Sourced from multer's releases.

v2.0.2

Important

• Fix CVE-2025-7338 (GHSA-fjgf-rc76-4x9p)

Full Changelog: https://github.com/expressjs/multer/compare/v2.0.1...v2.0.2

v2.0.1

Important

• Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

What's Changed

• add Arabic translation for README .. by @​3imed-jaberi in expressjs/multer#762
• Update README.md to fix issue #1114 by @​Mohamed-Abdelfattah in expressjs/multer#1169
• Improved documentation translation to Spanish by @​juliomontenegro in expressjs/multer#1174
• Translated to french by @​AlanLg in expressjs/multer#1182
• Improve the Brazilian Portuguese translation by @​vitorRibeiro7 in expressjs/multer#1204
• doc: uzbek language by @​eugene0928 in expressjs/multer#1232
• Fix a mistake with README-pt-br.md by @​Igor-CA in expressjs/multer#1251
• Update in Readme-pt-br and fix in Readme-ko by @​carlosstenzel in expressjs/multer#1252
• chore: add support for OSSF scorecard reporting by @​inigomarquinez in expressjs/multer#1260
• ci: replace travis with github action by @​inigomarquinez in expressjs/multer#1259
• docs: improve readability by @​Sreejit-Sengupto in expressjs/multer#1255
• test: add test for out-of-band error event by @​LinusU in expressjs/multer#1294
• chore: upgrade scorecard workflow pinned action versions by @​carpasse in expressjs/multer#1290
• Documentation: remove unfortunate abbreviation from readme by @​MaddyGuthridge in expressjs/multer#1299
• ci: use ubuntu-latest as default runner by @​UlisesGascon in expressjs/multer#1308
• ci: add CodeQL (SAST) by @​bjohansebas in expressjs/multer#1289
• Update readme badges by @​bjohansebas in expressjs/multer#1268
• 📝 fix changelog information by @​ctcpip in expressjs/multer#1316
• master -> v2 by @​ctcpip in expressjs/multer#1317
• chore: fix typo by @​saucecodee in expressjs/multer#993
• Remove --save from README by @​username1001 in expressjs/multer#929
• feat - update link badge in docs by @​carlosstenzel in expressjs/multer#1273
• ci: change branch reference by @​UlisesGascon in expressjs/multer#1319
• ♻️ use version tag for CI, fix CI badge, fix references to master/main by @​ctcpip in expressjs/multer#1324
• deps: update dependencies to latest versions by @​bjohansebas in expressjs/multer#1328
• 📝 list languages in table to prevent GH right-aligning list due to RTL language by @​ctcpip in expressjs/multer#1325
• [StepSecurity] Apply security best practices by @​step-security-bot in expressjs/multer#1311

New Contributors

• @​3imed-jaberi made their first contribution in expressjs/multer#762
• @​Mohamed-Abdelfattah made their first contribution in expressjs/multer#1169
• @​juliomontenegro made their first contribution in expressjs/multer#1174
• @​AlanLg made their first contribution in expressjs/multer#1182
• @​vitorRibeiro7 made their first contribution in expressjs/multer#1204
• @​eugene0928 made their first contribution in expressjs/multer#1232
• @​Igor-CA made their first contribution in expressjs/multer#1251

... (truncated)

Sourced from multer's changelog.

2.0.2

• Fix CVE-2025-7338 (GHSA-fjgf-rc76-4x9p)

2.0.1

• Fix CVE-2025-48997 (GHSA-g5hg-p3ph-g8qg)

2.0.0

• Breaking change: The minimum supported Node version is now 10.16.0
• Fix CVE-2025-47935 (GHSA-44fp-w29j-9vj5)
• Fix CVE-2025-47944 (GHSA-4pg4-qvpc-4q3h)

• e5db9ca 🔖 2.0.2
• adfeaf6 🥅 improve error handling
• e259a7e 🔖 2.0.1
• 35a3272 Fixes expressjs/multer#1233. Makes multer handle mi...
• f897007 ci: apply security best practices (#1311)
• 061f4cb 📝 list languages in table to prevent GH right-aligning list due to RTL language
• 854d769 deps: update dependencies to latest versions (#1328)
• 256da2f ♻️ use version tag for CI, fix CI badge, fix references to master/main
• dd9dde4 📝 fix badges in translation files (#1321)
• dc2a880 ci: change branch reference
• Additional commits viewable in compare view

This version was pushed to npm by ulisesgascon, a new releaser for multer since your current version.

Sourced from @​nestjs/platform-express's releases.

v11.1.5 (2025-07-18)

Dependencies

• platform-express
  • #15425 chore(deps): bump multer from 2.0.1 to 2.0.2 in /packages/platform-express (@​dependabot[bot])

v11.1.4 (2025-07-16)

Bug fixes

• platform-fastify
  • #15385 fix(testing): auto-init fastify adapter for middleware registration (@​mag123c)
• core, testing
  • #15405 fix(core): fix race condition in class dependency resolution (@​hajekjiri)
• core
  • #15333 fix(core): Make flattenRoutePath return a valid module (@​gentunian)
• microservices
  • #15305 fix(microservices): Revisit RMQ pattern matching with wildcards (@​getlarge)
  • #15250 fix(constants): update RMQ_DEFAULT_QUEUE to an empty string (@​EeeasyCode)

Enhancements

• platform-fastify
  • #14789 feat(fastify): add decorator for custom schema (@​piotrfrankowski)
• common, core, microservices, platform-express, platform-fastify, websockets
  • #15386 feat: enhance introspection capabilities (@​kamilmysliwiec)
• core
  • #15374 feat: supporting fine async storage control (@​Farenheith)

Dependencies

• platform-ws
  • #15350 chore(deps): bump ws from 8.18.2 to 8.18.3 (@​dependabot[bot])
• platform-fastify
  • #15278 chore(deps): bump fastify from 5.3.3 to 5.4.0 (@​dependabot[bot])

Committers: 11

• Alexey Filippov (@​SocketSomeone)
• EFIcats (@​ext4cats)
• Edouard Maleix (@​getlarge)
• JaeHo Jang (@​mag123c)
• Jiri Hajek (@​hajekjiri)
• Kamil Mysliwiec (@​kamilmysliwiec)
• Khan / 이창민 (@​EeeasyCode)
• Peter F. (@​piotrfrankowski)
• Sebastian (@​gentunian)
• Thiago Oliveira Santos (@​Farenheith)
• jochong (@​jochongs)

v11.1.3 (2025-06-06)

Bug fixes

... (truncated)

• 9bb0560 chore(@​nestjs) publish v11.1.5 release
• da24918 chore(deps): bump multer in /packages/platform-express
• 1f101ac chore(@​nestjs) publish v11.1.4 release
• 436e1de style: address linter warnings
• 4d436f0 test: update outdated unit tests
• adc7e15 feat: enhance introspection capabilities
• 1613f50 chore(@​nestjs) publish v11.1.3 release
• 3e43b0e chore(deps): bump multer from 2.0.0 to 2.0.1
• 32b5feb chore(@​nestjs) publish v11.1.2 release
• 492fb35 chore(deps): bump multer from 1.4.5-lts.2 to 2.0.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.