0.11.0 693 - deps: debug@~2.1.1 694 - deps: etag@~1.5.1 695 - deps: ms@0.7.0 696 - deps: on-finished@~2.2.0 697 * deps: serve-static@~1.8.0 698 - deps: send@0.11.0 699 700 4.10.8 / 2015-01-13 701 =================== 702 703 * Fix crash from error within `OPTIONS` response handler 704 * deps: proxy-addr@~1.0.5 705 - deps: ipaddr.js@0.1.6 706 707 4.10.7 / 2015-01-04 708 =================== 709 710 * Fix `Allow` header for `OPTIONS` to not contain duplicate methods 711 * Fix incorrect "Request aborted" for `res.sendFile` when `HEAD` or 304 712 * deps: debug@~2.1.1 713 * deps: finalhandler@0.3.3 714 - deps: debug@~2.1.1 715 - deps: on-finished@~2.2.0 716 * deps: methods@~1.1.1 717 * deps: on-finished@~2.2.0 718 * deps: serve-static@~1.7.2 719 - Fix potential open redirect when mounted at root 720 * deps: type-is@~1.5.5 721 - deps: mime-types@~2.0.7 722 723 4.10.6 / 2014-12-12 724 =================== 725 726 * Fix exception in `req.fresh`/`req.stale` without response headers 727 728 4.10.5 / 2014-12-10 729 =================== 730 731 * Fix `res.send` double-calling `res.end` for `HEAD` requests 732 * deps: accepts@~1.1.4 733 - deps: mime-types@~2.0.4 734 * deps: type-is@~1.5.4 735 - deps: mime-types@~2.0.4 736 737 4.10.4 / 2014-11-24 738 =================== 739 740 * Fix `res.sendfile` logging standard write errors 741 742 4.10.3 / 2014-11-23 743 =================== 744 745 * Fix `res.sendFile` logging standard write errors 746 * deps: etag@~1.5.1 747 * deps: proxy-addr@~1.0.4 748 - deps: ipaddr.js@0.1.5 749 * deps: qs@2.3.3 750 - Fix `arrayLimit` behavior 751 752 4.10.2 / 2014-11-09 753 =================== 754 755 * Correctly invoke async router callback asynchronously 756 * deps: accepts@~1.1.3 757 - deps: mime-types@~2.0.3 758 * deps: type-is@~1.5.3 759 - deps: mime-types@~2.0.3 760 761 4.10.1 / 2014-10-28 762 =================== 763 764 * Fix handling of URLs containing `://` in the path 765 * deps: qs@2.3.2 766 - Fix parsing of mixed objects and values 767 768 4.10.0 / 2014-10-23 769 =================== 770 771 * Add support for `app.set('views', array)` 772 - Views are looked up in sequence in array of directories 773 * Fix `res.send(status)` to mention `res.sendStatus(status)` 774 * Fix handling of invalid empty URLs 775 * Use `content-disposition` module for `res.attachment`/`res.download` 776 - Sends standards-compliant `Content-Disposition` header 777 - Full Unicode support 778 * Use `path.resolve` in view lookup 779 * deps: debug@~2.1.0 780 - Implement `DEBUG_FD` env variable support 781 * deps: depd@~1.0.0 782 * deps: etag@~1.5.0 783 - Improve string performance 784 - Slightly improve speed for weak ETags over 1KB 785 * deps: finalhandler@0.3.2 786 - Terminate in progress response only on error 787 - Use `on-finished` to determine request status 788 - deps: debug@~2.1.0 789 - deps: on-finished@~2.1.1 790 * deps: on-finished@~2.1.1 791 - Fix handling of pipelined requests 792 * deps: qs@2.3.0 793 - Fix parsing of mixed implicit and explicit arrays 794 * deps: send@0.10.1 795 - deps: debug@~2.1.0 796 - deps: depd@~1.0.0 797 - deps: etag@~1.5.0 798 - deps: on-finished@~2.1.1 799 * deps: serve-static@~1.7.1 800 - deps: send@0.10.1 801 802 4.9.8 / 2014-10-17 803 ================== 804 805 * Fix `res.redirect` body when redirect status specified 806 * deps: accepts@~1.1.2 807 - Fix error when media type has invalid parameter 808 - deps: negotiator@0.4.9 809 810 4.9.7 / 2014-10-10 811 ================== 812 813 * Fix using same param name in array of paths 814 815 4.9.6 / 2014-10-08 816 ================== 817 818 * deps: accepts@~1.1.1 819 - deps: mime-types@~2.0.2 820 - deps: negotiator@0.4.8 821 * deps: serve-static@~1.6.4 822 - Fix redirect loop when index file serving disabled 823 * deps: type-is@~1.5.2 824 - deps: mime-types@~2.0.2 825 826 4.9.5 / 2014-09-24 827 ================== 828 829 * deps: etag@~1.4.0 830 * deps: proxy-addr@~1.0.3 831 - Use `forwarded` npm module 832 * deps: send@0.9.3 833 - deps: etag@~1.4.0 834 * deps: serve-static@~1.6.3 835 - deps: send@0.9.3 836 837 4.9.4 / 2014-09-19 838 ================== 839 840 * deps: qs@2.2.4 841 - Fix issue with object keys starting with numbers truncated 842 843 4.9.3 / 2014-09-18 844 ================== 845 846 * deps: proxy-addr@~1.0.2 847 - Fix a global leak when multiple subnets are trusted 848 - deps: ipaddr.js@0.1.3 849 850 4.9.2 / 2014-09-17 851 ================== 852 853 * Fix regression for empty string `path` in `app.use` 854 * Fix `router.use` to accept array of middleware without path 855 * Improve error message for bad `app.use` arguments 856 857 4.9.1 / 2014-09-16 858 ================== 859 860 * Fix `app.use` to accept array of middleware without path 861 * deps: depd@0.4.5 862 * deps: etag@~1.3.1 863 * deps: send@0.9.2 864 - deps: depd@0.4.5 865 - deps: etag@~1.3.1 866 - deps: range-parser@~1.0.2 867 * deps: serve-static@~1.6.2 868 - deps: send@0.9.2 869 870 4.9.0 / 2014-09-08 871 ================== 872 873 * Add `res.sendStatus` 874 * Invoke callback for sendfile when client aborts 875 - Applies to `res.sendFile`, `res.sendfile`, and `res.download` 876 - `err` will be populated with request aborted error 877 * Support IP address host in `req.subdomains` 878 * Use `etag` to generate `ETag` headers 879 * deps: accepts@~1.1.0 880 - update `mime-types` 881 * deps: cookie-signature@1.0.5 882 * deps: debug@~2.0.0 883 * deps: finalhandler@0.2.0 884 - Set `X-Content-Type-Options: nosniff` header 885 - deps: debug@~2.0.0 886 * deps: fresh@0.2.4 887 * deps: media-typer@0.3.0 888 - Throw error when parameter format invalid on parse 889 * deps: qs@2.2.3 890 - Fix issue where first empty value in array is discarded 891 * deps: range-parser@~1.0.2 892 * deps: send@0.9.1 893 - Add `lastModified` option 894 - Use `etag` to generate `ETag` header 895 - deps: debug@~2.0.0 896 - deps: fresh@0.2.4 897 * deps: serve-static@~1.6.1 898 - Add `lastModified` option 899 - deps: send@0.9.1 900 * deps: type-is@~1.5.1 901 - fix `hasbody` to be true for `content-length: 0` 902 - deps: media-typer@0.3.0 903 - deps: mime-types@~2.0.1 904 * deps: vary@~1.0.0 905 - Accept valid `Vary` header string as `field` 906 907 4.8.8 / 2014-09-04 908 ================== 909 910 * deps: send@0.8.5 911 - Fix a path traversal issue when using `root` 912 - Fix malicious path detection for empty string path 913 * deps: serve-static@~1.5.4 914 - deps: send@0.8.5 915 916 4.8.7 / 2014-08-29 917 ================== 918 919 * deps: qs@2.2.2 920 - Remove unnecessary cloning 921 922 4.8.6 / 2014-08-27 923 ================== 924 925 * deps: qs@2.2.0 926 - Array parsing fix 927 - Performance improvements 928 929 4.8.5 / 2014-08-18 930 ================== 931 932 * deps: send@0.8.3 933 - deps: destroy@1.0.3 934 - deps: on-finished@2.1.0 935 * deps: serve-static@~1.5.3 936 - deps: send@0.8.3 937 938 4.8.4 / 2014-08-14 939 ================== 940 941 * deps: qs@1.2.2 942 * deps: send@0.8.2 943 - Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` 944 * deps: serve-static@~1.5.2 945 - deps: send@0.8.2 946 947 4.8.3 / 2014-08-10 948 ================== 949 950 * deps: parseurl@~1.3.0 951 * deps: qs@1.2.1 952 * deps: serve-static@~1.5.1 953 - Fix parsing of weird `req.originalUrl` values 954 - deps: parseurl@~1.3.0 955 - deps: utils-merge@1.0.0 956 957 4.8.2 / 2014-08-07 958 ================== 959 960 * deps: qs@1.2.0 961 - Fix parsing array of objects 962 963 4.8.1 / 2014-08-06 964 ================== 965 966 * fix incorrect deprecation warnings on `res.download` 967 * deps: qs@1.1.0 968 - Accept urlencoded square brackets 969 - Accept empty values in implicit array notation 970 971 4.8.0 / 2014-08-05 972 ================== 973 974 * add `res.sendFile` 975 - accepts a file system path instead of a URL 976 - requires an absolute path or `root` option specified 977 * deprecate `res.sendfile` -- use `res.sendFile` instead 978 * support mounted app as any argument to `app.use()` 979 * deps: qs@1.0.2 980 - Complete rewrite 981 - Limits array length to 20 982 - Limits object depth to 5 983 - Limits parameters to 1,000 984 * deps: send@0.8.1 985 - Add `extensions` option 986 * deps: serve-static@~1.5.0 987 - Add `extensions` option 988 - deps: send@0.8.1 989 990 4.7.4 / 2014-08-04 991 ================== 992 993 * fix `res.sendfile` regression for serving directory index files 994 * deps: send@0.7.4 995 - Fix incorrect 403 on Windows and Node.js 0.11 996 - Fix serving index files without root dir 997 * deps: serve-static@~1.4.4 998 - deps: send@0.7.4 999 1000 4.7.3 / 2014-08-04 1001 ================== 1002 1003 * deps: send@0.7.3 1004 - Fix incorrect 403 on Windows and Node.js 0.11 1005 * deps: serve-static@~1.4.3 1006 - Fix incorrect 403 on Windows and Node.js 0.11 1007 - deps: send@0.7.3 1008 1009 4.7.2 / 2014-07-27 1010 ================== 1011 1012 * deps: depd@0.4.4 1013 - Work-around v8 generating empty stack traces 1014 * deps: send@0.7.2 1015 - deps: depd@0.4.4 1016 * deps: serve-static@~1.4.2 1017 1018 4.7.1 / 2014-07-26 1019 ================== 1020 1021 * deps: depd@0.4.3 1022 - Fix exception when global `Error.stackTraceLimit` is too low 1023 * deps: send@0.7.1 1024 - deps: depd@0.4.3 1025 * deps: serve-static@~1.4.1 1026 1027 4.7.0 / 2014-07-25 1028 ================== 1029 1030 * fix `req.protocol` for proxy-direct connections 1031 * configurable query parser with `app.set('query parser', parser)` 1032 - `app.set('query parser', 'extended')` parse with "qs" module 1033 - `app.set('query parser', 'simple')` parse with "querystring" core module 1034 - `app.set('query parser', false)` disable query string parsing 1035 - `app.set('query parser', true)` enable simple parsing 1036 * deprecate `res.json(status, obj)` -- use `res.status(status).json(obj)` instead 1037 * deprecate `res.jsonp(status, obj)` -- use `res.status(status).jsonp(obj)` instead 1038 * deprecate `res.send(status, body)` -- use `res.status(status).send(body)` instead 1039 * deps: debug@1.0.4 1040 * deps: depd@0.4.2 1041 - Add `TRACE_DEPRECATION` environment variable 1042 - Remove non-standard grey color from color output 1043 - Support `--no-deprecation` argument 1044 - Support `--trace-deprecation` argument 1045 * deps: finalhandler@0.1.0 1046 - Respond after request fully read 1047 - deps: debug@1.0.4 1048 * deps: parseurl@~1.2.0 1049 - Cache URLs based on original value 1050 - Remove no-longer-needed URL mis-parse work-around 1051 - Simplify the "fast-path" `RegExp` 1052 * deps: send@0.7.0 1053 - Add `dotfiles` option 1054 - Cap `maxAge` value to 1 year 1055 - deps: debug@1.0.4 1056 - deps: depd@0.4.2 1057 * deps: serve-static@~1.4.0 1058 - deps: parseurl@~1.2.0 1059 - deps: send@0.7.0 1060 * perf: prevent multiple `Buffer` creation in `res.send` 1061 1062 4.6.1 / 2014-07-12 1063 ================== 1064 1065 * fix `subapp.mountpath` regression for `app.use(subapp)` 1066 1067 4.6.0 / 2014-07-11 1068 ================== 1069 1070 * accept multiple callbacks to `app.use()` 1071 * add explicit "Rosetta Flash JSONP abuse" protection 1072 - previous versions are not vulnerable; this is just explicit protection 1073 * catch errors in multiple `req.param(name, fn)` handlers 1074 * deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead 1075 * fix `res.send(status, num)` to send `num` as json (not error) 1076 * remove unnecessary escaping when `res.jsonp` returns JSON response 1077 * support non-string `path` in `app.use(path, fn)` 1078 - supports array of paths 1079 - supports `RegExp` 1080 * router: fix optimization on router exit 1081 * router: refactor location of `try` blocks 1082 * router: speed up standard `app.use(fn)` 1083 * deps: debug@1.0.3 1084 - Add support for multiple wildcards in namespaces 1085 * deps: finalhandler@0.0.3 1086 - deps: debug@1.0.3 1087 * deps: methods@1.1.0 1088 - add `CONNECT` 1089 * deps: parseurl@~1.1.3 1090 - faster parsing of href-only URLs 1091 * deps: path-to-regexp@0.1.3 1092 * deps: send@0.6.0 1093 - deps: debug@1.0.3 1094 * deps: serve-static@~1.3.2 1095 - deps: parseurl@~1.1.3 1096 - deps: send@0.6.0 1097 * perf: fix arguments reassign deopt in some `res` methods 1098 1099 4.5.1 / 2014-07-06 1100 ================== 1101 1102 * fix routing regression when altering `req.method` 1103 1104 4.5.0 / 2014-07-04 1105 ================== 1106 1107 * add deprecation message to non-plural `req.accepts*` 1108 * add deprecation message to `res.send(body, status)` 1109 * add deprecation message to `res.vary()` 1110 * add `headers` option to `res.sendfile` 1111 - use to set headers on successful file transfer 1112 * add `mergeParams` option to `Router` 1113 - merges `req.params` from parent routes 1114 * add `req.hostname` -- correct name for what `req.host` returns 1115 * deprecate things with `depd` module 1116 * deprecate `req.host` -- use `req.hostname` instead 1117 * fix behavior when handling request without routes 1118 * fix handling when `route.all` is only route 1119 * invoke `router.param()` only when route matches 1120 * restore `req.params` after invoking router 1121 * use `finalhandler` for final response handling 1122 * use `media-typer` to alter content-type charset 1123 * deps: accepts@~1.0.7 1124 * deps: send@0.5.0 1125 - Accept string for `maxage` (converted by `ms`) 1126 - Include link in default redirect response 1127 * deps: serve-static@~1.3.0 1128 - Accept string for `maxAge` (converted by `ms`) 1129 - Add `setHeaders` option 1130 - Include HTML link in redirect response 1131 - deps: send@0.5.0 1132 * deps: type-is@~1.3.2 1133 1134 4.4.5 / 2014-06-26 1135 ================== 1136 1137 * deps: cookie-signature@1.0.4 1138 - fix for timing attacks 1139 1140 4.4.4 / 2014-06-20 1141 ================== 1142 1143 * fix `res.attachment` Unicode filenames in Safari 1144 * fix "trim prefix" debug message in `express:router` 1145 * deps: accepts@~1.0.5 1146 * deps: buffer-crc32@0.2.3 1147 1148 4.4.3 / 2014-06-11 1149 ================== 1150 1151 * fix persistence of modified `req.params[name]` from `app.param()` 1152 * deps: accepts@1.0.3 1153 - deps: negotiator@0.4.6 1154 * deps: debug@1.0.2 1155 * deps: send@0.4.3 1156 - Do not throw uncatchable error on file open race condition 1157 - Use `escape-html` for HTML escaping 1158 - deps: debug@1.0.2 1159 - deps: finished@1.2.2 1160 - deps: fresh@0.2.2 1161 * deps: serve-static@1.2.3 1162 - Do not throw uncatchable error on file open race condition 1163 - deps: send@0.4.3 1164 1165 4.4.2 / 2014-06-09 1166 ================== 1167 1168 * fix catching errors from top-level handlers 1169 * use `vary` module for `res.vary` 1170 * deps: debug@1.0.1 1171 * deps: proxy-addr@1.0.1 1172 * deps: send@0.4.2 1173 - fix "event emitter leak" warnings 1174 - deps: debug@1.0.1 1175 - deps: finished@1.2.1 1176 * deps: serve-static@1.2.2 1177 - fix "event emitter leak" warnings 1178 - deps: send@0.4.2 1179 * deps: type-is@1.2.1 1180 1181 4.4.1 / 2014-06-02 1182 ================== 1183 1184 * deps: methods@1.0.1 1185 * deps: send@0.4.1 1186 - Send `max-age` in `Cache-Control` in correct format 1187 * deps: serve-static@1.2.1 1188 - use `escape-html` for escaping 1189 - deps: send@0.4.1 1190 1191 4.4.0 / 2014-05-30 1192 ================== 1193 1194 * custom etag control with `app.set('etag', val)` 1195 - `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation 1196 - `app.set('etag', 'weak')` weak tag 1197 - `app.set('etag', 'strong')` strong etag 1198 - `app.set('etag', false)` turn off 1199 - `app.set('etag', true)` standard etag 1200 * mark `res.send` ETag as weak and reduce collisions 1201 * update accepts to 1.0.2 1202 - Fix interpretation when header not in request 1203 * update send to 0.4.0 1204 - Calculate ETag with md5 for reduced collisions 1205 - Ignore stream errors after request ends 1206 - deps: debug@0.8.1 1207 * update serve-static to 1.2.0 1208 - Calculate ETag with md5 for reduced collisions 1209 - Ignore stream errors after request ends 1210 - deps: send@0.4.0 1211 1212 4.3.2 / 2014-05-28 1213 ================== 1214 1215 * fix handling of errors from `router.param()` callbacks 1216 1217 4.3.1 / 2014-05-23 1218 ================== 1219 1220 * revert "fix behavior of multiple `app.VERB` for the same path" 1221 - this caused a regression in the order of route execution 1222 1223 4.3.0 / 2014-05-21 1224 ================== 1225 1226 * add `req.baseUrl` to access the path stripped from `req.url` in routes 1227 * fix behavior of multiple `app.VERB` for the same path 1228 * fix issue routing requests among sub routers 1229 * invoke `router.param()` only when necessary instead of every match 1230 * proper proxy trust with `app.set('trust proxy', trust)` 1231 - `app.set('trust proxy', 1)` trust first hop 1232 - `app.set('trust proxy', 'loopback')` trust loopback addresses 1233 - `app.set('trust proxy', '10.0.0.1')` trust single IP 1234 - `app.set('trust proxy', '10.0.0.1/16')` trust subnet 1235 - `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list 1236 - `app.set('trust proxy', false)` turn off 1237 - `app.set('trust proxy', true)` trust everything 1238 * set proper `charset` in `Content-Type` for `res.send` 1239 * update type-is to 1.2.0 1240 - support suffix matching 1241 1242 4.2.0 / 2014-05-11 1243 ================== 1244 1245 * deprecate `app.del()` -- use `app.delete()` instead 1246 * deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead 1247 - the edge-case `res.json(status, num)` requires `res.status(status).json(num)` 1248 * deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead 1249 - the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` 1250 * fix `req.next` when inside router instance 1251 * include `ETag` header in `HEAD` requests 1252 * keep previous `Content-Type` for `res.jsonp` 1253 * support PURGE method 1254 - add `app.purge` 1255 - add `router.purge` 1256 - include PURGE in `app.all` 1257 * update debug to 0.8.0 1258 - add `enable()` method 1259 - change from stderr to stdout 1260 * update methods to 1.0.0 1261 - add PURGE 1262 1263 4.1.2 / 2014-05-08 1264 ================== 1265 1266 * fix `req.host` for IPv6 literals 1267 * fix `res.jsonp` error if callback param is object 1268 1269 4.1.1 / 2014-04-27 1270 ================== 1271 1272 * fix package.json to reflect supported node version 1273 1274 4.1.0 / 2014-04-24 1275 ================== 1276 1277 * pass options from `res.sendfile` to `send` 1278 * preserve casing of headers in `res.header` and `res.set` 1279 * support unicode file names in `res.attachment` and `res.download` 1280 * update accepts to 1.0.1 1281 - deps: negotiator@0.4.0 1282 * update cookie to 0.1.2 1283 - Fix for maxAge == 0 1284 - made compat with expires field 1285 * update send to 0.3.0 1286 - Accept API options in options object 1287 - Coerce option types 1288 - Control whether to generate etags 1289 - Default directory access to 403 when index disabled 1290 - Fix sending files with dots without root set 1291 - Include file path in etag 1292 - Make "Can't set headers after they are sent." catchable 1293 - Send full entity-body for multi range requests 1294 - Set etags to "weak" 1295 - Support "If-Range" header 1296 - Support multiple index paths 1297 - deps: mime@1.2.11 1298 * update serve-static to 1.1.0 1299 - Accept options directly to `send` module 1300 - Resolve relative paths at middleware setup 1301 - Use parseurl to parse the URL from request 1302 - deps: send@0.3.0 1303 * update type-is to 1.1.0 1304 - add non-array values support 1305 - add `multipart` as a shorthand 1306 1307 4.0.0 / 2014-04-09 1308 ================== 1309 1310 * remove: 1311 - node 0.8 support 1312 - connect and connect's patches except for charset handling 1313 - express(1) - moved to [express-generator](https://github.com/expressjs/generator) 1314 - `express.createServer()` - it has been deprecated for a long time. Use `express()` 1315 - `app.configure` - use logic in your own app code 1316 - `app.router` - is removed 1317 - `req.auth` - use `basic-auth` instead 1318 - `req.accepted*` - use `req.accepts*()` instead 1319 - `res.location` - relative URL resolution is removed 1320 - `res.charset` - include the charset in the content type when using `res.set()` 1321 - all bundled middleware except `static` 1322 * change: 1323 - `app.route` -> `app.mountpath` when mounting an express app in another express app 1324 - `json spaces` no longer enabled by default in development 1325 - `req.accepts*` -> `req.accepts*s` - i.e. `req.acceptsEncoding` -> `req.acceptsEncodings` 1326 - `req.params` is now an object instead of an array 1327 - `res.locals` is no longer a function. It is a plain js object. Treat it as such. 1328 - `res.headerSent` -> `res.headersSent` to match node.js ServerResponse object 1329 * refactor: 1330 - `req.accepts*` with [accepts](https://github.com/expressjs/accepts) 1331 - `req.is` with [type-is](https://github.com/expressjs/type-is) 1332 - [path-to-regexp](https://github.com/component/path-to-regexp) 1333 * add: 1334 - `app.router()` - returns the app Router instance 1335 - `app.route()` - Proxy to the app's `Router#route()` method to create a new route 1336 - Router & Route - public API 1337 1338 3.21.2 / 2015-07-31 1339 =================== 1340 1341 * deps: connect@2.30.2 1342 - deps: body-parser@~1.13.3 1343 - deps: compression@~1.5.2 1344 - deps: errorhandler@~1.4.2 1345 - deps: method-override@~2.3.5 1346 - deps: serve-index@~1.7.2 1347 - deps: type-is@~1.6.6 1348 - deps: vhost@~3.0.1 1349 * deps: vary@~1.0.1 1350 - Fix setting empty header from empty `field` 1351 - perf: enable strict mode 1352 - perf: remove argument reassignments 1353 1354 3.21.1 / 2015-07-05 1355 =================== 1356 1357 * deps: basic-auth@~1.0.3 1358 * deps: connect@2.30.1 1359 - deps: body-parser@~1.13.2 1360 - deps: compression@~1.5.1 1361 - deps: errorhandler@~1.4.1 1362 - deps: morgan@~1.6.1 1363 - deps: pause@0.1.0 1364 - deps: qs@4.0.0 1365 - deps: serve-index@~1.7.1 1366 - deps: type-is@~1.6.4 1367 1368 3.21.0 / 2015-06-18 1369 =================== 1370 1371 * deps: basic-auth@1.0.2 1372 - perf: enable strict mode 1373 - perf: hoist regular expression 1374 - perf: parse with regular expressions 1375 - perf: remove argument reassignment 1376 * deps: connect@2.30.0 1377 - deps: body-parser@~1.13.1 1378 - deps: bytes@2.1.0 1379 - deps: compression@~1.5.0 1380 - deps: cookie@0.1.3 1381 - deps: cookie-parser@~1.3.5 1382 - deps: csurf@~1.8.3 1383 - deps: errorhandler@~1.4.0 1384 - deps: express-session@~1.11.3 1385 - deps: finalhandler@0.4.0 1386 - deps: fresh@0.3.0 1387 - deps: morgan@~1.6.0 1388 - deps: serve-favicon@~2.3.0 1389 - deps: serve-index@~1.7.0 1390 - deps: serve-static@~1.10.0 1391 - deps: type-is@~1.6.3 1392 * deps: cookie@0.1.3 1393 - perf: deduce the scope of try-catch deopt 1394 - perf: remove argument reassignments 1395 * deps: escape-html@1.0.2 1396 * deps: etag@~1.7.0 1397 - Always include entity length in ETags for hash length extensions 1398 - Generate non-Stats ETags using MD5 only (no longer CRC32) 1399 - Improve stat performance by removing hashing 1400 - Improve support for JXcore 1401 - Remove base64 padding in ETags to shorten 1402 - Support "fake" stats objects in environments without fs 1403 - Use MD5 instead of MD4 in weak ETags over 1KB 1404 * deps: fresh@0.3.0 1405 - Add weak `ETag` matching support 1406 * deps: mkdirp@0.5.1 1407 - Work in global strict mode 1408 * deps: send@0.13.0 1409 - Allow Node.js HTTP server to set `Date` response header 1410 - Fix incorrectly removing `Content-Location` on 304 response 1411 - Improve the default redirect response headers 1412 - Send appropriate headers on default error response 1413 - Use `http-errors` for standard emitted errors 1414 - Use `statuses` instead of `http` module for status messages 1415 - deps: escape-html@1.0.2 1416 - deps: etag@~1.7.0 1417 - deps: fresh@0.3.0 1418 - deps: on-finished@~2.3.0 1419 - perf: enable strict mode 1420 - perf: remove unnecessary array allocations 1421 1422 3.20.3 / 2015-05-17 1423 =================== 1424 1425 * deps: connect@2.29.2 1426 - deps: body-parser@~1.12.4 1427 - deps: compression@~1.4.4 1428 - deps: connect-timeout@~1.6.2 1429 - deps: debug@~2.2.0 1430 - deps: depd@~1.0.1 1431 - deps: errorhandler@~1.3.6 1432 - deps: finalhandler@0.3.6 1433 - deps: method-override@~2.3.3 1434 - deps: morgan@~1.5.3 1435 - deps: qs@2.4.2 1436 - deps: response-time@~2.3.1 1437 - deps: serve-favicon@~2.2.1 1438 - deps: serve-index@~1.6.4 1439 - deps: serve-static@~1.9.3 1440 - deps: type-is@~1.6.2 1441 * deps: debug@~2.2.0 1442 - deps: ms@0.7.1 1443 * deps: depd@~1.0.1 1444 * deps: proxy-addr@~1.0.8 1445 - deps: ipaddr.js@1.0.1 1446 * deps: send@0.12.3 1447 - deps: debug@~2.2.0 1448 - deps: depd@~1.0.1 1449 - deps: etag@~1.6.0 1450 - deps: ms@0.7.1 1451 - deps: on-finished@~2.2.1 1452 1453 3.20.2 / 2015-03-16 1454 =================== 1455 1456 * deps: connect@2.29.1 1457 - deps: body-parser@~1.12.2 1458 - deps: compression@~1.4.3 1459 - deps: connect-timeout@~1.6.1 1460 - deps: debug@~2.1.3 1461 - deps: errorhandler@~1.3.5 1462 - deps: express-session@~1.10.4 1463 - deps: finalhandler@0.3.4 1464 - deps: method-override@~2.3.2 1465 - deps: morgan@~1.5.2 1466 - deps: qs@2.4.1 1467 - deps: serve-index@~1.6.3 1468 - deps: serve-static@~1.9.2 1469 - deps: type-is@~1.6.1 1470 * deps: debug@~2.1.3 1471 - Fix high intensity foreground color for bold 1472 - deps: ms@0.7.0 1473 * deps: merge-descriptors@1.0.0 1474 * deps: proxy-addr@~1.0.7 1475 - deps: ipaddr.js@0.1.9 1476 * deps: send@0.12.2 1477 - Throw errors early for invalid `extensions` or `index` options 1478 - deps: debug@~2.1.3 1479 1480 3.20.1 / 2015-02-28 1481 =================== 1482 1483 * Fix `req.host` when using "trust proxy" hops count 1484 * Fix `req.protocol`/`req.secure` when using "trust proxy" hops count 1485 1486 3.20.0 / 2015-02-18 1487 =================== 1488 1489 * Fix `"trust proxy"` setting to inherit when app is mounted 1490 * Generate `ETag`s for all request responses 1491 - No longer restricted to only responses for `GET` and `HEAD` requests 1492 * Use `content-type` to parse `Content-Type` headers 1493 * deps: connect@2.29.0 1494 - Use `content-type` to parse `Content-Type` headers 1495 - deps: body-parser@~1.12.0 1496 - deps: compression@~1.4.1 1497 - deps: connect-timeout@~1.6.0 1498 - deps: cookie-parser@~1.3.4 1499 - deps: cookie-signature@1.0.6 1500 - deps: csurf@~1.7.0 1501 - deps: errorhandler@~1.3.4 1502 - deps: express-session@~1.10.3 1503 - deps: http-errors@~1.3.1 1504 - deps: response-time@~2.3.0 1505 - deps: serve-index@~1.6.2 1506 - deps: serve-static@~1.9.1 1507 - deps: type-is@~1.6.0 1508 * deps: cookie-signature@1.0.6 1509 * deps: send@0.12.1 1510 - Always read the stat size from the file 1511 - Fix mutating passed-in `options` 1512 - deps: mime@1.3.4 1513 1514 3.19.2 / 2015-02-01 1515 =================== 1516 1517 * deps: connect@2.28.3 1518 - deps: compression@~1.3.1 1519 - deps: csurf@~1.6.6 1520 - deps: errorhandler@~1.3.3 1521 - deps: express-session@~1.10.2 1522 - deps: serve-index@~1.6.1 1523 - deps: type-is@~1.5.6 1524 * deps: proxy-addr@~1.0.6 1525 - deps: ipaddr.js@0.1.8 1526 1527 3.19.1 / 2015-01-20 1528 =================== 1529 1530 * deps: connect@2.28.2 1531 - deps: body-parser@~1.10.2 1532 - deps: serve-static@~1.8.1 1533 * deps: send@0.11.1 1534 - Fix root path disclosure 1535 1536 3.19.0 / 2015-01-09 1537 =================== 1538 1539 * Fix `OPTIONS` responses to include the `HEAD` method property 1540 * Use `readline` for prompt in `express(1)` 1541 * deps: commander@2.6.0 1542 * deps: connect@2.28.1 1543 - deps: body-parser@~1.10.1 1544 - deps: compression@~1.3.0 1545 - deps: connect-timeout@~1.5.0 1546 - deps: csurf@~1.6.4 1547 - deps: debug@~2.1.1 1548 - deps: errorhandler@~1.3.2 1549 - deps: express-session@~1.10.1 1550 - deps: finalhandler@0.3.3 1551 - deps: method-override@~2.3.1 1552 - deps: morgan@~1.5.1 1553 - deps: serve-favicon@~2.2.0 1554 - deps: serve-index@~1.6.0 1555 - deps: serve-static@~1.8.0 1556 - deps: type-is@~1.5.5 1557 * deps: debug@~2.1.1 1558 * deps: methods@~1.1.1 1559 * deps: proxy-addr@~1.0.5 1560 - deps: ipaddr.js@0.1.6 1561 * deps: send@0.11.0 1562 - deps: debug@~2.1.1 1563 - deps: etag@~1.5.1 1564 - deps: ms@0.7.0 1565 - deps: on-finished@~2.2.0 1566 1567 3.18.6 / 2014-12-12 1568 =================== 1569 1570 * Fix exception in `req.fresh`/`req.stale` without response headers 1571 1572 3.18.5 / 2014-12-11 1573 =================== 1574 1575 * deps: connect@2.27.6 1576 - deps: compression@~1.2.2 1577 - deps: express-session@~1.9.3 1578 - deps: http-errors@~1.2.8 1579 - deps: serve-index@~1.5.3 1580 - deps: type-is@~1.5.4 1581 1582 3.18.4 / 2014-11-23 1583 =================== 1584 1585 * deps: connect@2.27.4 1586 - deps: body-parser@~1.9.3 1587 - deps: compression@~1.2.1 1588 - deps: errorhandler@~1.2.3 1589 - deps: express-session@~1.9.2 1590 - deps: qs@2.3.3 1591 - deps: serve-favicon@~2.1.7 1592 - deps: serve-static@~1.5.1 1593 - deps: type-is@~1.5.3 1594 * deps: etag@~1.5.1 1595 * deps: proxy-addr@~1.0.4 1596 - deps: ipaddr.js@0.1.5 1597 1598 3.18.3 / 2014-11-09 1599 =================== 1600 1601 * deps: connect@2.27.3 1602 - Correctly invoke async callback asynchronously 1603 - deps: csurf@~1.6.3 1604 1605 3.18.2 / 2014-10-28 1606 =================== 1607 1608 * deps: connect@2.27.2 1609 - Fix handling of URLs containing `://` in the path 1610 - deps: body-parser@~1.9.2 1611 - deps: qs@2.3.2 1612 1613 3.18.1 / 2014-10-22 1614 =================== 1615 1616 * Fix internal `utils.merge` deprecation warnings 1617 * deps: connect@2.27.1 1618 - deps: body-parser@~1.9.1 1619 - deps: express-session@~1.9.1 1620 - deps: finalhandler@0.3.2 1621 - deps: morgan@~1.4.1 1622 - deps: qs@2.3.0 1623 - deps: serve-static@~1.7.1 1624 * deps: send@0.10.1 1625 - deps: on-finished@~2.1.1 1626 1627 3.18.0 / 2014-10-17 1628 =================== 1629 1630 * Use `content-disposition` module for `res.attachment`/`res.download` 1631 - Sends standards-compliant `Content-Disposition` header 1632 - Full Unicode support 1633 * Use `etag` module to generate `ETag` headers 1634 * deps: connect@2.27.0 1635 - Use `http-errors` module for creating errors 1636 - Use `utils-merge` module for merging objects 1637 - deps: body-parser@~1.9.0 1638 - deps: compression@~1.2.0 1639 - deps: connect-timeout@~1.4.0 1640 - deps: debug@~2.1.0 1641 - deps: depd@~1.0.0 1642 - deps: express-session@~1.9.0 1643 - deps: finalhandler@0.3.1 1644 - deps: method-override@~2.3.0 1645 - deps: morgan@~1.4.0 1646 - deps: response-time@~2.2.0 1647 - deps: serve-favicon@~2.1.6 1648 - deps: serve-index@~1.5.0 1649 - deps: serve-static@~1.7.0 1650 * deps: debug@~2.1.0 1651 - Implement `DEBUG_FD` env variable support 1652 * deps: depd@~1.0.0 1653 * deps: send@0.10.0 1654 - deps: debug@~2.1.0 1655 - deps: depd@~1.0.0 1656 - deps: etag@~1.5.0 1657 1658 3.17.8 / 2014-10-15 1659 =================== 1660 1661 * deps: connect@2.26.6 1662 - deps: compression@~1.1.2 1663 - deps: csurf@~1.6.2 1664 - deps: errorhandler@~1.2.2 1665 1666 3.17.7 / 2014-10-08 1667 =================== 1668 1669 * deps: connect@2.26.5 1670 - Fix accepting non-object arguments to `logger` 1671 - deps: serve-static@~1.6.4 1672 1673 3.17.6 / 2014-10-02 1674 =================== 1675 1676 * deps: connect@2.26.4 1677 - deps: morgan@~1.3.2 1678 - deps: type-is@~1.5.2 1679 1680 3.17.5 / 2014-09-24 1681 =================== 1682 1683 * deps: connect@2.26.3 1684 - deps: body-parser@~1.8.4 1685 - deps: serve-favicon@~2.1.5 1686 - deps: serve-static@~1.6.3 1687 * deps: proxy-addr@~1.0.3 1688 - Use `forwarded` npm module 1689 * deps: send@0.9.3 1690 - deps: etag@~1.4.0 1691 1692 3.17.4 / 2014-09-19 1693 =================== 1694 1695 * deps: connect@2.26.2 1696 - deps: body-parser@~1.8.3 1697 - deps: qs@2.2.4 1698 1699 3.17.3 / 2014-09-18 1700 =================== 1701 1702 * deps: proxy-addr@~1.0.2 1703 - Fix a global leak when multiple subnets are trusted 1704 - deps: ipaddr.js@0.1.3 1705 1706 3.17.2 / 2014-09-15 1707 =================== 1708 1709 * Use `crc` instead of `buffer-crc32` for speed 1710 * deps: connect@2.26.1 1711 - deps: body-parser@~1.8.2 1712 - deps: depd@0.4.5 1713 - deps: express-session@~1.8.2 1714 - deps: morgan@~1.3.1 1715 - deps: serve-favicon@~2.1.3 1716 - deps: serve-static@~1.6.2 1717 * deps: depd@0.4.5 1718 * deps: send@0.9.2 1719 - deps: depd@0.4.5 1720 - deps: etag@~1.3.1 1721 - deps: range-parser@~1.0.2 1722 1723 3.17.1 / 2014-09-08 1724 =================== 1725 1726 * Fix error in `req.subdomains` on empty host 1727 1728 3.17.0 / 2014-09-08 1729 =================== 1730 1731 * Support `X-Forwarded-Host` in `req.subdomains` 1732 * Support IP address host in `req.subdomains` 1733 * deps: connect@2.26.0 1734 - deps: body-parser@~1.8.1 1735 - deps: compression@~1.1.0 1736 - deps: connect-timeout@~1.3.0 1737 - deps: cookie-parser@~1.3.3 1738 - deps: cookie-signature@1.0.5 1739 - deps: csurf@~1.6.1 1740 - deps: debug@~2.0.0 1741 - deps: errorhandler@~1.2.0 1742 - deps: express-session@~1.8.1 1743 - deps: finalhandler@0.2.0 1744 - deps: fresh@0.2.4 1745 - deps: media-typer@0.3.0 1746 - deps: method-override@~2.2.0 1747 - deps: morgan@~1.3.0 1748 - deps: qs@2.2.3 1749 - deps: serve-favicon@~2.1.3 1750 - deps: serve-index@~1.2.1 1751 - deps: serve-static@~1.6.1 1752 - deps: type-is@~1.5.1 1753 - deps: vhost@~3.0.0 1754 * deps: cookie-signature@1.0.5 1755 * deps: debug@~2.0.0 1756 * deps: fresh@0.2.4 1757 * deps: media-typer@0.3.0 1758 - Throw error when parameter format invalid on parse 1759 * deps: range-parser@~1.0.2 1760 * deps: send@0.9.1 1761 - Add `lastModified` option 1762 - Use `etag` to generate `ETag` header 1763 - deps: debug@~2.0.0 1764 - deps: fresh@0.2.4 1765 * deps: vary@~1.0.0 1766 - Accept valid `Vary` header string as `field` 1767 1768 3.16.10 / 2014-09-04 1769 ==================== 1770 1771 * deps: connect@2.25.10 1772 - deps: serve-static@~1.5.4 1773 * deps: send@0.8.5 1774 - Fix a path traversal issue when using `root` 1775 - Fix malicious path detection for empty string path 1776 1777 3.16.9 / 2014-08-29 1778 =================== 1779 1780 * deps: connect@2.25.9 1781 - deps: body-parser@~1.6.7 1782 - deps: qs@2.2.2 1783 1784 3.16.8 / 2014-08-27 1785 =================== 1786 1787 * deps: connect@2.25.8 1788 - deps: body-parser@~1.6.6 1789 - deps: csurf@~1.4.1 1790 - deps: qs@2.2.0 1791 1792 3.16.7 / 2014-08-18 1793 =================== 1794 1795 * deps: connect@2.25.7 1796 - deps: body-parser@~1.6.5 1797 - deps: express-session@~1.7.6 1798 - deps: morgan@~1.2.3 1799 - deps: serve-static@~1.5.3 1800 * deps: send@0.8.3 1801 - deps: destroy@1.0.3 1802 - deps: on-finished@2.1.0 1803 1804 3.16.6 / 2014-08-14 1805 =================== 1806 1807 * deps: connect@2.25.6 1808 - deps: body-parser@~1.6.4 1809 - deps: qs@1.2.2 1810 - deps: serve-static@~1.5.2 1811 * deps: send@0.8.2 1812 - Work around `fd` leak in Node.js 0.10 for `fs.ReadStream` 1813 1814 3.16.5 / 2014-08-11 1815 =================== 1816 1817 * deps: connect@2.25.5 1818 - Fix backwards compatibility in `logger` 1819 1820 3.16.4 / 2014-08-10 1821 =================== 1822 1823 * Fix original URL parsing in `res.location` 1824 * deps: connect@2.25.4 1825 - Fix `query` middleware breaking with argument 1826 - deps: body-parser@~1.6.3 1827 - deps: compression@~1.0.11 1828 - deps: connect-timeout@~1.2.2 1829 - deps: express-session@~1.7.5 1830 - deps: method-override@~2.1.3 1831 - deps: on-headers@~1.0.0 1832 - deps: parseurl@~1.3.0 1833 - deps: qs@1.2.1 1834 - deps: response-time@~2.0.1 1835 - deps: serve-index@~1.1.6 1836 - deps: serve-static@~1.5.1 1837 * deps: parseurl@~1.3.0 1838 1839 3.16.3 / 2014-08-07 1840 =================== 1841 1842 * deps: connect@2.25.3 1843 - deps: multiparty@3.3.2 1844 1845 3.16.2 / 2014-08-07 1846 =================== 1847 1848 * deps: connect@2.25.2 1849 - deps: body-parser@~1.6.2 1850 - deps: qs@1.2.0 1851 1852 3.16.1 / 2014-08-06 1853 =================== 1854 1855 * deps: connect@2.25.1 1856 - deps: body-parser@~1.6.1 1857 - deps: qs@1.1.0 1858 1859 3.16.0 / 2014-08-05 1860 =================== 1861 1862 * deps: connect@2.25.0 1863 - deps: body-parser@~1.6.0 1864 - deps: compression@~1.0.10 1865 - deps: csurf@~1.4.0 1866 - deps: express-session@~1.7.4 1867 - deps: qs@1.0.2 1868 - deps: serve-static@~1.5.0 1869 * deps: send@0.8.1 1870 - Add `extensions` option 1871 1872 3.15.3 / 2014-08-04 1873 =================== 1874 1875 * fix `res.sendfile` regression for serving directory index files 1876 * deps: connect@2.24.3 1877 - deps: serve-index@~1.1.5 1878 - deps: serve-static@~1.4.4 1879 * deps: send@0.7.4 1880 - Fix incorrect 403 on Windows and Node.js 0.11 1881 - Fix serving index files without root dir 1882 1883 3.15.2 / 2014-07-27 1884 =================== 1885 1886 * deps: connect@2.24.2 1887 - deps: body-parser@~1.5.2 1888 - deps: depd@0.4.4 1889 - deps: express-session@~1.7.2 1890 - deps: morgan@~1.2.2 1891 - deps: serve-static@~1.4.2 1892 * deps: depd@0.4.4 1893 - Work-around v8 generating empty stack traces 1894 * deps: send@0.7.2 1895 - deps: depd@0.4.4 1896 1897 3.15.1 / 2014-07-26 1898 =================== 1899 1900 * deps: connect@2.24.1 1901 - deps: body-parser@~1.5.1 1902 - deps: depd@0.4.3 1903 - deps: express-session@~1.7.1 1904 - deps: morgan@~1.2.1 1905 - deps: serve-index@~1.1.4 1906 - deps: serve-static@~1.4.1 1907 * deps: depd@0.4.3 1908 - Fix exception when global `Error.stackTraceLimit` is too low 1909 * deps: send@0.7.1 1910 - deps: depd@0.4.3 1911 1912 3.15.0 / 2014-07-22 1913 =================== 1914 1915 * Fix `req.protocol` for proxy-direct connections 1916 * Pass options from `res.sendfile` to `send` 1917 * deps: connect@2.24.0 1918 - deps: body-parser@~1.5.0 1919 - deps: compression@~1.0.9 1920 - deps: connect-timeout@~1.2.1 1921 - deps: debug@1.0.4 1922 - deps: depd@0.4.2 1923 - deps: express-session@~1.7.0 1924 - deps: finalhandler@0.1.0 1925 - deps: method-override@~2.1.2 1926 - deps: morgan@~1.2.0 1927 - deps: multiparty@3.3.1 1928 - deps: parseurl@~1.2.0 1929 - deps: serve-static@~1.4.0 1930 * deps: debug@1.0.4 1931 * deps: depd@0.4.2 1932 - Add `TRACE_DEPRECATION` environment variable 1933 - Remove non-standard grey color from color output 1934 - Support `--no-deprecation` argument 1935 - Support `--trace-deprecation` argument 1936 * deps: parseurl@~1.2.0 1937 - Cache URLs based on original value 1938 - Remove no-longer-needed URL mis-parse work-around 1939 - Simplify the "fast-path" `RegExp` 1940 * deps: send@0.7.0 1941 - Add `dotfiles` option 1942 - Cap `maxAge` value to 1 year 1943 - deps: debug@1.0.4 1944 - deps: depd@0.4.2 1945 1946 3.14.0 / 2014-07-11 1947 =================== 1948 1949 * add explicit "Rosetta Flash JSONP abuse" protection 1950 - previous versions are not vulnerable; this is just explicit protection 1951 * deprecate `res.redirect(url, status)` -- use `res.redirect(status, url)` instead 1952 * fix `res.send(status, num)` to send `num` as json (not error) 1953 * remove unnecessary escaping when `res.jsonp` returns JSON response 1954 * deps: basic-auth@1.0.0 1955 - support empty password 1956 - support empty username 1957 * deps: connect@2.23.0 1958 - deps: debug@1.0.3 1959 - deps: express-session@~1.6.4 1960 - deps: method-override@~2.1.0 1961 - deps: parseurl@~1.1.3 1962 - deps: serve-static@~1.3.1 1963 * deps: debug@1.0.3 1964 - Add support for multiple wildcards in namespaces 1965 * deps: methods@1.1.0 1966 - add `CONNECT` 1967 * deps: parseurl@~1.1.3 1968 - faster parsing of href-only URLs 1969 1970 3.13.0 / 2014-07-03 1971 =================== 1972 1973 * add deprecation message to `app.configure` 1974 * add deprecation message to `req.auth` 1975 * use `basic-auth` to parse `Authorization` header 1976 * deps: connect@2.22.0 1977 - deps: csurf@~1.3.0 1978 - deps: express-session@~1.6.1 1979 - deps: multiparty@3.3.0 1980 - deps: serve-static@~1.3.0 1981 * deps: send@0.5.0 1982 - Accept string for `maxage` (converted by `ms`) 1983 - Include link in default redirect response 1984 1985 3.12.1 / 2014-06-26 1986 =================== 1987 1988 * deps: connect@2.21.1 1989 - deps: cookie-parser@1.3.2 1990 - deps: cookie-signature@1.0.4 1991 - deps: express-session@~1.5.2 1992 - deps: type-is@~1.3.2 1993 * deps: cookie-signature@1.0.4 1994 - fix for timing attacks 1995 1996 3.12.0 / 2014-06-21 1997 =================== 1998 1999 * use `media-typer` to alter content-type charset 2000 * deps: connect@2.21.0 2001 - deprecate `connect(middleware)` -- use `app.use(middleware)` instead 2002 - deprecate `connect.createServer()` -- use `connect()` instead 2003 - fix `res.setHeader()` patch to work with with get -> append -> set pattern 2004 - deps: compression@~1.0.8 2005 - deps: errorhandler@~1.1.1 2006 - deps: express-session@~1.5.0 2007 - deps: serve-index@~1.1.3 2008 2009 3.11.0 / 2014-06-19 2010 =================== 2011 2012 * deprecate things with `depd` module 2013 * deps: buffer-crc32@0.2.3 2014 * deps: connect@2.20.2 2015 - deprecate `verify` option to `json` -- use `body-parser` npm module instead 2016 - deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead 2017 - deprecate things with `depd` module 2018 - use `finalhandler` for final response handling 2019 - use `media-typer` to parse `content-type` for charset 2020 - deps: body-parser@1.4.3 2021 - deps: connect-timeout@1.1.1 2022 - deps: cookie-parser@1.3.1 2023 - deps: csurf@1.2.2 2024 - deps: errorhandler@1.1.0 2025 - deps: express-session@1.4.0 2026 - deps: multiparty@3.2.9 2027 - deps: serve-index@1.1.2 2028 - deps: type-is@1.3.1 2029 - deps: vhost@2.0.0 2030 2031 3.10.5 / 2014-06-11 2032 =================== 2033 2034 * deps: connect@2.19.6 2035 - deps: body-parser@1.3.1 2036 - deps: compression@1.0.7 2037 - deps: debug@1.0.2 2038 - deps: serve-index@1.1.1 2039 - deps: serve-static@1.2.3 2040 * deps: debug@1.0.2 2041 * deps: send@0.4.3 2042 - Do not throw uncatchable error on file open race condition 2043 - Use `escape-html` for HTML escaping 2044 - deps: debug@1.0.2 2045 - deps: finished@1.2.2 2046 - deps: fresh@0.2.2 2047 2048 3.10.4 / 2014-06-09 2049 =================== 2050 2051 * deps: connect@2.19.5 2052 - fix "event emitter leak" warnings 2053 - deps: csurf@1.2.1 2054 - deps: debug@1.0.1 2055 - deps: serve-static@1.2.2 2056 - deps: type-is@1.2.1 2057 * deps: debug@1.0.1 2058 * deps: send@0.4.2 2059 - fix "event emitter leak" warnings 2060 - deps: finished@1.2.1 2061 - deps: debug@1.0.1 2062 2063 3.10.3 / 2014-06-05 2064 =================== 2065 2066 * use `vary` module for `res.vary` 2067 * deps: connect@2.19.4 2068 - deps: errorhandler@1.0.2 2069 - deps: method-override@2.0.2 2070 - deps: serve-favicon@2.0.1 2071 * deps: debug@1.0.0 2072 2073 3.10.2 / 2014-06-03 2074 =================== 2075 2076 * deps: connect@2.19.3 2077 - deps: compression@1.0.6 2078 2079 3.10.1 / 2014-06-03 2080 =================== 2081 2082 * deps: connect@2.19.2 2083 - deps: compression@1.0.4 2084 * deps: proxy-addr@1.0.1 2085 2086 3.10.0 / 2014-06-02 2087 =================== 2088 2089 * deps: connect@2.19.1 2090 - deprecate `methodOverride()` -- use `method-override` npm module instead 2091 - deps: body-parser@1.3.0 2092 - deps: method-override@2.0.1 2093 - deps: multiparty@3.2.8 2094 - deps: response-time@2.0.0 2095 - deps: serve-static@1.2.1 2096 * deps: methods@1.0.1 2097 * deps: send@0.4.1 2098 - Send `max-age` in `Cache-Control` in correct format 2099 2100 3.9.0 / 2014-05-30 2101 ================== 2102 2103 * custom etag control with `app.set('etag', val)` 2104 - `app.set('etag', function(body, encoding){ return '"etag"' })` custom etag generation 2105 - `app.set('etag', 'weak')` weak tag 2106 - `app.set('etag', 'strong')` strong etag 2107 - `app.set('etag', false)` turn off 2108 - `app.set('etag', true)` standard etag 2109 * Include ETag in HEAD requests 2110 * mark `res.send` ETag as weak and reduce collisions 2111 * update connect to 2.18.0 2112 - deps: compression@1.0.3 2113 - deps: serve-index@1.1.0 2114 - deps: serve-static@1.2.0 2115 * update send to 0.4.0 2116 - Calculate ETag with md5 for reduced collisions 2117 - Ignore stream errors after request ends 2118 - deps: debug@0.8.1 2119 2120 3.8.1 / 2014-05-27 2121 ================== 2122 2123 * update connect to 2.17.3 2124 - deps: body-parser@1.2.2 2125 - deps: express-session@1.2.1 2126 - deps: method-override@1.0.2 2127 2128 3.8.0 / 2014-05-21 2129 ================== 2130 2131 * keep previous `Content-Type` for `res.jsonp` 2132 * set proper `charset` in `Content-Type` for `res.send` 2133 * update connect to 2.17.1 2134 - fix `res.charset` appending charset when `content-type` has one 2135 - deps: express-session@1.2.0 2136 - deps: morgan@1.1.1 2137 - deps: serve-index@1.0.3 2138 2139 3.7.0 / 2014-05-18 2140 ================== 2141 2142 * proper proxy trust with `app.set('trust proxy', trust)` 2143 - `app.set('trust proxy', 1)` trust first hop 2144 - `app.set('trust proxy', 'loopback')` trust loopback addresses 2145 - `app.set('trust proxy', '10.0.0.1')` trust single IP 2146 - `app.set('trust proxy', '10.0.0.1/16')` trust subnet 2147 - `app.set('trust proxy', '10.0.0.1, 10.0.0.2')` trust list 2148 - `app.set('trust proxy', false)` turn off 2149 - `app.set('trust proxy', true)` trust everything 2150 * update connect to 2.16.2 2151 - deprecate `res.headerSent` -- use `res.headersSent` 2152 - deprecate `res.on("header")` -- use on-headers module instead 2153 - fix edge-case in `res.appendHeader` that would append in wrong order 2154 - json: use body-parser 2155 - urlencoded: use body-parser 2156 - dep: bytes@1.0.0 2157 - dep: cookie-parser@1.1.0 2158 - dep: csurf@1.2.0 2159 - dep: express-session@1.1.0 2160 - dep: method-override@1.0.1 2161 2162 3.6.0 / 2014-05-09 2163 ================== 2164 2165 * deprecate `app.del()` -- use `app.delete()` instead 2166 * deprecate `res.json(obj, status)` -- use `res.json(status, obj)` instead 2167 - the edge-case `res.json(status, num)` requires `res.status(status).json(num)` 2168 * deprecate `res.jsonp(obj, status)` -- use `res.jsonp(status, obj)` instead 2169 - the edge-case `res.jsonp(status, num)` requires `res.status(status).jsonp(num)` 2170 * support PURGE method 2171 - add `app.purge` 2172 - add `router.purge` 2173 - include PURGE in `app.all` 2174 * update connect to 2.15.0 2175 * Add `res.appendHeader` 2176 * Call error stack even when response has been sent 2177 * Patch `res.headerSent` to return Boolean 2178 * Patch `res.headersSent` for node.js 0.8 2179 * Prevent default 404 handler after response sent 2180 * dep: compression@1.0.2 2181 * dep: connect-timeout@1.1.0 2182 * dep: debug@^0.8.0 2183 * dep: errorhandler@1.0.1 2184 * dep: express-session@1.0.4 2185 * dep: morgan@1.0.1 2186 * dep: serve-favicon@2.0.0 2187 * dep: serve-index@1.0.2 2188 * update debug to 0.8.0 2189 * add `enable()` method 2190 * change from stderr to stdout 2191 * update methods to 1.0.0 2192 - add PURGE 2193 * update mkdirp to 0.5.0 2194 2195 3.5.3 / 2014-05-08 2196 ================== 2197 2198 * fix `req.host` for IPv6 literals 2199 * fix `res.jsonp` error if callback param is object 2200 2201 3.5.2 / 2014-04-24 2202 ================== 2203 2204 * update connect to 2.14.5 2205 * update cookie to 0.1.2 2206 * update mkdirp to 0.4.0 2207 * update send to 0.3.0 2208 2209 3.5.1 / 2014-03-25 2210 ================== 2211 2212 * pin less-middleware in generated app 2213 2214 3.5.0 / 2014-03-06 2215 ================== 2216 2217 * bump deps 2218 2219 3.4.8 / 2014-01-13 2220 ================== 2221 2222 * prevent incorrect automatic OPTIONS responses #1868 @dpatti 2223 * update binary and examples for jade 1.0 #1876 @yossi, #1877 @reqshark, #1892 @matheusazzi 2224 * throw 400 in case of malformed paths @rlidwka 2225 2226 3.4.7 / 2013-12-10 2227 ================== 2228 2229 * update connect 2230 2231 3.4.6 / 2013-12-01 2232 ================== 2233 2234 * update connect (raw-body) 2235 2236 3.4.5 / 2013-11-27 2237 ================== 2238 2239 * update connect 2240 * res.location: remove leading ./ #1802 @kapouer 2241 * res.redirect: fix `res.redirect('toString') #1829 @michaelficarra 2242 * res.send: always send ETag when content-length > 0 2243 * router: add Router.all() method 2244 2245 3.4.4 / 2013-10-29 2246 ================== 2247 2248 * update connect 2249 * update supertest 2250 * update methods 2251 * express(1): replace bodyParser() with urlencoded() and json() #1795 @chirag04 2252 2253 3.4.3 / 2013-10-23 2254 ================== 2255 2256 * update connect 2257 2258 3.4.2 / 2013-10-18 2259 ================== 2260 2261 * update connect 2262 * downgrade commander 2263 2264 3.4.1 / 2013-10-15 2265 ================== 2266 2267 * update connect 2268 * update commander 2269 * jsonp: check if callback is a function 2270 * router: wrap encodeURIComponent in a try/catch #1735 (@lxe) 2271 * res.format: now includes charset @1747 (@sorribas) 2272 * res.links: allow multiple calls @1746 (@sorribas) 2273 2274 3.4.0 / 2013-09-07 2275 ================== 2276 2277 * add res.vary(). Closes #1682 2278 * update connect 2279 2280 3.3.8 / 2013-09-02 2281 ================== 2282 2283 * update connect 2284 2285 3.3.7 / 2013-08-28 2286 ================== 2287 2288 * update connect 2289 2290 3.3.6 / 2013-08-27 2291 ================== 2292 2293 * Revert "remove charset from json responses. Closes #1631" (causes issues in some clients) 2294 * add: req.accepts take an argument list 2295 2296 3.3.4 / 2013-07-08 2297 ================== 2298 2299 * update send and connect 2300 2301 3.3.3 / 2013-07-04 2302 ================== 2303 2304 * update connect 2305 2306 3.3.2 / 2013-07-03 2307 ================== 2308 2309 * update connect 2310 * update send 2311 * remove .version export 2312 2313 3.3.1 / 2013-06-27 2314 ================== 2315 2316 * update connect 2317 2318 3.3.0 / 2013-06-26 2319 ================== 2320 2321 * update connect 2322 * add support for multiple X-Forwarded-Proto values. Closes #1646 2323 * change: remove charset from json responses. Closes #1631 2324 * change: return actual booleans from req.accept* functions 2325 * fix jsonp callback array throw 2326 2327 3.2.6 / 2013-06-02 2328 ================== 2329 2330 * update connect 2331 2332 3.2.5 / 2013-05-21 2333 ================== 2334 2335 * update connect 2336 * update node-cookie 2337 * add: throw a meaningful error when there is no default engine 2338 * change generation of ETags with res.send() to GET requests only. Closes #1619 2339 2340 3.2.4 / 2013-05-09 2341 ================== 2342 2343 * fix `req.subdomains` when no Host is present 2344 * fix `req.host` when no Host is present, return undefined 2345 2346 3.2.3 / 2013-05-07 2347 ================== 2348 2349 * update connect / qs 2350 2351 3.2.2 / 2013-05-03 2352 ================== 2353 2354 * update qs 2355 2356 3.2.1 / 2013-04-29 2357 ================== 2358 2359 * add app.VERB() paths array deprecation warning 2360 * update connect 2361 * update qs and remove all ~ semver crap 2362 * fix: accept number as value of Signed Cookie 2363 2364 3.2.0 / 2013-04-15 2365 ================== 2366 2367 * add "view" constructor setting to override view behaviour 2368 * add req.acceptsEncoding(name) 2369 * add req.acceptedEncodings 2370 * revert cookie signature change causing session race conditions 2371 * fix sorting of Accept values of the same quality 2372 2373 3.1.2 / 2013-04-12 2374 ================== 2375 2376 * add support for custom Accept parameters 2377 * update cookie-signature 2378 2379 3.1.1 / 2013-04-01 2380 ================== 2381 2382 * add X-Forwarded-Host support to `req.host` 2383 * fix relative redirects 2384 * update mkdirp 2385 * update buffer-crc32 2386 * remove legacy app.configure() method from app template. 2387 2388 3.1.0 / 2013-01-25 2389 ================== 2390 2391 * add support for leading "." in "view engine" setting 2392 * add array support to `res.set()` 2393 * add node 0.8.x to travis.yml 2394 * add "subdomain offset" setting for tweaking `req.subdomains` 2395 * add `res.location(url)` implementing `res.redirect()`-like setting of Location 2396 * use app.get() for x-powered-by setting for inheritance 2397 * fix colons in passwords for `req.auth` 2398 2399 3.0.6 / 2013-01-04 2400 ================== 2401 2402 * add http verb methods to Router 2403 * update connect 2404 * fix mangling of the `res.cookie()` options object 2405 * fix jsonp whitespace escape. Closes #1132 2406 2407 3.0.5 / 2012-12-19 2408 ================== 2409 2410 * add throwing when a non-function is passed to a route 2411 * fix: explicitly remove Transfer-Encoding header from 204 and 304 responses 2412 * revert "add 'etag' option" 2413 2414 3.0.4 / 2012-12-05 2415 ================== 2416 2417 * add 'etag' option to disable `res.send()` Etags 2418 * add escaping of urls in text/plain in `res.redirect()` 2419 for old browsers interpreting as html 2420 * change crc32 module for a more liberal license 2421 * update connect 2422 2423 3.0.3 / 2012-11-13 2424 ================== 2425 2426 * update connect 2427 * update cookie module 2428 * fix cookie max-age 2429 2430 3.0.2 / 2012-11-08 2431 ================== 2432 2433 * add OPTIONS to cors example. Closes #1398 2434 * fix route chaining regression. Closes #1397 2435 2436 3.0.1 / 2012-11-01 2437 ================== 2438 2439 * update connect 2440 2441 3.0.0 / 2012-10-23 2442 ================== 2443 2444 * add `make clean` 2445 * add "Basic" check to req.auth 2446 * add `req.auth` test coverage 2447 * add cb && cb(payload) to `res.jsonp()`. Closes #1374 2448 * add backwards compat for `res.redirect()` status. Closes #1336 2449 * add support for `res.json()` to retain previously defined Content-Types. Closes #1349 2450 * update connect 2451 * change `res.redirect()` to utilize a pathname-relative Location again. Closes #1382 2452 * remove non-primitive string support for `res.send()` 2453 * fix view-locals example. Closes #1370 2454 * fix route-separation example 2455 2456 3.0.0rc5 / 2012-09-18 2457 ================== 2458 2459 * update connect 2460 * add redis search example 2461 * add static-files example 2462 * add "x-powered-by" setting (`app.disable('x-powered-by')`) 2463 * add "application/octet-stream" redirect Accept test case. Closes #1317 2464 2465 3.0.0rc4 / 2012-08-30 2466 ================== 2467 2468 * add `res.jsonp()`. Closes #1307 2469 * add "verbose errors" option to error-pages example 2470 * add another route example to express(1) so people are not so confused 2471 * add redis online user activity tracking example 2472 * update connect dep 2473 * fix etag quoting. Closes #1310 2474 * fix error-pages 404 status 2475 * fix jsonp callback char restrictions 2476 * remove old OPTIONS default response 2477 2478 3.0.0rc3 / 2012-08-13 2479 ================== 2480 2481 * update connect dep 2482 * fix signed cookies to work with `connect.cookieParser()` ("s:" prefix was missing) [tnydwrds] 2483 * fix `res.render()` clobbering of "locals" 2484 2485 3.0.0rc2 / 2012-08-03 2486 ================== 2487 2488 * add CORS example 2489 * update connect dep 2490 * deprecate `.createServer()` & remove old stale examples 2491 * fix: escape `res.redirect()` link 2492 * fix vhost example 2493 2494 3.0.0rc1 / 2012-07-24 2495 ================== 2496 2497 * add more examples to view-locals 2498 * add scheme-relative redirects (`res.redirect("//foo.com")`) support 2499 * update cookie dep 2500 * update connect dep 2501 * update send dep 2502 * fix `express(1)` -h flag, use -H for hogan. Closes #1245 2503 * fix `res.sendfile()` socket error handling regression 2504 2505 3.0.0beta7 / 2012-07-16 2506 ================== 2507 2508 * update connect dep for `send()` root normalization regression 2509 2510 3.0.0beta6 / 2012-07-13 2511 ================== 2512 2513 * add `err.view` property for view errors. Closes #1226 2514 * add "jsonp callback name" setting 2515 * add support for "/foo/:bar*" non-greedy matches 2516 * change `res.sendfile()` to use `send()` module 2517 * change `res.send` to use "response-send" module 2518 * remove `app.locals.use` and `res.locals.use`, use regular middleware 2519 2520 3.0.0beta5 / 2012-07-03 2521 ================== 2522 2523 * add "make check" support 2524 * add route-map example 2525 * add `res.json(obj, status)` support back for BC 2526 * add "methods" dep, remove internal methods module 2527 * update connect dep 2528 * update auth example to utilize cores pbkdf2 2529 * updated tests to use "supertest" 2530 2531 3.0.0beta4 / 2012-06-25 2532 ================== 2533 2534 * Added `req.auth` 2535 * Added `req.range(size)` 2536 * Added `res.links(obj)` 2537 * Added `res.send(body, status)` support back for backwards compat 2538 * Added `.default()` support to `res.format()` 2539 * Added 2xx / 304 check to `req.fresh` 2540 * Revert "Added + support to the router" 2541 * Fixed `res.send()` freshness check, respect res.statusCode 2542 2543 3.0.0beta3 / 2012-06-15 2544 ================== 2545 2546 * Added hogan `--hjs` to express(1) [nullfirm] 2547 * Added another example to content-negotiation 2548 * Added `fresh` dep 2549 * Changed: `res.send()` always checks freshness 2550 * Fixed: expose connects mime module. Closes #1165 2551 2552 3.0.0beta2 / 2012-06-06 2553 ================== 2554 2555 * Added `+` support to the router 2556 * Added `req.host` 2557 * Changed `req.param()` to check route first 2558 * Update connect dep 2559 2560 3.0.0beta1 / 2012-06-01 2561 ================== 2562 2563 * Added `res.format()` callback to override default 406 behaviour 2564 * Fixed `res.redirect()` 406. Closes #1154 2565 2566 3.0.0alpha5 / 2012-05-30 2567 ================== 2568 2569 * Added `req.ip` 2570 * Added `{ signed: true }` option to `res.cookie()` 2571 * Removed `res.signedCookie()` 2572 * Changed: dont reverse `req.ips` 2573 * Fixed "trust proxy" setting check for `req.ips` 2574 2575 3.0.0alpha4 / 2012-05-09 2576 ================== 2577 2578 * Added: allow `[]` in jsonp callback. Closes #1128 2579 * Added `PORT` env var support in generated template. Closes #1118 [benatkin] 2580 * Updated: connect 2.2.2 2581 2582 3.0.0alpha3 / 2012-05-04 2583 ================== 2584 2585 * Added public `app.routes`. Closes #887 2586 * Added _view-locals_ example 2587 * Added _mvc_ example 2588 * Added `res.locals.use()`. Closes #1120 2589 * Added conditional-GET support to `res.send()` 2590 * Added: coerce `res.set()` values to strings 2591 * Changed: moved `static()` in generated apps below router 2592 * Changed: `res.send()` only set ETag when not previously set 2593 * Changed connect 2.2.1 dep 2594 * Changed: `make test` now runs unit / acceptance tests 2595 * Fixed req/res proto inheritance 2596 2597 3.0.0alpha2 / 2012-04-26 2598 ================== 2599 2600 * Added `make benchmark` back 2601 * Added `res.send()` support for `String` objects 2602 * Added client-side data exposing example 2603 * Added `res.header()` and `req.header()` aliases for BC 2604 * Added `express.createServer()` for BC 2605 * Perf: memoize parsed urls 2606 * Perf: connect 2.2.0 dep 2607 * Changed: make `expressInit()` middleware self-aware 2608 * Fixed: use app.get() for all core settings 2609 * Fixed redis session example 2610 * Fixed session example. Closes #1105 2611 * Fixed generated express dep. Closes #1078 2612 2613 3.0.0alpha1 / 2012-04-15 2614 ================== 2615 2616 * Added `app.locals.use(callback)` 2617 * Added `app.locals` object 2618 * Added `app.locals(obj)` 2619 * Added `res.locals` object 2620 * Added `res.locals(obj)` 2621 * Added `res.format()` for content-negotiation 2622 * Added `app.engine()` 2623 * Added `res.cookie()` JSON cookie support 2624 * Added "trust proxy" setting 2625 * Added `req.subdomains` 2626 * Added `req.protocol` 2627 * Added `req.secure` 2628 * Added `req.path` 2629 * Added `req.ips` 2630 * Added `req.fresh` 2631 * Added `req.stale` 2632 * Added comma-delimited / array support for `req.accepts()` 2633 * Added debug instrumentation 2634 * Added `res.set(obj)` 2635 * Added `res.set(field, value)` 2636 * Added `res.get(field)` 2637 * Added `app.get(setting)`. Closes #842 2638 * Added `req.acceptsLanguage()` 2639 * Added `req.acceptsCharset()` 2640 * Added `req.accepted` 2641 * Added `req.acceptedLanguages` 2642 * Added `req.acceptedCharsets` 2643 * Added "json replacer" setting 2644 * Added "json spaces" setting 2645 * Added X-Forwarded-Proto support to `res.redirect()`. Closes #92 2646 * Added `--less` support to express(1) 2647 * Added `express.response` prototype 2648 * Added `express.request` prototype 2649 * Added `express.application` prototype 2650 * Added `app.path()` 2651 * Added `app.render()` 2652 * Added `res.type()` to replace `res.contentType()` 2653 * Changed: `res.redirect()` to add relative support 2654 * Changed: enable "jsonp callback" by default 2655 * Changed: renamed "case sensitive routes" to "case sensitive routing" 2656 * Rewrite of all tests with mocha 2657 * Removed "root" setting 2658 * Removed `res.redirect('home')` support 2659 * Removed `req.notify()` 2660 * Removed `app.register()` 2661 * Removed `app.redirect()` 2662 * Removed `app.is()` 2663 * Removed `app.helpers()` 2664 * Removed `app.dynamicHelpers()` 2665 * Fixed `res.sendfile()` with non-GET. Closes #723 2666 * Fixed express(1) public dir for windows. Closes #866 2667 2668 2.5.9/ 2012-04-02 2669 ================== 2670 2671 * Added support for PURGE request method [pbuyle] 2672 * Fixed `express(1)` generated app `app.address()` before `listening` [mmalecki] 2673 2674 2.5.8 / 2012-02-08 2675 ================== 2676 2677 * Update mkdirp dep. Closes #991 2678 2679 2.5.7 / 2012-02-06 2680 ================== 2681 2682 * Fixed `app.all` duplicate DELETE requests [mscdex] 2683 2684 2.5.6 / 2012-01-13 2685 ================== 2686 2687 * Updated hamljs dev dep. Closes #953 2688 2689 2.5.5 / 2012-01-08 2690 ================== 2691 2692 * Fixed: set `filename` on cached templates [matthewleon] 2693 2694 2.5.4 / 2012-01-02 2695 ================== 2696 2697 * Fixed `express(1)` eol on 0.4.x. Closes #947 2698 2699 2.5.3 / 2011-12-30 2700 ================== 2701 2702 * Fixed `req.is()` when a charset is present 2703 2704 2.5.2 / 2011-12-10 2705 ================== 2706 2707 * Fixed: express(1) LF -> CRLF for windows 2708 2709 2.5.1 / 2011-11-17 2710 ================== 2711 2712 * Changed: updated connect to 1.8.x 2713 * Removed sass.js support from express(1) 2714 2715 2.5.0 / 2011-10-24 2716 ================== 2717 2718 * Added ./routes dir for generated app by default 2719 * Added npm install reminder to express(1) app gen 2720 * Added 0.5.x support 2721 * Removed `make test-cov` since it wont work with node 0.5.x 2722 * Fixed express(1) public dir for windows. Closes #866 2723 2724 2.4.7 / 2011-10-05 2725 ================== 2726 2727 * Added mkdirp to express(1). Closes #795 2728 * Added simple _json-config_ example 2729 * Added shorthand for the parsed request's pathname via `req.path` 2730 * Changed connect dep to 1.7.x to fix npm issue... 2731 * Fixed `res.redirect()` __HEAD__ support. [reported by xerox] 2732 * Fixed `req.flash()`, only escape args 2733 * Fixed absolute path checking on windows. Closes #829 [reported by andrewpmckenzie] 2734 2735 2.4.6 / 2011-08-22 2736 ================== 2737 2738 * Fixed multiple param callback regression. Closes #824 [reported by TroyGoode] 2739 2740 2.4.5 / 2011-08-19 2741 ================== 2742 2743 * Added support for routes to handle errors. Closes #809 2744 * Added `app.routes.all()`. Closes #803 2745 * Added "basepath" setting to work in conjunction with reverse proxies etc. 2746 * Refactored `Route` to use a single array of callbacks 2747 * Added support for multiple callbacks for `app.param()`. Closes #801 2748 Closes #805 2749 * Changed: removed .call(self) for route callbacks 2750 * Dependency: `qs >= 0.3.1` 2751 * Fixed `res.redirect()` on windows due to `join()` usage. Closes #808 2752 2753 2.4.4 / 2011-08-05 2754 ================== 2755 2756 * Fixed `res.header()` intention of a set, even when `undefined` 2757 * Fixed `*`, value no longer required 2758 * Fixed `res.send(204)` support. Closes #771 2759 2760 2.4.3 / 2011-07-14 2761 ================== 2762 2763 * Added docs for `status` option special-case. Closes #739 2764 * Fixed `options.filename`, exposing the view path to template engines 2765 2766 2.4.2. / 2011-07-06 2767 ================== 2768 2769 * Revert "removed jsonp stripping" for XSS 2770 2771 2.4.1 / 2011-07-06 2772 ================== 2773 2774 * Added `res.json()` JSONP support. Closes #737 2775 * Added _extending-templates_ example. Closes #730 2776 * Added "strict routing" setting for trailing slashes 2777 * Added support for multiple envs in `app.configure()` calls. Closes #735 2778 * Changed: `res.send()` using `res.json()` 2779 * Changed: when cookie `path === null` don't default it 2780 * Changed; default cookie path to "home" setting. Closes #731 2781 * Removed _pids/logs_ creation from express(1) 2782 2783 2.4.0 / 2011-06-28 2784 ================== 2785 2786 * Added chainable `res.status(code)` 2787 * Added `res.json()`, an explicit version of `res.send(obj)` 2788 * Added simple web-service example 2789 2790 2.3.12 / 2011-06-22 2791 ================== 2792 2793 * \#express is now on freenode! come join! 2794 * Added `req.get(field, param)` 2795 * Added links to Japanese documentation, thanks @hideyukisaito! 2796 * Added; the `express(1)` generated app outputs the env 2797 * Added `content-negotiation` example 2798 * Dependency: connect >= 1.5.1 < 2.0.0 2799 * Fixed view layout bug. Closes #720 2800 * Fixed; ignore body on 304. Closes #701 2801 2802 2.3.11 / 2011-06-04 2803 ================== 2804 2805 * Added `npm test` 2806 * Removed generation of dummy test file from `express(1)` 2807 * Fixed; `express(1)` adds express as a dep 2808 * Fixed; prune on `prepublish` 2809 2810 2.3.10 / 2011-05-27 2811 ================== 2812 2813 * Added `req.route`, exposing the current route 2814 * Added _package.json_ generation support to `express(1)` 2815 * Fixed call to `app.param()` function for optional params. Closes #682 2816 2817 2.3.9 / 2011-05-25 2818 ================== 2819 2820 * Fixed bug-ish with `../' in `res.partial()` calls 2821 2822 2.3.8 / 2011-05-24 2823 ================== 2824 2825 * Fixed `app.options()` 2826 2827 2.3.7 / 2011-05-23 2828 ================== 2829 2830 * Added route `Collection`, ex: `app.get('/user/:id').remove();` 2831 * Added support for `app.param(fn)` to define param logic 2832 * Removed `app.param()` support for callback with return value 2833 * Removed module.parent check from express(1) generated app. Closes #670 2834 * Refactored router. Closes #639 2835 2836 2.3.6 / 2011-05-20 2837 ================== 2838 2839 * Changed; using devDependencies instead of git submodules 2840 * Fixed redis session example 2841 * Fixed markdown example 2842 * Fixed view caching, should not be enabled in development 2843 2844 2.3.5 / 2011-05-20 2845 ================== 2846 2847 * Added export `.view` as alias for `.View` 2848 2849 2.3.4 / 2011-05-08 2850 ================== 2851 2852 * Added `./examples/say` 2853 * Fixed `res.sendfile()` bug preventing the transfer of files with spaces 2854 2855 2.3.3 / 2011-05-03 2856 ================== 2857 2858 * Added "case sensitive routes" option. 2859 * Changed; split methods supported per rfc [slaskis] 2860 * Fixed route-specific middleware when using the same callback function several times 2861 2862 2.3.2 / 2011-04-27 2863 ================== 2864 2865 * Fixed view hints 2866 2867 2.3.1 / 2011-04-26 2868 ================== 2869 2870 * Added `app.match()` as `app.match.all()` 2871 * Added `app.lookup()` as `app.lookup.all()` 2872 * Added `app.remove()` for `app.remove.all()` 2873 * Added `app.remove.VERB()` 2874 * Fixed template caching collision issue. Closes #644 2875 * Moved router over from connect and started refactor 2876 2877 2.3.0 / 2011-04-25 2878 ================== 2879 2880 * Added options support to `res.clearCookie()` 2881 * Added `res.helpers()` as alias of `res.locals()` 2882 * Added; json defaults to UTF-8 with `res.send()`. Closes #632. [Daniel * Dependency `connect >= 1.4.0` 2883 * Changed; auto set Content-Type in res.attachement [Aaron Heckmann] 2884 * Renamed "cache views" to "view cache". Closes #628 2885 * Fixed caching of views when using several apps. Closes #637 2886 * Fixed gotcha invoking `app.param()` callbacks once per route middleware. 2887 Closes #638 2888 * Fixed partial lookup precedence. Closes #631 2889 Shaw] 2890 2891 2.2.2 / 2011-04-12 2892 ================== 2893 2894 * Added second callback support for `res.download()` connection errors 2895 * Fixed `filename` option passing to template engine 2896 2897 2.2.1 / 2011-04-04 2898 ================== 2899 2900 * Added `layout(path)` helper to change the layout within a view. Closes #610 2901 * Fixed `partial()` collection object support. 2902 Previously only anything with `.length` would work. 2903 When `.length` is present one must still be aware of holes, 2904 however now `{ collection: {foo: 'bar'}}` is valid, exposes 2905 `keyInCollection` and `keysInCollection`. 2906 2907 * Performance improved with better view caching 2908 * Removed `request` and `response` locals 2909 * Changed; errorHandler page title is now `Express` instead of `Connect` 2910 2911 2.2.0 / 2011-03-30 2912 ================== 2913 2914 * Added `app.lookup.VERB()`, ex `app.lookup.put('/user/:id')`. Closes #606 2915 * Added `app.match.VERB()`, ex `app.match.put('/user/12')`. Closes #606 2916 * Added `app.VERB(path)` as alias of `app.lookup.VERB()`. 2917 * Dependency `connect >= 1.2.0` 2918 2919 2.1.1 / 2011-03-29 2920 ================== 2921 2922 * Added; expose `err.view` object when failing to locate a view 2923 * Fixed `res.partial()` call `next(err)` when no callback is given [reported by aheckmann] 2924 * Fixed; `res.send(undefined)` responds with 204 [aheckmann] 2925 2926 2.1.0 / 2011-03-24 2927 ================== 2928 2929 * Added `<root>/_?<name>` partial lookup support. Closes #447 2930 * Added `request`, `response`, and `app` local variables 2931 * Added `settings` local variable, containing the app's settings 2932 * Added `req.flash()` exception if `req.session` is not available 2933 * Added `res.send(bool)` support (json response) 2934 * Fixed stylus example for latest version 2935 * Fixed; wrap try/catch around `res.render()` 2936 2937 2.0.0 / 2011-03-17 2938 ================== 2939 2940 * Fixed up index view path alternative. 2941 * Changed; `res.locals()` without object returns the locals 2942 2943 2.0.0rc3 / 2011-03-17 2944 ================== 2945 2946 * Added `res.locals(obj)` to compliment `res.local(key, val)` 2947 * Added `res.partial()` callback support 2948 * Fixed recursive error reporting issue in `res.render()` 2949 2950 2.0.0rc2 / 2011-03-17 2951 ================== 2952 2953 * Changed; `partial()` "locals" are now optional 2954 * Fixed `SlowBuffer` support. Closes #584 [reported by tyrda01] 2955 * Fixed .filename view engine option [reported by drudge] 2956 * Fixed blog example 2957 * Fixed `{req,res}.app` reference when mounting [Ben Weaver] 2958 2959 2.0.0rc / 2011-03-14 2960 ================== 2961 2962 * Fixed; expose `HTTPSServer` constructor 2963 * Fixed express(1) default test charset. Closes #579 [reported by secoif] 2964 * Fixed; default charset to utf-8 instead of utf8 for lame IE [reported by NickP] 2965 2966 2.0.0beta3 / 2011-03-09 2967 ================== 2968 2969 * Added support for `res.contentType()` literal 2970 The original `res.contentType('.json')`, 2971 `res.contentType('application/json')`, and `res.contentType('json')` 2972 will work now. 2973 * Added `res.render()` status option support back 2974 * Added charset option for `res.render()` 2975 * Added `.charset` support (via connect 1.0.4) 2976 * Added view resolution hints when in development and a lookup fails 2977 * Added layout lookup support relative to the page view. 2978 For example while rendering `./views/user/index.jade` if you create 2979 `./views/user/layout.jade` it will be used in favour of the root layout. 2980 * Fixed `res.redirect()`. RFC states absolute url [reported by unlink] 2981 * Fixed; default `res.send()` string charset to utf8 2982 * Removed `Partial` constructor (not currently used) 2983 2984 2.0.0beta2 / 2011-03-07 2985 ================== 2986 2987 * Added res.render() `.locals` support back to aid in migration process 2988 * Fixed flash example 2989 2990 2.0.0beta / 2011-03-03 2991 ================== 2992 2993 * Added HTTPS support 2994 * Added `res.cookie()` maxAge support 2995 * Added `req.header()` _Referrer_ / _Referer_ special-case, either works 2996 * Added mount support for `res.redirect()`, now respects the mount-point 2997 * Added `union()` util, taking place of `merge(clone())` combo 2998 * Added stylus support to express(1) generated app 2999 * Added secret to session middleware used in examples and generated app 3000 * Added `res.local(name, val)` for progressive view locals 3001 * Added default param support to `req.param(name, default)` 3002 * Added `app.disabled()` and `app.enabled()` 3003 * Added `app.register()` support for omitting leading ".", either works 3004 * Added `res.partial()`, using the same interface as `partial()` within a view. Closes #539 3005 * Added `app.param()` to map route params to async/sync logic 3006 * Added; aliased `app.helpers()` as `app.locals()`. Closes #481 3007 * Added extname with no leading "." support to `res.contentType()` 3008 * Added `cache views` setting, defaulting to enabled in "production" env 3009 * Added index file partial resolution, eg: partial('user') may try _views/user/index.jade_. 3010 * Added `req.accepts()` support for extensions 3011 * Changed; `res.download()` and `res.sendfile()` now utilize Connect's 3012 static file server `connect.static.send()`. 3013 * Changed; replaced `connect.utils.mime()` with npm _mime_ module 3014 * Changed; allow `req.query` to be pre-defined (via middleware or other parent 3015 * Changed view partial resolution, now relative to parent view 3016 * Changed view engine signature. no longer `engine.render(str, options, callback)`, now `engine.compile(str, options) -> Function`, the returned function accepts `fn(locals)`. 3017 * Fixed `req.param()` bug returning Array.prototype methods. Closes #552 3018 * Fixed; using `Stream#pipe()` instead of `sys.pump()` in `res.sendfile()` 3019 * Fixed; using _qs_ module instead of _querystring_ 3020 * Fixed; strip unsafe chars from jsonp callbacks 3021 * Removed "stream threshold" setting 3022 3023 1.0.8 / 2011-03-01 3024 ================== 3025 3026 * Allow `req.query` to be pre-defined (via middleware or other parent app) 3027 * "connect": ">= 0.5.0 < 1.0.0". Closes #547 3028 * Removed the long deprecated __EXPRESS_ENV__ support 3029 3030 1.0.7 / 2011-02-07 3031 ================== 3032 3033 * Fixed `render()` setting inheritance. 3034 Mounted apps would not inherit "view engine" 3035 3036 1.0.6 / 2011-02-07 3037 ================== 3038 3039 * Fixed `view engine` setting bug when period is in dirname 3040 3041 1.0.5 / 2011-02-05 3042 ================== 3043 3044 * Added secret to generated app `session()` call 3045 3046 1.0.4 / 2011-02-05 3047 ================== 3048 3049 * Added `qs` dependency to _package.json_ 3050 * Fixed namespaced `require()`s for latest connect support 3051 3052 1.0.3 / 2011-01-13 3053 ================== 3054 3055 * Remove unsafe characters from JSONP callback names [Ryan Grove] 3056 3057 1.0.2 / 2011-01-10 3058 ================== 3059 3060 * Removed nested require, using `connect.router` 3061 3062 1.0.1 / 2010-12-29 3063 ================== 3064 3065 * Fixed for middleware stacked via `createServer()` 3066 previously the `foo` middleware passed to `createServer(foo)` 3067 would not have access to Express methods such as `res.send()` 3068 or props like `req.query` etc. 3069 3070 1.0.0 / 2010-11-16 3071 ================== 3072 3073 * Added; deduce partial object names from the last segment. 3074 For example by default `partial('forum/post', postObject)` will 3075 give you the _post_ object, providing a meaningful default. 3076 * Added http status code string representation to `res.redirect()` body 3077 * Added; `res.redirect()` supporting _text/plain_ and _text/html_ via __Accept__. 3078 * Added `req.is()` to aid in content negotiation 3079 * Added partial local inheritance [suggested by masylum]. Closes #102 3080 providing access to parent template locals. 3081 * Added _-s, --session[s]_ flag to express(1) to add session related middleware 3082 * Added _--template_ flag to express(1) to specify the 3083 template engine to use. 3084 * Added _--css_ flag to express(1) to specify the 3085 stylesheet engine to use (or just plain css by default). 3086 * Added `app.all()` support [thanks aheckmann] 3087 * Added partial direct object support. 3088 You may now `partial('user', user)` providing the "user" local, 3089 vs previously `partial('user', { object: user })`. 3090 * Added _route-separation_ example since many people question ways 3091 to do this with CommonJS modules. Also view the _blog_ example for 3092 an alternative. 3093 * Performance; caching view path derived partial object names 3094 * Fixed partial local inheritance precedence. [reported by Nick Poulden] Closes #454 3095 * Fixed jsonp support; _text/javascript_ as per mailinglist discussion 3096 3097 1.0.0rc4 / 2010-10-14 3098 ================== 3099 3100 * Added _NODE_ENV_ support, _EXPRESS_ENV_ is deprecated and will be removed in 1.0.0 3101 * Added route-middleware support (very helpful, see the [docs](http://expressjs.com/guide.html#Route-Middleware)) 3102 * Added _jsonp callback_ setting to enable/disable jsonp autowrapping [Dav Glass] 3103 * Added callback query check on response.send to autowrap JSON objects for simple webservice implementations [Dav Glass] 3104 * Added `partial()` support for array-like collections. Closes #434 3105 * Added support for swappable querystring parsers 3106 * Added session usage docs. Closes #443 3107 * Added dynamic helper caching. Closes #439 [suggested by maritz] 3108 * Added authentication example 3109 * Added basic Range support to `res.sendfile()` (and `res.download()` etc) 3110 * Changed; `express(1)` generated app using 2 spaces instead of 4 3111 * Default env to "development" again [aheckmann] 3112 * Removed _context_ option is no more, use "scope" 3113 * Fixed; exposing _./support_ libs to examples so they can run without installs 3114 * Fixed mvc example 3115 3116 1.0.0rc3 / 2010-09-20 3117 ================== 3118 3119 * Added confirmation for `express(1)` app generation. Closes #391 3120 * Added extending of flash formatters via `app.flashFormatters` 3121 * Added flash formatter support. Closes #411 3122 * Added streaming support to `res.sendfile()` using `sys.pump()` when >= "stream threshold" 3123 * Added _stream threshold_ setting for `res.sendfile()` 3124 * Added `res.send()` __HEAD__ support 3125 * Added `res.clearCookie()` 3126 * Added `res.cookie()` 3127 * Added `res.render()` headers option 3128 * Added `res.redirect()` response bodies 3129 * Added `res.render()` status option support. Closes #425 [thanks aheckmann] 3130 * Fixed `res.sendfile()` responding with 403 on malicious path 3131 * Fixed `res.download()` bug; when an error occurs remove _Content-Disposition_ 3132 * Fixed; mounted apps settings now inherit from parent app [aheckmann] 3133 * Fixed; stripping Content-Length / Content-Type when 204 3134 * Fixed `res.send()` 204. Closes #419 3135 * Fixed multiple _Set-Cookie_ headers via `res.header()`. Closes #402 3136 * Fixed bug messing with error handlers when `listenFD()` is called instead of `listen()`. [thanks guillermo] 3137 3138 3139 1.0.0rc2 / 2010-08-17 3140 ================== 3141 3142 * Added `app.register()` for template engine mapping. Closes #390 3143 * Added `res.render()` callback support as second argument (no options) 3144 * Added callback support to `res.download()` 3145 * Added callback support for `res.sendfile()` 3146 * Added support for middleware access via `express.middlewareName()` vs `connect.middlewareName()` 3147 * Added "partials" setting to docs 3148 * Added default expresso tests to `express(1)` generated app. Closes #384 3149 * Fixed `res.sendfile()` error handling, defer via `next()` 3150 * Fixed `res.render()` callback when a layout is used [thanks guillermo] 3151 * Fixed; `make install` creating ~/.node_libraries when not present 3152 * Fixed issue preventing error handlers from being defined anywhere. Closes #387 3153 3154 1.0.0rc / 2010-07-28 3155 ================== 3156 3157 * Added mounted hook. Closes #369 3158 * Added connect dependency to _package.json_ 3159 3160 * Removed "reload views" setting and support code 3161 development env never caches, production always caches. 3162 3163 * Removed _param_ in route callbacks, signature is now 3164 simply (req, res, next), previously (req, res, params, next). 3165 Use _req.params_ for path captures, _req.query_ for GET params. 3166 3167 * Fixed "home" setting 3168 * Fixed middleware/router precedence issue. Closes #366 3169 * Fixed; _configure()_ callbacks called immediately. Closes #368 3170 3171 1.0.0beta2 / 2010-07-23 3172 ================== 3173 3174 * Added more examples 3175 * Added; exporting `Server` constructor 3176 * Added `Server#helpers()` for view locals 3177 * Added `Server#dynamicHelpers()` for dynamic view locals. Closes #349 3178 * Added support for absolute view paths 3179 * Added; _home_ setting defaults to `Server#route` for mounted apps. Closes #363 3180 * Added Guillermo Rauch to the contributor list 3181 * Added support for "as" for non-collection partials. Closes #341 3182 * Fixed _install.sh_, ensuring _~/.node_libraries_ exists. Closes #362 [thanks jf] 3183 * Fixed `res.render()` exceptions, now passed to `next()` when no callback is given [thanks guillermo] 3184 * Fixed instanceof `Array` checks, now `Array.isArray()` 3185 * Fixed express(1) expansion of public dirs. Closes #348 3186 * Fixed middleware precedence. Closes #345 3187 * Fixed view watcher, now async [thanks aheckmann] 3188 3189 1.0.0beta / 2010-07-15 3190 ================== 3191 3192 * Re-write 3193 - much faster 3194 - much lighter 3195 - Check [ExpressJS.com](http://expressjs.com) for migration guide and updated docs 3196 3197 0.14.0 / 2010-06-15 3198 ================== 3199 3200 * Utilize relative requires 3201 * Added Static bufferSize option [aheckmann] 3202 * Fixed caching of view and partial subdirectories [aheckmann] 3203 * Fixed mime.type() comments now that ".ext" is not supported 3204 * Updated haml submodule 3205 * Updated class submodule 3206 * Removed bin/express 3207 3208 0.13.0 / 2010-06-01 3209 ================== 3210 3211 * Added node v0.1.97 compatibility 3212 * Added support for deleting cookies via Request#cookie('key', null) 3213 * Updated haml submodule 3214 * Fixed not-found page, now using using charset utf-8 3215 * Fixed show-exceptions page, now using using charset utf-8 3216 * Fixed view support due to fs.readFile Buffers 3217 * Changed; mime.type() no longer accepts ".type" due to node extname() changes 3218 3219 0.12.0 / 2010-05-22 3220 ================== 3221 3222 * Added node v0.1.96 compatibility 3223 * Added view `helpers` export which act as additional local variables 3224 * Updated haml submodule 3225 * Changed ETag; removed inode, modified time only 3226 * Fixed LF to CRLF for setting multiple cookies 3227 * Fixed cookie compilation; values are now urlencoded 3228 * Fixed cookies parsing; accepts quoted values and url escaped cookies 3229 3230 0.11.0 / 2010-05-06 3231 ================== 3232 3233 * Added support for layouts using different engines 3234 - this.render('page.html.haml', { layout: 'super-cool-layout.html.ejs' }) 3235 - this.render('page.html.haml', { layout: 'foo' }) // assumes 'foo.html.haml' 3236 - this.render('page.html.haml', { layout: false }) // no layout 3237 * Updated ext submodule 3238 * Updated haml submodule 3239 * Fixed EJS partial support by passing along the context. Issue #307 3240 3241 0.10.1 / 2010-05-03 3242 ================== 3243 3244 * Fixed binary uploads. 3245 3246 0.10.0 / 2010-04-30 3247 ================== 3248 3249 * Added charset support via Request#charset (automatically assigned to 'UTF-8' when respond()'s 3250 encoding is set to 'utf8' or 'utf-8'. 3251 * Added "encoding" option to Request#render(). Closes #299 3252 * Added "dump exceptions" setting, which is enabled by default. 3253 * Added simple ejs template engine support 3254 * Added error response support for text/plain, application/json. Closes #297 3255 * Added callback function param to Request#error() 3256 * Added Request#sendHead() 3257 * Added Request#stream() 3258 * Added support for Request#respond(304, null) for empty response bodies 3259 * Added ETag support to Request#sendfile() 3260 * Added options to Request#sendfile(), passed to fs.createReadStream() 3261 * Added filename arg to Request#download() 3262 * Performance enhanced due to pre-reversing plugins so that plugins.reverse() is not called on each request 3263 * Performance enhanced by preventing several calls to toLowerCase() in Router#match() 3264 * Changed; Request#sendfile() now streams 3265 * Changed; Renamed Request#halt() to Request#respond(). Closes #289 3266 * Changed; Using sys.inspect() instead of JSON.encode() for error output 3267 * Changed; run() returns the http.Server instance. Closes #298 3268 * Changed; Defaulting Server#host to null (INADDR_ANY) 3269 * Changed; Logger "common" format scale of 0.4f 3270 * Removed Logger "request" format 3271 * Fixed; Catching ENOENT in view caching, preventing error when "views/partials" is not found 3272 * Fixed several issues with http client 3273 * Fixed Logger Content-Length output 3274 * Fixed bug preventing Opera from retaining the generated session id. Closes #292 3275 3276 0.9.0 / 2010-04-14 3277 ================== 3278 3279 * Added DSL level error() route support 3280 * Added DSL level notFound() route support 3281 * Added Request#error() 3282 * Added Request#notFound() 3283 * Added Request#render() callback function. Closes #258 3284 * Added "max upload size" setting 3285 * Added "magic" variables to collection partials (\_\_index\_\_, \_\_length\_\_, \_\_isFirst\_\_, \_\_isLast\_\_). Closes #254 3286 * Added [haml.js](http://github.com/visionmedia/haml.js) submodule; removed haml-js 3287 * Added callback function support to Request#halt() as 3rd/4th arg 3288 * Added preprocessing of route param wildcards using param(). Closes #251 3289 * Added view partial support (with collections etc) 3290 * Fixed bug preventing falsey params (such as ?page=0). Closes #286 3291 * Fixed setting of multiple cookies. Closes #199 3292 * Changed; view naming convention is now NAME.TYPE.ENGINE (for example page.html.haml) 3293 * Changed; session cookie is now httpOnly 3294 * Changed; Request is no longer global 3295 * Changed; Event is no longer global 3296 * Changed; "sys" module is no longer global 3297 * Changed; moved Request#download to Static plugin where it belongs 3298 * Changed; Request instance created before body parsing. Closes #262 3299 * Changed; Pre-caching views in memory when "cache view contents" is enabled. Closes #253 3300 * Changed; Pre-caching view partials in memory when "cache view partials" is enabled 3301 * Updated support to node --version 0.1.90 3302 * Updated dependencies 3303 * Removed set("session cookie") in favour of use(Session, { cookie: { ... }}) 3304 * Removed utils.mixin(); use Object#mergeDeep() 3305 3306 0.8.0 / 2010-03-19 3307 ================== 3308 3309 * Added coffeescript example app. Closes #242 3310 * Changed; cache api now async friendly. Closes #240 3311 * Removed deprecated 'express/static' support. Use 'express/plugins/static' 3312 3313 0.7.6 / 2010-03-19 3314 ================== 3315 3316 * Added Request#isXHR. Closes #229 3317 * Added `make install` (for the executable) 3318 * Added `express` executable for setting up simple app templates 3319 * Added "GET /public/*" to Static plugin, defaulting to <root>/public 3320 * Added Static plugin 3321 * Fixed; Request#render() only calls cache.get() once 3322 * Fixed; Namespacing View caches with "view:" 3323 * Fixed; Namespacing Static caches with "static:" 3324 * Fixed; Both example apps now use the Static plugin 3325 * Fixed set("views"). Closes #239 3326 * Fixed missing space for combined log format 3327 * Deprecated Request#sendfile() and 'express/static' 3328 * Removed Server#running 3329 3330 0.7.5 / 2010-03-16 3331 ================== 3332 3333 * Added Request#flash() support without args, now returns all flashes 3334 * Updated ext submodule 3335 3336 0.7.4 / 2010-03-16 3337 ================== 3338 3339 * Fixed session reaper 3340 * Changed; class.js replacing js-oo Class implementation (quite a bit faster, no browser cruft) 3341 3342 0.7.3 / 2010-03-16 3343 ================== 3344 3345 * Added package.json 3346 * Fixed requiring of haml / sass due to kiwi removal 3347 3348 0.7.2 / 2010-03-16 3349 ================== 3350 3351 * Fixed GIT submodules (HAH!) 3352 3353 0.7.1 / 2010-03-16 3354 ================== 3355 3356 * Changed; Express now using submodules again until a PM is adopted 3357 * Changed; chat example using millisecond conversions from ext 3358 3359 0.7.0 / 2010-03-15 3360 ================== 3361 3362 * Added Request#pass() support (finds the next matching route, or the given path) 3363 * Added Logger plugin (default "common" format replaces CommonLogger) 3364 * Removed Profiler plugin 3365 * Removed CommonLogger plugin 3366 3367 0.6.0 / 2010-03-11 3368 ================== 3369 3370 * Added seed.yml for kiwi package management support 3371 * Added HTTP client query string support when method is GET. Closes #205 3372 3373 * Added support for arbitrary view engines. 3374 For example "foo.engine.html" will now require('engine'), 3375 the exports from this module are cached after the first require(). 3376 3377 * Added async plugin support 3378 3379 * Removed usage of RESTful route funcs as http client 3380 get() etc, use http.get() and friends 3381 3382 * Removed custom exceptions 3383 3384 0.5.0 / 2010-03-10 3385 ================== 3386 3387 * Added ext dependency (library of js extensions) 3388 * Removed extname() / basename() utils. Use path module 3389 * Removed toArray() util. Use arguments.values 3390 * Removed escapeRegexp() util. Use RegExp.escape() 3391 * Removed process.mixin() dependency. Use utils.mixin() 3392 * Removed Collection 3393 * Removed ElementCollection 3394 * Shameless self promotion of ebook "Advanced JavaScript" (http://dev-mag.com) ;) 3395 3396 0.4.0 / 2010-02-11 3397 ================== 3398 3399 * Added flash() example to sample upload app 3400 * Added high level restful http client module (express/http) 3401 * Changed; RESTful route functions double as HTTP clients. Closes #69 3402 * Changed; throwing error when routes are added at runtime 3403 * Changed; defaulting render() context to the current Request. Closes #197 3404 * Updated haml submodule 3405 3406 0.3.0 / 2010-02-11 3407 ================== 3408 3409 * Updated haml / sass submodules. Closes #200 3410 * Added flash message support. Closes #64 3411 * Added accepts() now allows multiple args. fixes #117 3412 * Added support for plugins to halt. Closes #189 3413 * Added alternate layout support. Closes #119 3414 * Removed Route#run(). Closes #188 3415 * Fixed broken specs due to use(Cookie) missing 3416 3417 0.2.1 / 2010-02-05 3418 ================== 3419 3420 * Added "plot" format option for Profiler (for gnuplot processing) 3421 * Added request number to Profiler plugin 3422 * Fixed binary encoding for multipart file uploads, was previously defaulting to UTF8 3423 * Fixed issue with routes not firing when not files are present. Closes #184 3424 * Fixed process.Promise -> events.Promise 3425 3426 0.2.0 / 2010-02-03 3427 ================== 3428 3429 * Added parseParam() support for name[] etc. (allows for file inputs with "multiple" attr) Closes #180 3430 * Added Both Cache and Session option "reapInterval" may be "reapEvery". Closes #174 3431 * Added expiration support to cache api with reaper. Closes #133 3432 * Added cache Store.Memory#reap() 3433 * Added Cache; cache api now uses first class Cache instances 3434 * Added abstract session Store. Closes #172 3435 * Changed; cache Memory.Store#get() utilizing Collection 3436 * Renamed MemoryStore -> Store.Memory 3437 * Fixed use() of the same plugin several time will always use latest options. Closes #176 3438 3439 0.1.0 / 2010-02-03 3440 ================== 3441 3442 * Changed; Hooks (before / after) pass request as arg as well as evaluated in their context 3443 * Updated node support to 0.1.27 Closes #169 3444 * Updated dirname(__filename) -> __dirname 3445 * Updated libxmljs support to v0.2.0 3446 * Added session support with memory store / reaping 3447 * Added quick uid() helper 3448 * Added multi-part upload support 3449 * Added Sass.js support / submodule 3450 * Added production env caching view contents and static files 3451 * Added static file caching. Closes #136 3452 * Added cache plugin with memory stores 3453 * Added support to StaticFile so that it works with non-textual files. 3454 * Removed dirname() helper 3455 * Removed several globals (now their modules must be required) 3456 3457 0.0.2 / 2010-01-10 3458 ================== 3459 3460 * Added view benchmarks; currently haml vs ejs 3461 * Added Request#attachment() specs. Closes #116 3462 * Added use of node's parseQuery() util. Closes #123 3463 * Added `make init` for submodules 3464 * Updated Haml 3465 * Updated sample chat app to show messages on load 3466 * Updated libxmljs parseString -> parseHtmlString 3467 * Fixed `make init` to work with older versions of git 3468 * Fixed specs can now run independent specs for those who can't build deps. Closes #127 3469 * Fixed issues introduced by the node url module changes. Closes 126. 3470 * Fixed two assertions failing due to Collection#keys() returning strings 3471 * Fixed faulty Collection#toArray() spec due to keys() returning strings 3472 * Fixed `make test` now builds libxmljs.node before testing 3473 3474 0.0.1 / 2010-01-03 3475 ================== 3476 3477 * Initial release