[PR #466] [MERGED] fix(deps): update dependency express to v5 #769

New Issue

Closed

opened 2025-11-01 21:03:49 -05:00 by GiteaMirror · 0 comments

GiteaMirror commented 2025-11-01 21:03:49 -05:00

Owner

Copy Link

📋 Pull Request Information

Original PR: https://github.com/go-vikunja/vikunja/pull/466
Author: @renovate[bot]
Created: 3/31/2025
Status: ✅ Merged
Merged: 3/31/2025
Merged by: @kolaente

Base: main ← Head: renovate/express-5.x

---

📝 Commits (1)

• aab89ef fix(deps): update dependency express to v5

📊 Changes

2 files changed (+266 additions, -190 deletions)

View changed files

📝 desktop/package.json (+1 -1)
📝 desktop/pnpm-lock.yaml (+265 -189)

📄 Description

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
express (source)	4.21.2 -> 5.1.0

---

Release Notes

expressjs/express (express)

v5.1.0

Compare Source

========================

• Add support for Uint8Array in res.send()
• Add support for ETag option in res.sendFile()
• Add support for multiple links with the same rel in res.links()
• Add funding field to package.json
• perf: use loop for acceptParams
• refactor: prefix built-in node module imports
• deps: remove setprototypeof
• deps: remove safe-buffer
• deps: remove utils-merge
• deps: remove methods
• deps: remove depd
• deps: debug@^4.4.0
• deps: body-parser@^2.2.0
• deps: router@^2.2.0
• deps: content-type@^1.0.5
• deps: finalhandler@^2.1.0
• deps: qs@^6.14.0
• deps: server-static@2.2.0
• deps: type-is@2.0.1

v5.0.1

Compare Source

==========

• Update cookie semver lock to address CVE-2024-47764

v5.0.0

Compare Source

=========================

• remove:
  • path-is-absolute dependency - use path.isAbsolute instead
• breaking:
  • res.status() accepts only integers, and input must be greater than 99 and less than 1000
    • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
    • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
  • deps: send@1.0.0
  • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
• change:
  • res.clearCookie will ignore user provided maxAge and expires options
• deps: cookie-signature@^1.2.1
• deps: debug@4.3.6
• deps: merge-descriptors@^2.0.0
• deps: serve-static@^2.1.0
• deps: qs@6.13.0
• deps: accepts@^2.0.0
• deps: mime-types@^3.0.0
  • application/javascript => text/javascript
• deps: type-is@^2.0.0
• deps: content-disposition@^1.0.0
• deps: finalhandler@^2.0.0
• deps: fresh@^2.0.0
• deps: body-parser@^2.0.1
• deps: send@^1.1.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

---

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/go-vikunja/vikunja/pull/466 **Author:** [@renovate[bot]](https://github.com/apps/renovate) **Created:** 3/31/2025 **Status:** ✅ Merged **Merged:** 3/31/2025 **Merged by:** [@kolaente](https://github.com/kolaente) **Base:** `main` ← **Head:** `renovate/express-5.x` --- ### 📝 Commits (1) - [`aab89ef`](https://github.com/go-vikunja/vikunja/commit/aab89ef76759dbfc5d2ef43586372a2dff751a01) fix(deps): update dependency express to v5 ### 📊 Changes **2 files changed** (+266 additions, -190 deletions) <details> <summary>View changed files</summary> 📝 `desktop/package.json` (+1 -1) 📝 `desktop/pnpm-lock.yaml` (+265 -189) </details> ### 📄 Description This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [express](https://expressjs.com/) ([source](https://redirect.github.com/expressjs/express)) | [`4.21.2` -> `5.1.0`](https://renovatebot.com/diffs/npm/express/4.21.2/5.1.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>expressjs/express (express)</summary> ### [`v5.1.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#510--2025-03-31) [Compare Source](https://redirect.github.com/expressjs/express/compare/5.0.1...v5.1.0) \======================== - Add support for `Uint8Array` in `res.send()` - Add support for ETag option in `res.sendFile()` - Add support for multiple links with the same rel in `res.links()` - Add funding field to package.json - perf: use loop for acceptParams - refactor: prefix built-in node module imports - deps: remove `setprototypeof` - deps: remove `safe-buffer` - deps: remove `utils-merge` - deps: remove `methods` - deps: remove `depd` - deps: `debug@^4.4.0` - deps: `body-parser@^2.2.0` - deps: `router@^2.2.0` - deps: `content-type@^1.0.5` - deps: `finalhandler@^2.1.0` - deps: `qs@^6.14.0` - deps: `server-static@2.2.0` - deps: `type-is@2.0.1` ### [`v5.0.1`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#501--2024-10-08) [Compare Source](https://redirect.github.com/expressjs/express/compare/v5.0.0...5.0.1) \========== - Update `cookie` semver lock to address [CVE-2024-47764](https://nvd.nist.gov/vuln/detail/CVE-2024-47764) ### [`v5.0.0`](https://redirect.github.com/expressjs/express/blob/HEAD/History.md#500--2024-09-10) [Compare Source](https://redirect.github.com/expressjs/express/compare/4.21.2...v5.0.0) \========================= - remove: - `path-is-absolute` dependency - use `path.isAbsolute` instead - breaking: - `res.status()` accepts only integers, and input must be greater than 99 and less than 1000 - will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range - will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs - deps: send@1.0.0 - `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'`. - change: - `res.clearCookie` will ignore user provided `maxAge` and `expires` options - deps: cookie-signature@^1.2.1 - deps: debug@4.3.6 - deps: merge-descriptors@^2.0.0 - deps: serve-static@^2.1.0 - deps: qs@6.13.0 - deps: accepts@^2.0.0 - deps: mime-types@^3.0.0 - `application/javascript` => `text/javascript` - deps: type-is@^2.0.0 - deps: content-disposition@^1.0.0 - deps: finalhandler@^2.0.0 - deps: fresh@^2.0.0 - deps: body-parser@^2.0.1 - deps: send@^1.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/go-vikunja/vikunja). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yMDcuMSIsInVwZGF0ZWRJblZlciI6IjM5LjIwNy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> --- _{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

GiteaMirror added the pull-request label 2025-11-01 21:03:49 -05:00

GiteaMirror closed this issue 2025-11-01 21:03:49 -05:00

GiteaMirror referenced this issue 2025-11-01 21:07:21 -05:00

[PR #769] [MERGED] chore(deps): update useblacksmith/build-push-action digest to f0d8aee #928

GiteaMirror referenced this issue 2026-03-22 14:21:16 -05:00

[PR #769] [MERGED] chore(deps): update useblacksmith/build-push-action digest to f0d8aee #2853

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

renovate/dev-dependencies

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-totp-reuse

feat-websocket-notifications

feat-caldav-e2e-tests

fix/propagate-is-archived-readall-v2

claude/csv-import-feature-01Kavsoc8Zabn7Q7WwwfVjBh

csv-import-feature

feat-quick-entry

codex/add-task-sorting-functionality

fix-duplicate-close-button

codex/analyze-codebase-for-email-task-feature

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-oauth-server

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

poc-yaegi-plugins

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

v2.2.0

v2.1.0

v2.0.0

v1.1.0

v1.0.0

v1.0.0-rc4

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-rc0

v0.24.6

v0.24.5

v0.24.4

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.0

v0.22.1

v0.22.0

0.21.0

v0.21.0

v0.20.4

v0.20.5

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.2

v0.19.1

v0.19.0

vue3

v0.18.1

v0.18.0

v0.17.1

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.1

v0.13

v0.12

v0.11

v0.10

v0.9

v0.8

v0.7

v0.6

v0.5

v0.4

v0.3

v0.2

v0.1

Labels

Clear labels

area/api

area/caldav

area/filters

area/frontend

area/gantt

area/internal-code

area/typesense

bug

changes requested

confirmed

dependencies

enhancement

good first issue

help wanted

kind/bug

kind/feature

needs reproduction

pull-request

Mirrored from GitHub Pull Request

question

security

support

upstream issue

waiting for reply

wontfix

No Label pull-request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#769