[Snyk] Upgrade body-parser from 1.20.2 to 1.20.4

[Dmitry-White]

Snyk has created this PR to upgrade body-parser from 1.20.2 to 1.20.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 2 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	624	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	624	No Known Exploit
	Improper Verification of Cryptographic Signature SNYK-JS-JWS-14188253	624	No Known Exploit
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8446504	624	Proof of Concept
	Improper Neutralization of Special Elements in Data Query Logic SNYK-JS-MONGOOSE-8623536	624	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	624	No Known Exploit
	Cross-site Scripting SNYK-JS-EXPRESS-7926867	624	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-FASTXMLPARSER-7573289	624	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	624	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	624	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BRACEEXPANSION-9789073	624	Proof of Concept
	Cross-site Scripting SNYK-JS-SEND-7926862	624	No Known Exploit
	Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	624	No Known Exploit

Release notes

Package name: body-parser

• 1.20.4 - 2025-12-01
  

  What's Changed

  • Remove redundant depth check by @ blakeembrey in #538
  • ci: add support for Node.js v23 by @ Phillip9587 in #553
  • ci: restore CI for 1.x branch by @ bjohansebas in #665
  • deps: qs@^6.14.0 by @ bjohansebas in #664
  • deps: use tilde notation and update certain dependencies by @ Phillip9587 in #668
  • chore: remove SECURITY.md by @ Phillip9587 in #669
  • ci: add CodeQL (SAST) by @ Phillip9587 in #670
  • Release: 1.20.4 by @ UlisesGascon in #672

  Full Changelog: 1.20.3...1.20.4

• 1.20.3 - 2024-09-09
  

  What's Changed

  Important

  • deps: qs@6.13.0
  • add depth option to customize the depth level in the parser
  • IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

  Other changes

  • chore: add support for OSSF scorecard reporting by @ inigomarquinez in #522
  • ci: fix errors in ci github action for node 8 and 9 by @ inigomarquinez in #523
  • fix: pin to node@22.4.1 by @ wesleytodd in #527
  • deps: qs@6.12.3 by @ melikhov-dev in #521
  • Add OSSF Scorecard badge by @ bjohansebas in #531
  • Linter by @ UlisesGascon in #534
  • Release: 1.20.3 by @ UlisesGascon in #535

  New Contributors

  • @ inigomarquinez made their first contribution in #522
  • @ melikhov-dev made their first contribution in #521
  • @ bjohansebas made their first contribution in #531
  • @ UlisesGascon made their first contribution in #534

  Full Changelog: 1.20.2...1.20.3

• 1.20.2 - 2023-02-22
  
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
    • perf: skip value escaping when unnecessary
  • deps: raw-body@2.5.2

from body-parser GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs