diff --git a/ghost/core/package.json b/ghost/core/package.json index 07fb206312..7672024b16 100644 --- a/ghost/core/package.json +++ b/ghost/core/package.json @@ -176,7 +176,7 @@ "cookie-session": "2.1.0", "cors": "2.8.5", "downsize": "0.0.8", - "express": "4.18.3", + "express": "4.19.1", "express-brute": "1.0.1", "express-hbs": "2.5.0", "express-jwt": "8.4.1", diff --git a/ghost/members-api/package.json b/ghost/members-api/package.json index a4482fd328..fa30e8890b 100644 --- a/ghost/members-api/package.json +++ b/ghost/members-api/package.json @@ -42,7 +42,7 @@ "@types/jsonwebtoken": "9.0.5", "body-parser": "1.20.2", "bson-objectid": "2.0.4", - "express": "4.18.3", + "express": "4.19.1", "got": "11.8.6", "jsonwebtoken": "8.5.1", "lodash": "4.17.21", diff --git a/ghost/mw-session-from-token/package.json b/ghost/mw-session-from-token/package.json index 2ba7b9eeb6..a0b113d813 100644 --- a/ghost/mw-session-from-token/package.json +++ b/ghost/mw-session-from-token/package.json @@ -19,7 +19,7 @@ ], "devDependencies": { "c8": "8.0.1", - "express": "4.18.3", + "express": "4.19.1", "mocha": "10.2.0", "should": "13.2.3", "sinon": "15.2.0" diff --git a/ghost/session-service/package.json b/ghost/session-service/package.json index 29aad52e0b..26f6eb0e3f 100644 --- a/ghost/session-service/package.json +++ b/ghost/session-service/package.json @@ -19,7 +19,7 @@ ], "devDependencies": { "c8": "8.0.1", - "express": "4.18.3", + "express": "4.19.1", "mocha": "10.2.0", "should": "13.2.3", "sinon": "15.2.0" diff --git a/yarn.lock b/yarn.lock index 819aeb5a71..66281f1be4 100644 --- a/yarn.lock +++ b/yarn.lock @@ -16498,7 +16498,7 @@ express-unless@^2.1.3: resolved "https://registry.yarnpkg.com/express-unless/-/express-unless-2.1.3.tgz#f951c6cca52a24da3de32d42cfd4db57bc0f9a2e" integrity sha512-wj4tLMyCVYuIIKHGt0FhCtIViBcwzWejX0EjNxveAa6dG+0XBCQhMbx+PnkLkFCxLC69qoFrxds4pIyL88inaQ== -express@4.18.3, express@^4.10.7, express@^4.17.1, express@^4.17.2, express@^4.17.3, express@^4.18.2: +express@4.18.3: version "4.18.3" resolved "https://registry.yarnpkg.com/express/-/express-4.18.3.tgz#6870746f3ff904dee1819b82e4b51509afffb0d4" integrity sha512-6VyCijWQ+9O7WuVMTRBTl+cjNNIzD5cY5mQ1WM8r/LEkI2u8EYpOotESNwzNlyCn3g+dmjKYI6BmNneSr/FSRw== @@ -16535,6 +16535,43 @@ express@4.18.3, express@^4.10.7, express@^4.17.1, express@^4.17.2, express@^4.17 utils-merge "1.0.1" vary "~1.1.2" +express@4.19.1, express@^4.10.7, express@^4.17.1, express@^4.17.2, express@^4.17.3, express@^4.18.2: + version "4.19.1" + resolved "https://registry.yarnpkg.com/express/-/express-4.19.1.tgz#4700635795e911600a45596138cf5b0320e78256" + integrity sha512-K4w1/Bp7y8iSiVObmCrtq8Cs79XjJc/RU2YYkZQ7wpUu5ZyZ7MtPHkqoMz4pf+mgXfNvo2qft8D9OnrH2ABk9w== + dependencies: + accepts "~1.3.8" + array-flatten "1.1.1" + body-parser "1.20.2" + content-disposition "0.5.4" + content-type "~1.0.4" + cookie "0.6.0" + cookie-signature "1.0.6" + debug "2.6.9" + depd "2.0.0" + encodeurl "~1.0.2" + escape-html "~1.0.3" + etag "~1.8.1" + finalhandler "1.2.0" + fresh "0.5.2" + http-errors "2.0.0" + merge-descriptors "1.0.1" + methods "~1.1.2" + on-finished "2.4.1" + parseurl "~1.3.3" + path-to-regexp "0.1.7" + proxy-addr "~2.0.7" + qs "6.11.0" + range-parser "~1.2.1" + safe-buffer "5.2.1" + send "0.18.0" + serve-static "1.15.0" + setprototypeof "1.2.0" + statuses "2.0.1" + type-is "~1.6.18" + utils-merge "1.0.1" + vary "~1.1.2" + extend-shallow@^2.0.1: version "2.0.1" resolved "https://registry.yarnpkg.com/extend-shallow/-/extend-shallow-2.0.1.tgz#51af7d614ad9a9f610ea1bafbb989d6b1c56890f"