remove:
- path-is-absolute dependency - use path.isAbsolute instead
breaking:
- res.status() accepts only integers, and input must be greater than 99 and less than 1000
  - will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
  - will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
- deps: send@1.0.0
- res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
change:
- res.clearCookie will ignore user provided maxAge and expires options
deps: cookie-signature@^1.2.1
deps: debug@4.3.6
deps: merge-descriptors@^2.0.0
deps: serve-static@^2.1.0
deps: qs@6.13.0
deps: accepts@^2.0.0
deps: mime-types@^3.0.0
- application/javascript => text/javascript
deps: type-is@^2.0.0
deps: content-disposition@^1.0.0
deps: finalhandler@^2.0.0
deps: fresh@^2.0.0
deps: body-parser@^2.0.1
deps: send@^1.1.0

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [express](https://expressjs.com/) ([source](https://github.com/expressjs/express)) | dependencies | major | [`^4.21.1` -> `^5.0.0`](https://renovatebot.com/diffs/npm/express/4.21.2/5.1.0) | --- ### Release Notes <details> <summary>expressjs/express (express)</summary> ### [`v5.1.0`](https://github.com/expressjs/express/blob/HEAD/History.md#510--2025-03-31) [Compare Source](https://github.com/expressjs/express/compare/5.0.1...v5.1.0) \======================== - Add support for `Uint8Array` in `res.send()` - Add support for ETag option in `res.sendFile()` - Add support for multiple links with the same rel in `res.links()` - Add funding field to package.json - perf: use loop for acceptParams - refactor: prefix built-in node module imports - deps: remove `setprototypeof` - deps: remove `safe-buffer` - deps: remove `utils-merge` - deps: remove `methods` - deps: remove `depd` - deps: `debug@^4.4.0` - deps: `body-parser@^2.2.0` - deps: `router@^2.2.0` - deps: `content-type@^1.0.5` - deps: `finalhandler@^2.1.0` - deps: `qs@^6.14.0` - deps: `server-static@2.2.0` - deps: `type-is@2.0.1` ### [`v5.0.1`](https://github.com/expressjs/express/blob/HEAD/History.md#501--2024-10-08) [Compare Source](https://github.com/expressjs/express/compare/v5.0.0...5.0.1) \========== - Update `cookie` semver lock to address [CVE-2024-47764](https://nvd.nist.gov/vuln/detail/CVE-2024-47764) ### [`v5.0.0`](https://github.com/expressjs/express/blob/HEAD/History.md#500--2024-09-10) [Compare Source](https://github.com/expressjs/express/compare/4.21.2...v5.0.0) \========================= - remove: - `path-is-absolute` dependency - use `path.isAbsolute` instead - breaking: - `res.status()` accepts only integers, and input must be greater than 99 and less than 1000 - will throw a `RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000.` for inputs outside this range - will throw a `TypeError: Invalid status code: ${code}. Status code must be an integer.` for non integer inputs - deps: send@1.0.0 - `res.redirect('back')` and `res.location('back')` is no longer a supported magic string, explicitly use `req.get('Referrer') || '/'`. - change: - `res.clearCookie` will ignore user provided `maxAge` and `expires` options - deps: cookie-signature@^1.2.1 - deps: debug@4.3.6 - deps: merge-descriptors@^2.0.0 - deps: serve-static@^2.1.0 - deps: qs@6.13.0 - deps: accepts@^2.0.0 - deps: mime-types@^3.0.0 - `application/javascript` => `text/javascript` - deps: type-is@^2.0.0 - deps: content-disposition@^1.0.0 - deps: finalhandler@^2.0.0 - deps: fresh@^2.0.0 - deps: body-parser@^2.0.1 - deps: send@^1.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovate added 1 commit 2025-04-06 05:02:52 +00:00

Update dependency express to v5

renovate/artifacts Artifact file update failure

Run Tests / Prepare environment (pull_request) Has been cancelled

Details

Run Tests / Run unit tests (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (chrome) (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (edge) (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (firefox) (pull_request) Has been cancelled

Details

f2b9b12289

renovate commented

2025-04-06 05:02:52 +00:00

Author

Collaborator

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

any of the package files in this branch needs updating, or
the branch becomes conflicted, or
you click the rebase/retry checkbox if found above, or
you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: bun.lockb

Command failed: install-tool bun 1.2.8

### ⚠️ Artifact update problem Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is. ♻ Renovate will retry this branch, including artifacts, only when one of the following happens: - any of the package files in this branch needs updating, or - the branch becomes conflicted, or - you click the rebase/retry checkbox if found above, or - you rename this PR's title to start with "rebase!" to trigger it manually The artifact failure details are included below: ##### File name: bun.lockb ``` Command failed: install-tool bun 1.2.8 ```

renovate/artifacts Artifact file update failure

Run Tests / Prepare environment (pull_request) Has been cancelled

Details

Run Tests / Run unit tests (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (chrome) (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (edge) (pull_request) Has been cancelled

Details

Run Tests / Run E2E tests (firefox) (pull_request) Has been cancelled

Details

This pull request can be merged automatically.

This branch is out-of-date with the base branch

You are not authorized to merge this pull request.

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u origin renovate/express-5.x:renovate/express-5.x

git checkout renovate/express-5.x

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git checkout main

git merge --no-ff renovate/express-5.x

git checkout renovate/express-5.x

git rebase main

git checkout main

git merge --ff-only renovate/express-5.x

git checkout renovate/express-5.x

git rebase main

git checkout main

git merge --no-ff renovate/express-5.x

git checkout main

git merge --squash renovate/express-5.x