chore: upgrade express-rate-limit 7.5.1 → 8.3.1 (IPv6 security fix)

- Fixes IPv6 rate limit bypass vulnerability (GHSA-46wh-pxpv-q5gq) - IPv6 addresses now masked to /56 subnet by default - Updated custom keyGenerators to use ipKeyGenerator() helper - 5 new TDD tests for v8 features (ipKeyGenerator, IPv6 masking) - 672 tests passing, 0 TS errors, 0 npm audit vulnerabilities
2026-03-11 20:06:44 +01:00 · 2026-03-11 20:06:44 +01:00 · 7fffd404e9
commit 7fffd404e9
parent 603cbd7061
6 changed files with 55 additions and 11 deletions
--- a/package.json
+++ b/package.json
@ -14,7 +14,7 @@
  "dependencies": {
    "compression": "^1.8.1",
    "express": "^5.1.0",
-    "express-rate-limit": "^7.5.1",
+    "express-rate-limit": "^8.3.1",
    "helmet": "^8.1.0",
    "marked": "^17.0.4",
    "nanoid": "^5.1.6",