From f865bd85552a16cc5cd92d5b47286d9ed05f68ed Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 5 Dec 2025 09:04:57 +0100
Subject: [PATCH] fix(deps): update dependency express to v5.2.1 (#1932)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
| [express](https://expressjs.com/)
([source](https://redirect.github.com/expressjs/express)) | [`5.2.0` ->
`5.2.1`](https://renovatebot.com/diffs/npm/express/5.2.0/5.2.1) |
![age](https://developer.mend.io/api/mc/badges/age/npm/express/5.2.1?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/express/5.2.0/5.2.1?slim=true)
|

---

### Release Notes

<details>
<summary>expressjs/express (express)</summary>

###
[`v5.2.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#521--2025-12-01)

[Compare
Source](https://redirect.github.com/expressjs/express/compare/v5.2.0...v5.2.1)

\=======================

- Revert security fix for
[CVE-2024-51999](https://www.cve.org/CVERecord?id=CVE-2024-51999)
([GHSA-pj86-cfqh-vqx6](https://redirect.github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/go-vikunja/vikunja).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi4zMi4yIiwidXBkYXRlZEluVmVyIjoiNDIuMzIuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 desktop/package.json   |  2 +-
 desktop/pnpm-lock.yaml | 14 +++++++-------
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/desktop/package.json b/desktop/package.json
index 0bb21bcca..52010de23 100644
--- a/desktop/package.json
+++ b/desktop/package.json
@@ -57,7 +57,7 @@
     "unzipper": "0.12.3"
   },
   "dependencies": {
-    "express": "5.2.0"
+    "express": "5.2.1"
   },
   "pnpm": {
     "onlyBuiltDependencies": [
diff --git a/desktop/pnpm-lock.yaml b/desktop/pnpm-lock.yaml
index 52876d2a2..2ce9de9f0 100644
--- a/desktop/pnpm-lock.yaml
+++ b/desktop/pnpm-lock.yaml
@@ -9,8 +9,8 @@ importers:
   .:
     dependencies:
       express:
-        specifier: 5.2.0
-        version: 5.2.0
+        specifier: 5.2.1
+        version: 5.2.1
     devDependencies:
       electron:
         specifier: 37.10.3
@@ -636,8 +636,8 @@ packages:
   exponential-backoff@3.1.3:
     resolution: {integrity: sha512-ZgEeZXj30q+I0EN+CbSSpIyPaJ5HVQD18Z1m+u1FXbAeT94mr1zw50q4q6jiiC447Nl/YTcIYSAftiGqetwXCA==}
 
-  express@5.2.0:
-    resolution: {integrity: sha512-XdpJDLxfztVY59X0zPI6sibRiGcxhTPXRD3IhJmjKf2jwMvkRGV1j7loB8U+heeamoU3XvihAaGRTR4aXXUN3A==}
+  express@5.2.1:
+    resolution: {integrity: sha512-hIS4idWWai69NezIdRt2xFVofaF4j+6INOpJlVOLDO8zXGpUVEVzIYk12UUi2JzjEzWL3IOAxcTubgz9Po0yXw==}
     engines: {node: '>= 18'}
 
   extract-zip@2.0.1:
@@ -1651,7 +1651,7 @@ snapshots:
       make-fetch-happen: 10.2.1
       nopt: 6.0.0
       proc-log: 2.0.1
-      semver: 7.7.2
+      semver: 7.7.3
       tar: 6.2.1
       which: 2.0.2
     transitivePeerDependencies:
@@ -1771,7 +1771,7 @@ snapshots:
   '@npmcli/fs@2.1.2':
     dependencies:
       '@gar/promisify': 1.1.3
-      semver: 7.7.2
+      semver: 7.7.3
 
   '@npmcli/move-file@2.0.1':
     dependencies:
@@ -2488,7 +2488,7 @@ snapshots:
 
   exponential-backoff@3.1.3: {}
 
-  express@5.2.0:
+  express@5.2.1:
     dependencies:
       accepts: 2.0.0
       body-parser: 2.2.1