Bump express from 4.18.3 to 4.19.0 (!21) · Merge requests · tools / infra / zeroscale

Dependabot requested to merge dependabot-npm_and_yarn-express-4.19.0 into master Mar 20, 2024

Bumps express from 4.18.3 to 4.19.0.

Release notes

4.19.0

What's Changed

fix typo in release date by @UlisesGascon in expressjs/express#5527

docs: nominating @wesleytodd to be project captian by @wesleytodd in expressjs/express#5511

docs: loosen TC activity rules by @wesleytodd in expressjs/express#5510

Add note on how to update docs for new release by @crandmck in expressjs/express#5541

Prevent open redirect allow list bypass due to encodeurl

Release 4.19.0 by @wesleytodd in expressjs/express#5551

New Contributors

@crandmck made their first contribution in expressjs/express#5541

Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0

Commits

084e365 4.19.0
0867302 Prevent open redirect allow list bypass due to encodeurl
567c9c6 Add note on how to update docs for new release (#5541)
69a4cf2 deps: cookie@0.6.0
4ee853e docs: loosen TC activity rules
414854b docs: nominating @wesleytodd to be project captian
06c6b88 docs: update release date
See full diff in compare view

Maintainer changes

This version was pushed to npm by wesleytodd, a new releaser for express since your current version.

Dependabot commands

You can trigger Dependabot actions by commenting on this MR

$dependabot recreate will recreate this MR rewriting all the manual changes and resolving conflicts

Bump express from 4.18.3 to 4.19.0

4.19.0

What's Changed

New Contributors

Merge request reports