chore(deps): update dependency express to v4.22.0 #180
Security Report
❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: npm. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.
Scan Details Report
npm
/tmp/ws-scm/atom/spec/fixtures/packages/package-with-broken-package-json/package.json
| Step | Level | Description | Details |
|---|---|---|---|
| Preparing the project for scan | ⚠Warn | One or more of the installations failed | Fail to run npm install: npm error code EJSONPARSE npm error JSON.parse Invalid package.json: JSONParseError: Unexpected token "I" (0x49), "INVALID npm error JSON.parse " is not valid JSON while parsing 'INVALID npm error JSON.parse ' npm error JSON.parse Failed to parse JSON data. npm error JSON.parse Note: package.json must be actual JSON, not just JavaScript. npm error |
| Resolving the project | ❌Error | Failure to perform the resolution operation due to an issue parsing a file | Invalid package.json file: /tmp/ws-scm/atom/spec/fixtures/packages/package-with-broken-package-json/package.json |
You have successfully remediated 31 vulnerabilities, but introduced 1 new vulnerabilities in this branch.❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|
CVE-2026-26996Path to dependency file: /packages/deprecation-cop/package.json Path to vulnerable library: /packages/deprecation-cop/node_modules/minimatch/package.json,/packages/dev-live-reload/node_modules/minimatch/package.json,/packages/exception-reporting/node_modules/minimatch/package.json,/packages/git-diff/node_modules/minimatch/package.json Dependency Hierarchy: -> fs-plus-3.1.1.tgz (Root Library) -> rimraf-2.7.1.tgz -> glob-7.2.3.tgz -> ❌ minimatch-3.1.5.tgz (Vulnerable Library) |
 High |
7.5 | Transitive minimatch-3.1.5.tgz |
fs-plus-3.1.1.tgz | Transitive 10.2.1 |
#77 |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| GHSA-xf5p-87ch-gxw2 | marked-0.5.2.tgz |
| GHSA-8x6c-cv3v-vp6g | cacheable-request-6.1.0.tgz |
| CVE-2026-33750 | brace-expansion-1.1.12.tgz |
| GHSA-2pr6-76vf-7546 | js-yaml-3.6.1.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-1.1.3.tgz |
| CVE-2025-404142 | buffers-0.1.1.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-0.0.8.tgz |
| GHSA-f7xj-rg7h-mc87 | stylelint-9.3.0.tgz |
| CVE-2025-13466 | body-parser-1.20.1.tgz |
| CVE-2025-15284 | qs-6.11.0.tgz |
| CVE-2026-4867 | path-to-regexp-0.1.7.tgz |
| GHSA-8x6c-cv3v-vp6g | cacheable-request-2.1.4.tgz |
| GHSA-ch52-vgq2-943f | marked-0.5.2.tgz |
| CVE-2026-2391 | qs-6.11.0.tgz |
| GHSA-7m7q-q53v-j47v | marked-0.5.2.tgz |
| GHSA-8x6c-cv3v-vp6g | cacheable-request-7.0.2.tgz |
| GHSA-8j8c-7jfh-h6hx | js-yaml-3.6.1.tgz |
| CVE-2024-45590 | body-parser-1.20.1.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-1.2.0.tgz |
| GHSA-g95f-p29q-9xw4 | braces-1.8.5.tgz |
| GHSA-7fhm-mqm4-2wp7 | minimist-0.0.10.tgz |
| GHSA-7wwv-vh3v-89cq | highlight.js-9.16.2.tgz |
| CVE-2024-47764 | cookie-0.5.0.tgz |
| CVE-2024-45296 | path-to-regexp-0.1.7.tgz |
| CVE-2024-10491 | express-4.18.2.tgz |
| CVE-2024-43796 | express-4.18.2.tgz |
| GHSA-xf5p-87ch-gxw2 | marked-0.3.19.tgz |
| CVE-2022-25881 | http-cache-semantics-3.8.1.tgz |
| GHSA-ch52-vgq2-943f | marked-0.6.3.tgz |
| CVE-2024-52798 | path-to-regexp-0.1.7.tgz |
| CVE-2024-43800 | serve-static-1.15.0.tgz |
Base branch total remaining vulnerabilities: 285
Base branch commit: 516d2ba6154c1452a1ee42314809c66edc833096
Total libraries scanned: 2265
Scan token: e856a39d41b7489c9e085637505cfd49