HISTORY.md

Express State Change History

2.0.0 (2020-04-28)

• Upgrade serialize-javascript to version 3.0.0 ([#41][]).

1.3.0 (2015-08-26)

• Externalize and depend on serialize-javascript package.

1.2.0 (2014-04-28)

• Updated Express peer dependency to >=3.x because it works with Express v4.x. (#29 @NoumanSaleem)

1.1.4 (2014-04-03)

• Fixed issue where pre-serialized values from a parent Exposed object were being used instead of an Exposed object's own values. The process of getting a serialized value for a given namespace has been improved to properly follow the semantics of Exposed object hierarchy. (#25)

  app.expose(1, 'foo', {cache: true});
  res.expose(2, 'foo');

  The above now results in the following, as expected:

  console.log(window.foo); // => 2

1.1.3 (2014-03-06)

• Fixed issue where an error would be thrown when evaluating the JavaScript output of exposed data with deep namespaces. (#23 @jeremyruppel)

  The following will no longer throw an error when its output is evaluated in the browser:

  app.expose({}, 'foo');
  app.expose('baz', 'foo.bar.baz');

  Previously, this would output the following and throw because root.foo.bar was undefined:

  root.foo || (root.foo = {});
  root.foo.bar || (root.foo.bar = {});
  
  root.foo = {};
  root.foo.bar.baz = "baz";

  Now, the namespaces are initialized next to where data will be assigned to them and now outputs the following:

  root.foo = {};
  root.foo || (root.foo = {});
  root.foo.bar || (root.foo.bar = {});
  root.foo.bar.baz = "baz";

1.1.2 (2014-02-21)

• Fixed issue with line terminator characters (U+2028 and U+2029) being handled differently in JavaScript vs. JSON by escaping them. (#21, #22: @norwood, @mathiasbynens)

1.1.1 (2014-01-25)

• Made request-scope exposed data always inherit the app-scope exposed data. With this change if a request comes in before data is exposed at the app-scope, the app.locals.state object will be created first. This ensures the semantics of the relationship between app- and request-scoped exposed data. (#20)

1.1.0 (2014-01-22)

• [!] Deprecated expose( obj, namespace, local ) API signature, the third argument is now options, use: expose( obj, namespace, {local: local}). The deprecated signature will be removed in a future release, and logs a warning when it is used.

• Added {cache: true} option that signals Express State to eagerly serialize unchanging data and reuse the result to greatly improve performance of repeated toString() calls (#19).

• Fixed issue with app <-- res exposed data inheritance. Previously, the exposed data a res would inherit from the app was locked to the state of the exposed app-scope data at the time of the request. Now, if new data is exposed at the app-scope during a request, it's properly inherited by the request-scoped data.

• Added benchmark tests. They can be run using: npm run benchmark. Real world fixture data is used from Photos Near Me and Yahoo Tech.

• Tweaked toString() serialization process to gather low-hanging performance fruit (#18).

1.0.3 (2013-12-04)

• Fixed npm test script so it runs on Windows. (#17)

• Added .npmignore file. (#15)

• Tweaked closure that's wrapped around the serialized data and namespace initialization. There's no affect on app code, this is merely renaming a local variable from g to root which is the reference to the root or global object that the namespaces hang off of.

1.0.2 (2013-11-05)

• Updated object branding used by extend() to assign the module's export object as the value of the "branding". This makes it easier compare and determine which Express State module instance was used to extend the Express app. (#14)

• Added "modown" keyword to package.json. (#16)

1.0.1 (2013-10-16)

• [!] Unsafe HTML characters in string values are now encoded to their Unicode counterparts during serialization to protected against XSS attacks. The encoded characters will === the non-encoded characters so there's no worry of this messing up application code. While this change makes Express State safer, untrusted user input should always be escaped! (#11)

• Added "Untrusted User Input" and "Exposing Functions" sections to the README. (#12)

• Improved README docs to be clearer and better organized. (#10: @zhouyaoji)

1.0.0 (2013-08-15)

• [!] Changed how this package extends Express. There's now only one way — to explicitly pass an Express app instance to the extend() method:

  var express  = require('express'),
      expstate = require('express-state'),
  
      app = express();
  
  // Extend the Express app with Express State's functionality.
  expstate.extend(app);

  This new extend() implementation uses the object branding technique. (#6)

• A TypeError is now thrown when trying to serialize native build-in functions. This matches the behavior of JSON.stringify() with circular references. (#7)

• Added documentation in README.md. (#2)

0.0.4 (2013-07-29)

• Added extend() function which takes an express module instance and adds the expose() method to its application and response prototypes, if it does not already exist. (#5)

• Added augment() function which takes an Express app instance and adds the expose() method to it and its response prototype, if it does not already exist. (#5)

0.0.3 (2013-06-08)

• Prevented multiple copies of express-state from overwriting expose() when it already has been plugged into a copy of express. (#4)

• Added Screwdriver CI integration.

0.0.2 (2013-05-03)

• Added Travis CI integration.

• Improved namespace rendering by removing the initialization of leaf namespaces since exposed values will be assigned to them. (#1)

0.0.1 (2013-05-02)

• Initial release.