Bump the npm_and_yarn group across 1 directory with 8 updates #5

dependabot · 2025-07-22T13:12:20Z

Bumps the npm_and_yarn group with 4 updates in the / directory: express, axios, twilio and send.

Updates express from 4.18.2 to 4.20.0

Release notes

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: path-to-regexp@0.1.8 by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

path-to-regexp@0.1.10 by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to serve-static@0.16.0
9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 path-to-regexp@0.1.10 (#5902)
2a980ad merge-descriptors@1.0.3 (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: path-to-regexp@0.1.8 (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates axios from 0.26.1 to 1.10.0

Release notes

Sourced from axios's releases.

Release v1.10.0

Release notes:

Bug Fixes

adapter: pass fetchOptions to fetch function (#6883) (0f50af8)

form-data: convert boolean values to strings in FormData serialization (#6917) (5064b10)

package: add module entry point for React Native; (#6933) (3d343b8)

Features

types: improved fetchOptions interface (#6867) (63f1fce)

Contributors to this release

Dmitriy Mozgovoy

Noritaka Kobayashi

Dimitrios Lazanas

Adrian Knapp

Howie Zhao

Uhyeon Park

Sampo Silvennoinen

Release v1.9.0

Release notes:

Bug Fixes

core: fix the Axios constructor implementation to treat the config argument as optional; (#6881) (6c5d4cd)

fetch: fixed ERR_NETWORK mapping for Safari browsers; (#6767) (dfe8411)

headers: allow iterable objects to be a data source for the set method; (#6873) (1b1f9cc)

headers: fix getSetCookie by using 'get' method for caseless access; (#6874) (d4f7df4)

headers: fixed support for setting multiple header values from an iterated source; (#6885) (f7a3b5e)

http: send minimal end multipart boundary (#6661) (987d2e2)

types: fix autocomplete for adapter config (#6855) (e61a893)

Features

AxiosHeaders: add getSetCookie method to retrieve set-cookie headers values (#5707) (80ea756)

Contributors to this release

Dmitriy Mozgovoy

Jay

Willian Agostini

George Cheng

FatahChan

Ionuț G. Stan

Release v1.8.4

... (truncated)

Changelog

Sourced from axios's changelog.

1.10.0 (2025-06-14)

Bug Fixes

adapter: pass fetchOptions to fetch function (#6883) (0f50af8)

form-data: convert boolean values to strings in FormData serialization (#6917) (5064b10)

package: add module entry point for React Native; (#6933) (3d343b8)

Features

types: improved fetchOptions interface (#6867) (63f1fce)

Contributors to this release

Dmitriy Mozgovoy

Noritaka Kobayashi

Dimitrios Lazanas

Adrian Knapp

Howie Zhao

Uhyeon Park

Sampo Silvennoinen

1.9.0 (2025-04-24)

Bug Fixes

core: fix the Axios constructor implementation to treat the config argument as optional; (#6881) (6c5d4cd)

fetch: fixed ERR_NETWORK mapping for Safari browsers; (#6767) (dfe8411)

headers: allow iterable objects to be a data source for the set method; (#6873) (1b1f9cc)

headers: fix getSetCookie by using 'get' method for caseless access; (#6874) (d4f7df4)

headers: fixed support for setting multiple header values from an iterated source; (#6885) (f7a3b5e)

http: send minimal end multipart boundary (#6661) (987d2e2)

types: fix autocomplete for adapter config (#6855) (e61a893)

Features

AxiosHeaders: add getSetCookie method to retrieve set-cookie headers values (#5707) (80ea756)

Contributors to this release

Dmitriy Mozgovoy

Jay

Willian Agostini

George Cheng

FatahChan

Ionuț G. Stan

... (truncated)

Commits

73a836d chore(release): v1.10.0 (#6943)
3d343b8 fix(package): add module entry point for React Native; (#6933)
0f50af8 fix(adapter): pass fetchOptions to fetch function (#6883)
ee7799e refactor: remove unused import in test (#6922)
eb0a2db chore: fix typos in test (#6923)
7d55139 docs(readme): improve error descriptions; (#6920)
f4fc6b8 chore(sponsor): update sponsor block (#6921)
5064b10 fix(form-data): convert boolean values to strings in FormData serialization (...
c7e0fea CI: add Node 24 (#6913)
7ba895c chore(sponsor): update sponsor block (#6907)
Additional commits viewable in compare view

Updates twilio from 4.19.0 to 4.23.0

Release notes

Sourced from twilio's releases.

4.23.0

Release Notes

Library - Chore

[PR #1005](twilio/twilio-node#1005): cluster tests enabled. Thanks to @sbansla!

Api

remove feedback and feedback summary from call resource

Flex

Adding routing_properties to Interactions Channels Participant

Lookups

Add new line_status package to the lookup response

Remove live_activity package from the lookup response (breaking change)

Messaging

Add tollfree multiple rejection reasons response array

Trusthub

Add ENUM for businessRegistrationAuthority in compliance_registration. (breaking change)

Add new field in isIsvEmbed in compliance_registration.

Add additional optional fields in compliance_registration for Individual business type.

Twiml

Add support for new Amazon Polly and Google voices (Q1 2024) for Say verb

Docs

4.22.0

Release Notes

Library - Chore

[PR #1002](twilio/twilio-node#1002): disable cluster test. Thanks to @sbansla!

[PR #1001](twilio/twilio-node#1001): Remove Media V1. Thanks to @califlower!

[PR #997](twilio/twilio-node#997): removing oauth and autopilot references. Thanks to @tiwarishubham635!

Api

Updated service base url for connect apps and authorized connect apps APIs (breaking change)

Update documentation to reflect RiskCheck GA

Added optional parameter CallToken for create participant api

Events

Marked as GA

Flex

Adding flex_instance_sid to Flex Configuration

Adding provisioning_status for Email Manager

Adding offline_config to Flex Configuration

... (truncated)

Changelog

Sourced from twilio's changelog.

[2024-02-27] Version 4.23.0

Library - Chore

[PR #1005](twilio/twilio-node#1005): cluster tests enabled. Thanks to @sbansla!

Api

remove feedback and feedback summary from call resource

Flex

Adding routing_properties to Interactions Channels Participant

Lookups

Add new line_status package to the lookup response

Remove live_activity package from the lookup response (breaking change)

Messaging

Add tollfree multiple rejection reasons response array

Trusthub

Add ENUM for businessRegistrationAuthority in compliance_registration. (breaking change)

Add new field in isIsvEmbed in compliance_registration.

Add additional optional fields in compliance_registration for Individual business type.

Twiml

Add support for new Amazon Polly and Google voices (Q1 2024) for Say verb

[2024-02-09] Version 4.22.0

Library - Chore

[PR #1002](twilio/twilio-node#1002): disable cluster test. Thanks to @sbansla!

[PR #1001](twilio/twilio-node#1001): Remove Media V1. Thanks to @califlower!

[PR #997](twilio/twilio-node#997): removing oauth and autopilot references. Thanks to @tiwarishubham635!

Api

Updated service base url for connect apps and authorized connect apps APIs (breaking change)

Update documentation to reflect RiskCheck GA

Added optional parameter CallToken for create participant api

Events

Marked as GA

Flex

Adding flex_instance_sid to Flex Configuration

Adding provisioning_status for Email Manager

Adding offline_config to Flex Configuration

Insights

add flag to restrict access to unapid customers

decommission voice-qualitystats-endpoint role

... (truncated)

Commits

0a797ba Release 4.23.0
450593c [Librarian] Regenerated @ f75e0fb81b57afeb6b457dc85e19644ebb530f9b
010d9f9 chore: cluster tests enabled (#1005)
cc9b7b1 Release 4.22.0
84bcabe [Librarian] Regenerated @ c3db20dd5f24647ef2bd3fb8b955496c59bb22bd
a86024d chore: disable cluster test (#1002)
829f455 chore: Remove Media V1 (#1001)
7bbaaba chore: removing oauth and autopilot references (#997)
d22044c Release 4.21.0
b827109 [Librarian] Regenerated @ 704aff1023a3b44d7f87c78c70595552749ad55c
Additional commits viewable in compare view

Updates body-parser from 1.20.1 to 1.20.3

Release notes

Sourced from body-parser's releases.

1.20.3

What's Changed

Important

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity). Documentation

Other changes

chore: add support for OSSF scorecard reporting by @inigomarquinez in expressjs/body-parser#522

ci: fix errors in ci github action for node 8 and 9 by @inigomarquinez in expressjs/body-parser#523

fix: pin to node@22.4.1 by @wesleytodd in expressjs/body-parser#527

deps: qs@6.12.3 by @melikhov-dev in expressjs/body-parser#521

Add OSSF Scorecard badge by @bjohansebas in expressjs/body-parser#531

Linter by @UlisesGascon in expressjs/body-parser#534

Release: 1.20.3 by @UlisesGascon in expressjs/body-parser#535

New Contributors

@inigomarquinez made their first contribution in expressjs/body-parser#522

@melikhov-dev made their first contribution in expressjs/body-parser#521

@bjohansebas made their first contribution in expressjs/body-parser#531

@UlisesGascon made their first contribution in expressjs/body-parser#534

Full Changelog: expressjs/body-parser@1.20.2...1.20.3

1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Changelog

Sourced from body-parser's changelog.

1.20.3 / 2024-09-10

deps: qs@6.13.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

1.20.2 / 2023-02-21

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

perf: skip value escaping when unnecessary

deps: raw-body@2.5.2

Commits

1752951 1.20.3
39744cf chore: linter (#534)
b2695c4 Merge commit from fork
ade0f3f add scorecard to readme (#531)
99a1bd6 deps: qs@6.12.3 (#521)
9478591 fix: pin to node@22.4.1
83db46a ci: fix errors in ci github action for node 8 and 9 (#523)
9d4e212 chore: add support for OSSF scorecard reporting (#522)
ee91374 1.20.2
368a93a Fix strict json error message on Node.js 19+
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for body-parser since your current version.

Updates cookie from 0.5.0 to 0.6.0

Release notes

Sourced from cookie's releases.

0.6.0

Add partitioned option

Changelog

Sourced from cookie's changelog.

0.6.0 / 2023-11-06

Add partitioned option

Commits

38323ba 0.6.0
7560154 build: top-sites@1.1.194
c45b52d docs: switch badges to badgen
84a1567 Add partitioned option
c67a478 docs: fix typos in HISTORY
52a76c1 docs: fix typo in HISTORY
5f22857 Fix typo in JSDoc
da7e44e build: mocha@10.2.0
936036a build: eslint-plugin-markdown@3.0.1
197f670 build: eslint@8.53.0
Additional commits viewable in compare view

Updates follow-redirects from 1.15.3 to 1.15.9

Commits

e4e55c7 Release version 1.15.9 of the npm package.
31a1abf Attempt much more gentle detection.
d2aaa97 Fix url field.
62558f0 Release version 1.15.8 of the npm package.
a8d1cee Return subtlety.
458ca8e Fix native URL test for Node 20.
ca49e44 Handle KeepAlive connections in tests.
f3711d7 Test on Node 20 and 22.
fda0faf Fix typo.
760757f Release version 1.15.7 of the npm package.
Additional commits viewable in compare view

Updates send from 0.18.0 to 0.19.0

Release notes

Sourced from send's releases.

0.19.0

What's Changed

Remove link renderization in html while redirecting (pillarjs/send#235)

New Contributors

@UlisesGascon made their first contribution in pillarjs/send#235

Full Changelog: pillarjs/send@0.18.0...0.19.0

Changelog

Sourced from send's changelog.

0.19.0 / 2024-09-10

Remove link renderization in html while redirecting

Commits

9d2db99 0.19.0
ae4f298 Merge commit from fork
See full diff in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for send since your current version.

Updates express from 4.20.0 to 4.21.2

Release notes

Sourced from express's releases.

4.20.0

What's Changed

Important

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

Other Changes

4.19.2 Staging by @wesleytodd in expressjs/express#5561

remove duplicate location test for data uri by @wesleytodd in expressjs/express#5562

feat: document beta releases expectations by @marco-ippolito in expressjs/express#5565

Cut down on duplicated CI runs by @jonchurch in expressjs/express#5564

Add a Threat Model by @UlisesGascon in expressjs/express#5526

Assign captain of encodeurl by @blakeembrey in expressjs/express#5579

Nominate jonchurch as repo captain for http-errors, expressjs.com, morgan, cors, body-parser by @jonchurch in expressjs/express#5587

docs: update Security.md by @inigomarquinez in expressjs/express#5590

docs: update triage nomination policy by @UlisesGascon in expressjs/express#5600

Add CodeQL (SAST) by @UlisesGascon in expressjs/express#5433

docs: add UlisesGascon as triage initiative captain by @UlisesGascon in expressjs/express#5605

deps: encodeurl@~2.0.0 by @blakeembrey in expressjs/express#5569

skip QUERY method test by @jonchurch in expressjs/express#5628

ignore ETAG query test on 21 and 22, reuse skip util by @jonchurch in expressjs/express#5639

add support Node.js@22 in the CI by @mertcanaltin in expressjs/express#5627

doc: add table of contents, tc/triager lists to readme by @mertcanaltin in expressjs/express#5619

List and sort all projects, add captains by @blakeembrey in expressjs/express#5653

docs: add @UlisesGascon as captain for cookie-parser by @UlisesGascon in expressjs/express#5666

✨ bring back query tests for node 21 by @ctcpip in expressjs/express#5690

[v4] Deprecate res.clearCookie accepting options.maxAge and options.expires by @jonchurch in expressjs/express#5672

skip QUERY tests for Node 21 only, still not supported by @jonchurch in expressjs/express#5695

📝 update people, add ctcpip to TC by @ctcpip in expressjs/express#5683

remove minor version pinning from ci by @jonchurch in expressjs/express#5722

Fix link variable use in attribution section of CODE OF CONDUCT by @IamLizu in expressjs/express#5762

Replace Appveyor windows testing with GHA by @jonchurch in expressjs/express#5599

Add OSSF Scorecard badge by @UlisesGascon in expressjs/express#5436

update scorecard link by @bjohansebas in expressjs/express#5814

Nominate @IamLizu to the triage team by @UlisesGascon in expressjs/express#5836

deps: path-to-regexp@0.1.8 by @blakeembrey in expressjs/express#5603

docs: specify new instructions for question and discuss by @IamLizu in expressjs/express#5835

4.x: Upgrade merge-descriptors dependency by @RobinTail in expressjs/express#5781

path-to-regexp@0.1.10 by @blakeembrey in expressjs/express#5902

New Contributors

@marco-ippolito made their first contribution in expressjs/express#5565

@inigomarquinez made their first contribution in expressjs/express#5590

@mertcanaltin made their first contribution in expressjs/express#5627

@ctcpip made their first contribution in expressjs/express#5690

@bjohansebas made their first contribution in expressjs/express#5814

Full Changelog: expressjs/express@4.19.1...4.20.0

... (truncated)

Changelog

Sourced from express's changelog.

4.20.0 / 2024-09-10

deps: serve-static@0.16.0

Remove link renderization in html while redirecting

deps: send@0.19.0

Remove link renderization in html while redirecting

deps: body-parser@0.6.0

add depth option to customize the depth level in the parser

IMPORTANT: The default depth level for parsing URL-encoded data is now 32 (previously was Infinity)

Remove link renderization in html while using res.redirect

deps: path-to-regexp@0.1.10

Adds support for named matching groups in the routes using a regex

Adds backtracking protection to parameters without regexes defined

deps: encodeurl@~2.0.0

Removes encoding of \, |, and ^ to align better with URL spec

Deprecate passing options.maxAge and options.expires to res.clearCookie

Will be ignored in v5, clearCookie will set a cookie with an expires in the past to instruct clients to delete the cookie

4.19.2 / 2024-03-25

Improved fix for open redirect allow list bypass

4.19.1 / 2024-03-20

Allow passing non-strings to res.location with new encoding handling checks

4.19.0 / 2024-03-20

Prevent open redirect allow list bypass due to encodeurl

deps: cookie@0.6.0

4.18.3 / 2024-02-29

Fix routing requests without method

deps: body-parser@1.20.2

Fix strict json error message on Node.js 19+

deps: content-type@~1.0.5

deps: raw-body@2.5.2

deps: cookie@0.6.0

Add partitioned option

Commits

21df421 4.20.0
4c9ddc1 feat: upgrade to serve-static@0.16.0
9ebe5d5 feat: upgrade to send@0.19.0 (#5928)
ec4a01b feat: upgrade to body-parser@1.20.3 (#5926)
54271f6 fix: don't render redirect values in anchor href
125bb74 path-to-regexp@0.1.10 (#5902)
2a980ad merge-descriptors@1.0.3 (#5781)
a3e7e05 docs: specify new instructions for question and discuss
c5addb9 deps: path-to-regexp@0.1.8 (#5603)
e35380a docs: add @IamLizu to the triage team (#5836)
Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Updates serve-static from 1.15.0 to 1.16.2

Release notes

Sourced from serve-static's releases.

v1.16.2

What's Changed

encodeurl@~2.0.0 by @wesleytodd in expressjs/serve-static#180

Full Changel...
Description has been truncated

Bumps the npm_and_yarn group with 4 updates in the / directory: [express](https://github.com/expressjs/express), [axios](https://github.com/axios/axios), [twilio](https://github.com/twilio/twilio-node) and [send](https://github.com/pillarjs/send). Updates `express` from 4.18.2 to 4.20.0 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.20.0) Updates `axios` from 0.26.1 to 1.10.0 - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](axios/axios@v0.26.1...v1.10.0) Updates `twilio` from 4.19.0 to 4.23.0 - [Release notes](https://github.com/twilio/twilio-node/releases) - [Changelog](https://github.com/twilio/twilio-node/blob/main/CHANGES.md) - [Commits](twilio/twilio-node@4.19.0...4.23.0) Updates `body-parser` from 1.20.1 to 1.20.3 - [Release notes](https://github.com/expressjs/body-parser/releases) - [Changelog](https://github.com/expressjs/body-parser/blob/master/HISTORY.md) - [Commits](expressjs/body-parser@1.20.1...1.20.3) Updates `cookie` from 0.5.0 to 0.6.0 - [Release notes](https://github.com/jshttp/cookie/releases) - [Changelog](https://github.com/jshttp/cookie/blob/v0.6.0/HISTORY.md) - [Commits](jshttp/cookie@v0.5.0...v0.6.0) Updates `follow-redirects` from 1.15.3 to 1.15.9 - [Release notes](https://github.com/follow-redirects/follow-redirects/releases) - [Commits](follow-redirects/follow-redirects@v1.15.3...v1.15.9) Updates `send` from 0.18.0 to 0.19.0 - [Release notes](https://github.com/pillarjs/send/releases) - [Changelog](https://github.com/pillarjs/send/blob/master/HISTORY.md) - [Commits](pillarjs/send@0.18.0...0.19.0) Updates `express` from 4.20.0 to 4.21.2 - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](expressjs/express@4.18.2...4.20.0) Updates `serve-static` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/expressjs/serve-static/releases) - [Changelog](https://github.com/expressjs/serve-static/blob/v1.16.2/HISTORY.md) - [Commits](expressjs/serve-static@v1.15.0...v1.16.2) --- updated-dependencies: - dependency-name: express dependency-version: 4.20.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: axios dependency-version: 1.10.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: twilio dependency-version: 4.23.0 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: body-parser dependency-version: 1.20.3 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: cookie dependency-version: 0.6.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: follow-redirects dependency-version: 1.15.9 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: send dependency-version: 0.19.0 dependency-type: indirect dependency-group: npm_and_yarn - dependency-name: express dependency-version: 4.21.2 dependency-type: direct:production dependency-group: npm_and_yarn - dependency-name: serve-static dependency-version: 1.16.2 dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 22, 2025

This was referenced Jul 22, 2025

Bump axios and twilio #2

Closed

Bump follow-redirects from 1.15.3 to 1.15.6 #3

Closed

Bump express from 4.18.2 to 4.19.2 #4

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the npm_and_yarn group across 1 directory with 8 updates #5

Bump the npm_and_yarn group across 1 directory with 8 updates #5

Uh oh!

dependabot bot commented on behalf of github Jul 22, 2025

Uh oh!

Uh oh!

Bump the npm_and_yarn group across 1 directory with 8 updates #5

Are you sure you want to change the base?

Bump the npm_and_yarn group across 1 directory with 8 updates #5

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 22, 2025

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

Release v1.10.0

Release notes:

Bug Fixes

Features

Contributors to this release

Release v1.9.0

Release notes:

Bug Fixes

Features

Contributors to this release

Release v1.8.4

1.10.0 (2025-06-14)

Bug Fixes

Features

Contributors to this release

1.9.0 (2025-04-24)

Bug Fixes

Features

Contributors to this release

4.23.0

Release Notes

4.22.0

Release Notes

[2024-02-27] Version 4.23.0

[2024-02-09] Version 4.22.0

1.20.3

What's Changed

Important

Other changes

New Contributors

1.20.2

1.20.3 / 2024-09-10

1.20.2 / 2023-02-21

0.6.0

0.6.0 / 2023-11-06

0.19.0

What's Changed

New Contributors

0.19.0 / 2024-09-10

4.20.0

What's Changed

Important

Other Changes

New Contributors

4.20.0 / 2024-09-10

4.19.2 / 2024-03-25

4.19.1 / 2024-03-20

4.19.0 / 2024-03-20

4.18.3 / 2024-02-29

v1.16.2

What's Changed

Uh oh!

Uh oh!