fix(deps): update dependency body-parser to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
body-parser	^1.19.0 → ^2.0.0

---

Release Notes

expressjs/body-parser (body-parser)

v2.2.2

Compare Source

=========================

• deps: qs@^6.14.1
• refactor(json): simplify strict mode error string construction

v2.2.1

Compare Source

=========================

• Security fix for GHSA-wqch-xfxh-vrr4
• deps:
  • type-is@^2.0.1
  • iconv-lite@^0.7.0
    • Handle split surrogate pairs when encoding UTF-8
    • Avoid false positives in encodingExists by using prototype-less objects
  • raw-body@^3.0.1
  • debug@^4.4.3

v2.2.0

Compare Source

=========================

• refactor: normalize common options for all parsers
• deps:
  • iconv-lite@^0.6.3

v2.1.0

Compare Source

=========================

• deps:
  • type-is@^2.0.0
  • debug@^4.4.0
  • Removed destroy
• refactor: prefix built-in node module imports
• use the node require cache instead of custom caching

v2.0.2

Compare Source

=========================

• remove unpipe package and use native unpipe() method

v2.0.1

Compare Source

=========================

• Restore expected behavior extended to false

v2.0.0

Compare Source

=========================

Breaking Changes

• Node.js 18 is the minimum supported version
• req.body is no longer always initialized to {}
  • it is left undefined unless a body is parsed
• Remove deprecated bodyParser() combination middleware
• urlencoded parser now defaults extended to false as released, this is not the case, fixed in 2.0.1
• urlencoded simple parser now uses qs module instead of querystring module

Features

• Add brotli support #​406
• urlencoded: Add option to customize the depth with a default value of 32
• urlencoded: Support iso-8859-1, utf8 sentinel, and numeric entities
• Use on-finished to determine when body read

Dependencies

• deps: raw-body@^3.0.0
• deps: qs@​6.12.3
• deps: debug@​3.1.0
• deps: iconv-lite@​0.5.2

v1.20.5

Compare Source

What's Changed

The reason for this release is a fix to the extended urlencoded parser returning objects instead of arrays for large array inputs (> 100) on qs@​6.14.2+. (#​716)

• refactor(json): simplify strict mode error string construction by @​jonchurch in #​692
• fix: correct off-by-one error in parameterCount by @​abhu85 in #​716
• deps(qs): bump qs to 6.15.1 by @​jonchurch in #​722
• Release: 1.20.5 by @​jonchurch in #​721

New Contributors

• @​abhu85 made their first contribution in #​716

Special thanks to triager @​krzysdz for keeping this on our radar and effectively triaging the specific issue!

Full Changelog: expressjs/body-parser@1.20.4...1.20.5

v1.20.4

Compare Source

===================

• deps: qs@~6.14.0
• deps: use tilde notation for dependencies
• deps: http-errors@~2.0.1
• deps: raw-body@~2.5.3

v1.20.3

Compare Source

===================

• deps: qs@​6.13.0
• add depth option to customize the depth level in the parser
• IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

v1.20.2

Compare Source

===================

• Fix strict json error message on Node.js 19+
• deps: content-type@~1.0.5
  • perf: skip value escaping when unnecessary
• deps: raw-body@​2.5.2

v1.20.1

Compare Source

===================

• deps: qs@​6.11.0
• perf: remove unnecessary object clone

v1.20.0

Compare Source

===================

• Fix error message for json parse whitespace in strict
• Fix internal error when inflated body exceeds limit
• Prevent loss of async hooks context
• Prevent hanging when request already read
• deps: depd@​2.0.0
  • Replace internal eval usage with Function constructor
  • Use instance methods on process to check for listeners
• deps: http-errors@​2.0.0
  • deps: depd@​2.0.0
  • deps: statuses@​2.0.1
• deps: on-finished@​2.4.1
• deps: qs@​6.10.3
• deps: raw-body@​2.5.1
  • deps: http-errors@​2.0.0

v1.19.2

Compare Source

===================

• deps: bytes@​3.1.2
• deps: qs@​6.9.7
  • Fix handling of __proto__ keys
• deps: raw-body@​2.4.3
  • deps: bytes@​3.1.2

v1.19.1

Compare Source

===================

• deps: bytes@​3.1.1
• deps: http-errors@​1.8.1
  • deps: inherits@​2.0.4
  • deps: toidentifier@​1.0.1
  • deps: setprototypeof@​1.2.0
• deps: qs@​6.9.6
• deps: raw-body@​2.4.2
  • deps: bytes@​3.1.1
  • deps: http-errors@​1.8.1
• deps: safe-buffer@​5.2.1
• deps: type-is@~1.6.18

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.