Mime version 1.3.5 represents an incremental update to the popular "mime" package, a comprehensive library for MIME type mapping in Node.js environments. Comparing it to the prior stable release, version 1.3.4, reveals a key difference in the mime-db dev dependency. Version 1.3.5 utilizes mime-db version ^1.22.0, a substantial jump from the ^1.2.0 dependency in version 1.3.4. This signals a significant update to the underlying MIME type database, presumably incorporating many new or updated MIME type definitions.
For developers, this update is crucial as it directly impacts the accuracy and completeness of MIME type lookups. If your application deals with a wide range of file types or relies on the latest MIME type specifications, upgrading to 1.3.5 ensures greater compatibility and reduces the risk of misidentification. The release date of version 1.3.5 is May 11, 2017, highlighting a considerable gap since the previous version's release in February 2015. Furthermore, the "repository" URL differs slightly, pointing to a "git+" prefixed URL in version 1.3.5, although functionally, both still point to the same GitHub repository. The later version is available from npm registry as a tarball. It is licensed under MIT license.
All the vulnerabilities related to the version 1.3.5 of the package
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
Affected versions of mime are vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input.
Update to version 2.0.3 or later.
