From a5a427fb849f14c4214fe4438cb5a882c53d35ab Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 23 Mar 2024 20:48:00 +0100
Subject: [PATCH] build(deps): bump express from 4.18.3 to 4.19.1 (#6261)

Bumps [express](https://github.com/expressjs/express) from 4.18.3 to 4.19.1.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.3...4.19.1)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 pnpm-lock.yaml   | 21 +++++++++++++--------
 src/package.json |  2 +-
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml
index cbcd1a50..0da8ea63 100644
--- a/pnpm-lock.yaml
+++ b/pnpm-lock.yaml
@@ -149,11 +149,11 @@ importers:
         specifier: 0.0.12
         version: 0.0.12
       express:
-        specifier: 4.18.3
-        version: 4.18.3
+        specifier: 4.19.1
+        version: 4.19.1
       express-rate-limit:
         specifier: ^7.2.0
-        version: 7.2.0(express@4.18.3)
+        version: 7.2.0(express@4.19.1)
       express-session:
         specifier: npm:@etherpad/express-session@^1.18.2
         version: /@etherpad/express-session@1.18.2
@@ -2749,6 +2749,11 @@ packages:
     engines: {node: '>= 0.6'}
     dev: false
 
+  /cookie@0.6.0:
+    resolution: {integrity: sha512-U71cyTamuh1CRNCfpGY6to28lxvNwPG4Guz/EVjgf3Jmzv0vlDp1atT9eS5dDjMYHucpHbWns6Lwf3BKz6svdw==}
+    engines: {node: '>= 0.6'}
+    dev: false
+
   /cookiejar@2.1.4:
     resolution: {integrity: sha512-LDx6oHrK+PhzLKJU9j5S7/Y3jM/mUHvD/DeI1WQmJn652iPC5Y4TBzC9l+5OMOXlyTTA+SmVUPm0HQUwpD5Jqw==}
 
@@ -3580,17 +3585,17 @@ packages:
       mime: 1.6.0
     dev: false
 
-  /express-rate-limit@7.2.0(express@4.18.3):
+  /express-rate-limit@7.2.0(express@4.19.1):
     resolution: {integrity: sha512-T7nul1t4TNyfZMJ7pKRKkdeVJWa2CqB8NA1P8BwYaoDI5QSBZARv5oMS43J7b7I5P+4asjVXjb7ONuwDKucahg==}
     engines: {node: '>= 16'}
     peerDependencies:
       express: 4 || 5 || ^5.0.0-beta.1
     dependencies:
-      express: 4.18.3
+      express: 4.19.1
     dev: false
 
-  /express@4.18.3:
-    resolution: {integrity: sha512-6VyCijWQ+9O7WuVMTRBTl+cjNNIzD5cY5mQ1WM8r/LEkI2u8EYpOotESNwzNlyCn3g+dmjKYI6BmNneSr/FSRw==}
+  /express@4.19.1:
+    resolution: {integrity: sha512-K4w1/Bp7y8iSiVObmCrtq8Cs79XjJc/RU2YYkZQ7wpUu5ZyZ7MtPHkqoMz4pf+mgXfNvo2qft8D9OnrH2ABk9w==}
     engines: {node: '>= 0.10.0'}
     dependencies:
       accepts: 1.3.8
@@ -3598,7 +3603,7 @@ packages:
       body-parser: 1.20.2
       content-disposition: 0.5.4
       content-type: 1.0.5
-      cookie: 0.5.0
+      cookie: 0.6.0
       cookie-signature: 1.0.6
       debug: 2.6.9
       depd: 2.0.0
diff --git a/src/package.json b/src/package.json
index ebc01ea9..9e749c11 100644
--- a/src/package.json
+++ b/src/package.json
@@ -38,7 +38,7 @@
     "ejs": "^3.1.9",
     "etherpad-require-kernel": "^1.0.16",
     "etherpad-yajsml": "0.0.12",
-    "express": "4.18.3",
+    "express": "4.19.1",
     "express-rate-limit": "^7.2.0",
     "express-session": "npm:@etherpad/express-session@^1.18.2",
     "fast-deep-equal": "^3.1.3",