chore(deps): update express requirement from ^4.17.1 to ^4.18.3 in /packages/core

[dependabot[bot]]

Updates the requirements on express to permit the latest version.

Release notes

Sourced from express's releases.

4.18.3

Main Changes

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

Other Changes

• Use https: protocol instead of deprecated git: protocol by @​vcsjones in expressjs/express#5032
• build: Node.js@16.18 and Node.js@18.12 by @​abenhamdine in expressjs/express#5034
• ci: update actions/checkout to v3 by @​armujahid in expressjs/express#5027
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5124
• Remove unused originalIndex from acceptParams by @​raksbisht in expressjs/express#5119
• Fixed typos by @​raksbisht in expressjs/express#5117
• examples: remove unused params by @​raksbisht in expressjs/express#5113
• fix: parameter str is not described in JSDoc by @​raksbisht in expressjs/express#5130
• fix: typos in History.md by @​raksbisht in expressjs/express#5131
• build : add Node.js@19.7 by @​abenhamdine in expressjs/express#5028
• test: remove unused function arguments in params by @​raksbisht in expressjs/express#5137
• use random port in test so it won't fail on already listening by @​rluvaton in expressjs/express#5162
• tests: use cb() instead of done() by @​kristof-low in expressjs/express#5233
• examples: remove multipart example by @​riddlew in expressjs/express#5195
• Update support Node.js@18 in the CI by @​UlisesGascon in expressjs/express#5490
• Fix favicon-related bug in cookie-sessions example by @​DmytroKondrashov in expressjs/express#5414
• Release 4.18.3 by @​UlisesGascon in expressjs/express#5505

New Contributors

• @​vcsjones made their first contribution in expressjs/express#5032
• @​abenhamdine made their first contribution in expressjs/express#5034
• @​armujahid made their first contribution in expressjs/express#5027
• @​raksbisht made their first contribution in expressjs/express#5124
• @​rluvaton made their first contribution in expressjs/express#5162
• @​kristof-low made their first contribution in expressjs/express#5233
• @​riddlew made their first contribution in expressjs/express#5195
• @​DmytroKondrashov made their first contribution in expressjs/express#5414

Full Changelog: https://github.com/expressjs/express/compare/4.18.2...4.18.3

Changelog

Sourced from express's changelog.

4.18.3 / 2024-02-26

• Fix routing requests without method
• deps: body-parser@1.20.2
  • Fix strict json error message on Node.js 19+
  • deps: content-type@~1.0.5
  • deps: raw-body@2.5.2

4.18.2 / 2022-10-08

• Fix regression routing a large stack in a single route
• deps: body-parser@1.20.1
  • deps: qs@6.11.0
  • perf: remove unnecessary object clone
• deps: qs@6.11.0

4.18.1 / 2022-04-29

• Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

• Add "root" option to res.download
• Allow options without filename in res.download
• Deprecate string and non-integer arguments to res.status
• Fix behavior of null/undefined as maxAge in res.cookie
• Fix handling very large stacks of sync middleware
• Ignore Object.prototype values in settings through app.set/app.get
• Invoke default with same arguments as types in res.format
• Support proper 205 responses using res.send
• Use http-errors for res.format error
• deps: body-parser@1.20.0
  • Fix error message for json parse whitespace in strict
  • Fix internal error when inflated body exceeds limit
  • Prevent loss of async hooks context
  • Prevent hanging when request already read
  • deps: depd@2.0.0
  • deps: http-errors@2.0.0
  • deps: on-finished@2.4.1
  • deps: qs@6.10.3
  • deps: raw-body@2.5.1
• deps: cookie@0.5.0
  • Add priority option
  • Fix expires option to reject invalid dates
• deps: depd@2.0.0
  • Replace internal eval usage with Function constructor

... (truncated)

Commits

• 1b51eda 4.18.3
• b625132 build: pin Node 21.x to minor
• e3eca80 build: pin Node 21.x to minor
• 23b44b3 build: support Node.js 21.6.2
• b9fea12 build: support Node.js 21.x in appveyor
• c259c34 build: support Node.js 21.x
• fdeb1d3 build: support Node.js 20.x in appveyor
• 734b281 build: support Node.js 20.x
• 0e3ab6e examples: improve view count in cookie-sessions
• 59af63a build: Node.js@18.19
• Additional commits viewable in compare view

Maintainer changes

This version was pushed to npm by ulisesgascon, a new releaser for express since your current version.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[changeset-bot[bot]]

⚠️ No Changeset found

Latest commit: a5a5dfd2aee86e0f48755a0822b30d4563e5da18

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[dependabot[bot]]

Looks like express is up-to-date now, so this is no longer needed.