Skip to content

chore(deps-dev): bump express from 5.0.1 to 5.2.0#193

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/express-5.2.0
Open

chore(deps-dev): bump express from 5.0.1 to 5.2.0#193
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/express-5.2.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2025
edited
Loading

Bumps express from 5.0.1 to 5.2.0.

Release notes

Sourced from express's releases.

v5.2.0

Important: Security

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.2.0 / 2025-12-01

  • Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • deps: body-parser@^2.2.1
  • A deprecation warning was added when using res.redirect with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.

5.1.0 / 2025-03-31

  • Add support for Uint8Array in res.send()
  • Add support for ETag option in res.sendFile()
  • Add support for multiple links with the same rel in res.links()
  • Add funding field to package.json
  • perf: use loop for acceptParams
  • refactor: prefix built-in node module imports
  • deps: remove setprototypeof
  • deps: remove safe-buffer
  • deps: remove utils-merge
  • deps: remove methods
  • deps: remove depd
  • deps: debug@^4.4.0
  • deps: body-parser@^2.2.0
  • deps: router@^2.2.0
  • deps: content-type@^1.0.5
  • deps: finalhandler@^2.1.0
  • deps: qs@^6.14.0
  • deps: server-static@2.2.0
  • deps: type-is@2.0.1
Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 1, 2025
@dependabot dependabot bot mentioned this pull request Dec 1, 2025
Closed
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch 2 times, most recently from 09ee933 to ddd8f15 Compare December 8, 2025 22:20
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch from ddd8f15 to ca2b642 Compare December 15, 2025 22:20
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch 2 times, most recently from cf798c7 to dddb817 Compare December 29, 2025 22:19
@derrike
Copy link
Copy Markdown
Contributor

derrike commented Apr 3, 2026

@dependabot rebase

@dependabot
chore(deps-dev): bump express from 5.0.1 to 5.2.0
b3f5ab6 
Bumps [express](https://github.com/expressjs/express) from 5.0.1 to 5.2.0.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@v5.0.1...v5.2.0)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 5.2.0
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch from dddb817 to b3f5ab6 Compare April 3, 2026 04:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@derrike derrike derrike approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@derrike