deps: path-to-regexp@0.1.11 by blakeembrey ยท Pull Request #5956 ยท expressjs/express
MightyPrytanis added a commit to MightyPrytanis/codebase that referenced this pull request
 <h3>Snyk has created this PR to upgrade express from 4.21.2 to 4.22.1.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **2 versions** ahead of your current version. - The recommended version was released **23 days ago**. <details> <summary><b>Release notes</b></summary> <br/> <details> <summary>Package name: <b>express</b></summary> <ul> <li> <b>4.22.1</b> - <a href="https://redirect.github.com/expressjs/express/releases/tag/v4.22.1">2025-12-01</a></br><h2>What's Changed</h2> <div class="markdown-alert markdown-alert-important"><p class="markdown-alert-title"><svg class="octicon octicon-report mr-2" viewBox="0 0 16 16" version="1.1" width="16" height="16" aria-hidden="true"><path d="M0 1.75C0 .784.784 0 1.75 0h12.5C15.216 0 16 .784 16 1.75v9.5A1.75 1.75 0 0 1 14.25 13H8.06l-2.573 2.573A1.458 1.458 0 0 1 3 14.543V13H1.75A1.75 1.75 0 0 1 0 11.25Zm1.75-.25a.25.25 0 0 0-.25.25v9.5c0 .138.112.25.25.25h2a.75.75 0 0 1 .75.75v2.19l2.72-2.72a.749.749 0 0 1 .53-.22h6.5a.25.25 0 0 0 .25-.25v-9.5a.25.25 0 0 0-.25-.25Zm7 2.25v2.5a.75.75 0 0 1-1.5 0v-2.5a.75.75 0 0 1 1.5 0ZM9 9a1 1 0 1 1-2 0 1 1 0 0 1 2 0Z"></path></svg>Important</p><p>The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (<a title="CVE-2024-51999" data-hovercard-type="advisory" data-hovercard-url="/advisories/GHSA-pj86-cfqh-vqx6/hovercard" href="https://redirect.github.com/advisories/GHSA-pj86-cfqh-vqx6">CVE-2024-51999</a> has been rejected). The change has been fully reverted in this release.</p> </div> <ul> <li>Release: 4.22.1 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3682359911" data-permission-text="Title is private" data-url="expressjs/express#6934" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6934/hovercard" href="https://redirect.github.com/expressjs/express/pull/6934">#6934</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://redirect.github.com/expressjs/express/compare/4.22.0...v4.22.1"><tt>4.22.0...v4.22.1</tt></a></p> </li> <li> <b>4.22.0</b> - <a href="https://redirect.github.com/expressjs/express/releases/tag/4.22.0">2025-12-01</a></br><h2>Important: Security</h2> <ul> <li>Security fix for <a href="https://www.cve.org/CVERecord?id=CVE-2024-51999" rel="nofollow">CVE-2024-51999</a> (<a href="https://redirect.github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>Refactor: improve readability by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/sazk07/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/sazk07">@ sazk07</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2699832614" data-permission-text="Title is private" data-url="expressjs/express#6190" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6190/hovercard" href="https://redirect.github.com/expressjs/express/pull/6190">#6190</a></li> <li>ci: add support for Node.js@23.0 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2600747827" data-permission-text="Title is private" data-url="expressjs/express#6080" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6080/hovercard" href="https://redirect.github.com/expressjs/express/pull/6080">#6080</a></li> <li>Method functions with no path should error by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/wesleytodd/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/wesleytodd">@ wesleytodd</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2523063687" data-permission-text="Title is private" data-url="expressjs/express#5957" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/5957/hovercard" href="https://redirect.github.com/expressjs/express/pull/5957">#5957</a></li> <li>ci: updated github actions ci workflow by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Phillip9587/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/Phillip9587">@ Phillip9587</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2832891965" data-permission-text="Title is private" data-url="expressjs/express#6323" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6323/hovercard" href="https://redirect.github.com/expressjs/express/pull/6323">#6323</a></li> <li>ci: reorder <code>npm i</code> steps to fix ci for older node versions by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Phillip9587/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/Phillip9587">@ Phillip9587</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2849001182" data-permission-text="Title is private" data-url="expressjs/express#6336" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6336/hovercard" href="https://redirect.github.com/expressjs/express/pull/6336">#6336</a></li> <li>Backport: ci: add node.js 24 to test matrix by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Phillip9587/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/Phillip9587">@ Phillip9587</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3048978479" data-permission-text="Title is private" data-url="expressjs/express#6506" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6506/hovercard" href="https://redirect.github.com/expressjs/express/pull/6506">#6506</a></li> <li>chore(4.x): wider range for query test skip by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jonchurch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/jonchurch">@ jonchurch</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3064505138" data-permission-text="Title is private" data-url="expressjs/express#6513" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6513/hovercard" href="https://redirect.github.com/expressjs/express/pull/6513">#6513</a></li> <li>use tilde notation for certain dependencies by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3647756531" data-permission-text="Title is private" data-url="expressjs/express#6905" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6905/hovercard" href="https://redirect.github.com/expressjs/express/pull/6905">#6905</a></li> <li>deps: qs@6.14.0 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3651273165" data-permission-text="Title is private" data-url="expressjs/express#6909" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6909/hovercard" href="https://redirect.github.com/expressjs/express/pull/6909">#6909</a></li> <li>deps: use tilde notation for <code>qs</code> by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/Phillip9587/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/Phillip9587">@ Phillip9587</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3664544540" data-permission-text="Title is private" data-url="expressjs/express#6919" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6919/hovercard" href="https://redirect.github.com/expressjs/express/pull/6919">#6919</a></li> <li>Release: 4.22.0 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="3664588541" data-permission-text="Title is private" data-url="expressjs/express#6921" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6921/hovercard" href="https://redirect.github.com/expressjs/express/pull/6921">#6921</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://redirect.github.com/expressjs/express/compare/4.21.2...4.22.0"><tt>4.21.2...4.22.0</tt></a></p> </li> <li> <b>4.21.2</b> - <a href="https://redirect.github.com/expressjs/express/releases/tag/4.21.2">2024-12-05</a></br><h2>What's Changed</h2> <ul> <li>Add funding field (v4) by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/bjohansebas/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/bjohansebas">@ bjohansebas</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2593149488" data-permission-text="Title is private" data-url="expressjs/express#6065" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6065/hovercard" href="https://redirect.github.com/expressjs/express/pull/6065">#6065</a></li> <li>deps: path-to-regexp@0.1.11 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/blakeembrey/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/blakeembrey">@ blakeembrey</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2523061308" data-permission-text="Title is private" data-url="expressjs/express#5956" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/5956/hovercard" href="https://redirect.github.com/expressjs/express/pull/5956">#5956</a></li> <li>deps: bump path-to-regexp@0.1.12 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/jonchurch/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/jonchurch">@ jonchurch</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2721541419" data-permission-text="Title is private" data-url="expressjs/express#6209" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6209/hovercard" href="https://redirect.github.com/expressjs/express/pull/6209">#6209</a></li> <li>Release: 4.21.2 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/UlisesGascon/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://redirect.github.com/UlisesGascon">@ UlisesGascon</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2621467921" data-permission-text="Title is private" data-url="expressjs/express#6094" data-hovercard-type="pull_request" data-hovercard-url="/expressjs/express/pull/6094/hovercard" href="https://redirect.github.com/expressjs/express/pull/6094">#6094</a></li> </ul> <p><strong>Full Changelog</strong>: <a class="commit-link" href="https://redirect.github.com/expressjs/express/compare/4.21.1...4.21.2"><tt>4.21.1...4.21.2</tt></a></p> </li> </ul> from <a href="https://redirect.github.com/expressjs/express/releases">express GitHub release notes</a> </details> </details> --- > [!IMPORTANT] > > - Check the changes in this PR to ensure they won't cause issues with your project. > - This PR was automatically created by Snyk using the credentials of a real user. --- **Note:** _You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs._ **For more information:** <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2MTdiNTRmZi05NzhlLTRjMjMtOTk1Yy0zZDY1MmU5M2Y5YmEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjYxN2I1NGZmLTk3OGUtNGMyMy05OTVjLTNkNjUyZTkzZjliYSJ9fQ==" width="0" height="0"/> > - ๐ง [View latest project report](https://app.snyk.io/org/mightyprytanis/project/bcb5f568-d266-4cb2-8e80-1c9ebed57c1b?utm_source=github&utm_medium=referral&page=upgrade-pr) > - ๐ [Customise PR templates](https://docs.snyk.io/scan-using-snyk/pull-requests/snyk-fix-pull-or-merge-requests/customize-pr-templates?utm_source=&utm_content=fix-pr-template) > - ๐ [Adjust upgrade PR settings](https://app.snyk.io/org/mightyprytanis/project/bcb5f568-d266-4cb2-8e80-1c9ebed57c1b/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) > - ๐ [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/mightyprytanis/project/bcb5f568-d266-4cb2-8e80-1c9ebed57c1b/settings/integration?pkg=express&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades) [//]: # 'snyk:metadata:{"breakingChangeRiskLevel":null,"FF_showPullRequestBreakingChanges":false,"FF_showPullRequestBreakingChangesWebSearch":false,"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"express","from":"4.21.2","to":"4.22.1"}],"env":"prod","hasFixes":false,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[],"prId":"617b54ff-978e-4c23-995c-3d652e93f9ba","prPublicId":"617b54ff-978e-4c23-995c-3d652e93f9ba","packageManager":"npm","priorityScoreList":[],"projectPublicId":"bcb5f568-d266-4cb2-8e80-1c9ebed57c1b","projectUrl":"https://app.snyk.io/org/mightyprytanis/project/bcb5f568-d266-4cb2-8e80-1c9ebed57c1b?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":[],"type":"auto","upgrade":[],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2025-12-01T20:50:41.122Z"},"vulns":[]}'
