Skip to content

Commit 3562fac

Browse files
renovate[bot]renovate[bot]
authored
Update dependency express to v5 (#1672)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [express](https://expressjs.com/) ([source](https://redirect.github.com/expressjs/express)) | [`^4.18.2` → `^5.0.0`](https://renovatebot.com/diffs/npm/express/4.22.2/5.2.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/express/5.2.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/express/4.22.2/5.2.1?slim=true) | | [express](https://expressjs.com/) ([source](https://redirect.github.com/expressjs/express)) | [`^4.17.3` → `^5.0.0`](https://renovatebot.com/diffs/npm/express/4.22.2/5.2.1) | ![age](https://developer.mend.io/api/mc/badges/age/npm/express/5.2.1?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/express/4.22.2/5.2.1?slim=true) | | [@types/express](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/express) ([source](https://redirect.github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express)) | [`^4.17.17` → `^5.0.0`](https://renovatebot.com/diffs/npm/@types%2fexpress/4.17.25/5.0.6) | ![age](https://developer.mend.io/api/mc/badges/age/npm/@types%2fexpress/5.0.6?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/@types%2fexpress/4.17.25/5.0.6?slim=true) | --- ### Release Notes <details> <summary>expressjs/express (express)</summary> ### [`v5.2.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#521--2025-12-01) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.2.0...v5.2.1) \======================= - Revert security fix for [CVE-2024-51999](https://www.cve.org/CVERecord?id=CVE-2024-51999) ([GHSA-pj86-cfqh-vqx6](https://redirect.github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6)) - The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release. ### [`v5.2.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#520--2025-12-01) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.1.0...v5.2.0) \======================== - Security fix for [CVE-2024-51999](https://www.cve.org/CVERecord?id=CVE-2024-51999) ([GHSA-pj86-cfqh-vqx6](https://redirect.github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6)) - deps: `body-parser@^2.2.1` - A deprecation warning was added when using `res.redirect` with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix. ### [`v5.1.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#510--2025-03-31) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.0.1...v5.1.0) \======================== - Add support for `Uint8Array` in `res.send()` - Add support for ETag option in `res.sendFile()` - Add support for multiple links with the same rel in `res.links()` - Add funding field to package.json - perf: use loop for acceptParams - refactor: prefix built-in node module imports - deps: remove `setprototypeof` - deps: remove `safe-buffer` - deps: remove `utils-merge` - deps: remove `methods` - deps: remove `depd` - deps: `debug@^4.4.0` - deps: `body-parser@^2.2.0` - deps: `router@^2.2.0` - deps: `content-type@^1.0.5` - deps: `finalhandler@^2.1.0` - deps: `qs@^6.14.0` - deps: `server-static@2.2.0` - deps: `type-is@2.0.1` ### [`v5.0.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#501--2024-10-08) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.0.0...v5.0.1) \========== - Update `cookie` semver lock to address [CVE-2024-47764](https://nvd.nist.gov/vuln/detail/CVE-2024-47764) ### [`v5.0.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#500--2024-09-10) [Compare Source](https://redirect.github.com/expressjs/express/compare/v4.22.2...v5.0.0) \========================= - remove: - `path-is-absolute` dependency - use `path.isAbsolute` instead - breaking: - `res.status()` accepts only integers, and input must be greater than 99 and less than 1000 - will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range - will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs - deps: send\@&#8203;1.0.0 - `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'`. - change: - `res.clearCookie` will ignore user provided `maxAge` and `expires` options - deps: cookie-signature@^1.2.1 - deps: debug\@&#8203;4.3.6 - deps: merge-descriptors@^2.0.0 - deps: serve-static@^2.1.0 - deps: qs\@&#8203;6.13.0 - deps: accepts@^2.0.0 - deps: mime-types@^3.0.0 - `application/javascript` => `text/javascript` - deps: type-is@^2.0.0 - deps: content-disposition@^1.0.0 - deps: finalhandler@^2.0.0 - deps: fresh@^2.0.0 - deps: body-parser@^2.0.1 - deps: send@^1.1.0 </details> --- ### Configuration 📅 **Schedule**: (in timezone Asia/Tokyo) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled because a matching PR was automerged previously. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/line/line-bot-sdk-nodejs). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMzEuMSIsInVwZGF0ZWRJblZlciI6IjQzLjIzMS4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbImRlcGVuZGVuY3kgdXBncmFkZSJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 parent 7e1ec60 commit 3562fac

10 files changed

Lines changed: 1237 additions & 1197 deletions

File tree

examples/echo-bot-esm/package-lock.json

Lines changed: 242 additions & 226 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

examples/echo-bot-esm/package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@
99
},
1010
"dependencies": {
1111
"@line/bot-sdk": "^11.0.1",
12-
"express": "^4.17.3"
12+
"express": "^5.0.0"
1313
},
1414
"type": "module"
1515
}

0 commit comments

Comments
 (0)