Bump express from 4.16.4 to 4.17.0

[dependabot-preview[bot]]

Bumps express from 4.16.4 to 4.17.0.

Release notes

*Sourced from [express's releases](https://github.com/expressjs/express/releases).* > ## 4.17.0 > * Add `express.raw` to parse bodies into `Buffer` > * Add `express.text` to parse bodies into string > * Improve error message for non-strings to `res.sendFile` > * Improve error message for `null`/`undefined` to `res.status` > * Support multiple hosts in `X-Forwarded-Host` > * deps: accepts@~1.3.7 > * deps: body-parser@1.19.0 > - Add encoding MIK > - Add petabyte (`pb`) support > - Fix parsing array brackets after index > - deps: bytes@3.1.0 > - deps: http-errors@1.7.2 > - deps: iconv-lite@0.4.24 > - deps: qs@6.7.0 > - deps: raw-body@2.4.0 > - deps: type-is@~1.6.17 > * deps: content-disposition@0.5.3 > * deps: cookie@0.4.0 > - Add `SameSite=None` support > * deps: finalhandler@~1.1.2 > - Set stricter `Content-Security-Policy` header > - deps: parseurl@~1.3.3 > - deps: statuses@~1.5.0 > * deps: parseurl@~1.3.3 > * deps: proxy-addr@~2.0.5 > - deps: ipaddr.js@1.9.0 > * deps: qs@6.7.0 > - Fix parsing array brackets after index > * deps: range-parser@~1.2.1 > * deps: send@0.17.1 > - Set stricter CSP header in redirect & error responses > - deps: http-errors@~1.7.2 > - deps: mime@1.6.0 > - deps: ms@2.1.1 > - deps: range-parser@~1.2.1 > - deps: statuses@~1.5.0 > - perf: remove redundant `path.normalize` call > * deps: serve-static@1.14.1 > - Set stricter CSP header in redirect response > - deps: parseurl@~1.3.3 > - deps: send@0.17.1 > * deps: setprototypeof@1.1.1 > * deps: statuses@~1.5.0 > - Add `103 Early Hints` > * deps: type-is@~1.6.18 > - deps: mime-types@~2.1.24 > - perf: prevent internal `throw` on invalid type

Changelog

*Sourced from [express's changelog](https://github.com/expressjs/express/blob/master/History.md).* > 4.17.0 / 2019-05-16 > =================== > > * Add `express.raw` to parse bodies into `Buffer` > * Add `express.text` to parse bodies into string > * Improve error message for non-strings to `res.sendFile` > * Improve error message for `null`/`undefined` to `res.status` > * Support multiple hosts in `X-Forwarded-Host` > * deps: accepts@~1.3.7 > * deps: body-parser@1.19.0 > - Add encoding MIK > - Add petabyte (`pb`) support > - Fix parsing array brackets after index > - deps: bytes@3.1.0 > - deps: http-errors@1.7.2 > - deps: iconv-lite@0.4.24 > - deps: qs@6.7.0 > - deps: raw-body@2.4.0 > - deps: type-is@~1.6.17 > * deps: content-disposition@0.5.3 > * deps: cookie@0.4.0 > - Add `SameSite=None` support > * deps: finalhandler@~1.1.2 > - Set stricter `Content-Security-Policy` header > - deps: parseurl@~1.3.3 > - deps: statuses@~1.5.0 > * deps: parseurl@~1.3.3 > * deps: proxy-addr@~2.0.5 > - deps: ipaddr.js@1.9.0 > * deps: qs@6.7.0 > - Fix parsing array brackets after index > * deps: range-parser@~1.2.1 > * deps: send@0.17.1 > - Set stricter CSP header in redirect & error responses > - deps: http-errors@~1.7.2 > - deps: mime@1.6.0 > - deps: ms@2.1.1 > - deps: range-parser@~1.2.1 > - deps: statuses@~1.5.0 > - perf: remove redundant `path.normalize` call > * deps: serve-static@1.14.1 > - Set stricter CSP header in redirect response > - deps: parseurl@~1.3.3 > - deps: send@0.17.1 > * deps: setprototypeof@1.1.1 > * deps: statuses@~1.5.0 > - Add `103 Early Hints` > * deps: type-is@~1.6.18 > - deps: mime-types@~2.1.24 > - perf: prevent internal `throw` on invalid type > ... (truncated)

Commits

- [`10c7756`](https://github.com/expressjs/express/commit/10c7756764fbe969b307b15a72fd074479c00f8d) 4.17.0 - [`9dadca2`](https://github.com/expressjs/express/commit/9dadca2c64ae717063b0e9071143065896ebb676) docs: remove Gratipay links - [`b8e5056`](https://github.com/expressjs/express/commit/b8e50568af9c73ef1ade434e92c60d389868361d) tests: ignore unreachable line - [`94e48a1`](https://github.com/expressjs/express/commit/94e48a16f273963dc37829352b7381e4e9222315) build: update example dependencies - [`efcb17d`](https://github.com/expressjs/express/commit/efcb17dcb21699ef685eff4455a9443f707a4901) deps: cookie@0.4.0 - [`b9ecb9a`](https://github.com/expressjs/express/commit/b9ecb9afe336ad00eb6e2dbc055e838649fe784f) build: support Node.js 12.x - [`5266f3a`](https://github.com/expressjs/express/commit/5266f3a5cb25fdd6846b76a727d601506791c4ce) build: test against Node.js 13.x nightly - [`e502dde`](https://github.com/expressjs/express/commit/e502dde3c8c82ff107603f78d6cac9a33a699dd7) build: Node.js@10.15 - [`da6f701`](https://github.com/expressjs/express/commit/da6f701317d154e47921139257ffcefb15d15ca7) deps: range-parser@~1.2.1 - [`88f9733`](https://github.com/expressjs/express/commit/88f9733ffa58ce89bd5a9b207f0c8b4c2965fec6) deps: serve-static@1.14.1 - Additional commits viewable in [compare view](https://github.com/expressjs/express/compare/4.16.4...4.17.0)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.

[dependabot-preview[bot]]

Superseded by #35.