deps(deps): bump express from 4.22.1 to 5.2.1#12
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
Author
LabelsThe following labels could not be found: Please fix the above issues or remove invalid values from |
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/express-5.2.1
branch
2 times, most recently
from
8730e08 to
0a9a003
Compare
sneaky-hippo
added a commit
that referenced
this pull request
May 25, 2026
… classifier + homepage cleanup
W857-W862 account-page completion (insurance enterprise onboarding tier):
- /account/distill/new.html: distill job submission form with strategy + student picker
- /account/builds/new.html: compile trigger with namespace + .kolm output preview
- /account/datasets.html: dataset/corpus upload + listing
- /account/enterprise/sso.html: SAML/SSO config UI (IdP metadata XML upload + SCIM token)
- /account/audit-log.html: filter + CSV/JSON export
W860 — cli/kolm.js: 3 BLOCKER half-baked CLI verbs fixed (full handlers, no stub envelopes)
W863 — src/intent.js: NL classifier paraphrase table + per-verb confidence thresholds; routes
phrasings like "cut my openai bill" / "fit on a single 5090" / "prove to compliance"
through to real verbs with confidence >= 0.65
W864 — homepage cleanup (patchwork -> finished):
- public/index.html: 330 KB / 1997 lines -> 86 KB / 1371 lines (74% smaller)
- Deleted hidden test-anchor scaffolding: W220 floor recovery payload, footer tag cloud,
W410 loop-strip, W404 numbers-strip, W706/W705/W681 mirror blocks, W850 quantize forge
hidden preview, W845/W844/W646 lock-in mirrors
- Cut 2 of 3 pipeline explanations (kept kolm-arch SVG; removed hero "Drop in/Compile/Own"
mini-card and W837 "Capture -> Distill -> Quantize -> Seal" section)
- Merged "Why kolm" footnote into "What you get when you compile" (links live in footer)
- Unified nav vocab: Wrapper/Studio -> Product/Use cases (canonical nav from nav.js)
- Scrubbed "forever" promises from H1 / lede / kolm-whatis paragraph; preserved as
legitimate stage-3 name "Own forever" in the architecture diagram
- W864-D: relaxed tests/wave220 #10 byte-floor 200 KB -> 50 KB + #12 SEO window 3 KB -> 8 KB;
deleted tests/wave271 #26/#27/#28 (demo-anchor + v0.2 release-verbs lock-ins for content
that no longer exists)
- sw.js v91 -> v92 wave864-homepage-cleanup-scaffolding-purge
vercel.json: rewrites for the 3 new account pages
sneaky-hippo
added a commit
that referenced
this pull request
May 25, 2026
… sw.js v100 Trinity-500 council distillation close-out (all 5 authorized tasks): - GGUF Q4_K_M/Q5_K_M/Q8_0/IQ4_XS exported via local llama.cpp w/ imatrix calibrated from chat-template-rendered 410-pair corpus + 57 holdout prompts - Ollama Modelfile (FROM Q4_K_M + Qwen2.5 chat template) - HF model card (apache-2.0, council table, K-Score, hardware matrix, vLLM / llama.cpp / Ollama / transformers usage, kolm verify reproduce) - passport.json (schema kolm.passport/1, artifact.sha256 64-char hex, 3-entry council provenance) - Benchmark n=57: trinity-500 wins every LLM-judged axis at 1.24s / 210 chars | Model | 1Q% | judge-clarify% | judge-on-policy% | lat | chars | | trinity-500 | 96.5 | 100.0 | 100.0 | 1.24| 210 | | base-qwen2.5-7b | 84.2 | 75.4 | 77.2 | 1.74| 375 | | claude-haiku-4-5 | 64.9 | 78.9 | 80.7 | 2.72| 640 | | gpt-4o-mini | 96.5 | 91.2 | 94.7 | 1.74| 287 | Phase H lock-in tests (52/52 in combined wave8xx run): - wave867 trinity-500 distill-run artifacts (env-skip-guarded; passport id, artifact.sha256, GGUF variants, Modelfile, HF model card) - wave868 homepage receipt focal (h2 exactly-once, kolm-receipt-strip markup, receipt JSON keys artifact/hash/k_score/signed_by) - wave869 forge umbrella (>=5 of 10 sub-verbs via withErrorContext) + Persona D markers + bench --axes/--compare + spec-toml-reference + router /v1/passport, /v1/procurement, /v1/bundle/airgap routes - wave870 teacher proxy (POST /v1/teacher/chat + GET .../health + cmdTeacher CLI verb + KOLM_BASE_URL/KOLM_API_KEY auto-inject marker) - wave886 surface parity (studio.html, studio/compile.html, studio/jobs.html, forge.html, merge.html, hardware.html + sw.js CACHE_VERSION>=95) - wave831 #12 W604 fix: replaced fixed 4000-byte slice with full-file scan (sw.js grew past the window; fixed byte-offset is itself a brittleness trap) Surfaces shipped this round: - 141 CLI doc stubs at public/docs/cli/ (one per CLI verb for audit-coverage) - Persona C team.html + Persona D enterprise.html admin surfaces - /studio/ wizard family (compile, jobs) - /forge, /merge, /hardware website copy + matching /account/{bench,experts, forge,hardware,merge/new,quantize/new,serve/new}.html - /docs/colab-compile.html + examples/colab-compile.ipynb (Persona B free path) - docs/{spec-reference,spec-toml-reference,self-hosted-deploy-complete, byo-registry}.md - data/procurement/{sig-lite,caiq-v4}.json (Persona D auto-answer vault) - .github/actions/kolm-gate-k-score/action.yml (marketplace action) - public/benchmarks/sota-quantize-matrix.json (X04 fixture) - src/airgap-bundle.js - scripts: trinity-500-{seed-gen,split-seeds,collect-all}.mjs, probe-teacher-chat.{cjs,mjs}, write-w869{,b}-cli-{docs,stubs}.cjs, x04-claim-verify.cjs, release-verify.cjs (gate enhancements) sw.js v99 -> v100 (cache slug carries wave867/wave868/wave869/wave870/wave886 + trinity-500 benchmark numbers as audit anchor). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/express-5.2.1
branch
from
0a9a003 to
23d7ea8
Compare
Bumps [express](https://github.com/expressjs/express) from 4.22.1 to 5.2.1. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@v4.22.1...v5.2.1) --- updated-dependencies: - dependency-name: express dependency-version: 5.2.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/npm_and_yarn/express-5.2.1
branch
from
23d7ea8 to
5f8e495
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps express from 4.22.1 to 5.2.1.
Release notes
Sourced from express's releases.
... (truncated)
Changelog
Sourced from express's changelog.
... (truncated)
Commits
dbac7415.2.1697547cRevert "sec: security patch for CVE-2024-51999"4007ad1Release: 5.2.0 (#6920)2f64f68sec: security patch for CVE-2024-51999ed0ba3fbuild(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#6928)8eace46build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (#6929)30bae81build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (#6930)758d435deps: body-parser@^2.2.1 (#6922)77bcd52docs: update emeritus triagers (#6890)f33caf1Nominate to@efekrsklfor triage team (#6888)