Bump express from 4.21.2 to 5.1.0 in the dev-dependencies group by dependabot[bot] · Pull Request #127 · neo4j/docs-http-api

dependabot · 2025-04-07T13:15:14Z

Bumps the dev-dependencies group with 1 update: express.

Updates express from 4.21.2 to 5.1.0

Release notes

v5.1.0

What's Changed

Update captains by @UlisesGascon in expressjs/express#6027

build: Node.js 23.0 by @bjohansebas in expressjs/express#6075

Add funding field (v5) by @bjohansebas in expressjs/express#6064

✅ add discarded middleware test by @ctcpip in expressjs/express#5819

update homepage link http to https by @bjohansebas in expressjs/express#5920

Improve readme by @bjohansebas in expressjs/express#5994

Add bjohansebas as repo captain for expressjs.com by @crandmck in expressjs/express#6058

Remove Object.setPrototypeOf polyfill by @Phillip9587 in expressjs/express#6081

fix(buffer): use node:buffer instead of safe-buffer by @bhavya3024 in expressjs/express#6071

docs: Add DCO by @UlisesGascon in expressjs/express#6048

cleanup: remove promise support check from tests by @Phillip9587 in expressjs/express#6148

Use loop for acceptParams by @blakeembrey in expressjs/express#6066

Improve documentation step in release process by @bjohansebas in expressjs/express#6150

cleanup: remove unnecessary require for global Buffer by @Phillip9587 in expressjs/express#6146

cleanup: remove AsyncLocalStorage check by @Phillip9587 in expressjs/express#6147

update history.md for acceptParams change by @jonchurch in expressjs/express#6177

docs: add @rxmarbles to the triage team by @UlisesGascon in expressjs/express#6151

refactor: improve readability by @sazk07 in expressjs/express#6173

docs: clarify the security process in the triage role by @bjohansebas in expressjs/express#6217

chore: replace methods dependency with standard library by @jonkoops in expressjs/express#6196

Remove utils-merge dependency - use spread syntax instead by @Phillip9587 in expressjs/express#6091

fix(securite): fix vulnerabilities by @Abdel-Monaam-Aouini in expressjs/express#6211

refactor: prefix built-in node module imports by @slagiewka in expressjs/express#6236

fix: remove download size badges by @wesleytodd in expressjs/express#6266

Remove unused depd dependency by @jonkoops in expressjs/express#6197

fix: usage of Invalid action input 'persist-credentials' for actions/setup-node@v4 in ci.yml by @hamirmahal in expressjs/express#6256

Add support for OSSF scorecard reporting by @UlisesGascon in expressjs/express#5431

docs: add @Phillip9587 to the triage team by @bjohansebas in expressjs/express#6276

fix: added a missing semicolon in css styles in examples/auth by @pr4j3sh in expressjs/express#6297

docs: include team email in the security policy by @UlisesGascon in expressjs/express#6278

refactor: simplify normalizeTypes function by @Ayoub-Mabrouk in expressjs/express#6097

ci: updated github actions ci workflow by @Phillip9587 in expressjs/express#6314

ci: fix npm install --include typo by @Phillip9587 in expressjs/express#6324

ci: updated scorecard actions by @Phillip9587 in expressjs/express#6322

build(deps): use carat notation for dependency versions by @dpopp07 in expressjs/express#6317

chore(deps): update debug to ^4.4.0 by @Phillip9587 in expressjs/express#6313

docs: retroactively note 5.0.0-beta.1 api change in history file by @dpopp07 in expressjs/express#6333

feat(deps): body-parser@^2.1.0 by @wesleytodd in expressjs/express#6332

feat(deps): router@^2.1.0 by @wesleytodd in expressjs/express#6331

Update repo captains by @UlisesGascon in expressjs/express#6234

deps: upgrade nyc by @agungjati in expressjs/express#6122

fix (deps): update deps by @wesleytodd in expressjs/express#6337

response: add support for ETag option in res.sendFile by @juanarbol in expressjs/express#6073

Update multiple links to use https instead of http by @Phillip9587 in expressjs/express#6338

Extend res.links() to allow adding multiple links with the same rel #2729 by @andvea in expressjs/express#4885

docs: update emeritus triagers by @UlisesGascon in expressjs/express#6345

docs: update guidance for triager nominations by @bjohansebas in expressjs/express#6349

docs: clarify guidelines for becoming a committer by @bjohansebas in expressjs/express#6364

... (truncated)

Changelog

Sourced from express's changelog.

5.1.0 / 2025-03-31

Add support for Uint8Array in res.send()

Add support for ETag option in res.sendFile()

Add support for multiple links with the same rel in res.links()

Add funding field to package.json

perf: use loop for acceptParams

refactor: prefix built-in node module imports

deps: remove setprototypeof

deps: remove safe-buffer

deps: remove utils-merge

deps: remove methods

deps: remove depd

deps: debug@^4.4.0

deps: body-parser@^2.2.0

deps: router@^2.2.0

deps: content-type@^1.0.5

deps: finalhandler@^2.1.0

deps: qs@^6.14.0

deps: server-static@2.2.0

deps: type-is@2.0.1

5.0.1 / 2024-10-08

Update cookie semver lock to address CVE-2024-47764

5.0.0 / 2024-09-10

remove:

path-is-absolute dependency - use path.isAbsolute instead

breaking:

res.status() accepts only integers, and input must be greater than 99 and less than 1000

will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range

will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs

deps: send@1.0.0

res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.

change:

res.clearCookie will ignore user provided maxAge and expires options

deps: cookie-signature@^1.2.1

deps: debug@4.3.6

deps: merge-descriptors@^2.0.0

deps: serve-static@^2.1.0

deps: qs@6.13.0

deps: accepts@^2.0.0

deps: mime-types@^3.0.0

application/javascript => text/javascript

deps: type-is@^2.0.0

deps: content-disposition@^1.0.0

... (truncated)

Commits

cd7d439 5.1.0
4c4f3ea fix(deps): serve-static@^2.2.0 (#6418)
cb4c56e fix(docs): remove @mertcanaltin from Triagers (#6408)
7b44e1d ci: use full SHAs for github action versions
eb6d125 deps: router@^2.2.0 (#6417)
f1a2dc8 deps: type-is@^2.0.1 (#6420)
6b51e8e deps: body-parser@^2.2.0 (#6419)
1f311c5 build(deps-dev): bump cookie-session from 2.0.0 to 2.1.0 (#6399)
9e97144 feat(deps): finalhandler@2.1.0 (#6373)
29d0980 build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#6397)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

neo-technology-commit-status-publisher · 2025-04-07T13:17:04Z

This PR includes documentation updates
View the updated docs at https://neo4j-docs-http-api-127.surge.sh

Bumps the dev-dependencies group with 1 update: [express](https://github.com/expressjs/express). Updates `express` from 4.21.2 to 5.1.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.21.2...v5.1.0) --- updated-dependencies: - dependency-name: express dependency-version: 5.1.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

neo4j-docops-agent · 2026-02-16T13:46:17Z

This PR includes documentation updates
View the updated docs at https://neo4j-docs-http-api-127.surge.sh

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 7, 2025

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from bd8a085 to 146be8c Compare April 14, 2025 12:48

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from 146be8c to f09e754 Compare May 5, 2025 12:45

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from f09e754 to 5f825e0 Compare June 9, 2025 12:36

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from 5f825e0 to 9bda4fa Compare July 7, 2025 12:12

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from 9bda4fa to b46b2e3 Compare August 4, 2025 14:56

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from b46b2e3 to 4f875a1 Compare September 8, 2025 12:09

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from 4f875a1 to a89a0d6 Compare September 29, 2025 13:00

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from a89a0d6 to b6fa78b Compare November 3, 2025 12:09

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from b6fa78b to c1c1405 Compare December 29, 2025 12:06

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from c1c1405 to cdf46fa Compare January 19, 2026 14:28

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from cdf46fa to a901b00 Compare February 9, 2026 14:07

dependabot bot force-pushed the dependabot/npm_and_yarn/dev-dependencies-42f30214f4 branch from a901b00 to c4a8347 Compare February 16, 2026 13:44

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump express from 4.21.2 to 5.1.0 in the dev-dependencies group#127

Bump express from 4.21.2 to 5.1.0 in the dev-dependencies group#127
dependabot[bot] wants to merge 1 commit intodevfrom
dependabot/npm_and_yarn/dev-dependencies-42f30214f4

dependabot bot commented on behalf of github Apr 7, 2025 •

edited

Loading

Uh oh!

neo-technology-commit-status-publisher commented Apr 7, 2025

Uh oh!

neo4j-docops-agent commented Feb 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Apr 7, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.1.0

What's Changed

5.1.0 / 2025-03-31

5.0.1 / 2024-10-08

5.0.0 / 2024-09-10

Uh oh!

neo-technology-commit-status-publisher commented Apr 7, 2025

Uh oh!

neo4j-docops-agent commented Feb 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Apr 7, 2025 •

edited

Loading