Official Vikunja import
Go to file
dependabot[bot] 8d27120298
chore(deps): bump express from 5.1.0 to 5.2.0 in /desktop (#1919)
Bumps [express](https://github.com/expressjs/express) from 5.1.0 to
5.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/releases">express's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<h2>Important: Security</h2>
<ul>
<li>Security fix for <a
href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a>
(<a
href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump github/codeql-action from 3.28.11 to 3.28.13 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6429">expressjs/express#6429</a></li>
<li>Refactor: simplify <code>acceptsLanguages</code> implementation
using spread operator by <a
href="https://github.com/Ayoub-Mabrouk"><code>@​Ayoub-Mabrouk</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6137">expressjs/express#6137</a></li>
<li>increased code coverage of utils.js file by <a
href="https://github.com/ashish3011"><code>@​ashish3011</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6386">expressjs/express#6386</a></li>
<li>chore: remove duplicate word by <a
href="https://github.com/dufucun"><code>@​dufucun</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6456">expressjs/express#6456</a></li>
<li>build(deps): bump github/codeql-action from 3.28.13 to 3.28.16 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6498">expressjs/express#6498</a></li>
<li>build(deps): bump actions/setup-node from 4.3.0 to 4.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6497">expressjs/express#6497</a></li>
<li>build(deps): bump actions/download-artifact from 4.2.1 to 4.3.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6496">expressjs/express#6496</a></li>
<li>ci: add node.js 24 to test matrix by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6504">expressjs/express#6504</a></li>
<li>ci: update codeql config by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6488">expressjs/express#6488</a></li>
<li>chore: wider range for query test skip by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6512">expressjs/express#6512</a></li>
<li>chore: fix typos in test by <a
href="https://github.com/noritaka1166"><code>@​noritaka1166</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6535">expressjs/express#6535</a></li>
<li>ci: disable credential persistence for checkout actions by <a
href="https://github.com/mertssmnoglu"><code>@​mertssmnoglu</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6522">expressjs/express#6522</a></li>
<li>ci: allow manual triggering of workflow by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6515">expressjs/express#6515</a></li>
<li>test: add coverage for app.listen() variants by <a
href="https://github.com/kgarg1"><code>@​kgarg1</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6476">expressjs/express#6476</a></li>
<li>docs: move documentation and charters to the discussions and .github
… by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6427">expressjs/express#6427</a></li>
<li>build(deps): bump github/codeql-action from 3.28.16 to 3.28.18 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6549">expressjs/express#6549</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6548">expressjs/express#6548</a></li>
<li>chore: enforce explicit <code>Buffer</code> import and add lint rule
by <a href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6525">expressjs/express#6525</a></li>
<li>chore: use node protocol for querystring by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6520">expressjs/express#6520</a></li>
<li>chore: fix typo by <a
href="https://github.com/mountdisk"><code>@​mountdisk</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6609">expressjs/express#6609</a></li>
<li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6618">expressjs/express#6618</a></li>
<li>add deprecation warnings for redirect arguments undefined by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6405">expressjs/express#6405</a></li>
<li>ci: run CI when the markdown changes by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6632">expressjs/express#6632</a></li>
<li>doc: fix CONTRIBUTING link by <a
href="https://github.com/jonchurch"><code>@​jonchurch</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6653">expressjs/express#6653</a></li>
<li>doc: update contributing guidelines and code of conduct links by <a
href="https://github.com/ShubhamOulkar"><code>@​ShubhamOulkar</code></a>
in <a
href="https://redirect.github.com/expressjs/express/pull/6601">expressjs/express#6601</a></li>
<li>build(deps-dev): bump morgan from 1.10.0 to 1.10.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6679">expressjs/express#6679</a></li>
<li>build(deps-dev): bump cookie-session from 2.1.0 to 2.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6678">expressjs/express#6678</a></li>
<li>lint: add --fix flag to automatic fix linting issue by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6644">expressjs/express#6644</a></li>
<li>chore: ignore yarn.lock file and update example by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6588">expressjs/express#6588</a></li>
<li>lib: use req.socket over deprecated req.connection by <a
href="https://github.com/bjohansebas"><code>@​bjohansebas</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6705">expressjs/express#6705</a></li>
<li>doc: update express app example by <a
href="https://github.com/shivarm"><code>@​shivarm</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6718">expressjs/express#6718</a></li>
<li>build(deps): bump github/codeql-action from 3.29.2 to 3.29.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6675">expressjs/express#6675</a></li>
<li>Remove history.md from being packaged on publish by <a
href="https://github.com/sheplu"><code>@​sheplu</code></a> in <a
href="https://redirect.github.com/expressjs/express/pull/6780">expressjs/express#6780</a></li>
<li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6797">expressjs/express#6797</a></li>
<li>build(deps): bump github/codeql-action from 3.29.7 to 3.30.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6796">expressjs/express#6796</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.2 to 2.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6795">expressjs/express#6795</a></li>
<li>build(deps): bump actions/setup-node from 4.4.0 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6794">expressjs/express#6794</a></li>
<li>build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6793">expressjs/express#6793</a></li>
<li>ci: add node.js 25 to test matrix by <a
href="https://github.com/Phillip9587"><code>@​Phillip9587</code></a> in
<a
href="https://redirect.github.com/expressjs/express/pull/6843">expressjs/express#6843</a></li>
<li>build(deps): bump actions/download-artifact from 5.0.0 to 6.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6871">expressjs/express#6871</a></li>
<li>build(deps): bump actions/setup-node from 5.0.0 to 6.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6870">expressjs/express#6870</a></li>
<li>build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6869">expressjs/express#6869</a></li>
<li>build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/expressjs/express/pull/6868">expressjs/express#6868</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/expressjs/express/blob/master/History.md">express's
changelog</a>.</em></p>
<blockquote>
<h1>5.2.0 / 2025-12-01</h1>
<ul>
<li>Security fix for <a
href="https://www.cve.org/CVERecord?id=CVE-2024-51999">CVE-2024-51999</a>
(<a
href="https://github.com/expressjs/express/security/advisories/GHSA-pj86-cfqh-vqx6">GHSA-pj86-cfqh-vqx6</a>)</li>
<li>deps: <code>body-parser@^2.2.1</code></li>
<li>A deprecation warning was added when using <code>res.redirect</code>
with undefined arguments, Express now emits a warning to help detect
calls that pass undefined as the status or URL and make them easier to
fix.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4007ad103b"><code>4007ad1</code></a>
Release: 5.2.0 (<a
href="https://redirect.github.com/expressjs/express/issues/6920">#6920</a>)</li>
<li><a
href="2f64f68c37"><code>2f64f68</code></a>
sec: security patch for CVE-2024-51999</li>
<li><a
href="ed0ba3f1dc"><code>ed0ba3f</code></a>
build(deps): bump actions/checkout from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/expressjs/express/issues/6928">#6928</a>)</li>
<li><a
href="8eace4603c"><code>8eace46</code></a>
build(deps): bump github/codeql-action from 4.31.2 to 4.31.6 (<a
href="https://redirect.github.com/expressjs/express/issues/6929">#6929</a>)</li>
<li><a
href="30bae81027"><code>30bae81</code></a>
build(deps): bump coverallsapp/github-action from 2.3.6 to 2.3.7 (<a
href="https://redirect.github.com/expressjs/express/issues/6930">#6930</a>)</li>
<li><a
href="758d4355d4"><code>758d435</code></a>
deps: body-parser@^2.2.1 (<a
href="https://redirect.github.com/expressjs/express/issues/6922">#6922</a>)</li>
<li><a
href="77bcd5274a"><code>77bcd52</code></a>
docs: update emeritus triagers (<a
href="https://redirect.github.com/expressjs/express/issues/6890">#6890</a>)</li>
<li><a
href="f33caf1f89"><code>f33caf1</code></a>
Nominate to <a
href="https://github.com/efekrskl"><code>@​efekrskl</code></a> for
triage team (<a
href="https://redirect.github.com/expressjs/express/issues/6888">#6888</a>)</li>
<li><a
href="54af593b73"><code>54af593</code></a>
refactor: use cached slice in app.listen (<a
href="https://redirect.github.com/expressjs/express/issues/6897">#6897</a>)</li>
<li><a
href="2551a7d8af"><code>2551a7d</code></a>
docs: switch badges from badgen.net to shields.io (<a
href="https://redirect.github.com/expressjs/express/issues/6900">#6900</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/expressjs/express/compare/v5.1.0...v5.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=express&package-manager=npm_and_yarn&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/go-vikunja/vikunja/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-12-01 22:56:03 +01:00
.github chore(deps): update actions/checkout action to v6 (#1897) 2025-11-27 19:37:36 +00:00
.vscode feat(dev): add frontend and api to launch config 2025-06-19 14:54:08 +02:00
.zed fix(dev): zed frontend task 2025-06-26 12:32:04 +02:00
build fix(release): use openrc for alpine (#1016) 2025-06-25 10:40:11 +00:00
contrib feat: improve clean-translations script (#964) 2025-06-16 19:31:41 +00:00
desktop chore(deps): bump express from 5.1.0 to 5.2.0 in /desktop (#1919) 2025-12-01 22:56:03 +01:00
examples/plugins/example feat(plugins): allow plugins to register routes 2025-08-01 17:06:02 +02:00
frontend fix(test): replace project creation in history test with for loop 2025-12-01 16:01:22 +01:00
pkg fix: handle MySQL 8 CREATE INDEX without IF NOT EXISTS support (#1903) 2025-11-28 15:57:54 +00:00
rest chore: add missing eof newlines (#969) 2025-06-17 09:11:32 +00:00
.devcontainer.json chore(dev): use latest devenv docker container for devcontainer 2025-07-02 20:17:29 +02:00
.dockerignore Revert "feat: improve docker layers (#803)" 2025-05-21 10:18:57 +02:00
.editorconfig chore(dev): insert final newline 2025-05-23 11:56:50 +02:00
.envrc chore: add missing eof newlines (#969) 2025-06-17 09:11:32 +00:00
.gitignore chore(plugins): ignore plugins dev folder 2025-08-01 17:06:02 +02:00
.golangci.yml feat!: rename right to permission (#1277) 2025-08-13 11:05:05 +02:00
AGENTS.md docs: update AI instructions about plans 2025-11-27 22:24:40 +01:00
CHANGELOG.md chore: 1.0.0-rc3 release preparations 2025-11-27 23:08:01 +01:00
CLAUDE.md docs: add AGENTS.md file with instructions for AI coding agents 2025-06-10 14:23:55 +02:00
CONTRIBUTING.md chore: update contributing guidelines 2023-10-10 17:48:10 +02:00
CRUSH.md docs: add link for crus coding agent instructions 2025-08-01 16:52:30 +02:00
Dockerfile chore(deps): update node.js to 2867d55 (#1815) 2025-11-14 11:17:46 +01:00
LICENSE fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
README.md chore: 1.0.0-rc3 release preparations 2025-11-27 23:08:01 +01:00
cliff.toml fix: add \n between scoped and unscoped commits in git cliff config 2024-11-08 11:19:50 +01:00
code-header-template.txt fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
config-raw.json feat: allow setting dark custom logo 2025-11-12 21:07:01 +01:00
crowdin.yml chore: add missing eof newlines (#969) 2025-06-17 09:11:32 +00:00
devenv.lock chore: update devenv 2025-11-24 22:47:21 +01:00
devenv.nix feat: migrate cypress e2e tests to playwright (#1739) 2025-11-27 16:34:48 +01:00
devenv.yaml feat: switch from nix flakes to devenv 2024-08-12 12:17:31 +02:00
go.mod fix(deps): update module github.com/redis/go-redis/v9 to v9.17.2 (#1917) 2025-12-01 20:08:05 +00:00
go.sum fix(deps): update module github.com/redis/go-redis/v9 to v9.17.2 (#1917) 2025-12-01 20:08:05 +00:00
magefile.go chore(deps): update golangci-lint to 2.6.0 (#1737) 2025-10-31 17:28:52 +00:00
main.go fix: correct license header references (#882) 2025-06-10 12:18:38 +02:00
nfpm.yaml fix(release): use openrc for alpine (#1016) 2025-06-25 10:40:11 +00:00
publiccode.yml docs: update publiccode.yml [skip ci] 2024-02-25 14:06:23 +01:00
renovate.json chore(deps): do not update services as often 2025-06-11 14:38:07 +02:00
tools.go chore(deps): update golangci-lint to 2.6.0 (#1737) 2025-10-31 17:28:52 +00:00
tsconfig.json fix: correct trailing comma in tsconfig (#970) 2025-06-26 12:30:24 +00:00
vikunja.initd fix(release): use openrc for alpine (#1016) 2025-06-25 10:40:11 +00:00
vikunja.service chore: add missing eof newlines (#969) 2025-06-17 09:11:32 +00:00

README.md

Build Status License: AGPL-3.0-or-later Install Docker Pulls Swagger Docs Go Report Card

Vikunja

The Todo-app to organize your life.

If Vikunja is useful to you, please consider buying me a coffee, sponsoring me on GitHub or buying a sticker pack. I'm also offering a hosted version of Vikunja if you want a hassle-free solution for yourself or your team.

Table of contents

Security Reports

If you find any security-related issues you don't want to disclose publicly, please use the contact information on our website.

Features

See the features page on our website for a more exhaustive list or try it on try.vikunja.io!

Docs

All docs can be found on the Vikunja home page.

Roadmap

See the roadmap (hosted on Vikunja!) for more!

Contributing

Please check out the contribution guidelines on the website.

License

Most of this repository is licensed under AGPL3.0orlater. The contents of desktop/ are licensed under GPL3.0orlater.

Unsplash Images

Background images from Unsplash are distributed under the Unsplash License. The license requires giving credit to the photographer and Unsplash. See Unsplashs terms for more information.