Update dependency express to v4.21.2 #50
presubmit.yml
on: pull_request
Annotations
1 error and 4 warnings
lint
The pull request This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [express](http://expressjs.com/) ([source](https://redirect.github.com/expressjs/express)) | dependencies | minor | [`4.18.2` -> `4.21.2`](https://renovatebot.com/diffs/npm/express/4.18.2/4.21.2) |
By merging this PR, the below vulnerabilities will be automatically resolved:
| Severity | <a href='#'><img src='https://whitesource-resources.whitesourcesoftware.com/cvss3.png' width='19' height='20'></a> CVSS Score |CVE |
|---|---|---|
| ![High](https://whitesource-resources.whitesourcesoftware.com/high_vul_bb.png?) High | 7.5 | [CVE-2024-45296](https://www.mend.io/vulnerability-database/CVE-2024-45296) |
| ![Medium](https://whitesource-resources.whitesourcesoftware.com/medium_vul_bb.png?) Medium | 6.1 | [CVE-2024-29041](https://www.mend.io/vulnerability-database/CVE-2024-29041) |
| ![Medium](https://whitesource-resources.whitesourcesoftware.com/medium_vul_bb.png?) Medium | 5.5 | [CVE-2024-52798](https://www.mend.io/vulnerability-database/CVE-2024-52798) |
| ![Medium](https://whitesource-resources.whitesourcesoftware.com/medium_vul_bb.png?) Medium | 5.3 | [CVE-2024-47764](https://www.mend.io/vulnerability-database/CVE-2024-47764) |
| ![Medium](https://whitesource-resources.whitesourcesoftware.com/medium_vul_bb.png?) Medium | 5.0 | [CVE-2024-43796](https://www.mend.io/vulnerability-database/CVE-2024-43796) |
<!--[REMEDIATE_ANALITICS]{"libraryData":{"libraryName":"express","libraryVersion":"4.18.2","libraryFixVersion":"4.21.2","libraryArtifactId":"express","language":"javascript/Node.js"},"vulnerabilityData":[{"severity":"High","score":"7.5","vulnerabilityId":"CVE-2024-45296"},{"severity":"Medium","score":"6.1","vulnerabilityId":"CVE-2024-29041"},{"severity":"Medium","score":"5.5","vulnerabilityId":"CVE-2024-52798"},{"severity":"Medium","score":"5.3","vulnerabilityId":"CVE-2024-47764"},{"severity":"Medium","score":"5.0","vulnerabilityId":"CVE-2024-43796"}]}[/REMEDIATE_ANALITICS]-->
---
### Release Notes
<details>
<summary>expressjs/express (express)</summary>
### [`v4.21.2`](https://redirect.github.com/expressjs/express/releases/tag/4.21.2)
[Compare Source](https://redirect.github.com/expressjs/express/compare/4.21.1...4.21.2)
#### What's Changed
- Add funding field (v4) by [@​bjohansebas](https://redirect.github.com/bjohansebas) in [https://github.com/expressjs/express/pull/6065](https://redirect.github.com/expressjs/express/pull/6065)
- deps: path-to-regexp@0.1.11 by [@​blakeembrey](https://redirect.github.com/blakeembrey) in [https://github.com/expressjs/express/pull/5956](https://redirect.github.com/expressjs/express/pull/5956)
- deps: bump path-to-regexp@0.1.12 by [@​jonchurch](https://redirect.github.com/jonchurch) in [https://github.com/expressjs/express/pull/6209](https://redirect.github.com/expressjs/express/pull/6209)
- Release: 4.21.2 by [@​UlisesGascon](https://redirect.github.com/UlisesGascon) in [https://github.com/expressjs/express/pull/6094](https://redirect.github.com/expressjs/express/pull/6094)
**Full Changelog**: https://github.com/expressjs/express/compare/4.21.1...4.21.2
### [`v4.21.1`](https://redirect.github.com/expressjs/express/releases/tag/4.21.1)
[Compare Source](https://redirect.github.com/expressjs/express/compare/4.21.0...4.21.1)
#### What's Changed
- Backport a fix for CVE-2024-47764 to the 4.x branch by [@​joshbuker](https://redirect.github.com/joshbuker) in [https://github.com/expressjs/express/pull/6029](https://redirect.github.com/expressjs/express/pull/6029)
- Release: 4.21.1 by [@​UlisesGascon](https://redirect.github.com/UlisesGascon) in [https://github.com/expressjs/express/pull/6031](https://redirect.github.com/expressjs/express/pull/6031)
**Full Changelog**: https://github.com/expressjs/express/compare/4.21.0...4.21.1
### [`v4.21.0`](https://redirect.github.com/expressjs/express/releases/tag/4.21.0)
[Compare Source](https://redirect.github.com/expressjs/express/compare/4.20.0...4.21.0)
####
|
setup
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
setup
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|
lint
ubuntu-latest pipelines will use ubuntu-24.04 soon. For more details, see https://github.com/actions/runner-images/issues/10636
|
lint
The `set-output` command is deprecated and will be disabled soon. Please upgrade to using Environment Files. For more information see: https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
|