Started adding slash commands, doesn't work though

node_modules/body-parser/HISTORY.md

@@ -1,3 +1,21 @@
+1.20.0 / 2022-04-02
+===================
+
+  * Fix error message for json parse whitespace in `strict`
+  * Fix internal error when inflated body exceeds limit
+  * Prevent loss of async hooks context
+  * Prevent hanging when request already read
+  * deps: depd@2.0.0
+    - Replace internal `eval` usage with `Function` constructor
+    - Use instance methods on `process` to check for listeners
+  * deps: http-errors@2.0.0
+    - deps: depd@2.0.0
+    - deps: statuses@2.0.1
+  * deps: on-finished@2.4.1
+  * deps: qs@6.10.3
+  * deps: raw-body@2.5.1
+    - deps: http-errors@2.0.0
+
 1.19.2 / 2022-02-15
 ===================
 

node_modules/body-parser/README.md

@@ -342,6 +342,14 @@ to this middleware. This module operates directly on bytes only and you cannot
 call `req.setEncoding` when using this module. The `status` property is set to
 `500` and the `type` property is set to `'stream.encoding.set'`.
 
+### stream is not readable
+
+This error will occur when the request is no longer readable when this middleware
+attempts to read it. This typically means something other than a middleware from
+this module read the reqest body already and the middleware was also configured to
+read the same request. The `status` property is set to `500` and the `type`
+property is set to `'stream.not.readable'`.
+
 ### too many parameters
 
 This error will occur when the content of the request exceeds the configured
@@ -453,4 +461,4 @@ app.use(bodyParser.text({ type: 'text/html' }))
 [downloads-image]: https://img.shields.io/npm/dm/body-parser.svg
 [downloads-url]: https://npmjs.org/package/body-parser
 [github-actions-ci-image]: https://img.shields.io/github/workflow/status/expressjs/body-parser/ci/master?label=ci
-[github-actions-ci-url]: https://github.com/expressjs/body-parser?query=workflow%3Aci
+[github-actions-ci-url]: https://github.com/expressjs/body-parser/actions/workflows/ci.yml

node_modules/body-parser/SECURITY.md

@@ -0,0 +1,25 @@
+# Security Policies and Procedures
+
+## Reporting a Bug
+
+The Express team and community take all security bugs seriously. Thank you
+for improving the security of Express. We appreciate your efforts and
+responsible disclosure and will make every effort to acknowledge your
+contributions.
+
+Report security bugs by emailing the current owner(s) of `body-parser`. This
+information can be found in the npm registry using the command
+`npm owner ls body-parser`.
+If unsure or unable to get the information from the above, open an issue
+in the [project issue tracker](https://github.com/expressjs/body-parser/issues)
+asking for the current contact information.
+
+To ensure the timely response to your report, please ensure that the entirety
+of the report is contained within the email body and not solely behind a web
+link or an attachment.
+
+At least one owner will acknowledge your email within 48 hours, and will send a
+more detailed response within 48 hours indicating the next steps in handling
+your report. After the initial reply to your report, the owners will
+endeavor to keep you informed of the progress towards a fix and full
+announcement, and may ask for additional information or guidance.

node_modules/body-parser/lib/read.js

@@ -12,9 +12,11 @@
  */
 
 var createError = require('http-errors')
+var destroy = require('destroy')
 var getBody = require('raw-body')
 var iconv = require('iconv-lite')
 var onFinished = require('on-finished')
+var unpipe = require('unpipe')
 var zlib = require('zlib')
 
 /**
@@ -89,9 +91,14 @@ function read (req, res, next, parse, debug, options) {
         _error = createError(400, error)
       }
 
+      // unpipe from stream and destroy
+      if (stream !== req) {
+        unpipe(req)
+        destroy(stream, true)
+      }
+
       // read off entire request
-      stream.resume()
-      onFinished(req, function onfinished () {
+      dump(req, function onfinished () {
         next(createError(400, _error))
       })
       return
@@ -179,3 +186,20 @@ function contentstream (req, debug, inflate) {
 
   return stream
 }
+
+/**
+ * Dump the contents of a request.
+ *
+ * @param {object} req
+ * @param {function} callback
+ * @api private
+ */
+
+function dump (req, callback) {
+  if (onFinished.isFinished(req)) {
+    callback(null)
+  } else {
+    onFinished(req, callback)
+    req.resume()
+  }
+}

node_modules/body-parser/lib/types/json.js

@@ -37,7 +37,7 @@ module.exports = json
  *            %x0D )              ; Carriage return
  */
 
-var FIRST_CHAR_REGEXP = /^[\x20\x09\x0a\x0d]*(.)/ // eslint-disable-line no-control-regex
+var FIRST_CHAR_REGEXP = /^[\x20\x09\x0a\x0d]*([^\x20\x09\x0a\x0d])/ // eslint-disable-line no-control-regex
 
 /**
  * Create a middleware to parse JSON bodies.
@@ -122,7 +122,7 @@ function json (options) {
 
     // assert charset per RFC 7159 sec 8.1
     var charset = getCharset(req) || 'utf-8'
-    if (charset.substr(0, 4) !== 'utf-') {
+    if (charset.slice(0, 4) !== 'utf-') {
       debug('invalid charset')
       next(createError(415, 'unsupported charset "' + charset.toUpperCase() + '"', {
         charset: charset,
@@ -152,7 +152,9 @@ function json (options) {
 
 function createStrictSyntaxError (str, char) {
   var index = str.indexOf(char)
-  var partial = str.substring(0, index) + '#'
+  var partial = index !== -1
+    ? str.substring(0, index) + '#'
+    : ''
 
   try {
     JSON.parse(partial); /* istanbul ignore next */ throw new SyntaxError('strict violation')
@@ -173,7 +175,11 @@ function createStrictSyntaxError (str, char) {
  */
 
 function firstchar (str) {
-  return FIRST_CHAR_REGEXP.exec(str)[1]
+  var match = FIRST_CHAR_REGEXP.exec(str)
+
+  return match
+    ? match[1]
+    : undefined
 }
 
 /**

node_modules/body-parser/package.json

@@ -1,7 +1,7 @@
 {
   "name": "body-parser",
   "description": "Node.js body parsing middleware",
-  "version": "1.19.2",
+  "version": "1.20.0",
   "contributors": [
     "Douglas Christopher Wilson <doug@somethingdoug.com>",
     "Jonathan Ong <me@jongleberry.com> (http://jongleberry.com)"
@@ -12,13 +12,15 @@
     "bytes": "3.1.2",
     "content-type": "~1.0.4",
     "debug": "2.6.9",
-    "depd": "~1.1.2",
-    "http-errors": "1.8.1",
+    "depd": "2.0.0",
+    "destroy": "1.2.0",
+    "http-errors": "2.0.0",
     "iconv-lite": "0.4.24",
-    "on-finished": "~2.3.0",
-    "qs": "6.9.7",
-    "raw-body": "2.4.3",
-    "type-is": "~1.6.18"
+    "on-finished": "2.4.1",
+    "qs": "6.10.3",
+    "raw-body": "2.5.1",
+    "type-is": "~1.6.18",
+    "unpipe": "1.0.0"
   },
   "devDependencies": {
     "eslint": "7.32.0",
@@ -29,7 +31,7 @@
     "eslint-plugin-promise": "5.2.0",
     "eslint-plugin-standard": "4.1.0",
     "methods": "1.1.2",
-    "mocha": "9.2.0",
+    "mocha": "9.2.2",
     "nyc": "15.1.0",
     "safe-buffer": "5.2.1",
     "supertest": "6.2.2"
@@ -38,10 +40,12 @@
     "lib/",
     "LICENSE",
     "HISTORY.md",
+    "SECURITY.md",
     "index.js"
   ],
   "engines": {
-    "node": ">= 0.8"
+    "node": ">= 0.8",
+    "npm": "1.2.8000 || >= 1.4.16"
   },
   "scripts": {
     "lint": "eslint .",