refactor: Bump express-rate-limit from 7.5.1 to 8.2.1

[dependabot]

Bumps express-rate-limit from 7.5.1 to 8.2.1.

Release notes

Sourced from express-rate-limit's releases.

v8.2.1

You can view the changelog here.

v8.2.0

You can view the changelog here.

v8.1.0

You can view the changelog here.

v8.0.1

You can view the changelog here.

v8.0.0

You can view the changelog here.

Commits

• fe1604d 8.2.1
• b11c05b Fix: don't warn for extra config from express-slow-down (#580)
• 3734733 8.2.0
• 962d737 feat: Unknown Options validation check (#578)
• 992c15c chore(deps-dev): bump the development-dependencies group with 3 updates (#579)
• 449a28a chore(deps-dev): bump the development-dependencies group across 1 directory w...
• ceaff6f chore(deps-dev): bump @​biomejs/biome from 2.2.5 to 2.2.6 (#574)
• 4fccb9e chore(deps-dev): bump lint-staged from 16.2.4 to 16.2.5 (#573)
• b597770 Rework dependabot grouping
• 03e8336 chore(deps-dev): bump mintlify from 4.2.114 to 4.2.175 (#572)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated dependencies to improve stability and performance.

[parse-github-assistant]

I will reformat the title to use the proper commit message syntax.

[parseplatformorg]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[dependabot]

Dependabot couldn't access the repository. Because of this, Dependabot cannot update this pull request.

[mtrezza]

Analysis

Reviewed the breaking changes in express-rate-limit v8 (upgrading from v7.5.1):

• Only breaking change: IPv6 addresses are now masked with a /56 subnet by default for rate limiting. This does not auto-apply in parse-server because a custom keyGenerator is used in src/middlewares.js.
• All configuration options used by parse-server (windowMs, max, message, handler, skip, keyGenerator, store) are unchanged in v8.
• No code modifications required.
• All CI checks pass.

This PR is good to merge as-is.

[mtrezza]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

📝 Walkthrough

Walkthrough

Updated the express-rate-limit dependency from version 7.5.1 to 8.2.1 in package.json. This is a version bump with no functional code changes.

Changes

Cohort / File(s)	Summary
Dependency Version Update package.json	Bumped express-rate-limit from 7.5.1 to 8.2.1

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• refactor: Upgrade express-rate-limit from 7.5.0 to 7.5.1 #9824: Prior update to the same express-rate-limit dependency (7.5.0→7.5.1), which this PR builds upon with a further version bump.

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete, missing required sections like Issue, Approach, and Tasks from the repository template. It only contains auto-generated Dependabot content without addressing template requirements.	Add the missing required sections (Issue, Approach, Tasks) from the PR template. At minimum, fill in the Issue section with the relevant issue number and provide brief Approach details.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and specifically describes the main change: bumping express-rate-limit from version 7.5.1 to 8.2.1.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dependabot/npm_and_yarn/express-rate-limit-8.2.1

---

No actionable comments were generated in the recent review. 🎉

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}