From 53726c3c67e0292ffcf3fd32d9d598daf0117635 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 27 Mar 2024 14:35:09 +0000 Subject: [PATCH] Bump express to 4.19.2 [SECURITY] (#3334) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- examples/custom-server-nextjs/package.json | 2 +- examples/custom-server/package.json | 2 +- packages/toolpad-studio/package.json | 2 +- pnpm-lock.yaml | 90 ++-------------------- test/package.json | 2 +- 5 files changed, 12 insertions(+), 86 deletions(-) diff --git a/examples/custom-server-nextjs/package.json b/examples/custom-server-nextjs/package.json index 323afc1d15d..1c499b02217 100644 --- a/examples/custom-server-nextjs/package.json +++ b/examples/custom-server-nextjs/package.json @@ -10,7 +10,7 @@ }, "dependencies": { "@toolpad/studio": "0.1.53", - "express": "4.18.2", + "express": "4.19.2", "next": "14.1.4", "react": "18.2.0", "react-dom": "18.2.0" diff --git a/examples/custom-server/package.json b/examples/custom-server/package.json index 58c0fab6744..97bb9b46e06 100644 --- a/examples/custom-server/package.json +++ b/examples/custom-server/package.json @@ -10,7 +10,7 @@ }, "dependencies": { "@toolpad/studio": "0.1.53", - "express": "4.18.2" + "express": "4.19.2" }, "devDependencies": {} } diff --git a/packages/toolpad-studio/package.json b/packages/toolpad-studio/package.json index c9838d52b83..56dddd7e596 100644 --- a/packages/toolpad-studio/package.json +++ b/packages/toolpad-studio/package.json @@ -84,7 +84,7 @@ "dotenv": "16.4.1", "esbuild": "0.20.0", "execa": "8.0.1", - "express": "4.18.2", + "express": "4.19.2", "find-up": "7.0.0", "fractional-indexing": "3.2.0", "get-port": "7.0.0", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index bc81fe1079c..603731dca1d 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -647,8 +647,8 @@ importers: specifier: 8.0.1 version: 8.0.1 express: - specifier: 4.18.2 - version: 4.18.2 + specifier: 4.19.2 + version: 4.19.2 find-up: specifier: 7.0.0 version: 7.0.0 @@ -1047,8 +1047,8 @@ importers: specifier: workspace:* version: link:../packages/toolpad-utils express: - specifier: 4.18.3 - version: 4.18.3 + specifier: 4.19.2 + version: 4.19.2 get-port: specifier: 7.0.0 version: 7.0.0 @@ -4560,7 +4560,7 @@ packages: '@types/promise.allsettled': 1.0.6 '@types/tsscmp': 1.0.2 axios: 1.6.7(debug@4.3.4) - express: 4.18.3 + express: 4.19.2 path-to-regexp: 6.2.1 please-upgrade-node: 3.2.0 promise.allsettled: 1.0.7 @@ -6349,26 +6349,6 @@ packages: resolution: {integrity: sha512-eXRvHzWyYPBuB4NBy0cmYQjGitUrtqwbvlzP3G6VFnNRbsZQIxQ10PbKKHt8gZ/HW/D/747aDl+QkDqg3KQLMQ==} dev: true - /body-parser@1.20.1: - resolution: {integrity: sha512-jWi7abTbYwajOytWCQc37VulmWiRae5RyTpaCyDcS5/lMdtwSz5lOpDE67srw/HYe35f1z3fDQw+3txg7gNtWw==} - engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} - dependencies: - bytes: 3.1.2 - content-type: 1.0.5 - debug: 2.6.9 - depd: 2.0.0 - destroy: 1.2.0 - http-errors: 2.0.0 - iconv-lite: 0.4.24 - on-finished: 2.4.1 - qs: 6.11.0 - raw-body: 2.5.1 - type-is: 1.6.18 - unpipe: 1.0.0 - transitivePeerDependencies: - - supports-color - dev: false - /body-parser@1.20.2: resolution: {integrity: sha512-ml9pReCu3M61kGlqoTm2umSXTlRTuGTx0bfYj+uIUKKYycG5NtSbeetV3faSU6R7ajOPw0g/J1PvK4qNy7s5bA==} engines: {node: '>= 0.8', npm: 1.2.8000 || >= 1.4.16} @@ -7109,14 +7089,9 @@ packages: engines: {node: '>= 0.6'} dev: false - /cookie@0.5.0: - resolution: {integrity: sha512-YZ3GUyn/o8gfKJlnlX7g7xq4gyO6OSuhGPKaaGssGB2qgDUS0gPgtTvoyZLTt9Ab6dC4hfc9dV5arkvc/OCmrw==} - engines: {node: '>= 0.6'} - /cookie@0.6.0: resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==} engines: {node: '>= 0.6'} - dev: false /copy-anything@3.0.5: resolution: {integrity: sha512-yCEafptTtb4bk7GLEQoM8KVJpxAfdBJYaXyzQEgQQQgYrZiDp8SJmGKlYza6CYjEDNstAdNdKA3UuoULlEbS6w==} @@ -8595,47 +8570,8 @@ packages: resolution: {integrity: sha512-dX7e/LHVJ6W3DE1MHWi9S1EYzDESENfLrYohG2G++ovZrYOkm4Knwa0mc1cn84xJOR4KEU0WSchhLbd0UklbHw==} dev: true - /express@4.18.2: - resolution: {integrity: sha512-5/PsL6iGPdfQ/lKM1UuielYgv3BUoJfz1aUwU9vHZ+J7gyvwdQXFEBIEIaxeGf0GIcreATNyBExtalisDbuMqQ==} - engines: {node: '>= 0.10.0'} - dependencies: - accepts: 1.3.8 - array-flatten: 1.1.1 - body-parser: 1.20.1 - content-disposition: 0.5.4 - content-type: 1.0.5 - cookie: 0.5.0 - cookie-signature: 1.0.6 - debug: 2.6.9 - depd: 2.0.0 - encodeurl: 1.0.2 - escape-html: 1.0.3 - etag: 1.8.1 - finalhandler: 1.2.0 - fresh: 0.5.2 - http-errors: 2.0.0 - merge-descriptors: 1.0.1 - methods: 1.1.2 - on-finished: 2.4.1 - parseurl: 1.3.3 - path-to-regexp: 0.1.7 - proxy-addr: 2.0.7 - qs: 6.11.0 - range-parser: 1.2.1 - safe-buffer: 5.2.1 - send: 0.18.0 - serve-static: 1.15.0 - setprototypeof: 1.2.0 - statuses: 2.0.1 - type-is: 1.6.18 - utils-merge: 1.0.1 - vary: 1.1.2 - transitivePeerDependencies: - - supports-color - dev: false - - /express@4.18.3: - resolution: {integrity: sha512-6VyCijWQ+9O7WuVMTRBTl+cjNNIzD5cY5mQ1WM8r/LEkI2u8EYpOotESNwzNlyCn3g+dmjKYI6BmNneSr/FSRw==} + /express@4.19.2: + resolution: {integrity: sha512-5T6nhjsT+EOMzuck8JjBHARTHfMht0POzlA60WV2pMD3gyXw2LZnZ+ueGdNxG+0calOJcWKbpFcuzLZ91YWq9Q==} engines: {node: '>= 0.10.0'} dependencies: accepts: 1.3.8 @@ -8643,7 +8579,7 @@ packages: body-parser: 1.20.2 content-disposition: 0.5.4 content-type: 1.0.5 - cookie: 0.5.0 + cookie: 0.6.0 cookie-signature: 1.0.6 debug: 2.6.9 depd: 2.0.0 @@ -12971,16 +12907,6 @@ packages: resolution: {integrity: sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg==} engines: {node: '>= 0.6'} - /raw-body@2.5.1: - resolution: {integrity: sha512-qqJBtEyVgS0ZmPGdCFPWJ3FreoqvG4MVQln/kCgF7Olq95IbOp0/BWyMwbdtn4VTvkM8Y7khCQ2Xgk/tcrCXig==} - engines: {node: '>= 0.8'} - dependencies: - bytes: 3.1.2 - http-errors: 2.0.0 - iconv-lite: 0.4.24 - unpipe: 1.0.0 - dev: false - /raw-body@2.5.2: resolution: {integrity: sha512-8zGqypfENjCIqGhgXToC8aB2r7YrBX+AQAfIPs/Mlk+BtPTztOvTS01NRW/3Eh60J+a48lt8qsCzirQ6loCVfA==} engines: {node: '>= 0.8'} diff --git a/test/package.json b/test/package.json index 30c7172a15b..c553f5251d8 100644 --- a/test/package.json +++ b/test/package.json @@ -5,7 +5,7 @@ "@mui/material": "5.15.14", "@toolpad/studio": "workspace:*", "@toolpad/utils": "workspace:*", - "express": "4.18.3", + "express": "4.19.2", "get-port": "7.0.0", "invariant": "2.2.4", "react": "18.2.0",