Skip to content

Update dependency compression to ^1.8.1 #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update dependency compression to ^1.8.1 #33

wants to merge 1 commit into from

Conversation

@mend-for-github-com
Copy link

@mend-for-github-com mend-for-github-com bot commented Oct 5, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
compression ^1.6.2 -> ^1.8.1 age adoption passing confidence

By merging this PR, the issue #30 will be automatically resolved and closed:

Severity CVSS Score Vulnerability Reachability
Low Low 3.4 CVE-2025-7339

Release Notes

expressjs/compression (compression)

v1.8.1

Compare Source

==========

v1.8.0

Compare Source

==================

  • Use res.headersSent when available
  • Replace _implicitHeader with writeHead property
  • add brotli support for versions of node that support it
  • Add the enforceEncoding option for requests without Accept-Encoding header

v1.7.5

Compare Source

==================

  • deps: Replace accepts with negotiator@~0.6.4
    • Add preference option
  • deps: bytes@​3.1.2
    • Add petabyte (pb) support
    • Fix "thousandsSeparator" incorrecting formatting fractional part
    • Fix return value for un-parsable strings
  • deps: compressible@~2.0.18
    • Mark font/ttf as compressible
    • Remove compressible from multipart/mixed
    • deps: mime-db@'>= 1.43.0 < 2'
  • deps: safe-buffer@​5.2.1

v1.7.4

Compare Source

==================

  • deps: compressible@~2.0.16
    • Mark text/less as compressible
    • deps: mime-db@'>= 1.38.0 < 2'
  • deps: on-headers@~1.0.2
    • Fix res.writeHead patch missing return value
  • perf: prevent unnecessary buffer copy

v1.7.3

Compare Source

==================

  • deps: accepts@~1.3.5
    • deps: mime-types@~2.1.18
  • deps: compressible@~2.0.14
    • Mark all XML-derived types as compressible
    • deps: mime-db@'>= 1.34.0 < 2'
  • deps: safe-buffer@​5.1.2

v1.7.2

Compare Source

==================

  • deps: compressible@~2.0.13
    • deps: mime-db@'>= 1.33.0 < 2'

v1.7.1

Compare Source

==================

  • deps: accepts@~1.3.4
    • deps: mime-types@~2.1.16
  • deps: bytes@​3.0.0
  • deps: compressible@~2.0.11
    • deps: mime-db@'>= 1.29.0 < 2'
  • deps: debug@​2.6.9
  • deps: vary@~1.1.2
    • perf: improve header token parsing speed

v1.7.0

Compare Source

==================

  • Use safe-buffer for improved Buffer API
  • deps: bytes@​2.5.0
  • deps: compressible@~2.0.10
    • Fix regex fallback to not override compressible: false in db
    • deps: mime-db@'>= 1.27.0 < 2'
  • deps: debug@​2.6.8
    • Allow colors in workers
    • Deprecated DEBUG_FD environment variable set to 3 or higher
    • Fix error when running under React Native
    • Fix DEBUG_MAX_ARRAY_LENGTH
    • Use same color for same namespace
    • deps: ms@​2.0.0
  • deps: vary@~1.1.1
    • perf: hoist regular expression
  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label Oct 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

security fix Security fix generated by Mend

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant