Skip to content

chore(deps): bump express from 5.1.0 to 5.2.0#45

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/express-5.2.0
Open

chore(deps): bump express from 5.1.0 to 5.2.0#45
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/express-5.2.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Dec 2, 2025

Copy link
Copy Markdown
Contributor

Bumps express from 5.1.0 to 5.2.0.

Release notes

Sourced from express's releases.

v5.2.0

Important: Security

What's Changed

... (truncated)

Changelog

Sourced from express's changelog.

5.2.0 / 2025-12-01

  • Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • deps: body-parser@^2.2.1
  • A deprecation warning was added when using res.redirect with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 2, 2025
@codecov

codecov Bot commented Dec 2, 2025

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

Impacted file tree graph

@@           Coverage Diff           @@
##             main      #45   +/-   ##
=======================================
  Coverage   95.59%   95.59%           
=======================================
  Files           9        9           
  Lines        1157     1157           
  Branches      158      158           
=======================================
  Hits         1106     1106           
  Misses         51       51           
Flag Coverage Δ
unittests 95.59% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted file tree graph

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@sonarqubecloud

sonarqubecloud Bot commented Dec 2, 2025

Copy link
Copy Markdown

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch from 7f7f27f to ee20774 Compare December 4, 2025 13:32
@santi698

santi698 commented Jul 8, 2026

Copy link
Copy Markdown
Collaborator

@dependabot recreate

Bumps [express](https://github.com/expressjs/express) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](expressjs/express@v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: express
  dependency-version: 5.2.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/express-5.2.0 branch from ee20774 to 4dd6eec Compare July 8, 2026 13:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant