Update dependency express to v4.15.0

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
express (source)	dependencies	minor	4.14.0 -> 4.15.0

By merging this PR, the issue #47 will be automatically resolved and closed:

Severity	CVSS Score	CVE
High	7.5	CVE-2017-1000048
High	7.5	CVE-2017-16119
High	7.5	CVE-2017-16138
High	7.5	CVE-2022-24999

---

Release Notes

expressjs/express

v4.15.0

Compare Source

===================

• Add debug message when loading view engine
• Add next("router") to exit from router
• Fix case where router.use skipped requests routes did not
• Remove usage of res._headers private field
  • Improves compatibility with Node.js 8 nightly
• Skip routing when req.url is not set
• Use %o in path debug to tell types apart
• Use Object.create to setup request & response prototypes
• Use setprototypeof module to replace __proto__ setting
• Use statuses instead of http module for status messages
• deps: [email protected]
  • Allow colors in workers
  • Deprecated DEBUG_FD environment variable set to 3 or higher
  • Fix error when running under React Native
  • Use same color for same namespace
  • deps: [email protected]
• deps: etag@~1.8.0
  • Use SHA1 instead of MD5 for ETag hashing
  • Works with FIPS 140-2 OpenSSL configuration
• deps: finalhandler@~1.0.0
  • Fix exception when err cannot be converted to a string
  • Fully URL-encode the pathname in the 404
  • Only include the pathname in the 404 message
  • Send complete HTML document
  • Set Content-Security-Policy: default-src 'self' header
  • deps: [email protected]
• deps: [email protected]
  • Fix false detection of no-cache request directive
  • Fix incorrect result when If-None-Match has both * and ETags
  • Fix weak ETag matching to match spec
  • perf: delay reading header values until needed
  • perf: enable strict mode
  • perf: hoist regular expressions
  • perf: remove duplicate conditional
  • perf: remove unnecessary boolean coercions
  • perf: skip checking modified time if ETag check failed
  • perf: skip parsing If-None-Match when no ETag header
  • perf: use Date.parse instead of new Date
• deps: [email protected]
  • Fix array parsing from skipping empty values
  • Fix compacting nested arrays
• deps: [email protected]
  • Fix false detection of no-cache request directive
  • Fix incorrect result when If-None-Match has both * and ETags
  • Fix weak ETag matching to match spec
  • Remove usage of res._headers private field
  • Support If-Match and If-Unmodified-Since headers
  • Use res.getHeaderNames() when available
  • Use res.headersSent when available
  • deps: [email protected]
  • deps: etag@~1.8.0
  • deps: [email protected]
  • deps: http-errors@~1.6.1
• deps: [email protected]
  • Fix false detection of no-cache request directive
  • Fix incorrect result when If-None-Match has both * and ETags
  • Fix weak ETag matching to match spec
  • Remove usage of res._headers private field
  • Send complete HTML document in redirect response
  • Set default CSP header in redirect response
  • Support If-Match and If-Unmodified-Since headers
  • Use res.getHeaderNames() when available
  • Use res.headersSent when available
  • deps: [email protected]
• perf: add fast match path for * route
• perf: improve req.ips performance

v4.14.1

Compare Source

===================

• deps: [email protected]
• deps: [email protected]
  • Fix exception when err.headers is not an object
  • deps: statuses@~1.3.1
  • perf: hoist regular expressions
  • perf: remove duplicate validation path
• deps: proxy-addr@~1.1.3
  • deps: [email protected]
• deps: [email protected]
  • deps: http-errors@~1.5.1
  • deps: [email protected]
  • deps: statuses@~1.3.1
• deps: serve-static@~1.11.2
  • deps: [email protected]
• deps: type-is@~1.6.14
  • deps: mime-types@~2.1.13

---

• If you want to rebase/retry this PR, check this box