Update helmet 6.0.0 → 7.1.0 (major) #234
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![depfu[bot]](https://avatars.githubusercontent.com/in/715?s=60&v=4){kind=small}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Here is everything you need to know about this upgrade. Please take a good look at what changed and the test results before merging this pull request.
What changed?
✳️ helmet (6.0.0 → 7.1.0) · Repo · Changelog
Release Notes
7.1.0 (from changelog)
7.0.0 (from changelog)
6.2.0 (from changelog)
6.1.5 (from changelog)
6.1.4 (from changelog)
6.1.3 (from changelog)
6.1.2 (from changelog)
6.1.1 (from changelog)
6.1.0 (from changelog)
6.0.1 (from changelog)
Does any of this look wrong? Please let us know.
Commits
See the full diff on Github. The new version differs by 69 commits:
7.1.0Update changelog for 7.1.0 releaseAdd additional package keywordsUpdate devDependencies to latest versionsUpdate changelog for recent COEP changeSupport `unsafe-none` in COEPCI: update setup-node action to version 4Update devDependencies to latest versionsCI should use the latest Node versionCI should test on Node 20Update devDependencies to latest versionsSwitch from ts-node to tsxUpdate GitHub Actions checkout dependencyUpdate devDependencies to latest versionsUpdate ESLint dependenciesUpdate Prettier to latest versionAdd `consistent-type-imports` ruleAdd `no-confusing-void-expression` lint ruleAdd some lint rules that require no code changesUpdate devDependencies to latest versionsFix changelog header for 6.2.07.0.0Update changelog for 7.0.0 releaseStrict-Transport-Security: remove old `setIf` warningDisable Cross-Origin-Embedder-Policy by defaultRemove Expect-CT middlewareRequire Node 16+Minor: fix non-legacy values being under the "legacy" comment6.2.0Update changelog for 6.2.0 releaseUpdate devDependencies to latest versionsRework readmeExpose full header names for optionsExpose new names for standalone middlewareAddress TODO6.1.5Update changelog for 6.1.5 releaseFix yet another issue with TypeScript exports6.1.4Update changelog for 6.1.4 releaseAdd my contact info to contributing and security docsUpdate devDependencies to latest versionsFix another issue with TypeScript default exports6.1.3Update changelog for 6.1.3 releaseFix default export for some bundlers6.1.2Update changelog for 6.1.2 releaseEnable (and fix) strict ESLint rulesRe-run `npm install` to update package-lockMinor: fix extra parenthesis in build outputRe-add "main" key to package.jsonRemove badges from readme6.1.1Fix missing package metadata (regression in 6.1.0)Don't update .md files during publish6.1.0Update changelog for 6.1.0 releaseImprove support for various TypeScript setups, including "nodenext"Update devDependencies to latest versionsUpdate docs: `expectCt` is no longer set by defaultUpdate devDependencies to latest versionsUpdate license year for 2023Update devDependencies to latest versionsUpdate devDependencies to latest versions6.0.1Fix `crossOriginEmbedderPolicy` top-level optionsRemove `--save` arg from docsRemove duplicate changelog entryDepfu will automatically keep this PR conflict-free, as long as you don't add any commits to this branch yourself. You can also trigger a rebase manually by commenting with
@depfu rebase.All Depfu comment commands