build(deps): Bump body-parser from 2.2.2 to 2.3.0

[dependabot]

Bumps body-parser from 2.2.2 to 2.3.0.

Release notes

Sourced from body-parser's releases.

v2.3.0

What's Changed

• build(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in expressjs/body-parser#681
• build(deps): bump actions/checkout from 5.0.0 to 6.0.1 by @​dependabot[bot] in expressjs/body-parser#682
• build(deps): bump actions/setup-node from 6.0.0 to 6.1.0 by @​dependabot[bot] in expressjs/body-parser#683
• build(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by @​dependabot[bot] in expressjs/body-parser#685
• build(deps): bump github/codeql-action from 4.31.2 to 4.31.9 by @​dependabot[bot] in expressjs/body-parser#684
• perf(urlencoded): move empty-body guard to avoid extra function closure by @​Phillip9587 in expressjs/body-parser#647
• Improve ESM compatibility by @​Phillip9587 in expressjs/body-parser#697
• docs: add recommendations for configuring payload limits by @​bjohansebas in expressjs/body-parser#699
• build(deps): bump actions/setup-node from 6.1.0 to 6.2.0 by @​dependabot[bot] in expressjs/body-parser#701
• build(deps): bump github/codeql-action from 4.31.10 to 4.32.0 by @​dependabot[bot] in expressjs/body-parser#702
• build(deps): bump actions/checkout from 6.0.1 to 6.0.2 by @​dependabot[bot] in expressjs/body-parser#700
• chore: add explicit type commonjs to package.json by @​Phillip9587 in expressjs/body-parser#711
• deps: update dependencies to latest versions by @​Phillip9587 in expressjs/body-parser#708
• build(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by @​dependabot[bot] in expressjs/body-parser#712
• build(deps): bump github/codeql-action from 4.32.0 to 4.32.4 by @​dependabot[bot] in expressjs/body-parser#713
• build(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by @​dependabot[bot] in expressjs/body-parser#714
• fix: improve limit option validation by @​Phillip9587 in expressjs/body-parser#698
• build(deps): bump github/codeql-action from 4.32.4 to 4.35.1 by @​dependabot[bot] in expressjs/body-parser#719
• build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 by @​dependabot[bot] in expressjs/body-parser#718
• build(deps): bump actions/download-artifact from 8.0.0 to 8.0.1 by @​dependabot[bot] in expressjs/body-parser#717
• perf: eliminate conditional check in json strict mode hot path by @​Phillip9587 in expressjs/body-parser#651
• ci: add node.js 26 to text matrix by @​Phillip9587 in expressjs/body-parser#726
• build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 by @​dependabot[bot] in expressjs/body-parser#725
• build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 by @​dependabot[bot] in expressjs/body-parser#724
• build(deps): bump github/codeql-action from 4.35.1 to 4.35.3 by @​dependabot[bot] in expressjs/body-parser#723
• Upgrade "content-type" by @​blakeembrey in expressjs/body-parser#728
• refactor: switch to const/let and enable eslint no-var rule by @​Phillip9587 in expressjs/body-parser#729
• Update outdated reference to MDN docs by @​krzysdz in expressjs/body-parser#730
• build(deps): bump github/codeql-action from 4.35.3 to 4.36.1 by @​dependabot[bot] in expressjs/body-parser#731
• build(deps): bump actions/checkout from 6.0.2 to 6.0.3 by @​dependabot[bot] in expressjs/body-parser#732
• chore: updated deps to latest by @​Phillip9587 in expressjs/body-parser#733
• 2.3.0 by @​UlisesGascon in expressjs/body-parser#735

New Contributors

• @​krzysdz made their first contribution in expressjs/body-parser#730

Full Changelog: expressjs/body-parser@v2.2.2...v2.3.0

Changelog

Sourced from body-parser's changelog.

2.3.0 / 2026-06-15

• fix: use static exports instead of lazy getters to improve ESM compatibility
• feat: add subpath exports for individual parsers
• fix: improve limit option validation (#698)
  • Invalid limit values (e.g. unparseable strings or NaN) now throw instead of being silently ignored, which previously disabled size limit enforcement
  • null and undefined fall back to the default 100kb limit
• deps:
  • content-type@^2.0.0
  • http-errors@^2.0.1
  • iconv-lite^0.7.2
  • qs@^6.15.2
  • raw-body@^3.0.2
  • type-is@^2.1.0

Commits

• d0f2ace 2.3.0 (#735)
• 7d03f2f chore: updated deps to latest (#733)
• 8024ba7 build(deps): bump actions/checkout from 6.0.2 to 6.0.3 (#732)
• 32b4ed4 build(deps): bump github/codeql-action from 4.35.3 to 4.36.1 (#731)
• ff0f6b9 docs: update outdated reference to MDN docs (#730)
• 14d001a refactor: switch to const/let and enable eslint no-var rule (#729)
• 37f36a2 deps: update content-type and type-is (#728)
• e1c244b build(deps): bump github/codeql-action from 4.35.1 to 4.35.3 (#723)
• e01087f build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#724)
• a7698d3 build(deps): bump actions/setup-node from 6.3.0 to 6.4.0 (#725)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)