Express's Avatar

Express

@expressjs.bsky.social

Fast, unopinionated, minimalist web framework for Node.js - The OG

368 Followers  |  5 Following  |  8 Posts  |  Joined: 07.11.2024  |  2.0018

Latest posts by expressjs.bsky.social on Bluesky

Preview
What is a Vulnerability and What’s Not? Making Sense of Node.js and Express Threat Models by Ulises GascΓ³n In this talk, we will discuss security, vulnerabilities, and how to improve your overall security. We will explore various vulnerabilities and the difference between developer errors and misconfigurat...

πŸ” Is it a vulnerability, or just a misunderstood feature?

At #NodeCongress2025, I broke it down in my talk: "What is a Vulnerability and What’s Not"

Topics:
πŸ‘‰ Real vs. imagined risks in @nodejs.org and @expressjs.bsky.social
πŸ‘‰ Why #threatModels matter

πŸŽ₯ Watch: gitnation.com/contents/wha...

19.05.2025 06:11 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Sponsor @bjohansebas on GitHub Sponsors Support bjohansebas's open source work

I’ve been maintaining @expressjs.bsky.social for over 11 months. I’m currently leading the integration of HTTP/2, as well as helping with the documentation redesign and performance improvements. If my work has helped you, consider supporting my open source work:

dub.sh/bjohansebas

17.07.2025 03:06 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Great Monkey-Patch Safari Β· Issue #6669 Β· expressjs/express We want to track down and document all instances of express and our core deps monkey-patching Node core, specifically it's the HTTP internals like IncomingMessage and ServerResponse where we do our...

😏 The Great Monkey-Patch Safari in @expressjs.bsky.social has begun. Join the adventure with critical hacks and hotfixes ahead!

github.com/expressjs/ex...

31.07.2025 09:34 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

Say hello to my very old friend @expressjs.bsky.social running on @cloudflare.social workers!

01.08.2025 23:37 β€” πŸ‘ 15    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0
Preview
πŸ§‘β€πŸ³ Ideas for new guides or improvements to existing content Β· expressjs expressjs.com Β· Discussion #2029 Hey folks, the Express team wants to know what content you’d like to see in the documentation β€” for example, topics for new guides at any level, or what content could be updated in the existing gui...

Hi Express community!

We’d love your feedback on our website’s content.

✨ What topics or resources would you like us to add?
πŸ”§ What existing content do you think we could improve?

Your input will help us make our docs even better, every idea matters!

github.com/expressjs/ex...

03.08.2025 01:25 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Clean up expressjs org Β· Issue #134 Β· expressjs/discussions So while responding to #71 I also realized that there is something on the TC backlog that ideally should get done at some point: go through the repositories in the expressjs org (https://github.com...

We’ve cleaned up @expressjs.bsky.social ! 🧹

Deprecated some legacy packages:
πŸ”₯ csurf
πŸ”₯ connect-multiparty
πŸ”₯ path-match

More context: github.com/expressjs/di...

Blog post coming soon! πŸ“˜

14.05.2025 18:46 β€” πŸ‘ 21    πŸ” 4    πŸ’¬ 2    πŸ“Œ 0
2025-05-14 Express Performance Working Group Meeting Β· Issue #8 Β· expressjs/perf-wg Date/Time Timezone Date/Time America/Los_Angeles Wed 14-May-2025 08:00 (08:00 AM) America/Denver Wed 14-May-2025 09:00 (09:00 AM) America/Chicago Wed 14-May-2025 10:00 (10:00 AM) America/New_York W...

We had a great meeting, discussed some of our goals and next steps. You can see some notes here: github.com/expressjs/pe...

We will post the recording to our YouTube when it is ready.

14.05.2025 16:43 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Happening now!

14.05.2025 15:12 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Ulises GascΓ³n is showing off a custom-built futuristic robot during a livestream, combining his passion for open source and robotics in a fun and hands-on way.

Ulises GascΓ³n is showing off a custom-built futuristic robot during a livestream, combining his passion for open source and robotics in a fun and hands-on way.

πŸ₯Ή May is almost here, and it's officially #MaintainerMonth πŸš€

I’ve helped release @expressjs.bsky.social 5.1, ship key @nodejs.org updates, lead #OpenSource security work, and reboot #Yeoman.

If you believe in supporting #devTools, consider sponsoring ❀️

πŸ‘‰ github.com/sponsors/Uli...

30.04.2025 13:11 β€” πŸ‘ 9    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Post image

@expressjs.bsky.social has officially surpassed 40 million weekly downloads on npm⚑

11.05.2025 15:03 β€” πŸ‘ 7    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
2025-05-14 Express Performance Working Group Meeting Β· Issue #8 Β· expressjs/perf-wg Date/Time Timezone Date/Time America/Los_Angeles Wed 14-May-2025 08:00 (08:00 AM) America/Denver Wed 14-May-2025 09:00 (09:00 AM) America/Chicago Wed 14-May-2025 10:00 (10:00 AM) America/New_York W...

Tomorrow we are going to have a first informal @expressjs.bsky.social Performance Working Group meeting.

If you are interested in this work, especially longer term, please come and chat. Since it was last minute we are not having an agenda, just an informal discussion.

github.com/expressjs/pe...

13.05.2025 15:37 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1
Working Group Charter Β· Issue #3 Β· expressjs/perf-wg We need to outline the goals, scope, and membership guide. I can pull from the other WG's for some of the language, but we need to define the goals for the WG for sure. Here are the things I was th...

Finally getting around to the Performance WG setup for @expressjs.bsky.social. Anyone who is interested, please feel free to start opening issues and participating in the kickoff.

github.com/expressjs/pe...

22.04.2025 15:35 β€” πŸ‘ 7    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Post image

When I started contributing to the @expressjs.bsky.social site, there were barely any PRs for docs or design.

Today, even though there’s still a lot to improve on the design side, we’ve got a great contributor base, similar to when the site’s development was sponsored by a company back in 2015

06.04.2025 03:50 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Express@5.1.0: Now the Default on npm with LTS Timeline Express 5.1.0 is now the default on npm, and we're introducing an official LTS schedule for the v4 and v5 release lines.

πŸš€ Exciting Announcement today!

Express v5 is officially "latest" and we have started the maintenance period for v4. Read more about the release and our LTS plans in our blog post: expressjs.com/2025/03/31/v...

31.03.2025 14:10 β€” πŸ‘ 45    πŸ” 9    πŸ’¬ 2    πŸ“Œ 2

Also hoping to call this out in our blog post. Got great reviews (thanks @naugtur.pl πŸš€) by posting here yesterday, hope maybe the same will work for the blog post. Reviews welcome!

github.com/expressjs/ex...

29.03.2025 18:04 β€” πŸ‘ 9    πŸ” 3    πŸ’¬ 2    πŸ“Œ 0
Preview
feat(ADR): LTS Strategy by wesleytodd Β· Pull Request #352 Β· expressjs/discussions A proposal for an LTS strategy with committed dates and next steps. Please see the goals/non-goals for this ADR. I attempted to copy/paste without edits from all the sources we had. I admit there w...

If you have a chance, please take a look at this PR which proposes some concrete details and dates.

github.com/expressjs/di...

28.03.2025 22:17 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

With the upcoming release of @expressjs.bsky.social v5 and promoting it to latest on npm, we needed to finalize some of our support and schedule plans. Would love feedback on this plan from the ecosystem so we can do better than we have in the past on keeping folks informed and aware of the plans.

28.03.2025 22:17 β€” πŸ‘ 5    πŸ” 3    πŸ’¬ 1    πŸ“Œ 1

I want to especially thank @bjohansebas.bsky.social for all his work these past months! Not only is a lot of his work in these releases, he has also become our top contributor across the @expressjs.bsky.social project.

expressjs.github.io/statusboard/

27.03.2025 01:44 β€” πŸ‘ 6    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1
Preview
Release v2.2.0 Β· expressjs/body-parser What's Changed test: remove --bail from test script by @Phillip9587 in #583 ci: separate lint step by @Phillip9587 in #582 fix: remove skip of test by @bjohansebas in #589 ci: use lcovonly reporte...

πŸš€ Just released body-parser@2.2.0 πŸ“¦

🍿 #release details: github.com/expressjs/bo...

27.03.2025 01:26 β€” πŸ‘ 7    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Release 2.0.1 Β· jshttp/type-is What's Changed Refactor normalizeType function to simplify return statement by @Ayoub-Mabrouk in #61 Refactor tryNormalizeType function for cleaner code by @Ayoub-Mabrouk in #59 Replace deprecated...

πŸš€ Just released type-is@2.0.1 πŸ“¦

🍿 #release details: github.com/jshttp/type-...

27.03.2025 01:06 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v2.2.0 Β· pillarjs/router What's Changed docs: remove security file by @bjohansebas in #152 fix: restore 'debug' logs by @dpopp07 in #151 chore: upgrade scorecard workflow pinned action versions by @carpasse in #150 cleanu...

πŸš€ Just released router@2.2.0 πŸ“¦

🍿 #release details: github.com/pillarjs/rou...

27.03.2025 00:42 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v3.0.1 Β· jshttp/mime-types What's Changed chore: upgrade scorecard workflow pinned action versions by @carpasse in #130 fix: update mime-db dependency to version 1.54.0 by @bjohansebas in #133 Release 3.0.1 by @UlisesGascon...

πŸš€ Just released mime-types@3.0.1 πŸ“¦

🍿 #release details: github.com/jshttp/mime-...

26.03.2025 22:55 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Sponsor @bjohansebas on GitHub Sponsors Support bjohansebas's open source work

For over 6 months, I've been supporting the @expressjs.bsky.social project, improving documentation and maintaining packages like compression. If my contributions have been helpful, it would be great if you could support me:

github.com/sponsors/bjo...

#OpenSource

11.03.2025 20:16 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
What is a Vulnerability and What’s Not? Making Sense of Node.js and Express Threat Models by Ulises GascΓ³n Security isn’t just about fixing bugs; it’s about understanding the assumptions we make (and avoiding unnecessary panic). In this talk, we’ll dive into the Node.js and Express threat models, which I c...

🚨 What's REALLY a Vulnerability? 🚨

Join me at #NodeCongress as we break down the @nodejs.org & @expressjs.bsky.social threat models πŸ”’βœ¨

βœ… Real-world examples
βœ… Security myths busted
βœ… How threat models shape bug bounties & fixes

Let’s rethink #security together! πŸš€

gitnation.com/contents/wha...

14.03.2025 16:34 β€” πŸ‘ 4    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Release v1.54.0 Β· jshttp/mime-db What's Changed Add some MS-related extensions and types by @ipetrouchtchak-fi in #336 Update custom-types.json by @robertsky in #343 docs: notice about semver and data sources by @wesleytodd in #3...

mime-db@1.54.0 published πŸš€

The most notable change is that application/octet-stream is now marked as compressible. When we update this in the compression middleware this will mean some nice savings over the wire in your express apps.

github.com/jshttp/mime-...

18.03.2025 15:18 β€” πŸ‘ 8    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Preview
Certain languages can't be matched correctly by the Regular Expression EXT_VALUE_REGEXP like en-US or zh_cn Β· Issue #47 Β· jshttp/content-disposition Create and parse HTTP Content-Disposition header. Contribute to jshttp/content-disposition development by creating an account on GitHub.

I love getting nerdsniped on HTTP spec related stuff, and am glad I quit my job to have space in my life for this

was fun to figure out what probably happened with content-disposition having in incomplete regex for parsing extended filename parameters:
github.com/jshttp/conte...

05.03.2025 18:48 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

The thank-you message I received for successfully launching a PR made my day πŸ€—

05.03.2025 13:55 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 1

Not sure this is the one, but pretty sure it is. @bjohansebas.bsky.social has been doing such great work it is awesome to see this kind of recognition! Well deserved.

05.03.2025 18:45 β€” πŸ‘ 6    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Preview
[WIP] Release Plan: 5.1.0 Β· Issue #6316 Β· expressjs/express Remaining Work #6095 #6285 Dependency work accepts body-parser expressjs/body-parser#578 content-disposition https://github.com/jshttp/content-disposition/pulls jshttp/content-disposition#47 jshttp...

Getting 🀏 very close 🀏 to cutting the @expressjs.bsky.social 5.1.0 release which will be when we go latest and officially start the spin down of Express v4.

github.com/expressjs/ex...

05.03.2025 18:31 β€” πŸ‘ 7    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Express Fast, unopinionated, minimalist web framework for node.

I want to take a moment to celebrate some folks doing amazing work. Last year this time we were just kicking off the work to move @expressjs.bsky.social forward. Today I checked our statusboard and it is awesome to see @bjohansebas.bsky.social and Phillip (pbrt.at) as top contributors.

20.02.2025 21:28 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 2    πŸ“Œ 0

@expressjs is following 5 prominent accounts