History.md 71.1 KB
Newer Older
Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1 2
3.5.0 / 2016-09-09
==================
3 4 5 6 7 8 9 10

  * deps: finalhandler@0.5.0
    - Change invalid or non-numeric status code to 500
    - Overwrite status message to match set status code
    - Prefer `err.statusCode` if `err.status` is invalid
    - Set response headers from `err.headers` object
    - Use `statuses` instead of `http` module for status messages

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
11 12
3.4.1 / 2016-01-23
==================
13 14 15

  * deps: finalhandler@0.4.1
    - deps: escape-html@~1.0.3
16 17
  * deps: parseurl@~1.3.1
    - perf: enable strict mode
18

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
19 20
3.4.0 / 2015-06-18
==================
21 22 23

  * deps: debug@~2.2.0
    - deps: ms@0.7.1
24 25 26 27
  * deps: finalhandler@0.4.0
    - Fix a false-positive when unpiping in Node.js 0.8
    - Support `statusCode` property on `Error` objects
    - Use `unpipe` module for unpiping requests
28
    - deps: debug@~2.2.0
29 30 31 32
    - deps: escape-html@1.0.2
    - deps: on-finished@~2.3.0
    - perf: enable strict mode
    - perf: remove argument reassignment
33
  * perf: enable strict mode
34
  * perf: remove argument reassignments
35

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
36 37
3.3.5 / 2015-03-16
==================
38 39 40 41 42 43 44

  * deps: debug@~2.1.3
    - Fix high intensity foreground color for bold
    - deps: ms@0.7.0
  * deps: finalhandler@0.3.4
    - deps: debug@~2.1.3

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
45 46
3.3.4 / 2015-01-07
==================
47 48 49 50 51 52

  * deps: debug@~2.1.1
  * deps: finalhandler@0.3.3
    - deps: debug@~2.1.1
    - deps: on-finished@~2.2.0

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
53 54
3.3.3 / 2014-11-09
==================
55 56 57

  * Correctly invoke async callback asynchronously

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
58 59
3.3.2 / 2014-10-28
==================
60 61 62

  * Fix handling of URLs containing `://` in the path

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
63 64
3.3.1 / 2014-10-22
==================
65 66 67 68

  * deps: finalhandler@0.3.2
    - deps: on-finished@~2.1.1

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
69 70
3.3.0 / 2014-10-17
==================
71 72 73 74 75 76 77 78

  * deps: debug@~2.1.0
    - Implement `DEBUG_FD` env variable support
  * deps: finalhandler@0.3.1
    - Terminate in progress response only on error
    - Use `on-finished` to determine request status
    - deps: debug@~2.1.0

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
79 80
3.2.0 / 2014-09-08
==================
81 82 83 84 85 86

  * deps: debug@~2.0.0
  * deps: finalhandler@0.2.0
    - Set `X-Content-Type-Options: nosniff` header
    - deps: debug@~2.0.0

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
87 88
3.1.1 / 2014-08-10
==================
89 90 91

  * deps: parseurl@~1.3.0

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
92 93
3.1.0 / 2014-07-22
==================
94 95 96 97 98 99 100 101 102

  * deps: debug@1.0.4
  * deps: finalhandler@0.1.0
    - Respond after request fully read
    - deps: debug@1.0.4
  * deps: parseurl@~1.2.0
    - Cache URLs based on original value
    - Remove no-longer-needed URL mis-parse work-around
    - Simplify the "fast-path" `RegExp`
103
  * perf: reduce executed logic in routing
104
  * perf: refactor location of `try` block
105

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
106 107
3.0.2 / 2014-07-10
==================
108 109 110

  * deps: debug@1.0.3
    - Add support for multiple wildcards in namespaces
111 112
  * deps: parseurl@~1.1.3
    - faster parsing of href-only URLs
113

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
114 115
3.0.1 / 2014-06-19
==================
116

117
  * use `finalhandler` for final response handling
118
  * deps: debug@1.0.2
119

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
120 121 122 123 124
3.0.0 / 2014-05-29
==================

  * No changes

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
125 126
3.0.0-rc.2 / 2014-05-04
=======================
127

128 129 130 131 132
  * Call error stack even when response has been sent
  * Prevent default 404 handler after response sent
  * dep: debug@0.8.1
  * encode stack in HTML for default error handler
  * remove `proto` export
133

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
134 135
3.0.0-rc.1 / 2014-03-06
=======================
Jonathan Ong's avatar
Jonathan Ong committed
136

137 138 139 140 141 142 143 144
  * move middleware to separate repos
  * remove docs
  * remove node patches
  * remove connect(middleware...)
  * remove the old `connect.createServer()` method
  * remove various private `connect.utils` functions
  * drop node.js 0.8 support

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
145 146
2.30.2 / 2015-07-31
===================
147

148 149
  * deps: body-parser@~1.13.3
    - deps: type-is@~1.6.6
150 151 152 153
  * deps: compression@~1.5.2
    - deps: accepts@~1.2.12
    - deps: compressible@~2.0.5
    - deps: vary@~1.0.1
154 155
  * deps: errorhandler@~1.4.2
    - deps: accepts@~1.2.12
156
  * deps: method-override@~2.3.5
157
    - deps: vary@~1.0.1
158
    - perf: enable strict mode
159 160 161
  * deps: serve-index@~1.7.2
    - deps: accepts@~1.2.12
    - deps: mime-types@~2.1.4
162 163
  * deps: type-is@~1.6.6
    - deps: mime-types@~2.1.4
164 165 166
  * deps: vhost@~3.0.1
    - perf: enable strict mode

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
167 168
2.30.1 / 2015-07-05
===================
169

170 171 172 173 174
  * deps: body-parser@~1.13.2
    - deps: iconv-lite@0.4.11
    - deps: qs@4.0.0
    - deps: raw-body@~2.1.2
    - deps: type-is@~1.6.4
175 176 177
  * deps: compression@~1.5.1
    - deps: accepts@~1.2.10
    - deps: compressible@~2.0.4
178 179
  * deps: errorhandler@~1.4.1
    - deps: accepts@~1.2.10
180 181 182
  * deps: qs@4.0.0
    - Fix dropping parameters like `hasOwnProperty`
    - Fix various parsing edge cases
183 184
  * deps: morgan@~1.6.1
    - deps: basic-auth@~1.0.3
185 186 187 188
  * deps: pause@0.1.0
    - Re-emit events with all original arguments
    - Refactor internals
    - perf: enable strict mode
189 190 191
  * deps: serve-index@~1.7.1
    - deps: accepts@~1.2.10
    - deps: mime-types@~2.1.2
192 193 194 195
  * deps: type-is@~1.6.4
    - deps: mime-types@~2.1.2
    - perf: enable strict mode
    - perf: remove argument reassignment
196

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
197 198
2.30.0 / 2015-06-18
===================
199

200
  * deps: body-parser@~1.13.1
201 202 203 204 205 206 207 208 209 210 211 212 213
    - Add `statusCode` property on `Error`s, in addition to `status`
    - Change `type` default to `application/json` for JSON parser
    - Change `type` default to `application/x-www-form-urlencoded` for urlencoded parser
    - Provide static `require` analysis
    - Use the `http-errors` module to generate errors
    - deps: bytes@2.1.0
    - deps: iconv-lite@0.4.10
    - deps: on-finished@~2.3.0
    - deps: raw-body@~2.1.1
    - deps: type-is@~1.6.3
    - perf: enable strict mode
    - perf: remove argument reassignment
    - perf: remove delete call
214 215 216
  * deps: bytes@2.1.0
    - Slight optimizations
    - Units no longer case sensitive when parsing
217 218 219 220 221 222 223 224 225
  * deps: compression@~1.5.0
    - Fix return value from `.end` and `.write` after end
    - Improve detection of zero-length body without `Content-Length`
    - deps: accepts@~1.2.9
    - deps: bytes@2.1.0
    - deps: compressible@~2.0.3
    - perf: enable strict mode
    - perf: remove flush reassignment
    - perf: simplify threshold detection
226 227
  * deps: cookie@0.1.3
    - Slight optimizations
228 229
  * deps: cookie-parser@~1.3.5
    - deps: cookie@0.1.3
230 231 232 233
  * deps: csurf@~1.8.3
    - Add `sessionKey` option
    - deps: cookie@0.1.3
    - deps: csrf@~3.0.0
234 235 236 237 238
  * deps: errorhandler@~1.4.0
    - Add charset to the `Content-Type` header
    - Support `statusCode` property on `Error` objects
    - deps: accepts@~1.2.9
    - deps: escape-html@1.0.2
239 240 241 242 243 244 245
  * deps: express-session@~1.11.3
    - Support an array in `secret` option for key rotation
    - deps: cookie@0.1.3
    - deps: crc@3.3.0
    - deps: debug@~2.2.0
    - deps: depd@~1.0.1
    - deps: uid-safe@~2.0.0
246 247 248 249 250 251 252 253
  * deps: finalhandler@0.4.0
    - Fix a false-positive when unpiping in Node.js 0.8
    - Support `statusCode` property on `Error` objects
    - Use `unpipe` module for unpiping requests
    - deps: escape-html@1.0.2
    - deps: on-finished@~2.3.0
    - perf: enable strict mode
    - perf: remove argument reassignment
254 255
  * deps: fresh@0.3.0
    - Add weak `ETag` matching support
256 257 258 259 260 261 262 263 264 265 266 267 268 269 270
  * deps: morgan@~1.6.0
    - Add `morgan.compile(format)` export
    - Do not color 1xx status codes in `dev` format
    - Fix `response-time` token to not include response latency
    - Fix `status` token incorrectly displaying before response in `dev` format
    - Fix token return values to be `undefined` or a string
    - Improve representation of multiple headers in `req` and `res` tokens
    - Use `res.getHeader` in `res` token
    - deps: basic-auth@~1.0.2
    - deps: on-finished@~2.3.0
    - pref: enable strict mode
    - pref: reduce function closure scopes
    - pref: remove dynamic compile on every request for `dev` format
    - pref: remove an argument reassignment
    - pref: skip function call without `skip` option
271 272 273 274 275 276 277
  * deps: serve-favicon@~2.3.0
    - Send non-chunked response for `OPTIONS`
    - deps: etag@~1.7.0
    - deps: fresh@0.3.0
    - perf: enable strict mode
    - perf: remove argument reassignment
    - perf: remove bitwise operations
278 279 280 281 282 283 284 285 286 287
  * deps: serve-index@~1.7.0
    - Accept `function` value for `template` option
    - Send non-chunked response for `OPTIONS`
    - Stat parent directory when necessary
    - Use `Date.prototype.toLocaleDateString` to format date
    - deps: accepts@~1.2.9
    - deps: escape-html@1.0.2
    - deps: mime-types@~2.1.1
    - perf: enable strict mode
    - perf: remove argument reassignment
288 289 290 291 292 293 294 295 296
  * deps: serve-static@~1.10.0
    - Add `fallthrough` option
    - Fix reading options from options prototype
    - Improve the default redirect response headers
    - Malformed URLs now `next()` instead of 400
    - deps: escape-html@1.0.2
    - deps: send@0.13.0
    - perf: enable strict mode
    - perf: remove argument reassignment
297 298 299 300
  * deps: type-is@~1.6.3
    - deps: mime-types@~2.1.1
    - perf: reduce try block size
    - perf: remove bitwise operations
301

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
302 303
2.29.2 / 2015-05-14
===================
304

305
  * deps: body-parser@~1.12.4
306
    - Slight efficiency improvement when not debugging
307
    - deps: debug@~2.2.0
308 309
    - deps: depd@~1.0.1
    - deps: iconv-lite@0.4.8
310 311 312 313
    - deps: on-finished@~2.2.1
    - deps: qs@2.4.2
    - deps: raw-body@~2.0.1
    - deps: type-is@~1.6.2
314 315 316
  * deps: compression@~1.4.4
    - deps: accepts@~1.2.7
    - deps: debug@~2.2.0
317 318
  * deps: connect-timeout@~1.6.2
    - deps: debug@~2.2.0
319 320
    - deps: ms@0.7.1
  * deps: debug@~2.2.0
321
    - deps: ms@0.7.1
322
  * deps: depd@~1.0.1
323 324
  * deps: errorhandler@~1.3.6
    - deps: accepts@~1.2.7
325 326 327
  * deps: finalhandler@0.3.6
    - deps: debug@~2.2.0
    - deps: on-finished@~2.2.1
328 329
  * deps: method-override@~2.3.3
    - deps: debug@~2.2.0
330 331 332 333 334
  * deps: morgan@~1.5.3
    - deps: basic-auth@~1.0.1
    - deps: debug@~2.2.0
    - deps: depd@~1.0.1
    - deps: on-finished@~2.2.1
335 336
  * deps: qs@2.4.2
   - Fix allowing parameters like `constructor`
337 338
  * deps: response-time@~2.3.1
    - deps: depd@~1.0.1
339 340 341
  * deps: serve-favicon@~2.2.1
    - deps: etag@~1.6.0
    - deps: ms@0.7.1
342 343 344 345
  * deps: serve-index@~1.6.4
    - deps: accepts@~1.2.7
    - deps: debug@~2.2.0
    - deps: mime-types@~2.0.11
346 347
  * deps: serve-static@~1.9.3
    - deps: send@0.12.3
348 349
  * deps: type-is@~1.6.2
    - deps: mime-types@~2.0.11
350

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
351 352
2.29.1 / 2015-03-16
===================
353

354
  * deps: body-parser@~1.12.2
355
    - deps: debug@~2.1.3
356
    - deps: qs@2.4.1
357
    - deps: type-is@~1.6.1
358 359 360 361
  * deps: compression@~1.4.3
    - Fix error when code calls `res.end(str, encoding)`
    - deps: accepts@~1.2.5
    - deps: debug@~2.1.3
362 363
  * deps: connect-timeout@~1.6.1
    - deps: debug@~2.1.3
364 365 366
  * deps: debug@~2.1.3
    - Fix high intensity foreground color for bold
    - deps: ms@0.7.0
367 368
  * deps: errorhandler@~1.3.5
    - deps: accepts@~1.2.5
369 370
  * deps: express-session@~1.10.4
    - deps: debug@~2.1.3
371 372
  * deps: finalhandler@0.3.4
    - deps: debug@~2.1.3
373 374
  * deps: method-override@~2.3.2
    - deps: debug@~2.1.3
375 376
  * deps: morgan@~1.5.2
    - deps: debug@~2.1.3
377 378
  * deps: qs@2.4.1
    - Fix error when parameter `hasOwnProperty` is present
379 380 381 382 383 384
  * deps: serve-index@~1.6.3
    - Properly escape file names in HTML
    - deps: accepts@~1.2.5
    - deps: debug@~2.1.3
    - deps: escape-html@1.0.1
    - deps: mime-types@~2.0.10
385 386
  * deps: serve-static@~1.9.2
    - deps: send@0.12.2
387 388
  * deps: type-is@~1.6.1
    - deps: mime-types@~2.0.10
389

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
390 391
2.29.0 / 2015-02-17
===================
392

393
  * Use `content-type` to parse `Content-Type` headers
394 395 396 397 398 399 400 401
  * deps: body-parser@~1.12.0
    - add `debug` messages
    - accept a function for the `type` option
    - make internal `extended: true` depth limit infinity
    - use `content-type` to parse `Content-Type` headers
    - deps: iconv-lite@0.4.7
    - deps: raw-body@1.3.3
    - deps: type-is@~1.6.0
402 403 404
  * deps: compression@~1.4.1
    - Prefer `gzip` over `deflate` on the server
    - deps: accepts@~1.2.4
405 406
  * deps: connect-timeout@~1.6.0
    - deps: http-errors@~1.3.1
407 408
  * deps: cookie-parser@~1.3.4
    - deps: cookie-signature@1.0.6
409
  * deps: cookie-signature@1.0.6
410 411 412 413 414 415
  * deps: csurf@~1.7.0
    - Accept `CSRF-Token` and `XSRF-Token` request headers
    - Default `cookie.path` to `'/'`, if using cookies
    - deps: cookie-signature@1.0.6
    - deps: csrf@~2.0.6
    - deps: http-errors@~1.3.1
416 417
  * deps: errorhandler@~1.3.4
    - deps: accepts@~1.2.4
418 419 420
  * deps: express-session@~1.10.3
    - deps: cookie-signature@1.0.6
    - deps: uid-safe@1.1.0
421 422 423 424
  * deps: http-errors@~1.3.1
    - Construct errors using defined constructors from `createError`
    - Fix error names that are not identifiers
    - Set a meaningful `name` property on constructed errors
425 426
  * deps: response-time@~2.3.0
    - Add function argument to support recording of response time
427 428 429 430
  * deps: serve-index@~1.6.2
    - deps: accepts@~1.2.4
    - deps: http-errors@~1.3.1
    - deps: mime-types@~2.0.9
431 432
  * deps: serve-static@~1.9.1
    - deps: send@0.12.1
433 434 435 436 437
  * deps: type-is@~1.6.0
    - fix argument reassignment
    - fix false-positives in `hasBody` `Transfer-Encoding` check
    - support wildcard for both type and subtype (`*/*`)
    - deps: mime-types@~2.0.9
438

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
439 440
2.28.3 / 2015-01-31
===================
441

442 443 444
  * deps: compression@~1.3.1
    - deps: accepts@~1.2.3
    - deps: compressible@~2.0.2
445 446
  * deps: csurf@~1.6.6
    - deps: csrf@~2.0.5
447 448
  * deps: errorhandler@~1.3.3
    - deps: accepts@~1.2.3
449 450
  * deps: express-session@~1.10.2
    - deps: uid-safe@1.0.3
451 452 453
  * deps: serve-index@~1.6.1
    - deps: accepts@~1.2.3
    - deps: mime-types@~2.0.8
454 455
  * deps: type-is@~1.5.6
    - deps: mime-types@~2.0.8
456

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
457 458
2.28.2 / 2015-01-20
===================
459

460 461 462
  * deps: body-parser@~1.10.2
    - deps: iconv-lite@0.4.6
    - deps: raw-body@1.3.2
463 464 465 466 467
  * deps: serve-static@~1.8.1
    - Fix redirect loop in Node.js 0.11.14
    - Fix root path disclosure
    - deps: send@0.11.1

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
468 469
2.28.1 / 2015-01-08
===================
470 471 472

  * deps: csurf@~1.6.5
    - deps: csrf@~2.0.4
473 474
  * deps: express-session@~1.10.1
    - deps: uid-safe@~1.0.2
475

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
476 477
2.28.0 / 2015-01-05
===================
478

479 480 481 482
  * deps: body-parser@~1.10.1
    - Make internal `extended: true` array limit dynamic
    - deps: on-finished@~2.2.0
    - deps: type-is@~1.5.5
483 484 485 486
  * deps: compression@~1.3.0
    - Export the default `filter` function for wrapping
    - deps: accepts@~1.2.2
    - deps: debug@~2.1.1
487 488 489 490
  * deps: connect-timeout@~1.5.0
    - deps: debug@~2.1.1
    - deps: http-errors@~1.2.8
    - deps: ms@0.7.0
491
  * deps: csurf@~1.6.4
492 493
    - deps: csrf@~2.0.3
    - deps: http-errors@~1.2.8
494
  * deps: debug@~2.1.1
495 496 497 498
  * deps: errorhandler@~1.3.2
    - Add `log` option
    - Fix heading content to not include stack
    - deps: accepts@~1.2.2
499 500 501 502
  * deps: express-session@~1.10.0
    - Add `store.touch` interface for session stores
    - Fix `MemoryStore` expiration with `resave: false`
    - deps: debug@~2.1.1
503 504 505
  * deps: finalhandler@0.3.3
    - deps: debug@~2.1.1
    - deps: on-finished@~2.2.0
506 507 508
  * deps: method-override@~2.3.1
    - deps: debug@~2.1.1
    - deps: methods@~1.1.1
509 510 511 512 513 514 515
  * deps: morgan@~1.5.1
    - Add multiple date formats `clf`, `iso`, and `web`
    - Deprecate `buffer` option
    - Fix date format in `common` and `combined` formats
    - Fix token arguments to accept values with `"`
    - deps: debug@~2.1.1
    - deps: on-finished@~2.2.0
516 517 518 519
  * deps: serve-favicon@~2.2.0
    - Support query string in the URL
    - deps: etag@~1.5.1
    - deps: ms@0.7.0
520 521 522 523 524 525
  * deps: serve-index@~1.6.0
    - Add link to root directory
    - deps: accepts@~1.2.2
    - deps: batch@0.5.2
    - deps: debug@~2.1.1
    - deps: mime-types@~2.0.7
526 527 528
  * deps: serve-static@~1.8.0
    - Fix potential open redirect when mounted at root
    - deps: send@0.11.0
529 530
  * deps: type-is@~1.5.5
    - deps: mime-types@~2.0.7
531

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
532 533
2.27.6 / 2014-12-10
===================
534 535 536 537 538 539

  * deps: serve-index@~1.5.3
    - deps: accepts@~1.1.4
    - deps: http-errors@~1.2.8
    - deps: mime-types@~2.0.4

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
540 541
2.27.5 / 2014-12-10
===================
542 543 544 545

  * deps: compression@~1.2.2
    - Fix `.end` to only proxy to `.end`
    - deps: accepts@~1.1.4
546 547
  * deps: express-session@~1.9.3
    - Fix error when `req.sessionID` contains a non-string value
548 549 550
  * deps: http-errors@~1.2.8
    - Fix stack trace from exported function
    - Remove `arguments.callee` usage
551 552
  * deps: serve-index@~1.5.2
    - Fix icon name background alignment on mobile view
553 554
  * deps: type-is@~1.5.4
    - deps: mime-types@~2.0.4
555

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
556 557
2.27.4 / 2014-11-23
===================
558

559 560 561 562 563
  * deps: body-parser@~1.9.3
    - deps: iconv-lite@0.4.5
    - deps: qs@2.3.3
    - deps: raw-body@1.3.1
    - deps: type-is@~1.5.3
564 565
  * deps: compression@~1.2.1
    - deps: accepts@~1.1.3
566 567
  * deps: errorhandler@~1.2.3
    - deps: accepts@~1.1.3
568 569
  * deps: express-session@~1.9.2
    - deps: crc@3.2.1
570 571
  * deps: qs@2.3.3
    - Fix `arrayLimit` behavior
572 573
  * deps: serve-favicon@~2.1.7
    - Avoid errors from enumerables on `Object.prototype`
574
  * deps: serve-index@~1.5.1
575 576
    - deps: accepts@~1.1.3
    - deps: mime-types@~2.0.3
577 578
  * deps: type-is@~1.5.3
    - deps: mime-types@~2.0.3
579

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
580 581
2.27.3 / 2014-11-09
===================
582 583

  * Correctly invoke async callback asynchronously
584 585 586
  * deps: csurf@~1.6.3
    - bump csrf
    - bump http-errors
587

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
588 589
2.27.2 / 2014-10-28
===================
590

591
  * Fix handling of URLs containing `://` in the path
592 593
  * deps: body-parser@~1.9.2
    - deps: qs@2.3.2
594 595 596
  * deps: qs@2.3.2
    - Fix parsing of mixed objects and values

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
597 598
2.27.1 / 2014-10-22
===================
599

600 601 602 603
  * deps: body-parser@~1.9.1
    - deps: on-finished@~2.1.1
    - deps: qs@2.3.0
    - deps: type-is@~1.5.2
604 605
  * deps: express-session@~1.9.1
    - Remove unnecessary empty write call
606 607
  * deps: finalhandler@0.3.2
    - deps: on-finished@~2.1.1
608 609
  * deps: morgan@~1.4.1
    - deps: on-finished@~2.1.1
610 611
  * deps: qs@2.3.0
    - Fix parsing of mixed implicit and explicit arrays
612 613
  * deps: serve-static@~1.7.1
    - deps: send@0.10.1
614

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
615 616
2.27.0 / 2014-10-16
===================
617

618
  * Use `http-errors` module for creating errors
619
  * Use `utils-merge` module for merging objects
620 621 622 623
  * deps: body-parser@~1.9.0
    - include the charset in "unsupported charset" error message
    - include the encoding in "unsupported content encoding" error message
    - deps: depd@~1.0.0
624 625
  * deps: compression@~1.2.0
    - deps: debug@~2.1.0
626 627 628
  * deps: connect-timeout@~1.4.0
    - Create errors with `http-errors`
    - deps: debug@~2.1.0
629 630
  * deps: debug@~2.1.0
    - Implement `DEBUG_FD` env variable support
631
  * deps: depd@~1.0.0
632 633 634
  * deps: express-session@~1.9.0
    - deps: debug@~2.1.0
    - deps: depd@~1.0.0
635
  * deps: finalhandler@0.3.1
636 637
    - Terminate in progress response only on error
    - Use `on-finished` to determine request status
638
    - deps: debug@~2.1.0
639 640
  * deps: method-override@~2.3.0
    - deps: debug@~2.1.0
641 642 643
  * deps: morgan@~1.4.0
    - Add `debug` messages
    - deps: depd@~1.0.0
644 645 646 647 648
  * deps: response-time@~2.2.0
    - Add `header` option for custom header name
    - Add `suffix` option
    - Change `digits` argument to an `options` argument
    - deps: depd@~1.0.0
649 650
  * deps: serve-favicon@~2.1.6
    - deps: etag@~1.5.0
651
  * deps: serve-index@~1.5.0
652 653
    - Add `dir` argument to `filter` function
    - Add icon for mkv files
654
    - Create errors with `http-errors`
655 656 657
    - Fix incorrect 403 on Windows and Node.js 0.11
    - Lookup icon by mime type for greater icon support
    - Support using tokens multiple times
658
    - deps: accepts@~1.1.2
659 660
    - deps: debug@~2.1.0
    - deps: mime-types@~2.0.2
661 662
  * deps: serve-static@~1.7.0
    - deps: send@0.10.0
663

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
664 665
2.26.6 / 2014-10-15
===================
666

667 668 669
  * deps: compression@~1.1.2
    - deps: accepts@~1.1.2
    - deps: compressible@~2.0.1
670 671 672
  * deps: csurf@~1.6.2
    - bump http-errors
    - fix cookie name when using `cookie: true`
673 674 675
  * deps: errorhandler@~1.2.2
    - deps: accepts@~1.1.2

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
676 677
2.26.5 / 2014-10-08
===================
678

679
  * Fix accepting non-object arguments to `logger`
680 681 682
  * deps: serve-static@~1.6.4
    - Fix redirect loop when index file serving disabled

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
683 684
2.26.4 / 2014-10-02
===================
685 686 687

  * deps: morgan@~1.3.2
    - Fix `req.ip` integration when `immediate: false`
688 689
  * deps: type-is@~1.5.2
    - deps: mime-types@~2.0.2
690

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
691 692
2.26.3 / 2014-09-24
===================
693

694 695
  * deps: body-parser@~1.8.4
    - fix content encoding to be case-insensitive
696 697
  * deps: serve-favicon@~2.1.5
    - deps: etag@~1.4.0
698 699
  * deps: serve-static@~1.6.3
    - deps: send@0.9.3
700

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
701 702
2.26.2 / 2014-09-19
===================
703 704 705

  * deps: body-parser@~1.8.3
    - deps: qs@2.2.4
706 707
  * deps: qs@2.2.4
    - Fix issue with object keys starting with numbers truncated
708

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
709 710
2.26.1 / 2014-09-15
===================
711

712 713
  * deps: body-parser@~1.8.2
    - deps: depd@0.4.5
714
  * deps: depd@0.4.5
715 716 717
  * deps: express-session@~1.8.2
    - Use `crc` instead of `buffer-crc32` for speed
    - deps: depd@0.4.5
718 719 720
  * deps: morgan@~1.3.1
    - Remove un-used `bytes` dependency
    - deps: depd@0.4.5
721
  * deps: serve-favicon@~2.1.4
722 723
    - Fix content headers being sent in 304 response
    - deps: etag@~1.3.1
724 725
  * deps: serve-static@~1.6.2
    - deps: send@0.9.2
726

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
727 728
2.26.0 / 2014-09-08
===================
729

730
  * deps: body-parser@~1.8.1
731 732 733 734
    - add `parameterLimit` option to `urlencoded` parser
    - change `urlencoded` extended array limit to 100
    - make empty-body-handling consistent between chunked requests
    - respond with 415 when over `parameterLimit` in `urlencoded`
735
    - deps: media-typer@0.3.0
736
    - deps: qs@2.2.3
737
    - deps: type-is@~1.5.1
738 739 740 741
  * deps: compression@~1.1.0
    - deps: accepts@~1.1.0
    - deps: compressible@~2.0.0
    - deps: debug@~2.0.0
742 743
  * deps: connect-timeout@~1.3.0
    - deps: debug@~2.0.0
744 745
  * deps: cookie-parser@~1.3.3
    - deps: cookie-signature@1.0.5
746
  * deps: cookie-signature@1.0.5
747 748 749 750 751
  * deps: csurf@~1.6.1
    - add `ignoreMethods` option
    - bump cookie-signature
    - csrf-tokens -> csrf
    - set `code` property on CSRF token errors
752
  * deps: debug@~2.0.0
753 754 755
  * deps: errorhandler@~1.2.0
    - Display error using `util.inspect` if no other representation
    - deps: accepts@~1.1.0
756
  * deps: express-session@~1.8.1
757
    - Do not resave already-saved session at end of request
758
    - Prevent session prototype methods from being overwritten
759 760
    - deps: cookie-signature@1.0.5
    - deps: debug@~2.0.0
761 762 763
  * deps: finalhandler@0.2.0
    - Set `X-Content-Type-Options: nosniff` header
    - deps: debug@~2.0.0
764
  * deps: fresh@0.2.4
765 766
  * deps: media-typer@0.3.0
    - Throw error when parameter format invalid on parse
767 768
  * deps: method-override@~2.2.0
    - deps: debug@~2.0.0
769 770
  * deps: morgan@~1.3.0
    - Assert if `format` is not a function or string
771 772
  * deps: qs@2.2.3
    - Fix issue where first empty value in array is discarded
773
  * deps: serve-favicon@~2.1.3
774 775
    - Accept string for `maxAge` (converted by `ms`)
    - Use `etag` to generate `ETag` header
776
    - deps: fresh@0.2.4
777 778 779 780
  * deps: serve-index@~1.2.1
    - Add `debug` messages
    - Resolve relative paths at middleware setup
    - deps: accepts@~1.1.0
781
  * deps: serve-static@~1.6.1
782
    - Add `lastModified` option
783
    - deps: send@0.9.1
784
  * deps: type-is@~1.5.1
785
    - fix `hasbody` to be true for `content-length: 0`
786 787
    - deps: media-typer@0.3.0
    - deps: mime-types@~2.0.1
788
  * deps: vhost@~3.0.0
789

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
790 791
2.25.10 / 2014-09-04
====================
792 793 794 795

  * deps: serve-static@~1.5.4
    - deps: send@0.8.5

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
796 797
2.25.9 / 2014-08-29
===================
798

799 800
  * deps: body-parser@~1.6.7
    - deps: qs@2.2.2
801 802
  * deps: qs@2.2.2

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
803 804
2.25.8 / 2014-08-27
===================
805

806 807
  * deps: body-parser@~1.6.6
    - deps: qs@2.2.0
808
  * deps: csurf@~1.4.1
809 810 811
  * deps: qs@2.2.0
    - Array parsing fix
    - Performance improvements
812

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
813 814
2.25.7 / 2014-08-18
===================
815 816 817

  * deps: body-parser@~1.6.5
    - deps: on-finished@2.1.0
818 819
  * deps: express-session@~1.7.6
    - Fix exception on `res.end(null)` calls
820 821
  * deps: morgan@~1.2.3
    - deps: on-finished@2.1.0
822 823
  * deps: serve-static@~1.5.3
    - deps: send@0.8.3
824

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
825 826
2.25.6 / 2014-08-14
===================
827

828 829
  * deps: body-parser@~1.6.4
    - deps: qs@1.2.2
830
  * deps: qs@1.2.2
831 832 833
  * deps: serve-static@~1.5.2
    - deps: send@0.8.2

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
834 835
2.25.5 / 2014-08-11
===================
836 837 838

  * Fix backwards compatibility in `logger`

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
839 840
2.25.4 / 2014-08-10
===================
841 842 843

  * Fix `query` middleware breaking with argument
    - It never really took one in the first place
844 845
  * deps: body-parser@~1.6.3
    - deps: qs@1.2.1
846 847 848
  * deps: compression@~1.0.11
    - deps: on-headers@~1.0.0
    - deps: parseurl@~1.3.0
849 850
  * deps: connect-timeout@~1.2.2
    - deps: on-headers@~1.0.0
851 852 853 854
  * deps: express-session@~1.7.5
    - Fix parsing original URL
    - deps: on-headers@~1.0.0
    - deps: parseurl@~1.3.0
855
  * deps: method-override@~2.1.3
856
  * deps: on-headers@~1.0.0
857
  * deps: parseurl@~1.3.0
858
  * deps: qs@1.2.1
859 860
  * deps: response-time@~2.0.1
    - deps: on-headers@~1.0.0
861 862
  * deps: serve-index@~1.1.6
    - Fix URL parsing
863 864 865 866
  * deps: serve-static@~1.5.1
    - Fix parsing of weird `req.originalUrl` values
    - deps: parseurl@~1.3.0
    = deps: utils-merge@1.0.0
867

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
868 869
2.25.3 / 2014-08-07
===================
870 871 872 873

  * deps: multiparty@3.3.2
    - Fix potential double-callback

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
874 875
2.25.2 / 2014-08-07
===================
876

877 878
  * deps: body-parser@~1.6.2
    - deps: qs@1.2.0
879 880 881
  * deps: qs@1.2.0
    - Fix parsing array of objects

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
882 883
2.25.1 / 2014-08-06
===================
884 885 886

  * deps: body-parser@~1.6.1
    - deps: qs@1.1.0
887 888 889
  * deps: qs@1.1.0
    - Accept urlencoded square brackets
    - Accept empty values in implicit array notation
890

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
891 892
2.25.0 / 2014-08-05
===================
893

894 895
  * deps: body-parser@~1.6.0
    - deps: qs@1.0.2
896 897 898
  * deps: compression@~1.0.10
    - Fix upper-case Content-Type characters prevent compression
    - deps: compressible@~1.1.1
899 900 901
  * deps: csurf@~1.4.0
    - Support changing `req.session` after `csurf` middleware
    - Calling `res.csrfToken()` after `req.session.destroy()` will now work
902 903 904
  * deps: express-session@~1.7.4
    - Fix `res.end` patch to call correct upstream `res.write`
    - Fix response end delay for non-chunked responses
905 906 907 908 909
  * deps: qs@1.0.2
    - Complete rewrite
    - Limits array length to 20
    - Limits object depth to 5
    - Limits parameters to 1,000
910 911 912
  * deps: serve-static@~1.5.0
    - Add `extensions` option
    - deps: send@0.8.1
913

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
914 915
2.24.3 / 2014-08-04
===================
916

917 918 919
  * deps: serve-index@~1.1.5
    - Fix Content-Length calculation for multi-byte file names
    - deps: accepts@~1.0.7
920 921 922 923
  * deps: serve-static@~1.4.4
    - Fix incorrect 403 on Windows and Node.js 0.11
    - deps: send@0.7.4

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
924 925
2.24.2 / 2014-07-27
===================
926

927
  * deps: body-parser@~1.5.2
928 929
  * deps: depd@0.4.4
    - Work-around v8 generating empty stack traces
930
  * deps: express-session@~1.7.2
931
  * deps: morgan@~1.2.2
932
  * deps: serve-static@~1.4.2
933

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
934 935
2.24.1 / 2014-07-26
===================
936

937
  * deps: body-parser@~1.5.1
938 939
  * deps: depd@0.4.3
    - Fix exception when global `Error.stackTraceLimit` is too low
940
  * deps: express-session@~1.7.1
941
  * deps: morgan@~1.2.1
942
  * deps: serve-index@~1.1.4
943
  * deps: serve-static@~1.4.1
944

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
945 946
2.24.0 / 2014-07-22
===================
947

948 949 950 951
  * deps: body-parser@~1.5.0
    - deps: depd@0.4.2
    - deps: iconv-lite@0.4.4
    - deps: raw-body@1.3.0
952
    - deps: type-is@~1.3.2
953 954 955
  * deps: compression@~1.0.9
    - Add `debug` messages
    - deps: accepts@~1.0.7
956
  * deps: connect-timeout@~1.2.1
957
    - Accept string for `time` (converted by `ms`)
958
    - deps: debug@1.0.4
959
  * deps: debug@1.0.4
960 961 962 963 964
  * deps: depd@0.4.2
    - Add `TRACE_DEPRECATION` environment variable
    - Remove non-standard grey color from color output
    - Support `--no-deprecation` argument
    - Support `--trace-deprecation` argument
965 966 967 968
  * deps: express-session@~1.7.0
    - Improve session-ending error handling
    - deps: debug@1.0.4
    - deps: depd@0.4.2
969 970 971
  * deps: finalhandler@0.1.0
    - Respond after request fully read
    - deps: debug@1.0.4
972 973 974
  * deps: method-override@~2.1.2
    - deps: debug@1.0.4
    - deps: parseurl@~1.2.0
975 976 977 978 979
  * deps: morgan@~1.2.0
    - Add `:remote-user` token
    - Add `combined` log format
    - Add `common` log format
    - Remove non-standard grey color from `dev` format
980
  * deps: multiparty@3.3.1
981 982 983 984
  * deps: parseurl@~1.2.0
    - Cache URLs based on original value
    - Remove no-longer-needed URL mis-parse work-around
    - Simplify the "fast-path" `RegExp`
985 986 987 988
  * deps: serve-static@~1.4.0
    - Add `dotfiles` option
    - deps: parseurl@~1.2.0
    - deps: send@0.7.0
989

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
990 991
2.23.0 / 2014-07-10
===================
992

993 994
  * deps: debug@1.0.3
    - Add support for multiple wildcards in namespaces
995
  * deps: express-session@~1.6.4
996 997 998 999
  * deps: method-override@~2.1.0
    - add simple debug output
    - deps: methods@1.1.0
    - deps: parseurl@~1.1.3
1000 1001
  * deps: parseurl@~1.1.3
    - faster parsing of href-only URLs
1002 1003
  * deps: serve-static@~1.3.1
    - deps: parseurl@~1.1.3
1004

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1005 1006
2.22.0 / 2014-07-03
===================
1007

1008 1009
  * deps: csurf@~1.3.0
    - Fix `cookie.signed` option to actually sign cookie
1010 1011 1012 1013
  * deps: express-session@~1.6.1
    - Fix `res.end` patch to return correct value
    - Fix `res.end` patch to handle multiple `res.end` calls
    - Reject cookies with missing signatures
1014 1015 1016
  * deps: multiparty@3.3.0
    - Always emit close after all parts ended
    - Fix callback hang in node.js 0.8 on errors
1017 1018 1019 1020 1021
  * deps: serve-static@~1.3.0
    - Accept string for `maxAge` (converted by `ms`)
    - Add `setHeaders` option
    - Include HTML link in redirect response
    - deps: send@0.5.0
1022

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1023 1024
2.21.1 / 2014-06-26
===================
1025

1026 1027
  * deps: cookie-parser@1.3.2
    - deps: cookie-signature@1.0.4
1028 1029
  * deps: cookie-signature@1.0.4
    - fix for timing attacks
1030 1031
  * deps: express-session@~1.5.2
    - deps: cookie-signature@1.0.4
1032 1033
  * deps: type-is@~1.3.2
    - more mime types
1034

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1035 1036
2.21.0 / 2014-06-20
===================
1037

1038
  * deprecate `connect(middleware)` -- use `app.use(middleware)` instead
1039
  * deprecate `connect.createServer()` -- use `connect()` instead
1040
  * fix `res.setHeader()` patch to work with get -> append -> set pattern
1041
  * deps: compression@~1.0.8
1042
  * deps: errorhandler@~1.1.1
1043 1044 1045 1046 1047 1048
  * deps: express-session@~1.5.0
    - Deprecate integration with `cookie-parser` middleware
    - Deprecate looking for secret in `req.secret`
    - Directly read cookies; `cookie-parser` no longer required
    - Directly set cookies; `res.cookie` no longer required
    - Generate session IDs with `uid-safe`, faster and even less collisions
1049
  * deps: serve-index@~1.1.3
1050

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1051 1052
2.20.2 / 2014-06-19
===================
1053 1054 1055 1056

  * deps: body-parser@1.4.3
    - deps: type-is@1.3.1

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1057 1058
2.20.1 / 2014-06-19
===================
1059 1060 1061 1062

  * deps: type-is@1.3.1
    - fix global variable leak

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1063 1064
2.20.0 / 2014-06-19
===================
1065

1066 1067
  * deprecate `verify` option to `json` -- use `body-parser` npm module instead
  * deprecate `verify` option to `urlencoded` -- use `body-parser` npm module instead
1068
  * deprecate things with `depd` module
1069
  * use `finalhandler` for final response handling
1070
  * use `media-typer` to parse `content-type` for charset
1071
  * deps: body-parser@1.4.2
1072 1073 1074 1075 1076 1077 1078
    - check accepted charset in content-type (accepts utf-8)
    - check accepted encoding in content-encoding (accepts identity)
    - deprecate `urlencoded()` without provided `extended` option
    - lazy-load urlencoded parsers
    - support gzip and deflate bodies
    - set `inflate: false` to turn off
    - deps: raw-body@1.2.2
1079
    - deps: type-is@1.3.0
1080
    - Support all encodings from `iconv-lite`
1081 1082
  * deps: connect-timeout@1.1.1
    - deps: debug@1.0.2
1083 1084 1085 1086
  * deps: cookie-parser@1.3.1
    - export parsing functions
    - `req.cookies` and `req.signedCookies` are now plain objects
    - slightly faster parsing of many cookies
1087
  * deps: csurf@1.2.2
1088 1089 1090 1091 1092 1093 1094
  * deps: errorhandler@1.1.0
    - Display error on console formatted like `throw`
    - Escape HTML in stack trace
    - Escape HTML in title
    - Fix up edge cases with error sent in response
    - Set `X-Content-Type-Options: nosniff` header
    - Use accepts for negotiation
1095 1096 1097 1098 1099
  * deps: express-session@1.4.0
    - Add `genid` option to generate custom session IDs
    - Add `saveUninitialized` option to control saving uninitialized sessions
    - Add `unset` option to control unsetting `req.session`
    - Generate session IDs with `rand-token` by default; reduce collisions
1100
    - Integrate with express "trust proxy" by default
1101
    - deps: buffer-crc32@0.2.3
1102
    - deps: debug@1.0.2
1103
  * deps: multiparty@3.2.9
1104 1105
  * deps: serve-index@1.1.2
    - deps: batch@0.5.1
1106 1107
  * deps: type-is@1.3.0
    - improve type parsing
1108 1109 1110 1111
  * deps: vhost@2.0.0
    - Accept `RegExp` object for `hostname`
    - Provide `req.vhost` object
    - Support IPv6 literal in `Host` header
1112

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1113 1114
2.19.6 / 2014-06-11
===================
1115

1116 1117
  * deps: body-parser@1.3.1
    - deps: type-is@1.2.1
1118 1119 1120 1121
  * deps: compression@1.0.7
    - use vary module for better `Vary` behavior
    - deps: accepts@1.0.3
    - deps: compressible@1.1.0
1122
  * deps: debug@1.0.2
1123 1124
  * deps: serve-index@1.1.1
    - deps: accepts@1.0.3
1125 1126 1127
  * deps: serve-static@1.2.3
    - Do not throw un-catchable error on file open race condition
    - deps: send@0.4.3
1128

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1129 1130
2.19.5 / 2014-06-09
===================
1131 1132 1133

  * deps: csurf@1.2.1
    - refactor to use csrf-tokens@~1.0.2
1134
  * deps: debug@1.0.1
1135 1136 1137
  * deps: serve-static@1.2.2
    - fix "event emitter leak" warnings
    - deps: send@0.4.2
1138 1139
  * deps: type-is@1.2.1
    - Switch dependency from `mime` to `mime-types@1.0.0`
1140

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1141 1142
2.19.4 / 2014-06-05
===================
1143

1144
  * deps: errorhandler@1.0.2
1145
    - Pass on errors from reading error files
1146 1147
  * deps: method-override@2.0.2
    - use vary module for better `Vary` behavior
1148 1149 1150
  * deps: serve-favicon@2.0.1
    - Reduce byte size of `ETag` header

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1151 1152
2.19.3 / 2014-06-03
===================
1153 1154 1155 1156 1157 1158

  * deps: compression@1.0.6
    - fix listeners for delayed stream creation
    - fix regression for certain `stream.pipe(res)` situations
    - fix regression when negotiation fails

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1159 1160
2.19.2 / 2014-06-03
===================
1161 1162 1163 1164 1165 1166

  * deps: compression@1.0.4
    - fix adding `Vary` when value stored as array
    - fix back-pressure behavior
    - fix length check for `res.end`

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1167 1168
2.19.1 / 2014-06-02
===================
1169 1170 1171

  * fix deprecated `utils.escape`

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1172 1173
2.19.0 / 2014-06-02
===================
1174

1175
  * deprecate `methodOverride()` -- use `method-override` npm module instead
1176 1177
  * deps: body-parser@1.3.0
    - add `extended` option to urlencoded parser
1178
  * deps: method-override@2.0.1
1179
    - set `Vary` header
1180
    - deps: methods@1.0.1
1181
  * deps: multiparty@3.2.8
1182 1183 1184 1185 1186
  * deps: response-time@2.0.0
    - add `digits` argument
    - do not override existing `X-Response-Time` header
    - timer not subject to clock drift
    - timer resolution down to nanoseconds
1187 1188 1189 1190
  * deps: serve-static@1.2.1
    - send max-age in Cache-Control in correct format
    - use `escape-html` for escaping
    - deps: send@0.4.1
1191

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1192 1193
2.18.0 / 2014-05-29
===================
1194

1195
  * deps: compression@1.0.3
1196
  * deps: serve-index@1.1.0
1197 1198 1199 1200 1201
    - Fix content negotiation when no `Accept` header
    - Properly support all HTTP methods
    - Support vanilla node.js http servers
    - Treat `ENAMETOOLONG` as code 414
    - Use accepts for negotiation
1202 1203 1204 1205 1206 1207 1208
  * deps: serve-static@1.2.0
    - Calculate ETag with md5 for reduced collisions
    - Fix wrong behavior when index file matches directory
    - Ignore stream errors after request ends
    - Skip directories in index file search
    - deps: send@0.4.0

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1209 1210
2.17.3 / 2014-05-27
===================
1211 1212 1213 1214

  * deps: express-session@1.2.1
    - Fix `resave` such that `resave: true` works

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1215 1216
2.17.2 / 2014-05-27
===================
1217

1218
  * deps: body-parser@1.2.2
1219
    - invoke `next(err)` after request fully read
1220
    - deps: raw-body@1.1.6
1221 1222 1223 1224
  * deps: method-override@1.0.2
    - Handle `req.body` key referencing array or object
    - Handle multiple HTTP headers

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1225 1226
2.17.1 / 2014-05-21
===================
1227 1228 1229

  * fix `res.charset` appending charset when `content-type` has one

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1230 1231
2.17.0 / 2014-05-20
===================
1232

1233 1234
  * deps: express-session@1.2.0
    - Add `resave` option to control saving unmodified sessions
1235
  * deps: morgan@1.1.1
1236 1237 1238 1239 1240 1241
    - "dev" format will use same tokens as other formats
    - `:response-time` token is now empty when immediate used
    - `:response-time` token is now monotonic
    - `:response-time` token has precision to 1 μs
    - fix `:status` + immediate output in node.js 0.8
    - improve `buffer` option to prevent indefinite event loop holding
1242
    - simplify method to get remote address
1243
    - deps: bytes@1.0.0
1244 1245
  * deps: serve-index@1.0.3
    - Fix error from non-statable files in HTML view
1246

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1247 1248
2.16.2 / 2014-05-18
===================
1249

1250
  * fix edge-case in `res.appendHeader` that would append in wrong order
1251 1252
  * deps: method-override@1.0.1

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1253 1254
2.16.1 / 2014-05-17
===================
1255 1256 1257

  * remove usages of `res.headerSent` from core

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1258 1259
2.16.0 / 2014-05-17
===================
1260

1261
  * deprecate `res.headerSent` -- use `res.headersSent`
1262
  * deprecate `res.on("header")` -- use on-headers module instead
1263
  * fix `connect.version` to reflect the actual version
1264
  * json: use body-parser
1265 1266 1267
    - add `type` option
    - fix repeated limit parsing with every request
    - improve parser speed
1268
  * urlencoded: use body-parser
1269 1270
    - add `type` option
    - fix repeated limit parsing with every request
1271 1272
  * dep: bytes@1.0.0
    * add negative support
1273 1274
  * dep: cookie-parser@1.1.0
    - deps: cookie@0.1.2
1275 1276
  * dep: csurf@1.2.0
    - add support for double-submit cookie
1277 1278 1279
  * dep: express-session@1.1.0
    - Add `name` option; replacement for `key` option
    - Use `setImmediate` in MemoryStore for node.js >= 0.10
1280

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1281 1282
2.15.0 / 2014-05-04
===================
1283

1284
  * Add simple `res.cookie` support
1285
  * Add `res.appendHeader`
1286
  * Call error stack even when response has been sent
1287
  * Patch `res.headerSent` to return Boolean
1288
  * Patch `res.headersSent` for node.js 0.8
1289
  * Prevent default 404 handler after response sent
1290
  * dep: compression@1.0.2
1291 1292 1293
    * support headers given to `res.writeHead`
    * deps: bytes@0.3.0
    * deps: negotiator@0.4.3
1294
  * dep: connect-timeout@1.1.0
1295 1296 1297 1298
    * Add `req.timedout` property
    * Add `respond` option to constructor
    * Clear timer on socket destroy
    * deps: debug@0.8.1
1299
  * dep: debug@^0.8.0
1300 1301
    * add `enable()` method
    * change from stderr to stdout
1302
  * dep: errorhandler@1.0.1
1303 1304
    * Clean up error CSS
    * Do not respond after headers sent
1305
  * dep: express-session@1.0.4
1306 1307 1308 1309
    * Remove import of `setImmediate`
    * Use `res.cookie()` instead of `res.setHeader()`
    * deps: cookie@0.1.2
    * deps: debug@0.8.1
1310 1311 1312
  * dep: morgan@1.0.1
    * Make buffer unique per morgan instance
    * deps: bytes@0.3.0
1313
  * dep: serve-favicon@2.0.0
1314 1315 1316 1317 1318 1319 1320
    * Accept `Buffer` of icon as first argument
    * Non-GET and HEAD requests are denied
    * Send valid max-age value
    * Support conditional requests
    * Support max-age=0
    * Support OPTIONS method
    * Throw if `path` argument is directory
1321
  * dep: serve-index@1.0.2
1322 1323
    * Add stylesheet option
    * deps: negotiator@0.4.3
Jonathan Ong's avatar
Jonathan Ong committed
1324

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1325 1326
2.14.5 / 2014-04-24
===================
1327 1328

  * dep: raw-body@1.1.4
1329 1330
    * allow true as an option
    * deps: bytes@0.3.0
1331
  * dep: serve-static@1.1.0
1332 1333
    * Accept options directly to `send` module
    * deps: send@0.3.0
1334

Douglas Christopher Wilson's avatar
Douglas Christopher Wilson committed
1335 1336
2.14.4 / 2014-04-07