Important: Security
- Security fix for CVE-2025-13466 (GHSA-wqch-xfxh-vrr4)
What's Changed
- ci: add dependabot by @Phillip9587 in #593
- ci: use full SHAs for github action versions by @Phillip9587 in #594
- deps: type-is@^2.0.1 by @Phillip9587 in #599
- build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by @dependabot[bot] in #609
- build(deps): bump github/codeql-action from 3.28.13 to 3.28.15 by @dependabot[bot] in #610
- build(deps-dev): bump eslint-plugin-promise from 6.1.1 to 6.6.0 by @dependabot[bot] in #611
- build(deps-dev): bump eslint-plugin-import from 2.27.5 to 2.31.0 by @dependabot[bot] in #613
- build(deps-dev): bump eslint-plugin-markdown from 3.0.0 to 3.0.1 by @dependabot[bot] in #612
- ci: add codeql github workflows scanning by @Phillip9587 in #614
- ci: update CodeQL config to ignore the test directory by @Phillip9587 in #615
- build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by @dependabot[bot] in #620
- build(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by @dependabot[bot] in #619
- chore(deps): unpin devDependencies by @Phillip9587 in #616
- ci: add node.js 24 to test matrix by @Phillip9587 in #621
- build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by @dependabot[bot] in #623
- build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in #624
- chore: add funding to package.json by @Phillip9587 in #617
- build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by @dependabot[bot] in #625
- build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by @dependabot[bot] in #630
- refactor: move common request validation to read function by @Phillip9587 in #600
- deps: bump iconv-lite by @bjohansebas in #631
- doc: pull beta changelog forward into 2.0.0 by @jonchurch in #629
- refactor: optimize raw and text parsers with shared passthrough function by @Phillip9587 in #634
- build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in #640
- build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by @dependabot[bot] in #639
- build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by @dependabot[bot] in #636
- build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by @dependabot[bot] in #637
- build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by @dependabot[bot] in #638
- deps: raw-body@^3.0.1 by @Phillip9587 in #641
- deps: debug@^4.4.3 by @Phillip9587 in #642
- docs: add iconv-lite 0.7.0 changes to history entry by @Phillip9587 in #645
- ci: add node.js 25 to test matrix by @Phillip9587 in #650
- perf: move read options outside parser middlewares by @Phillip9587 in #648
- test(json): add RFC 7159 whitespace edge cases by @Ayoub-Mabrouk in #653
- test: add test for urlencoded invalid defaultCharset by @Phillip9587 in #643
- build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by @dependabot[bot] in #657
- build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 by @dependabot[bot] in #656
- build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in #655
- build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by @dependabot[bot] in #654
- ci: also test on first supported node.js version by @Phillip9587 in #646
- chore: switch badges from badgen.net to shields.io by @Phillip9587 in #661
- Remove history.md from being packaged on publish by @bjohansebas in #660
- Release: 2.2.1 by @UlisesGascon in #659
New Contributors
- @dependabot[bot] made their first contribution in #609
- @jonchurch made their first contribution in #629
- @Ayoub-Mabrouk made their first contribution in #653
Full Changelog: v2.2.0...v2.2.1
Contributors
UlisesGascon, jonchurch, and 4 other contributors