Skip to content

[Snyk] Upgrade express from 4.21.2 to 4.22.1 #105

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
rlaiola merged 1 commit into from
Jan 22, 2026
Merged

[Snyk] Upgrade express from 4.21.2 to 4.22.1 #105

rlaiola merged 1 commit into from
Jan 22, 2026

Conversation

@rlaiola
Copy link
Owner

@rlaiola rlaiola commented Dec 26, 2025

snyk-top-banner

Snyk has created this PR to upgrade express from 4.21.2 to 4.22.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 2 versions ahead of your current version.

  • The recommended version was released 25 days ago.

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

@snyk-bot
fix: upgrade express from 4.21.2 to 4.22.1
1ef894c 
Snyk has created this PR to upgrade express from 4.21.2 to 4.22.1.

See this package in yarn:
express

See this project in Snyk:
https://app.snyk.io/org/rlaiola/project/c78ca746-8b30-4d07-9ec9-6ecb7ee38cd1?utm_source=github&utm_medium=referral&page=upgrade-pr
@rlaiola rlaiola requested a review from Copilot January 22, 2026 12:36
Copilot AI reviewed Jan 22, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This pull request upgrades the express framework from version 4.21.2 to 4.22.1 as recommended by Snyk. The upgrade includes numerous transitive dependency updates in the yarn.lock file, with many dependencies moving to more flexible version ranges using tilde (~) specifications.

Changes:

  • Updated express dependency from ^4.21.2 to ^4.22.1 in package.json
  • Updated yarn.lock with new versions of express and its transitive dependencies including body-parser, cookie-signature, finalhandler, send, and serve-static
  • Dependency version specifications in yarn.lock changed from exact to tilde ranges for better patch update flexibility

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
package.json Updated express version from ^4.21.2 to ^4.22.1
yarn.lock Updated express and all transitive dependencies to match the new version, with improved version range specifications

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@rlaiola rlaiola merged commit 72b1c68 into main Jan 22, 2026
12 checks passed
@rlaiola rlaiola deleted the snyk-upgrade-b24b1ba558e3216c6f656c9a9dd5329a branch January 22, 2026 12:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rlaiola @snyk-bot