Update dependency multer to v2 #14

Merged

StefanMewes merged 1 commits from renovate/multer-2.x into master 2026-04-15 13:45:50 +00:00

Conversation 0 Commits 1 Files Changed 2 +26 -95

renovate commented 2026-04-15 02:01:00 +00:00

Collaborator

Copy Link

This PR contains the following updates:

Package	Type	Update	Change
multer	dependencies	major	^1.4.5-lts.1 → ^2.0.0

---

Release Notes

expressjs/multer (multer)

v2.1.1

Compare Source

• Fix CVE-2026-3520 (GHSA-5528-5vmv-3xc2)
• fix error/abort handling

v2.1.0

Compare Source

• Add defParamCharset option for UTF-8 filename support (#​1210)
• Fix CVE-2026-2359 (GHSA-v52c-386h-88mc)
• Fix CVE-2026-3304 (GHSA-xf7r-hgr6-v32p)

v2.0.2

Compare Source

• Fix CVE-2025-7338 (GHSA-fjgf-rc76-4x9p)

v2.0.1

Compare Source

• Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

v2.0.0

Compare Source

• Breaking change: The minimum supported Node version is now 10.16.0
• Fix CVE-2025-47935 (GHSA-44fp-w29j-9vj5)
• Fix CVE-2025-47944 (GHSA-4pg4-qvpc-4q3h)

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [multer](https://github.com/expressjs/multer) | dependencies | major | [`^1.4.5-lts.1` → `^2.0.0`](https://renovatebot.com/diffs/npm/multer/1.4.5-lts.2/2.1.1) | --- ### Release Notes <details> <summary>expressjs/multer (multer)</summary> ### [`v2.1.1`](https://github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#211) [Compare Source](https://github.com/expressjs/multer/compare/v2.1.0...v2.1.1) - Fix [CVE-2026-3520](https://www.cve.org/CVERecord?id=CVE-2026-3520) ([GHSA-5528-5vmv-3xc2](https://github.com/expressjs/multer/security/advisories/GHSA-5528-5vmv-3xc2)) - fix error/abort handling ### [`v2.1.0`](https://github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#210) [Compare Source](https://github.com/expressjs/multer/compare/v2.0.2...v2.1.0) - Add `defParamCharset` option for UTF-8 filename support ([#&#8203;1210](https://github.com/expressjs/multer/pull/1210)) - Fix [CVE-2026-2359](https://www.cve.org/CVERecord?id=CVE-2026-2359) ([GHSA-v52c-386h-88mc](https://github.com/expressjs/multer/security/advisories/GHSA-v52c-386h-88mc)) - Fix [CVE-2026-3304](https://www.cve.org/CVERecord?id=CVE-2026-3304) ([GHSA-xf7r-hgr6-v32p](https://github.com/expressjs/multer/security/advisories/GHSA-xf7r-hgr6-v32p)) ### [`v2.0.2`](https://github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#202) [Compare Source](https://github.com/expressjs/multer/compare/v2.0.1...v2.0.2) - Fix [CVE-2025-7338](https://www.cve.org/CVERecord?id=CVE-2025-7338) ([GHSA-fjgf-rc76-4x9p](https://github.com/expressjs/multer/security/advisories/GHSA-fjgf-rc76-4x9p)) ### [`v2.0.1`](https://github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#201) [Compare Source](https://github.com/expressjs/multer/compare/v2.0.0...v2.0.1) - Fix [CVE-2025-48997](https://www.cve.org/CVERecord?id=CVE-2025-48997) ([GHSA-g5hg-p3ph-g8qg](https://github.com/expressjs/multer/security/advisories/GHSA-g5hg-p3ph-g8qg)) ### [`v2.0.0`](https://github.com/expressjs/multer/blob/HEAD/CHANGELOG.md#200) [Compare Source](https://github.com/expressjs/multer/compare/v1.4.5-lts.2...v2.0.0) - **Breaking change: The minimum supported Node version is now 10.16.0** - Fix [CVE-2025-47935](https://www.cve.org/CVERecord?id=CVE-2025-47935) ([GHSA-44fp-w29j-9vj5](https://github.com/expressjs/multer/security/advisories/GHSA-44fp-w29j-9vj5)) - Fix [CVE-2025-47944](https://www.cve.org/CVERecord?id=CVE-2025-47944) ([GHSA-4pg4-qvpc-4q3h](https://github.com/expressjs/multer/security/advisories/GHSA-4pg4-qvpc-4q3h)) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMTAuMTQiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMTAuMTQiLCJ0YXJnZXRCcmFuY2giOiJtYXN0ZXIiLCJsYWJlbHMiOltdfQ==-->

renovate added 1 commit 2026-04-15 12:56:20 +00:00

Update dependency multer to v2 bb2c16a453

renovate force-pushed renovate/multer-2.x from f58e144c05 to bb2c16a453 2026-04-15 12:56:20 +00:00 Compare

StefanMewes merged commit 733f54d9ec into master 2026-04-15 13:45:50 +00:00

StefanMewes deleted branch renovate/multer-2.x 2026-04-15 13:45:50 +00:00

StefanMewes referenced this issue from a commit 2026-04-15 13:45:52 +00:00

Merge pull request 'Update dependency multer to v2' (#14) from renovate/multer-2.x into master

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

No items

No Label

Milestone

No items

No Milestone

Assignees

Clear assignees

renovate StefanMewes

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: StefanMewes/send2ereader#14