fix(deps): update dependency express to v5

[red-hat-konflux]

This PR contains the following updates:

Package	Change	Age	Confidence
express (source)	^4.21.2 → ^5.0.0
@types/express (source)	^4.17.21 → ^5.0.0

---

Warning

Some dependencies could not be looked up. Check the warning logs for more information.

---

Release Notes

expressjs/express (express)

v5.2.1

Compare Source

=======================

• Revert security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
  • The prior release (5.2.0) included an erroneous breaking change related to the extended query parser. There is no actual security vulnerability associated with this behavior (CVE-2024-51999 has been rejected). The change has been fully reverted in this release.

v5.2.0

Compare Source

========================

• Security fix for CVE-2024-51999 (GHSA-pj86-cfqh-vqx6)
• deps: body-parser@^2.2.1
• A deprecation warning was added when using res.redirect with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.

v5.1.0

Compare Source

========================

• Add support for Uint8Array in res.send()
• Add support for ETag option in res.sendFile()
• Add support for multiple links with the same rel in res.links()
• Add funding field to package.json
• perf: use loop for acceptParams
• refactor: prefix built-in node module imports
• deps: remove setprototypeof
• deps: remove safe-buffer
• deps: remove utils-merge
• deps: remove methods
• deps: remove depd
• deps: debug@^4.4.0
• deps: body-parser@^2.2.0
• deps: router@^2.2.0
• deps: content-type@^1.0.5
• deps: finalhandler@^2.1.0
• deps: qs@^6.14.0
• deps: server-static@2.2.0
• deps: type-is@2.0.1

v5.0.1

Compare Source

==========

• Update cookie semver lock to address CVE-2024-47764

v5.0.0

Compare Source

=========================

• remove:
  • path-is-absolute dependency - use path.isAbsolute instead
• breaking:
  • res.status() accepts only integers, and input must be greater than 99 and less than 1000
    • will throw a RangeError: Invalid status code: ${code}. Status code must be greater than 99 and less than 1000. for inputs outside this range
    • will throw a TypeError: Invalid status code: ${code}. Status code must be an integer. for non integer inputs
  • deps: send@​1.0.0
  • res.redirect('back') and res.location('back') is no longer a supported magic string, explicitly use req.get('Referrer') || '/'.
• change:
  • res.clearCookie will ignore user provided maxAge and expires options
• deps: cookie-signature@^1.2.1
• deps: debug@​4.3.6
• deps: merge-descriptors@^2.0.0
• deps: serve-static@^2.1.0
• deps: qs@​6.13.0
• deps: accepts@^2.0.0
• deps: mime-types@^3.0.0
  • application/javascript => text/javascript
• deps: type-is@^2.0.0
• deps: content-disposition@^1.0.0
• deps: finalhandler@^2.0.0
• deps: fresh@^2.0.0
• deps: body-parser@^2.0.1
• deps: send@^1.1.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

To execute skipped test pipelines write comment /ok-to-test.

---

Documentation

Find out how to configure dependency updates in MintMaker documentation or see all available configuration options in Renovate documentation.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro Plus

Run ID: 3f050f0f-93a9-4f6e-93fa-1f5a7fd9d9f4

📥 Commits

Reviewing files that changed from the base of the PR and between dcf6065 and eb46f5c.

⛔ Files ignored due to path filters (1)

• mcp/package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• mcp/package.json

---

Summary by CodeRabbit

• Chores
  • Updated backend framework dependencies to latest versions for improved stability and long-term compatibility.

Walkthrough

Updated Express framework dependency from version 4 to version 5 in mcp/package.json, along with corresponding TypeScript type definitions. Only dependency version modifications; no code or API changes.

Changes

Cohort / File(s)	Summary
Express Dependency Update mcp/package.json	Bumped express from ^4.21.2 to ^5.0.0 and @types/express from ^4.17.21 to ^5.0.0.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately and concisely summarizes the main change: updating the express dependency to v5.
Description check	✅ Passed	The description is directly related to the changeset, providing detailed release notes and dependency update information for express and @types/express versions.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch konflux/mintmaker/master/express-5.x

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}