Release: 5.2.0 (#6920)

2026-01-15 12:15:27 +00:00 · 2025-12-01 17:17:31 +01:00
parent 2f64f68c37
commit 4007ad103b
2 changed files with 5 additions and 3 deletions
--- a/History.md
+++ b/History.md
@@ -1,7 +1,9 @@
-UNRELEASED
-=======================
+5.2.0 / 2025-12-01
+========================

+* Security fix for [CVE-2024-51999](https://www.cve.org/CVERecord?id=CVE-2024-51999) ([GHSA-pj86-cfqh-vqx6](https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6))
 * deps: `body-parser@^2.2.1`
+* A deprecation warning was added when using `res.redirect` with undefined arguments, Express now emits a warning to help detect calls that pass undefined as the status or URL and make them easier to fix.

 5.1.0 / 2025-03-31
 ========================
--- a/package.json
+++ b/package.json
@@ -1,7 +1,7 @@
 {
  "name": "express",
  "description": "Fast, unopinionated, minimalist web framework",
-  "version": "5.1.0",
+  "version": "5.2.0",
  "author": "TJ Holowaychuk <tj@vision-media.ca>",
  "contributors": [
    "Aaron Heckmann <aaron.heckmann+github@gmail.com>",