Bump express from 4.19.2 to 5.0.0
Bumps express from 4.19.2 to 5.0.0.
Release notes
Sourced from express's releases.
5.0.0
What's Changed
- 4.19.2 Staging by
@wesleytoddin expressjs/express#5561- remove duplicate location test for data uri by
@wesleytoddin expressjs/express#5562- feat: document beta releases expectations by
@marco-ippolitoin expressjs/express#5565- Cut down on duplicated CI runs by
@jonchurchin expressjs/express#5564- Add a Threat Model by
@UlisesGasconin expressjs/express#5526- Assign captain of encodeurl by
@blakeembreyin expressjs/express#5579- Nominate jonchurch as repo captain for
http-errors,expressjs.com,morgan,cors,body-parserby@jonchurchin expressjs/express#5587- docs: update Security.md by
@inigomarquinezin expressjs/express#5590- docs: update triage nomination policy by
@UlisesGasconin expressjs/express#5600- Add CodeQL (SAST) by
@UlisesGasconin expressjs/express#5433- docs: add UlisesGascon as triage initiative captain by
@UlisesGasconin expressjs/express#5605- Use object with null prototype for various app properties by
@EvanHahnin expressjs/express#4861- deps: encodeurl@~2.0.0 by
@blakeembreyin expressjs/express#5569- skip QUERY method test by
@jonchurchin expressjs/express#5628- ignore ETAG query test on 21 and 22, reuse skip util by
@jonchurchin expressjs/express#5639- add support Node.js@22 in the CI by
@mertcanaltinin expressjs/express#5627- doc: add table of contents, tc/triager lists to readme by
@mertcanaltinin expressjs/express#5619- List and sort all projects, add captains by
@blakeembreyin expressjs/express#5653- Call callback once on listen error by
@wesleytoddin expressjs/express#3216- docs: add
@UlisesGasconas captain for cookie-parser by@UlisesGasconin expressjs/express#5666✨ bring back query tests for node 21 by@ctcpipin expressjs/express#5690- [v4] Deprecate
res.clearCookieacceptingoptions.maxAgeandoptions.expiresby@jonchurchin expressjs/express#5672- skip QUERY tests for Node 21 only, still not supported by
@jonchurchin expressjs/express#5695📝 update people, add ctcpip to TC by@ctcpipin expressjs/express#5683- remove minor version pinning from ci by
@jonchurchin expressjs/express#5722- Fix link variable use in attribution section of CODE OF CONDUCT by
@IamLizuin expressjs/express#5762- Replace Appveyor windows testing with GHA by
@jonchurchin expressjs/express#5599- Add OSSF Scorecard badge by
@UlisesGasconin expressjs/express#5436- Throw on invalid status codes by
@jonchurchin expressjs/express#4212- Use Array.flat instead of array-flatten by
@almicin expressjs/express#5677- Adopt Node@18 as the minimum supported version by
@UlisesGasconin expressjs/express#5803- Ignore
expiresandmaxAgeinres.clearCookie()by@jonchurchin expressjs/express#5792- send@1.0.0 by
@wesleytoddin expressjs/express#5786- chore: upgrade
debugdep from 3.10 to 4.3.6 by@carpassein expressjs/express#5829- refactor: replace 'path-is-absolute' dep with node:path isAbsolute method by
@carpassein expressjs/express#5830- update scorecard link by
@bjohansebasin expressjs/express#5814- Nominate
@IamLizuto the triage team by@UlisesGasconin expressjs/express#5836- deps: path-to-regexp@0.1.8 by
@blakeembreyin expressjs/express#5603- docs: specify new instructions for
questionanddiscussby@IamLizuin expressjs/express#5835- 5.x: Upgrading
merge-descriptorswith allowing minors by@RobinTailin expressjs/express#5782- 4.x: Upgrade
merge-descriptorsdependency by@RobinTailin expressjs/express#5781- WIP: serve-static@2 by
@wesleytoddin expressjs/express#5790- chore: upgrade qs dp from 6.11.0 to 6.13.0 by
@carpassein expressjs/express#5847- Upgrade cookie signature by
@IamLizuin expressjs/express#5833- accepts@2 by
@wesleytoddin expressjs/express#5881- mime-types@3 by
@wesleytoddin expressjs/express#5882- type-is@^2.0.0 by
@wesleytoddin expressjs/express#5883- content-disposition@^1.0.0 by
@wesleytoddin expressjs/express#5884
... (truncated)
Changelog
Sourced from express's changelog.
5.0.0 / 2024-09-10
- remove:
path-is-absolutedependency - usepath.isAbsoluteinstead- breaking:
res.status()accepts only integers, and input must be greater than 99 and less than 1000
- will throw a
RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.for inputs outside this range- will throw a
TypeError: Invalid status code: ${code}. Status code must be an integer.for non integer inputs- deps: send@1.0.0
res.redirect('back')andres.location('back')is no longer a supported magic string, explicitly usereq.get('Referrer') || '/'.- change:
res.clearCookiewill ignore user providedmaxAgeandexpiresoptions- deps: cookie-signature@^1.2.1
- deps: debug@4.3.6
- deps: merge-descriptors@^2.0.0
- deps: serve-static@^2.1.0
- deps: qs@6.13.0
- deps: accepts@^2.0.0
- deps: mime-types@^3.0.0
application/javascript=>text/javascript- deps: type-is@^2.0.0
- deps: content-disposition@^1.0.0
- deps: finalhandler@^2.0.0
- deps: fresh@^2.0.0
- deps: body-parser@^2.0.1
- deps: send@^1.1.0
5.0.0-beta.3 / 2024-03-25
This incorporates all changes after 4.19.1 up to 4.19.2.
5.0.0-beta.2 / 2024-03-20
This incorporates all changes after 4.17.2 up to 4.19.1.
5.0.0-beta.1 / 2022-02-14
This is the first Express 5.0 beta release, based off 4.17.2 and includes changes from 5.0.0-alpha.8.
- change:
- Default "query parser" setting to
'simple'- Requires Node.js 4+
- Use
mime-typesfor file to content type mapping- deps: array-flatten@3.0.0
- deps: body-parser@2.0.0-beta.1
req.bodyis no longer always initialized to{}
... (truncated)
Commits
-
344b0225.0.0 -
0c49926fix(deps): send@^1.1.0 -
b3906cbfix(deps): serve-static@^2.1.0 -
fed8c2afix(deps): body-parser@^2.0.1 -
bdd81f8Deletebackas a magic string (#5933) -
6c98f80🔧 update CI, remove unsupported versions, clean up -
f9256efMerge branch '5.0' into 5-merge -
e5feb9fMerge tag '4.20.0' into 5.0 -
21df4214.20.0 -
4c9ddc1feat: upgrade to serve-static@0.16.0 - Additional commits viewable in compare view
Dependabot commands
You can trigger Dependabot actions by commenting on this MR
-
$dependabot recreatewill recreate this MR rewriting all the manual changes and resolving conflicts