Skip to content

fix(deps): update dependency express to ^4.22.1 #106871

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
matticbot wants to merge 1 commit into
base: trunk
Choose a base branch
from
Open

fix(deps): update dependency express to ^4.22.1 #106871

matticbot wants to merge 1 commit into from

Conversation

@matticbot
Copy link
Contributor

@matticbot matticbot commented Nov 1, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
express (source) ^4.21.2 -> ^4.22.1 age adoption passing confidence
@types/express (source) ^4.17.22 -> ^4.17.25 age adoption passing confidence

Release Notes

expressjs/express (express)

v4.22.1

Compare Source

What's Changed

[!IMPORTANT]
The prior release (4.22.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

Full Changelog: expressjs/express@4.22.0...v4.22.1

v4.22.0

Compare Source

Important: Security

What's Changed

Full Changelog: expressjs/express@4.21.2...4.22.0

Configuration

📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@matticbot matticbot added [Type] Task dependencies Pull requests that update a dependency file Framework labels Nov 1, 2025
@github-actions
Copy link

github-actions bot commented Nov 1, 2025
edited by matticbot
Loading

Calypso Live (direct link)
https://calypso.live?image=registry.a8c.com/calypso/app:build-164655
Jetpack Cloud live (direct link)
https://calypso.live?image=registry.a8c.com/calypso/app:build-164655&env=jetpack
Automattic for Agencies live (direct link)
https://calypso.live?image=registry.a8c.com/calypso/app:build-164655&env=a8c-for-agencies
Dashboard live (direct link)
https://calypso.live?image=registry.a8c.com/calypso/app:build-164655&env=dashboard

@matticbot
Copy link
Contributor Author

matticbot commented Nov 1, 2025
edited
Loading

This PR modifies the release build for the following Calypso Apps:

For info about this notification, see here: PCYsg-OT6-p2

  • blaze-dashboard
  • command-palette-wp-admin
  • help-center
  • notifications
  • odyssey-stats
  • wpcom-block-editor

To test WordPress.com changes, run install-plugin.sh $pluginSlug renovate/express-4.x on your sandbox.

@matticbot matticbot force-pushed the renovate/express-4.x branch from 748a382 to 0342921 Compare November 3, 2025 20:25
@matticbot matticbot changed the title chore(deps): update dependency @types/express to ^4.17.23 chore(deps): update dependency @types/express to ^4.17.24 Nov 3, 2025
@matticbot matticbot force-pushed the renovate/express-4.x branch from 0342921 to 6b914ca Compare November 6, 2025 23:56
@matticbot matticbot changed the title chore(deps): update dependency @types/express to ^4.17.24 chore(deps): update dependency @types/express to ^4.17.25 Nov 6, 2025
@matticbot matticbot force-pushed the renovate/express-4.x branch from 6b914ca to 8d19d09 Compare December 11, 2025 21:03
@matticbot matticbot changed the title chore(deps): update dependency @types/express to ^4.17.25 fix(deps): update dependency express to ^4.22.0 Dec 11, 2025
@matticbot
Copy link
Contributor Author

matticbot commented Dec 11, 2025
edited
Loading

Here is how your PR affects size of JS and CSS bundles shipped to the user's browser:

App Entrypoints (~228 bytes added 📈 [gzipped])

Details 
name                    parsed_size           gzip_size
entry-subscriptions          +822 B  (+0.0%)     +228 B  (+0.0%)
entry-stepper                +822 B  (+0.0%)     +228 B  (+0.0%)
entry-reauth-required        +822 B  (+0.0%)     +228 B  (+0.0%)
entry-main                   +822 B  (+0.0%)     +228 B  (+0.0%)
entry-login                  +822 B  (+0.0%)     +228 B  (+0.0%)
entry-domains-landing        +822 B  (+0.1%)     +228 B  (+0.1%)
entry-dashboard-dotcom       +822 B  (+0.0%)     +228 B  (+0.0%)
entry-dashboard-ciab         +822 B  (+0.0%)     +228 B  (+0.0%)

Common code that is always downloaded and parsed every time the app is loaded, no matter which route is used.

Legend

What is parsed and gzip size?

Parsed Size: Uncompressed size of the JS and CSS files. This much code needs to be parsed and stored in memory.
Gzip Size: Compressed size of the JS and CSS files. This much data needs to be downloaded over network.

Generated by performance advisor bot at iscalypsofastyet.com.

@matticbot matticbot force-pushed the renovate/express-4.x branch from 8d19d09 to 881ff9a Compare December 12, 2025 22:33
@matticbot matticbot changed the title fix(deps): update dependency express to ^4.22.0 fix(deps): update dependency express to ^4.22.1 Dec 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file Framework [Type] Task

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@matticbot @renovate-bot