This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [express](https://expressjs.com/) ([source](https://redirect.github.com/expressjs/express)) | [`^4.21.2` -> `^5.0.1`](https://renovatebot.com/diffs/npm/express/4.21.2/5.0.1) | [![age](https://developer.mend.io/api/mc/badges/age/npm/express/5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/express/5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/express/4.21.2/5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/express/4.21.2/5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>expressjs/express (express)</summary> ### [`v5.0.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#501--2024-10-08) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.0.0...5.0.1) \========== - Update `cookie` semver lock to address [CVE-2024-47764](https://nvd.nist.gov/vuln/detail/CVE-2024-47764) ### [`v5.0.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#500--2024-09-10) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.21.2...v5.0.0) \========================= - remove: - `path-is-absolute` dependency - use `path.isAbsolute` instead - breaking: - `res.status()` accepts only integers, and input must be greater than 99 and less than 1000 - will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range - will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs - deps: send@1.0.0 - `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'`. - change: - `res.clearCookie` will ignore user provided `maxAge` and `expires` options - deps: cookie-signature@^1.2.1 - deps: debug@4.3.6 - deps: merge-descriptors@^2.0.0 - deps: serve-static@^2.1.0 - deps: qs@6.13.0 - deps: accepts@^2.0.0 - deps: mime-types@^3.0.0 - `application/javascript` => `text/javascript` - deps: type-is@^2.0.0 - deps: content-disposition@^1.0.0 - deps: finalhandler@^2.0.0 - deps: fresh@^2.0.0 - deps: body-parser@^2.0.1 - deps: send@^1.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - "after 8:00 before 23:00 every weekday except on Friday" in timezone UTC. 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/divvi-xyz/hooks).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
-Original file line number
+Diff line change
     "bignumber.js": "^9.1.2",
     "cors": "^2.8.5",
     "dotenv": "^16.4.7",
 -    "express": "^4.21.2",
 +    "express": "^5.0.1",
     "got": "^11.8.6",
     "i18next": "^24.2.3",
     "i18next-fs-backend": "^2.6.0",