Bump express-slow-down from 1.4.0 to 2.0.3

[dependabot]

Bumps express-slow-down from 1.4.0 to 2.0.3.

Changelog

Sourced from express-slow-down's changelog.

v2.0.3

Fixed

• Fixed peerDependencies compatibility with express 5 beta.

v2.0.2

Fixed

• Allowed express-slow-down to be used with express v5.

v2.0.1

Fixed

• Fixed an incorrect WRN_ERL_MAX_ZERO warning when supplying a custom validation object in the config.

v2.0.0

express-slow-down v2 is built on top of express-rate-limit v7.

Breaking

• Changed behavior of delayMs when set to a number
  • Previous behavior multiplied delayMs value by the number of slowed requests to determine the delay amount
  • New behavior treats a numeric value as a fixed delay that is applied to each slowed request without multiplication
  • Set to function(used) { return (used - this.delayAfter) * 1000; } to restore old behavior. (Change 1000 to match old value if necessary.)
• Changed arguments passed to delayMs when set to a function
  • Previous signature was function(req, res): number
  • New signature is function(used, req, res): number | Promise<number> where used is the number of hits from this user during the current window
• Dropped support for onLimitReached method
• Dropped support for headers option
• Renamed req.slowDown.current to req.slowDown.used
  • current is now a hidden getter that will return the used value, but will not be included when iteration over keys or running through JSON.stringify()

Added

• delayAfter, delayMs, and maxDelayMs may now be async functions that return a number or a promise that resolves to a number
• The MemoryStore now uses precise, per-user reset times rather than a global window that resets all users at once.
• Now using express-rate-limit's validator to detect and warn about common

... (truncated)

Commits

• dd0363d 2.0.3
• 925c37b chore: v2.0.3 changelog
• 8b48c77 Merge pull request #52 from dderevjanik/chore/express-5-beta
• 54ecb0c chore: express 5 beta
• 5f7e281 docs: update changelog for v2.0.2
• 13b5bc9 2.0.2
• 9277ffb chore(deps): support express 5 (#51)
• fb41c4a Merge pull request #49 from express-rate-limit/dependabot/npm_and_yarn/expres...
• a7a3249 build(deps-dev): bump express from 4.18.2 to 4.19.2
• 6e72d1a Merge pull request #48 from WovenCoast/master
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)